last executing test programs:

5m11.436812333s ago: executing program 1 (id=175):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@ipv6_newrule={0x2c, 0x20, 0x1, 0x70bd27, 0x25dfdbfb, {0xa, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x7, 0x6}, [@FIB_RULE_POLICY=@FRA_SUPPRESS_PREFIXLEN={0x8, 0xe, 0x43}, @FIB_RULE_POLICY=@FRA_SUPPRESS_IFGROUP={0x8, 0xd, 0x10}]}, 0x2c}, 0x1, 0x0, 0x0, 0x24048860}, 0x400c010)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB='\\\x00\x00\x00!'], 0x5c}}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000000c0)={{{@in6=@mcast1, @in=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in=@local}, 0x0, @in6=@private0}}, &(0x7f00000001c0)=0xe8)
sendmsg$nl_route(r1, &(0x7f0000000380)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000240)=ANY=[@ANYBLOB="48000000180000012cbd7000ffdbdf250a2004f0fd0400030000000008001900", @ANYRES32=r2, @ANYBLOB="0500140064000000080006000500000014000500fe80000000000000000000000000003a"], 0x48}, 0x1, 0x0, 0x0, 0x80}, 0x2000040)

5m11.038788669s ago: executing program 1 (id=178):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x24}}, 0x0)

5m10.827984931s ago: executing program 1 (id=181):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000580)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000000a00)=""/102400, 0x19000)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
ioctl$XFS_IOC_ATTRMULTI_BY_HANDLE(0xffffffffffffffff, 0x4048587b, &(0x7f0000000d40)={{0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0}, 0x0, &(0x7f0000000e00)})
bpf$BPF_LINK_CREATE_XDP(0x1c, 0x0, 0x0)
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, 0x0, 0x44000)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, 0x0, 0x0)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)

5m9.941278154s ago: executing program 1 (id=188):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000080)='./file0/../file0\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x2b5b09b, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000300)=@generic={0x0, 0xffffffffffffffff, 0x0, 0x2f}, 0x18)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sendmsg$NL80211_CMD_PROBE_CLIENT(0xffffffffffffffff, 0x0, 0x1)
pipe(&(0x7f0000000140)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = fsopen(&(0x7f0000000080)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_FD(r2, 0x5, &(0x7f00000005c0)='fd', 0x0, r1)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r1, 0x0, 0x2)
r4 = syz_clone(0x6802011, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANE(r3, 0xc02064b6, &(0x7f00000000c0)={0x0, <r5=>0x0, 0x0, 0x0, 0x0, 0x6, &(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
r6 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r6, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[<r7=>0x0], 0x0, 0x0, 0x0, 0x3ffffffffffffcd0})
ioctl$DRM_IOCTL_MODE_GETCRTC(r6, 0xc06864a1, &(0x7f0000000500)={0x0, 0x0, r7, <r8=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r6, 0xc06864ce, &(0x7f0000000440)={r8, 0x0, 0x9, 0x0, 0x0, [], [0x800, 0x101, 0x0, 0x7], [0x0, 0x40000100, 0x0, 0xffffffff]})
ioctl$DRM_IOCTL_MODE_GETPLANE(r3, 0xc02064b6, &(0x7f0000000180)={0x0, r5, r8, 0x0, 0x0, 0x3, &(0x7f0000000100)=[0x0, 0x0, 0x0]})
connect$rose(r3, &(0x7f0000000000)=@short={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @default, 0x1, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}}, 0x1c)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r9)
sendmsg$NLBL_CIPSOV4_C_ADD(r9, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000380)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="010025bd7000fddbdf2501000000080001000000000008000200010000001c0008800c0007800800060031ecffff0b0007800800050040000000040004"], 0x44}}, 0x0)
socket(0x8, 0x6, 0x7)
setpgid(r4, r4)
setpgid(0x0, r4)
fchdir(r3)
lstat(&(0x7f00000001c0)='./file0\x00', 0x0)

5m9.520066226s ago: executing program 1 (id=189):
r0 = socket$nl_route(0x10, 0x3, 0x0)
listen(r0, 0x0) (async)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="3c000000100003040003000000000000000000004fd26eb5e6b61af5f5c9ec18a13c49112d6117ba5045d1efa43083de88051bc99e5a07e8b2ba46abdd118b42172c906c66a8c92dea0dddd10bfb5eafc0276312c80bf9d45ef308eef882e6021b4e90fc2c618a8b8b8fa3e268640ca42c40f86473b87217d75c8645a19160da55b3e56cf9d43c3a4b718a230a16d8ac99902a8d6b8a94c6acf0107040e2d5465a9b05688298d8cfcad446b0cc761e5768cc5d1321f7a2a0e81f9f09d8516e441518781076ac811224ea8ff995e7a0d59f519ca536412ffaa32758596ecb85ab2241de777c85430e26a559b5161faea8274c3ebb840b3c80660e9dca070f27fc7580d0f14e8e23b5f5f2f1dfceab9386dcaea1337d89dc8a33df6af08c8c7f1761e7f15da26af84027f7241eeadb2f235b5cee78cfc34eddaae4fe0f7f150c18bb55d02d21fd5f84920dfd8a0bd1b0e3eef079c1", @ANYRES32=r0, @ANYRES64=r0], 0x3c}, 0x1, 0x0, 0x0, 0x805}, 0x80)

5m7.839911906s ago: executing program 1 (id=194):
prlimit64(0x0, 0xe, &(0x7f00000000c0)={0xc, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=@newqdisc={0x44, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x0, 0x10}, {0xffff, 0x8}, {0x2}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x14, 0x2, [@TCA_GRED_DPS={0x10, 0x3, {0x4, 0x9, 0x2}}]}}]}, 0x44}}, 0x0)
r6 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001340)={&(0x7f00000000c0)=ANY=[@ANYBLOB="4c0000001800010d00000000000000850a000000000000000500000014000500200100000000000000000100000000001c00090008"], 0x4c}}, 0x40000)
sendmmsg(r6, &(0x7f0000000000), 0x4000000000001f2, 0xfc)

5m6.916498418s ago: executing program 32 (id=194):
prlimit64(0x0, 0xe, &(0x7f00000000c0)={0xc, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=@newqdisc={0x44, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x0, 0x10}, {0xffff, 0x8}, {0x2}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x14, 0x2, [@TCA_GRED_DPS={0x10, 0x3, {0x4, 0x9, 0x2}}]}}]}, 0x44}}, 0x0)
r6 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001340)={&(0x7f00000000c0)=ANY=[@ANYBLOB="4c0000001800010d00000000000000850a000000000000000500000014000500200100000000000000000100000000001c00090008"], 0x4c}}, 0x40000)
sendmmsg(r6, &(0x7f0000000000), 0x4000000000001f2, 0xfc)

20.21455138s ago: executing program 0 (id=1957):
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = memfd_create(&(0x7f0000000180)='\xf3e\t\x9f\x918\xc0y\x01c\x1fnux\x00sV\ad\xb0l \xfd\xd7\x8e\x7f\x89\xb8\xc5;~\x7f\x00~K\xfbP\x84=\xfa\x81\f\x1et\x10\x0e\xcf^9\xbe\\', 0x1)
pwrite64(r2, &(0x7f00000008c0)='/', 0x1, 0x0)
lseek(r2, 0x0, 0x4)
sendfile(r2, r2, &(0x7f00000001c0), 0x7fa)

14.040598865s ago: executing program 0 (id=1988):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0, 0x0)
r1 = fanotify_init(0x200, 0x0)
fanotify_mark(r1, 0x1, 0x4800003e, r0, 0x0)
fanotify_mark(r1, 0x1, 0x40000020, r0, &(0x7f00000000c0)='./file0\x00')

13.567483274s ago: executing program 0 (id=1993):
r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12014101f2c59620d016b8108ede0102030109022400010000100009040002020083ec0009050602000202000a09058202"], 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000800)={0x44, &(0x7f0000000cc0)=ANY=[@ANYBLOB="200a83"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$sierra_net(r0, 0x0, 0x0)
syz_usb_control_io$uac3(r0, 0x0, 0x0)
socket(0x2c, 0x800, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000380)={0x1c, &(0x7f0000000240)=ANY=[@ANYBLOB="400e2800"], 0x0, 0x0})

13.260306237s ago: executing program 5 (id=1994):
r0 = socket(0x10, 0x3, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, 0x0, &(0x7f00000001c0))
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x5, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, 0x0)
r1 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_S_INPUT(r1, 0xc0045627, 0x0)
ioctl$VIDIOC_SUBDEV_QUERY_DV_TIMINGS(r1, 0x80845663, &(0x7f00000004c0))
sendmsg$NFNL_MSG_CTHELPER_GET(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x48801}, 0x4040090)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x40001, 0x0)
ioctl$BLKZEROOUT(r2, 0x127f, 0x0)
r3 = socket(0x10, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r3, 0x89f8, &(0x7f0000000480)={'ip_vti0\x00', &(0x7f0000000400)={'syztnl0\x00', 0x0, 0x80, 0x0, 0x3, 0x8, {{0x8, 0x4, 0x0, 0x33, 0x20, 0x65, 0x0, 0x4, 0x29, 0x0, @multicast2, @multicast1, {[@timestamp_prespec={0x44, 0xc, 0x3c, 0x3, 0x2, [{@empty, 0x8}]}]}}}}})
openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x40000, 0x0)
keyctl$dh_compute(0x17, &(0x7f0000000300), 0x0, 0x0, 0x0)
r4 = add_key$fscrypt_provisioning(0x0, 0x0, &(0x7f0000000640)={0x1, 0x0, @b}, 0x48, 0xfffffffffffffffc)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000006c0)={0x0, <r5=>0x0}, &(0x7f0000000700)=0xc)
lstat(&(0x7f0000000740)='./file0\x00', &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0})
keyctl$chown(0x4, r4, r5, r6)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r3, 0x89f1, &(0x7f0000000000)={'ip6_vti0\x00', &(0x7f0000000080)={'syztnl2\x00', 0x0, 0x29, 0x7e, 0x21, 0x1, 0x60, @dev={0xfe, 0x80, '\x00', 0x2a}, @loopback={0x300, 0x460c6}, 0x1, 0x8, 0x25a1, 0x40}})
r7 = socket$netlink(0x10, 0x3, 0x0)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r8=>0xffffffffffffffff})
getpeername$packet(r8, &(0x7f0000000000)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000100)=@newlink={0x50, 0x10, 0x503, 0xfffffffc, 0x40000, {0x0, 0x0, 0x0, 0x0, 0x21111, 0x31}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @macsec={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_MACSEC_CIPHER_SUITE={0xc, 0x4, 0x80c20001000002}, @IFLA_MACSEC_WINDOW={0x8, 0x5, 0x5}]}}}, @IFLA_LINK={0x8, 0x5, r9}]}, 0x50}, 0x1, 0x0, 0x0, 0x48890}, 0x0)

11.537316257s ago: executing program 4 (id=1997):
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = memfd_create(&(0x7f0000000180)='\xf3e\t\x9f\x918\xc0y\x01c\x1fnux\x00sV\ad\xb0l \xfd\xd7\x8e\x7f\x89\xb8\xc5;~\x7f\x00~K\xfbP\x84=\xfa\x81\f\x1et\x10\x0e\xcf^9\xbe\\', 0x1)
pwrite64(r2, &(0x7f00000008c0)='/', 0x1, 0x0)
lseek(r2, 0x0, 0x4)
sendfile(r2, r2, &(0x7f00000001c0), 0x7fa)

10.396274309s ago: executing program 5 (id=1998):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000080000000d"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000020000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000000007e00850000008600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401}, 0x94)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000180)=ANY=[], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f00000000c0)=r4, 0x4)
sendmsg$unix(r3, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x0) (fail_nth: 2)

9.74792336s ago: executing program 5 (id=2002):
r0 = syz_usb_connect_ath9k(0x3, 0xffffffffffffff65, &(0x7f0000000000)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x3fd45a6f84e5e410, [{{0x9, 0x2, 0x2d}}]}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0x0, 0x0)

8.801375481s ago: executing program 4 (id=2012):
mknodat(0xffffffffffffff9c, &(0x7f0000001cc0)='./file0\x00', 0x2, 0x80e2e8)
setxattr$system_posix_acl(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='system.posix_acl_default\x00', 0x0, 0x0, 0x2)
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_vlan\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="ef00000000000000140012800b0001006970766c616e0000040002800800", @ANYRES32=r1], 0x4c}, 0x1, 0x0, 0x0, 0x4008040}, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000100)={0x10, 0x6a, 0x1, 0x70bd29, 0x25dfdbfe}, 0x10}], 0x1000000000000027, 0x0, 0x0, 0x800}, 0x4060004)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f0000000240)={0x2, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[], 0x58}}, 0x0)
syz_usb_disconnect(r2)
r4 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r5 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x6)
ioctl$EVIOCRMFF(r2, 0x40044581, &(0x7f0000000140))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
fsopen(&(0x7f0000000080)='autofs\x00', 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r4, 0x80045530, &(0x7f00000000c0)=""/111)
ioctl$F2FS_IOC_GET_PIN_FILE(r4, 0x8004f50e, 0x0)
ioctl$EVIOCRMFF(r2, 0xc0085508, &(0x7f00000000c0)=0x18)

7.67805353s ago: executing program 3 (id=2024):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x4, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000800000000000000000000000850000009b000000850000007d00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0xfca804a0, 0xe, 0x0, &(0x7f0000000480)="b8200905601700108acd07d1786d", 0x0, 0xa00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

6.826808188s ago: executing program 0 (id=2027):
open(&(0x7f0000000200)='./file0\x00', 0x400a040, 0x100)
pipe2(&(0x7f0000001440)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
splice(r2, 0x0, r1, 0x0, 0x6, 0x0)
write(r1, &(0x7f00000002c0)="fe", 0xfdef)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])
sendmsg$NFNL_MSG_CTHELPER_GET(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYBLOB="14000000010901"], 0x14}}, 0x0)

5.914063903s ago: executing program 3 (id=2028):
ioctl$F2FS_IOC_RESERVE_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f513, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff5000/0x4000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000fef000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x20, &(0x7f0000000040)=0x2, 0xf6)
r1 = add_key$keyring(0x0, &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
connect$packet(0xffffffffffffffff, 0x0, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f0000000040)={0x1, 'syz_tun\x00', 0x1}, 0x18)
renameat2(0xffffffffffffff9c, 0x0, 0xffffffffffffff9c, &(0x7f00000021c0)='./file1/file3\x00', 0x2)
request_key(&(0x7f0000000040)='logon\x00', &(0x7f0000000180)={'syz', 0x1}, &(0x7f0000000900)='\xc2\xff\xfc\xebti\xe4\x16F\xb9\xaa\x8f\x1f\xfctR_\xceKY\"\x1aw,9\xb9yR~\xad|\xcf\x8fi\x1d\xaeD\xa3\xd5KwUh@\xb32r\xe6\x8e\xa3\x97U\xcd\x11\xa2\xfe53\xcc,\xd9\xa9\xee\x96\x98\f\x1b\xd5\xd9\xd0Z\xab\xca\xf6\xdbU\x96\x85z\\C9\xf5\x8d\x8c\xec\xaa\x01\xec\x0fV\"a\xd1\xef\x82TY<!\xe6Z\xa6@\x94L_\xe2\x8b\xd0\xa11\xf1\x97\x00\xa3\xa3>\xc4\x12\x18\xf6\xb5\xa2\xf2\x1d8\xecgK\xe7\xca7\x99f<Z\xaa\xd6\xfaO0\xbd%\\\xd9\xe6\xdd\xb7\x9e=\n\xab\xbc\x93o/z\x14`I`_\xfcdk\'\xa8\xf01\xef\xac\f\xe7\x06}<6JMV\"\x1al\xa62,\x85,`K\x89\x97\xb0UmF\xa2\x9f\x01|\xaf\xfd\xb9K\xb6\t\x96\xdc2\xeb\x00M\xf9=\x9fW\xd4\x87q@\x9e#}*\xd6\x10\x002\xf5\x8e\x94\x03\xbb\x0e\xc7Gl\xefJ\x01\x12J\t\xd0h\xf9\f\xfd\xbb\xa7\x8f6\xcc\xa8\x89\xb2\x8a\xbb\rNH\x18\xd4\xe1\b\x89\x9edmY-\x01\xaf\xca\xf2\x13\x06 )\x12\xf2|~%\x8a\xaa\xf5R6\xfe\xd2,\t\x8d\a} \x00\x98\xa6\xea\x95K\xda\xbde\xfa>i\xb6\x87\xa2f\x897\xc5*\a\xf5\xb8\xf7\xd0{\b\xcb\t\x19*\xbb\x83\x14\r\x1ac\x81\x8e\xe3\xca\x11\xcc\x05Q\x93\x00q/\x9c\xfel\x83[\xf0\r\x1eW\xdd \xd2\xe6D\xfa-0\\#\xf3+C\xa7\xbf\xc3\xac\xf2\xef\xbf\xce\x17\x8e\xc8\xbcdJ\x00\xbe\x8el\xbdB\xa7\xeb\xa5\x0e\x03\xee\x0e\x06\xb7\xfa\x12\xf9\xcb\x11\f\xfe\xbc\xa6\x8c\xcc\xe1,\x81bI\xc9X0t\x85\xd8(\x00'/435, r1)
setsockopt$inet6_tcp_buf(0xffffffffffffffff, 0x6, 0x1f, &(0x7f0000000180), 0x0)
r3 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
r4 = dup2(r3, r3)
fcntl$notify(r4, 0x402, 0x3f)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
write$binfmt_elf64(r5, &(0x7f0000001140)=ANY=[@ANYBLOB="7f454c4620040000000000000000000002003e00ebffffff7c000000000000004000000000000000020000000000000000000000060038000100feff03000300030000000f000000080000000000000011000000000000000000000000000000e100000000000000010000000000000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000270000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000"/1657], 0x678)
close(r5)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x1000)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000000)=0x10, 0x4)
socket$nl_route(0x10, 0x3, 0x0)

5.844402725s ago: executing program 5 (id=2030):
r0 = socket(0x2c, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="110000000400000004000000ff"], 0x17)
ioctl$BTRFS_IOC_START_SYNC(r0, 0x80089418, &(0x7f0000000040))
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000340)={r1, &(0x7f0000000040), &(0x7f0000000080)=@udp=r0}, 0x20)
syz_usb_connect(0x3, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000fdc01a40f30c74933bbc0000000109021b0001000000000904000001a7a00f000905", @ANYRESDEC], 0x0)

5.035146484s ago: executing program 3 (id=2032):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = memfd_create(&(0x7f0000000180)='\xf3e\t\x9f\x918\xc0y\x01c\x1fnux\x00sV\ad\xb0l \xfd\xd7\x8e\x7f\x89\xb8\xc5;~\x7f\x00~K\xfbP\x84=\xfa\x81\f\x1et\x10\x0e\xcf^9\xbe\\', 0x1)
pwrite64(r2, &(0x7f00000008c0)='/', 0x1, 0x0)
lseek(r2, 0x0, 0x4)
sendfile(r2, r2, &(0x7f00000001c0), 0x7fa)

5.012688114s ago: executing program 0 (id=2033):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f00000002c0)=[@in={0x2, 0x4e23, @empty}], 0x10)
sendto$inet6(r0, &(0x7f0000000000)="f7", 0x1, 0x8081, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0x4}, 0x1c)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x11, 0x4, 0x4, 0xff}, 0x48)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000002c0)={r1, &(0x7f0000000280)}, 0x20)
r2 = socket$inet6(0x10, 0x3, 0x0)
sendto$inet6(r2, &(0x7f0000000180)="900000001d001f4d154a817393278bff0a80a578020000000404840014000100ac1414bb0542d6401051a2d708f37ac8da1a297e0099c5ac0000c5b068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000766436c0c80cefd28581d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa241731ae9e0b390", 0x90, 0x0, 0x0, 0x0)
r3 = syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000580)={{0x12, 0x1, 0x200, 0x0, 0x0, 0x0, 0x8, 0x1e7d, 0x3138, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, "", [{{0x9, 0x4, 0x0, 0x0, 0x9, 0x3, 0x0, 0x2cef1aac1ea0fae2, 0x0, {0x9, 0x21, 0x8, 0x2c, 0x1, {0x22, 0x28}}, {{{0x9, 0x5, 0x81, 0x3, 0x20, 0x7e, 0x81, 0x6}}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r3, 0x0, 0x0)
syz_usb_control_io(r3, &(0x7f0000000300)={0x2c, &(0x7f0000000200)=ANY=[@ANYBLOB=' \x00+'], 0x0, 0x0, 0x0, 0x0}, 0x0)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000100)={0xb, 0x84, 0x7, 0x5, 0x5, 0xfd, 0x0, 0x0, 0xfd, 0x5, 0x3, 0x0, 0xff}, 0xe)
recvmmsg(r0, &(0x7f0000000480)=[{{0x0, 0x0, 0x0, 0x6c}, 0x8}], 0x1, 0x20, 0x0)

4.995879809s ago: executing program 4 (id=2035):
syz_usb_connect(0x6, 0x1b, &(0x7f0000000480)={{0x12, 0x1, 0x110, 0x25, 0x98, 0x1e, 0x20, 0x83a, 0xa704, 0x53a9, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x9, 0x0, 0x7, 0x9, 0x0, 0x3}}]}}, 0x0)
syz_usb_connect$cdc_ncm(0x4, 0xae, &(0x7f0000000000)={{0x12, 0x1, 0x250, 0x2, 0x0, 0x0, 0xff, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x9c, 0x2, 0x1, 0xe3, 0x50, 0x81, "", {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0xb, 0x24, 0x6, 0x0, 0x1, "335389b9f0a2"}, {0x5}, {0xd, 0x24, 0xf, 0x1, 0x100, 0x6, 0xa}, {0x6, 0x24, 0x1a, 0x2, 0x18}, [@country_functional={0x10, 0x24, 0x7, 0x7f, 0x702, [0x4, 0x1, 0x4, 0x4317, 0x7f]}, @mdlm={0x15, 0x24, 0x12, 0x4}, @country_functional={0x10, 0x24, 0x7, 0x75, 0x81, [0xec60, 0x8, 0x101, 0x8000, 0xcd]}, @call_mgmt={0x5, 0x24, 0x1, 0x2, 0xb6}]}, {{0x9, 0x5, 0x81, 0x3, 0x8, 0x4, 0xd, 0x7}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x10, 0x4, 0x1, 0xb}}, {{0x9, 0x5, 0x3, 0x2, 0x400, 0x3, 0x1, 0xf}}}}}}}]}}, &(0x7f00000003c0)={0xa, &(0x7f00000000c0)={0xa, 0x6, 0x200, 0x19, 0xc, 0x1, 0x40}, 0x5b, &(0x7f0000000100)={0x5, 0xf, 0x5b, 0x3, [@ss_container_id={0x14, 0x10, 0x4, 0x9, "a26a57b2b52fa9dcac4465aab164267b"}, @generic={0x2e, 0x10, 0x1, "a5bbec5ebd0bf39467c2b0a9e7398d9118f37da5c7a2e8f03e3ec501f09817b97daad00959e48b0bf2884b"}, @ss_container_id={0x14, 0x10, 0x4, 0xb, "af5c6616ff6768c1846fed33ec817689"}]}, 0x4, [{0xe6, &(0x7f0000000180)=@string={0xe6, 0x3, "a93629a85e4fa3663b3d3eb0ee5127d42b67bb0ddd802654b531013fb5c7f337d6b5297342883bf2a487b665495eaeee2c590d39a1743f02aa6173166aa358eecd3ac6fb9cbcde29969ce3ecc961d714fe91a98afe1463df9ea0b2b296d46498e3f008301dae52778ce4e969e54b23b332f382e3864b0ffee3d4417f4bf6e0b9e03463d68ae8b418da8ed16457c2fec9a0e8f9fe2620b83e762915b6278dadce4e11c5c5fd70c7ecaad35673ffd3018f835520756c1a282e93e391370a2431496fef5fbf40b6e8c76f9c899abad47bdc6618bfa17ec1e0186971c266ed68a10b0030badd"}}, {0x21, &(0x7f00000004c0)=ANY=[@ANYBLOB="2103844ca5be5f7b413b04de5d61e010b06bff053230f6eb88ea5c96da3a278bcbe8507fd1397a203bcb9d3d4984aed82e0d751c1ec1cf7f9911ae646361a319316466e2f34f1b9023cab79fbb839fcf355b50feb8c0707a1ccdda0ad72e30ebca31b0a0de545a0f6d2ddf7e4234938a0c8dde5b66f9adcc6072492bd1290663f6199a81ad7c71bd7012c382992ef476e69c61408fff5e45efd3dda81143ce6f6461ee98e23860e00bddbe7167fdc46209c5d34b01c1ab7d0e7c2c75582a4091089f569ddcd684a48f749a0323f8fa497f87ab3350da708feb"]}, {0xa0, &(0x7f00000002c0)=@string={0xa0, 0x3, "74ee36825930f3b608270dc4999e59066c38405ed4cfd61a38b89da9645aa17f64ca2cfb43c6b17eb9d1f8f1e0f6d35d2f7279a21cdeb463fd5bafb433660c49d99f4d842fcfbed1b6e28491ceabc0868f38f9e70c54e33f8d3d1d19506d03c367e4ce765cf2d2150c1439b915d36e2c1cabd423b228bd709d33f2e6f9038a878f74facc8f70d0ff32d05ccae097107117d2975dd9f80437a10edbbe0ada"}}, {0x4, &(0x7f0000000380)=@lang_id={0x4, 0x3, 0x1009}}]})
syz_usb_connect(0x0, 0x7da, &(0x7f0000000780)={{0x12, 0x1, 0x250, 0xc5, 0xc7, 0x1a, 0xff, 0xb48, 0x3009, 0xe265, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x7c8, 0x3, 0x2, 0x6, 0x0, 0x1, "", [{{0x9, 0x4, 0xca, 0x0, 0xa, 0x6, 0xc1, 0x35, 0xf, [@uac_as={[@format_type_ii_ext={0xa, 0x24, 0x2, 0x2, 0x7fff, 0x2, 0xd8, 0x5}, @format_type_ii_ext={0xa, 0x24, 0x2, 0x2, 0x8, 0xfde2, 0x5, 0xb}, @as_header={0x7, 0x24, 0x1, 0x16, 0x7, 0x1}, @format_type_i_continuous={0x9, 0x24, 0x2, 0x1, 0x81, 0x1, 0x2, 0xfd, "92"}]}, @generic={0x84, 0x3, "6bc3399db61bc559994225facb57f6ba28ab6b9b375483c09ad5e3de4cda54214a5f16c72490cc930c3f82f4075b96890fa6c36f1955f7d59cf0c9cdc11423330fa17945a984beac227784b11e2c9757da6a58b4142bef81358520fd945c947d2385faaedd0285ba31514eefd9701b9227a2a6a38224d32a8c2a4acc755d3980962b"}], [{{0x9, 0x5, 0x5, 0x2, 0x200, 0xff, 0x5, 0x4}}, {{0x9, 0x5, 0x8, 0x0, 0x200, 0x7, 0x81, 0x3}}, {{0x9, 0x5, 0x9, 0x3, 0x40, 0x8, 0x8, 0x2, [@uac_iso={0x7, 0x25, 0x1, 0xc, 0xfe}]}}, {{0x9, 0x5, 0x8, 0x0, 0x10, 0xfb, 0xc, 0xb}}, {{0x9, 0x5, 0x0, 0x0, 0x10, 0x6, 0x81, 0x6}}, {{0x9, 0x5, 0x5, 0x10, 0x8, 0x5, 0x81, 0x38, [@generic={0x25, 0x1, "2800dc7105338b50444c4aaee2337c3682f0123e2ff2f6f308524786f13a68b3e915a9"}]}}, {{0x9, 0x5, 0x9, 0x3, 0x18, 0x40, 0x9, 0x4}}, {{0x9, 0x5, 0xc, 0x0, 0x20, 0x6, 0x3, 0x0, [@generic={0xac, 0x8, "0b5f9db121e2a2116a65029ceedb428c9b31d99a0bd0d59c1c2856a523e83b1b5b59a5391e2b6e4656e2972013f0868e13364e8fbd04bd444df159a2e0b299725603534c825e58e4ac3b8b5f06bdb48d20288c1203dc6549291f5278f51330f44b20347c50f4a2d5ec843b56798330cd7893c41d6e6da3c19bd7c849cfb7efa833d0816796601bb5e6c4a83d3f2aa13b87e7c75ba58b464eea86fffa7d83df6dc103c5b6f8365fccce75"}, @uac_iso={0x7, 0x25, 0x1, 0x8, 0x2c, 0x7}]}}, {{0x9, 0x5, 0x4, 0x0, 0x10, 0x5, 0x80, 0x40}}, {{0x9, 0x5, 0x8, 0x8, 0x40, 0xb1, 0x9, 0x3, [@uac_iso={0x7, 0x25, 0x1, 0x8, 0xf7, 0x9}]}}]}}, {{0x9, 0x4, 0xc8, 0x1, 0x9, 0x2, 0x2, 0x1, 0xc, [@uac_as={[@format_type_ii_discrete={0xa, 0x24, 0x2, 0x2, 0x40, 0x501a, 0x80, '5'}]}, @cdc_ncm={{0xb, 0x24, 0x6, 0x0, 0x1, "b1e9bdb36c56"}, {0x5, 0x24, 0x0, 0x7}, {0xd, 0x24, 0xf, 0x1, 0x8, 0xfff8, 0x8, 0x4}, {0x6, 0x24, 0x1a, 0xe1, 0x3f}, [@country_functional={0xe, 0x24, 0x7, 0x7, 0xd, [0x1, 0x5178, 0x5, 0xdb7]}, @dmm={0x7, 0x24, 0x14, 0x3f02, 0x37}, @mbim={0xc, 0x24, 0x1b, 0xab, 0x3, 0x40, 0x2, 0xff, 0xa}, @mbim={0xc, 0x24, 0x1b, 0x3, 0xff, 0x3, 0x5, 0xbd6, 0x10}, @mbim_extended={0x8, 0x24, 0x1c, 0x5, 0x43, 0x1}]}], [{{0x9, 0x5, 0x1, 0x4, 0x458, 0x9, 0x5, 0x6}}, {{0x9, 0x5, 0x3, 0x3, 0x20, 0x4, 0xa, 0x7}}, {{0x9, 0x5, 0x4, 0x0, 0x40, 0xb, 0x0, 0x2, [@generic={0x7a, 0x23, "ba45827c4d010b107948b801223ef5288264ed349e556f2fce4cf871a112ce42ee272408a42d6d411be49ad870a5bec230f1266804d20c26b907ddedf4171aeb1a9ac1e0b5f74aae1380111492e9f6bd5096bc59f19ecbafa74c33c7dcabb1a01357186cd74ba8e185d69231845eb4874c077becb4546c3e"}, @uac_iso={0x7, 0x25, 0x1, 0x0, 0x7, 0x42}]}}, {{0x9, 0x5, 0xf, 0x1, 0x10, 0x4, 0x87, 0x10, [@uac_iso={0x7, 0x25, 0x1, 0x8, 0x81, 0x401}]}}, {{0x9, 0x5, 0x8, 0x10, 0x200, 0xd, 0x1, 0x1d, [@generic={0xe8, 0x3, "691dd6242504aaaebb8a06789f2ad296f759826c7f4c46ef8bbaa5111275274d3dedf059cdadc4649545213dbb088c0e02887cdb3958ed82163b0ec2174ade4fea6d99fffbff7121188bff65c758f5905d7b53332c44465cefd77d04c2ef0b972b2b51cb341f80172c58ca5ce46037549dc24aa5c46fca6f7ed987f4b015323b7f16efbbe6894c04b7935f325fd10b1ac05eb7f9e8c0c4acc9c3d3e1ecf342224f5c28a2bd4fad6c5ee9c8ae3f31d37f5973cc2ac74abce059f4eb44f6a7d1bc0fa39bd27c1f7feffc538a541eba27b85a7108ab9c6d34c3035d21ffe0a90974379e93a77582"}]}}, {{0x9, 0x5, 0x5, 0x0, 0x10, 0xac, 0x8, 0x7, [@uac_iso={0x7, 0x25, 0x1, 0xc, 0x6, 0xfff8}, @generic={0x24, 0x7, "6800471c8dfa95dbd5bb80acdca5d6d42bec6b328713b38389decac8e8240969fd94"}]}}, {{0x9, 0x5, 0xd, 0x10, 0x8, 0x6, 0x4, 0x4}}, {{0x9, 0x5, 0x80, 0x2, 0x200, 0x3, 0x1, 0x8}}, {{0x9, 0x5, 0x1, 0x0, 0x10, 0x8, 0x2, 0x7, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0xe, 0x2}, @generic={0x91, 0xc, "7566733cd6bcc6591dee191a53812112f8cf606a097d2eec652153cbfd8c7148ce263b301a6600cf5a3a1073dde0f6444eb999968ea65e9430567cb38a48fbe1c0bab8604b6b94305f7d4192992c5f05fa1afc2f9ccfcb8066163d8ebccd5d7f95d3444a53bf359749a1248a0f38fbc78d9c137ca04d87b6288bc0436955987c38defc182113a4a7118243dcb56edf"}]}}]}}, {{0x9, 0x4, 0xd1, 0x2, 0x4, 0x23, 0xa3, 0x75, 0x7, [@hid_hid={0x9, 0x21, 0x9, 0x1a, 0x1, {0x22, 0xde6}}, @generic={0x13, 0x9, "69b3fcae79b2be96bd29a25a491082d197"}], [{{0x9, 0x5, 0x2, 0x0, 0x82b0781ac9f0ed20, 0xea, 0xff, 0x3e, [@generic={0xf5, 0xd, "be7175961894a16eb3f1b60e685e339242e19e6441fa4cf5e1a1be3e98ba1dfdadbbb064c018f1ec8276a8e75eba926128e4374286e316bd4c86ba9b637a380bea1b98c76cc6a1bbf0187d6d787b9aa1b680b3a5554897a94e1fa3810f8a9d67afb9f00ebd61761be6530fe87393779c3c76bad86038ecdc6f9226ce9f727a5c4fa4122c35aba6308b91f9357c80f7912b602954ebded8a2d2e2db96e069fe2988477f8219660de9fa223bc3102547f9c0ba20890889831bfae7073bec1fd16cc45ab628c94ce6f9478e214a9c3553948587d4d4f2778640f744548879166a0647311e3b6e3cc9f6b27e549a1116be0c282411"}, @generic={0xe9, 0x23, "b0c0e666fb37e5447dad3b7d4f97a9dc4ffc9db39b4d2e345efdce538e66cc7661c2e26c40b5d45967271c6089c0f3b0f85910c7c2f046dbeffc67e871303aac83919060d015c75283d09639ced89d37bf9da9a94c052cff0024931da39a817c19b2ff255014c9f678d2cb110d0fc15b793ed5e3bb56c8d4448fde736feb46bd1965a280dcbe9041b765d180bb03abc241359f42d4976017f00d2cf0f5ea252788dbda1428e7a713b49ce7bf985c8b42270275995ea6c9d918ae786c0704f751d793dba5ae10fd48dd57660918ee3e325bfb22b61b0ee8e5c560c51373955a0ac29824ec7b1f45"}]}}, {{0x9, 0x5, 0xd, 0x0, 0x8, 0x6, 0x8, 0xe}}, {{0x9, 0x5, 0xf, 0x0, 0x200, 0xb, 0x92, 0x8, [@uac_iso={0x7, 0x25, 0x1, 0x4, 0x2, 0x100}]}}, {{0x9, 0x5, 0x6, 0x10, 0x40, 0x10, 0xab, 0x4, [@uac_iso={0x7, 0x25, 0x1, 0x8, 0x5, 0xb15a}, @generic={0xaa, 0x23, "d094508fe478e6916831b22e38721fc0f3afce00f4345bd39076062d945c80cbf5e5942e1cd3f803a8c1f6d2c89b7b8fcd42bd4726bc6daa2def302784b6aee7e10d6792a003757bcaa89a4c69fd34900eb8ff0d51b1a0dd481897d796792594525b14dfc56b0a78e224cad5a916444378ab140dd1ce757f06bf20151b7107f59f058f90864290b517dc499ab71c022dc6a1fa8a3dde9b4746c3080d263ab7388386f288d29409dc"}]}}]}}]}}]}}, &(0x7f0000001180)={0xa, &(0x7f0000000f80)={0xa, 0x6, 0x300, 0x9, 0x5, 0xad, 0xff, 0xfe}, 0x29, &(0x7f0000000fc0)={0x5, 0xf, 0x29, 0x1, [@ssp_cap={0x24, 0x10, 0xa, 0x2, 0x6, 0x4, 0xf, 0x5, [0x3f30, 0xc0, 0xc0, 0x0, 0xf, 0x30]}]}, 0x4, [{0x4, &(0x7f0000001000)=@lang_id={0x4, 0x3, 0x402}}, {0x2c, &(0x7f0000001040)=@string={0x2c, 0x3, "7ce4cf65baaf59ef304b17d35281628981459f29c690949f131f340f429fcf13794b27955b3311ecdb67"}}, {0xa8, &(0x7f0000001080)=@string={0xa8, 0x3, "182d4568ebe7367266823a7b97ff46246e564370114a1666d711224862fcdfc42d176c6157b89dbff0fe379edc9b8952e3228db278faee0f9c21bc9fa7be3c7bd7ca1bad3ab8edd70ea4716ccb4db8a366cf22387fd6ae2571e9043ae558b456fbb11ba2816686c285e7b99fce0d0fb7a3d13e23e1067b57057cac14f02c45326b1f2d1b2cb731cd04b395b77e400f77a50449f6040dee53e6c3b3d4afa97ae73bda66bce271"}}, {0x4, &(0x7f0000001140)=@lang_id={0x4, 0x3, 0x41a}}]}) (async)
syz_usb_connect(0x0, 0x7da, &(0x7f0000000780)={{0x12, 0x1, 0x250, 0xc5, 0xc7, 0x1a, 0xff, 0xb48, 0x3009, 0xe265, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x7c8, 0x3, 0x2, 0x6, 0x0, 0x1, "", [{{0x9, 0x4, 0xca, 0x0, 0xa, 0x6, 0xc1, 0x35, 0xf, [@uac_as={[@format_type_ii_ext={0xa, 0x24, 0x2, 0x2, 0x7fff, 0x2, 0xd8, 0x5}, @format_type_ii_ext={0xa, 0x24, 0x2, 0x2, 0x8, 0xfde2, 0x5, 0xb}, @as_header={0x7, 0x24, 0x1, 0x16, 0x7, 0x1}, @format_type_i_continuous={0x9, 0x24, 0x2, 0x1, 0x81, 0x1, 0x2, 0xfd, "92"}]}, @generic={0x84, 0x3, "6bc3399db61bc559994225facb57f6ba28ab6b9b375483c09ad5e3de4cda54214a5f16c72490cc930c3f82f4075b96890fa6c36f1955f7d59cf0c9cdc11423330fa17945a984beac227784b11e2c9757da6a58b4142bef81358520fd945c947d2385faaedd0285ba31514eefd9701b9227a2a6a38224d32a8c2a4acc755d3980962b"}], [{{0x9, 0x5, 0x5, 0x2, 0x200, 0xff, 0x5, 0x4}}, {{0x9, 0x5, 0x8, 0x0, 0x200, 0x7, 0x81, 0x3}}, {{0x9, 0x5, 0x9, 0x3, 0x40, 0x8, 0x8, 0x2, [@uac_iso={0x7, 0x25, 0x1, 0xc, 0xfe}]}}, {{0x9, 0x5, 0x8, 0x0, 0x10, 0xfb, 0xc, 0xb}}, {{0x9, 0x5, 0x0, 0x0, 0x10, 0x6, 0x81, 0x6}}, {{0x9, 0x5, 0x5, 0x10, 0x8, 0x5, 0x81, 0x38, [@generic={0x25, 0x1, "2800dc7105338b50444c4aaee2337c3682f0123e2ff2f6f308524786f13a68b3e915a9"}]}}, {{0x9, 0x5, 0x9, 0x3, 0x18, 0x40, 0x9, 0x4}}, {{0x9, 0x5, 0xc, 0x0, 0x20, 0x6, 0x3, 0x0, [@generic={0xac, 0x8, "0b5f9db121e2a2116a65029ceedb428c9b31d99a0bd0d59c1c2856a523e83b1b5b59a5391e2b6e4656e2972013f0868e13364e8fbd04bd444df159a2e0b299725603534c825e58e4ac3b8b5f06bdb48d20288c1203dc6549291f5278f51330f44b20347c50f4a2d5ec843b56798330cd7893c41d6e6da3c19bd7c849cfb7efa833d0816796601bb5e6c4a83d3f2aa13b87e7c75ba58b464eea86fffa7d83df6dc103c5b6f8365fccce75"}, @uac_iso={0x7, 0x25, 0x1, 0x8, 0x2c, 0x7}]}}, {{0x9, 0x5, 0x4, 0x0, 0x10, 0x5, 0x80, 0x40}}, {{0x9, 0x5, 0x8, 0x8, 0x40, 0xb1, 0x9, 0x3, [@uac_iso={0x7, 0x25, 0x1, 0x8, 0xf7, 0x9}]}}]}}, {{0x9, 0x4, 0xc8, 0x1, 0x9, 0x2, 0x2, 0x1, 0xc, [@uac_as={[@format_type_ii_discrete={0xa, 0x24, 0x2, 0x2, 0x40, 0x501a, 0x80, '5'}]}, @cdc_ncm={{0xb, 0x24, 0x6, 0x0, 0x1, "b1e9bdb36c56"}, {0x5, 0x24, 0x0, 0x7}, {0xd, 0x24, 0xf, 0x1, 0x8, 0xfff8, 0x8, 0x4}, {0x6, 0x24, 0x1a, 0xe1, 0x3f}, [@country_functional={0xe, 0x24, 0x7, 0x7, 0xd, [0x1, 0x5178, 0x5, 0xdb7]}, @dmm={0x7, 0x24, 0x14, 0x3f02, 0x37}, @mbim={0xc, 0x24, 0x1b, 0xab, 0x3, 0x40, 0x2, 0xff, 0xa}, @mbim={0xc, 0x24, 0x1b, 0x3, 0xff, 0x3, 0x5, 0xbd6, 0x10}, @mbim_extended={0x8, 0x24, 0x1c, 0x5, 0x43, 0x1}]}], [{{0x9, 0x5, 0x1, 0x4, 0x458, 0x9, 0x5, 0x6}}, {{0x9, 0x5, 0x3, 0x3, 0x20, 0x4, 0xa, 0x7}}, {{0x9, 0x5, 0x4, 0x0, 0x40, 0xb, 0x0, 0x2, [@generic={0x7a, 0x23, "ba45827c4d010b107948b801223ef5288264ed349e556f2fce4cf871a112ce42ee272408a42d6d411be49ad870a5bec230f1266804d20c26b907ddedf4171aeb1a9ac1e0b5f74aae1380111492e9f6bd5096bc59f19ecbafa74c33c7dcabb1a01357186cd74ba8e185d69231845eb4874c077becb4546c3e"}, @uac_iso={0x7, 0x25, 0x1, 0x0, 0x7, 0x42}]}}, {{0x9, 0x5, 0xf, 0x1, 0x10, 0x4, 0x87, 0x10, [@uac_iso={0x7, 0x25, 0x1, 0x8, 0x81, 0x401}]}}, {{0x9, 0x5, 0x8, 0x10, 0x200, 0xd, 0x1, 0x1d, [@generic={0xe8, 0x3, "691dd6242504aaaebb8a06789f2ad296f759826c7f4c46ef8bbaa5111275274d3dedf059cdadc4649545213dbb088c0e02887cdb3958ed82163b0ec2174ade4fea6d99fffbff7121188bff65c758f5905d7b53332c44465cefd77d04c2ef0b972b2b51cb341f80172c58ca5ce46037549dc24aa5c46fca6f7ed987f4b015323b7f16efbbe6894c04b7935f325fd10b1ac05eb7f9e8c0c4acc9c3d3e1ecf342224f5c28a2bd4fad6c5ee9c8ae3f31d37f5973cc2ac74abce059f4eb44f6a7d1bc0fa39bd27c1f7feffc538a541eba27b85a7108ab9c6d34c3035d21ffe0a90974379e93a77582"}]}}, {{0x9, 0x5, 0x5, 0x0, 0x10, 0xac, 0x8, 0x7, [@uac_iso={0x7, 0x25, 0x1, 0xc, 0x6, 0xfff8}, @generic={0x24, 0x7, "6800471c8dfa95dbd5bb80acdca5d6d42bec6b328713b38389decac8e8240969fd94"}]}}, {{0x9, 0x5, 0xd, 0x10, 0x8, 0x6, 0x4, 0x4}}, {{0x9, 0x5, 0x80, 0x2, 0x200, 0x3, 0x1, 0x8}}, {{0x9, 0x5, 0x1, 0x0, 0x10, 0x8, 0x2, 0x7, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0xe, 0x2}, @generic={0x91, 0xc, "7566733cd6bcc6591dee191a53812112f8cf606a097d2eec652153cbfd8c7148ce263b301a6600cf5a3a1073dde0f6444eb999968ea65e9430567cb38a48fbe1c0bab8604b6b94305f7d4192992c5f05fa1afc2f9ccfcb8066163d8ebccd5d7f95d3444a53bf359749a1248a0f38fbc78d9c137ca04d87b6288bc0436955987c38defc182113a4a7118243dcb56edf"}]}}]}}, {{0x9, 0x4, 0xd1, 0x2, 0x4, 0x23, 0xa3, 0x75, 0x7, [@hid_hid={0x9, 0x21, 0x9, 0x1a, 0x1, {0x22, 0xde6}}, @generic={0x13, 0x9, "69b3fcae79b2be96bd29a25a491082d197"}], [{{0x9, 0x5, 0x2, 0x0, 0x82b0781ac9f0ed20, 0xea, 0xff, 0x3e, [@generic={0xf5, 0xd, "be7175961894a16eb3f1b60e685e339242e19e6441fa4cf5e1a1be3e98ba1dfdadbbb064c018f1ec8276a8e75eba926128e4374286e316bd4c86ba9b637a380bea1b98c76cc6a1bbf0187d6d787b9aa1b680b3a5554897a94e1fa3810f8a9d67afb9f00ebd61761be6530fe87393779c3c76bad86038ecdc6f9226ce9f727a5c4fa4122c35aba6308b91f9357c80f7912b602954ebded8a2d2e2db96e069fe2988477f8219660de9fa223bc3102547f9c0ba20890889831bfae7073bec1fd16cc45ab628c94ce6f9478e214a9c3553948587d4d4f2778640f744548879166a0647311e3b6e3cc9f6b27e549a1116be0c282411"}, @generic={0xe9, 0x23, "b0c0e666fb37e5447dad3b7d4f97a9dc4ffc9db39b4d2e345efdce538e66cc7661c2e26c40b5d45967271c6089c0f3b0f85910c7c2f046dbeffc67e871303aac83919060d015c75283d09639ced89d37bf9da9a94c052cff0024931da39a817c19b2ff255014c9f678d2cb110d0fc15b793ed5e3bb56c8d4448fde736feb46bd1965a280dcbe9041b765d180bb03abc241359f42d4976017f00d2cf0f5ea252788dbda1428e7a713b49ce7bf985c8b42270275995ea6c9d918ae786c0704f751d793dba5ae10fd48dd57660918ee3e325bfb22b61b0ee8e5c560c51373955a0ac29824ec7b1f45"}]}}, {{0x9, 0x5, 0xd, 0x0, 0x8, 0x6, 0x8, 0xe}}, {{0x9, 0x5, 0xf, 0x0, 0x200, 0xb, 0x92, 0x8, [@uac_iso={0x7, 0x25, 0x1, 0x4, 0x2, 0x100}]}}, {{0x9, 0x5, 0x6, 0x10, 0x40, 0x10, 0xab, 0x4, [@uac_iso={0x7, 0x25, 0x1, 0x8, 0x5, 0xb15a}, @generic={0xaa, 0x23, "d094508fe478e6916831b22e38721fc0f3afce00f4345bd39076062d945c80cbf5e5942e1cd3f803a8c1f6d2c89b7b8fcd42bd4726bc6daa2def302784b6aee7e10d6792a003757bcaa89a4c69fd34900eb8ff0d51b1a0dd481897d796792594525b14dfc56b0a78e224cad5a916444378ab140dd1ce757f06bf20151b7107f59f058f90864290b517dc499ab71c022dc6a1fa8a3dde9b4746c3080d263ab7388386f288d29409dc"}]}}]}}]}}]}}, &(0x7f0000001180)={0xa, &(0x7f0000000f80)={0xa, 0x6, 0x300, 0x9, 0x5, 0xad, 0xff, 0xfe}, 0x29, &(0x7f0000000fc0)={0x5, 0xf, 0x29, 0x1, [@ssp_cap={0x24, 0x10, 0xa, 0x2, 0x6, 0x4, 0xf, 0x5, [0x3f30, 0xc0, 0xc0, 0x0, 0xf, 0x30]}]}, 0x4, [{0x4, &(0x7f0000001000)=@lang_id={0x4, 0x3, 0x402}}, {0x2c, &(0x7f0000001040)=@string={0x2c, 0x3, "7ce4cf65baaf59ef304b17d35281628981459f29c690949f131f340f429fcf13794b27955b3311ecdb67"}}, {0xa8, &(0x7f0000001080)=@string={0xa8, 0x3, "182d4568ebe7367266823a7b97ff46246e564370114a1666d711224862fcdfc42d176c6157b89dbff0fe379edc9b8952e3228db278faee0f9c21bc9fa7be3c7bd7ca1bad3ab8edd70ea4716ccb4db8a366cf22387fd6ae2571e9043ae558b456fbb11ba2816686c285e7b99fce0d0fb7a3d13e23e1067b57057cac14f02c45326b1f2d1b2cb731cd04b395b77e400f77a50449f6040dee53e6c3b3d4afa97ae73bda66bce271"}}, {0x4, &(0x7f0000001140)=@lang_id={0x4, 0x3, 0x41a}}]})
syz_usb_connect$cdc_ecm(0x0, 0x91, &(0x7f00000005c0)={{0x12, 0x1, 0x110, 0x2, 0x0, 0x0, 0x20, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x7f, 0x1, 0x1, 0x0, 0x1a0, 0x6, "", [{{0x9, 0x4, 0x0, 0x9, 0x3, 0x2, 0x6, 0x0, 0x7, {{0x5}, {0x5, 0x24, 0x0, 0x9}, {0xd, 0x24, 0xf, 0x1, 0x13, 0x4, 0x4, 0x2c}, [@mdlm={0x15, 0x24, 0x12, 0x5}, @network_terminal={0x7, 0x24, 0xa, 0xf1, 0x4, 0x3, 0x8}, @mbim_extended={0x8, 0x24, 0x1c, 0x1ff, 0xb5, 0xfff8}, @country_functional={0x12, 0x24, 0x7, 0x7, 0x4c7c, [0xf9a7, 0x4, 0x2e74, 0xfff, 0x9, 0x1]}, @obex={0x5, 0x24, 0x15, 0xff}]}, {[{{0x9, 0x5, 0x81, 0x3, 0x3ff, 0x0, 0x7d, 0xe2}}], {{0x9, 0x5, 0x82, 0x2, 0x8, 0x9, 0x4, 0x7}}, {{0x9, 0x5, 0x3, 0x2, 0x10, 0xc, 0x3, 0xf}}}}}]}}]}}, &(0x7f0000000740)={0xa, &(0x7f0000000280)={0xa, 0x6, 0x250, 0xc6, 0xc0, 0x8, 0x10}, 0x35, &(0x7f0000000440)={0x5, 0xf, 0x35, 0x4, [@ss_container_id={0x14, 0x10, 0x4, 0x0, "fbc4e99a30dda77fb9a4cb2086b6ec02"}, @ss_cap={0xa, 0x10, 0x3, 0x2, 0x6, 0x4, 0xf8, 0xfc1}, @ext_cap={0x7, 0x10, 0x2, 0x18, 0x6, 0x7, 0x6d}, @wireless={0xb, 0x10, 0x1, 0xc, 0x46, 0xc0, 0x6, 0x4, 0x9}]}, 0x1, [{0xaa, &(0x7f0000000680)=@string={0xaa, 0x3, "a4b6f7af4e09654a08b58e0d3f3877b21598c55622dcf1695b6a1ff09a4b1557e0fcaf37bd90a27235d9ebaa18471993edd0807a224097fb2ac3aeb92f385120edd996195f632b5bafcda422d4c5fdc407e4dfa886b9891bc70772d3cc27885dddd336c58faf4db7cf541b59b6a35893a11061338324e1f24433daa772505001ec5bb09bfb5161c571b58136f353a8ee1881ff6b89644554508dd61d48c390b6c25839f9086a917f"}}]}) (async)
syz_usb_connect$cdc_ecm(0x0, 0x91, &(0x7f00000005c0)={{0x12, 0x1, 0x110, 0x2, 0x0, 0x0, 0x20, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x7f, 0x1, 0x1, 0x0, 0x1a0, 0x6, "", [{{0x9, 0x4, 0x0, 0x9, 0x3, 0x2, 0x6, 0x0, 0x7, {{0x5}, {0x5, 0x24, 0x0, 0x9}, {0xd, 0x24, 0xf, 0x1, 0x13, 0x4, 0x4, 0x2c}, [@mdlm={0x15, 0x24, 0x12, 0x5}, @network_terminal={0x7, 0x24, 0xa, 0xf1, 0x4, 0x3, 0x8}, @mbim_extended={0x8, 0x24, 0x1c, 0x1ff, 0xb5, 0xfff8}, @country_functional={0x12, 0x24, 0x7, 0x7, 0x4c7c, [0xf9a7, 0x4, 0x2e74, 0xfff, 0x9, 0x1]}, @obex={0x5, 0x24, 0x15, 0xff}]}, {[{{0x9, 0x5, 0x81, 0x3, 0x3ff, 0x0, 0x7d, 0xe2}}], {{0x9, 0x5, 0x82, 0x2, 0x8, 0x9, 0x4, 0x7}}, {{0x9, 0x5, 0x3, 0x2, 0x10, 0xc, 0x3, 0xf}}}}}]}}]}}, &(0x7f0000000740)={0xa, &(0x7f0000000280)={0xa, 0x6, 0x250, 0xc6, 0xc0, 0x8, 0x10}, 0x35, &(0x7f0000000440)={0x5, 0xf, 0x35, 0x4, [@ss_container_id={0x14, 0x10, 0x4, 0x0, "fbc4e99a30dda77fb9a4cb2086b6ec02"}, @ss_cap={0xa, 0x10, 0x3, 0x2, 0x6, 0x4, 0xf8, 0xfc1}, @ext_cap={0x7, 0x10, 0x2, 0x18, 0x6, 0x7, 0x6d}, @wireless={0xb, 0x10, 0x1, 0xc, 0x46, 0xc0, 0x6, 0x4, 0x9}]}, 0x1, [{0xaa, &(0x7f0000000680)=@string={0xaa, 0x3, "a4b6f7af4e09654a08b58e0d3f3877b21598c55622dcf1695b6a1ff09a4b1557e0fcaf37bd90a27235d9ebaa18471993edd0807a224097fb2ac3aeb92f385120edd996195f632b5bafcda422d4c5fdc407e4dfa886b9891bc70772d3cc27885dddd336c58faf4db7cf541b59b6a35893a11061338324e1f24433daa772505001ec5bb09bfb5161c571b58136f353a8ee1881ff6b89644554508dd61d48c390b6c25839f9086a917f"}}]})
r0 = syz_usb_connect$uac3(0x4, 0xd8, &(0x7f0000001200)={{0x12, 0x1, 0x250, 0x0, 0x0, 0x0, 0xff, 0x582, 0x44, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xc6, 0x3, 0x1, 0x80, 0x0, 0x3, {0x8, 0xb, 0x1, 0x2, 0x1, 0x1, 0x30, 0x6}, {{{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x30, 0x0, {{0xa, 0x24, 0x1, 0x2, 0x14, 0x5}, [@selector_unit={0xa, 0x24, 0xc, 0x9, 0x5, "3ef502f16d"}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x30, 0x0, {[@format_type_i_descriptor={0x6, 0x24, 0x2, 0x1, 0x3}, @format_type_i_continuous={0xb, 0x24, 0x2, 0x1, 0x7, 0x4, 0x4, 0x1, "", "56cd1a"}]}, {{0x9, 0x5, 0x1, 0x9, 0x20, 0x7, 0x6, 0x9, {0xa, 0x25, 0x25, 0x0, 0x9, 0x5dcc}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x30, 0x0, {[@format_type_ii_ext={0xa, 0x24, 0x2, 0x2, 0x4, 0x8, 0xd7, 0x7}, @format_type_i_continuous={0x9, 0x24, 0x2, 0x1, 0x2, 0x3, 0x2, 0x0, '+'}, @format_type_i_continuous={0xd, 0x24, 0x2, 0x1, 0x81, 0x1, 0x9, 0x4, "4199", "9597f3"}, @format_type_ii_discrete={0x9, 0x24, 0x2, 0x2, 0x3, 0x9, 0x4}, @format_type_i_continuous={0xc, 0x24, 0x2, 0x1, 0x5, 0x1, 0xe0, 0x80, '<=', "fc54"}, @format_type_i_discrete={0x8, 0x24, 0x2, 0x1, 0x7, 0x4, 0x1}]}, {{0x9, 0x5, 0x82, 0x9, 0x10, 0xff, 0xf, 0x0, {0xa, 0x25, 0x25, 0x9, 0x9, 0x303f}}}}}}}}]}}, &(0x7f00000015c0)={0xa, &(0x7f0000001300)={0xa, 0x6, 0x250, 0x5, 0x7, 0x45, 0x20, 0x1}, 0x35, &(0x7f0000001340)={0x5, 0xf, 0x35, 0x5, [@ssp_cap={0x10, 0x10, 0xa, 0x2, 0x1, 0x10000, 0xf, 0x2, [0xff3f]}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0x17, 0x8, 0xec, 0xd0}, @ptm_cap={0x3}, @ssp_cap={0x10, 0x10, 0xa, 0x1, 0x1, 0x9, 0x0, 0x8, [0x30]}, @ptm_cap={0x3}]}, 0x6, [{0xba, &(0x7f0000001380)=@string={0xba, 0x3, "86da53bff44bdb45660bfafa957aefa801961b855df1b8a921b1f9346b00fc702cd38962501c62ab70a8d4bb6e0f0fbfae13d4ec619b199424e8b9a7f3bb91caf9a25853e9c876b37aaac2baf57d32280e183f1efe96bad8d21cc1a44ca196c10269095782818b0185613a75053b57ebcaf6ace90226874eec324f8c7f72fed3e64245b9cc30bfc9d67690e8e80575e85b2784892c1846e3f5b4313ceb8c400b849902c4c79dd59faf7ad9d26b840d9f3b8a6eb051578e5a"}}, {0x4, &(0x7f0000001440)=@lang_id={0x4, 0x3, 0x425}}, {0x4, &(0x7f0000001480)=@lang_id={0x4, 0x3, 0x2804}}, {0x9, &(0x7f00000014c0)=@string={0x9, 0x3, "9e3db7f7fad3fc"}}, {0x75, &(0x7f0000001500)=@string={0x75, 0x3, "1c1579caa82e060113579f577534c16dc62e668dc9ff08cba9df46c800fc23e9e7df1f9a4003fe583cda492838fd120ccd9d8a42580e278511083711f257acd17214a1985606c6ff4dece8190f30b58bfb787eedfcef3795ab7b6eb43a3dbb442c2ed5d48b1ebb82c1f76851882459a1968c0c"}}, {0x11, &(0x7f0000001580)=@string={0x11, 0x3, "9f064d975e255880090fc471055751"}}]})
syz_usb_disconnect(r0)

3.679340192s ago: executing program 5 (id=2040):
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = openat$vicodec1(0xffffff9c, &(0x7f0000000440), 0x2, 0x0)
ioctl$VIDIOC_QBUF(r2, 0xc058560f, &(0x7f0000000240)=@multiplanar_userptr={0xa, 0xd, 0x4, 0x800000, 0x40000000, {}, {0x1, 0x8, 0x4, 0x19, 0x38, 0xd, "3720d232"}, 0x5, 0x2, {0x0}, 0x101})
connect$unix(r0, &(0x7f000057eff8)=@abs={0x1, 0x0, 0x4e23}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000440)=ANY=[@ANYBLOB="240000000104010200000180000000000000000008000540000000000500010001"], 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
sendmsg$NFULNL_MSG_CONFIG(r3, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000340)={0x1c, 0x1, 0x4, 0x201, 0x0, 0x0, {0xa}, [@NFULA_CFG_CMD={0x5, 0x1, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x50}, 0x20000808)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
getpgid(0x0)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x1, 0x11, r4, 0x800000000000)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x2000, 0x6, &(0x7f0000bdd000/0x2000)=nil)
r5 = syz_open_dev$usbfs(&(0x7f0000000080), 0x75, 0x109301)
ioctl$USBDEVFS_SUBMITURB(r5, 0x8038550a, &(0x7f0000000340)=@urb_type_interrupt={0x1, {0x1, 0x1}, 0x7, 0x4, 0x0, 0x0, 0x9, 0x7, 0x0, 0x8, 0x9, 0x0})
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
syz_io_uring_setup(0x10a, 0x0, &(0x7f0000000340), 0x0, &(0x7f0000000000))
ioctl$KVM_SET_MEMORY_ATTRIBUTES(0xffffffffffffffff, 0x4020aed2, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x8)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x300000c, 0x50032, 0xffffffffffffffff, 0x0)

2.649692436s ago: executing program 5 (id=2048):
r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12014101f2c59620d016b8108ede0102030109022400010000100009040002020083ec0009050602000202000a09058202"], 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000800)={0x44, &(0x7f0000000cc0)=ANY=[@ANYBLOB="200a83"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$sierra_net(r0, 0x0, 0x0)
syz_usb_control_io$uac3(r0, 0x0, 0x0)
socket(0x2c, 0x800, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000380)={0x1c, &(0x7f0000000240)=ANY=[@ANYBLOB="400e2800"], 0x0, 0x0})

1.88695508s ago: executing program 4 (id=2054):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x133581, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x2710, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@textreal={0x8, &(0x7f00000001c0)="0f01cb363e6464670fae880050000066b91406000066b85eacd44e66ba000000000f3066b90d03000066b8d715691966baa1495ef00f300f01370f01cf0f01c266b9be0200000f320f01c40f20c06635000004000f22c0", 0x57}], 0x1, 0x1, 0x0, 0x0)
socket$inet_sctp(0x2, 0x0, 0x84)
r3 = socket(0x6, 0x5, 0xfffffffc)
connect$vsock_stream(r3, &(0x7f0000000040)={0x28, 0x0, 0x2710}, 0x10)
connect$vsock_stream(r3, &(0x7f0000000400)={0x28, 0x0, 0x2711, @my=0x0}, 0x10)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1.711554836s ago: executing program 3 (id=2055):
bpf$TOKEN_CREATE(0x24, &(0x7f0000000000), 0x8)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="2c000000200081dc00000000030000000200000000001dd8a82500000500160004000000080017004e22ac"], 0x2c}, 0x1, 0x0, 0x0, 0x81}, 0x44004)

1.623835894s ago: executing program 0 (id=2057):
syz_usb_connect$cdc_ecm(0x3, 0x60, &(0x7f0000000140)={{0x12, 0x1, 0x250, 0x2, 0x0, 0x0, 0x8, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x4e, 0x1, 0x1, 0x5, 0x60, 0x7, "", [{{0x9, 0x4, 0x0, 0x6, 0x2, 0x2, 0x6, 0x0, 0x8, {{0x7, 0x24, 0x6, 0x0, 0x0, "8d0d"}, {0x5, 0x24, 0x0, 0xff80}, {0xd, 0x24, 0xf, 0x1, 0x5, 0x0, 0xf800, 0x1}, [@country_functional={0x8, 0x24, 0x7, 0x1, 0xe, [0x9]}]}, {[{{0x9, 0x5, 0x81, 0x3, 0x20, 0xb, 0x0, 0x2}}], {{0x9, 0x5, 0x82, 0x2, 0x40, 0x8c, 0x2, 0x6}}, {{0x9, 0x5, 0x3, 0x2, 0x8, 0x1, 0x7f, 0x72}}}}}]}}]}}, &(0x7f00000006c0)={0xa, &(0x7f0000000200)={0xa, 0x6, 0x310, 0x3, 0xb9, 0x40, 0x10, 0x2}, 0x112, &(0x7f0000000240)={0x5, 0xf, 0x112, 0x4, [@generic={0x87, 0x10, 0x2, "e25164fc034f716dd9aded88e54b13a13e6bb15b271e0eb64414c428d4636495b73d1d2d6586045e8257b458ca71d075be76d9d1cf324c5add966ebdb05233178f51b8313c2b19dfdf690af96d68c6cee7e4e48a6dcff52e6e0c0d23d4db18be07926caa21ff67266e978a92fdcdd5457bb5ef43503d4481784efe77cc1a099216536d1f"}, @ptm_cap={0x3}, @ss_container_id={0x14, 0x10, 0x4, 0x9, "7a2595619282bd9b16012e79d88af5c3"}, @generic={0x6f, 0x10, 0xa, "b085e87643abf145c530d37684d37e8258ae6d05b88640dcad53c82acc6540c3b7727ed594cf584fe4661545a4f5c0bbd45974c535c04e5d0c53bb323c39d48cda6cf244158bcbc4979ef38caae4c7c0365962452b7744e0d4f88c8ab9cb13e1d2bffdccaf61005d9bf05fd0"}]}, 0x6, [{0x4, &(0x7f0000000380)=@lang_id={0x4, 0x3, 0x180a}}, {0x4, &(0x7f0000000400)=@lang_id={0x4, 0x3, 0x43f}}, {0x4, &(0x7f0000000440)=@lang_id={0x4, 0x3, 0x1404}}, {0x4, &(0x7f0000000480)=@lang_id={0x4, 0x3, 0x42f}}, {0xfe, &(0x7f0000000580)=@string={0xfe, 0x3, "f327e882c76d88e8775fea15e5caf893c0087bca7c032a7abf2a07d777fb2a3015335f44346bc2181cf9b2eeac704470a48a8ce3046d1c1a2650d9c29594296aaa45c95a0ba4291859b0cd8e54779bb96b8d01f8ed365a65ed90fea843d251545fbe843fa0fea843ffb499145cd5d98da672ed29767e550d91bc9f2f4464ae4bed59c49ddf90e0b4b25935f6bad6b65791991baefb72f9181c71f85aa84d66af659a74edfdb84b233bd04043779182ba23eaeb770fefc1d5805daa4f8b5cecc9b0309ec973f5bc8257c264e0456c99af171cc2bd3a34c026f807a84b6ef07dba005ffad7afbfb716597c01493c22a8b6aa8a0fec2beb7d3e5238b131"}}, {0x4, &(0x7f0000000680)=@lang_id={0x4, 0x3, 0x411}}]})

1.422505228s ago: executing program 3 (id=2058):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0xff2e)
ioctl$TCXONC(r1, 0x540a, 0x2)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff0000/0xd000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fec000/0x14000)=nil, &(0x7f0000ff1000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffe000/0x1000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r2 = io_uring_setup(0x1c79, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x8, 0xc1})
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x17, 0x3, 0x0, 0x0, 0x8000000, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
io_uring_enter(r2, 0x2219, 0x7721, 0x16, 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100))
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'tunl0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=@newqdisc={0x34, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x2, {0x0, 0x0, 0x0, r3, {0x0, 0x4}, {0xffff, 0xffff}, {0x16, 0xa}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r5 = openat$cgroup_freezer_state(r4, &(0x7f0000000140), 0x2, 0x0)
write$cgroup_freezer_state(r5, &(0x7f0000000040)='FROZEN\x00', 0x7)

1.413613524s ago: executing program 2 (id=2059):
r0 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0xfffffffd, @empty}, 0x1c)
r1 = dup(r0)
r2 = open(&(0x7f00000000c0)='./file0\x00', 0x1298c2, 0x0)
ftruncate(r2, 0x200004)
sendfile(r1, r2, 0x0, 0x80001d00c0d1)

1.236191682s ago: executing program 4 (id=2060):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x4, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000800000000000000000000000850000009b000000850000007d000000"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0xfca804a0, 0xe, 0x0, &(0x7f0000000480)="b8200905601700108acd07d1786d", 0x0, 0xa00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

1.200269556s ago: executing program 2 (id=2061):
r0 = socket(0x2c, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="110000000400000004000000ff"], 0x17)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000340)={r1, &(0x7f0000000040), &(0x7f0000000080)=@udp=r0}, 0x20)
syz_usb_connect(0x3, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000fdc01a40f30c74933bbc0000000109021b0001000000000904000001a7a00f000905", @ANYRESDEC], 0x0)

400.238609ms ago: executing program 2 (id=2062):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
getsockopt(r0, 0xff, 0xd608, 0x0, &(0x7f0000000000))
unshare(0x20040400)
r1 = socket$can_raw(0x1d, 0x3, 0x1)
getsockopt$CAN_RAW_FILTER(r1, 0x65, 0x1, 0x0, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000140)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x2000001, 0x12, 0xffffffffffffffff, 0x0)
r2 = socket(0x10, 0x3, 0x4)
sendmsg$nl_route_sched(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000002c0)=@newqdisc={0x68, 0x14, 0xf0b, 0xfffffffe, 0x0, {0x2, 0x0, 0x0, 0x0, {0x0, 0xb}, {0xfff1, 0x5}, {0xe, 0xd}}, [@TCA_STAB={0x44, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x2, 0x0, 0x0, 0x1ffe, 0x0, 0x1d64765e, 0x8}}, {0x4}}, {{0x1c, 0x1, {0xd, 0x4, 0xc, 0x2000800, 0x1, 0x0, 0xfffffffc}}, {0x4}}]}]}, 0x68}}, 0x8000)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
fcntl$lock(r3, 0x6, &(0x7f0000000000)={0x0, 0x0, 0x7})
fcntl$lock(r3, 0x26, &(0x7f0000000280)={0x1, 0x0, 0x9, 0x9})
fcntl$lock(r3, 0x7, &(0x7f0000000140)={0x1, 0x1, 0x7, 0x5})
fcntl$lock(r3, 0x7, &(0x7f00000000c0)={0x2, 0x2, 0x8, 0x73e9})
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r3, 0x4010640d, &(0x7f0000000080)={0x14})
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, &(0x7f0000000040)=[@mss={0x2, 0x2}, @mss={0x2, 0x6}, @timestamp], 0x3)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = syz_open_procfs(0x0, &(0x7f0000000180)='oom_adj\x00')
writev(r5, &(0x7f00000000c0)=[{&(0x7f0000000140)='1', 0x1}], 0x1)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000580)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a20000000000a01040000000000000000010080030900010073797a30000000002c000000030a01010000000000000000010000000900010073797a30000000000900030073797a310000000070000000060a010400000000000000000100000008000b400000000048000480440001800b000100657874686472000034000280080001400000000c080003400000000008000440000000220500020007000000080006400000000308000540000000000900010073797a300000000020000000030a010300000000000000000a0000020900030073797a300000000044010000080a01080000000000000000010000073a00074032e97608c07b8f34d704cc507d07a8d4c429672a9b6841e516ce194f03354b3c46a930469ce36ee8391a02352a70d543c633dc17a9d300007900074012119f33dbd27dbba871f33b8206fc0a59dac6df96baf86f3deffa20b8a2b13fa2fbc917a33ad4b9dc903553ff1e7533cd9d1e3f6a3248b10a63552977fab38d9ad7409cbd223b094a0bb6f0884c8839890d122f9b9963668c97749b2304852a8d461ccc39dc307f41ac41688a4f2d64a916dc532d00000008000a40000000000900010073797a30000000000900020073797a31000000002c00058008000140000086dd080001400000002c080001400000001608000140000000736afd014000008100080009"], 0x248}}, 0x0)

224.085731ms ago: executing program 2 (id=2063):
socket$inet(0x2, 0x4000000000000001, 0x0)
r0 = userfaultfd(0x1)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000080)={0xaa, 0x79})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000cea000/0x1000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000257000/0x3000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
r1 = io_uring_setup(0x64a, &(0x7f0000000040)={0x0, 0x8835c, 0xc000, 0x20000a, 0x33c})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000093c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@deltfilter={0x24, 0x2d, 0x8, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x1}, {0x3}, {0xe, 0xe}}}, 0x24}, 0x1, 0x0, 0x0, 0x40005}, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3, &(0x7f0000000000)=0x6, 0x4)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
io_uring_enter(r1, 0x2219, 0x7721, 0x16, 0x0, 0x0)
syz_kvm_setup_syzos_vm$x86(0xffffffffffffffff, &(0x7f00008e5000/0x400000)=nil)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0xfdffa000)
ioctl$sock_inet_SIOCDARP(0xffffffffffffffff, 0x8955, 0x0)
r3 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r3, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4)
setsockopt$packet_rx_ring(r3, 0x107, 0x5, &(0x7f0000000140)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x7ff, 0xf83, 0x4}, 0x1c)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=@delchain={0x24, 0x65, 0x400, 0x70bd29, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x509d884560ba1ba6, 0x3}, {}, {0x8, 0x10}}}, 0x24}}, 0x10)
sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f0000004bc0)={0x0, 0x0, &(0x7f0000004b80)={&(0x7f0000000100)=ANY=[@ANYBLOB="60b80000", @ANYRES16, @ANYBLOB="050427bd7000fedbdf250100000008000100", @ANYRES32, @ANYBLOB="4400028040000100240001006d6f6465000000000000000000000000000000000000000000000000000000000500030005"], 0x60}, 0x1, 0x0, 0x0, 0x4000401}, 0x4040084)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=@newqdisc={0x44, 0x24, 0x4, 0xc0000000, 0x0, {0x0, 0x0, 0x0, 0x0, {0x3, 0x3}, {0xa, 0xe}, {0x0, 0x9}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0x14, 0x8002, [@TCA_FQ_PIE_FLOWS={0x8, 0x2, 0xe7e7}, @TCA_FQ_PIE_TARGET={0x8, 0x3, 0x8}]}}]}, 0x44}}, 0x20004015)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
sendmmsg(0xffffffffffffffff, &(0x7f00000002c0), 0x40000000000009f, 0x0)

223.538943ms ago: executing program 4 (id=2064):
socket$inet(0x2, 0x4000000000000001, 0x0)
r0 = userfaultfd(0x1)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000080)={0xaa, 0x79})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000cea000/0x1000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000257000/0x3000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
r1 = io_uring_setup(0x64a, &(0x7f0000000040)={0x0, 0x8835c, 0xc000, 0x20000a, 0x33c})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000093c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@deltfilter={0x24, 0x2d, 0x8, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x1}, {0x3}, {0xe, 0xe}}}, 0x24}, 0x1, 0x0, 0x0, 0x40005}, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3, &(0x7f0000000000)=0x6, 0x4)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
io_uring_enter(r1, 0x2219, 0x7721, 0x16, 0x0, 0x0)
syz_kvm_setup_syzos_vm$x86(0xffffffffffffffff, &(0x7f00008e5000/0x400000)=nil)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0xfdffa000)
ioctl$sock_inet_SIOCDARP(0xffffffffffffffff, 0x8955, 0x0)
r3 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r3, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4)
setsockopt$packet_rx_ring(r3, 0x107, 0x5, &(0x7f0000000140)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x7ff, 0xf83, 0x4}, 0x1c)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=@delchain={0x24, 0x65, 0x400, 0x70bd29, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x509d884560ba1ba6, 0x3}, {}, {0x8, 0x10}}}, 0x24}}, 0x10)
sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f0000004bc0)={0x0, 0x0, &(0x7f0000004b80)={&(0x7f0000000100)=ANY=[@ANYBLOB="60b80000", @ANYRES16, @ANYBLOB="050427bd7000fedbdf250100000008000100", @ANYRES32, @ANYBLOB="4400028040000100240001006d6f6465000000000000000000000000000000000000000000000000000000000500030005"], 0x60}, 0x1, 0x0, 0x0, 0x4000401}, 0x4040084)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=@newqdisc={0x44, 0x24, 0x4, 0xc0000000, 0x0, {0x0, 0x0, 0x0, 0x0, {0x3, 0x3}, {0xa, 0xe}, {0x0, 0x9}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0x14, 0x8002, [@TCA_FQ_PIE_FLOWS={0x8, 0x2, 0xe7e7}, @TCA_FQ_PIE_TARGET={0x8, 0x3, 0x8}]}}]}, 0x44}}, 0x20004015)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
socket$netlink(0x10, 0x3, 0x0)

188.215932ms ago: executing program 3 (id=2065):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = memfd_create(&(0x7f0000000180)='\xf3e\t\x9f\x918\xc0y\x01c\x1fnux\x00sV\ad\xb0l \xfd\xd7\x8e\x7f\x89\xb8\xc5;~\x7f\x00~K\xfbP\x84=\xfa\x81\f\x1et\x10\x0e\xcf^9\xbe\\', 0x1)
pwrite64(r2, &(0x7f00000008c0)='/', 0x1, 0x0)
lseek(r2, 0x0, 0x4)
sendfile(r2, r2, &(0x7f00000001c0), 0x7fa)

124.33589ms ago: executing program 2 (id=2066):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x40102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2f)
mkdir(&(0x7f0000000300)='./file0\x00', 0xfffffffffffffffe)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file2\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f00000000c0)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpu.stat\x00', 0x275a, 0x0)
r2 = socket$inet_icmp(0x2, 0x2, 0x1)
setsockopt$inet_mreqn(r2, 0x0, 0x20, 0x0, 0x31)
pwritev2(r1, &(0x7f00000005c0)=[{&(0x7f0000000180)="c897", 0x2}], 0x1, 0x2e, 0x4, 0x0)

0s ago: executing program 2 (id=2067):
mount$tmpfs(0x0, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='mpol=local='])
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/ip6_tables_names\x00')
r2 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x0, 0x0)
r4 = openat$cgroup_subtree(r3, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_subtree(r4, &(0x7f00000000c0)=ANY=[@ANYBLOB='+'], 0x8) (async)
write$cgroup_subtree(r4, &(0x7f00000000c0)=ANY=[@ANYBLOB='+'], 0x8)
syz_usb_connect(0x0, 0x5a, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000ec13b2106d04f308280b0102030109024800010000000009046900000e0100002b4101", @ANYRESHEX=0x0, @ANYRES64=r1], 0x0)
getsockopt$inet6_int(r1, 0x29, 0x17, &(0x7f00000001c0), &(0x7f0000000200)=0x4) (async)
getsockopt$inet6_int(r1, 0x29, 0x17, &(0x7f00000001c0), &(0x7f0000000200)=0x4)
sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000b40)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000120a09000000000000000000020000000900020073797a31000000000800034000000001140000001100010000000000e3818dde0000000a"], 0x50}}, 0x0) (async)
sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000b40)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000120a09000000000000000000020000000900020073797a31000000000800034000000001140000001100010000000000e3818dde0000000a"], 0x50}}, 0x0)
r5 = fsopen(&(0x7f0000000340)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f00000003c0)='\xcfD\xc4\xbf\x95@q\xf0\x0f \x02\xa8\xff\xa7\xfdi\xa7\xd6j\'$\x1d\x14\xb7!\x8b\x84=r \xe34\xdb\x84\x00\xe7\xc9L\a\xfds1n@\x1e\x99\xcah\x85\xb8\xbeSAk\xf4\xb6 \xdf\xa0P\x18\x19\xae\x8c\x9a\x19mm\r<|\xe8\x9e\xa0x\x84p2\xf9\xe2\xed\xb0\r\x7f;\xf6J18G\x83\xe9]\xf4\x96\xbc\x9e\xfcG\xb5\x1b', &(0x7f0000000a80)='t+\xdb\xaaU\x8e\xd6\x9b\xaa\xe0\xc0\x00r\xa1\xf7\x12\xfb\xed\r\f:\xef\xff\xa7x mT\x14\xafZ\xfa\xb5\xe5\x04\x03\'7\xa9\xf8\xb1O0\x05\xee\xc5\x81\xfd\xa5\xa3\xfe\x81\x06\x00>\xcdF8\xd2x\xb4\x05\x10\x0e\xc2\x85\xfe\xd8b=\xf8q\xa96{\xf49\x88\xb1\xcb\x8cn\n.\xd0;7\xeb\xc5\xd8\x13\xfe\x13\x1a\x01\xa3nK3\xc2p\xb5\n\x0fU6\xc9\xc4\x1f`\x8a\xd6\xf1*~\fD\x8e\"\x1c\xa4\x19J3\xac5.E\xe8\x97K\x82Y\n\x0f\x15\xd7\xb0\xaf-\x89\xcc\xdb>\xd4\xa9F=\x7f\xd5`|MG\xf6FfJ\xcc\xa9(\xea\xb8\x82tXW\xeb\xbd\f/\xbd\x95\x01a\x86G\xbf$\xe3\xd7\x15\x8b\x84\xc4\xc0\xe4;\xcc\xda\xd0+\xc3\x1e\xc7\x12\x14\x95\xcf\x1d\x1a\xa0st\xd9^\x95\xbd\x14\x1e\xa5\xb7+\xa2\xd1\x7f\xae=\x96F\xb8\x94\xfd\xd5\xfdQ\xca\x17\n\x96\t\x1e\x8b%\x82)$\xb6\xca\xbe\x03\xd8\xc5\xde\x05\x81 \xcc\xa5\xb0Z\xfb\xae\xa5\x9b.\x88\x97\xbf\x0e\xa1\x86\x8a\xbb\xd2\x7f\xc5p\xc0vI\x80\f\x871C\xda .\xdc\xf7\xef\x1a\xdc\x97Y-\x04\xc0\xc7\xd3\xa8\xf6yy)\x15FK\xaa\xc4\xd5B\x90\xfe\xd6\xf0\xd6<\a\x91\x10\xf4\x8cl:\x90\x8fHt\x9e\xbb\x91!\x1a\xe7\x8ck\x8dE\xe9\xdcH\x16jK\xb57\x88\xebsvJ\xf1o\x9eC\xd9\x95E\x9aX%\x8a\xe1W\x7f\x1c\x0e\x86f\x93\aN\x02\"//\x14@8lYL\xc09\xc0Gu\xe7\x02\x9b]\xac\xa6!\x96\x91+>Z', 0x0)
ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f00000004c0)={0x0, 0x0, 0x3, 0x0, '\x00', [{0x4, 0x8, 0x1, 0x1, 0x9, 0x3}, {0x7, 0x8, 0x1, 0xfffffffffffffffa, 0x0, 0x610000000}], ['\x00', '\x00', '\x00']})
readv(r5, &(0x7f0000000480)=[{&(0x7f0000002800)=""/4104, 0x1008}], 0x1) (async)
readv(r5, &(0x7f0000000480)=[{&(0x7f0000002800)=""/4104, 0x1008}], 0x1)
mmap(&(0x7f00002d4000/0x4000)=nil, 0x4000, 0x200000e, 0x8031, 0xffffffffffffffff, 0x0) (async)
mmap(&(0x7f00002d4000/0x4000)=nil, 0x4000, 0x200000e, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60005f, 0x67)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) (async)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2b, 0x0, 0x0, 0x0}, 0x94) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2b, 0x0, 0x0, 0x0}, 0x94)
r7 = socket$kcm(0xa, 0x1, 0x0)
r8 = socket$kcm(0xa, 0x5, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0000000000e80400"/20, @ANYRES32=r7], 0x48)
ioctl$sock_kcm_SIOCKCMCLONE(r8, 0x8916, 0x0) (async)
ioctl$sock_kcm_SIOCKCMCLONE(r8, 0x8916, 0x0)
socket$kcm(0xa, 0x5, 0x0) (async)
r9 = socket$kcm(0xa, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r8, 0x8916, &(0x7f0000000000)={r9})
ioctl$sock_kcm_SIOCKCMCLONE(r7, 0x8936, &(0x7f0000000000)={r9})
setxattr$trusted_overlay_opaque(&(0x7f00000000c0)='./cgroup\x00', &(0x7f0000000140), &(0x7f0000000180), 0x2, 0x2)

kernel console output (not intermixed with test programs):

 UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  336.090056][ T9713] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  336.101350][ T9713] netlink: 52 bytes leftover after parsing attributes in process `syz.3.1339'.
[  336.357165][ T5990] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  336.357217][ T5990] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  336.357245][ T5990] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  336.357268][ T5990] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  336.358923][ T5990] usb 6-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  336.358951][ T5990] usb 6-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  336.358973][ T5990] usb 6-1: Manufacturer: syz
[  336.383560][ T9713] bridge0: port 2(bridge_slave_1) entered disabled state
[  336.386338][ T9713] bridge0: port 1(bridge_slave_0) entered disabled state
[  336.421356][ T9716] netlink: 'syz.0.1341': attribute type 10 has an invalid length.
[  336.426641][ T9717] netlink: 'syz.0.1341': attribute type 10 has an invalid length.
[  336.427597][ T9716] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1341'.
[  336.488504][ T5990] usb 6-1: config 0 descriptor??
[  336.913585][ T5990] hid_parser_main: 5 callbacks suppressed
[  336.913610][ T5990] appleir 0003:05AC:8243.0005: unknown main item tag 0x0
[  336.998868][ T5990] appleir 0003:05AC:8243.0005: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.5-1/input0
[  337.195165][ T9744] FAULT_INJECTION: forcing a failure.
[  337.195165][ T9744] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  337.195202][ T9744] CPU: 0 UID: 0 PID: 9744 Comm: syz.3.1354 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  337.195227][ T9744] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  337.195240][ T9744] Call Trace:
[  337.195249][ T9744]  <TASK>
[  337.195258][ T9744]  dump_stack_lvl+0xe8/0x150
[  337.195299][ T9744]  should_fail_ex+0x46b/0x600
[  337.195336][ T9744]  _copy_to_user+0x31/0xb0
[  337.195360][ T9744]  simple_read_from_buffer+0xe1/0x170
[  337.195396][ T9744]  proc_fail_nth_read+0x1be/0x230
[  337.195427][ T9744]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  337.195460][ T9744]  ? rw_verify_area+0x2ac/0x4e0
[  337.195502][ T9744]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  337.195533][ T9744]  vfs_read+0x212/0xa80
[  337.195576][ T9744]  ? __pfx_vfs_read+0x10/0x10
[  337.195613][ T9744]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  337.195639][ T9744]  ? lockdep_hardirqs_on+0x7a/0x110
[  337.195664][ T9744]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  337.195689][ T9744]  ? mutex_lock_nested+0x152/0x1d0
[  337.195718][ T9744]  ? fdget_pos+0x252/0x320
[  337.195758][ T9744]  ksys_read+0x156/0x270
[  337.195796][ T9744]  ? __pfx_ksys_read+0x10/0x10
[  337.195835][ T9744]  ? __secure_computing+0xe1/0x2a0
[  337.195873][ T9744]  do_syscall_64+0x14d/0xf80
[  337.195896][ T9744]  ? trace_irq_disable+0x3b/0x150
[  337.195921][ T9744]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  337.195943][ T9744]  ? clear_bhb_loop+0x40/0x90
[  337.195971][ T9744]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  337.195994][ T9744] RIP: 0033:0x7f6e3417d04e
[  337.196015][ T9744] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  337.196035][ T9744] RSP: 002b:00007f6e3240dfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  337.196058][ T9744] RAX: ffffffffffffffda RBX: 00007f6e3240e6c0 RCX: 00007f6e3417d04e
[  337.196075][ T9744] RDX: 000000000000000f RSI: 00007f6e3240e0a0 RDI: 0000000000000003
[  337.196089][ T9744] RBP: 00007f6e3240e090 R08: 0000000000000000 R09: 0000000000000000
[  337.196103][ T9744] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  337.196115][ T9744] R13: 00007f6e34436038 R14: 00007f6e34435fa0 R15: 00007ffd6c1ed618
[  337.196152][ T9744]  </TASK>
[  337.208791][ T5990] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  337.499434][ T5990] usb 5-1: unable to get BOS descriptor or descriptor too short
[  337.521707][ T5990] usb 5-1: New USB device found, idVendor=2a39, idProduct=3fd2, bcdDevice= 0.40
[  337.521740][ T5990] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  337.521762][ T5990] usb 5-1: Product: syz
[  337.521777][ T5990] usb 5-1: Manufacturer: syz
[  337.521793][ T5990] usb 5-1: SerialNumber: syz
[  338.057333][ T9766] kvm: pic: non byte read
[  338.058261][ T9766] kvm: pic: non byte read
[  338.069767][ T9766] kvm: pic: non byte read
[  338.071138][ T9766] kvm: pic: non byte read
[  338.071952][ T9766] kvm: pic: non byte read
[  338.073757][ T9766] kvm: pic: non byte read
[  338.074451][ T9766] kvm: pic: non byte read
[  338.075746][ T9766] kvm: pic: non byte read
[  338.077146][ T9766] kvm: pic: non byte read
[  338.077236][ T9766] kvm: pic: non byte read
[  338.383110][ T5975] usb 6-1: reset high-speed USB device number 26 using dummy_hcd
[  340.005612][ T9760] block nbd4: shutting down sockets
[  340.016263][ T9801] netlink: 'syz.5.1377': attribute type 4 has an invalid length.
[  340.084288][ T9806] netlink: 'syz.5.1377': attribute type 4 has an invalid length.
[  340.086408][ T5990] usb 5-1: unit 4 not found!
[  340.086433][ T5990] usb 5-1: unit 5 not found!
[  340.259162][ T9807] FAULT_INJECTION: forcing a failure.
[  340.259162][ T9807] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  340.259201][ T9807] CPU: 1 UID: 0 PID: 9807 Comm: syz.5.1377 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  340.259226][ T9807] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  340.259240][ T9807] Call Trace:
[  340.259250][ T9807]  <TASK>
[  340.259259][ T9807]  dump_stack_lvl+0xe8/0x150
[  340.259310][ T9807]  should_fail_ex+0x46b/0x600
[  340.259354][ T9807]  _copy_from_user+0x2d/0xb0
[  340.259400][ T9807]  copy_from_sockptr+0x5e/0x90
[  340.259426][ T9807]  memdup_sockptr_noprof+0x44/0x90
[  340.259470][ T9807]  do_ip_setsockopt+0x2041/0x2ea0
[  340.259509][ T9807]  ? __pfx_do_ip_setsockopt+0x10/0x10
[  340.259533][ T9807]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  340.259565][ T9807]  ? lockdep_hardirqs_on+0x7a/0x110
[  340.259606][ T9807]  ? __fget_files+0x2a/0x420
[  340.259642][ T9807]  ip_setsockopt+0x66/0x110
[  340.259663][ T9807]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  340.259700][ T9807]  do_sock_setsockopt+0x17c/0x1b0
[  340.259730][ T9807]  __x64_sys_setsockopt+0x143/0x1b0
[  340.259761][ T9807]  do_syscall_64+0x14d/0xf80
[  340.259784][ T9807]  ? trace_irq_disable+0x3b/0x150
[  340.259812][ T9807]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  340.259844][ T9807]  ? clear_bhb_loop+0x40/0x90
[  340.259874][ T9807]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  340.259903][ T9807] RIP: 0033:0x7f10b171c819
[  340.259924][ T9807] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  340.259945][ T9807] RSP: 002b:00007f10af92c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  340.259970][ T9807] RAX: ffffffffffffffda RBX: 00007f10b1996180 RCX: 00007f10b171c819
[  340.260000][ T9807] RDX: 0000000000000029 RSI: 0000000000000000 RDI: 0000000000000003
[  340.260014][ T9807] RBP: 00007f10af92c090 R08: 0000000000000010 R09: 0000000000000000
[  340.260028][ T9807] R10: 0000200000000040 R11: 0000000000000246 R12: 0000000000000001
[  340.260043][ T9807] R13: 00007f10b1996218 R14: 00007f10b1996180 R15: 00007ffd1ad0f478
[  340.260086][ T9807]  </TASK>
[  340.485590][ T5990] usb 5-1: USB disconnect, device number 15
[  340.514756][  T809] usb 6-1: USB disconnect, device number 26
[  340.715884][ T6373] udevd[6373]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  343.582174][ T9837] syzkaller1: entered promiscuous mode
[  343.582203][ T9837] syzkaller1: entered allmulticast mode
[  344.116749][ T9865] FAULT_INJECTION: forcing a failure.
[  344.116749][ T9865] name failslab, interval 1, probability 0, space 0, times 0
[  344.116787][ T9865] CPU: 0 UID: 0 PID: 9865 Comm: syz.2.1398 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  344.116811][ T9865] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  344.116825][ T9865] Call Trace:
[  344.116833][ T9865]  <TASK>
[  344.116843][ T9865]  dump_stack_lvl+0xe8/0x150
[  344.116906][ T9865]  should_fail_ex+0x46b/0x600
[  344.116943][ T9865]  should_failslab+0xa8/0x100
[  344.116968][ T9865]  __kmalloc_noprof+0xdf/0x7b0
[  344.116988][ T9865]  ? __kmalloc_cache_noprof+0x3a6/0x690
[  344.117009][ T9865]  ? alloc_pipe_info+0x1fc/0x4d0
[  344.117029][ T9865]  ? alloc_pipe_info+0xe8/0x4d0
[  344.117055][ T9865]  alloc_pipe_info+0x1fc/0x4d0
[  344.117080][ T9865]  splice_direct_to_actor+0xa19/0xc80
[  344.117123][ T9865]  ? __pfx_direct_splice_actor+0x10/0x10
[  344.117155][ T9865]  ? get_pid_task+0x20/0x1f0
[  344.117182][ T9865]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  344.117212][ T9865]  ? __lock_acquire+0x6b5/0x2cf0
[  344.117243][ T9865]  do_splice_direct+0x19b/0x2a0
[  344.117282][ T9865]  ? __pfx_do_splice_direct+0x10/0x10
[  344.117313][ T9865]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  344.117351][ T9865]  ? rw_verify_area+0x25b/0x4e0
[  344.117389][ T9865]  do_sendfile+0x547/0x7e0
[  344.117416][ T9865]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  344.117453][ T9865]  ? __pfx_do_sendfile+0x10/0x10
[  344.117493][ T9865]  __se_sys_sendfile64+0x144/0x1a0
[  344.117520][ T9865]  ? __pfx___se_sys_sendfile64+0x10/0x10
[  344.117559][ T9865]  do_syscall_64+0x14d/0xf80
[  344.117582][ T9865]  ? trace_irq_disable+0x3b/0x150
[  344.117610][ T9865]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  344.117634][ T9865]  ? clear_bhb_loop+0x40/0x90
[  344.117662][ T9865]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  344.117685][ T9865] RIP: 0033:0x7f7bfe6ac819
[  344.117706][ T9865] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  344.117726][ T9865] RSP: 002b:00007f7bfc8fe028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  344.117750][ T9865] RAX: ffffffffffffffda RBX: 00007f7bfe925fa0 RCX: 00007f7bfe6ac819
[  344.117766][ T9865] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  344.117778][ T9865] RBP: 00007f7bfc8fe090 R08: 0000000000000000 R09: 0000000000000000
[  344.117793][ T9865] R10: 7fffffffffffffff R11: 0000000000000246 R12: 0000000000000001
[  344.117807][ T9865] R13: 00007f7bfe926038 R14: 00007f7bfe925fa0 R15: 00007ffeb6fcd368
[  344.117842][ T9865]  </TASK>
[  344.949153][ T9887] kthread_run failed with err -4
[  345.119773][ T9894] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[  345.120976][ T9894] bond0: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  345.316706][    T9] usb 3-1: new full-speed USB device number 25 using dummy_hcd
[  346.488434][ T9903] FAULT_INJECTION: forcing a failure.
[  346.488434][ T9903] name failslab, interval 1, probability 0, space 0, times 0
[  346.488470][ T9903] CPU: 0 UID: 0 PID: 9903 Comm: syz.0.1413 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  346.488495][ T9903] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  346.488508][ T9903] Call Trace:
[  346.488516][ T9903]  <TASK>
[  346.488525][ T9903]  dump_stack_lvl+0xe8/0x150
[  346.488564][ T9903]  should_fail_ex+0x46b/0x600
[  346.488601][ T9903]  should_failslab+0xa8/0x100
[  346.488630][ T9903]  __kmalloc_noprof+0xdf/0x7b0
[  346.488652][ T9903]  ? tomoyo_encode+0x28b/0x550
[  346.488685][ T9903]  tomoyo_encode+0x28b/0x550
[  346.488717][ T9903]  tomoyo_realpath_from_path+0x58d/0x5d0
[  346.488756][ T9903]  ? tomoyo_path_number_perm+0x219/0x630
[  346.488779][ T9903]  tomoyo_path_number_perm+0x246/0x630
[  346.488803][ T9903]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  346.488831][ T9903]  ? __lock_acquire+0x6b5/0x2cf0
[  346.488890][ T9903]  ? __fget_files+0x2a/0x420
[  346.488923][ T9903]  ? __fget_files+0x2a/0x420
[  346.488952][ T9903]  ? __fget_files+0x3a6/0x420
[  346.488981][ T9903]  ? __fget_files+0x2a/0x420
[  346.489016][ T9903]  security_file_ioctl+0xc3/0x2a0
[  346.489044][ T9903]  __se_sys_ioctl+0x47/0x170
[  346.489070][ T9903]  do_syscall_64+0x14d/0xf80
[  346.489101][ T9903]  ? trace_irq_disable+0x3b/0x150
[  346.489129][ T9903]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  346.489152][ T9903]  ? clear_bhb_loop+0x40/0x90
[  346.489180][ T9903]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  346.489203][ T9903] RIP: 0033:0x7f7e78c5c819
[  346.489224][ T9903] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  346.489243][ T9903] RSP: 002b:00007f7e76eae028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  346.489265][ T9903] RAX: ffffffffffffffda RBX: 00007f7e78ed5fa0 RCX: 00007f7e78c5c819
[  346.489280][ T9903] RDX: 0000000000000000 RSI: 000000004048aecb RDI: 0000000000000005
[  346.489293][ T9903] RBP: 00007f7e76eae090 R08: 0000000000000000 R09: 0000000000000000
[  346.489306][ T9903] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  346.489318][ T9903] R13: 00007f7e78ed6038 R14: 00007f7e78ed5fa0 R15: 00007fff9606ed88
[  346.489352][ T9903]  </TASK>
[  346.500106][ T9903] ERROR: Out of memory at tomoyo_realpath_from_path.
[  346.622845][    T9] usb 3-1: config 0 has an invalid interface number: 2 but max is 0
[  346.622875][    T9] usb 3-1: config 0 has no interface number 0
[  346.622922][    T9] usb 3-1: config 0 interface 2 altsetting 2 endpoint 0x6 has invalid maxpacket 512, setting to 64
[  346.622952][    T9] usb 3-1: config 0 interface 2 altsetting 2 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  346.622979][    T9] usb 3-1: config 0 interface 2 altsetting 2 endpoint 0x82 has invalid maxpacket 192, setting to 64
[  346.623007][    T9] usb 3-1: config 0 interface 2 has no altsetting 0
[  346.627855][    T9] usb 3-1: New USB device found, idVendor=086a, idProduct=0003, bcdDevice=f0.3f
[  346.627885][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  346.627903][    T9] usb 3-1: Product: syz
[  346.627918][    T9] usb 3-1: Manufacturer: syz
[  346.627933][    T9] usb 3-1: SerialNumber: syz
[  346.835077][    T9] usb 3-1: config 0 descriptor??
[  346.843983][ T9883] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  346.844136][ T9883] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  347.067119][ T9883] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  347.067712][ T9883] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  347.095748][ T9883] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  347.097183][ T9883] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  347.106618][ T9883] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  347.107651][ T9883] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  347.132997][    T9] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  347.510159][ T9917] FAULT_INJECTION: forcing a failure.
[  347.510159][ T9917] name failslab, interval 1, probability 0, space 0, times 0
[  347.510195][ T9917] CPU: 1 UID: 0 PID: 9917 Comm: syz.0.1419 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  347.510219][ T9917] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  347.510233][ T9917] Call Trace:
[  347.510241][ T9917]  <TASK>
[  347.510251][ T9917]  dump_stack_lvl+0xe8/0x150
[  347.510289][ T9917]  should_fail_ex+0x46b/0x600
[  347.510325][ T9917]  should_failslab+0xa8/0x100
[  347.510352][ T9917]  kmem_cache_alloc_noprof+0x87/0x680
[  347.510386][ T9917]  ? do_timer_create+0x24d/0x1170
[  347.510423][ T9917]  do_timer_create+0x24d/0x1170
[  347.510454][ T9917]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  347.510484][ T9917]  ? __pfx_do_timer_create+0x10/0x10
[  347.510507][ T9917]  ? rt_mutex_slowunlock+0x1cb/0x300
[  347.510538][ T9917]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  347.510576][ T9917]  __x64_sys_timer_create+0x14c/0x1c0
[  347.510614][ T9917]  ? __pfx___x64_sys_timer_create+0x10/0x10
[  347.510649][ T9917]  ? ksys_write+0x248/0x270
[  347.510685][ T9917]  ? __pfx_ksys_write+0x10/0x10
[  347.510731][ T9917]  do_syscall_64+0x14d/0xf80
[  347.510753][ T9917]  ? trace_irq_disable+0x3b/0x150
[  347.510780][ T9917]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  347.510808][ T9917]  ? clear_bhb_loop+0x40/0x90
[  347.510836][ T9917]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  347.510859][ T9917] RIP: 0033:0x7f7e78c5c819
[  347.510879][ T9917] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  347.510899][ T9917] RSP: 002b:00007f7e76eae028 EFLAGS: 00000246 ORIG_RAX: 00000000000000de
[  347.510924][ T9917] RAX: ffffffffffffffda RBX: 00007f7e78ed5fa0 RCX: 00007f7e78c5c819
[  347.510941][ T9917] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  347.510954][ T9917] RBP: 00007f7e76eae090 R08: 0000000000000000 R09: 0000000000000000
[  347.510969][ T9917] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  347.510982][ T9917] R13: 00007f7e78ed6038 R14: 00007f7e78ed5fa0 R15: 00007fff9606ed88
[  347.511017][ T9917]  </TASK>
[  347.881190][ T5990] usb 3-1: USB disconnect, device number 25
[  349.701269][ T9967] FAULT_INJECTION: forcing a failure.
[  349.701269][ T9967] name failslab, interval 1, probability 0, space 0, times 0
[  349.701305][ T9967] CPU: 1 UID: 0 PID: 9967 Comm: syz.5.1435 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  349.701330][ T9967] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  349.701344][ T9967] Call Trace:
[  349.701353][ T9967]  <TASK>
[  349.701363][ T9967]  dump_stack_lvl+0xe8/0x150
[  349.701401][ T9967]  should_fail_ex+0x46b/0x600
[  349.701438][ T9967]  should_failslab+0xa8/0x100
[  349.701463][ T9967]  __kmalloc_noprof+0xdf/0x7b0
[  349.701483][ T9967]  ? __kmalloc_cache_noprof+0x3a6/0x690
[  349.701506][ T9967]  ? alloc_pipe_info+0x1fc/0x4d0
[  349.701526][ T9967]  ? alloc_pipe_info+0xe8/0x4d0
[  349.701552][ T9967]  alloc_pipe_info+0x1fc/0x4d0
[  349.701578][ T9967]  splice_direct_to_actor+0xa19/0xc80
[  349.701620][ T9967]  ? __pfx_direct_splice_actor+0x10/0x10
[  349.701652][ T9967]  ? get_pid_task+0x20/0x1f0
[  349.701680][ T9967]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  349.701716][ T9967]  ? __lock_acquire+0x6b5/0x2cf0
[  349.701748][ T9967]  do_splice_direct+0x19b/0x2a0
[  349.701781][ T9967]  ? __pfx_do_splice_direct+0x10/0x10
[  349.701812][ T9967]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  349.701852][ T9967]  ? rw_verify_area+0x25b/0x4e0
[  349.701891][ T9967]  do_sendfile+0x547/0x7e0
[  349.701917][ T9967]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  349.701950][ T9967]  ? __pfx_do_sendfile+0x10/0x10
[  349.701990][ T9967]  __se_sys_sendfile64+0x144/0x1a0
[  349.702019][ T9967]  ? __pfx___se_sys_sendfile64+0x10/0x10
[  349.702057][ T9967]  do_syscall_64+0x14d/0xf80
[  349.702080][ T9967]  ? trace_irq_disable+0x3b/0x150
[  349.702107][ T9967]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  349.702130][ T9967]  ? clear_bhb_loop+0x40/0x90
[  349.702163][ T9967]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  349.702186][ T9967] RIP: 0033:0x7f10b171c819
[  349.702206][ T9967] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  349.702225][ T9967] RSP: 002b:00007f10af96e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  349.702249][ T9967] RAX: ffffffffffffffda RBX: 00007f10b1995fa0 RCX: 00007f10b171c819
[  349.702265][ T9967] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  349.702278][ T9967] RBP: 00007f10af96e090 R08: 0000000000000000 R09: 0000000000000000
[  349.702292][ T9967] R10: 7fffffffffffffff R11: 0000000000000246 R12: 0000000000000001
[  349.702306][ T9967] R13: 00007f10b1996038 R14: 00007f10b1995fa0 R15: 00007ffd1ad0f478
[  349.702342][ T9967]  </TASK>
[  350.529048][ T9984] EXT4-fs (nbd4): unable to read superblock
[  351.732228][T10020] kvm: kvm [10019]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x187) = 0xffffffbe000068d0
[  351.736246][ T5802] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  351.777866][ T5802] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  351.780565][T10020] kvm_intel: kvm [10019]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x1d9) = 0xffffff6b000030c1
[  351.789985][ T5802] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  351.792937][ T5802] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  351.825029][ T5802] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  351.934084][T10020] kvm: kvm [10019]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x187) = 0xfffffecb00000080
[  352.451010][    C0] vcan0: j1939_tp_rxtimer: 0xffff88802ae49c00: rx timeout, send abort
[  352.454799][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88802ae49c00: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  352.654646][T10040] FAULT_INJECTION: forcing a failure.
[  352.654646][T10040] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  352.654691][T10040] CPU: 0 UID: 0 PID: 10040 Comm: syz.2.1469 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  352.654724][T10040] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  352.654739][T10040] Call Trace:
[  352.654748][T10040]  <TASK>
[  352.654758][T10040]  dump_stack_lvl+0xe8/0x150
[  352.654799][T10040]  should_fail_ex+0x46b/0x600
[  352.654835][T10040]  _copy_to_user+0x31/0xb0
[  352.654861][T10040]  copy_siginfo_to_user+0x22/0xc0
[  352.654897][T10040]  x64_setup_rt_frame+0x77c/0xcb0
[  352.654926][T10040]  ? rt_spin_unlock+0x14f/0x200
[  352.654981][T10040]  ? __pfx_x64_setup_rt_frame+0x10/0x10
[  352.655020][T10040]  arch_do_signal_or_restart+0x429/0x830
[  352.655053][T10040]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  352.655091][T10040]  ? ksys_write+0x248/0x270
[  352.655136][T10040]  exit_to_user_mode_loop+0x86/0x480
[  352.655176][T10040]  ? rcu_is_watching+0x15/0xb0
[  352.655206][T10040]  do_syscall_64+0x32d/0xf80
[  352.655230][T10040]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  352.655254][T10040]  ? clear_bhb_loop+0x40/0x90
[  352.655281][T10040]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  352.655304][T10040] RIP: 0033:0x7f7bfe66d04e
[  352.655325][T10040] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  352.655346][T10040] RSP: 002b:00007f7bfc8fdfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  352.655370][T10040] RAX: 0000000000000001 RBX: 00007f7bfc8fe6c0 RCX: 00007f7bfe66d04e
[  352.655385][T10040] RDX: 0000000000000001 RSI: 00007f7bfc8fe090 RDI: 0000000000000004
[  352.655399][T10040] RBP: 00007f7bfc8fe090 R08: 0000000000000000 R09: 0000000000000000
[  352.655413][T10040] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  352.655426][T10040] R13: 00007f7bfe926038 R14: 00007f7bfe925fa0 R15: 00007ffeb6fcd368
[  352.655461][T10040]  </TASK>
[  354.011243][T10049] loop8: detected capacity change from 0 to 7
[  354.059079][T10049] Dev loop8: unable to read RDB block 7
[  354.059129][T10049]  loop8: AHDI p1 p2
[  354.059166][T10049] loop8: partition table partially beyond EOD, truncated
[  354.059544][T10049] loop8: p1 start 1702000233 is beyond EOD, truncated
[  354.168958][ T5802] Bluetooth: hci5: command tx timeout
[  354.259448][T10053] sg_write: data in/out 491487/123 bytes for SCSI command 0xff-- guessing data in;
[  354.259448][T10053]    program syz.3.1473 not setting count and/or reply_len properly
[  354.676909][T10065] FAULT_INJECTION: forcing a failure.
[  354.676909][T10065] name failslab, interval 1, probability 0, space 0, times 0
[  354.676975][T10065] CPU: 0 UID: 0 PID: 10065 Comm: syz.5.1474 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  354.677000][T10065] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  354.677014][T10065] Call Trace:
[  354.677023][T10065]  <TASK>
[  354.677032][T10065]  dump_stack_lvl+0xe8/0x150
[  354.677071][T10065]  should_fail_ex+0x46b/0x600
[  354.677107][T10065]  should_failslab+0xa8/0x100
[  354.677132][T10065]  __kmalloc_noprof+0xdf/0x7b0
[  354.677155][T10065]  ? tomoyo_encode+0x28b/0x550
[  354.677188][T10065]  tomoyo_encode+0x28b/0x550
[  354.677222][T10065]  tomoyo_realpath_from_path+0x58d/0x5d0
[  354.677262][T10065]  ? tomoyo_path_number_perm+0x219/0x630
[  354.677286][T10065]  tomoyo_path_number_perm+0x246/0x630
[  354.677310][T10065]  ? irqentry_exit+0x59e/0x620
[  354.677342][T10065]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  354.677385][T10065]  ? hook_file_ioctl+0xdc/0x590
[  354.677441][T10065]  ? __fget_files+0x2a/0x420
[  354.677474][T10065]  ? __fget_files+0x2a/0x420
[  354.677503][T10065]  ? __fget_files+0x3a6/0x420
[  354.677532][T10065]  ? __fget_files+0x2a/0x420
[  354.677566][T10065]  security_file_ioctl+0xc3/0x2a0
[  354.677595][T10065]  __se_sys_ioctl+0x47/0x170
[  354.677621][T10065]  do_syscall_64+0x14d/0xf80
[  354.677645][T10065]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  354.677668][T10065]  ? clear_bhb_loop+0x40/0x90
[  354.677696][T10065]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  354.677719][T10065] RIP: 0033:0x7f10b171c819
[  354.677739][T10065] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  354.677759][T10065] RSP: 002b:00007f10af92c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  354.677782][T10065] RAX: ffffffffffffffda RBX: 00007f10b1996180 RCX: 00007f10b171c819
[  354.677798][T10065] RDX: 0000200000001900 RSI: 000000000000541c RDI: 0000000000000005
[  354.677812][T10065] RBP: 00007f10af92c090 R08: 0000000000000000 R09: 0000000000000000
[  354.677825][T10065] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  354.677837][T10065] R13: 00007f10b1996218 R14: 00007f10b1996180 R15: 00007ffd1ad0f478
[  354.677872][T10065]  </TASK>
[  354.678003][T10065] ERROR: Out of memory at tomoyo_realpath_from_path.
[  355.368943][   T10] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[  355.524744][   T10] usb 3-1: Using ep0 maxpacket: 16
[  355.535003][   T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  355.535038][   T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  355.535063][   T10] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  355.535108][   T10] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  355.535133][   T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  355.595290][   T10] usb 3-1: config 0 descriptor??
[  356.313830][ T5802] Bluetooth: hci5: command tx timeout
[  356.359108][T10071] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  356.359714][T10071] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  356.361209][T10066] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  356.368447][T10066] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  357.360714][   T10] usbhid 3-1:0.0: can't add hid device: -71
[  357.364095][   T10] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  357.467913][   T10] usb 3-1: USB disconnect, device number 26
[  358.285947][ T7812] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  358.338846][ T5802] Bluetooth: hci5: command tx timeout
[  359.222863][ T7812] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  360.423338][ T5802] Bluetooth: hci5: command tx timeout
[  360.595190][ T7812] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  361.579736][T10158] binder: BINDER_SET_CONTEXT_MGR already set
[  361.579751][T10158] binder: 10157:10158 ioctl 4018620d 200000004a80 returned -16
[  361.648214][T10158] FAULT_INJECTION: forcing a failure.
[  361.648214][T10158] name failslab, interval 1, probability 0, space 0, times 0
[  361.648249][T10158] CPU: 1 UID: 0 PID: 10158 Comm: syz.3.1498 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  361.648285][T10158] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  361.648298][T10158] Call Trace:
[  361.648307][T10158]  <TASK>
[  361.648316][T10158]  dump_stack_lvl+0xe8/0x150
[  361.648354][T10158]  should_fail_ex+0x46b/0x600
[  361.648390][T10158]  should_failslab+0xa8/0x100
[  361.648424][T10158]  __kmalloc_noprof+0xdf/0x7b0
[  361.648445][T10158]  ? tomoyo_encode+0x28b/0x550
[  361.648480][T10158]  tomoyo_encode+0x28b/0x550
[  361.648515][T10158]  tomoyo_realpath_from_path+0x58d/0x5d0
[  361.648556][T10158]  ? tomoyo_path_number_perm+0x219/0x630
[  361.648580][T10158]  tomoyo_path_number_perm+0x246/0x630
[  361.648612][T10158]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  361.648636][T10158]  ? __lock_acquire+0x6b5/0x2cf0
[  361.648692][T10158]  ? __fget_files+0x2a/0x420
[  361.648724][T10158]  ? __fget_files+0x2a/0x420
[  361.648751][T10158]  ? __fget_files+0x3a6/0x420
[  361.648779][T10158]  ? __fget_files+0x2a/0x420
[  361.648812][T10158]  security_file_ioctl+0xc3/0x2a0
[  361.648839][T10158]  __se_sys_ioctl+0x47/0x170
[  361.648862][T10158]  do_syscall_64+0x14d/0xf80
[  361.648887][T10158]  ? trace_irq_disable+0x3b/0x150
[  361.648913][T10158]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  361.648936][T10158]  ? clear_bhb_loop+0x40/0x90
[  361.648963][T10158]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  361.648986][T10158] RIP: 0033:0x7f6e341bc819
[  361.649007][T10158] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  361.649026][T10158] RSP: 002b:00007f6e3240e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  361.649050][T10158] RAX: ffffffffffffffda RBX: 00007f6e34435fa0 RCX: 00007f6e341bc819
[  361.649066][T10158] RDX: 0000000000000000 RSI: 0000000040046208 RDI: 0000000000000005
[  361.649080][T10158] RBP: 00007f6e3240e090 R08: 0000000000000000 R09: 0000000000000000
[  361.649093][T10158] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  361.649106][T10158] R13: 00007f6e34436038 R14: 00007f6e34435fa0 R15: 00007ffd6c1ed618
[  361.649142][T10158]  </TASK>
[  361.658527][T10158] ERROR: Out of memory at tomoyo_realpath_from_path.
[  361.942043][ T7812] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  362.273369][T10167] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1503'.
[  362.625500][T10027] chnl_net:caif_netlink_parms(): no params data found
[  363.099802][   T36] kauditd_printk_skb: 452 callbacks suppressed
[  363.099823][   T36] audit: type=1326 audit(1774997725.285:810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10185 comm="syz.3.1509" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e341bc819 code=0x7ffc0000
[  363.102057][T10186] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  363.102606][T10186] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  363.102810][   T36] audit: type=1326 audit(1774997725.285:811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10185 comm="syz.3.1509" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f6e3417d04e code=0x7ffc0000
[  363.102861][   T36] audit: type=1326 audit(1774997725.285:812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10185 comm="syz.3.1509" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f6e341bc4ab code=0x7ffc0000
[  363.102909][   T36] audit: type=1326 audit(1774997725.285:813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10185 comm="syz.3.1509" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f6e341bc4ab code=0x7ffc0000
[  363.102957][   T36] audit: type=1326 audit(1774997725.285:814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10185 comm="syz.3.1509" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e341bc819 code=0x7ffc0000
[  363.223126][   T36] audit: type=1326 audit(1774997725.405:815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10185 comm="syz.3.1509" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e341bc819 code=0x7ffc0000
[  363.226079][   T36] audit: type=1326 audit(1774997725.405:816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10185 comm="syz.3.1509" exe="/root/syz-executor" sig=0 arch=c000003e syscall=80 compat=0 ip=0x7f6e341bc819 code=0x7ffc0000
[  363.238010][   T36] audit: type=1326 audit(1774997725.405:817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10185 comm="syz.3.1509" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e341bc819 code=0x7ffc0000
[  363.247014][   T36] audit: type=1326 audit(1774997725.425:818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10185 comm="syz.3.1509" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f6e341bc819 code=0x7ffc0000
[  363.254460][   T36] audit: type=1326 audit(1774997725.425:819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10185 comm="syz.3.1509" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e341bc819 code=0x7ffc0000
[  363.419908][T10186] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  363.420479][T10186] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  363.804684][T10209] ALSA: mixer_oss: invalid OSS volume ''
[  364.037956][T10209] gfs2: gfs2 mount does not exist
[  364.929477][ T7812] bridge_slave_1: left allmulticast mode
[  364.929509][ T7812] bridge_slave_1: left promiscuous mode
[  364.929805][ T7812] bridge0: port 2(bridge_slave_1) entered disabled state
[  365.070433][ T7812] bridge_slave_0: left allmulticast mode
[  365.070467][ T7812] bridge_slave_0: left promiscuous mode
[  365.070745][ T7812] bridge0: port 1(bridge_slave_0) entered disabled state
[  366.149100][T10276] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1527'.
[  366.992507][T10260] netlink: 'syz.3.1524': attribute type 3 has an invalid length.
[  366.992540][T10260] netlink: 504 bytes leftover after parsing attributes in process `syz.3.1524'.
[  366.992574][T10260] netlink: 'syz.3.1524': attribute type 3 has an invalid length.
[  366.992590][T10260] netlink: 504 bytes leftover after parsing attributes in process `syz.3.1524'.
[  367.416410][T10260] (syz.3.1524,10260,0):ocfs2_get_sector:1714 ERROR: status = -5
[  367.416454][T10260] (syz.3.1524,10260,0):ocfs2_sb_probe:753 ERROR: status = -5
[  367.416478][T10260] (syz.3.1524,10260,0):ocfs2_fill_super:989 ERROR: superblock probe failed!
[  367.416500][T10260] (syz.3.1524,10260,0):ocfs2_fill_super:1177 ERROR: status = -5
[  367.698575][ T7812] bond0 (unregistering): left promiscuous mode
[  367.698594][ T7812] bond_slave_0: left promiscuous mode
[  367.721330][ T7812] bond_slave_1: left promiscuous mode
[  367.871820][ T7812] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  368.004984][ T7812] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  368.069773][ T7812] bond0 (unregistering): Released all slaves
[  368.092367][ T7812] bond1 (unregistering): Released all slaves
[  368.453155][T10309] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1539'.
[  368.543869][T10027] bridge0: port 1(bridge_slave_0) entered blocking state
[  368.544000][T10027] bridge0: port 1(bridge_slave_0) entered disabled state
[  368.544239][T10027] bridge_slave_0: entered allmulticast mode
[  368.575072][T10027] bridge_slave_0: entered promiscuous mode
[  368.624810][T10319] kvm: kvm [10318]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x187) = 0xffffffbe000068d0
[  368.645120][T10319] kvm_intel: kvm [10318]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x1d9) = 0xffffff6b000030c1
[  368.666723][T10319] kvm: kvm [10318]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x187) = 0xfffffe8d00000080
[  368.667933][T10319] kvm: kvm [10318]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x11e) = 0xffe900000000
[  368.668016][T10319] kvm: kvm [10318]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0x11e) = 0xbe702111
[  368.869581][T10027] bridge0: port 2(bridge_slave_1) entered blocking state
[  368.869747][T10027] bridge0: port 2(bridge_slave_1) entered disabled state
[  368.869993][T10027] bridge_slave_1: entered allmulticast mode
[  368.876376][T10027] bridge_slave_1: entered promiscuous mode
[  369.719277][T10347] FAULT_INJECTION: forcing a failure.
[  369.719277][T10347] name failslab, interval 1, probability 0, space 0, times 0
[  369.719320][T10347] CPU: 1 UID: 0 PID: 10347 Comm: syz.2.1551 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  369.719339][T10347] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  369.719354][T10347] Call Trace:
[  369.719360][T10347]  <TASK>
[  369.719367][T10347]  dump_stack_lvl+0xe8/0x150
[  369.719397][T10347]  should_fail_ex+0x46b/0x600
[  369.719422][T10347]  should_failslab+0xa8/0x100
[  369.719439][T10347]  __kmalloc_noprof+0xdf/0x7b0
[  369.719459][T10347]  ? tomoyo_encode+0x28b/0x550
[  369.719483][T10347]  tomoyo_encode+0x28b/0x550
[  369.719507][T10347]  tomoyo_realpath_from_path+0x58d/0x5d0
[  369.719536][T10347]  ? tomoyo_path_number_perm+0x219/0x630
[  369.719552][T10347]  tomoyo_path_number_perm+0x246/0x630
[  369.719572][T10347]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  369.719592][T10347]  ? __lock_acquire+0x6b5/0x2cf0
[  369.719632][T10347]  ? __fget_files+0x2a/0x420
[  369.719655][T10347]  ? __fget_files+0x2a/0x420
[  369.719675][T10347]  ? __fget_files+0x3a6/0x420
[  369.719695][T10347]  ? __fget_files+0x2a/0x420
[  369.719718][T10347]  security_file_ioctl+0xc3/0x2a0
[  369.719737][T10347]  __se_sys_ioctl+0x47/0x170
[  369.719755][T10347]  do_syscall_64+0x14d/0xf80
[  369.719772][T10347]  ? trace_irq_disable+0x3b/0x150
[  369.719791][T10347]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  369.719808][T10347]  ? clear_bhb_loop+0x40/0x90
[  369.719828][T10347]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  369.719844][T10347] RIP: 0033:0x7f7bfe6ac819
[  369.719858][T10347] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  369.719873][T10347] RSP: 002b:00007f7bfc8fe028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  369.719890][T10347] RAX: ffffffffffffffda RBX: 00007f7bfe925fa0 RCX: 00007f7bfe6ac819
[  369.719901][T10347] RDX: 0000200000000240 RSI: 0000000040045612 RDI: 0000000000000003
[  369.719912][T10347] RBP: 00007f7bfc8fe090 R08: 0000000000000000 R09: 0000000000000000
[  369.719922][T10347] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  369.719931][T10347] R13: 00007f7bfe926038 R14: 00007f7bfe925fa0 R15: 00007ffeb6fcd368
[  369.719955][T10347]  </TASK>
[  369.720114][T10347] ERROR: Out of memory at tomoyo_realpath_from_path.
[  369.721291][T10347] vimc link validate: Sensor B:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 1:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  370.057490][T10027] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  370.108928][  T808] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  370.114355][T10027] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  370.261113][  T808] usb 5-1: Using ep0 maxpacket: 8
[  370.269165][  T808] usb 5-1: config 1 has an invalid descriptor of length 34, skipping remainder of the config
[  370.269245][  T808] usb 5-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  370.269345][  T808] usb 5-1: config 1 has no interface number 1
[  370.269475][  T808] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  370.269590][  T808] usb 5-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid maxpacket 1064, setting to 1024
[  370.294513][  T808] usb 5-1: New USB device found, idVendor=0582, idProduct=0156, bcdDevice= 0.40
[  370.294585][  T808] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  370.294663][  T808] usb 5-1: Product: syz
[  370.294714][  T808] usb 5-1: Manufacturer: syz
[  370.294769][  T808] usb 5-1: SerialNumber: syz
[  370.792347][T10366] FAULT_INJECTION: forcing a failure.
[  370.792347][T10366] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  370.792384][T10366] CPU: 0 UID: 0 PID: 10366 Comm: syz.2.1557 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  370.792412][T10366] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  370.792423][T10366] Call Trace:
[  370.792429][T10366]  <TASK>
[  370.792437][T10366]  dump_stack_lvl+0xe8/0x150
[  370.792468][T10366]  should_fail_ex+0x46b/0x600
[  370.792496][T10366]  _copy_from_user+0x2d/0xb0
[  370.792513][T10366]  memdup_user+0x5e/0xd0
[  370.792538][T10366]  strndup_user+0x68/0xd0
[  370.792563][T10366]  __se_sys_mount+0x9d/0x420
[  370.792590][T10366]  ? __pfx___se_sys_mount+0x10/0x10
[  370.792617][T10366]  ? __x64_sys_mount+0x20/0xc0
[  370.792641][T10366]  do_syscall_64+0x14d/0xf80
[  370.792660][T10366]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  370.792679][T10366]  ? clear_bhb_loop+0x40/0x90
[  370.792700][T10366]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  370.792718][T10366] RIP: 0033:0x7f7bfe6ac819
[  370.792734][T10366] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  370.792750][T10366] RSP: 002b:00007f7bfc8fe028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  370.792768][T10366] RAX: ffffffffffffffda RBX: 00007f7bfe925fa0 RCX: 00007f7bfe6ac819
[  370.792782][T10366] RDX: 00002000000000c0 RSI: 0000200000000040 RDI: 0000200000000080
[  370.792794][T10366] RBP: 00007f7bfc8fe090 R08: 0000000000000000 R09: 0000000000000000
[  370.792805][T10366] R10: 0000000000a08410 R11: 0000000000000246 R12: 0000000000000001
[  370.792815][T10366] R13: 00007f7bfe926038 R14: 00007f7bfe925fa0 R15: 00007ffeb6fcd368
[  370.792842][T10366]  </TASK>
[  371.106636][T10027] team0: Port device team_slave_0 added
[  371.144033][  T808] usb 5-1: USB disconnect, device number 16
[  371.211165][T10027] team0: Port device team_slave_1 added
[  371.569826][T10027] batman_adv: batadv0: Adding interface: batadv_slave_0
[  371.569844][T10027] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  371.569873][T10027] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  371.875668][ T7812] hsr_slave_0: left promiscuous mode
[  371.947226][ T7812] hsr_slave_1: left promiscuous mode
[  371.948296][ T7812] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  371.948322][ T7812] batman_adv: batadv0: Removing interface: batadv_slave_0
[  371.987872][   T36] kauditd_printk_skb: 49 callbacks suppressed
[  371.987892][   T36] audit: type=1326 audit(1774997734.165:869): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10391 comm="syz.5.1563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10b171c819 code=0x7ffc0000
[  372.010089][   T36] audit: type=1326 audit(1774997734.175:870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10391 comm="syz.5.1563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10b171c819 code=0x7ffc0000
[  372.010258][   T36] audit: type=1326 audit(1774997734.175:871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10391 comm="syz.5.1563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10b171c819 code=0x7ffc0000
[  372.060766][   T36] audit: type=1326 audit(1774997734.235:872): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10391 comm="syz.5.1563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f10b16dd04e code=0x7ffc0000
[  372.063322][   T36] audit: type=1326 audit(1774997734.245:873): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10391 comm="syz.5.1563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f10b171c4ab code=0x7ffc0000
[  372.063375][   T36] audit: type=1326 audit(1774997734.245:874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10391 comm="syz.5.1563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f10b171c4ab code=0x7ffc0000
[  372.135760][ T7812] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  372.135789][ T7812] batman_adv: batadv0: Removing interface: batadv_slave_1
[  372.138411][   T36] audit: type=1326 audit(1774997734.315:875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10391 comm="syz.5.1563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f10b171c4ab code=0x7ffc0000
[  372.138465][   T36] audit: type=1326 audit(1774997734.315:876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10391 comm="syz.5.1563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f10b171c4ab code=0x7ffc0000
[  372.138511][   T36] audit: type=1326 audit(1774997734.315:877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10391 comm="syz.5.1563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10b171c819 code=0x7ffc0000
[  372.219185][T10399] FAULT_INJECTION: forcing a failure.
[  372.219185][T10399] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  372.219220][T10399] CPU: 1 UID: 0 PID: 10399 Comm: syz.3.1565 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  372.219244][T10399] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  372.219257][T10399] Call Trace:
[  372.219266][T10399]  <TASK>
[  372.219274][T10399]  dump_stack_lvl+0xe8/0x150
[  372.219313][T10399]  should_fail_ex+0x46b/0x600
[  372.219349][T10399]  _copy_from_user+0x2d/0xb0
[  372.219371][T10399]  kstrtouint_from_user+0xd6/0x180
[  372.219405][T10399]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  372.219442][T10399]  ? __lock_acquire+0x6b5/0x2cf0
[  372.219475][T10399]  proc_fail_nth_write+0x8e/0x210
[  372.219514][T10399]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  372.219549][T10399]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  372.219581][T10399]  vfs_write+0x2a3/0xba0
[  372.219624][T10399]  ? __pfx_vfs_write+0x10/0x10
[  372.219662][T10399]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  372.219686][T10399]  ? lockdep_hardirqs_on+0x7a/0x110
[  372.219709][T10399]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  372.219732][T10399]  ? mutex_lock_nested+0x152/0x1d0
[  372.219763][T10399]  ? fdget_pos+0x252/0x320
[  372.219799][T10399]  ksys_write+0x156/0x270
[  372.219836][T10399]  ? __pfx_ksys_write+0x10/0x10
[  372.219879][T10399]  do_syscall_64+0x14d/0xf80
[  372.219902][T10399]  ? trace_irq_disable+0x3b/0x150
[  372.219929][T10399]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  372.219952][T10399]  ? clear_bhb_loop+0x40/0x90
[  372.219979][T10399]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  372.220001][T10399] RIP: 0033:0x7f6e3417d04e
[  372.220022][T10399] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  372.220041][T10399] RSP: 002b:00007f6e323cbfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  372.220063][T10399] RAX: ffffffffffffffda RBX: 00007f6e323cc6c0 RCX: 00007f6e3417d04e
[  372.220076][T10399] RDX: 0000000000000001 RSI: 00007f6e323cc0a0 RDI: 0000000000000005
[  372.220088][T10399] RBP: 00007f6e323cc090 R08: 0000000000000000 R09: 0000000000000000
[  372.220099][T10399] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  372.220143][T10399] R13: 00007f6e34436218 R14: 00007f6e34436180 R15: 00007ffd6c1ed618
[  372.220191][T10399]  </TASK>
[  372.255814][   T36] audit: type=1326 audit(1774997734.435:878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10391 comm="syz.5.1563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f10b171c4ab code=0x7ffc0000
[  372.378797][    T9] usb 6-1: new full-speed USB device number 27 using dummy_hcd
[  372.547208][    T9] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[  372.547237][    T9] usb 6-1: config 0 has no interface number 0
[  372.576865][    T9] usb 6-1: New USB device found, idVendor=0b48, idProduct=1003, bcdDevice=7b.54
[  372.576897][    T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  372.576918][    T9] usb 6-1: Product: syz
[  372.576933][    T9] usb 6-1: Manufacturer: syz
[  372.576947][    T9] usb 6-1: SerialNumber: syz
[  372.647084][    T9] usb 6-1: config 0 descriptor??
[  372.677628][    T9] usb 6-1: selecting invalid altsetting 1
[  372.681872][ T7812] veth1_macvtap: left promiscuous mode
[  372.682177][ T7812] veth0_macvtap: left promiscuous mode
[  372.701499][    T9] dvb_ttusb_budget: ttusb_init_controller: error
[  372.701520][    T9] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB)
[  372.712591][ T7812] veth1_vlan: left promiscuous mode
[  372.713205][ T7812] veth0_vlan: left promiscuous mode
[  372.955891][    T9] DVB: Unable to find symbol stv0299_attach()
[  374.198965][    T9] DVB: Unable to find symbol tda8083_attach()
[  374.198981][    T9] dvb_ttusb_budget: no frontend driver found for device [0b48:1003]
[  375.071355][ T5975] kernel write not supported for file bpf-prog (pid: 5975 comm: kworker/1:6)
[  375.463236][ T7812] team0 (unregistering): Port device team_slave_1 removed
[  375.481601][ T5975] usb 6-1: USB disconnect, device number 27
[  375.572898][ T7812] team0 (unregistering): Port device team_slave_0 removed
[  375.980289][T10027] batman_adv: batadv0: Adding interface: batadv_slave_1
[  375.980304][T10027] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  375.980326][T10027] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  376.008869][ T5975] usb 6-1: new high-speed USB device number 28 using dummy_hcd
[  376.153752][T10027] hsr_slave_0: entered promiscuous mode
[  376.155319][T10027] hsr_slave_1: entered promiscuous mode
[  376.177316][ T5975] usb 6-1: config 17 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  376.177362][ T5975] usb 6-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[  376.177387][ T5975] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  376.242424][ T5975] aiptek 6-1:17.0: interface has no int in endpoints, but must have minimum 1
[  376.418450][ T5990] usb 6-1: USB disconnect, device number 28
[  377.484728][T10495] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  377.513623][T10495] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  378.985978][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[  378.986059][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[  379.398768][    T9] usb 6-1: new full-speed USB device number 29 using dummy_hcd
[  379.481427][T10535] FAULT_INJECTION: forcing a failure.
[  379.481427][T10535] name fail_futex, interval 1, probability 0, space 0, times 1
[  379.481465][T10535] CPU: 1 UID: 0 PID: 10535 Comm: syz.2.1610 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  379.481491][T10535] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  379.481505][T10535] Call Trace:
[  379.481513][T10535]  <TASK>
[  379.481524][T10535]  dump_stack_lvl+0xe8/0x150
[  379.481563][T10535]  should_fail_ex+0x46b/0x600
[  379.481600][T10535]  get_futex_key+0x92a/0x1690
[  379.481634][T10535]  ? __lock_acquire+0x6b5/0x2cf0
[  379.481668][T10535]  ? __pfx_get_futex_key+0x10/0x10
[  379.481701][T10535]  ? __lock_acquire+0x6b5/0x2cf0
[  379.481735][T10535]  futex_wait_requeue_pi+0x2b7/0x9f0
[  379.481777][T10535]  ? __pfx_futex_wait_requeue_pi+0x10/0x10
[  379.481805][T10535]  ? kstrtoull+0x12f/0x1d0
[  379.481854][T10535]  ? __lock_acquire+0x6b5/0x2cf0
[  379.481887][T10535]  ? __pfx_futex_wake_mark+0x10/0x10
[  379.481922][T10535]  ? do_raw_spin_lock+0x12b/0x2f0
[  379.481964][T10535]  do_futex+0x181/0x420
[  379.481986][T10535]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  379.482016][T10535]  ? __pfx_do_futex+0x10/0x10
[  379.482035][T10535]  ? rt_mutex_slowunlock+0x1cb/0x300
[  379.482067][T10535]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  379.482106][T10535]  __se_sys_futex+0x3a8/0x450
[  379.482134][T10535]  ? ksys_write+0x248/0x270
[  379.482168][T10535]  ? __pfx___se_sys_futex+0x10/0x10
[  379.482192][T10535]  ? __pfx_ksys_write+0x10/0x10
[  379.482224][T10535]  ? __task_pid_nr_ns+0x28/0x470
[  379.482253][T10535]  ? __x64_sys_futex+0x21/0xf0
[  379.482279][T10535]  do_syscall_64+0x14d/0xf80
[  379.482303][T10535]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  379.482327][T10535]  ? clear_bhb_loop+0x40/0x90
[  379.482354][T10535]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  379.482376][T10535] RIP: 0033:0x7f7bfe6ac819
[  379.482397][T10535] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  379.482416][T10535] RSP: 002b:00007f7bfc8fe028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  379.482440][T10535] RAX: ffffffffffffffda RBX: 00007f7bfe925fa0 RCX: 00007f7bfe6ac819
[  379.482455][T10535] RDX: 0000000000000000 RSI: 000080000000000b RDI: 000020000000cffc
[  379.482470][T10535] RBP: 00007f7bfc8fe090 R08: 0000200000048000 R09: 0000000000000000
[  379.482484][T10535] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  379.482496][T10535] R13: 00007f7bfe926038 R14: 00007f7bfe925fa0 R15: 00007ffeb6fcd368
[  379.482530][T10535]  </TASK>
[  379.764012][    T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  379.769993][    T9] usb 6-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  379.770023][    T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  379.770045][    T9] usb 6-1: Product: syz
[  379.770059][    T9] usb 6-1: Manufacturer: syz
[  379.770075][    T9] usb 6-1: SerialNumber: syz
[  379.825164][    T9] usb 6-1: config 0 descriptor??
[  379.842326][    T9] hub 6-1:0.0: bad descriptor, ignoring hub
[  379.842366][    T9] hub 6-1:0.0: probe with driver hub failed with error -5
[  379.871906][    T9] input: syz syz as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/input/input12
[  380.038445][T10027] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  380.284775][T10027] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  381.369561][T10027] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  381.487463][T10027] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  382.155996][T10027] 8021q: adding VLAN 0 to HW filter on device bond0
[  382.867405][T10027] 8021q: adding VLAN 0 to HW filter on device team0
[  382.979238][ T7812] bridge0: port 1(bridge_slave_0) entered blocking state
[  382.979378][ T7812] bridge0: port 1(bridge_slave_0) entered forwarding state
[  383.090520][  T156] bridge0: port 2(bridge_slave_1) entered blocking state
[  383.098441][  T156] bridge0: port 2(bridge_slave_1) entered forwarding state
[  383.212069][ T5975] usb 6-1: USB disconnect, device number 29
[  383.243510][T10604] FAULT_INJECTION: forcing a failure.
[  383.243510][T10604] name failslab, interval 1, probability 0, space 0, times 0
[  383.243547][T10604] CPU: 1 UID: 0 PID: 10604 Comm: syz.4.1628 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  383.243571][T10604] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  383.243584][T10604] Call Trace:
[  383.243592][T10604]  <TASK>
[  383.243602][T10604]  dump_stack_lvl+0xe8/0x150
[  383.243639][T10604]  should_fail_ex+0x46b/0x600
[  383.243676][T10604]  should_failslab+0xa8/0x100
[  383.243701][T10604]  kmem_cache_alloc_node_noprof+0x8f/0x6e0
[  383.243735][T10604]  ? __alloc_skb+0x1d0/0x7d0
[  383.243754][T10604]  ? lockdep_hardirqs_on+0x7a/0x110
[  383.243781][T10604]  __alloc_skb+0x1d0/0x7d0
[  383.243807][T10604]  netlink_sendmsg+0x5d4/0xb40
[  383.243849][T10604]  ? __pfx_netlink_sendmsg+0x10/0x10
[  383.243884][T10604]  ? unwind_get_return_address+0x4d/0x90
[  383.243911][T10604]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  383.243948][T10604]  ____sys_sendmsg+0x94c/0x9c0
[  383.243979][T10604]  ? __pfx_____sys_sendmsg+0x10/0x10
[  383.244014][T10604]  ? import_iovec+0x73/0xa0
[  383.244053][T10604]  ___sys_sendmsg+0x2a5/0x360
[  383.244083][T10604]  ? __pfx____sys_sendmsg+0x10/0x10
[  383.244143][T10604]  ? __fget_files+0x2a/0x420
[  383.244172][T10604]  ? __fget_files+0x3a6/0x420
[  383.244209][T10604]  __x64_sys_sendmsg+0x1c3/0x2a0
[  383.244235][T10604]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  383.244268][T10604]  ? __pfx_ksys_write+0x10/0x10
[  383.244315][T10604]  do_syscall_64+0x14d/0xf80
[  383.244338][T10604]  ? trace_irq_disable+0x3b/0x150
[  383.244364][T10604]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  383.244386][T10604]  ? clear_bhb_loop+0x40/0x90
[  383.244413][T10604]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  383.244445][T10604] RIP: 0033:0x7fdfcfb0c819
[  383.244466][T10604] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  383.244484][T10604] RSP: 002b:00007fdfcdd5e028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  383.244508][T10604] RAX: ffffffffffffffda RBX: 00007fdfcfd85fa0 RCX: 00007fdfcfb0c819
[  383.244524][T10604] RDX: 0000000000000890 RSI: 00002000000000c0 RDI: 0000000000000003
[  383.244539][T10604] RBP: 00007fdfcdd5e090 R08: 0000000000000000 R09: 0000000000000000
[  383.244553][T10604] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  383.244566][T10604] R13: 00007fdfcfd86038 R14: 00007fdfcfd85fa0 R15: 00007fffbe88c598
[  383.244600][T10604]  </TASK>
[  383.828842][ T5975] usb 6-1: new high-speed USB device number 30 using dummy_hcd
[  383.988827][ T5975] usb 6-1: Using ep0 maxpacket: 32
[  383.989788][ T5975] usb 6-1: no configurations
[  383.989807][ T5975] usb 6-1: can't read configurations, error -22
[  384.118873][ T5975] usb 6-1: new high-speed USB device number 31 using dummy_hcd
[  384.162874][T10027] 8021q: adding VLAN 0 to HW filter on device batadv0
[  384.290393][T10027] veth0_vlan: entered promiscuous mode
[  384.303571][ T5975] usb 6-1: Using ep0 maxpacket: 32
[  384.305911][ T5975] usb 6-1: no configurations
[  384.305962][ T5975] usb 6-1: can't read configurations, error -22
[  384.306885][ T5975] usb usb6-port1: attempt power cycle
[  384.350554][T10027] veth1_vlan: entered promiscuous mode
[  384.459042][T10027] veth0_macvtap: entered promiscuous mode
[  384.482567][T10027] veth1_macvtap: entered promiscuous mode
[  384.548169][T10027] batman_adv: batadv0: Interface activated: batadv_slave_0
[  384.622268][T10027] batman_adv: batadv0: Interface activated: batadv_slave_1
[  384.658912][ T5975] usb 6-1: new high-speed USB device number 32 using dummy_hcd
[  384.677674][   T13] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  384.686685][ T5975] usb 6-1: Using ep0 maxpacket: 32
[  384.707204][   T13] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  384.754962][ T7812] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  384.770566][ T5975] usb 6-1: no configurations
[  384.770581][ T5975] usb 6-1: can't read configurations, error -22
[  384.807235][ T7812] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  384.911192][ T5975] usb 6-1: new high-speed USB device number 33 using dummy_hcd
[  384.941944][ T5975] usb 6-1: Using ep0 maxpacket: 32
[  384.948741][ T5975] usb 6-1: no configurations
[  384.948761][ T5975] usb 6-1: can't read configurations, error -22
[  384.953807][ T5975] usb usb6-port1: unable to enumerate USB device
[  385.287250][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  385.287273][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  385.544019][ T1403] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  385.544043][ T1403] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  385.673362][T10657] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1644'.
[  387.927758][T10707] FAULT_INJECTION: forcing a failure.
[  387.927758][T10707] name failslab, interval 1, probability 0, space 0, times 0
[  387.927799][T10707] CPU: 0 UID: 0 PID: 10707 Comm: syz.2.1659 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  387.927837][T10707] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  387.927849][T10707] Call Trace:
[  387.927857][T10707]  <TASK>
[  387.927867][T10707]  dump_stack_lvl+0xe8/0x150
[  387.927906][T10707]  should_fail_ex+0x46b/0x600
[  387.927943][T10707]  should_failslab+0xa8/0x100
[  387.927968][T10707]  kmem_cache_alloc_noprof+0x87/0x680
[  387.928004][T10707]  ? do_getname+0x2e/0x250
[  387.928034][T10707]  do_getname+0x2e/0x250
[  387.928058][T10707]  ? getname_flags+0x11/0x20
[  387.928086][T10707]  __x64_sys_lgetxattr+0x1fb/0x2b0
[  387.928126][T10707]  ? __pfx___x64_sys_lgetxattr+0x10/0x10
[  387.928193][T10707]  ? __pfx_ksys_write+0x10/0x10
[  387.928242][T10707]  do_syscall_64+0x14d/0xf80
[  387.928264][T10707]  ? trace_irq_disable+0x3b/0x150
[  387.928291][T10707]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  387.928314][T10707]  ? clear_bhb_loop+0x40/0x90
[  387.928341][T10707]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  387.928364][T10707] RIP: 0033:0x7f7bfe6ac819
[  387.928385][T10707] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  387.928404][T10707] RSP: 002b:00007f7bfc8fe028 EFLAGS: 00000246 ORIG_RAX: 00000000000000c0
[  387.928428][T10707] RAX: ffffffffffffffda RBX: 00007f7bfe925fa0 RCX: 00007f7bfe6ac819
[  387.928444][T10707] RDX: 0000000000000000 RSI: 0000200000002180 RDI: 0000200000002040
[  387.928459][T10707] RBP: 00007f7bfc8fe090 R08: 0000000000000000 R09: 0000000000000000
[  387.928472][T10707] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  387.928485][T10707] R13: 00007f7bfe926038 R14: 00007f7bfe925fa0 R15: 00007ffeb6fcd368
[  387.928514][T10707]  </TASK>
[  388.171778][T10708] kvm: kvm [10697]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x187) = 0xffffffbe000068d0
[  388.182650][T10708] kvm_intel: kvm [10697]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x1d9) = 0xffffff6b000030c1
[  388.210582][T10708] kvm: kvm [10697]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x186) = 0xffffff2c0000f0e2
[  388.211112][T10708] kvm: kvm [10697]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x11e) = 0xfffffff80000b085
[  388.211194][T10708] kvm: kvm [10697]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0x11e) = 0xbe702111
[  388.381547][T10715] sch_tbf: burst 19872 is lower than device lo mtu (11337746) !
[  388.612467][T10721] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  388.619303][T10721] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  388.937739][T10735] FAULT_INJECTION: forcing a failure.
[  388.937739][T10735] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  388.937777][T10735] CPU: 0 UID: 0 PID: 10735 Comm: syz.5.1666 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  388.937802][T10735] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  388.937815][T10735] Call Trace:
[  388.937823][T10735]  <TASK>
[  388.937832][T10735]  dump_stack_lvl+0xe8/0x150
[  388.937870][T10735]  should_fail_ex+0x46b/0x600
[  388.937915][T10735]  _copy_from_iter+0x1d3/0x1670
[  388.937948][T10735]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  388.937979][T10735]  ? __pfx_policy_nodemask+0x10/0x10
[  388.938006][T10735]  ? __pfx__copy_from_iter+0x10/0x10
[  388.938045][T10735]  ? set_page_refcounted+0xa0/0x1e0
[  388.938079][T10735]  ? page_copy_sane+0x4e/0x270
[  388.938113][T10735]  copy_page_from_iter+0xdd/0x170
[  388.938150][T10735]  tun_get_user+0x1d4b/0x3de0
[  388.938172][T10735]  ? tun_get_user+0x6ff/0x3de0
[  388.938214][T10735]  ? __pfx_tun_get_user+0x10/0x10
[  388.938256][T10735]  ? ref_tracker_alloc+0x332/0x4a0
[  388.938289][T10735]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  388.938327][T10735]  ? tun_get+0x1c/0x2f0
[  388.938354][T10735]  ? tun_get+0x1c/0x2f0
[  388.938374][T10735]  ? tun_get+0x1c/0x2f0
[  388.938400][T10735]  tun_chr_write_iter+0x119/0x200
[  388.938437][T10735]  vfs_write+0x629/0xba0
[  388.938480][T10735]  ? __pfx_vfs_write+0x10/0x10
[  388.938524][T10735]  ? __fget_files+0x2a/0x420
[  388.938561][T10735]  ksys_write+0x156/0x270
[  388.938602][T10735]  ? __pfx_ksys_write+0x10/0x10
[  388.938646][T10735]  do_syscall_64+0x14d/0xf80
[  388.938670][T10735]  ? trace_irq_disable+0x3b/0x150
[  388.938697][T10735]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  388.938720][T10735]  ? clear_bhb_loop+0x40/0x90
[  388.938747][T10735]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  388.938770][T10735] RIP: 0033:0x7f10b16dd04e
[  388.938790][T10735] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  388.938810][T10735] RSP: 002b:00007f10af94cfb8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  388.938833][T10735] RAX: ffffffffffffffda RBX: 00007f10af94d6c0 RCX: 00007f10b16dd04e
[  388.938849][T10735] RDX: 0000000000000036 RSI: 0000200000000200 RDI: 00000000000000c8
[  388.938863][T10735] RBP: 00007f10af94d090 R08: 0000000000000000 R09: 0000000000000000
[  388.938876][T10735] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  388.938889][T10735] R13: 00007f10b1996128 R14: 00007f10b1996090 R15: 00007ffd1ad0f478
[  388.938923][T10735]  </TASK>
[  390.320721][T10742] FAULT_INJECTION: forcing a failure.
[  390.320721][T10742] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  390.320757][T10742] CPU: 0 UID: 0 PID: 10742 Comm: syz.5.1672 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  390.320781][T10742] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  390.320795][T10742] Call Trace:
[  390.320804][T10742]  <TASK>
[  390.320814][T10742]  dump_stack_lvl+0xe8/0x150
[  390.320851][T10742]  should_fail_ex+0x46b/0x600
[  390.320887][T10742]  _copy_to_user+0x31/0xb0
[  390.320912][T10742]  simple_read_from_buffer+0xe1/0x170
[  390.320945][T10742]  proc_fail_nth_read+0x1be/0x230
[  390.320979][T10742]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  390.321011][T10742]  ? rw_verify_area+0x2ac/0x4e0
[  390.321045][T10742]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  390.321075][T10742]  vfs_read+0x212/0xa80
[  390.321118][T10742]  ? __pfx_vfs_read+0x10/0x10
[  390.321154][T10742]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  390.321180][T10742]  ? lockdep_hardirqs_on+0x7a/0x110
[  390.321212][T10742]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  390.321237][T10742]  ? mutex_lock_nested+0x152/0x1d0
[  390.321267][T10742]  ? fdget_pos+0x252/0x320
[  390.321305][T10742]  ksys_read+0x156/0x270
[  390.321341][T10742]  ? __pfx_ksys_read+0x10/0x10
[  390.321389][T10742]  do_syscall_64+0x14d/0xf80
[  390.321411][T10742]  ? trace_irq_disable+0x3b/0x150
[  390.321439][T10742]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  390.321462][T10742]  ? clear_bhb_loop+0x40/0x90
[  390.321490][T10742]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  390.321513][T10742] RIP: 0033:0x7f10b16dd04e
[  390.321534][T10742] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  390.321552][T10742] RSP: 002b:00007f10af96dfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  390.321574][T10742] RAX: ffffffffffffffda RBX: 00007f10af96e6c0 RCX: 00007f10b16dd04e
[  390.321590][T10742] RDX: 000000000000000f RSI: 00007f10af96e0a0 RDI: 0000000000000004
[  390.321603][T10742] RBP: 00007f10af96e090 R08: 0000000000000000 R09: 0000000000000000
[  390.321616][T10742] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  390.321628][T10742] R13: 00007f10b1996038 R14: 00007f10b1995fa0 R15: 00007ffd1ad0f478
[  390.321663][T10742]  </TASK>
[  390.745993][T10755] FAULT_INJECTION: forcing a failure.
[  390.745993][T10755] name failslab, interval 1, probability 0, space 0, times 0
[  390.746030][T10755] CPU: 1 UID: 0 PID: 10755 Comm: syz.5.1680 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  390.746055][T10755] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  390.746068][T10755] Call Trace:
[  390.746077][T10755]  <TASK>
[  390.746086][T10755]  dump_stack_lvl+0xe8/0x150
[  390.746125][T10755]  should_fail_ex+0x46b/0x600
[  390.746162][T10755]  should_failslab+0xa8/0x100
[  390.746187][T10755]  __kmalloc_cache_node_noprof+0x8a/0x6c0
[  390.746221][T10755]  ? __get_vm_area_node+0x171/0x350
[  390.746258][T10755]  __get_vm_area_node+0x171/0x350
[  390.746298][T10755]  __vmalloc_node_range_noprof+0x372/0x1730
[  390.746336][T10755]  ? bpf_prog_alloc_no_stats+0x4a/0x4f0
[  390.746382][T10755]  ? __lock_acquire+0x6b5/0x2cf0
[  390.746413][T10755]  ? kernel_text_address+0xa5/0xe0
[  390.746444][T10755]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  390.746479][T10755]  ? arch_stack_walk+0xfb/0x150
[  390.746516][T10755]  ? bpf_prog_alloc_no_stats+0x4a/0x4f0
[  390.746544][T10755]  __vmalloc_noprof+0xd2/0x120
[  390.746580][T10755]  ? bpf_prog_alloc_no_stats+0x4a/0x4f0
[  390.746614][T10755]  bpf_prog_alloc_no_stats+0x4a/0x4f0
[  390.746650][T10755]  bpf_prog_alloc+0x3c/0x1a0
[  390.746683][T10755]  bpf_prog_load+0x7ba/0x1ae0
[  390.746729][T10755]  ? __pfx_bpf_prog_load+0x10/0x10
[  390.746783][T10755]  ? bpf_lsm_bpf+0x9/0x20
[  390.746806][T10755]  ? security_bpf+0x7e/0x2d0
[  390.746834][T10755]  __sys_bpf+0x618/0x950
[  390.746866][T10755]  ? __pfx___sys_bpf+0x10/0x10
[  390.746892][T10755]  ? rt_mutex_slowunlock+0x1cb/0x300
[  390.746941][T10755]  ? ksys_write+0x248/0x270
[  390.746978][T10755]  ? __pfx_ksys_write+0x10/0x10
[  390.747019][T10755]  __x64_sys_bpf+0x7c/0x90
[  390.747045][T10755]  do_syscall_64+0x14d/0xf80
[  390.747067][T10755]  ? trace_irq_disable+0x3b/0x150
[  390.747093][T10755]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  390.747116][T10755]  ? clear_bhb_loop+0x40/0x90
[  390.747144][T10755]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  390.747167][T10755] RIP: 0033:0x7f10b171c819
[  390.747187][T10755] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  390.747213][T10755] RSP: 002b:00007f10af96e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  390.747238][T10755] RAX: ffffffffffffffda RBX: 00007f10b1995fa0 RCX: 00007f10b171c819
[  390.747254][T10755] RDX: 0000000000000048 RSI: 000020000000e000 RDI: 0000000000000005
[  390.747269][T10755] RBP: 00007f10af96e090 R08: 0000000000000000 R09: 0000000000000000
[  390.747283][T10755] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  390.747296][T10755] R13: 00007f10b1996038 R14: 00007f10b1995fa0 R15: 00007ffd1ad0f478
[  390.747331][T10755]  </TASK>
[  390.831973][T10755] syz.5.1680: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=syz5,mems_allowed=0-1
[  390.870283][T10755] CPU: 0 UID: 0 PID: 10755 Comm: syz.5.1680 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  390.870369][T10755] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  390.870403][T10755] Call Trace:
[  390.870432][T10755]  <TASK>
[  390.870454][T10755]  dump_stack_lvl+0xe8/0x150
[  390.870561][T10755]  warn_alloc+0x263/0x3e0
[  390.870648][T10755]  ? __pfx_warn_alloc+0x10/0x10
[  390.870704][T10755]  ? __kmalloc_cache_node_noprof+0x27d/0x6c0
[  390.870769][T10755]  ? __get_vm_area_node+0x171/0x350
[  390.870874][T10755]  ? __get_vm_area_node+0x2e1/0x350
[  390.870970][T10755]  __vmalloc_node_range_noprof+0x397/0x1730
[  390.871101][T10755]  ? __lock_acquire+0x6b5/0x2cf0
[  390.871184][T10755]  ? kernel_text_address+0xa5/0xe0
[  390.871281][T10755]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  390.871396][T10755]  ? arch_stack_walk+0xfb/0x150
[  390.871497][T10755]  ? bpf_prog_alloc_no_stats+0x4a/0x4f0
[  390.871575][T10755]  __vmalloc_noprof+0xd2/0x120
[  390.871671][T10755]  ? bpf_prog_alloc_no_stats+0x4a/0x4f0
[  390.871757][T10755]  bpf_prog_alloc_no_stats+0x4a/0x4f0
[  390.871847][T10755]  bpf_prog_alloc+0x3c/0x1a0
[  390.871944][T10755]  bpf_prog_load+0x7ba/0x1ae0
[  390.872046][T10755]  ? __pfx_bpf_prog_load+0x10/0x10
[  390.872172][T10755]  ? bpf_lsm_bpf+0x9/0x20
[  390.872229][T10755]  ? security_bpf+0x7e/0x2d0
[  390.872305][T10755]  __sys_bpf+0x618/0x950
[  390.872388][T10755]  ? __pfx___sys_bpf+0x10/0x10
[  390.872454][T10755]  ? rt_mutex_slowunlock+0x1cb/0x300
[  390.872582][T10755]  ? ksys_write+0x248/0x270
[  390.872678][T10755]  ? __pfx_ksys_write+0x10/0x10
[  390.872814][T10755]  __x64_sys_bpf+0x7c/0x90
[  390.872880][T10755]  do_syscall_64+0x14d/0xf80
[  390.872952][T10755]  ? trace_irq_disable+0x3b/0x150
[  390.873025][T10755]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  390.873082][T10755]  ? clear_bhb_loop+0x40/0x90
[  390.873157][T10755]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  390.873216][T10755] RIP: 0033:0x7f10b171c819
[  390.873279][T10755] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  390.873323][T10755] RSP: 002b:00007f10af96e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  390.873386][T10755] RAX: ffffffffffffffda RBX: 00007f10b1995fa0 RCX: 00007f10b171c819
[  390.873428][T10755] RDX: 0000000000000048 RSI: 000020000000e000 RDI: 0000000000000005
[  390.873470][T10755] RBP: 00007f10af96e090 R08: 0000000000000000 R09: 0000000000000000
[  390.873505][T10755] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  390.873538][T10755] R13: 00007f10b1996038 R14: 00007f10b1995fa0 R15: 00007ffd1ad0f478
[  390.873633][T10755]  </TASK>
[  390.893353][T10755] Mem-Info:
[  390.893396][T10755] active_anon:269 inactive_anon:7306 isolated_anon:0
[  390.893396][T10755]  active_file:16353 inactive_file:41955 isolated_file:0
[  390.893396][T10755]  unevictable:2366 dirty:197 writeback:0
[  390.893396][T10755]  slab_reclaimable:7210 slab_unreclaimable:101430
[  390.893396][T10755]  mapped:31296 shmem:1386 pagetables:1444
[  390.893396][T10755]  sec_pagetables:0 bounce:0
[  390.893396][T10755]  kernel_misc_reclaimable:0
[  390.893396][T10755]  free:1318094 free_pcp:2189 free_cma:0
[  390.893555][T10755] Node 0 active_anon:1076kB inactive_anon:29224kB active_file:64980kB inactive_file:167820kB unevictable:7928kB isolated(anon):0kB isolated(file):0kB mapped:125096kB dirty:788kB writeback:0kB shmem:4008kB kernel_stack:13704kB pagetables:5612kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  390.893684][T10755] Node 1 active_anon:0kB inactive_anon:0kB active_file:432kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:88kB dirty:0kB writeback:0kB shmem:1536kB kernel_stack:64kB pagetables:164kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  390.893840][T10755] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  390.894014][T10755] lowmem_reserve[]: 0 2506 2506 2506 2506
[  390.894121][T10755] Node 0 DMA32 free:1319228kB boost:0kB min:3932kB low:6468kB high:9004kB reserved_highatomic:0KB free_highatomic:0KB active_anon:1076kB inactive_anon:29224kB active_file:64980kB inactive_file:167820kB unevictable:7928kB writepending:788kB zspages:0kB present:3129332kB managed:2566456kB mlocked:6392kB bounce:0kB free_pcp:8292kB local_pcp:6832kB free_cma:0kB
[  390.894340][T10755] lowmem_reserve[]: 0 0 0 0 0
[  390.894683][T10755] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:416kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  390.894845][T10755] lowmem_reserve[]: 0 0 0 0 0
[  390.894955][T10755] Node 1 Normal free:3937788kB boost:0kB min:6364kB low:10472kB high:14580kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:432kB inactive_file:0kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:464kB local_pcp:0kB free_cma:0kB
[  390.895129][T10755] lowmem_reserve[]: 0 0 0 0 0
[  390.895221][T10755] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  390.895579][T10755] Node 0 DMA32: 1613*4kB (UME) 2130*8kB (UME) 1285*16kB (UME) 566*32kB (UME) 215*64kB (UME) 111*128kB (UME) 85*256kB (UME) 56*512kB (UME) 31*1024kB (UME) 10*2048kB (UM) 275*4096kB (UM) = 1319188kB
[  390.909695][T10755] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  390.910017][T10755] Node 1 Normal: 0*4kB 2*8kB (UM) 4*16kB (U) 5*32kB (U) 7*64kB (UM) 3*128kB (U) 4*256kB (U) 5*512kB (UM) 3*1024kB (UM) 1*2048kB (U) 959*4096kB (M) = 3937840kB
[  390.914140][T10755] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  390.914167][T10755] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  390.914214][T10755] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  390.914259][T10755] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  390.914303][T10755] 59690 total pagecache pages
[  390.914334][T10755] 0 pages in swap cache
[  390.914355][T10755] Free swap  = 124996kB
[  390.914376][T10755] Total swap = 124996kB
[  390.914398][T10755] 2097051 pages RAM
[  390.914420][T10755] 0 pages HighMem/MovableOnly
[  390.914441][T10755] 423718 pages reserved
[  390.914455][T10755] 0 pages cma reserved
[  391.874200][T10765] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1682'.
[  393.894777][  T809] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  394.308758][  T809] usb 5-1: Using ep0 maxpacket: 8
[  394.314611][  T809] usb 5-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 129, changing to 7
[  394.351510][  T809] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  394.351543][  T809] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  394.351565][  T809] usb 5-1: Product: 倊
[  394.351581][  T809] usb 5-1: Manufacturer: ᯜ뇯߯ꀴ୩ꩋ킢Ꞹኛ䠩
[  394.351597][  T809] usb 5-1: SerialNumber: 椞ᾋ䱌Ὴ랬Āꨫඓ柏ὤ喙。㼽ಉ랕쑪옶ඓ髺蹛뎬㥝웿⸲䤲以랴⠈Ἂ篍☊槭ꈔ篱遂가覭껔◐⠂瞭䔉䡤攵ꖫ䓣걠펌ꨀﴅ㙚ႂ㺬픲⌈䋖弞稡톈﫟【
[  394.865639][  T809] usb 5-1: 1:1 : UAC_AS_GENERAL descriptor not found
[  394.866089][  T809] usb 5-1: 2:1 : no UAC_FORMAT_TYPE desc
[  395.953296][  T809] usb 5-1: USB disconnect, device number 17
[  396.123866][ T6373] udevd[6373]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  399.725626][T10880] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1724'.
[  399.725669][T10880] netlink: 'syz.2.1724': attribute type 2 has an invalid length.
[  399.725683][T10880] netlink: 'syz.2.1724': attribute type 1 has an invalid length.
[  399.725697][T10880] netlink: 92 bytes leftover after parsing attributes in process `syz.2.1724'.
[  400.898825][    T9] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[  401.945918][    T9] usb 3-1: Using ep0 maxpacket: 16
[  401.960944][    T9] usb 3-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice=10.00
[  401.960977][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  401.960999][    T9] usb 3-1: Product: syz
[  401.961013][    T9] usb 3-1: Manufacturer: syz
[  401.961029][    T9] usb 3-1: SerialNumber: syz
[  402.006479][    T9] usb 3-1: config 0 descriptor??
[  402.072915][    T9] ftdi_sio 3-1:0.0: FTDI USB Serial Device converter detected
[  402.076854][    T9] usb 3-1: Detected FT-X
[  402.259628][    T9] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[  402.329627][    T9] ftdi_sio 3-1:0.0: GPIO initialisation failed: -71
[  402.335890][    T9] usb 3-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  402.386866][    T9] usb 3-1: USB disconnect, device number 27
[  402.434829][    T9] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  402.435616][    T9] ftdi_sio 3-1:0.0: device disconnected
[  405.560177][T10951] netlink: 436 bytes leftover after parsing attributes in process `syz.3.1750'.
[  405.560255][T10951] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1750'.
[  408.074460][ T5990] usb 6-1: new high-speed USB device number 34 using dummy_hcd
[  411.751804][T11002] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1762'.
[  411.765513][T11002] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1762'.
[  411.766115][ T7702] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  411.766348][ T7702] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  411.766406][ T7702] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  411.766445][ T7702] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  411.878782][    T9] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  412.032136][    T9] usb 5-1: Using ep0 maxpacket: 8
[  412.034332][    T9] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  412.034374][    T9] usb 5-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[  412.034418][    T9] usb 5-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  412.034438][    T9] usb 5-1: config 168 interface 0 altsetting 188 has an invalid descriptor for endpoint zero, skipping
[  412.034453][    T9] usb 5-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[  412.034473][    T9] usb 5-1: config 168 interface 0 has no altsetting 0
[  413.037707][    T9] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  413.037759][    T9] usb 5-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[  413.037815][    T9] usb 5-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  413.037844][    T9] usb 5-1: config 168 interface 0 altsetting 188 has an invalid descriptor for endpoint zero, skipping
[  413.037865][    T9] usb 5-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[  413.037891][    T9] usb 5-1: config 168 interface 0 has no altsetting 0
[  413.111461][    T9] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  413.111505][    T9] usb 5-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[  413.111547][    T9] usb 5-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  413.111574][    T9] usb 5-1: config 168 interface 0 altsetting 188 has an invalid descriptor for endpoint zero, skipping
[  413.111595][    T9] usb 5-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[  413.111623][    T9] usb 5-1: config 168 interface 0 has no altsetting 0
[  413.118468][    T9] usb 5-1: string descriptor 0 read error: -22
[  413.190700][    T9] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  413.190730][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  413.230920][    T9] adutux 5-1:168.0: interrupt endpoints not found
[  413.306927][T11014] netlink: 388 bytes leftover after parsing attributes in process `syz.5.1771'.
[  413.321509][T11014] tipc: Started in network mode
[  413.321545][T11014] tipc: Node identity ac14140f, cluster identity 4711
[  413.342483][T11014] tipc: New replicast peer: 255.255.255.255
[  413.346172][T11014] tipc: Enabled bearer <udp:syz2>, priority 10
[  413.382035][T11006] FAULT_INJECTION: forcing a failure.
[  413.382035][T11006] name failslab, interval 1, probability 0, space 0, times 0
[  413.382072][T11006] CPU: 1 UID: 0 PID: 11006 Comm: syz.2.1769 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  413.382098][T11006] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  413.382111][T11006] Call Trace:
[  413.382119][T11006]  <TASK>
[  413.382129][T11006]  dump_stack_lvl+0xe8/0x150
[  413.382168][T11006]  should_fail_ex+0x46b/0x600
[  413.382203][T11006]  should_failslab+0xa8/0x100
[  413.382228][T11006]  kmem_cache_alloc_noprof+0x87/0x680
[  413.382262][T11006]  ? __send_signal_locked+0x22c/0xec0
[  413.382287][T11006]  ? sig_get_ucounts+0x3e4/0x450
[  413.382319][T11006]  __send_signal_locked+0x22c/0xec0
[  413.382353][T11006]  force_sig_info_to_task+0x31e/0x4b0
[  413.382389][T11006]  force_sig_fault+0xf0/0x150
[  413.382420][T11006]  ? __pfx_force_sig_fault+0x10/0x10
[  413.382455][T11006]  ? __bad_area_nosemaphore+0x31e/0x690
[  413.382499][T11006]  ? trace_page_fault_user+0x84/0x210
[  413.382534][T11006]  exc_page_fault+0x6a/0xc0
[  413.382560][T11006]  asm_exc_page_fault+0x26/0x30
[  413.382582][T11006] RIP: 0033:0x7f7bfe56196d
[  413.382603][T11006] Code: 00 00 bf 40 00 00 00 eb bc 0f 1f 40 00 48 89 7c 24 f8 48 89 74 24 f0 48 8b 7c 24 f8 4c 8b 44 24 f0 8b 4f 50 8b 47 58 4c 01 c1 <41> 8b 34 00 8b 11 21 d6 89 f0 8d 72 01 8b 57 08 81 e2 00 08 00 00
[  413.382623][T11006] RSP: 002b:00007f7bfc8fe018 EFLAGS: 00010246
[  413.382644][T11006] RAX: 0000000000000000 RBX: 00007f7bfe925fa0 RCX: 0000000000000000
[  413.382659][T11006] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000400000
[  413.382672][T11006] RBP: 00007f7bfc8fe090 R08: 0000000000000000 R09: 0000000000000000
[  413.382685][T11006] R10: 0000200000400000 R11: 0000000000000000 R12: 0000000000000001
[  413.382700][T11006] R13: 00007f7bfe926038 R14: 00007f7bfe925fa0 R15: 00007ffeb6fcd368
[  413.382735][T11006]  </TASK>
[  413.453408][T11014] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1771'.
[  413.453476][T11014] tipc: Disabling bearer <udp:syz2>
[  413.457979][T11010] kvm: kvm [11009]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0xffe3000088e0
[  413.713139][T10993] 8021q: VLANs not supported on vcan0
[  413.732629][ T5990] usb 5-1: USB disconnect, device number 18
[  415.727133][T11050] netlink: 'syz.5.1779': attribute type 3 has an invalid length.
[  415.727159][T11050] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1779'.
[  415.878785][ T5990] usb 3-1: new full-speed USB device number 28 using dummy_hcd
[  416.050751][ T5990] usb 3-1: New USB device found, idVendor=0c72, idProduct=0013, bcdDevice=ba.be
[  416.050775][ T5990] usb 3-1: New USB device strings: Mfr=175, Product=2, SerialNumber=3
[  416.050789][ T5990] usb 3-1: Product: syz
[  416.050800][ T5990] usb 3-1: Manufacturer: syz
[  416.050810][ T5990] usb 3-1: SerialNumber: syz
[  416.058544][ T5990] usb 3-1: config 0 descriptor??
[  416.308792][ T5990] peak_usb 3-1:0.0: PEAK-System PCAN-Chip USB v0 fw v0.0.0 (1 channels)
[  416.310681][T11053] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  416.411917][T11053] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  416.468774][ T5990] peak_usb 3-1:0.0 can0: unable to request usb[type=2 value=5] err=-71
[  416.468806][ T5990] peak_usb 3-1:0.0: unable to tell PCAN-Chip USB driver is loaded (err -71)
[  416.743092][ T5990] peak_usb 3-1:0.0: probe with driver peak_usb failed with error -71
[  416.802640][ T5990] usb 3-1: USB disconnect, device number 28
[  418.230349][T11089] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1795'.
[  418.245736][T11089] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1795'.
[  420.096397][T11115] netlink: 928 bytes leftover after parsing attributes in process `syz.0.1808'.
[  420.096421][T11115] netlink: 5 bytes leftover after parsing attributes in process `syz.0.1808'.
[  420.096437][T11115] netlink: 6412 bytes leftover after parsing attributes in process `syz.0.1808'.
[  420.381110][T11128] overlayfs: failed to resolve './file0': -2
[  420.398756][ T5868] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  420.563562][ T5868] usb 5-1: Using ep0 maxpacket: 8
[  420.574728][ T5868] usb 5-1: config 1 interface 0 altsetting 6 bulk endpoint 0x82 has invalid maxpacket 64
[  420.574761][ T5868] usb 5-1: config 1 interface 0 altsetting 6 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  420.574945][ T5868] usb 5-1: config 1 interface 0 has no altsetting 0
[  420.600922][ T5868] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  420.600966][ T5868] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  420.600988][ T5868] usb 5-1: Product: ᐄ
[  420.601016][ T5868] usb 5-1: Manufacturer: п
[  420.601033][ T5868] usb 5-1: SerialNumber: Я
[  420.658580][T11121] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  420.659212][T11121] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  420.916910][ T5868] cdc_ether 5-1:1.0: probe with driver cdc_ether failed with error -22
[  420.972312][ T5868] usb 5-1: USB disconnect, device number 19
[  421.197497][T11143] binder: 11142:11143 ioctl c0306201 2000000001c0 returned -22
[  421.198114][T11143] binder: 11142:11143 ioctl 80047013 200000000040 returned -22
[  422.064374][ T5975] IPVS: starting estimator thread 0...
[  422.738948][T11149] IPVS: using max 11 ests per chain, 26400 per kthread
[  422.840486][T11158] FAULT_INJECTION: forcing a failure.
[  422.840486][T11158] name failslab, interval 1, probability 0, space 0, times 0
[  422.840521][T11158] CPU: 1 UID: 0 PID: 11158 Comm: syz.0.1824 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  422.840546][T11158] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  422.840559][T11158] Call Trace:
[  422.840568][T11158]  <TASK>
[  422.840578][T11158]  dump_stack_lvl+0xe8/0x150
[  422.840616][T11158]  should_fail_ex+0x46b/0x600
[  422.840653][T11158]  should_failslab+0xa8/0x100
[  422.840678][T11158]  kmem_cache_alloc_node_noprof+0x8f/0x6e0
[  422.840716][T11158]  ? __alloc_skb+0x1d0/0x7d0
[  422.840735][T11158]  ? lockdep_hardirqs_on+0x7a/0x110
[  422.840766][T11158]  __alloc_skb+0x1d0/0x7d0
[  422.840793][T11158]  netlink_sendmsg+0x5d4/0xb40
[  422.840836][T11158]  ? __pfx_netlink_sendmsg+0x10/0x10
[  422.840872][T11158]  ? unwind_get_return_address+0x4d/0x90
[  422.840899][T11158]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  422.840938][T11158]  ____sys_sendmsg+0x94c/0x9c0
[  422.840969][T11158]  ? __pfx_____sys_sendmsg+0x10/0x10
[  422.841004][T11158]  ? import_iovec+0x73/0xa0
[  422.841043][T11158]  ___sys_sendmsg+0x2a5/0x360
[  422.841075][T11158]  ? __pfx____sys_sendmsg+0x10/0x10
[  422.841144][T11158]  ? __fget_files+0x2a/0x420
[  422.841172][T11158]  ? __fget_files+0x3a6/0x420
[  422.841212][T11158]  __x64_sys_sendmsg+0x1c3/0x2a0
[  422.841241][T11158]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  422.841277][T11158]  ? __pfx_ksys_write+0x10/0x10
[  422.841325][T11158]  do_syscall_64+0x14d/0xf80
[  422.841348][T11158]  ? trace_irq_disable+0x3b/0x150
[  422.841375][T11158]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  422.841399][T11158]  ? clear_bhb_loop+0x40/0x90
[  422.841426][T11158]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  422.841449][T11158] RIP: 0033:0x7ff3e0bfc819
[  422.841468][T11158] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  422.841488][T11158] RSP: 002b:00007ff3dee4e028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  422.841512][T11158] RAX: ffffffffffffffda RBX: 00007ff3e0e75fa0 RCX: 00007ff3e0bfc819
[  422.841528][T11158] RDX: 0000000000000000 RSI: 00002000000012c0 RDI: 0000000000000004
[  422.841543][T11158] RBP: 00007ff3dee4e090 R08: 0000000000000000 R09: 0000000000000000
[  422.841556][T11158] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  422.841570][T11158] R13: 00007ff3e0e76038 R14: 00007ff3e0e75fa0 R15: 00007ffdc31ac218
[  422.841604][T11158]  </TASK>
[  423.269932][T11164] overlayfs: failed to resolve './file0': -2
[  423.416565][T11172] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1829'.
[  423.718512][T11178] netlink: 'syz.4.1832': attribute type 2 has an invalid length.
[  423.806601][T11178] !: entered promiscuous mode
[  424.465156][T11204] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1840'.
[  424.465261][T11204] netlink: 88 bytes leftover after parsing attributes in process `syz.4.1840'.
[  424.465292][T11204] netlink: 64 bytes leftover after parsing attributes in process `syz.4.1840'.
[  424.649911][T11210] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1841'.
[  425.016900][T11221] netlink: 36 bytes leftover after parsing attributes in process `syz.5.1846'.
[  425.031570][T11225] FAULT_INJECTION: forcing a failure.
[  425.031570][T11225] name failslab, interval 1, probability 0, space 0, times 0
[  425.031602][T11225] CPU: 0 UID: 0 PID: 11225 Comm: syz.2.1847 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  425.031626][T11225] Tainted: [L]=SOFTLOCKUP
[  425.031632][T11225] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  425.031642][T11225] Call Trace:
[  425.031649][T11225]  <TASK>
[  425.031657][T11225]  dump_stack_lvl+0xe8/0x150
[  425.031688][T11225]  should_fail_ex+0x46b/0x600
[  425.031719][T11225]  should_failslab+0xa8/0x100
[  425.031738][T11225]  __kmalloc_noprof+0xdf/0x7b0
[  425.031755][T11225]  ? tomoyo_encode+0x28b/0x550
[  425.031781][T11225]  tomoyo_encode+0x28b/0x550
[  425.031807][T11225]  tomoyo_realpath_from_path+0x58d/0x5d0
[  425.031837][T11225]  ? tomoyo_path_number_perm+0x219/0x630
[  425.031856][T11225]  tomoyo_path_number_perm+0x246/0x630
[  425.031876][T11225]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  425.031896][T11225]  ? __lock_acquire+0x6b5/0x2cf0
[  425.031940][T11225]  ? __fget_files+0x2a/0x420
[  425.031973][T11225]  ? __fget_files+0x2a/0x420
[  425.031994][T11225]  ? __fget_files+0x3a6/0x420
[  425.032015][T11225]  ? __fget_files+0x2a/0x420
[  425.032040][T11225]  security_file_ioctl+0xc3/0x2a0
[  425.032063][T11225]  __se_sys_ioctl+0x47/0x170
[  425.032083][T11225]  do_syscall_64+0x14d/0xf80
[  425.032101][T11225]  ? trace_irq_disable+0x3b/0x150
[  425.032122][T11225]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  425.032140][T11225]  ? clear_bhb_loop+0x40/0x90
[  425.032161][T11225]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  425.032177][T11225] RIP: 0033:0x7f7bfe6ac819
[  425.032194][T11225] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  425.032209][T11225] RSP: 002b:00007f7bfc8fe028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  425.032227][T11225] RAX: ffffffffffffffda RBX: 00007f7bfe925fa0 RCX: 00007f7bfe6ac819
[  425.032240][T11225] RDX: 00002000000000c0 RSI: 0000000040946400 RDI: 0000000000000003
[  425.032251][T11225] RBP: 00007f7bfc8fe090 R08: 0000000000000000 R09: 0000000000000000
[  425.032262][T11225] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  425.032271][T11225] R13: 00007f7bfe926038 R14: 00007f7bfe925fa0 R15: 00007ffeb6fcd368
[  425.032298][T11225]  </TASK>
[  425.032316][T11225] ERROR: Out of memory at tomoyo_realpath_from_path.
[  425.370000][T11229] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  425.370031][T11229] CIFS mount error: No usable UNC path provided in device string!
[  425.370031][T11229] 
[  425.370280][T11229] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  425.604653][T11240] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  425.776511][T11243] FAULT_INJECTION: forcing a failure.
[  425.776511][T11243] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  425.776539][T11243] CPU: 0 UID: 0 PID: 11243 Comm: syz.3.1855 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  425.776562][T11243] Tainted: [L]=SOFTLOCKUP
[  425.776568][T11243] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  425.776578][T11243] Call Trace:
[  425.776584][T11243]  <TASK>
[  425.776591][T11243]  dump_stack_lvl+0xe8/0x150
[  425.776619][T11243]  should_fail_ex+0x46b/0x600
[  425.776647][T11243]  strncpy_from_user+0x36/0x2b0
[  425.776671][T11243]  do_getname+0x77/0x250
[  425.776692][T11243]  __se_sys_acct+0xe1/0x9d0
[  425.776711][T11243]  ? ksys_write+0x248/0x270
[  425.776738][T11243]  ? __pfx___se_sys_acct+0x10/0x10
[  425.776766][T11243]  do_syscall_64+0x14d/0xf80
[  425.776783][T11243]  ? trace_irq_disable+0x3b/0x150
[  425.776802][T11243]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  425.776818][T11243]  ? clear_bhb_loop+0x40/0x90
[  425.776838][T11243]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  425.776853][T11243] RIP: 0033:0x7f6e341bc819
[  425.776868][T11243] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  425.776882][T11243] RSP: 002b:00007f6e3240e028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a3
[  425.776906][T11243] RAX: ffffffffffffffda RBX: 00007f6e34435fa0 RCX: 00007f6e341bc819
[  425.776917][T11243] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00002000000001c0
[  425.776927][T11243] RBP: 00007f6e3240e090 R08: 0000000000000000 R09: 0000000000000000
[  425.776937][T11243] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  425.776946][T11243] R13: 00007f6e34436038 R14: 00007f6e34435fa0 R15: 00007ffd6c1ed618
[  425.776970][T11243]  </TASK>
[  426.086894][T11247] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  426.087436][T11247] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  426.488883][    T9] usb 6-1: new low-speed USB device number 35 using dummy_hcd
[  426.642822][    T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  426.642867][    T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1024, setting to 8
[  426.642894][    T9] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  426.642936][    T9] usb 6-1: New USB device found, idVendor=056e, idProduct=00fc, bcdDevice= 0.00
[  426.642959][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  426.648333][    T9] usb 6-1: config 0 descriptor??
[  426.697397][T11251] raw-gadget.2 gadget.5: fail, usb_ep_enable returned -22
[  427.001292][T11275] overlayfs: failed to resolve './file1': -2
[  427.139651][    T9] elecom 0003:056E:00FC.0006: unknown main item tag 0x3
[  427.139690][    T9] elecom 0003:056E:00FC.0006: unknown global tag 0xe
[  427.139706][    T9] elecom 0003:056E:00FC.0006: item 0 1 1 14 parsing failed
[  427.140579][    T9] elecom 0003:056E:00FC.0006: probe with driver elecom failed with error -22
[  427.261202][T11284] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  427.349316][T11251] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1859'.
[  427.351090][ T5883] usb 6-1: USB disconnect, device number 35
[  427.585017][T11299] overlay: Unknown parameter 'dont_measure'
[  428.136261][T11325] FAULT_INJECTION: forcing a failure.
[  428.136261][T11325] name failslab, interval 1, probability 0, space 0, times 0
[  428.136300][T11325] CPU: 1 UID: 0 PID: 11325 Comm: syz.3.1890 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  428.136331][T11325] Tainted: [L]=SOFTLOCKUP
[  428.136339][T11325] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  428.136352][T11325] Call Trace:
[  428.136361][T11325]  <TASK>
[  428.136370][T11325]  dump_stack_lvl+0xe8/0x150
[  428.136408][T11325]  should_fail_ex+0x46b/0x600
[  428.136443][T11325]  should_failslab+0xa8/0x100
[  428.136468][T11325]  kmem_cache_alloc_node_noprof+0x8f/0x6e0
[  428.136503][T11325]  ? __alloc_skb+0x1d0/0x7d0
[  428.136527][T11325]  ? lockdep_hardirqs_on+0x7a/0x110
[  428.136565][T11325]  __alloc_skb+0x1d0/0x7d0
[  428.136590][T11325]  netlink_sendmsg+0x5d4/0xb40
[  428.136635][T11325]  ? __pfx_netlink_sendmsg+0x10/0x10
[  428.136676][T11325]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  428.136714][T11325]  ____sys_sendmsg+0x94c/0x9c0
[  428.136745][T11325]  ? __pfx_____sys_sendmsg+0x10/0x10
[  428.136779][T11325]  ? import_iovec+0x73/0xa0
[  428.136816][T11325]  ___sys_sendmsg+0x2a5/0x360
[  428.136847][T11325]  ? __pfx____sys_sendmsg+0x10/0x10
[  428.136908][T11325]  ? __fget_files+0x2a/0x420
[  428.136936][T11325]  ? __fget_files+0x3a6/0x420
[  428.136975][T11325]  __x64_sys_sendmsg+0x1c3/0x2a0
[  428.137004][T11325]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  428.137039][T11325]  ? __pfx_ksys_write+0x10/0x10
[  428.137085][T11325]  do_syscall_64+0x14d/0xf80
[  428.137107][T11325]  ? trace_irq_disable+0x3b/0x150
[  428.137133][T11325]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  428.137155][T11325]  ? clear_bhb_loop+0x40/0x90
[  428.137182][T11325]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  428.137204][T11325] RIP: 0033:0x7f6e341bc819
[  428.137224][T11325] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  428.137243][T11325] RSP: 002b:00007f6e3240e028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  428.137266][T11325] RAX: ffffffffffffffda RBX: 00007f6e34435fa0 RCX: 00007f6e341bc819
[  428.137281][T11325] RDX: 0000000020040800 RSI: 0000200000000580 RDI: 0000000000000006
[  428.137295][T11325] RBP: 00007f6e3240e090 R08: 0000000000000000 R09: 0000000000000000
[  428.137309][T11325] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  428.137321][T11325] R13: 00007f6e34436038 R14: 00007f6e34435fa0 R15: 00007ffd6c1ed618
[  428.137355][T11325]  </TASK>
[  428.864783][T11344] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1899'.
[  428.864814][T11344] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1899'.
[  428.864844][T11344] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1899'.
[  429.694702][T11364] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  429.695245][T11364] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  429.748264][T11364] 8021q: VLANs not supported on vcan0
[  429.918807][ T5868] usb 6-1: new high-speed USB device number 36 using dummy_hcd
[  429.949596][T11373] FAULT_INJECTION: forcing a failure.
[  429.949596][T11373] name failslab, interval 1, probability 0, space 0, times 0
[  429.949634][T11373] CPU: 0 UID: 0 PID: 11373 Comm: syz.4.1911 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  429.949663][T11373] Tainted: [L]=SOFTLOCKUP
[  429.949670][T11373] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  429.949683][T11373] Call Trace:
[  429.949691][T11373]  <TASK>
[  429.949701][T11373]  dump_stack_lvl+0xe8/0x150
[  429.949740][T11373]  should_fail_ex+0x46b/0x600
[  429.949776][T11373]  should_failslab+0xa8/0x100
[  429.949801][T11373]  __kmalloc_noprof+0xdf/0x7b0
[  429.949823][T11373]  ? tomoyo_encode+0x28b/0x550
[  429.949857][T11373]  tomoyo_encode+0x28b/0x550
[  429.949891][T11373]  tomoyo_realpath_from_path+0x58d/0x5d0
[  429.949932][T11373]  ? tomoyo_path_number_perm+0x219/0x630
[  429.949955][T11373]  tomoyo_path_number_perm+0x246/0x630
[  429.949981][T11373]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  429.950008][T11373]  ? __lock_acquire+0x6b5/0x2cf0
[  429.950067][T11373]  ? __fget_files+0x2a/0x420
[  429.950099][T11373]  ? __fget_files+0x2a/0x420
[  429.950126][T11373]  ? __fget_files+0x3a6/0x420
[  429.950155][T11373]  ? __fget_files+0x2a/0x420
[  429.950188][T11373]  security_file_ioctl+0xc3/0x2a0
[  429.950215][T11373]  __se_sys_ioctl+0x47/0x170
[  429.950239][T11373]  do_syscall_64+0x14d/0xf80
[  429.950262][T11373]  ? trace_irq_disable+0x3b/0x150
[  429.950289][T11373]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  429.950311][T11373]  ? clear_bhb_loop+0x40/0x90
[  429.950339][T11373]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  429.950362][T11373] RIP: 0033:0x7fdfcfb0c819
[  429.950389][T11373] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  429.950407][T11373] RSP: 002b:00007fdfcdd5e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  429.950431][T11373] RAX: ffffffffffffffda RBX: 00007fdfcfd85fa0 RCX: 00007fdfcfb0c819
[  429.950448][T11373] RDX: 0000200000000240 RSI: 0000000000005412 RDI: 0000000000000003
[  429.950463][T11373] RBP: 00007fdfcdd5e090 R08: 0000000000000000 R09: 0000000000000000
[  429.950477][T11373] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  429.950490][T11373] R13: 00007fdfcfd86038 R14: 00007fdfcfd85fa0 R15: 00007fffbe88c598
[  429.950526][T11373]  </TASK>
[  429.950547][T11373] ERROR: Out of memory at tomoyo_realpath_from_path.
[  430.128746][ T5868] usb 6-1: Using ep0 maxpacket: 8
[  430.215264][ T5868] usb 6-1: config 1 interface 0 altsetting 6 bulk endpoint 0x82 has invalid maxpacket 64
[  430.215299][ T5868] usb 6-1: config 1 interface 0 altsetting 6 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  430.215328][ T5868] usb 6-1: config 1 interface 0 has no altsetting 0
[  430.258102][ T5868] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  430.258133][ T5868] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  430.258154][ T5868] usb 6-1: Product: ᐄ
[  430.258169][ T5868] usb 6-1: Manufacturer: п
[  430.258184][ T5868] usb 6-1: SerialNumber: Я
[  430.299411][T11362] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[  430.299544][T11362] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[  430.515790][ T5868] cdc_ether 6-1:1.0: probe with driver cdc_ether failed with error -22
[  430.558943][T11381] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1915'.
[  430.559463][ T5868] usb 6-1: USB disconnect, device number 36
[  431.369028][T11390] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1916'.
[  431.370113][T11390] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1916'.
[  433.363692][T11399] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1917'.
[  433.363718][T11399] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1917'.
[  433.728765][  T809] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  433.894773][  T809] usb 5-1: config 0 has an invalid interface number: 69 but max is 0
[  433.894804][  T809] usb 5-1: config 0 has an invalid descriptor of length 238, skipping remainder of the config
[  433.894826][  T809] usb 5-1: config 0 has no interface number 0
[  433.894873][  T809] usb 5-1: config 0 interface 69 altsetting 0 endpoint 0x8 has invalid maxpacket 3791, setting to 1024
[  433.894900][  T809] usb 5-1: config 0 interface 69 altsetting 0 bulk endpoint 0x8 has invalid maxpacket 1024
[  433.894925][  T809] usb 5-1: config 0 interface 69 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  433.983325][  T809] usb 5-1: New USB device found, idVendor=0c4b, idProduct=0100, bcdDevice=d7.ca
[  433.983359][  T809] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  433.983381][  T809] usb 5-1: Product: syz
[  433.983396][  T809] usb 5-1: Manufacturer: syz
[  433.983412][  T809] usb 5-1: SerialNumber: syz
[  434.028999][  T809] usb 5-1: config 0 descriptor??
[  434.029908][T11403] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22
[  434.033420][  T809] cyberjack 5-1:0.69: Reiner SCT Cyberjack USB card reader converter detected
[  434.035723][  T809] cyberjack ttyUSB0: usb_submit_urb(read int) failed
[  434.068257][  T809] usb 5-1: Reiner SCT Cyberjack USB card reader converter now attached to ttyUSB0
[  436.562181][  T809] usb 5-1: USB disconnect, device number 20
[  436.670313][  T809] cyberjack ttyUSB0: Reiner SCT Cyberjack USB card reader converter now disconnected from ttyUSB0
[  436.671290][  T809] cyberjack 5-1:0.69: device disconnected
[  436.795284][T11490] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  436.829315][T11490] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1952'.
[  436.831323][T11490] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1952'.
[  437.088830][ T5883] usb 3-1: new high-speed USB device number 29 using dummy_hcd
[  437.379560][ T5883] usb 3-1: Using ep0 maxpacket: 16
[  437.386081][ T5883] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 253, changing to 7
[  437.525413][T11503] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  437.780846][ T5883] usb 3-1: New USB device found, idVendor=0b05, idProduct=17a0, bcdDevice= 0.40
[  437.780880][ T5883] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  437.780901][ T5883] usb 3-1: Product: syz
[  437.780916][ T5883] usb 3-1: Manufacturer: syz
[  437.780932][ T5883] usb 3-1: SerialNumber: syz
[  438.068223][T11509] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  438.088751][T11509] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  438.118269][ T5883] usb 3-1: 1:1 : bogus bTerminalLink 2
[  438.246060][ T5883] usb 3-1: USB disconnect, device number 29
[  438.357949][ T6373] udevd[6373]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  438.508808][  T809] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  438.538942][T11524] IPVS: sync thread started: state = MASTER, mcast_ifn = bridge_slave_0, syncid = 0, id = 0
[  438.939228][  T809] usb 5-1: Using ep0 maxpacket: 32
[  439.097983][  T809] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0
[  439.098087][  T809] usb 5-1: config 0 interface 0 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 0
[  439.098184][  T809] usb 5-1: config 0 interface 0 has no altsetting 0
[  439.365887][  T809] usb 5-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[  439.365920][  T809] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  439.365941][  T809] usb 5-1: Product: syz
[  439.365956][  T809] usb 5-1: Manufacturer: syz
[  439.365971][  T809] usb 5-1: SerialNumber: syz
[  439.424272][  T809] usb 5-1: config 0 descriptor??
[  439.867580][  T809] gs_usb 5-1:0.0: Couldn't get device config: (err=-121)
[  439.867631][  T809] gs_usb 5-1:0.0: probe with driver gs_usb failed with error -121
[  440.429921][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[  440.430005][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[  441.964127][ T5975] usb 5-1: USB disconnect, device number 21
[  443.078804][ T5975] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  444.069260][ T5975] usb 5-1: config 0 has an invalid interface number: 120 but max is 0
[  444.071652][ T5975] usb 5-1: config 0 has no interface number 0
[  444.071704][ T5975] usb 5-1: config 0 interface 120 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  444.071750][ T5975] usb 5-1: New USB device found, idVendor=16e3, idProduct=f9e9, bcdDevice= 0.58
[  444.071773][ T5975] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  444.083719][ T5975] usb 5-1: config 0 descriptor??
[  444.159822][ T5975] input: USB Touchscreen 16e3:f9e9 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.120/input/input13
[  444.477240][  T808] usb 5-1: USB disconnect, device number 22
[  444.998653][T11603] FAULT_INJECTION: forcing a failure.
[  444.998653][T11603] name failslab, interval 1, probability 0, space 0, times 0
[  444.998693][T11603] CPU: 1 UID: 0 PID: 11603 Comm: syz.2.1992 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  444.998727][T11603] Tainted: [L]=SOFTLOCKUP
[  444.998734][T11603] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  444.998748][T11603] Call Trace:
[  444.998757][T11603]  <TASK>
[  444.998767][T11603]  dump_stack_lvl+0xe8/0x150
[  444.998806][T11603]  should_fail_ex+0x46b/0x600
[  444.998844][T11603]  should_failslab+0xa8/0x100
[  444.998871][T11603]  __kmalloc_noprof+0xdf/0x7b0
[  444.998891][T11603]  ? __kmalloc_cache_noprof+0x3a6/0x690
[  444.998914][T11603]  ? alloc_pipe_info+0x1fc/0x4d0
[  444.998934][T11603]  ? alloc_pipe_info+0xe8/0x4d0
[  444.998960][T11603]  alloc_pipe_info+0x1fc/0x4d0
[  444.998986][T11603]  splice_direct_to_actor+0xa19/0xc80
[  444.999030][T11603]  ? __pfx_direct_splice_actor+0x10/0x10
[  444.999063][T11603]  ? get_pid_task+0x20/0x1f0
[  444.999091][T11603]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  444.999121][T11603]  ? __lock_acquire+0x6b5/0x2cf0
[  444.999154][T11603]  do_splice_direct+0x19b/0x2a0
[  444.999188][T11603]  ? __pfx_do_splice_direct+0x10/0x10
[  444.999220][T11603]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  444.999261][T11603]  ? rw_verify_area+0x25b/0x4e0
[  444.999301][T11603]  do_sendfile+0x547/0x7e0
[  444.999328][T11603]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  444.999362][T11603]  ? __pfx_do_sendfile+0x10/0x10
[  444.999403][T11603]  __se_sys_sendfile64+0x144/0x1a0
[  444.999440][T11603]  ? __pfx___se_sys_sendfile64+0x10/0x10
[  444.999479][T11603]  do_syscall_64+0x14d/0xf80
[  444.999504][T11603]  ? trace_irq_disable+0x3b/0x150
[  444.999531][T11603]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  444.999555][T11603]  ? clear_bhb_loop+0x40/0x90
[  444.999584][T11603]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  444.999606][T11603] RIP: 0033:0x7f7bfe6ac819
[  444.999628][T11603] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  444.999647][T11603] RSP: 002b:00007f7bfc8bc028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  444.999670][T11603] RAX: ffffffffffffffda RBX: 00007f7bfe926180 RCX: 00007f7bfe6ac819
[  444.999686][T11603] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 0000000000000004
[  444.999699][T11603] RBP: 00007f7bfc8bc090 R08: 0000000000000000 R09: 0000000000000000
[  444.999714][T11603] R10: 000000000000106f R11: 0000000000000246 R12: 0000000000000001
[  444.999728][T11603] R13: 00007f7bfe926218 R14: 00007f7bfe926180 R15: 00007ffeb6fcd368
[  444.999763][T11603]  </TASK>
[  448.028958][T11628] FAULT_INJECTION: forcing a failure.
[  448.028958][T11628] name failslab, interval 1, probability 0, space 0, times 0
[  448.028987][T11628] CPU: 0 UID: 0 PID: 11628 Comm: syz.5.1998 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  448.029009][T11628] Tainted: [L]=SOFTLOCKUP
[  448.029015][T11628] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  448.029025][T11628] Call Trace:
[  448.029030][T11628]  <TASK>
[  448.029037][T11628]  dump_stack_lvl+0xe8/0x150
[  448.029066][T11628]  should_fail_ex+0x46b/0x600
[  448.029091][T11628]  should_failslab+0xa8/0x100
[  448.029109][T11628]  kmem_cache_alloc_node_noprof+0x8f/0x6e0
[  448.029133][T11628]  ? __alloc_skb+0x1d0/0x7d0
[  448.029146][T11628]  ? lockdep_hardirqs_on+0x7a/0x110
[  448.029167][T11628]  __alloc_skb+0x1d0/0x7d0
[  448.029184][T11628]  alloc_skb_with_frags+0xca/0x890
[  448.029200][T11628]  ? __lock_acquire+0x6b5/0x2cf0
[  448.029220][T11628]  ? __lock_acquire+0x6b5/0x2cf0
[  448.029236][T11628]  sock_alloc_send_pskb+0x884/0x9a0
[  448.029276][T11628]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  448.029300][T11628]  ? smack_socket_getpeersec_dgram+0x320/0x430
[  448.029327][T11628]  unix_dgram_sendmsg+0x460/0x18e0
[  448.029348][T11628]  ? __pfx_smack_socket_sendmsg+0x10/0x10
[  448.029376][T11628]  ? __lock_acquire+0x6b5/0x2cf0
[  448.029392][T11628]  ? __pfx_unix_dgram_sendmsg+0x10/0x10
[  448.029407][T11628]  ? tomoyo_socket_sendmsg_permission+0x1e0/0x300
[  448.029431][T11628]  ? __kernel_text_address+0xd/0x30
[  448.029450][T11628]  ? unwind_get_return_address+0x4d/0x90
[  448.029468][T11628]  ? unix_seqpacket_sendmsg+0x111/0x1e0
[  448.029487][T11628]  ____sys_sendmsg+0x94c/0x9c0
[  448.029510][T11628]  ? __pfx_____sys_sendmsg+0x10/0x10
[  448.029536][T11628]  ? import_iovec+0x73/0xa0
[  448.029563][T11628]  ___sys_sendmsg+0x2a5/0x360
[  448.029584][T11628]  ? __pfx____sys_sendmsg+0x10/0x10
[  448.029627][T11628]  ? __fget_files+0x2a/0x420
[  448.029646][T11628]  ? __fget_files+0x3a6/0x420
[  448.029674][T11628]  __x64_sys_sendmsg+0x1c3/0x2a0
[  448.029693][T11628]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  448.029718][T11628]  ? __pfx_ksys_write+0x10/0x10
[  448.029750][T11628]  do_syscall_64+0x14d/0xf80
[  448.029766][T11628]  ? trace_irq_disable+0x3b/0x150
[  448.029785][T11628]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  448.029800][T11628]  ? clear_bhb_loop+0x40/0x90
[  448.029819][T11628]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  448.029834][T11628] RIP: 0033:0x7f10b171c819
[  448.029849][T11628] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  448.029862][T11628] RSP: 002b:00007f10af96e028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  448.029878][T11628] RAX: ffffffffffffffda RBX: 00007f10b1995fa0 RCX: 00007f10b171c819
[  448.029889][T11628] RDX: 0000000000000000 RSI: 00002000000006c0 RDI: 0000000000000006
[  448.029898][T11628] RBP: 00007f10af96e090 R08: 0000000000000000 R09: 0000000000000000
[  448.029907][T11628] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  448.029916][T11628] R13: 00007f10b1996038 R14: 00007f10b1995fa0 R15: 00007ffd1ad0f478
[  448.029940][T11628]  </TASK>
[  448.768858][  T808] usb 6-1: new high-speed USB device number 37 using dummy_hcd
[  448.919784][  T808] usb 6-1: too many configurations: 16, using maximum allowed: 8
[  448.921570][  T808] usb 6-1: config index 0 descriptor too short (expected 9, got 0)
[  448.921596][  T808] usb 6-1: can't read configurations, error -22
[  449.049150][  T808] usb 6-1: new high-speed USB device number 38 using dummy_hcd
[  449.178923][T11646] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  449.201686][  T808] usb 6-1: too many configurations: 16, using maximum allowed: 8
[  449.204721][  T808] usb 6-1: config index 0 descriptor too short (expected 9, got 0)
[  449.204816][  T808] usb 6-1: can't read configurations, error -22
[  449.263929][  T808] usb usb6-port1: attempt power cycle
[  449.618859][  T808] usb 6-1: new high-speed USB device number 39 using dummy_hcd
[  449.641380][  T808] usb 6-1: too many configurations: 16, using maximum allowed: 8
[  449.643202][  T808] usb 6-1: config index 0 descriptor too short (expected 9, got 0)
[  449.643239][  T808] usb 6-1: can't read configurations, error -22
[  449.768870][  T808] usb 6-1: new high-speed USB device number 40 using dummy_hcd
[  449.801204][  T808] usb 6-1: too many configurations: 16, using maximum allowed: 8
[  449.816879][  T808] usb 6-1: config index 0 descriptor too short (expected 9, got 0)
[  449.816917][  T808] usb 6-1: can't read configurations, error -22
[  449.817410][  T808] usb usb6-port1: unable to enumerate USB device
[  450.129422][T11667] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2017'.
[  450.129455][T11667] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2017'.
[  450.200269][T11667] bond1: up delay (10) is not a multiple of miimon (7), value rounded to 7 ms
[  450.234047][T11667] bond1 (unregistering): Released all slaves
[  453.298941][    T9] usb 6-1: new high-speed USB device number 41 using dummy_hcd
[  453.367575][T11716] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  453.368127][T11716] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  453.430520][T11716] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  453.431066][T11716] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  453.431776][T11717] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  453.432312][T11717] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  453.492348][    T9] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x31, changing to 0x1
[  453.492384][    T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid maxpacket 13364, setting to 64
[  453.492430][    T9] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[  453.492455][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  453.497871][    T9] usb 6-1: config 0 descriptor??
[  453.678820][  T808] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  453.723456][    T9] ath6kl: Failed to submit usb control message: -71
[  453.723516][    T9] ath6kl: unable to send the bmi data to the device: -71
[  453.723528][    T9] ath6kl: Unable to send get target info: -71
[  453.727495][    T9] ath6kl: Failed to init ath6kl core: -71
[  453.730444][    T9] ath6kl_usb 6-1:0.0: probe with driver ath6kl_usb failed with error -71
[  453.855116][    T9] usb 6-1: USB disconnect, device number 41
[  453.859290][  T808] usb 5-1: device descriptor read/64, error -71
[  454.098838][  T808] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  454.229386][  T808] usb 5-1: device descriptor read/64, error -71
[  454.275989][T11730] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  454.286727][T11730] FAULT_INJECTION: forcing a failure.
[  454.286727][T11730] name failslab, interval 1, probability 0, space 0, times 0
[  454.286755][T11730] CPU: 0 UID: 0 PID: 11730 Comm: syz.2.2039 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  454.286777][T11730] Tainted: [L]=SOFTLOCKUP
[  454.286790][T11730] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  454.286800][T11730] Call Trace:
[  454.286806][T11730]  <TASK>
[  454.286813][T11730]  dump_stack_lvl+0xe8/0x150
[  454.286841][T11730]  should_fail_ex+0x46b/0x600
[  454.286867][T11730]  should_failslab+0xa8/0x100
[  454.286886][T11730]  __kmalloc_noprof+0xdf/0x7b0
[  454.286901][T11730]  ? tomoyo_encode+0x28b/0x550
[  454.286924][T11730]  tomoyo_encode+0x28b/0x550
[  454.286948][T11730]  tomoyo_realpath_from_path+0x58d/0x5d0
[  454.286977][T11730]  ? tomoyo_path_number_perm+0x219/0x630
[  454.286994][T11730]  tomoyo_path_number_perm+0x246/0x630
[  454.287013][T11730]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  454.287034][T11730]  ? __lock_acquire+0x6b5/0x2cf0
[  454.287076][T11730]  ? __fget_files+0x2a/0x420
[  454.287099][T11730]  ? __fget_files+0x2a/0x420
[  454.287119][T11730]  ? __fget_files+0x3a6/0x420
[  454.287139][T11730]  ? __fget_files+0x2a/0x420
[  454.287163][T11730]  security_file_ioctl+0xc3/0x2a0
[  454.287183][T11730]  __se_sys_ioctl+0x47/0x170
[  454.287201][T11730]  do_syscall_64+0x14d/0xf80
[  454.287219][T11730]  ? trace_irq_disable+0x3b/0x150
[  454.287239][T11730]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  454.287256][T11730]  ? clear_bhb_loop+0x40/0x90
[  454.287276][T11730]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  454.287292][T11730] RIP: 0033:0x7f7bfe6ac819
[  454.287307][T11730] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  454.287321][T11730] RSP: 002b:00007f7bfc8fe028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  454.287338][T11730] RAX: ffffffffffffffda RBX: 00007f7bfe925fa0 RCX: 00007f7bfe6ac819
[  454.287351][T11730] RDX: 0000200000000780 RSI: 0000000000003b80 RDI: 0000000000000003
[  454.287361][T11730] RBP: 00007f7bfc8fe090 R08: 0000000000000000 R09: 0000000000000000
[  454.287372][T11730] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  454.287381][T11730] R13: 00007f7bfe926038 R14: 00007f7bfe925fa0 R15: 00007ffeb6fcd368
[  454.287406][T11730]  </TASK>
[  454.287421][T11730] ERROR: Out of memory at tomoyo_realpath_from_path.
[  454.345538][  T808] usb usb5-port1: attempt power cycle
[  454.698872][  T808] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  454.721556][  T808] usb 5-1: device descriptor read/8, error -71
[  454.760544][T11735] usb usb7: usbfs: process 11735 (syz.5.2040) did not claim interface 0 before use
[  454.960229][  T808] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  454.979769][  T808] usb 5-1: device descriptor read/8, error -71
[  455.089318][  T808] usb usb5-port1: unable to enumerate USB device
[  455.979775][ T5990] usb 6-1: new high-speed USB device number 42 using dummy_hcd
[  456.138832][ T5990] usb 6-1: Using ep0 maxpacket: 32
[  456.141260][ T5990] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0
[  456.141291][ T5990] usb 6-1: config 0 interface 0 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 0
[  456.141317][ T5990] usb 6-1: config 0 interface 0 has no altsetting 0
[  456.146157][ T5990] usb 6-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[  456.146187][ T5990] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  456.146209][ T5990] usb 6-1: Product: syz
[  456.146226][ T5990] usb 6-1: Manufacturer: syz
[  456.146247][ T5990] usb 6-1: SerialNumber: syz
[  456.227711][ T5990] usb 6-1: config 0 descriptor??
[  456.700025][ T5990] gs_usb 6-1:0.0: Configuring for 1 interfaces
[  456.902196][ T5990] gs_usb 6-1:0.0: Couldn't get bit timing const for channel 0 (-EPIPE)
[  456.902651][ T5990] gs_usb 6-1:0.0: probe with driver gs_usb failed with error -32
[  457.924489][T11776] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2
[  458.271580][T11801] tmpfs: Bad value for 'mpol'
[  458.338876][   T37] INFO: task kworker/0:4:5879 blocked for more than 143 seconds.
[  458.338907][   T37]       Tainted: G             L      syzkaller #0
[  458.338921][   T37] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  458.338934][   T37] task:kworker/0:4     state:D stack:21544 pid:5879  tgid:5879  ppid:2      task_flags:0x4208060 flags:0x00080000
[  458.338998][   T37] Workqueue: usb_hub_wq hub_event
[  458.339039][   T37] Call Trace:
[  458.339048][   T37]  <TASK>
[  458.339063][   T37]  __schedule+0x1553/0x5240
[  458.339094][   T37]  ? __lock_acquire+0x6b5/0x2cf0
[  458.339125][   T37]  ? __lock_acquire+0x6b5/0x2cf0
[  458.339162][   T37]  ? __pfx___schedule+0x10/0x10
[  458.339196][   T37]  ? schedule+0x90/0x360
[  458.339223][   T37]  schedule+0x164/0x360
[  458.339249][   T37]  schedule_timeout+0xc3/0x2c0
[  458.339290][   T37]  ? __pfx_schedule_timeout+0x10/0x10
[  458.339329][   T37]  ? do_raw_spin_lock+0x12b/0x2f0
[  458.339373][   T37]  ? _raw_spin_unlock_irq+0x23/0x50
[  458.339397][   T37]  ? wait_for_completion+0x274/0x5e0
[  458.339493][   T37]  wait_for_completion+0x2cc/0x5e0
[  458.339533][   T37]  ? __pfx_wait_for_completion+0x10/0x10
[  458.339574][   T37]  i2c_del_adapter+0x5c0/0x790
[  458.339623][   T37]  ? __pfx_i2c_del_adapter+0x10/0x10
[  458.339659][   T37]  ? kfree+0x4d/0x6c0
[  458.339702][   T37]  dvb_usb_i2c_exit+0x64/0xb0
[  458.339732][   T37]  dvb_usb_device_exit+0x1cb/0x360
[  458.339762][   T37]  ? __pfx_dvb_usb_device_exit+0x10/0x10
[  458.339798][   T37]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  458.339844][   T37]  cxusb_probe+0x60f/0x710
[  458.339879][   T37]  ? __pfx_cxusb_probe+0x10/0x10
[  458.339910][   T37]  ? __pm_runtime_set_status+0x99c/0xc70
[  458.339952][   T37]  usb_probe_interface+0x668/0xc90
[  458.339996][   T37]  ? __pfx_usb_probe_interface+0x10/0x10
[  458.340027][   T37]  really_probe+0x267/0xaf0
[  458.340069][   T37]  __driver_probe_device+0x18c/0x320
[  458.340105][   T37]  driver_probe_device+0x4f/0x240
[  458.340142][   T37]  __device_attach_driver+0x279/0x430
[  458.340181][   T37]  bus_for_each_drv+0x25b/0x2f0
[  458.340206][   T37]  ? __pfx___device_attach_driver+0x10/0x10
[  458.340255][   T37]  ? __pfx_bus_for_each_drv+0x10/0x10
[  458.340280][   T37]  ? rt_spin_unlock+0x160/0x200
[  458.340321][   T37]  __device_attach+0x2c8/0x450
[  458.340355][   T37]  ? __pfx___device_attach+0x10/0x10
[  458.340388][   T37]  ? rt_spin_unlock+0x160/0x200
[  458.340429][   T37]  device_initial_probe+0xa1/0xd0
[  458.340463][   T37]  bus_probe_device+0x12d/0x220
[  458.340486][   T37]  ? device_add+0x726/0xb80
[  458.340695][   T37]  device_add+0x7b6/0xb80
[  458.340731][   T37]  usb_set_configuration+0x1a87/0x2110
[  458.340792][   T37]  usb_generic_driver_probe+0x8d/0x150
[  458.340833][   T37]  usb_probe_device+0x1c4/0x3b0
[  458.340869][   T37]  ? __pfx_usb_probe_device+0x10/0x10
[  458.340899][   T37]  really_probe+0x267/0xaf0
[  458.340938][   T37]  __driver_probe_device+0x18c/0x320
[  458.340973][   T37]  driver_probe_device+0x4f/0x240
[  458.341011][   T37]  __device_attach_driver+0x279/0x430
[  458.341051][   T37]  bus_for_each_drv+0x25b/0x2f0
[  458.341077][   T37]  ? __pfx___device_attach_driver+0x10/0x10
[  458.341109][   T37]  ? __pfx_bus_for_each_drv+0x10/0x10
[  458.341133][   T37]  ? rt_spin_unlock+0x160/0x200
[  458.341176][   T37]  __device_attach+0x2c8/0x450
[  458.341210][   T37]  ? __pfx___device_attach+0x10/0x10
[  458.341242][   T37]  ? rt_spin_unlock+0x160/0x200
[  458.341283][   T37]  device_initial_probe+0xa1/0xd0
[  458.341318][   T37]  bus_probe_device+0x12d/0x220
[  458.341341][   T37]  ? device_add+0x726/0xb80
[  458.341371][   T37]  device_add+0x7b6/0xb80
[  458.341405][   T37]  usb_new_device+0x9f8/0x16e0
[  458.341443][   T37]  ? __pfx_usb_new_device+0x10/0x10
[  458.341545][   T37]  hub_event+0x2a49/0x4f60
[  458.341629][   T37]  ? __pfx_hub_event+0x10/0x10
[  458.341669][   T37]  ? process_scheduled_works+0xa8d/0x18c0
[  458.341858][   T37]  ? process_scheduled_works+0xa8d/0x18c0
[  458.341895][   T37]  process_scheduled_works+0xb6e/0x18c0
[  458.341962][   T37]  ? __pfx_process_scheduled_works+0x10/0x10
[  458.342003][   T37]  ? assign_work+0x3d5/0x5e0
[  458.342042][   T37]  worker_thread+0xa53/0xfc0
[  458.342104][   T37]  kthread+0x388/0x470
[  458.342131][   T37]  ? __pfx_worker_thread+0x10/0x10
[  458.342163][   T37]  ? __pfx_kthread+0x10/0x10
[  458.342190][   T37]  ret_from_fork+0x51e/0xb90
[  458.342229][   T37]  ? __pfx_ret_from_fork+0x10/0x10
[  458.342261][   T37]  ? __switch_to+0xc7d/0x1450
[  458.342294][   T37]  ? __pfx_kthread+0x10/0x10
[  458.342321][   T37]  ret_from_fork_asm+0x1a/0x30
[  458.342362][   T37]  </TASK>
[  458.342422][   T37] 
[  458.342422][   T37] Showing all locks held in the system:
[  458.342433][   T37] 4 locks held by kworker/u8:1/13:
[  458.342450][   T37] 1 lock held by khungtaskd/37:
[  458.342463][   T37]  #0: ffffffff8ddcb9c0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[  458.342549][   T37] 2 locks held by getty/5553:
[  458.342562][   T37]  #0: ffff8880374f70a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  458.342626][   T37]  #1: ffffc90003e8b2e0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x462/0x13c0
[  458.342686][   T37] 5 locks held by kworker/0:4/5879:
[  458.342699][   T37]  #0: ffff8880216a7538 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_scheduled_works+0xa52/0x18c0
[  458.342764][   T37]  #1: ffffc900054ffc40 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_scheduled_works+0xa8d/0x18c0
[  458.344057][   T37]  #2: ffff88802a3c2210 (&dev->mutex){....}-{4:4}, at: hub_event+0x17c/0x4f60
[  458.344123][   T37]  #3: ffff888026096210 (&dev->mutex){....}-{4:4}, at: __device_attach+0x88/0x450
[  458.344184][   T37]  #4: ffff888038e3e1d8 (&dev->mutex){....}-{4:4}, at: __device_attach+0x88/0x450
[  458.344248][   T37] 4 locks held by udevd/5993:
[  458.344261][   T37]  #0: ffff8880396053d8 (&p->lock){+.+.}-{4:4}, at: seq_read_iter+0xb8/0xe20
[  458.344316][   T37]  #1: ffff888060ea6c78 (&of->mutex#2){+.+.}-{4:4}, at: kernfs_seq_start+0x5c/0x420
[  458.344377][   T37]  #2: ffff88805f2f2008 (kn->active#24){.+.+}-{0:0}, at: kernfs_seq_start+0xb2/0x420
[  458.344435][   T37]  #3: ffff888026096210 (&dev->mutex){....}-{4:4}, at: manufacturer_show+0x26/0xa0
[  458.344496][   T37] 3 locks held by kworker/u8:18/10098:
[  458.344510][   T37]  #0: ffff88801aac5938 ((wq_completion)pm){+.+.}-{0:0}, at: process_scheduled_works+0xa52/0x18c0
[  458.344574][   T37]  #1: ffffc9001de47c40 ((work_completion)(&hcd->wakeup_work)){+.+.}-{0:0}, at: process_scheduled_works+0xa8d/0x18c0
[  458.344637][   T37]  #2: ffff88802a3a0210 (&dev->mutex){....}-{4:4}, at: usb_remote_wakeup+0x23/0x120
[  458.344696][   T37] 1 lock held by syz.4.2064/11792:
[  458.344709][   T37]  #0: ffff88806d2ea358 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_setsockopt+0x5a0/0x1510
[  458.344778][   T37] 3 locks held by syz.3.2065/11796:
[  458.344793][   T37] 1 lock held by syz.3.2065/11799:
[  458.344806][   T37]  #0: ffffffff8dc82838 (sched_core_mutex){+.+.}-{4:4}, at: sched_core_get+0x52/0x170
[  458.344991][   T37] 
[  458.344998][   T37] =============================================
[  458.344998][   T37] 
[  458.345017][   T37] NMI backtrace for cpu 1
[  458.345036][   T37] CPU: 1 UID: 0 PID: 37 Comm: khungtaskd Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  458.345066][   T37] Tainted: [L]=SOFTLOCKUP
[  458.345075][   T37] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  458.345093][   T37] Call Trace:
[  458.345104][   T37]  <TASK>
[  458.345113][   T37]  dump_stack_lvl+0xe8/0x150
[  458.345150][   T37]  nmi_cpu_backtrace+0x274/0x2d0
[  458.345182][   T37]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  458.345218][   T37]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[  458.345254][   T37]  sys_info+0x135/0x170
[  458.345282][   T37]  watchdog+0xfd9/0x1030
[  458.345318][   T37]  ? watchdog+0x21a/0x1030
[  458.345355][   T37]  kthread+0x388/0x470
[  458.345380][   T37]  ? __pfx_watchdog+0x10/0x10
[  458.345406][   T37]  ? __pfx_kthread+0x10/0x10
[  458.345433][   T37]  ret_from_fork+0x51e/0xb90
[  458.345468][   T37]  ? __pfx_ret_from_fork+0x10/0x10
[  458.345501][   T37]  ? __switch_to+0xc7d/0x1450
[  458.345533][   T37]  ? __pfx_kthread+0x10/0x10
[  458.345559][   T37]  ret_from_fork_asm+0x1a/0x30
[  458.345598][   T37]  </TASK>
[  458.345621][   T37] Sending NMI from CPU 1 to CPUs 0:
[  458.345648][    C0] NMI backtrace for cpu 0
[  458.345666][    C0] CPU: 0 UID: 0 PID: 11796 Comm: syz.3.2065 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  458.345693][    C0] Tainted: [L]=SOFTLOCKUP
[  458.345700][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  458.345712][    C0] RIP: 0010:try_to_wake_up+0x327/0x1380
[  458.345734][    C0] Code: 4e 8f 09 85 c0 0f 84 7b 05 00 00 4c 8d b5 98 04 00 00 4c 89 f0 48 c1 e8 03 42 0f b6 04 20 84 c0 0f 85 f2 06 00 00 41 83 3e 02 <7c> 26 4c 8d b5 c0 04 00 00 4c 89 f0 48 c1 e8 03 42 0f b6 04 20 84
[  458.345751][    C0] RSP: 0018:ffffc900055af5e8 EFLAGS: 00000046
[  458.345772][    C0] RAX: 0000000000000000 RBX: 1ffff11004f1400d RCX: 0000000080000002
[  458.345786][    C0] RDX: 0000000000000000 RSI: ffffffff8d7c0ddb RDI: ffffffff8ba67680
[  458.345800][    C0] RBP: ffff8880278a0000 R08: ffffffff8f6a6ab7 R09: 1ffffffff1ed4d56
[  458.345815][    C0] R10: dffffc0000000000 R11: fffffbfff1ed4d57 R12: dffffc0000000000
[  458.345830][    C0] R13: 1ffff11004f14003 R14: ffff8880278a0498 R15: 0000000000000000
[  458.345845][    C0] FS:  00007f6e323ed6c0(0000) GS:ffff888126336000(0000) knlGS:0000000000000000
[  458.345861][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  458.345875][    C0] CR2: 0000200000061000 CR3: 00000000557e0000 CR4: 00000000003526f0
[  458.345893][    C0] DR0: 0000000000000002 DR1: 00000000000001f8 DR2: 0000000000000002
[  458.345905][    C0] DR3: 00000000000000aa DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  458.345918][    C0] Call Trace:
[  458.345925][    C0]  <TASK>
[  458.345935][    C0]  ? __pfx_rt_spin_lock+0x10/0x10
[  458.345966][    C0]  autoremove_wake_function+0x17/0x100
[  458.345998][    C0]  __wake_up_common_lock+0x136/0x1e0
[  458.346032][    C0]  __unix_dgram_recvmsg+0x485/0xd60
[  458.346062][    C0]  ? __pfx_handle_mm_fault+0x10/0x10
[  458.346093][    C0]  ? __pfx___unix_dgram_recvmsg+0x10/0x10
[  458.346127][    C0]  ? do_user_addr_fault+0xbad/0x1340
[  458.346155][    C0]  ? unix_dgram_recvmsg+0xb1/0xd0
[  458.346173][    C0]  ? __pfx_unix_dgram_recvmsg+0x10/0x10
[  458.346193][    C0]  sock_recvmsg_nosec+0x10c/0x140
[  458.346223][    C0]  ____sys_recvmsg+0x3ef/0x4b0
[  458.346251][    C0]  ? __pfx_____sys_recvmsg+0x10/0x10
[  458.346281][    C0]  ? import_iovec+0x73/0xa0
[  458.346314][    C0]  ___sys_recvmsg+0x215/0x590
[  458.346334][    C0]  ? __lock_acquire+0x6b5/0x2cf0
[  458.346356][    C0]  ? __pfx____sys_recvmsg+0x10/0x10
[  458.346381][    C0]  ? irqentry_exit+0x59e/0x620
[  458.346417][    C0]  do_recvmmsg+0x33a/0x800
[  458.346444][    C0]  ? __pfx_do_recvmmsg+0x10/0x10
[  458.346474][    C0]  ? rt_mutex_slowunlock+0x4a7/0x8b0
[  458.346502][    C0]  ? rt_spin_lock+0x1e0/0x400
[  458.346529][    C0]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  458.346561][    C0]  __x64_sys_recvmmsg+0x198/0x250
[  458.346591][    C0]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  458.346621][    C0]  do_syscall_64+0x14d/0xf80
[  458.346641][    C0]  ? trace_irq_disable+0x3b/0x150
[  458.346664][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  458.346684][    C0]  ? clear_bhb_loop+0x40/0x90
[  458.346706][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  458.346725][    C0] RIP: 0033:0x7f6e341bc819
[  458.346742][    C0] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  458.346758][    C0] RSP: 002b:00007f6e323ed028 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  458.346777][    C0] RAX: ffffffffffffffda RBX: 00007f6e34436090 RCX: 00007f6e341bc819
[  458.346791][    C0] RDX: 0000000000010106 RSI: 00002000000000c0 RDI: 0000000000000003
[  458.346804][    C0] RBP: 00007f6e34252c91 R08: 0000000000000000 R09: 0000000000000000
[  458.346816][    C0] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000
[  458.346829][    C0] R13: 00007f6e34436128 R14: 00007f6e34436090 R15: 00007ffd6c1ed618
[  458.346853][    C0]  </TASK>
[  458.347780][   T37] Kernel panic - not syncing: hung_task: blocked tasks
[  458.347802][   T37] CPU: 1 UID: 0 PID: 37 Comm: khungtaskd Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  458.347840][   T37] Tainted: [L]=SOFTLOCKUP
[  458.347849][   T37] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  458.347864][   T37] Call Trace:
[  458.347874][   T37]  <TASK>
[  458.347884][   T37]  vpanic+0x56c/0xa60
[  458.347922][   T37]  ? __pfx___schedule+0x10/0x10
[  458.347946][   T37]  ? __pfx_vpanic+0x10/0x10
[  458.347990][   T37]  panic+0xc5/0xd0
[  458.348025][   T37]  ? __pfx_panic+0x10/0x10
[  458.348064][   T37]  ? preempt_schedule_thunk+0x16/0x30
[  458.348097][   T37]  ? nmi_trigger_cpumask_backtrace+0x2bb/0x300
[  458.348135][   T37]  watchdog+0x1023/0x1030
[  458.348171][   T37]  ? watchdog+0x21a/0x1030
[  458.348207][   T37]  kthread+0x388/0x470
[  458.348233][   T37]  ? __pfx_watchdog+0x10/0x10
[  458.348260][   T37]  ? __pfx_kthread+0x10/0x10
[  458.348286][   T37]  ret_from_fork+0x51e/0xb90
[  458.348321][   T37]  ? __pfx_ret_from_fork+0x10/0x10
[  458.348353][   T37]  ? __switch_to+0xc7d/0x1450
[  458.348386][   T37]  ? __pfx_kthread+0x10/0x10
[  458.348412][   T37]  ret_from_fork_asm+0x1a/0x30
[  458.348452][   T37]  </TASK>
[  458.348631][   T37] Kernel Offset: disabled