last executing test programs:

9.565392394s ago: executing program 3 (id=8627):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f00000001c0)=@broute={'broute\x00', 0x20, 0x0, 0x90, [0x40000000, 0x0, 0x0, 0x0, 0x500, 0x80000100], 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff00000000000000002220028311e9521e00000000000000000000000000000000000000000000000000000000fcffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff00000000"]}, 0xe0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000200)={'veth1_to_bridge\x00', <r2=>0x0})
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$sock_inet6_SIOCSIFADDR(r3, 0x8916, &(0x7f0000000100)={@local, 0x0, r2})
socket$inet6_udplite(0xa, 0x2, 0x88)
socket(0x10, 0x803, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(0xffffffffffffffff, 0xc4c85513, &(0x7f0000000a80)={{0x5, 0x6, 0x401, 0x7, 'syz1\x00', 0x81}, 0x1, [0x6, 0xfffffffffffffffa, 0x1, 0x907a, 0xffffffff, 0x60, 0x1, 0xf, 0x1, 0x4, 0xfffffffffffffffd, 0x63, 0xfff, 0x100000002, 0xfffffffffffffffa, 0xc8, 0xb6da, 0x80000a5, 0xb7, 0xb6, 0x8000000000000002, 0x4000000008, 0x7, 0xfff, 0x6, 0xfb, 0x1, 0x4f51, 0x0, 0x37c7, 0xc, 0xbb30, 0x0, 0x63, 0x4, 0x4, 0x8, 0xffffffffffff7fff, 0x6, 0x8, 0x5, 0x0, 0x8, 0x401, 0x3, 0xc1be, 0xffffffff, 0x8000000000000001, 0x3, 0x0, 0x7, 0x72, 0x9, 0x2000000002, 0x6a44d0ea, 0xffffffffffffffff, 0x9, 0x5f0, 0xfffffffffffff2e2, 0x4, 0x6, 0xfffffffffffffffd, 0x7, 0xf1, 0x26e69303, 0x5, 0x2, 0x5, 0x2, 0x1, 0x9, 0x7, 0xdffffffffffffd, 0xd, 0x81, 0x8, 0x7fff, 0x6, 0xe, 0x3ff, 0xffffffffffffcc1c, 0x10000, 0xfffffffffffffffb, 0x6, 0x2, 0x1, 0xf, 0x7dd, 0xfffffffffffff000, 0x8d6, 0x0, 0x5, 0x4, 0xafae, 0x1, 0xf, 0x6, 0xb, 0x1, 0x10003, 0x1, 0x10000, 0x1ff, 0xc, 0x0, 0x7, 0x7, 0x0, 0xfc0, 0x7, 0xaac, 0x8000000000007, 0x2, 0x8, 0x7, 0x6, 0x200, 0x8, 0xa, 0x0, 0x9, 0x7, 0x40, 0x8000, 0x83d0, 0xf0, 0x100000000, 0x140000000]})
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r6 = syz_clone(0xd8042100, 0x0, 0x1b, 0x0, 0x0, 0x0)
ptrace$pokeuser(0x6, r6, 0x388, 0x7ffffffe)
fsetxattr$trusted_overlay_upper(r4, &(0x7f0000000240), &(0x7f0000000500)=ANY=[@ANYBLOB="00fbbd02092313b2a6abcc96a27d1a3c42c83c97bb0e5fbe4c46599746711674a778b3eeeed73139d73bd9d9315989a2a946308aa61cdabb3b935e2acec700fc727c5a0761349d82428581ce19a90f2102e5558de010d1da353061e15fd9689247fa7df9f546361bfb0c8e5662b4f1644ae4c6466d4329c5363e5ac76f4294172a711dabe321b674767dca29abda7d9ae970c1539f46223637bd4e0aa7f6fb290667016e588b97c9a624aaf1a14541f7ef4b0f38e880336ee7bed09a9d28e30956352b50c1ac6587092984c0cf0bc186ab5d9d3e86cb5e8ae60e6702ea4cc59550d81460023acc1c43003a08bd3ff511a3f62e93f3fcf81184a8681d53a678ffe0531b0a34740a0904ceb7c1df5b87c00c5559dfc0c589127035b04c28f21583af321148b9b65f723747b78130d6221c3ffed86743b8396e1189e6dd5287eb62312634189f347ea831387d3c21a054629146fe31a64d3ac3a3"], 0xbd, 0x2)
r7 = syz_open_procfs$pagemap(0x0, &(0x7f0000001080))
get_mempolicy(0x0, 0x0, 0x206, &(0x7f0000394000/0x3000)=nil, 0x3)
ioctl$PAGEMAP_SCAN(r7, 0xc0606610, &(0x7f00000001c0)={0x60, 0x0, &(0x7f0000001000/0x3000)=nil, &(0x7f0000ffb000/0x4000)=nil, 0x2, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x52, 0x44})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_REG(r8, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="14030000", @ANYRES16=r9, @ANYBLOB="01072cbd7000fedbdf251f000000"], 0x14}, 0x1, 0x0, 0x0, 0x8000}, 0x8814)
ioctl$KVM_CAP_XEN_HVM(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000480)={0x26, 0x0, 0x1c8})
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x21800, 0x0)
sched_setattr(0x0, 0x0, 0x0)
ioctl$VIDIOC_S_SELECTION(0xffffffffffffffff, 0xc040565f, &(0x7f0000000040)={0x9, 0x100, 0x0, {0xffffffff, 0xbde, 0xb, 0x10000}})
socket$igmp(0x2, 0x3, 0x2)

8.546347726s ago: executing program 3 (id=8633):
r0 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r0, 0x107, 0xf, &(0x7f0000000000), 0x49)
sendmsg$kcm(r0, &(0x7f00000001c0)={&(0x7f0000000300)=@phonet={0x23, 0xff, 0x3, 0xd}, 0x80, &(0x7f0000000040)=[{&(0x7f0000000200)="27050200420014000600002fb96dbcf706e10500070088a800008100fb78d1c90413cad07a31f55d", 0x28}], 0x1}, 0x20004094) (fail_nth: 4)

8.01804043s ago: executing program 2 (id=8635):
mbind(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4001, 0x0, 0x0, 0x2)
setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x100000000000000, 0x80, &(0x7f00000001c0)=@broute={'broute\x00', 0x4000, 0x0, 0x90, [], 0x2, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f4"]}, 0xba)
r0 = add_key$user(&(0x7f00000002c0), &(0x7f0000000180)={'syz', 0x2}, &(0x7f0000000280)="85952b177328da2f8757c9343d6559eb7a8197c0479df99720c9f9d0a8093c947d", 0x21, 0xfffffffffffffffd)
r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r1, r0}, &(0x7f00000000c0)=""/80, 0x50, 0x0)
r2 = socket$kcm(0x11, 0x3, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000740), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000300)={'veth0_to_bridge\x00', 0x7101})
r4 = socket(0x400000000010, 0x3, 0x0)
ioctl$TUNGETFEATURES(r3, 0x800454cf, &(0x7f0000000240))
r5 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}, 0x1, 0x0, 0x0, 0x50}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=@newtfilter={0x88, 0x2c, 0x20, 0x70bd28, 0x25dfdbfb, {0x0, 0x0, 0x0, r6, {0xfff2, 0x2cc41d75a8d953dc}, {0x0, 0xb}, {0x7, 0xe}}, [@TCA_RATE={0x0, 0x5, {0xd, 0x80}}]}, 0x88}, 0x1, 0x0, 0x0, 0x4000000}, 0x84)
r7 = socket(0x10, 0x80002, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
sendmmsg$alg(r7, &(0x7f00000000c0), 0x492492492492627, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000040))
sendmsg$kcm(r2, &(0x7f0000000000)={&(0x7f0000001880)=@alg={0x26, 'hash\x00', 0x0, 0x0, 'sha1-ce\x00'}, 0x80, 0x0, 0x0, 0x0, 0xfffffe58}, 0x8000)

7.52602125s ago: executing program 3 (id=8637):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
openat$audio(0xffffff9c, 0x0, 0x402, 0x0)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
socket$netlink(0x10, 0x3, 0x10)
r2 = syz_open_dev$dri(&(0x7f0000000080), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f00000001c0)={0x8000, 0x2, 0x4})
r3 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f0000001780), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_SUBFLOW_CREATE(0xffffffffffffffff, &(0x7f0000001900)={0x0, 0x0, &(0x7f00000018c0)={&(0x7f0000001880)={0x14, r4, 0x925, 0x70bd25, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x4801}, 0x80)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r3, 0xc04064a0, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[<r5=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_CURSOR(r2, 0xc01c64a3, &(0x7f0000000040)={0x3, r5, 0x10000000, 0x80000001, 0xb, 0x1fd, 0x1})
close_range(r2, 0xffffffffffffffff, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$FIBMAP(r0, 0x1, &(0x7f0000000140)=0x3)
sendmsg$NFULNL_MSG_CONFIG(r6, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={0x0, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x40000)
socket$pptp(0x18, 0x1, 0x2)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x44)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
r8 = dup(r7)
r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r9, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
ioctl$SIOCSIFHWADDR(r8, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x79, 0x33, 0x13, 0x8, 0x2058, 0x1005, 0x2d5a, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x35, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x53, 0x0, 0x1, 0x83, 0x9, 0xf4, 0x0, [], [{{0x9, 0x5, 0x5}}]}}]}}]}}, 0x0)

6.722278679s ago: executing program 2 (id=8643):
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$can_j1939(0x1d, 0x2, 0x7)
socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$loop(&(0x7f0000000280), 0xffff, 0x14f600)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
socket$inet6(0xa, 0x800000000000002, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
socket$netlink(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="540000001000010400000000000000ffff000000", @ANYRES32=0x0, @ANYBLOB="0380000000000000240012800c0001006d6163766c616e00140002800800010008000000060002000100000008000500", @ANYRES32=r0, @ANYBLOB='\b\x00\n\x00', @ANYRES16], 0x54}}, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0) (fail_nth: 2)

5.941570849s ago: executing program 2 (id=8646):
socket$nl_generic(0x10, 0x3, 0x10)
timer_create(0x0, 0x0, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000034c0)=ANY=[@ANYBLOB="240000003f000701030000000000"], 0x24}, 0x1, 0x0, 0x0, 0x4048011}, 0xc000)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x1c5ed000)
r3 = dup2(0xffffffffffffffff, r2)
ioctl$LOOP_SET_FD(r3, 0x4c00, r2)
r4 = userfaultfd(0x1)
syz_io_uring_setup(0x400f00, &(0x7f0000000080)={0x0, 0x2909, 0x20, 0x1, 0x3cc, 0x0, 0x0}, 0x0, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x2)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r6, 0x4010ae67, &(0x7f0000000000)={0xeeee8000, 0x102000, 0x1})
ioctl$KVM_RUN(r7, 0xae80, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x15)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
ioctl$UFFDIO_COPY(r4, 0xc028aa05, &(0x7f0000000180)={&(0x7f00002b9000/0x400000)=nil, &(0x7f00003ab000/0x2000)=nil, 0x400000, 0x2, 0x2})
syz_open_procfs(0x0, &(0x7f0000000040)='pagemap\x00')

5.733843714s ago: executing program 1 (id=8648):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000c80)={0x5c, 0x9, 0x6, 0x801, 0x0, 0x0, {0x7}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x34, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0x18, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @private0}}, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0xe1f}, @IPSET_ATTR_PROTO={0x5, 0x7, 0x88}, @IPSET_ATTR_PORT_TO={0x6, 0x5, 0x1, 0x0, 0x4e1f}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x10000042}, 0x90) (fail_nth: 4)

5.141811836s ago: executing program 1 (id=8650):
pipe(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write$binfmt_misc(r1, &(0x7f00000008c0)="8603", 0x2)
io_setup(0x1, &(0x7f0000000b80)=<r2=>0x0)
io_submit(r2, 0x1, &(0x7f0000000140)=[&(0x7f0000001a80)={0x0, 0x0, 0x0, 0x5, 0x2, r1, 0x0}])
r3 = creat(&(0x7f0000000200)='./file0\x00', 0x20)
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="020a000907000000000000000000000005001a00ff82000000000000000000000000000000e3fcc7db892ba624eda4992445fc0b7f4ea0"], 0x38}}, 0x0)
splice(r0, 0x0, r3, 0x0, 0x8000, 0x0)
r5 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x5543, 0x42, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f0000000000)='ns\x00')
fstat(r6, &(0x7f0000000200))
syz_usb_control_io$hid(r5, 0x0, 0x0)
syz_usb_control_io$hid(r5, &(0x7f0000000040)={0x14, 0x0, 0x0, &(0x7f00000000c0)={0x0, 0x22, 0xb, {[@main=@item_4={0x3, 0x0, 0xc09ecb1a5ab573b2, "2d9c5e03"}, @global=@item_012={0x1, 0x1, 0xa, '?'}, @local, @main=@item_012={0x2, 0x0, 0xb, "c401"}]}}, 0x0}, 0x0)

4.929717605s ago: executing program 4 (id=8652):
r0 = openat$sndseq(0xffffff9c, &(0x7f0000000180), 0x200)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a45320, &(0x7f00000000c0)={{0x80}, 'port0\x00', 0x3eb, 0x21e2f, 0x7f, 0x1681bcd7, 0x0, 0x0, 0x400, 0x0, 0x2})
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
unshare(0x24020400)
r1 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, 0x0)
mq_notify(r1, 0x0)
r2 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da0700000000000109022400010000000009040000090300000009210000000122220009058103"], 0x0)
syz_usb_control_io$hid(r2, 0x0, 0x0)
r3 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8b05, &(0x7f0000000000)={'wlan1\x00'})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@newqdisc={0x5c, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x9, 0x1}, {0x4}, {0xe, 0xd}}, [@TCA_EGRESS_BLOCK={0x8, 0xe, 0x401}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x491, 0x0, 0x0, 0x0, 0x8, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}, @TCA_INGRESS_BLOCK={0x8}]}, 0x64}, 0x1, 0x0, 0x0, 0x90}, 0x4000c00)
r6 = socket$netlink(0x10, 0x3, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r9, {0x0, 0x6}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x24040084)
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000400)=@newqdisc={0x34, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r9, {0xfff2}, {0xffff, 0xffff}, {0x2, 0xa}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x400dc}, 0x0)
r10 = socket(0x400000000010, 0x3, 0x0)
r11 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r12=>0x0})
sendmsg$nl_route_sched(r10, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r12, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x42}}}]}, 0x38}}, 0x0)
syz_emit_ethernet(0x3e, &(0x7f0000000200)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000086dd606410a60008000000000000000000000000ffffac1414aaff021f000000000000000000000000018400000000000005a09288dcdfb19d6b2290e54cb0e02a27126cba526dbbb3396cd401d85cc077c6900b2bea8e70e06071fa3f389e89ab36122d6b45a290fe403f3a7113e282890beb796c78865e626ef1906b1c9ee8746d7bbce787cabe1134538b50c72ac4601cd966d867e34a9f9988eb5ffe761c39b7f3d00c1ab46b9489b23f7eb9"], 0x0)
syz_usb_control_io$hid(r2, &(0x7f00000001c0)={0x14, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="00222200000096231306f9ed93b2938f8d2a9000070900be008379ed31db280000000057a90da1f6c33393f6e0"], 0x0}, 0x0)
r13 = syz_open_dev$evdev(&(0x7f00000000c0), 0x40, 0x0)
bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
ioctl$EVIOCGKEYCODE_V2(r13, 0x80284504, &(0x7f0000000100)=""/95)

4.285955894s ago: executing program 3 (id=8653):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
write$binfmt_elf64(r0, &(0x7f0000000640)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x4, 0x0, 0x0, 0xffffffffffff8001, 0x3, 0x3e, 0xffffffeb, 0x7c, 0x40, 0x1, 0xe61d, 0x200c, 0x38, 0x1, 0xfffe, 0x2, 0x4}, [{0x3, 0xf97, 0xb, 0x10, 0x0, 0x3, 0xffffffffffffffff, 0xc3}]}, 0x78)
close(r0)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000280)=0x1, 0x4)
setsockopt$sock_int(r1, 0x1, 0x2a, &(0x7f0000000240)=0x8, 0x4)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, 0x40000}, 0x1c)
sendto$inet6(r1, &(0x7f0000000440)="2fd87906c4cf471afa", 0x9, 0x24000000, 0x0, 0x0)
recvfrom(r1, 0x0, 0x0, 0x99bcb88de02507d2, 0x0, 0x0)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f00000000c0)={@my=0x1})
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f0000000200)={0x28, 0x0, 0x0, @my=0x1}, 0x10)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/freeze_filesystems', 0x42, 0x64)
io_setup(0x20, &(0x7f0000001140)=<r4=>0x0)
io_submit(r4, 0x1, &(0x7f00000001c0)=[&(0x7f0000002040)={0xf, 0x400000000000, 0x0, 0x1, 0x0, r3, &(0x7f0000000080)='\r', 0x1}])
r5 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r5, &(0x7f0000001500)={0x28, 0x4000, 0x0, @my=0x1}, 0x10)
close(0x3)
ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r0, 0x8008ae9d, &(0x7f0000000000))
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x1000)

3.674111122s ago: executing program 2 (id=8654):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f000905", @ANYRES16], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000280)={0x24, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x22, 0xf, {[@local=@item_4={0x3, 0x2, 0x0, "2e2b5aa4"}, @local=@item_4={0x3, 0x2, 0x0, "f85edaca"}, @main=@item_4={0x3, 0x0, 0x8}]}}, 0x0}, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000c00)={0x84, &(0x7f0000000800)={0x0, 0x0, 0x1, "9d"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0)
readv(r1, &(0x7f0000000480)=[{&(0x7f0000001580)=""/4091, 0x18}], 0x1)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000280)={'veth0_to_hsr\x00', &(0x7f0000000240)=@ethtool_eeprom={0x4f}})
ioctl$HIDIOCSFLAG(r1, 0x4004480f, &(0x7f0000000000)=0x3)
ioctl$HIDIOCGUSAGE(r1, 0xc018480b, 0x0)

3.313612598s ago: executing program 1 (id=8658):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000002f80)={0x0, 0x0, &(0x7f0000002f40)={&(0x7f0000000180)=@newtaction={0x14, 0x30, 0x1}, 0x14}}, 0x0)
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
write$tun(r1, &(0x7f0000000140)={@val={0x3, 0x800}, @val={0x1, 0x0, 0x0, 0x0, 0x14}, @ipv4=@icmp={{0x5, 0x4, 0x0, 0x0, 0x8016, 0x1400, 0x0, 0x0, 0x1, 0x0, @private=0xa010100, @local}, @dest_unreach={0x4, 0x0, 0x0, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, 0x11, 0x0, @local, @loopback}}}}, 0xfdef)
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001280)=ANY=[@ANYBLOB="300000000002010100000000000000000a00000004000380180002c63be5801400018008000100ac1414bb0800020000000000396346c988be30e03c71630e98da6e1822ac6f210758d35e4304ad7856df57bd09abccfff62a1594ffc4a59a0ed65f50b92ddc897d324980df74fbdbc9cb7515e28d4d8aae455f03fb8e8ce87f456ebbaf9d7381e95409c1c5fd989de510309d5e6be80054aa3a8c3396beb2b91eeecedb08e7d3e2be21fc1b84e0c633672321045dc5fba1a0b1fa1fe72d77764238d474f48f56421c0172e9686498b8424b8866f7d0b973bb093e"], 0x30}, 0x1, 0x0, 0x0, 0x90}, 0x0)
r3 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB="4800000010001fff0000056800080000faff0000", @ANYRES32=0x0, @ANYBLOB="c30c424700000000280012800a00010076786c616e00000018000280140010"], 0x48}}, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x19, &(0x7f0000000000)=0x94b, 0x4)
recvmmsg(r3, &(0x7f0000000fc0)=[{{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000100)=""/99, 0x63}, {&(0x7f0000001380)=""/4096, 0x1000}], 0x2, &(0x7f0000000200)=""/168, 0xa8}}, {{&(0x7f0000000340)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @private0}}}, 0x80, &(0x7f00000002c0)}, 0x2}, {{&(0x7f0000000800)=@rc={0x1f, @none}, 0x80, &(0x7f0000000c00)=[{&(0x7f0000000880)=""/45, 0x2d}, {&(0x7f00000008c0)=""/22, 0x16}, {&(0x7f0000000900)=""/238, 0xee}, {&(0x7f0000000a00)=""/240, 0xf0}, {&(0x7f0000000b00)=""/215, 0xd7}], 0x5, &(0x7f0000000c40)=""/241, 0xf1}, 0xfffffffe}, {{0x0, 0x0, &(0x7f0000000f80)=[{&(0x7f0000000d40)=""/142, 0x8e}, {&(0x7f0000000e00)=""/156, 0x9c}, {&(0x7f0000000ec0)=""/76, 0x4c}, {&(0x7f0000000f40)=""/19, 0x13}], 0x4}, 0x166d}], 0x4, 0x40012143, 0x0)
ioctl$SNDCTL_SEQ_GETINCOUNT(0xffffffffffffffff, 0x80045105, &(0x7f00000003c0))

3.286743468s ago: executing program 3 (id=8659):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
syz_mount_image$fuse(&(0x7f0000002340), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB, @ANYRESDEC=0x0, @ANYBLOB=',\x00'], 0x0, 0x0, 0x0)
r1 = syz_io_uring_setup(0x10d, &(0x7f0000000380)={0x0, 0x0, 0x80, 0x0, 0x4000}, &(0x7f0000000340)=<r2=>0x0, &(0x7f0000000280))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000440)=0xfffffffc, 0x0, 0x4)
mlock(&(0x7f0000ffc000/0x2000)=nil, 0x2000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xc824, 0x800, 0xffffffff, 0xbfdffffc}, &(0x7f0000000000)=<r4=>0x0, &(0x7f0000000280)=<r5=>0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x400, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x40080)
syz_emit_ethernet(0x7d, &(0x7f00000000c0)={@broadcast, @broadcast, @void, {@ipv6={0x86dd, @gre_packet={0x1, 0x6, "a70002", 0x47, 0x2f, 0x0, @remote, @local, {[], {{0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x88be, 0x0, 0x2}, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9900, [], "0080d5"}, {}, {0x8, 0x88be, 0x3, {{0xc, 0x1, 0x8, 0x1, 0x1, 0x0, 0x4, 0x14}, 0x1, {0x7b40}}}, {0x8, 0x22eb, 0x2, {{0x3, 0x2, 0x2, 0x3, 0x0, 0x0, 0x1, 0x9}, 0x2, {0x80000003, 0xeb, 0x0, 0xd, 0x1, 0x1, 0x1, 0x1, 0x1}}}, {0x8, 0x6558, 0x4}}}}}}}, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r7, 0xae60)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000200)={0x0, 0x1, 0xf000, 0x2000, &(0x7f0000f9a000/0x2000)=nil})
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e23, 0xb, @local, 0x7fffffff}, 0x1c)
ioctl$KVM_CAP_SPLIT_IRQCHIP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000140)={0x79, 0x0, 0xddf})
r9 = dup(r8)
ioctl$VT_RESIZEX(r9, 0x560a, &(0x7f0000000240)={0x3, 0x2c5, 0x4, 0x7, 0x4, 0x6})
ioctl$KVM_SET_VCPU_EVENTS(r8, 0x4400ae8f, &(0x7f0000000040)=@x86={0x0, 0x9, 0xc, 0x0, 0x6, 0x1, 0x86, 0x2, 0xe7, 0x0, 0x2, 0x4, 0x0, 0x7, 0x4, 0x7, 0x5, 0xff, 0x3b, '\x00', 0x8, 0x7ffffffffffffffe})
ioctl$KVM_SET_VAPIC_ADDR(r9, 0x4008ae93, &(0x7f00000000c0)=0xffff)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r3, 0x47f6, 0x0, 0x2, 0x0, 0x300)
io_uring_enter(r1, 0x3516, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x6, 0x50, 0xffffffffffffffff, 0x0)
socket(0xa, 0x3, 0x3a)
r10 = socket(0x10, 0x3, 0x0)
write(r10, &(0x7f00000000c0)="1c0000001d005f0214fffffffffffff8070000000d00000000000600", 0x1c)

3.205766594s ago: executing program 0 (id=8660):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
ptrace$PTRACE_GETSIGMASK(0x420a, r0, 0x8, &(0x7f00000002c0))
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000040)={0x3, &(0x7f0000000200)=[{0x84, 0xfc, 0x7f, 0x8}, {0xc, 0x0, 0x0, 0x4}, {0x6, 0x5, 0x1, 0x100}]})
setpriority(0x3, 0x0, 0x2)
socket(0x2, 0x80805, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x3, 0x1000}, 0x4)
setsockopt$packet_rx_ring(r1, 0x107, 0x5, &(0x7f0000003180)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x7ff, 0xf84, 0x3}, 0x1c)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
connect$inet(r2, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r2, &(0x7f0000007fc0), 0x800001d, 0x0)
pselect6(0x40, &(0x7f0000000100)={0x3, 0x80000000, 0x5, 0xb, 0x6, 0x1ff, 0x0, 0xa}, &(0x7f0000000140)={0x9, 0x6, 0x7ff00, 0x100, 0xcf9, 0x3, 0x7, 0x7}, 0x0, 0x0, 0x0)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
r4 = add_key$keyring(&(0x7f00000000c0), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$restrict_keyring(0xa, r4, &(0x7f0000000300)='asymmetric\x00', 0x0)
keyctl$KEYCTL_PKEY_SIGN(0x1b, 0x0, &(0x7f00000004c0)={'enc=', 'oaep', ' hash=', {'crc32c-intel\x00'}}, &(0x7f0000000540)="95cd031a1b8f24d0e44fb1093cca0ff1ec521280ccc592430d853930ec05631f600b8efc161c923679836b60a2ccfa371f734bee8b036885521e09202da4a155134cfcce56ebac00b087b54e90b7ad1ac4f2dc50", &(0x7f00000005c0)=""/151)
shutdown(r3, 0x0)
close(0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x10, &(0x7f0000000080)=[@in={0x2, 0x4e23, @private=0xa010101}]}, &(0x7f0000000140)=0xc)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r5, 0x4018620d, &(0x7f0000000140))
r6 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000400), 0x0, 0x0, 0x0})
r7 = openat$nullb(0xffffff9c, &(0x7f0000000040), 0x4180, 0x0)
ioctl$BLKBSZSET(r7, 0x40041271, 0x0)
dup3(r6, r5, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)

3.127364772s ago: executing program 1 (id=8661):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x50042, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_TSC_KHZ_vm(r1, 0xaea2, 0x6)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000240))
openat$nullb(0xffffffffffffff9c, 0x0, 0x4000000731e03, 0x0)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x3)
r3 = dup(r2)
openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000480)=[{{&(0x7f0000000300)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000180)=[{&(0x7f0000000380)="a5780c388d4c7f631106084a38c4c481abec351bebfca3ca5f175a8978ca20219c342aeda8cb94475b7fe430f013a54fa5c95f75e9d8e7df47274154865f548baa9188a89b0700dec3aafbeae0d9376c8f43cdfe52e7aea324286860c08c0b8330ca3079af77b0f48d7f415942070deed17ddc3e3efc0e8eaecd697c4ec3fcbbdd8808c25270bd1190a98c95b953f12a45191059b4f8ec4976aa92f2cb9dc9b4e980b2a4090ada55ecf16cf681e8ae0a53d72a59b3a3854b25f638cb80f574613dfe019c", 0xc4}], 0x1, 0x0, 0x0, 0x80}}], 0x1, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(r6, 0xc0145608, &(0x7f0000000100)={0x3, 0x2, 0x1})
mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x11, r6, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x1, 0x8001, 0x0, 0x9, 0x50, 0xfffffe0000000001, 0xfa11, 0xfffffffc}, 0x0)
r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
close(r7)
ioctl$DRM_IOCTL_MODE_PAGE_FLIP(0xffffffffffffffff, 0xc01864b0, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000200)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="0800000069000001adbd7000fedbdf250000000000aa643c0ec6ec00000008000100000000000800"], 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x40)
r8 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0)
write$P9_RSTATu(r8, &(0x7f0000000780)=ANY=[@ANYBLOB="c20200007d00000005fa0000006a0000004000000000000000000000000000000010000000020000000000000000000000001f00046e6f6465767b6376666f7825ffffff8102000000000000000000000000003800704a86cec602007dfa673effeb09b5351f5bde054000000000187b8200b500003b595fcb14034354b9fd9ef196a51cd5157adc8106b494e11200fbe161e900000000000000000000f313f6005e00f8f67efb716dcf315ecaf385409ac65b9408679d2c3b9e1d52c3d6da9bf1995688dace6cde7ba4a400b4b0b4dbe64f64b1d63f26796dcbec498623d6a838c69a69dfce9cdd5906f174a666a8529a45773407dbdab2885baf050000000000b3016f6465762d6eb17b2300f9daa1ee23266ecf85fea65eb2d979a3fde5f475daf03b1172d97badc7095afd76fe4f0441f7f7741eac030000ecff0000dba0c2f7f09ff53c7e4d1ad66e2d070198019f30118447aa9a74f51685f506ae89480687bd7f3d7f298d792c4a37f2e1cbbd2482929a0d8972b5cf732ea5b0d7238501000000aed3b42ee7cac07de09d1d68a60333a882467d2b31aacdf9cf3ee3884002a91c54528b807a89ca184d16645f06188549b1125d6c4c9b18c2fb56c57d7dc626e4390796a1eb48274669ab13f8b11d146059f310e2634d593fec65d529f382066664df244e4c90570a70049f299f061f75b7797ce1e411ea918ebd888c1e156b8456931d2ea726ba9609d51a41dd3de304bd7c7ed0a456f0ae12516105c9478f7ded2dc47ec13c0f6af88ba6e5c6397c7d5021d7989528fd1739e1c2d87fff000000000000007461b0ccaaa1933a0e8a826b14d4fcb2989ffaaa1acffa8054e9559dfae4697aa00b03b3d80e5524f8495fee7e8d88cb5a040302acb0d1260f2584db48e8d9064e8ce178ce396e85b97e4886444049810f25f1ceca975deb491a125bf0d72f87cc10b0154e08936daadd8b1e9798d4ec856993d53b9038ab44fdb0", @ANYRES32=0x0, @ANYRES64, @ANYRES32=0x0], 0x2c2)
r9 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r9, 0x0, 0x0)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_GET_ENDIAN(0x13, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r10, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="140000000001010100000000000000"], 0x14}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)

2.896925929s ago: executing program 4 (id=8662):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$wireguard(&(0x7f00000001c0), r0)
sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000e80)={0x68, r1, 0x1, 0x70bd2d, 0x25dfdbfe, {}, [@WGDEVICE_A_IFNAME={0x14, 0x2, 'wg2\x00'}, @WGDEVICE_A_PEERS={0x40, 0x8, 0x0, 0x1, [{0x3c, 0x0, 0x0, 0x1, [@WGPEER_A_ENDPOINT4={0x14, 0x4, {0x15, 0x4e24, @rand_addr=0x64010102}}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @b_g}]}]}]}, 0x68}, 0x1, 0x0, 0x0, 0xc004}, 0x4000040) (fail_nth: 4)

2.342082721s ago: executing program 4 (id=8663):
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
socket$inet6_sctp(0xa, 0x1, 0x84)
socket(0x40000000015, 0x5, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$vimc0(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
landlock_create_ruleset(&(0x7f0000000000)={0x40, 0x1, 0x3}, 0x18, 0x1)
r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x94)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r5, 0xc008ae88, &(0x7f0000000040))
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f00000000c0)={0xffffffffffffffff, 0xc8, 0x3})
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f00000000c0)={0x4, 0xffffffffffffffff, 0x1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x67c, 0x6, 0xf3b8, 0xfffffffffffffffe, 0x1000, 0x400, 0x4002004c4, 0x8, 0x0, 0x2000000097, 0x10, 0x0, 0x5, 0x4, 0x0, 0x8], 0xeeee8000, 0x402})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

2.247266403s ago: executing program 3 (id=8664):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x17ef, 0x60a3, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x64, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x3, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}, {{{0x9, 0x5, 0x81, 0x3, 0x20}}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x4, 0x2)
syz_usb_control_io(r0, &(0x7f0000000180)={0x2c, &(0x7f0000000080)={0x40, 0x7, 0x7, {0x7, 0x30, "3d91419d00"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)

1.888744583s ago: executing program 0 (id=8665):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)={0x60, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {{{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}]}, 0x60}, 0x1, 0x0, 0x0, 0x4010}, 0x0) (fail_nth: 4)

1.551669078s ago: executing program 4 (id=8666):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r3=>0x0})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x4c02})
sendmsg$netlink(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440)=[{0x0, 0x108}, {0x0, 0x1528}], 0x2, 0x0, 0x0, 0x41}, 0x8000)
readv(r5, &(0x7f00000001c0)=[{&(0x7f0000000480)=""/239, 0xef}], 0x1)
r6 = socket$kcm(0x2, 0xa, 0x2)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r4, 0x8983, &(0x7f0000000080)={0x0, 'syzkaller1\x00', {0x4}, 0x1})
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000000)={'syzkaller1\x00', @link_local})
sendmsg$NL80211_CMD_JOIN_MESH(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000200)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r0, @ANYBLOB="0100feffffff000000004400000008000300", @ANYRES32=r3, @ANYBLOB="04005a8059fcaabe59fb6d80901be9c1a8a98b4b56c8358df0970c699e2cd94c1b34c90007ac739b2a1a10f0331ed5e456eab2d182dccb41996b77597fda02af423cd12661c1f483cd16be244d"], 0x20}}, 0x0)

1.49360693s ago: executing program 1 (id=8667):
openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x129202, 0x0) (async)
r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x129202, 0x0)
openat$kvm(0xffffff9c, 0x0, 0x101440, 0x0) (async)
openat$kvm(0xffffff9c, 0x0, 0x101440, 0x0)
r1 = syz_io_uring_setup(0x10a, &(0x7f0000000140)={0x0, 0x5803, 0x0, 0x0, 0xfffffdfc}, &(0x7f0000000040)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = socket(0xa, 0x1, 0x0)
setsockopt$inet6_group_source_req(r4, 0x29, 0x2e, &(0x7f00000001c0)={0x3, {{0xa, 0x4e24, 0x2, @mcast1, 0xff7ffffd}}, {{0xa, 0x4e08, 0x4a3, @local, 0x4f1}}}, 0x108)
setsockopt$inet6_MCAST_MSFILTER(r4, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x4e23, 0xc, @remote, 0xffff60ea}}, 0x0, 0x3, [{{0xa, 0x8001, 0x0, @loopback, 0x30004}}, {{0xa, 0x4e21, 0x6, @private0, 0x2}}, {{0xa, 0x4e22, 0x73, @remote, 0xa}}]}, 0x20c) (async)
setsockopt$inet6_MCAST_MSFILTER(r4, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x4e23, 0xc, @remote, 0xffff60ea}}, 0x0, 0x3, [{{0xa, 0x8001, 0x0, @loopback, 0x30004}}, {{0xa, 0x4e21, 0x6, @private0, 0x2}}, {{0xa, 0x4e22, 0x73, @remote, 0xa}}]}, 0x20c)
r5 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_group_source_req(r5, 0x29, 0x2e, &(0x7f0000000180)={0x3, {{0xa, 0x4e20, 0xa3f, @mcast1, 0xbfd}}, {{0xa, 0x4e24, 0x20, @loopback, 0xfffffe01}}}, 0x108)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) (async)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0})
io_uring_enter(r1, 0x80003519, 0x9e, 0x0, 0x0, 0x0)
ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f00000000c0)=0xffff0001)

1.4928388s ago: executing program 0 (id=8668):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x44}}, 0x0)

1.400262406s ago: executing program 0 (id=8669):
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffa000/0x4000)=nil, 0x4000, &(0x7f0000000080)='&.{\x00\xa2\xf9\"\xd0xK\xeeun\xc2\xb6\x96v\x9bbyK\x98=\x89\xfe\xb5\xd0LX\x19\xc7\x91\xbbh\x1b)Y\xfad>\xa7o\xb8\x05\xe7\x98<\x8c\x93\x91\x91n\xb0\x84)\xd5\xa3\x80\xdb\x8fm\xd9\x9fv.<\xe2\xce\x0e\xa0\xba\xcf.\x94\xf5\x90c \x9f(\x8f\xc9\x80)b\xc9\x91<\xee8\xd1\xb0\xa1\xfa:Q\x04L\xb7\xe96\x97\a\xdd\xc3\xc0\xf2A\xe8\xcd\x02\xa9\x98\xfe8xe\xcc3\xd2\xb9\xf1\x89\xa7[\xd8;\xe5\rX1vo1\xf5b\xdd\xf6\x84E[m\xc4\x93dSe{\x18\xb5\x11\x1a\xa4I`\x17u\x97\x9f\x97\xc1\xf6\xf3\x8a\xc6\x9e\x0f\xcb\x01\x183\xd0H\xc2\b\xc2\x05\xdc.D/\xc7\xd3\x9d\x8a\xf06\xf2\xee\x12\xe1\x17\x1f\x00\x00\x00\x00') (async)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffa000/0x4000)=nil, 0x4000, &(0x7f0000000080)='&.{\x00\xa2\xf9\"\xd0xK\xeeun\xc2\xb6\x96v\x9bbyK\x98=\x89\xfe\xb5\xd0LX\x19\xc7\x91\xbbh\x1b)Y\xfad>\xa7o\xb8\x05\xe7\x98<\x8c\x93\x91\x91n\xb0\x84)\xd5\xa3\x80\xdb\x8fm\xd9\x9fv.<\xe2\xce\x0e\xa0\xba\xcf.\x94\xf5\x90c \x9f(\x8f\xc9\x80)b\xc9\x91<\xee8\xd1\xb0\xa1\xfa:Q\x04L\xb7\xe96\x97\a\xdd\xc3\xc0\xf2A\xe8\xcd\x02\xa9\x98\xfe8xe\xcc3\xd2\xb9\xf1\x89\xa7[\xd8;\xe5\rX1vo1\xf5b\xdd\xf6\x84E[m\xc4\x93dSe{\x18\xb5\x11\x1a\xa4I`\x17u\x97\x9f\x97\xc1\xf6\xf3\x8a\xc6\x9e\x0f\xcb\x01\x183\xd0H\xc2\b\xc2\x05\xdc.D/\xc7\xd3\x9d\x8a\xf06\xf2\xee\x12\xe1\x17\x1f\x00\x00\x00\x00')
openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) (async)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$SO_TIMESTAMP(r2, 0x1, 0x4b, 0x0, &(0x7f0000000040))
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r3, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x80000011})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'geneve1\x00', <r4=>0x0})
sendto$packet(r3, &(0x7f0000000180)="0b0312002e0064000200475400f6a13bb1000000086086dd4803", 0x100a6, 0x0, &(0x7f0000000140)={0x11, 0x8100, r4}, 0x14)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000180)={0x0, 0x1000, 0x1}) (async)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000180)={0x0, 0x1000, 0x1})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000380)={0x2, 0x34000, 0x1})
r5 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
io_setup(0x4, &(0x7f00000014c0)) (async)
io_setup(0x4, &(0x7f00000014c0)=<r6=>0x0)
io_submit(r6, 0x1, &(0x7f0000000080)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x1, r5, 0x0, 0x0, 0x8002}])
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r2, 0xc0c09425, &(0x7f0000000280)={"f3143ab4d818ef9565cb62a0085c5af6", 0x0, <r7=>0x0, {0x3, 0x6}, {0xc, 0x8}, 0x43c, [0x8000000000000000, 0x8000000000000000, 0x6, 0x1, 0x3e6, 0x6, 0x100000001, 0x200, 0x7, 0x0, 0xfffffffffffffc01, 0x8000000000000001, 0x0, 0xa5, 0x3, 0xd54]})
ioctl$BTRFS_IOC_RM_DEV_V2(r2, 0x5000943a, &(0x7f0000000440)={{r3}, r7, 0x11, @unused=[0x4, 0x200, 0x38000000000, 0x8], @devid})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) (async)
r8 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000080)={0x0, 0x12000, 0x1}) (async)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000080)={0x0, 0x12000, 0x1})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000000)={0x54000, 0x102000, 0xffffffff}) (async)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000000)={0x54000, 0x102000, 0xffffffff})
ioctl$KVM_RUN(r8, 0xae80, 0x0)

1.291607058s ago: executing program 4 (id=8670):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x800004, @mcast2={0xff, 0x3}}, 0x1c)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000340)=ANY=[], 0x8)
sendto$inet6(r0, &(0x7f0000000140)="826bb6adf088d277d574d6", 0xb, 0x24, 0x0, 0x0) (fail_nth: 4)

1.177438287s ago: executing program 4 (id=8671):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f0000000000), 0x10)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vxcan1\x00'}) (async)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vxcan1\x00', <r1=>0x0})
sendmsg$can_bcm(r0, &(0x7f0000000480)={&(0x7f0000000340)={0x1d, r1}, 0xfffffffffffffd6f, &(0x7f00000000c0)={&(0x7f0000000580)=ANY=[], 0x20000600}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000540)={'vcan0\x00', <r2=>0x0})
sendmsg$can_bcm(r0, &(0x7f0000000480)={&(0x7f0000000380)={0x1d, r2, 0x0, 0x4000}, 0x10, &(0x7f00000000c0)={&(0x7f0000000580)=ANY=[], 0x80}, 0x1, 0x0, 0x0, 0x4000}, 0x4044001) (async)
sendmsg$can_bcm(r0, &(0x7f0000000480)={&(0x7f0000000380)={0x1d, r2, 0x0, 0x4000}, 0x10, &(0x7f00000000c0)={&(0x7f0000000580)=ANY=[], 0x80}, 0x1, 0x0, 0x0, 0x4000}, 0x4044001)
r3 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x419, 0x600, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x5, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x0, 0x33, 0x1, {0x22, 0x6}}, {{{0x9, 0x5, 0x81, 0x3, 0x3ff, 0xc, 0x0, 0x7}}}}}]}}]}}, 0x0)
syz_usb_control_io(r3, 0x0, 0x0) (async)
syz_usb_control_io(r3, 0x0, 0x0)
syz_usb_control_io(r3, &(0x7f00000003c0)={0x18, &(0x7f0000000000)=ANY=[@ANYBLOB="00221614"], 0x0, 0x0, 0x0, 0x0}, 0x0)

1.005901848s ago: executing program 0 (id=8672):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000000c0)=@file={0x1, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x0, 0x40002040, 0x0)
r2 = gettid()
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000500)='status\x00')
lseek(r3, 0x6, 0x0)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
unshare(0x2040400)
r5 = fsopen(&(0x7f0000000440)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
unshare(0x2000400)
r6 = fsmount(r5, 0x0, 0x0)
r7 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_ENUM_FRAMESIZES(r7, 0xc02c564a, &(0x7f0000001b00)={0x8000, 0x43564548, 0x1, @discrete={0x1, 0x100}})
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000e40)=@raw={'raw\x00', 0x3c1, 0x3, 0x4b0, 0x2fc, 0x18c, 0x203, 0x0, 0x19030000, 0x3e8, 0x2e0, 0x2e0, 0x3e8, 0x2e0, 0x3, 0x0, {[{{@uncond, 0x300, 0x2d4, 0x2fc, 0x0, {}, [@common=@unspec=@bpf0={{0x230}, {0x13, [{0x1d}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0xfffffffe}, {}, {}, {}, {0xfffc, 0x0, 0x0, 0xe}, {}, {0x0, 0x0, 0x3}, {0x2}, {0xffff}, {0x0, 0x0, 0x0, 0x1}, {}, {}, {0x16}, {}, {}, {0x7}, {}, {0x0, 0x0, 0x0, 0x101}, {}, {}, {}, {}, {}, {}, {0xfffe}, {}, {}, {}, {0x0, 0xfd}, {}, {0x7a04}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x800}, {}, {0xb84, 0x0, 0x0, 0xf00}, {0x0, 0x1, 0x0, 0x3}, {}, {}, {0x0, 0x0, 0x0, 0x2}, {}, {}, {}, {0x0, 0x0, 0x0, 0x2000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4, 0x0, 0x10}]}}]}, @common=@unspec=@NFQUEUE3={0x28, 'NFQUEUE\x00', 0x3, {0x0, 0x4}}}, {{@uncond, 0x0, 0xa4, 0xec}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0xb, 'syz1\x00', {0x6c8}}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x50c)
write$USERIO_CMD_SEND_INTERRUPT(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x1}, 0x2)
socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet6(r6, &(0x7f0000000000)={0xa, 0xe22, 0x2, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0xfffffffe}, 0x1c)
socket$pppl2tp(0x18, 0x1, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000019240)={0x1b, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], 0x0, 0x42d, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
pread64(0xffffffffffffffff, &(0x7f0000000080)=""/102356, 0x18fd4, 0xc2a)
socket$nl_generic(0x10, 0x3, 0x10)
fsopen(&(0x7f0000000040)='hpfs\x00', 0x1)
r8 = syz_open_dev$vim2m(&(0x7f0000019080), 0x96ef, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r8, 0xc0cc5605, &(0x7f0000000740)={0x2, @pix={0xfffffffd, 0x5, 0x33424752, 0x7, 0xf3, 0x3, 0x5, 0x40, 0x1, 0x2, 0x2, 0x4}})
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)

641.23307ms ago: executing program 2 (id=8673):
r0 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r0, 0x107, 0xf, &(0x7f0000000000), 0x49)
sendmsg$kcm(r0, &(0x7f00000001c0)={&(0x7f0000000300)=@phonet={0x23, 0xff, 0x3, 0xd}, 0x80, &(0x7f0000000040)=[{&(0x7f0000000200)="27050021420014000600002fb96dbcf706e10500070088a800008100fb78d1c90413cad07a31f55d", 0x28}], 0x1}, 0x20004094)

493.739021ms ago: executing program 2 (id=8674):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
openat$audio(0xffffff9c, 0x0, 0x402, 0x0)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
socket$netlink(0x10, 0x3, 0x10)
r2 = syz_open_dev$dri(&(0x7f0000000080), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f00000001c0)={0x8000, 0x2, 0x4})
r3 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f0000001780), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_SUBFLOW_CREATE(0xffffffffffffffff, &(0x7f0000001900)={0x0, 0x0, &(0x7f00000018c0)={&(0x7f0000001880)={0x14, r4, 0x925, 0x70bd25, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x4801}, 0x80)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r3, 0xc04064a0, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[<r5=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_CURSOR(r2, 0xc01c64a3, &(0x7f0000000040)={0x3, r5, 0x10000000, 0x80000001, 0xb, 0x1fd, 0x1})
close_range(r2, 0xffffffffffffffff, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$FIBMAP(r0, 0x1, &(0x7f0000000140)=0x3)
sendmsg$NFULNL_MSG_CONFIG(r6, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={0x0, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x40000)
socket$pptp(0x18, 0x1, 0x2)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x44)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
r8 = dup(r7)
r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r9, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
ioctl$SIOCSIFHWADDR(r8, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x79, 0x33, 0x13, 0x8, 0x2058, 0x1005, 0x2d5a, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x35, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x53, 0x0, 0x1, 0x83, 0x9, 0xf4, 0x0, [], [{{0x9, 0x5, 0x5}}]}}]}}]}}, 0x0)

374.580268ms ago: executing program 1 (id=8675):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
syz_mount_image$fuse(&(0x7f0000002340), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB, @ANYRESDEC=0x0, @ANYBLOB=',\x00'], 0x0, 0x0, 0x0)
r1 = syz_io_uring_setup(0x10d, &(0x7f0000000380)={0x0, 0x0, 0x80, 0x0, 0x4000}, &(0x7f0000000340)=<r2=>0x0, &(0x7f0000000280))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000440)=0xfffffffc, 0x0, 0x4)
mlock(&(0x7f0000ffc000/0x2000)=nil, 0x2000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xc824, 0x800, 0xffffffff, 0xbfdffffc}, &(0x7f0000000000)=<r4=>0x0, &(0x7f0000000280)=<r5=>0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x400, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x40080)
syz_emit_ethernet(0x7d, &(0x7f00000000c0)={@broadcast, @broadcast, @void, {@ipv6={0x86dd, @gre_packet={0x1, 0x6, "a70002", 0x47, 0x2f, 0x0, @remote, @local, {[], {{0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x88be, 0x0, 0x2}, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9900, [], "0080d5"}, {}, {0x8, 0x88be, 0x3, {{0xc, 0x1, 0x8, 0x1, 0x1, 0x0, 0x4, 0x14}, 0x1, {0x7b40}}}, {0x8, 0x22eb, 0x2, {{0x3, 0x2, 0x2, 0x3, 0x0, 0x0, 0x1, 0x9}, 0x2, {0x80000003, 0xeb, 0x0, 0xd, 0x1, 0x1, 0x1, 0x1, 0x1}}}, {0x8, 0x6558, 0x4}}}}}}}, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r7, 0xae60)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000200)={0x0, 0x1, 0xf000, 0x2000, &(0x7f0000f9a000/0x2000)=nil})
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e23, 0xb, @local, 0x7fffffff}, 0x1c)
ioctl$KVM_CAP_SPLIT_IRQCHIP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000140)={0x79, 0x0, 0xddf})
r9 = dup(r8)
ioctl$VT_RESIZEX(r9, 0x560a, &(0x7f0000000240)={0x3, 0x2c5, 0x4, 0x7, 0x4, 0x6})
ioctl$KVM_SET_VCPU_EVENTS(r8, 0x4400ae8f, &(0x7f0000000040)=@x86={0x0, 0x9, 0xc, 0x0, 0x6, 0x1, 0x86, 0x2, 0xe7, 0x0, 0x2, 0x4, 0x0, 0x7, 0x4, 0x7, 0x5, 0xff, 0x3b, '\x00', 0x8, 0x7ffffffffffffffe})
ioctl$KVM_SET_VAPIC_ADDR(r9, 0x4008ae93, &(0x7f00000000c0)=0xffff)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r3, 0x47f6, 0x0, 0x2, 0x0, 0x300)
io_uring_enter(r1, 0x3516, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x6, 0x50, 0xffffffffffffffff, 0x0)
socket(0xa, 0x3, 0x3a)
r10 = socket(0x10, 0x3, 0x0)
write(r10, &(0x7f00000000c0)="1c0000001d005f0214fffffffffffff8070000000d00000000000600", 0x1c)

0s ago: executing program 0 (id=8676):
r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x28c800)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000040)={'vxcan1\x00', <r3=>0x0})
connect$can_bcm(r2, &(0x7f0000000140)={0x1d, r3}, 0x10)
sendmsg$can_bcm(r2, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000480)=ANY=[@ANYBLOB="05"], 0x48}, 0x1, 0x0, 0x0, 0x1}, 0x4004844)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = openat$rtc(0xffffffffffffff9c, &(0x7f0000001740), 0xe2803, 0x0)
ioctl$RTC_WKALM_SET(r6, 0x4028700f, 0x0)
connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x3, 0x8, 0x8001, 0x0, 0xb, 0x8000000000000000, 0x6, 0xfa11, 0xffffffff}, 0x0)
r7 = syz_open_dev$radio(&(0x7f0000000580), 0x2, 0x2)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'wg0\x00'})
ioctl$VIDIOC_S_TUNER(r7, 0x4054561e, &(0x7f0000000040)={0xffffffff, "a055babd9b8c29abbdd772a44c5518bc1661222efc50f8f5555dcf4617da81d7", 0x5, 0x80, 0x3, 0x6, 0x2, 0x4, 0xff7ffff9, 0x5})
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x300000a, 0x4000010, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000de2000/0x4000)=nil, 0x4000, 0x10)
socket$inet6_udplite(0xa, 0x2, 0x88)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000600), 0x0)
r8 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r8, 0x8933, &(0x7f0000000180)={'vcan0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@getchain={0x24, 0x11, 0x839, 0x70bd25, 0x100003, {0x0, 0x0, 0x0, r9, {0x9, 0xfff3}, {0x3, 0xfff9}, {0x3}}}, 0x24}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
syz_usb_disconnect(r0)
socket$kcm(0x10, 0x2, 0x0)

kernel console output (not intermixed with test programs):

T22612] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1819.952629][ T2431] FAULT_INJECTION: forcing a failure.
[ 1819.952629][ T2431] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1819.984967][ T2431] CPU: 0 UID: 0 PID: 2431 Comm: syz.1.8403 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1819.984996][ T2431] Tainted: [L]=SOFTLOCKUP
[ 1819.985004][ T2431] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1819.985014][ T2431] Call Trace:
[ 1819.985022][ T2431]  <TASK>
[ 1819.985031][ T2431]  dump_stack_lvl+0xe8/0x150
[ 1819.985058][ T2431]  should_fail_ex+0x412/0x560
[ 1819.985084][ T2431]  _copy_to_user+0x31/0xb0
[ 1819.985110][ T2431]  simple_read_from_buffer+0xe1/0x170
[ 1819.985134][ T2431]  proc_fail_nth_read+0x1bb/0x230
[ 1819.985161][ T2431]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1819.985194][ T2431]  ? rw_verify_area+0x2a6/0x4d0
[ 1819.985282][ T2431]  ? tun_chr_write_iter+0x18a/0x200
[ 1819.985302][ T2431]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1819.985325][ T2431]  vfs_read+0x20c/0xa70
[ 1819.985345][ T2431]  ? fdget_pos+0x246/0x320
[ 1819.985368][ T2431]  ? __pfx___mutex_lock+0x10/0x10
[ 1819.985386][ T2431]  ? __pfx_vfs_read+0x10/0x10
[ 1819.985408][ T2431]  ? __fget_files+0x2a/0x420
[ 1819.985429][ T2431]  ? __fget_files+0x3a0/0x420
[ 1819.985447][ T2431]  ? __fget_files+0x2a/0x420
[ 1819.985472][ T2431]  ksys_read+0x150/0x270
[ 1819.985495][ T2431]  ? __pfx_ksys_read+0x10/0x10
[ 1819.985522][ T2431]  ? asm_int80_emulation+0x1a/0x20
[ 1819.985542][ T2431]  ? asm_int80_emulation+0x1a/0x20
[ 1819.985556][ T2431]  do_int80_emulation+0x111/0x400
[ 1819.985575][ T2431]  ? clear_bhb_loop+0x60/0xb0
[ 1819.985592][ T2431]  ? clear_bhb_loop+0x60/0xb0
[ 1819.985612][ T2431]  asm_int80_emulation+0x1a/0x20
[ 1819.985628][ T2431] RIP: 0023:0xf713572b
[ 1819.985645][ T2431] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[ 1819.985660][ T2431] RSP: 002b:00000000f53f64bc EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[ 1819.985680][ T2431] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f53f65d0
[ 1819.985692][ T2431] RDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000000
[ 1819.985703][ T2431] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1819.985714][ T2431] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1819.985725][ T2431] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1819.985751][ T2431]  </TASK>
[ 1820.256402][T22612] usb 3-1: GET_CAPABILITIES returned 0
[ 1820.262194][T22612] usbtmc 3-1:16.0: can't read capabilities
[ 1820.350750][ T2439] FAULT_INJECTION: forcing a failure.
[ 1820.350750][ T2439] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1820.364127][ T2439] CPU: 0 UID: 0 PID: 2439 Comm: syz.4.8406 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1820.364155][ T2439] Tainted: [L]=SOFTLOCKUP
[ 1820.364161][ T2439] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1820.364172][ T2439] Call Trace:
[ 1820.364181][ T2439]  <TASK>
[ 1820.364189][ T2439]  dump_stack_lvl+0xe8/0x150
[ 1820.364226][ T2439]  should_fail_ex+0x412/0x560
[ 1820.364252][ T2439]  _copy_from_user+0x2d/0xb0
[ 1820.364278][ T2439]  kstrtouint_from_user+0xd6/0x180
[ 1820.364301][ T2439]  ? __pfx_kstrtouint_from_user+0x10/0x10
[ 1820.364337][ T2439]  proc_fail_nth_write+0x8e/0x210
[ 1820.364361][ T2439]  ? __pfx_proc_fail_nth_write+0x10/0x10
[ 1820.364389][ T2439]  ? __pfx_proc_fail_nth_write+0x10/0x10
[ 1820.364413][ T2439]  vfs_write+0x29a/0xb90
[ 1820.364444][ T2439]  ? __pfx_vfs_write+0x10/0x10
[ 1820.364468][ T2439]  ? __fget_files+0x2a/0x420
[ 1820.364491][ T2439]  ? __fget_files+0x3a0/0x420
[ 1820.364509][ T2439]  ? __fget_files+0x2a/0x420
[ 1820.364535][ T2439]  ksys_write+0x150/0x270
[ 1820.364560][ T2439]  ? __pfx_ksys_write+0x10/0x10
[ 1820.364587][ T2439]  ? asm_int80_emulation+0x1a/0x20
[ 1820.364654][ T2439]  ? asm_int80_emulation+0x1a/0x20
[ 1820.364673][ T2439]  do_int80_emulation+0x111/0x400
[ 1820.364692][ T2439]  ? clear_bhb_loop+0x60/0xb0
[ 1820.364708][ T2439]  ? clear_bhb_loop+0x60/0xb0
[ 1820.364729][ T2439]  asm_int80_emulation+0x1a/0x20
[ 1820.364746][ T2439] RIP: 0023:0xf711572b
[ 1820.364763][ T2439] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[ 1820.364779][ T2439] RSP: 002b:00000000f53d64bc EFLAGS: 00000246 ORIG_RAX: 0000000000000004
[ 1820.364798][ T2439] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f53d65d0
[ 1820.364811][ T2439] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[ 1820.364821][ T2439] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1820.364831][ T2439] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1820.364842][ T2439] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1820.364871][ T2439]  </TASK>
[ 1820.700539][ T2448] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1820.778385][T22612] usb 3-1: USB disconnect, device number 63
[ 1820.823840][ T2448] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1821.184932][T22612] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[ 1821.234830][T32702] usb 5-1: new high-speed USB device number 123 using dummy_hcd
[ 1821.338335][T22612] usb 4-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[ 1821.347848][T22612] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1821.356216][T22612] usb 4-1: Product: syz
[ 1821.360481][T22612] usb 4-1: Manufacturer: syz
[ 1821.383989][T22612] usb 4-1: SerialNumber: syz
[ 1821.394807][T32702] usb 5-1: Using ep0 maxpacket: 32
[ 1821.406323][T32702] usb 5-1: config 18 has an invalid interface number: 88 but max is 0
[ 1821.417104][T32702] usb 5-1: config 18 has no interface number 0
[ 1821.423306][T32702] usb 5-1: config 18 interface 88 has no altsetting 0
[ 1821.442972][T32702] usb 5-1: New USB device found, idVendor=0557, idProduct=2009, bcdDevice=c7.1e
[ 1821.452652][T32702] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1821.461749][T32702] usb 5-1: Product: syz
[ 1821.467303][T32702] usb 5-1: Manufacturer: syz
[ 1821.472098][T32702] usb 5-1: SerialNumber: syz
[ 1821.494848][ T2466] input: syz1 as /devices/virtual/input/input125
[ 1821.810235][T22612] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPIPE
[ 1821.827677][T22612] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Failed to sync IRQ enable register: -EPIPE
[ 1822.699961][   T30] kauditd_printk_skb: 11 callbacks suppressed
[ 1822.699975][   T30] audit: type=1326 audit(1769915422.500:2434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2480 comm="syz.1.8416" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f37539 code=0x0
[ 1822.802625][ T2487] random: crng reseeded on system resumption
[ 1823.365191][T22595] usb 3-1: new high-speed USB device number 64 using dummy_hcd
[ 1823.412801][ T2499] netlink: 24 bytes leftover after parsing attributes in process `syz.1.8420'.
[ 1823.534762][T22595] usb 3-1: Using ep0 maxpacket: 16
[ 1823.547996][T22595] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1823.558539][T22595] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[ 1823.568816][T22595] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0xF has invalid maxpacket 0
[ 1823.579048][T22595] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1823.620752][T22595] usb 3-1: New USB device found, idVendor=054c, idProduct=06c1, bcdDevice=c2.87
[ 1823.631112][T22595] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1823.640041][T22595] usb 3-1: Product: syz
[ 1823.644544][T22595] usb 3-1: Manufacturer: syz
[ 1823.649974][T22595] usb 3-1: SerialNumber: syz
[ 1823.661054][T22595] usb 3-1: config 0 descriptor??
[ 1823.678020][T22595] port100 3-1:0.0: NFC: Could not find bulk-in or bulk-out endpoint
[ 1823.892599][T22612] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000084. ret = -EPROTO
[ 1823.906052][T22612] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Failed to init LTM with error -EPROTO
[ 1823.919979][T22612] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[ 1823.931158][T22612] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[ 1823.963322][T22612] lan78xx 4-1:1.0: probe with driver lan78xx failed with error -71
[ 1823.983491][T32702] asix 5-1:18.88: probe with driver asix failed with error -71
[ 1824.012353][T22612] usb 4-1: USB disconnect, device number 23
[ 1824.021135][ T2501] syzkaller1: entered promiscuous mode
[ 1824.027897][T32702] usb 5-1: USB disconnect, device number 123
[ 1824.109426][ T2501] syzkaller1: entered allmulticast mode
[ 1824.189276][T22595] usb 3-1: USB disconnect, device number 64
[ 1824.654826][T32702] usb 3-1: new high-speed USB device number 65 using dummy_hcd
[ 1824.821604][   T30] audit: type=1326 audit(1769915424.620:2435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2518 comm="syz.1.8427" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f37539 code=0x0
[ 1824.848052][T32702] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1824.859640][T22584] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[ 1824.880861][T32702] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1824.894525][T32702] usb 3-1: New USB device found, idVendor=18d1, idProduct=9400, bcdDevice= 0.00
[ 1824.900207][ T2521] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8427'.
[ 1824.903848][T32702] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1824.946560][T32702] usb 3-1: config 0 descriptor??
[ 1825.035164][T22584] usb 4-1: Using ep0 maxpacket: 8
[ 1825.046244][T22584] usb 4-1: New USB device found, idVendor=0763, idProduct=2081, bcdDevice=d0.ab
[ 1825.061301][T22584] usb 4-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[ 1825.092707][T22584] usb 4-1: Product: syz
[ 1825.101274][T22584] usb 4-1: Manufacturer: syz
[ 1825.128647][T22584] usb 4-1: SerialNumber: syz
[ 1825.143441][T22584] usb 4-1: config 0 descriptor??
[ 1825.433774][T32702] stadia 0003:18D1:9400.006D: item fetching failed at offset 5/7
[ 1825.446279][T32702] stadia 0003:18D1:9400.006D: parse failed
[ 1825.457385][T32702] stadia 0003:18D1:9400.006D: probe with driver stadia failed with error -22
[ 1825.628459][T22584] usb 4-1: USB disconnect, device number 24
[ 1825.695896][ T6149] udevd[6149]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1825.756834][T32313] hid-generic 0000:0000:0000.006E: unknown main item tag 0x0
[ 1825.792202][T32313] hid-generic 0000:0000:0000.006E: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1826.134358][ T2561] netlink: 'syz.4.8436': attribute type 46 has an invalid length.
[ 1826.156804][ T2561] netlink: 212868 bytes leftover after parsing attributes in process `syz.4.8436'.
[ 1826.186202][T32702] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[ 1826.335145][   T30] audit: type=1326 audit(1769915426.130:2436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2545 comm="syz.0.8431" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7ff4539 code=0x0
[ 1826.357993][T32702] usb 2-1: config 0 has an invalid interface number: 64 but max is 0
[ 1826.367037][T32702] usb 2-1: config 0 has an invalid descriptor of length 48, skipping remainder of the config
[ 1826.378226][T32702] usb 2-1: config 0 has no interface number 0
[ 1826.388283][T32702] usb 2-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice=39.48
[ 1826.399922][T32702] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1826.411399][T32702] usb 2-1: Product: syz
[ 1826.417088][T22612] usb 4-1: new full-speed USB device number 25 using dummy_hcd
[ 1826.425583][T32702] usb 2-1: Manufacturer: syz
[ 1826.430386][T32702] usb 2-1: SerialNumber: syz
[ 1826.453701][T32702] usb 2-1: config 0 descriptor??
[ 1826.486776][T22595] usb 3-1: USB disconnect, device number 65
[ 1826.608473][T22612] usb 4-1: unable to get BOS descriptor or descriptor too short
[ 1826.619929][T22612] usb 4-1: not running at top speed; connect to a high speed hub
[ 1826.631435][T22612] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1826.645006][T22612] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1826.660313][T22612] usb 4-1: string descriptor 0 read error: -22
[ 1826.675040][T22612] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1826.692001][T22612] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1826.707313][T32702] uvcvideo 2-1:0.64: Found UVC 0.00 device syz (046d:0823)
[ 1826.718889][T22612] usb 4-1: 0:2 : does not exist
[ 1826.729879][T32702] uvcvideo 2-1:0.64: No valid video chain found.
[ 1826.748463][T32702] usb 2-1: USB disconnect, device number 14
[ 1827.031870][ T2577] libceph: resolve '0..' (ret=-3): failed
[ 1827.112284][ T2585] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8441'.
[ 1827.129993][ T2590] FAULT_INJECTION: forcing a failure.
[ 1827.129993][ T2590] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1827.143462][ T2590] CPU: 0 UID: 0 PID: 2590 Comm: syz.4.8442 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1827.143501][ T2590] Tainted: [L]=SOFTLOCKUP
[ 1827.143507][ T2590] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1827.143518][ T2590] Call Trace:
[ 1827.143525][ T2590]  <TASK>
[ 1827.143532][ T2590]  dump_stack_lvl+0xe8/0x150
[ 1827.143559][ T2590]  should_fail_ex+0x412/0x560
[ 1827.143583][ T2590]  _copy_to_user+0x31/0xb0
[ 1827.143608][ T2590]  simple_read_from_buffer+0xe1/0x170
[ 1827.143632][ T2590]  proc_fail_nth_read+0x1bb/0x230
[ 1827.143658][ T2590]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1827.143683][ T2590]  ? rw_verify_area+0x2a6/0x4d0
[ 1827.143706][ T2590]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1827.143728][ T2590]  vfs_read+0x20c/0xa70
[ 1827.143747][ T2590]  ? fdget_pos+0x246/0x320
[ 1827.143770][ T2590]  ? __pfx___mutex_lock+0x10/0x10
[ 1827.143790][ T2590]  ? __pfx_vfs_read+0x10/0x10
[ 1827.143812][ T2590]  ? __fget_files+0x2a/0x420
[ 1827.143833][ T2590]  ? __fget_files+0x3a0/0x420
[ 1827.143851][ T2590]  ? __fget_files+0x2a/0x420
[ 1827.143877][ T2590]  ksys_read+0x150/0x270
[ 1827.143900][ T2590]  ? __pfx_ksys_read+0x10/0x10
[ 1827.143926][ T2590]  ? asm_int80_emulation+0x1a/0x20
[ 1827.143946][ T2590]  ? asm_int80_emulation+0x1a/0x20
[ 1827.143963][ T2590]  do_int80_emulation+0x111/0x400
[ 1827.143983][ T2590]  ? clear_bhb_loop+0x60/0xb0
[ 1827.143999][ T2590]  ? clear_bhb_loop+0x60/0xb0
[ 1827.144018][ T2590]  asm_int80_emulation+0x1a/0x20
[ 1827.144033][ T2590] RIP: 0023:0xf711572b
[ 1827.144049][ T2590] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[ 1827.144065][ T2590] RSP: 002b:00000000f53d64bc EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[ 1827.144085][ T2590] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f53d65d0
[ 1827.144098][ T2590] RDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000000
[ 1827.144109][ T2590] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1827.144120][ T2590] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1827.144131][ T2590] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1827.144158][ T2590]  </TASK>
[ 1827.411022][ T2593] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1827.492966][ T2595] FAULT_INJECTION: forcing a failure.
[ 1827.492966][ T2595] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1827.507340][ T2595] CPU: 0 UID: 0 PID: 2595 Comm: syz.4.8445 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1827.507369][ T2595] Tainted: [L]=SOFTLOCKUP
[ 1827.507376][ T2595] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1827.507386][ T2595] Call Trace:
[ 1827.507394][ T2595]  <TASK>
[ 1827.507402][ T2595]  dump_stack_lvl+0xe8/0x150
[ 1827.507429][ T2595]  should_fail_ex+0x412/0x560
[ 1827.507455][ T2595]  _copy_to_user+0x31/0xb0
[ 1827.507480][ T2595]  simple_read_from_buffer+0xe1/0x170
[ 1827.507504][ T2595]  proc_fail_nth_read+0x1bb/0x230
[ 1827.507530][ T2595]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1827.507555][ T2595]  ? rw_verify_area+0x2a6/0x4d0
[ 1827.507577][ T2595]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1827.507601][ T2595]  vfs_read+0x20c/0xa70
[ 1827.507621][ T2595]  ? fdget_pos+0x246/0x320
[ 1827.507644][ T2595]  ? __pfx___mutex_lock+0x10/0x10
[ 1827.507665][ T2595]  ? __pfx_vfs_read+0x10/0x10
[ 1827.507688][ T2595]  ? __fget_files+0x2a/0x420
[ 1827.507711][ T2595]  ? __fget_files+0x3a0/0x420
[ 1827.507736][ T2595]  ? __fget_files+0x2a/0x420
[ 1827.507763][ T2595]  ksys_read+0x150/0x270
[ 1827.507787][ T2595]  ? __pfx_ksys_read+0x10/0x10
[ 1827.507814][ T2595]  ? asm_int80_emulation+0x1a/0x20
[ 1827.507834][ T2595]  ? asm_int80_emulation+0x1a/0x20
[ 1827.507851][ T2595]  do_int80_emulation+0x111/0x400
[ 1827.507871][ T2595]  ? clear_bhb_loop+0x60/0xb0
[ 1827.507887][ T2595]  ? clear_bhb_loop+0x60/0xb0
[ 1827.507907][ T2595]  asm_int80_emulation+0x1a/0x20
[ 1827.507924][ T2595] RIP: 0023:0xf711572b
[ 1827.507940][ T2595] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[ 1827.507955][ T2595] RSP: 002b:00000000f53d64bc EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[ 1827.507974][ T2595] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f53d65d0
[ 1827.507987][ T2595] RDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000000
[ 1827.507998][ T2595] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1827.508007][ T2595] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1827.508016][ T2595] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1827.508040][ T2595]  </TASK>
[ 1827.856214][ T2599] binder: 2591:2599 ioctl c0306201 800003c0 returned -14
[ 1828.245318][ T2607] sctp: [Deprecated]: syz.1.8448 (pid 2607) Use of int in max_burst socket option.
[ 1828.245318][ T2607] Use struct sctp_assoc_value instead
[ 1828.320766][ T2614] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8449'.
[ 1828.406086][   T30] audit: type=1326 audit(1769915428.210:2437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2600 comm="syz.4.8447" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73ad539 code=0x0
[ 1828.884506][ T2626] syzkaller1: entered promiscuous mode
[ 1828.890458][ T2626] syzkaller1: entered allmulticast mode
[ 1829.073189][ T2631] FAULT_INJECTION: forcing a failure.
[ 1829.073189][ T2631] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1829.115269][ T2631] CPU: 1 UID: 0 PID: 2631 Comm: syz.4.8455 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1829.115299][ T2631] Tainted: [L]=SOFTLOCKUP
[ 1829.115305][ T2631] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1829.115316][ T2631] Call Trace:
[ 1829.115323][ T2631]  <TASK>
[ 1829.115332][ T2631]  dump_stack_lvl+0xe8/0x150
[ 1829.115364][ T2631]  should_fail_ex+0x412/0x560
[ 1829.115391][ T2631]  _copy_to_user+0x31/0xb0
[ 1829.115416][ T2631]  simple_read_from_buffer+0xe1/0x170
[ 1829.115439][ T2631]  proc_fail_nth_read+0x1bb/0x230
[ 1829.115465][ T2631]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1829.115491][ T2631]  ? rw_verify_area+0x2a6/0x4d0
[ 1829.115513][ T2631]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1829.115537][ T2631]  vfs_read+0x20c/0xa70
[ 1829.115564][ T2631]  ? fdget_pos+0x246/0x320
[ 1829.115586][ T2631]  ? __pfx___mutex_lock+0x10/0x10
[ 1829.115606][ T2631]  ? __pfx_vfs_read+0x10/0x10
[ 1829.115629][ T2631]  ? __fget_files+0x2a/0x420
[ 1829.115652][ T2631]  ? __fget_files+0x3a0/0x420
[ 1829.115670][ T2631]  ? __fget_files+0x2a/0x420
[ 1829.115696][ T2631]  ksys_read+0x150/0x270
[ 1829.115720][ T2631]  ? __pfx_ksys_read+0x10/0x10
[ 1829.115743][ T2631]  ? __secure_computing+0xe1/0x2a0
[ 1829.115770][ T2631]  ? asm_int80_emulation+0x1a/0x20
[ 1829.115788][ T2631]  do_int80_emulation+0x111/0x400
[ 1829.115808][ T2631]  ? clear_bhb_loop+0x60/0xb0
[ 1829.115824][ T2631]  ? clear_bhb_loop+0x60/0xb0
[ 1829.115844][ T2631]  asm_int80_emulation+0x1a/0x20
[ 1829.115860][ T2631] RIP: 0023:0xf711572b
[ 1829.115876][ T2631] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[ 1829.115891][ T2631] RSP: 002b:00000000f53d64bc EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[ 1829.115910][ T2631] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000f53d65d0
[ 1829.115923][ T2631] RDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000000
[ 1829.115933][ T2631] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1829.115944][ T2631] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1829.115955][ T2631] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1829.115983][ T2631]  </TASK>
[ 1829.119547][T22612] usb 4-1: 5:0: failed to get current value for ch 0 (-22)
[ 1829.457320][T22612] usb 4-1: 5:0: cannot get min/max values for control 2 (id 5)
[ 1829.486019][T22612] usb 4-1: 5:0: cannot get min/max values for control 3 (id 5)
[ 1829.505452][T22612] usb 4-1: 5:0: failed to get current value for ch 1 (-22)
[ 1829.560634][T22612] usb 4-1: 5:0: cannot get min/max values for control 3 (id 5)
[ 1829.591170][T22612] usb 4-1: 5:0: cannot get min/max values for control 2 (id 5)
[ 1829.620920][T22612] usb 4-1: USB disconnect, device number 25
[ 1829.674137][ T2659] FAULT_INJECTION: forcing a failure.
[ 1829.674137][ T2659] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1829.705297][ T2659] CPU: 0 UID: 0 PID: 2659 Comm: syz.1.8462 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1829.705327][ T2659] Tainted: [L]=SOFTLOCKUP
[ 1829.705334][ T2659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1829.705345][ T2659] Call Trace:
[ 1829.705353][ T2659]  <TASK>
[ 1829.705361][ T2659]  dump_stack_lvl+0xe8/0x150
[ 1829.705388][ T2659]  should_fail_ex+0x412/0x560
[ 1829.705421][ T2659]  _copy_from_iter+0x1d3/0x1670
[ 1829.705449][ T2659]  ? trace_kmem_cache_alloc+0x1f/0xb0
[ 1829.705476][ T2659]  ? __pfx__copy_from_iter+0x10/0x10
[ 1829.705499][ T2659]  ? __build_skb_around+0x22d/0x3c0
[ 1829.705521][ T2659]  ? __alloc_skb+0x193/0x390
[ 1829.705540][ T2659]  ? netlink_sendmsg+0x650/0xb40
[ 1829.705558][ T2659]  ? skb_put+0x11b/0x210
[ 1829.705579][ T2659]  netlink_sendmsg+0x6c0/0xb40
[ 1829.705604][ T2659]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1829.705623][ T2659]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1829.705646][ T2659]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1829.705665][ T2659]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1829.705682][ T2659]  ____sys_sendmsg+0xa68/0xad0
[ 1829.705708][ T2659]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1829.705728][ T2659]  ? kstrtoull+0x12f/0x1d0
[ 1829.705749][ T2659]  ___sys_sendmsg+0x2a5/0x360
[ 1829.705765][ T2659]  ? __lock_acquire+0x6b5/0x2cf0
[ 1829.705786][ T2659]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1829.705805][ T2659]  ? get_pid_task+0x20/0x1f0
[ 1829.705819][ T2659]  ? get_pid_task+0x20/0x1f0
[ 1829.705832][ T2659]  ? get_pid_task+0x20/0x1f0
[ 1829.705864][ T2659]  ? __fget_files+0x2a/0x420
[ 1829.705878][ T2659]  ? __fget_files+0x3a0/0x420
[ 1829.705899][ T2659]  __sys_sendmsg+0x183/0x260
[ 1829.705917][ T2659]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1829.705941][ T2659]  ? __pfx_ksys_write+0x10/0x10
[ 1829.705966][ T2659]  __do_fast_syscall_32+0x1d2/0x540
[ 1829.705981][ T2659]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1829.705994][ T2659]  ? do_fast_syscall_32+0x33/0x70
[ 1829.706008][ T2659]  ? asm_int80_emulation+0x1a/0x20
[ 1829.706021][ T2659]  ? do_int80_emulation+0x20e/0x400
[ 1829.706039][ T2659]  do_fast_syscall_32+0x33/0x70
[ 1829.706054][ T2659]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1829.706069][ T2659] RIP: 0023:0xf7f37539
[ 1829.706082][ T2659] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1829.706094][ T2659] RSP: 002b:00000000f53f650c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 1829.706110][ T2659] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080006040
[ 1829.706120][ T2659] RDX: 0000000004041080 RSI: 0000000000000000 RDI: 0000000000000000
[ 1829.706128][ T2659] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1829.706136][ T2659] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1829.706144][ T2659] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1829.706164][ T2659]  </TASK>
[ 1830.084557][ T2666] bridge_slave_0: left allmulticast mode
[ 1830.090587][ T2666] bridge_slave_0: left promiscuous mode
[ 1830.115733][ T2666] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1830.163784][ T2666] bridge_slave_1: left allmulticast mode
[ 1830.169515][ T2666] bridge_slave_1: left promiscuous mode
[ 1830.175325][ T2666] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1830.190642][ T2666] bond0: (slave bond_slave_0): Releasing backup interface
[ 1830.191370][ T2676] FAULT_INJECTION: forcing a failure.
[ 1830.191370][ T2676] name failslab, interval 1, probability 0, space 0, times 0
[ 1830.212536][ T2676] CPU: 1 UID: 0 PID: 2676 Comm: syz.2.8468 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1830.212563][ T2676] Tainted: [L]=SOFTLOCKUP
[ 1830.212570][ T2676] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1830.212580][ T2676] Call Trace:
[ 1830.212588][ T2676]  <TASK>
[ 1830.212596][ T2676]  dump_stack_lvl+0xe8/0x150
[ 1830.212621][ T2676]  should_fail_ex+0x412/0x560
[ 1830.212647][ T2676]  should_failslab+0xa8/0x100
[ 1830.212667][ T2676]  __kmalloc_cache_noprof+0x83/0x6e0
[ 1830.212684][ T2676]  ? sctp_auth_asoc_copy_shkeys+0x14e/0x5a0
[ 1830.212699][ T2676]  ? __genradix_ptr+0x1e1/0x220
[ 1830.212716][ T2676]  sctp_auth_asoc_copy_shkeys+0x14e/0x5a0
[ 1830.212739][ T2676]  sctp_association_new+0x15d3/0x25e0
[ 1830.212771][ T2676]  sctp_connect_new_asoc+0x2e4/0x6b0
[ 1830.212793][ T2676]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[ 1830.212811][ T2676]  ? sctp_endpoint_lookup_assoc+0x7b/0x260
[ 1830.212830][ T2676]  ? sctp_endpoint_lookup_assoc+0x7b/0x260
[ 1830.212846][ T2676]  ? sctp_endpoint_lookup_assoc+0x7b/0x260
[ 1830.212864][ T2676]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[ 1830.212881][ T2676]  ? security_sctp_bind_connect+0x7e/0x2c0
[ 1830.212899][ T2676]  sctp_sendmsg+0x1528/0x2c10
[ 1830.212928][ T2676]  ? __pfx_sctp_sendmsg+0x10/0x10
[ 1830.212944][ T2676]  ? aa_sk_perm+0x15a/0x960
[ 1830.212963][ T2676]  ? aa_sk_perm+0x82d/0x960
[ 1830.212978][ T2676]  ? __might_fault+0xaf/0x130
[ 1830.213004][ T2676]  ? __pfx_aa_sk_perm+0x10/0x10
[ 1830.213024][ T2676]  ? sock_rps_record_flow+0x19/0x400
[ 1830.213045][ T2676]  ? inet_sendmsg+0x2f4/0x370
[ 1830.213064][ T2676]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1830.213083][ T2676]  __sys_sendto+0x627/0x7a0
[ 1830.213103][ T2676]  ? __pfx___sys_sendto+0x10/0x10
[ 1830.213147][ T2676]  ? fput+0xa0/0xd0
[ 1830.213166][ T2676]  ? ksys_write+0x242/0x270
[ 1830.213188][ T2676]  ? __pfx_ksys_write+0x10/0x10
[ 1830.213209][ T2676]  __ia32_sys_sendto+0xdd/0x100
[ 1830.213231][ T2676]  __do_fast_syscall_32+0x1d2/0x540
[ 1830.213249][ T2676]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1830.213264][ T2676]  ? do_fast_syscall_32+0x33/0x70
[ 1830.213280][ T2676]  ? asm_int80_emulation+0x1a/0x20
[ 1830.213296][ T2676]  ? do_int80_emulation+0x20e/0x400
[ 1830.213318][ T2676]  do_fast_syscall_32+0x33/0x70
[ 1830.213334][ T2676]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1830.213353][ T2676] RIP: 0023:0xf73ed539
[ 1830.213368][ T2676] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1830.213382][ T2676] RSP: 002b:00000000f541650c EFLAGS: 00000206 ORIG_RAX: 0000000000000171
[ 1830.213400][ T2676] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000040
[ 1830.213412][ T2676] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000080000100
[ 1830.213421][ T2676] RBP: 000000000000001c R08: 0000000000000000 R09: 0000000000000000
[ 1830.213464][ T2676] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1830.213475][ T2676] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1830.213502][ T2676]  </TASK>
[ 1830.609341][ T2666] bond0: (slave bond_slave_1): Releasing backup interface
[ 1830.616566][T15629] usb 2-1: new full-speed USB device number 15 using dummy_hcd
[ 1830.637969][ T2666] team0: Port device team_slave_0 removed
[ 1830.648123][ T2666] team_slave_1: left promiscuous mode
[ 1830.668356][ T2666] team0: Port device team_slave_1 removed
[ 1830.692185][ T2666] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[ 1830.716998][ T2688] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1830.789094][T15629] usb 2-1: unable to get BOS descriptor or descriptor too short
[ 1830.805040][T15629] usb 2-1: not running at top speed; connect to a high speed hub
[ 1830.820234][ T2692] netlink: 8 bytes leftover after parsing attributes in process `syz.4.8473'.
[ 1830.830234][ T2681] syzkaller1: entered promiscuous mode
[ 1830.836893][T15629] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1830.847982][T15629] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1830.886454][T15629] usb 2-1: string descriptor 0 read error: -22
[ 1830.892774][T15629] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1830.904933][T15629] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1830.915004][ T2681] syzkaller1: entered allmulticast mode
[ 1830.936572][T15629] usb 2-1: 0:2 : does not exist
[ 1831.138475][ T2706] FAULT_INJECTION: forcing a failure.
[ 1831.138475][ T2706] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1831.155037][ T2706] CPU: 1 UID: 0 PID: 2706 Comm: syz.3.8474 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1831.155067][ T2706] Tainted: [L]=SOFTLOCKUP
[ 1831.155073][ T2706] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1831.155084][ T2706] Call Trace:
[ 1831.155092][ T2706]  <TASK>
[ 1831.155100][ T2706]  dump_stack_lvl+0xe8/0x150
[ 1831.155127][ T2706]  should_fail_ex+0x412/0x560
[ 1831.155153][ T2706]  _copy_to_user+0x31/0xb0
[ 1831.155185][ T2706]  simple_read_from_buffer+0xe1/0x170
[ 1831.155210][ T2706]  proc_fail_nth_read+0x1bb/0x230
[ 1831.155235][ T2706]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1831.155261][ T2706]  ? rw_verify_area+0x2a6/0x4d0
[ 1831.155283][ T2706]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1831.155307][ T2706]  vfs_read+0x20c/0xa70
[ 1831.155328][ T2706]  ? fdget_pos+0x246/0x320
[ 1831.155351][ T2706]  ? __pfx___mutex_lock+0x10/0x10
[ 1831.155370][ T2706]  ? __pfx_vfs_read+0x10/0x10
[ 1831.155394][ T2706]  ? __fget_files+0x2a/0x420
[ 1831.155415][ T2706]  ? __fget_files+0x3a0/0x420
[ 1831.155432][ T2706]  ? __fget_files+0x2a/0x420
[ 1831.155458][ T2706]  ksys_read+0x150/0x270
[ 1831.155482][ T2706]  ? __pfx_ksys_read+0x10/0x10
[ 1831.155507][ T2706]  ? asm_int80_emulation+0x1a/0x20
[ 1831.155527][ T2706]  ? asm_int80_emulation+0x1a/0x20
[ 1831.155544][ T2706]  do_int80_emulation+0x111/0x400
[ 1831.155564][ T2706]  ? clear_bhb_loop+0x60/0xb0
[ 1831.155580][ T2706]  ? clear_bhb_loop+0x60/0xb0
[ 1831.155601][ T2706]  asm_int80_emulation+0x1a/0x20
[ 1831.155617][ T2706] RIP: 0023:0xf715572b
[ 1831.155632][ T2706] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[ 1831.155647][ T2706] RSP: 002b:00000000f54164bc EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[ 1831.155667][ T2706] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f54165d0
[ 1831.155679][ T2706] RDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000000
[ 1831.155690][ T2706] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1831.155700][ T2706] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1831.155711][ T2706] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1831.155738][ T2706]  </TASK>
[ 1831.477058][ T2707] libceph: resolve '0..' (ret=-3): failed
[ 1832.099899][ T2742] FAULT_INJECTION: forcing a failure.
[ 1832.099899][ T2742] name failslab, interval 1, probability 0, space 0, times 0
[ 1832.123325][ T2742] CPU: 1 UID: 0 PID: 2742 Comm: syz.4.8485 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1832.123356][ T2742] Tainted: [L]=SOFTLOCKUP
[ 1832.123362][ T2742] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1832.123373][ T2742] Call Trace:
[ 1832.123380][ T2742]  <TASK>
[ 1832.123387][ T2742]  dump_stack_lvl+0xe8/0x150
[ 1832.123415][ T2742]  should_fail_ex+0x412/0x560
[ 1832.123438][ T2742]  should_failslab+0xa8/0x100
[ 1832.123459][ T2742]  kmem_cache_alloc_noprof+0x87/0x6e0
[ 1832.123484][ T2742]  ? alloc_empty_file+0x55/0x1d0
[ 1832.123508][ T2742]  alloc_empty_file+0x55/0x1d0
[ 1832.123528][ T2742]  alloc_file_pseudo+0x155/0x240
[ 1832.123551][ T2742]  ? __pfx_alloc_file_pseudo+0x10/0x10
[ 1832.123569][ T2742]  ? evm_inode_alloc_security+0x40/0xb0
[ 1832.123594][ T2742]  ? security_inode_alloc+0xd5/0x310
[ 1832.123625][ T2742]  sock_alloc_file+0xb8/0x2e0
[ 1832.123646][ T2742]  do_accept+0x3a0/0x760
[ 1832.123670][ T2742]  ? __pfx_do_accept+0x10/0x10
[ 1832.123708][ T2742]  __sys_accept4+0x139/0x230
[ 1832.123731][ T2742]  ? __pfx___sys_accept4+0x10/0x10
[ 1832.123748][ T2742]  ? ksys_write+0x242/0x270
[ 1832.123773][ T2742]  ? __pfx_ksys_write+0x10/0x10
[ 1832.123798][ T2742]  __ia32_sys_accept4+0x9a/0xb0
[ 1832.123819][ T2742]  __do_fast_syscall_32+0x1d2/0x540
[ 1832.123839][ T2742]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1832.123855][ T2742]  ? do_fast_syscall_32+0x33/0x70
[ 1832.123873][ T2742]  ? asm_int80_emulation+0x1a/0x20
[ 1832.123890][ T2742]  ? do_int80_emulation+0x20e/0x400
[ 1832.123912][ T2742]  do_fast_syscall_32+0x33/0x70
[ 1832.123931][ T2742]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1832.123951][ T2742] RIP: 0023:0xf73ad539
[ 1832.123967][ T2742] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1832.123982][ T2742] RSP: 002b:00000000f53d650c EFLAGS: 00000206 ORIG_RAX: 000000000000016c
[ 1832.124003][ T2742] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000
[ 1832.124015][ T2742] RDX: 0000000000000000 RSI: 0000000000080000 RDI: 0000000000000000
[ 1832.124026][ T2742] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1832.124037][ T2742] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1832.124048][ T2742] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1832.124075][ T2742]  </TASK>
[ 1832.594921][ T2755] FAULT_INJECTION: forcing a failure.
[ 1832.594921][ T2755] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1832.608346][ T2755] CPU: 1 UID: 0 PID: 2755 Comm: syz.4.8488 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1832.608374][ T2755] Tainted: [L]=SOFTLOCKUP
[ 1832.608382][ T2755] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1832.608392][ T2755] Call Trace:
[ 1832.608400][ T2755]  <TASK>
[ 1832.608407][ T2755]  dump_stack_lvl+0xe8/0x150
[ 1832.608435][ T2755]  should_fail_ex+0x412/0x560
[ 1832.608461][ T2755]  _copy_to_user+0x31/0xb0
[ 1832.608487][ T2755]  simple_read_from_buffer+0xe1/0x170
[ 1832.608510][ T2755]  proc_fail_nth_read+0x1bb/0x230
[ 1832.608536][ T2755]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1832.608559][ T2755]  ? rw_verify_area+0x2a6/0x4d0
[ 1832.608580][ T2755]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1832.608604][ T2755]  vfs_read+0x20c/0xa70
[ 1832.608624][ T2755]  ? fdget_pos+0x246/0x320
[ 1832.608645][ T2755]  ? __pfx___mutex_lock+0x10/0x10
[ 1832.608664][ T2755]  ? __pfx_vfs_read+0x10/0x10
[ 1832.608687][ T2755]  ? __fget_files+0x2a/0x420
[ 1832.608707][ T2755]  ? __fget_files+0x3a0/0x420
[ 1832.608724][ T2755]  ? __fget_files+0x2a/0x420
[ 1832.608751][ T2755]  ksys_read+0x150/0x270
[ 1832.608775][ T2755]  ? __pfx_ksys_read+0x10/0x10
[ 1832.608800][ T2755]  ? asm_int80_emulation+0x1a/0x20
[ 1832.608820][ T2755]  ? asm_int80_emulation+0x1a/0x20
[ 1832.608837][ T2755]  do_int80_emulation+0x111/0x400
[ 1832.608858][ T2755]  ? clear_bhb_loop+0x60/0xb0
[ 1832.608874][ T2755]  ? clear_bhb_loop+0x60/0xb0
[ 1832.608894][ T2755]  asm_int80_emulation+0x1a/0x20
[ 1832.608911][ T2755] RIP: 0023:0xf711572b
[ 1832.608927][ T2755] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[ 1832.608941][ T2755] RSP: 002b:00000000f53d64bc EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[ 1832.608961][ T2755] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f53d65d0
[ 1832.608972][ T2755] RDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000000
[ 1832.608982][ T2755] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1832.608992][ T2755] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1832.609003][ T2755] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1832.609031][ T2755]  </TASK>
[ 1833.193841][T15629] usb 2-1: 5:0: failed to get current value for ch 0 (-22)
[ 1833.222865][T15629] usb 2-1: 5:0: cannot get min/max values for control 2 (id 5)
[ 1833.243464][T15629] usb 2-1: 5:0: cannot get min/max values for control 3 (id 5)
[ 1833.261907][T15629] usb 2-1: 5:0: failed to get current value for ch 1 (-22)
[ 1833.308816][T15629] usb 2-1: 5:0: cannot get min/max values for control 3 (id 5)
[ 1833.342105][T15629] usb 2-1: 5:0: cannot get min/max values for control 2 (id 5)
[ 1833.370492][T15629] usb 2-1: USB disconnect, device number 15
[ 1833.994824][T15629] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[ 1834.168286][T15629] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 1834.178871][T15629] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1834.199215][T15629] usb 2-1: Product: syz
[ 1834.207874][T15629] usb 2-1: Manufacturer: syz
[ 1834.217182][T15629] usb 2-1: SerialNumber: syz
[ 1834.235446][T15629] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 1834.253577][T15631] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 1834.553870][ T2795] FAULT_INJECTION: forcing a failure.
[ 1834.553870][ T2795] name failslab, interval 1, probability 0, space 0, times 0
[ 1834.568272][ T2795] CPU: 1 UID: 0 PID: 2795 Comm: syz.4.8499 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1834.568301][ T2795] Tainted: [L]=SOFTLOCKUP
[ 1834.568308][ T2795] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1834.568320][ T2795] Call Trace:
[ 1834.568328][ T2795]  <TASK>
[ 1834.568337][ T2795]  dump_stack_lvl+0xe8/0x150
[ 1834.568365][ T2795]  should_fail_ex+0x412/0x560
[ 1834.568392][ T2795]  should_failslab+0xa8/0x100
[ 1834.568413][ T2795]  kmem_cache_alloc_node_noprof+0x8b/0x6f0
[ 1834.568440][ T2795]  ? __alloc_skb+0x1d7/0x390
[ 1834.568460][ T2795]  ? __pfx__copy_from_iter+0x10/0x10
[ 1834.568486][ T2795]  __alloc_skb+0x1d7/0x390
[ 1834.568510][ T2795]  tcp_stream_alloc_skb+0x3d/0x350
[ 1834.568536][ T2795]  tcp_sendmsg_locked+0x1af1/0x55b0
[ 1834.568605][ T2795]  ? __pfx_tcp_sendmsg_locked+0x10/0x10
[ 1834.568639][ T2795]  ? __local_bh_enable_ip+0xd0/0x130
[ 1834.568662][ T2795]  tcp_sendmsg+0x2f/0x50
[ 1834.568684][ T2795]  __sys_sendto+0x627/0x7a0
[ 1834.568708][ T2795]  ? __pfx___sys_sendto+0x10/0x10
[ 1834.568758][ T2795]  ? fput+0xa0/0xd0
[ 1834.568779][ T2795]  ? ksys_write+0x242/0x270
[ 1834.568805][ T2795]  ? __pfx_ksys_write+0x10/0x10
[ 1834.568830][ T2795]  __ia32_sys_sendto+0xdd/0x100
[ 1834.568853][ T2795]  __do_fast_syscall_32+0x1d2/0x540
[ 1834.568873][ T2795]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1834.568891][ T2795]  ? do_fast_syscall_32+0x33/0x70
[ 1834.568909][ T2795]  ? asm_int80_emulation+0x1a/0x20
[ 1834.568925][ T2795]  ? do_int80_emulation+0x20e/0x400
[ 1834.568949][ T2795]  do_fast_syscall_32+0x33/0x70
[ 1834.568968][ T2795]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1834.568988][ T2795] RIP: 0023:0xf73ad539
[ 1834.569005][ T2795] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1834.569021][ T2795] RSP: 002b:00000000f53d650c EFLAGS: 00000206 ORIG_RAX: 0000000000000171
[ 1834.569041][ T2795] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800004c0
[ 1834.569055][ T2795] RDX: 0000000000000381 RSI: 0000000000000805 RDI: 0000000000000000
[ 1834.569066][ T2795] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1834.569077][ T2795] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1834.569089][ T2795] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1834.569117][ T2795]  </TASK>
[ 1835.048543][T15629] usb 2-1: USB disconnect, device number 16
[ 1835.171130][ T2805] FAULT_INJECTION: forcing a failure.
[ 1835.171130][ T2805] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1835.185438][ T2805] CPU: 1 UID: 0 PID: 2805 Comm: syz.0.8501 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1835.185467][ T2805] Tainted: [L]=SOFTLOCKUP
[ 1835.185474][ T2805] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1835.185483][ T2805] Call Trace:
[ 1835.185491][ T2805]  <TASK>
[ 1835.185499][ T2805]  dump_stack_lvl+0xe8/0x150
[ 1835.185526][ T2805]  should_fail_ex+0x412/0x560
[ 1835.185552][ T2805]  _copy_from_user+0x2d/0xb0
[ 1835.185576][ T2805]  kstrtouint_from_user+0xd6/0x180
[ 1835.185599][ T2805]  ? __pfx_kstrtouint_from_user+0x10/0x10
[ 1835.185635][ T2805]  proc_fail_nth_write+0x8e/0x210
[ 1835.185658][ T2805]  ? __pfx_proc_fail_nth_write+0x10/0x10
[ 1835.185685][ T2805]  ? __pfx_proc_fail_nth_write+0x10/0x10
[ 1835.185708][ T2805]  vfs_write+0x29a/0xb90
[ 1835.185738][ T2805]  ? __pfx_vfs_write+0x10/0x10
[ 1835.185760][ T2805]  ? __fget_files+0x2a/0x420
[ 1835.185782][ T2805]  ? __fget_files+0x3a0/0x420
[ 1835.185800][ T2805]  ? __fget_files+0x2a/0x420
[ 1835.185821][ T2805]  ksys_write+0x150/0x270
[ 1835.185848][ T2805]  ? __pfx_ksys_write+0x10/0x10
[ 1835.185869][ T2805]  ? asm_int80_emulation+0x1a/0x20
[ 1835.185885][ T2805]  ? asm_int80_emulation+0x1a/0x20
[ 1835.185898][ T2805]  do_int80_emulation+0x111/0x400
[ 1835.185914][ T2805]  ? clear_bhb_loop+0x60/0xb0
[ 1835.185927][ T2805]  ? clear_bhb_loop+0x60/0xb0
[ 1835.185943][ T2805]  asm_int80_emulation+0x1a/0x20
[ 1835.185955][ T2805] RIP: 0023:0xf71f572b
[ 1835.185968][ T2805] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[ 1835.185980][ T2805] RSP: 002b:00000000f54954bc EFLAGS: 00000246 ORIG_RAX: 0000000000000004
[ 1835.185995][ T2805] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 00000000f54955d0
[ 1835.186005][ T2805] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[ 1835.186013][ T2805] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1835.186021][ T2805] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1835.186029][ T2805] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1835.186051][ T2805]  </TASK>
[ 1835.405955][T15631] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive
[ 1835.413001][T15631] ath9k_htc: Failed to initialize the device
[ 1835.559063][T15629] usb 2-1: ath9k_htc: USB layer deinitialized
[ 1835.754812][T32313] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[ 1835.829587][ T2825] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1835.848030][ T2825] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1835.910450][T32313] usb 4-1: Using ep0 maxpacket: 8
[ 1835.919491][ T2831] netlink: 20 bytes leftover after parsing attributes in process `syz.4.8507'.
[ 1835.922776][T32313] usb 4-1: config 53 has an invalid interface number: 83 but max is 0
[ 1835.941209][ T2827] netlink: 20 bytes leftover after parsing attributes in process `syz.1.8506'.
[ 1835.945297][T32313] usb 4-1: config 53 has no interface number 0
[ 1835.978396][ T2834] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1835.989467][T32313] usb 4-1: config 53 interface 83 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1836.015224][T32313] usb 4-1: New USB device found, idVendor=2058, idProduct=1005, bcdDevice=2d.5a
[ 1836.028253][T32313] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1836.028267][ T2827] netlink: 276 bytes leftover after parsing attributes in process `syz.1.8506'.
[ 1836.052531][ T2834] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1836.069674][T32313] usb 4-1: Product: syz
[ 1836.079283][T32313] usb 4-1: Manufacturer: syz
[ 1836.092855][T32313] usb 4-1: SerialNumber: syz
[ 1836.256662][T32313] viperboard 4-1:53.83: version 0.00 found at bus 004 address 026
[ 1836.291319][T32313] viperboard-i2c viperboard-i2c.2.auto: error -EIO: failure setting i2c_bus_freq to 100
[ 1836.318731][T32313] viperboard-i2c viperboard-i2c.2.auto: probe with driver viperboard-i2c failed with error -5
[ 1837.169296][ T2861] syzkaller1: entered promiscuous mode
[ 1837.176845][ T2861] syzkaller1: entered allmulticast mode
[ 1837.712826][ T2890] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1837.728632][ T2890] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1837.834863][T32702] usb 3-1: new high-speed USB device number 66 using dummy_hcd
[ 1837.924924][T22612] usb 5-1: new full-speed USB device number 124 using dummy_hcd
[ 1837.984961][T32702] usb 3-1: Using ep0 maxpacket: 8
[ 1837.996078][T32702] usb 3-1: config 53 has an invalid interface number: 83 but max is 0
[ 1838.013054][T32702] usb 3-1: config 53 has no interface number 0
[ 1838.023328][T32702] usb 3-1: config 53 interface 83 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1838.048344][T32702] usb 3-1: New USB device found, idVendor=2058, idProduct=1005, bcdDevice=2d.5a
[ 1838.060643][T32702] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1838.074410][T32702] usb 3-1: Product: syz
[ 1838.083049][T32702] usb 3-1: Manufacturer: syz
[ 1838.090867][T22612] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1838.109120][T32702] usb 3-1: SerialNumber: syz
[ 1838.116325][T22612] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 2
[ 1838.137092][T22612] usb 5-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[ 1838.154392][T32313] usb 4-1: USB disconnect, device number 26
[ 1838.157770][T22612] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1838.187021][T22612] usb 5-1: config 0 descriptor??
[ 1838.215455][T22612] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[ 1838.222150][T22612] dvb-usb: bulk message failed: -22 (3/0)
[ 1838.235652][T22612] dvb-usb: will use the device's hardware PID filter (table count: 16).
[ 1838.250864][T22612] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[ 1838.262843][T22612] usb 5-1: media controller created
[ 1838.276782][T22612] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1838.306406][T32702] viperboard 3-1:53.83: version 0.00 found at bus 003 address 066
[ 1838.316948][T22612] dvb-usb: bulk message failed: -22 (6/0)
[ 1838.327870][T22612] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[ 1838.351214][T22612] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.4/usb5/5-1/input/input126
[ 1838.389374][ T2894] FAULT_INJECTION: forcing a failure.
[ 1838.389374][ T2894] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1838.394315][T32702] viperboard-i2c viperboard-i2c.2.auto: error -EIO: failure setting i2c_bus_freq to 100
[ 1838.416403][ T2894] CPU: 0 UID: 0 PID: 2894 Comm: syz.3.8523 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1838.416432][ T2894] Tainted: [L]=SOFTLOCKUP
[ 1838.416439][ T2894] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1838.416450][ T2894] Call Trace:
[ 1838.416458][ T2894]  <TASK>
[ 1838.416466][ T2894]  dump_stack_lvl+0xe8/0x150
[ 1838.416493][ T2894]  should_fail_ex+0x412/0x560
[ 1838.416517][ T2894]  _copy_from_iter+0x1d3/0x1670
[ 1838.416543][ T2894]  ? trace_kmem_cache_alloc+0x1f/0xb0
[ 1838.416569][ T2894]  ? __pfx__copy_from_iter+0x10/0x10
[ 1838.416591][ T2894]  ? __build_skb_around+0x22d/0x3c0
[ 1838.416613][ T2894]  ? __alloc_skb+0x193/0x390
[ 1838.416632][ T2894]  ? netlink_sendmsg+0x650/0xb40
[ 1838.416648][ T2894]  ? skb_put+0x11b/0x210
[ 1838.416670][ T2894]  netlink_sendmsg+0x6c0/0xb40
[ 1838.416695][ T2894]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1838.416717][ T2894]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1838.416739][ T2894]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1838.416759][ T2894]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1838.416776][ T2894]  ____sys_sendmsg+0xa68/0xad0
[ 1838.416805][ T2894]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1838.416830][ T2894]  ? kstrtoull+0x12f/0x1d0
[ 1838.416857][ T2894]  ___sys_sendmsg+0x2a5/0x360
[ 1838.416876][ T2894]  ? __lock_acquire+0x6b5/0x2cf0
[ 1838.416899][ T2894]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1838.416923][ T2894]  ? get_pid_task+0x20/0x1f0
[ 1838.416942][ T2894]  ? get_pid_task+0x20/0x1f0
[ 1838.416957][ T2894]  ? get_pid_task+0x20/0x1f0
[ 1838.417000][ T2894]  ? __fget_files+0x2a/0x420
[ 1838.417017][ T2894]  ? __fget_files+0x3a0/0x420
[ 1838.417044][ T2894]  __sys_sendmsg+0x183/0x260
[ 1838.417067][ T2894]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1838.417099][ T2894]  ? __pfx_ksys_write+0x10/0x10
[ 1838.417129][ T2894]  __do_fast_syscall_32+0x1d2/0x540
[ 1838.417150][ T2894]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1838.417166][ T2894]  ? do_fast_syscall_32+0x33/0x70
[ 1838.417183][ T2894]  ? asm_int80_emulation+0x1a/0x20
[ 1838.417199][ T2894]  ? do_int80_emulation+0x20e/0x400
[ 1838.417222][ T2894]  do_fast_syscall_32+0x33/0x70
[ 1838.417241][ T2894]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1838.417260][ T2894] RIP: 0023:0xf7f52539
[ 1838.417277][ T2894] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1838.417299][ T2894] RSP: 002b:00000000f541650c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 1838.417318][ T2894] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000480
[ 1838.417331][ T2894] RDX: 000000000000c808 RSI: 0000000000000000 RDI: 0000000000000000
[ 1838.417342][ T2894] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1838.417353][ T2894] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1838.417364][ T2894] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1838.417391][ T2894]  </TASK>
[ 1838.429045][ T2888] dvb-usb: bulk message failed: -22 (2/0)
[ 1838.717575][T22612] dvb-usb: schedule remote query interval to 150 msecs.
[ 1838.724514][T22612] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[ 1838.732467][T32702] viperboard-i2c viperboard-i2c.2.auto: probe with driver viperboard-i2c failed with error -5
[ 1838.875557][T32702] dvb-usb: bulk message failed: -22 (1/0)
[ 1838.881509][T32702] dvb-usb: error while querying for an remote control event.
[ 1838.896589][T32313] usb 5-1: USB disconnect, device number 124
[ 1838.959548][T32313] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[ 1840.105494][T32702] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[ 1840.270277][T32702] usb 2-1: Using ep0 maxpacket: 16
[ 1840.278451][T32702] usb 2-1: config 1 has an invalid descriptor of length 213, skipping remainder of the config
[ 1840.289640][T32702] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1840.303220][T32702] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1840.312851][T32702] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1840.324551][T32702] usb 2-1: Product: syz
[ 1840.332181][T32702] usb 2-1: Manufacturer: syz
[ 1840.374041][T32702] usb 2-1: SerialNumber: syz
[ 1840.813752][T32702] usb 2-1: 0:2 : does not exist
[ 1840.828220][T22595] usb 3-1: USB disconnect, device number 66
[ 1841.624895][    C1] ip6_tunnel: ip6gre2 xmit: Local address not yet configured!
[ 1841.674764][T22595] usb 5-1: new high-speed USB device number 125 using dummy_hcd
[ 1841.840770][T22595] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 1841.865812][T22595] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1841.886615][T22595] usb 5-1: Product: syz
[ 1841.898589][T22595] usb 5-1: Manufacturer: syz
[ 1841.909949][T22595] usb 5-1: SerialNumber: syz
[ 1841.942508][T22595] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 1842.017042][T22595] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 1842.243718][ T2935] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1842.252591][T22612] usb 3-1: new full-speed USB device number 67 using dummy_hcd
[ 1842.266552][ T2935] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1842.452700][T22612] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1842.475165][T22612] usb 3-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80
[ 1842.492313][T22612] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=1
[ 1842.508144][T22612] usb 3-1: Product: syz
[ 1842.515925][T22612] usb 3-1: Manufacturer: syz
[ 1842.536176][T22612] usb 3-1: SerialNumber: syz
[ 1842.543654][T22612] usb 3-1: config 0 descriptor??
[ 1842.570807][ T2949] FAULT_INJECTION: forcing a failure.
[ 1842.570807][ T2949] name failslab, interval 1, probability 0, space 0, times 0
[ 1842.570830][ T2949] CPU: 1 UID: 0 PID: 2949 Comm: syz.0.8540 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1842.570845][ T2949] Tainted: [L]=SOFTLOCKUP
[ 1842.570849][ T2949] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1842.570856][ T2949] Call Trace:
[ 1842.570860][ T2949]  <TASK>
[ 1842.570868][ T2949]  dump_stack_lvl+0xe8/0x150
[ 1842.570887][ T2949]  should_fail_ex+0x412/0x560
[ 1842.570903][ T2949]  should_failslab+0xa8/0x100
[ 1842.570916][ T2949]  __kmalloc_noprof+0xde/0x7e0
[ 1842.570926][ T2949]  ? sk_prot_alloc+0xe7/0x210
[ 1842.570942][ T2949]  sk_prot_alloc+0xe7/0x210
[ 1842.570953][ T2949]  ? sk_alloc+0x27/0x390
[ 1842.570966][ T2949]  sk_alloc+0x3a/0x390
[ 1842.570980][ T2949]  __netlink_create+0x65/0x260
[ 1842.570990][ T2949]  ? __pfx_genl_release+0x10/0x10
[ 1842.571004][ T2949]  netlink_create+0x3ca/0x590
[ 1842.571015][ T2949]  ? __pfx_genl_unbind+0x10/0x10
[ 1842.571026][ T2949]  ? __pfx_genl_bind+0x10/0x10
[ 1842.571040][ T2949]  __sock_create+0x4b2/0x9d0
[ 1842.571055][ T2949]  __sys_socket+0xd6/0x1b0
[ 1842.571067][ T2949]  __ia32_compat_sys_socketcall+0x728/0xa10
[ 1842.571083][ T2949]  ? __pfx___ia32_compat_sys_socketcall+0x10/0x10
[ 1842.571097][ T2949]  ? fput+0xa0/0xd0
[ 1842.571111][ T2949]  ? __pfx_ksys_write+0x10/0x10
[ 1842.571136][ T2949]  __do_fast_syscall_32+0x1d2/0x540
[ 1842.571148][ T2949]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1842.571158][ T2949]  ? do_fast_syscall_32+0x33/0x70
[ 1842.571168][ T2949]  ? asm_int80_emulation+0x1a/0x20
[ 1842.571177][ T2949]  ? do_int80_emulation+0x20e/0x400
[ 1842.571190][ T2949]  do_fast_syscall_32+0x33/0x70
[ 1842.571201][ T2949]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1842.571213][ T2949] RIP: 0023:0xf7ff4539
[ 1842.571222][ T2949] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1842.571231][ T2949] RSP: 002b:00000000f54b54a0 EFLAGS: 00000206 ORIG_RAX: 0000000000000066
[ 1842.571243][ T2949] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000f54b54b0
[ 1842.571250][ T2949] RDX: 00000000f747bff4 RSI: 0000000000000000 RDI: 00000000f747bff4
[ 1842.571256][ T2949] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1842.571261][ T2949] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1842.571267][ T2949] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1842.571281][ T2949]  </TASK>
[ 1842.850086][ T2952] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1842.850703][ T2952] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1842.928586][T32702] usb 2-1: 5:0: failed to get current value for ch 0 (-22)
[ 1842.991136][T32702] usb 2-1: USB disconnect, device number 17
[ 1843.067982][T22595] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive
[ 1843.068191][T22595] ath9k_htc: Failed to initialize the device
[ 1843.099084][ T6149] udevd[6149]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1843.148283][ T2958] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1843.172197][T22595] usb 5-1: ath9k_htc: USB layer deinitialized
[ 1843.367968][T32313] usb 5-1: USB disconnect, device number 125
[ 1843.518452][ T2958] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1843.835383][T32313] hid-generic 0000:0000:0000.006F: unknown main item tag 0x0
[ 1843.857025][T32313] hid-generic 0000:0000:0000.006F: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[ 1844.304954][ T3003] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1844.318311][ T3003] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1844.738235][T22612] usb 3-1: bad CDC descriptors
[ 1844.752984][T22612] usb 3-1: unsupported MDLM descriptors
[ 1844.790003][T22612] usb 3-1: USB disconnect, device number 67
[ 1845.508847][ T3018] FAULT_INJECTION: forcing a failure.
[ 1845.508847][ T3018] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1845.548708][ T3018] CPU: 0 UID: 0 PID: 3018 Comm: syz.4.8559 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1845.548731][ T3018] Tainted: [L]=SOFTLOCKUP
[ 1845.548735][ T3018] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1845.548742][ T3018] Call Trace:
[ 1845.548747][ T3018]  <TASK>
[ 1845.548753][ T3018]  dump_stack_lvl+0xe8/0x150
[ 1845.548770][ T3018]  should_fail_ex+0x412/0x560
[ 1845.548786][ T3018]  _copy_from_iter+0x1d3/0x1670
[ 1845.548802][ T3018]  ? trace_kmem_cache_alloc+0x1f/0xb0
[ 1845.548822][ T3018]  ? __pfx__copy_from_iter+0x10/0x10
[ 1845.548835][ T3018]  ? __build_skb_around+0x22d/0x3c0
[ 1845.548849][ T3018]  ? __alloc_skb+0x193/0x390
[ 1845.548860][ T3018]  ? netlink_sendmsg+0x650/0xb40
[ 1845.548871][ T3018]  ? skb_put+0x11b/0x210
[ 1845.548884][ T3018]  netlink_sendmsg+0x6c0/0xb40
[ 1845.548899][ T3018]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1845.548911][ T3018]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1845.548925][ T3018]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1845.548937][ T3018]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1845.548947][ T3018]  ____sys_sendmsg+0xa68/0xad0
[ 1845.548965][ T3018]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1845.548980][ T3018]  ? kstrtoull+0x12f/0x1d0
[ 1845.548995][ T3018]  ___sys_sendmsg+0x2a5/0x360
[ 1845.549008][ T3018]  ? __lock_acquire+0x6b5/0x2cf0
[ 1845.549024][ T3018]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1845.549038][ T3018]  ? get_pid_task+0x20/0x1f0
[ 1845.549049][ T3018]  ? get_pid_task+0x20/0x1f0
[ 1845.549059][ T3018]  ? get_pid_task+0x20/0x1f0
[ 1845.549082][ T3018]  ? __fget_files+0x2a/0x420
[ 1845.549092][ T3018]  ? __fget_files+0x3a0/0x420
[ 1845.549107][ T3018]  __sys_sendmsg+0x183/0x260
[ 1845.549122][ T3018]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1845.549140][ T3018]  ? __pfx_ksys_write+0x10/0x10
[ 1845.549159][ T3018]  __do_fast_syscall_32+0x1d2/0x540
[ 1845.549171][ T3018]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1845.549180][ T3018]  ? do_fast_syscall_32+0x33/0x70
[ 1845.549191][ T3018]  ? asm_int80_emulation+0x1a/0x20
[ 1845.549200][ T3018]  ? do_int80_emulation+0x20e/0x400
[ 1845.549212][ T3018]  do_fast_syscall_32+0x33/0x70
[ 1845.549224][ T3018]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1845.549236][ T3018] RIP: 0023:0xf73ad539
[ 1845.549250][ T3018] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1845.549265][ T3018] RSP: 002b:00000000f53d650c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 1845.549284][ T3018] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 00000000800000c0
[ 1845.549293][ T3018] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1845.549299][ T3018] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1845.549305][ T3018] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1845.549311][ T3018] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1845.549325][ T3018]  </TASK>
[ 1846.005382][ T3020] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[ 1846.149092][ T3027] program syz.2.8558 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1846.240131][ T3036] FAULT_INJECTION: forcing a failure.
[ 1846.240131][ T3036] name failslab, interval 1, probability 0, space 0, times 0
[ 1846.256191][ T3036] CPU: 1 UID: 0 PID: 3036 Comm: syz.4.8564 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1846.256219][ T3036] Tainted: [L]=SOFTLOCKUP
[ 1846.256229][ T3036] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1846.256240][ T3036] Call Trace:
[ 1846.256247][ T3036]  <TASK>
[ 1846.256255][ T3036]  dump_stack_lvl+0xe8/0x150
[ 1846.256285][ T3036]  should_fail_ex+0x412/0x560
[ 1846.256310][ T3036]  should_failslab+0xa8/0x100
[ 1846.256333][ T3036]  kmem_cache_alloc_noprof+0x87/0x6e0
[ 1846.256356][ T3036]  ? __netlink_lookup+0xc6/0x8b0
[ 1846.256377][ T3036]  ? skb_clone+0x212/0x3a0
[ 1846.256402][ T3036]  skb_clone+0x212/0x3a0
[ 1846.256430][ T3036]  __netlink_deliver_tap+0x404/0x850
[ 1846.256459][ T3036]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1846.256477][ T3036]  netlink_deliver_tap+0x19c/0x1b0
[ 1846.256496][ T3036]  netlink_unicast+0x7e3/0x9b0
[ 1846.256528][ T3036]  ? __pfx_netlink_unicast+0x10/0x10
[ 1846.256549][ T3036]  ? __alloc_skb+0x193/0x390
[ 1846.256567][ T3036]  ? netlink_sendmsg+0x650/0xb40
[ 1846.256582][ T3036]  ? skb_put+0x11b/0x210
[ 1846.256607][ T3036]  netlink_sendmsg+0x813/0xb40
[ 1846.256632][ T3036]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1846.256653][ T3036]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1846.256673][ T3036]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1846.256691][ T3036]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1846.256706][ T3036]  ____sys_sendmsg+0xa68/0xad0
[ 1846.256735][ T3036]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1846.256767][ T3036]  ? kstrtoull+0x12f/0x1d0
[ 1846.256796][ T3036]  ___sys_sendmsg+0x2a5/0x360
[ 1846.256817][ T3036]  ? __lock_acquire+0x6b5/0x2cf0
[ 1846.256841][ T3036]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1846.256863][ T3036]  ? get_pid_task+0x20/0x1f0
[ 1846.256882][ T3036]  ? get_pid_task+0x20/0x1f0
[ 1846.256897][ T3036]  ? get_pid_task+0x20/0x1f0
[ 1846.256944][ T3036]  ? __fget_files+0x2a/0x420
[ 1846.256962][ T3036]  ? __fget_files+0x3a0/0x420
[ 1846.256991][ T3036]  __sys_sendmsg+0x183/0x260
[ 1846.257014][ T3036]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1846.257048][ T3036]  ? __pfx_ksys_write+0x10/0x10
[ 1846.257080][ T3036]  __do_fast_syscall_32+0x1d2/0x540
[ 1846.257099][ T3036]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1846.257116][ T3036]  ? do_fast_syscall_32+0x33/0x70
[ 1846.257135][ T3036]  ? asm_int80_emulation+0x1a/0x20
[ 1846.257152][ T3036]  ? do_int80_emulation+0x20e/0x400
[ 1846.257173][ T3036]  do_fast_syscall_32+0x33/0x70
[ 1846.257193][ T3036]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1846.257212][ T3036] RIP: 0023:0xf73ad539
[ 1846.257228][ T3036] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1846.257242][ T3036] RSP: 002b:00000000f53d650c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 1846.257260][ T3036] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000300
[ 1846.257272][ T3036] RDX: 0000000000004800 RSI: 0000000000000000 RDI: 0000000000000000
[ 1846.257283][ T3036] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1846.257293][ T3036] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1846.257303][ T3036] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1846.257327][ T3036]  </TASK>
[ 1847.105353][T15629] usb 5-1: new high-speed USB device number 126 using dummy_hcd
[ 1847.135532][T22612] usb 3-1: new high-speed USB device number 68 using dummy_hcd
[ 1847.277317][T15629] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[ 1847.308165][T15629] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[ 1847.325596][T15629] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[ 1847.338965][T15629] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0
[ 1847.355109][T22612] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1847.356962][T15629] usb 5-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13
[ 1847.375328][T15629] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1847.384558][T15629] usb 5-1: Product: syz
[ 1847.399252][T15629] usb 5-1: Manufacturer: syz
[ 1847.407921][T15629] usb 5-1: SerialNumber: syz
[ 1847.408036][T22612] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xA1, changing to 0x81
[ 1847.462742][T15629] usb 5-1: config 0 descriptor??
[ 1847.511637][T22612] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1847.541831][T22612] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1847.570776][T22612] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[ 1847.698920][T22612] usb 3-1: New USB device found, idVendor=2294, idProduct=425a, bcdDevice=d1.41
[ 1847.718850][T15629] adutux 5-1:0.0: ADU208 4242424 now attached to /dev/usb/adutux0
[ 1847.755783][T22612] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1847.776113][T22612] usb 3-1: Product: syz
[ 1847.785414][T22612] usb 3-1: Manufacturer: syz
[ 1847.793857][T22612] usb 3-1: SerialNumber: syz
[ 1847.823077][T22612] usb 3-1: config 0 descriptor??
[ 1848.058479][T22595] usb 5-1: USB disconnect, device number 126
[ 1848.155846][T22612] usb 3-1: ucan: probing device on interface #0
[ 1848.179703][T22612] usb 3-1: ucan: invalid endpoint configuration
[ 1848.230639][T22612] usb 3-1: ucan: probe failed; try to update the device firmware
[ 1848.295524][T22612] usb 3-1: USB disconnect, device number 68
[ 1848.410027][ T3069] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1848.482331][ T3069] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1849.589852][T15629] usb 4-1: new high-speed USB device number 27 using dummy_hcd
[ 1849.785356][T15629] usb 4-1: Using ep0 maxpacket: 32
[ 1849.793894][ T3097] FAULT_INJECTION: forcing a failure.
[ 1849.793894][ T3097] name failslab, interval 1, probability 0, space 0, times 0
[ 1849.812331][T15629] usb 4-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[ 1849.828645][ T3097] CPU: 1 UID: 0 PID: 3097 Comm: syz.4.8583 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1849.828675][ T3097] Tainted: [L]=SOFTLOCKUP
[ 1849.828682][ T3097] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1849.828693][ T3097] Call Trace:
[ 1849.828701][ T3097]  <TASK>
[ 1849.828709][ T3097]  dump_stack_lvl+0xe8/0x150
[ 1849.828736][ T3097]  should_fail_ex+0x412/0x560
[ 1849.828762][ T3097]  should_failslab+0xa8/0x100
[ 1849.828784][ T3097]  kmem_cache_alloc_noprof+0x87/0x6e0
[ 1849.828809][ T3097]  ? security_file_alloc+0x34/0x310
[ 1849.828831][ T3097]  security_file_alloc+0x34/0x310
[ 1849.828850][ T3097]  init_file+0x93/0x2f0
[ 1849.828873][ T3097]  alloc_empty_file+0x6e/0x1d0
[ 1849.828894][ T3097]  path_openat+0x11e/0x3e20
[ 1849.828925][ T3097]  ? stack_trace_save+0xa9/0x100
[ 1849.828945][ T3097]  ? __pfx_stack_trace_save+0x10/0x10
[ 1849.828975][ T3097]  ? kasan_save_track+0x4f/0x80
[ 1849.828991][ T3097]  ? kasan_save_track+0x3e/0x80
[ 1849.829006][ T3097]  ? __kasan_slab_alloc+0x6c/0x80
[ 1849.829020][ T3097]  ? kmem_cache_alloc_noprof+0x370/0x6e0
[ 1849.829042][ T3097]  ? getname_flags+0xb7/0x540
[ 1849.829056][ T3097]  ? do_sys_openat2+0xca/0x220
[ 1849.829077][ T3097]  ? __pfx_path_openat+0x10/0x10
[ 1849.829101][ T3097]  ? __lock_acquire+0x6b5/0x2cf0
[ 1849.829135][ T3097]  do_filp_open+0x22d/0x490
[ 1849.829159][ T3097]  ? __pfx_do_filp_open+0x10/0x10
[ 1849.829200][ T3097]  ? _raw_spin_unlock+0x28/0x50
[ 1849.829222][ T3097]  ? alloc_fd+0x64b/0x6c0
[ 1849.829250][ T3097]  do_sys_openat2+0x12f/0x220
[ 1849.829279][ T3097]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1849.829302][ T3097]  ? ksys_write+0x242/0x270
[ 1849.829330][ T3097]  __ia32_compat_sys_openat+0x131/0x160
[ 1849.829356][ T3097]  __do_fast_syscall_32+0x1d2/0x540
[ 1849.829375][ T3097]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1849.829392][ T3097]  ? do_fast_syscall_32+0x33/0x70
[ 1849.829409][ T3097]  ? asm_int80_emulation+0x1a/0x20
[ 1849.829425][ T3097]  ? do_int80_emulation+0x20e/0x400
[ 1849.829448][ T3097]  do_fast_syscall_32+0x33/0x70
[ 1849.829467][ T3097]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1849.829487][ T3097] RIP: 0023:0xf73ad539
[ 1849.829503][ T3097] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1849.829519][ T3097] RSP: 002b:00000000f53d650c EFLAGS: 00000206 ORIG_RAX: 0000000000000127
[ 1849.829538][ T3097] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000800000c0
[ 1849.829551][ T3097] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1849.829562][ T3097] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1849.829573][ T3097] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1849.829583][ T3097] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1849.829610][ T3097]  </TASK>
[ 1849.837700][T15629] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1850.153277][T15629] usb 4-1: config 0 descriptor??
[ 1850.274782][T32313] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[ 1850.434011][ T3106] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1850.456974][ T3106] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1850.479598][T32313] usb 2-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[ 1850.490034][T32313] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1850.501872][T32313] usb 2-1: Product: syz
[ 1850.508660][T32313] usb 2-1: Manufacturer: syz
[ 1850.514178][T32313] usb 2-1: SerialNumber: syz
[ 1850.536403][T15629] dvb-usb: found a 'Elgato EyeTV Sat' in cold state, will try to load a firmware
[ 1850.553478][T15629] usb 4-1: Direct firmware load for dvb-usb-az6027-03.fw failed with error -2
[ 1850.563054][T15629] usb 4-1: Falling back to sysfs fallback for: dvb-usb-az6027-03.fw
[ 1850.937036][T32313] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPIPE
[ 1850.961466][T32313] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Failed to sync IRQ enable register: -EPIPE
[ 1851.181588][ T3114] FAULT_INJECTION: forcing a failure.
[ 1851.181588][ T3114] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1851.194620][ T3115] syzkaller1: entered promiscuous mode
[ 1851.200408][ T3115] syzkaller1: entered allmulticast mode
[ 1851.204821][ T3114] CPU: 1 UID: 0 PID: 3114 Comm: syz.3.8587 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1851.204848][ T3114] Tainted: [L]=SOFTLOCKUP
[ 1851.204855][ T3114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1851.204867][ T3114] Call Trace:
[ 1851.204875][ T3114]  <TASK>
[ 1851.204884][ T3114]  dump_stack_lvl+0xe8/0x150
[ 1851.204910][ T3114]  should_fail_ex+0x412/0x560
[ 1851.204936][ T3114]  _copy_to_user+0x31/0xb0
[ 1851.204969][ T3114]  binder_ioctl_write_read+0x99ec/0xa4c0
[ 1851.205011][ T3114]  ? __kernel_text_address+0xd/0x30
[ 1851.205045][ T3114]  ? __pfx_binder_ioctl_write_read+0x10/0x10
[ 1851.205064][ T3114]  ? stack_trace_save+0xa9/0x100
[ 1851.205084][ T3114]  ? __pfx_stack_trace_save+0x10/0x10
[ 1851.205105][ T3114]  ? stack_depot_save_flags+0x33/0x810
[ 1851.205133][ T3114]  ? __lock_acquire+0x6b5/0x2cf0
[ 1851.205157][ T3114]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1851.205187][ T3114]  ? binder_debug+0x155/0x1d0
[ 1851.205211][ T3114]  ? __pfx_binder_debug+0x10/0x10
[ 1851.205229][ T3114]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1851.205261][ T3114]  ? _raw_spin_unlock+0x28/0x50
[ 1851.205282][ T3114]  ? binder_get_thread+0x177/0x6d0
[ 1851.205306][ T3114]  binder_ioctl+0x41d/0x1aa0
[ 1851.205329][ T3114]  ? tomoyo_path_number_perm+0x219/0x630
[ 1851.205350][ T3114]  ? do_vfs_ioctl+0x1166/0x1530
[ 1851.205371][ T3114]  ? __pfx_binder_ioctl+0x10/0x10
[ 1851.205391][ T3114]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 1851.205443][ T3114]  ? __fget_files+0x2a/0x420
[ 1851.205464][ T3114]  ? __fget_files+0x3a0/0x420
[ 1851.205481][ T3114]  ? __fget_files+0x2a/0x420
[ 1851.205501][ T3114]  ? bpf_lsm_file_ioctl_compat+0x9/0x20
[ 1851.205524][ T3114]  __ia32_compat_sys_ioctl+0x5ea/0x950
[ 1851.205549][ T3114]  ? __pfx___ia32_compat_sys_ioctl+0x10/0x10
[ 1851.205574][ T3114]  ? __fget_files+0x3a0/0x420
[ 1851.205598][ T3114]  ? fput+0xa0/0xd0
[ 1851.205617][ T3114]  ? ksys_write+0x242/0x270
[ 1851.205641][ T3114]  ? __pfx_ksys_write+0x10/0x10
[ 1851.205670][ T3114]  __do_fast_syscall_32+0x1d2/0x540
[ 1851.205688][ T3114]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1851.205704][ T3114]  ? do_fast_syscall_32+0x33/0x70
[ 1851.205720][ T3114]  ? asm_int80_emulation+0x1a/0x20
[ 1851.205735][ T3114]  ? do_int80_emulation+0x20e/0x400
[ 1851.205758][ T3114]  do_fast_syscall_32+0x33/0x70
[ 1851.205782][ T3114]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1851.205801][ T3114] RIP: 0023:0xf7f52539
[ 1851.205817][ T3114] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1851.205832][ T3114] RSP: 002b:00000000f541650c EFLAGS: 00000206 ORIG_RAX: 0000000000000036
[ 1851.205850][ T3114] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0306201
[ 1851.205862][ T3114] RDX: 00000000800001c0 RSI: 0000000000000000 RDI: 0000000000000000
[ 1851.205873][ T3114] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1851.205883][ T3114] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1851.205893][ T3114] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1851.205919][ T3114]  </TASK>
[ 1851.206014][ T3114] binder: 3112:3114 ioctl c0306201 800001c0 returned -14
[ 1851.518479][T32313] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -EPROTO
[ 1851.534791][T32313] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[ 1851.544597][T32313] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[ 1851.583942][T32313] lan78xx 2-1:1.0: probe with driver lan78xx failed with error -71
[ 1851.601924][T32313] usb 2-1: USB disconnect, device number 18
[ 1851.683264][ T3123] FAULT_INJECTION: forcing a failure.
[ 1851.683264][ T3123] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1851.703487][ T3123] CPU: 0 UID: 0 PID: 3123 Comm: syz.3.8592 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1851.703525][ T3123] Tainted: [L]=SOFTLOCKUP
[ 1851.703532][ T3123] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1851.703544][ T3123] Call Trace:
[ 1851.703552][ T3123]  <TASK>
[ 1851.703560][ T3123]  dump_stack_lvl+0xe8/0x150
[ 1851.703587][ T3123]  should_fail_ex+0x412/0x560
[ 1851.703613][ T3123]  _copy_from_iter+0x1d3/0x1670
[ 1851.703641][ T3123]  ? trace_kmem_cache_alloc+0x1f/0xb0
[ 1851.703668][ T3123]  ? __pfx__copy_from_iter+0x10/0x10
[ 1851.703689][ T3123]  ? __build_skb_around+0x22d/0x3c0
[ 1851.703712][ T3123]  ? __alloc_skb+0x193/0x390
[ 1851.703730][ T3123]  ? netlink_sendmsg+0x650/0xb40
[ 1851.703747][ T3123]  ? skb_put+0x11b/0x210
[ 1851.703770][ T3123]  netlink_sendmsg+0x6c0/0xb40
[ 1851.703795][ T3123]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1851.703815][ T3123]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1851.703837][ T3123]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1851.703863][ T3123]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1851.703880][ T3123]  ____sys_sendmsg+0xa68/0xad0
[ 1851.703910][ T3123]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1851.703935][ T3123]  ? kstrtoull+0x12f/0x1d0
[ 1851.703961][ T3123]  ___sys_sendmsg+0x2a5/0x360
[ 1851.703981][ T3123]  ? __lock_acquire+0x6b5/0x2cf0
[ 1851.704006][ T3123]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1851.704030][ T3123]  ? get_pid_task+0x20/0x1f0
[ 1851.704048][ T3123]  ? get_pid_task+0x20/0x1f0
[ 1851.704064][ T3123]  ? get_pid_task+0x20/0x1f0
[ 1851.704105][ T3123]  ? __fget_files+0x2a/0x420
[ 1851.704122][ T3123]  ? __fget_files+0x3a0/0x420
[ 1851.704149][ T3123]  __sys_sendmsg+0x183/0x260
[ 1851.704173][ T3123]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1851.704204][ T3123]  ? __pfx_ksys_write+0x10/0x10
[ 1851.704234][ T3123]  __do_fast_syscall_32+0x1d2/0x540
[ 1851.704253][ T3123]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1851.704269][ T3123]  ? do_fast_syscall_32+0x33/0x70
[ 1851.704291][ T3123]  ? asm_int80_emulation+0x1a/0x20
[ 1851.704306][ T3123]  ? do_int80_emulation+0x20e/0x400
[ 1851.704329][ T3123]  do_fast_syscall_32+0x33/0x70
[ 1851.704348][ T3123]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1851.704367][ T3123] RIP: 0023:0xf7f52539
[ 1851.704382][ T3123] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1851.704396][ T3123] RSP: 002b:00000000f541650c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 1851.704416][ T3123] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800001c0
[ 1851.704428][ T3123] RDX: 0000000004008094 RSI: 0000000000000000 RDI: 0000000000000000
[ 1851.704439][ T3123] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1851.704450][ T3123] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1851.704460][ T3123] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1851.704487][ T3123]  </TASK>
[ 1852.223012][ T3134] binder: 3130:3134 ioctl 5000943a 0 returned -22
[ 1852.336172][ T3136] FAULT_INJECTION: forcing a failure.
[ 1852.336172][ T3136] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1852.351429][ T3136] CPU: 0 UID: 0 PID: 3136 Comm: syz.4.8595 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1852.351459][ T3136] Tainted: [L]=SOFTLOCKUP
[ 1852.351466][ T3136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1852.351478][ T3136] Call Trace:
[ 1852.351486][ T3136]  <TASK>
[ 1852.351494][ T3136]  dump_stack_lvl+0xe8/0x150
[ 1852.351520][ T3136]  should_fail_ex+0x412/0x560
[ 1852.351545][ T3136]  _copy_from_iter+0x1d3/0x1670
[ 1852.351573][ T3136]  ? trace_kmem_cache_alloc+0x1f/0xb0
[ 1852.351600][ T3136]  ? __pfx__copy_from_iter+0x10/0x10
[ 1852.351622][ T3136]  ? __build_skb_around+0x22d/0x3c0
[ 1852.351644][ T3136]  ? __alloc_skb+0x193/0x390
[ 1852.351664][ T3136]  ? netlink_sendmsg+0x650/0xb40
[ 1852.351682][ T3136]  ? skb_put+0x11b/0x210
[ 1852.351705][ T3136]  netlink_sendmsg+0x6c0/0xb40
[ 1852.351732][ T3136]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1852.351779][ T3136]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1852.351804][ T3136]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1852.351825][ T3136]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1852.351842][ T3136]  ____sys_sendmsg+0xa68/0xad0
[ 1852.351872][ T3136]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1852.351898][ T3136]  ? kstrtoull+0x12f/0x1d0
[ 1852.351924][ T3136]  ___sys_sendmsg+0x2a5/0x360
[ 1852.351945][ T3136]  ? __lock_acquire+0x6b5/0x2cf0
[ 1852.351971][ T3136]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1852.351994][ T3136]  ? get_pid_task+0x20/0x1f0
[ 1852.352012][ T3136]  ? get_pid_task+0x20/0x1f0
[ 1852.352029][ T3136]  ? get_pid_task+0x20/0x1f0
[ 1852.352071][ T3136]  ? __fget_files+0x2a/0x420
[ 1852.352093][ T3136]  ? __fget_files+0x3a0/0x420
[ 1852.352120][ T3136]  __sys_sendmsg+0x183/0x260
[ 1852.352144][ T3136]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1852.352174][ T3136]  ? __pfx_ksys_write+0x10/0x10
[ 1852.352205][ T3136]  __do_fast_syscall_32+0x1d2/0x540
[ 1852.352225][ T3136]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1852.352241][ T3136]  ? do_fast_syscall_32+0x33/0x70
[ 1852.352258][ T3136]  ? asm_int80_emulation+0x1a/0x20
[ 1852.352274][ T3136]  ? do_int80_emulation+0x20e/0x400
[ 1852.352297][ T3136]  do_fast_syscall_32+0x33/0x70
[ 1852.352316][ T3136]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1852.352336][ T3136] RIP: 0023:0xf73ad539
[ 1852.352352][ T3136] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1852.352367][ T3136] RSP: 002b:00000000f53d650c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 1852.352386][ T3136] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000180
[ 1852.352399][ T3136] RDX: 0000000000004010 RSI: 0000000000000000 RDI: 0000000000000000
[ 1852.352410][ T3136] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1852.352421][ T3136] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1852.352431][ T3136] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1852.352459][ T3136]  </TASK>
[ 1852.779043][ T3144] FAULT_INJECTION: forcing a failure.
[ 1852.779043][ T3144] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1852.792168][ T3144] CPU: 0 UID: 0 PID: 3144 Comm: syz.4.8597 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1852.792197][ T3144] Tainted: [L]=SOFTLOCKUP
[ 1852.792204][ T3144] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1852.792215][ T3144] Call Trace:
[ 1852.792223][ T3144]  <TASK>
[ 1852.792231][ T3144]  dump_stack_lvl+0xe8/0x150
[ 1852.792258][ T3144]  should_fail_ex+0x412/0x560
[ 1852.792283][ T3144]  _copy_from_iter+0x1d3/0x1670
[ 1852.792311][ T3144]  ? trace_kmem_cache_alloc+0x1f/0xb0
[ 1852.792338][ T3144]  ? __pfx__copy_from_iter+0x10/0x10
[ 1852.792360][ T3144]  ? __build_skb_around+0x22d/0x3c0
[ 1852.792383][ T3144]  ? __alloc_skb+0x193/0x390
[ 1852.792401][ T3144]  ? netlink_sendmsg+0x650/0xb40
[ 1852.792418][ T3144]  ? skb_put+0x11b/0x210
[ 1852.792441][ T3144]  netlink_sendmsg+0x6c0/0xb40
[ 1852.792464][ T3144]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1852.792481][ T3144]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1852.792501][ T3144]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1852.792521][ T3144]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1852.792535][ T3144]  ____sys_sendmsg+0xa68/0xad0
[ 1852.792560][ T3144]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1852.792584][ T3144]  ? kstrtoull+0x12f/0x1d0
[ 1852.792610][ T3144]  ___sys_sendmsg+0x2a5/0x360
[ 1852.792632][ T3144]  ? __lock_acquire+0x6b5/0x2cf0
[ 1852.792655][ T3144]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1852.792677][ T3144]  ? get_pid_task+0x20/0x1f0
[ 1852.792695][ T3144]  ? get_pid_task+0x20/0x1f0
[ 1852.792711][ T3144]  ? get_pid_task+0x20/0x1f0
[ 1852.792753][ T3144]  ? __fget_files+0x2a/0x420
[ 1852.792778][ T3144]  ? __fget_files+0x3a0/0x420
[ 1852.792803][ T3144]  __sys_sendmsg+0x183/0x260
[ 1852.792826][ T3144]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1852.792857][ T3144]  ? __pfx_ksys_write+0x10/0x10
[ 1852.792887][ T3144]  __do_fast_syscall_32+0x1d2/0x540
[ 1852.792906][ T3144]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1852.792922][ T3144]  ? do_fast_syscall_32+0x33/0x70
[ 1852.792940][ T3144]  ? asm_int80_emulation+0x1a/0x20
[ 1852.792956][ T3144]  ? do_int80_emulation+0x20e/0x400
[ 1852.792978][ T3144]  do_fast_syscall_32+0x33/0x70
[ 1852.792997][ T3144]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1852.793016][ T3144] RIP: 0023:0xf73ad539
[ 1852.793031][ T3144] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1852.793046][ T3144] RSP: 002b:00000000f53d650c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 1852.793065][ T3144] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800000c0
[ 1852.793076][ T3144] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1852.793086][ T3144] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1852.793096][ T3144] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1852.793106][ T3144] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1852.793130][ T3144]  </TASK>
[ 1853.230091][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[ 1853.244751][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[ 1853.454090][ T3153] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8598'.
[ 1853.523483][ T3155] netlink: 24 bytes leftover after parsing attributes in process `syz.4.8602'.
[ 1853.571972][ T3155] netlink: 24 bytes leftover after parsing attributes in process `syz.4.8602'.
[ 1853.633959][ T3155] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8602'.
[ 1853.696296][ T3162] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1853.713436][ T3162] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1853.855029][T22595] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[ 1854.005111][T22595] usb 2-1: Using ep0 maxpacket: 16
[ 1854.012430][T22595] usb 2-1: New USB device found, idVendor=1397, idProduct=00bd, bcdDevice=c5.66
[ 1854.022073][T22595] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1854.041522][T22595] usb 2-1: config 0 descriptor??
[ 1854.060240][T22595] usb 2-1: invalid MIDI EP
[ 1854.071152][T22595] usb 2-1: snd-bcd2000: error during probing
[ 1854.079251][T22595] snd-bcd2000 2-1:0.0: probe with driver snd-bcd2000 failed with error -22
[ 1854.201686][ T3171] syzkaller0: entered promiscuous mode
[ 1854.208119][ T3171] syzkaller0: entered allmulticast mode
[ 1854.233306][ T3171] FAULT_INJECTION: forcing a failure.
[ 1854.233306][ T3171] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1854.270042][ T3171] CPU: 1 UID: 0 PID: 3171 Comm: syz.2.8607 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1854.270075][ T3171] Tainted: [L]=SOFTLOCKUP
[ 1854.270083][ T3171] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1854.270096][ T3171] Call Trace:
[ 1854.270105][ T3171]  <TASK>
[ 1854.270116][ T3171]  dump_stack_lvl+0xe8/0x150
[ 1854.270146][ T3171]  should_fail_ex+0x412/0x560
[ 1854.270175][ T3171]  _copy_from_iter+0x1d3/0x1670
[ 1854.270206][ T3171]  ? trace_kmem_cache_alloc+0x1f/0xb0
[ 1854.270237][ T3171]  ? __pfx__copy_from_iter+0x10/0x10
[ 1854.270261][ T3171]  ? __build_skb_around+0x22d/0x3c0
[ 1854.270286][ T3171]  ? __alloc_skb+0x193/0x390
[ 1854.270308][ T3171]  ? netlink_sendmsg+0x650/0xb40
[ 1854.270327][ T3171]  ? skb_put+0x11b/0x210
[ 1854.270352][ T3171]  netlink_sendmsg+0x6c0/0xb40
[ 1854.270380][ T3171]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1854.270403][ T3171]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1854.270427][ T3171]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1854.270449][ T3171]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1854.270468][ T3171]  ____sys_sendmsg+0xa68/0xad0
[ 1854.270501][ T3171]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1854.270537][ T3171]  ___sys_sendmsg+0x2a5/0x360
[ 1854.270565][ T3171]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1854.270620][ T3171]  ? __fget_files+0x2a/0x420
[ 1854.270640][ T3171]  ? __fget_files+0x3a0/0x420
[ 1854.270670][ T3171]  __sys_sendmmsg+0x2e7/0x4e0
[ 1854.270698][ T3171]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1854.270729][ T3171]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1854.270767][ T3171]  ? ksys_write+0x242/0x270
[ 1854.270801][ T3171]  ? __pfx_ksys_write+0x10/0x10
[ 1854.270829][ T3171]  __ia32_compat_sys_sendmmsg+0xa2/0xc0
[ 1854.270856][ T3171]  __do_fast_syscall_32+0x1d2/0x540
[ 1854.270877][ T3171]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1854.270894][ T3171]  ? do_fast_syscall_32+0x33/0x70
[ 1854.270913][ T3171]  ? asm_int80_emulation+0x1a/0x20
[ 1854.270931][ T3171]  ? do_int80_emulation+0x20e/0x400
[ 1854.270955][ T3171]  do_fast_syscall_32+0x33/0x70
[ 1854.270976][ T3171]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1854.270999][ T3171] RIP: 0023:0xf73ed539
[ 1854.271018][ T3171] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1854.271034][ T3171] RSP: 002b:00000000f541650c EFLAGS: 00000206 ORIG_RAX: 0000000000000159
[ 1854.271054][ T3171] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 00000000800002c0
[ 1854.271071][ T3171] RDX: 000000000000009f RSI: 0000000000000000 RDI: 0000000000000000
[ 1854.271081][ T3171] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1854.271094][ T3171] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1854.271104][ T3171] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1854.271132][ T3171]  </TASK>
[ 1854.672925][T22595] usb 2-1: USB disconnect, device number 19
[ 1854.951406][ T3183] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8609'.
[ 1854.987301][ T3185] FAULT_INJECTION: forcing a failure.
[ 1854.987301][ T3185] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1855.008096][ T3183] syzkaller0: entered promiscuous mode
[ 1855.013803][ T3185] CPU: 1 UID: 0 PID: 3185 Comm: syz.0.8610 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1855.013830][ T3185] Tainted: [L]=SOFTLOCKUP
[ 1855.013836][ T3185] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1855.013847][ T3185] Call Trace:
[ 1855.013854][ T3185]  <TASK>
[ 1855.013862][ T3185]  dump_stack_lvl+0xe8/0x150
[ 1855.013888][ T3185]  should_fail_ex+0x412/0x560
[ 1855.013913][ T3185]  _copy_from_iter+0x1d3/0x1670
[ 1855.013939][ T3185]  ? trace_kmem_cache_alloc+0x1f/0xb0
[ 1855.013964][ T3185]  ? __pfx__copy_from_iter+0x10/0x10
[ 1855.013984][ T3185]  ? __build_skb_around+0x22d/0x3c0
[ 1855.014006][ T3185]  ? __alloc_skb+0x193/0x390
[ 1855.014024][ T3185]  ? netlink_sendmsg+0x650/0xb40
[ 1855.014042][ T3185]  ? skb_put+0x11b/0x210
[ 1855.014065][ T3185]  netlink_sendmsg+0x6c0/0xb40
[ 1855.014091][ T3185]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1855.014113][ T3185]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1855.014135][ T3185]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1855.014155][ T3185]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1855.014171][ T3185]  ____sys_sendmsg+0xa68/0xad0
[ 1855.014201][ T3185]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1855.014226][ T3185]  ? kstrtoull+0x12f/0x1d0
[ 1855.014252][ T3185]  ___sys_sendmsg+0x2a5/0x360
[ 1855.014272][ T3185]  ? __lock_acquire+0x6b5/0x2cf0
[ 1855.014297][ T3185]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1855.014340][ T3185]  ? get_pid_task+0x20/0x1f0
[ 1855.014360][ T3185]  ? get_pid_task+0x20/0x1f0
[ 1855.014376][ T3185]  ? get_pid_task+0x20/0x1f0
[ 1855.014418][ T3185]  ? __fget_files+0x2a/0x420
[ 1855.014436][ T3185]  ? __fget_files+0x3a0/0x420
[ 1855.014462][ T3185]  __sys_sendmsg+0x183/0x260
[ 1855.014486][ T3185]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1855.014517][ T3185]  ? __pfx_ksys_write+0x10/0x10
[ 1855.014546][ T3185]  __do_fast_syscall_32+0x1d2/0x540
[ 1855.014566][ T3185]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1855.014581][ T3185]  ? do_fast_syscall_32+0x33/0x70
[ 1855.014598][ T3185]  ? asm_int80_emulation+0x1a/0x20
[ 1855.014614][ T3185]  ? do_int80_emulation+0x20e/0x400
[ 1855.014635][ T3185]  do_fast_syscall_32+0x33/0x70
[ 1855.014656][ T3185]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1855.014674][ T3185] RIP: 0023:0xf7ff4539
[ 1855.014689][ T3185] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1855.014703][ T3185] RSP: 002b:00000000f54b650c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 1855.014721][ T3185] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800001c0
[ 1855.014732][ T3185] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1855.014741][ T3185] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1855.014750][ T3185] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1855.014761][ T3185] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1855.014795][ T3185]  </TASK>
[ 1855.320430][ T3183] syzkaller0: entered allmulticast mode
[ 1855.493576][ T3190] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8613'.
[ 1855.519102][ T3189] FAULT_INJECTION: forcing a failure.
[ 1855.519102][ T3189] name failslab, interval 1, probability 0, space 0, times 0
[ 1855.537229][ T3189] CPU: 1 UID: 0 PID: 3189 Comm: syz.0.8612 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1855.537260][ T3189] Tainted: [L]=SOFTLOCKUP
[ 1855.537267][ T3189] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1855.537277][ T3189] Call Trace:
[ 1855.537285][ T3189]  <TASK>
[ 1855.537294][ T3189]  dump_stack_lvl+0xe8/0x150
[ 1855.537321][ T3189]  should_fail_ex+0x412/0x560
[ 1855.537348][ T3189]  should_failslab+0xa8/0x100
[ 1855.537369][ T3189]  __kmalloc_noprof+0xde/0x7e0
[ 1855.537387][ T3189]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[ 1855.537416][ T3189]  genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[ 1855.537446][ T3189]  genl_family_rcv_msg_doit+0xd9/0x330
[ 1855.537475][ T3189]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1855.537502][ T3189]  ? apparmor_capable+0x137/0x1a0
[ 1855.537527][ T3189]  ? bpf_lsm_capable+0x9/0x20
[ 1855.537548][ T3189]  ? security_capable+0x7e/0x2c0
[ 1855.537574][ T3189]  genl_rcv_msg+0x61c/0x7a0
[ 1855.537603][ T3189]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1855.537622][ T3189]  ? __pfx_nl80211_pre_doit+0x10/0x10
[ 1855.537644][ T3189]  ? __pfx_nl80211_set_qos_map+0x10/0x10
[ 1855.537663][ T3189]  ? __pfx_nl80211_post_doit+0x10/0x10
[ 1855.537698][ T3189]  netlink_rcv_skb+0x232/0x4b0
[ 1855.537718][ T3189]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1855.537747][ T3189]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1855.537763][ T3189]  ? genl_rcv+0x19/0x40
[ 1855.537801][ T3189]  ? down_read+0x272/0x2e0
[ 1855.537818][ T3189]  ? genl_rcv+0xd/0x40
[ 1855.537840][ T3189]  genl_rcv+0x28/0x40
[ 1855.537859][ T3189]  netlink_unicast+0x80f/0x9b0
[ 1855.537892][ T3189]  ? __pfx_netlink_unicast+0x10/0x10
[ 1855.537914][ T3189]  ? __alloc_skb+0x193/0x390
[ 1855.537934][ T3189]  ? netlink_sendmsg+0x650/0xb40
[ 1855.537951][ T3189]  ? skb_put+0x11b/0x210
[ 1855.537975][ T3189]  netlink_sendmsg+0x813/0xb40
[ 1855.538006][ T3189]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1855.538028][ T3189]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1855.538051][ T3189]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1855.538071][ T3189]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1855.538090][ T3189]  ____sys_sendmsg+0xa68/0xad0
[ 1855.538121][ T3189]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1855.538147][ T3189]  ? kstrtoull+0x12f/0x1d0
[ 1855.538173][ T3189]  ___sys_sendmsg+0x2a5/0x360
[ 1855.538193][ T3189]  ? __lock_acquire+0x6b5/0x2cf0
[ 1855.538219][ T3189]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1855.538242][ T3189]  ? get_pid_task+0x20/0x1f0
[ 1855.538262][ T3189]  ? get_pid_task+0x20/0x1f0
[ 1855.538278][ T3189]  ? get_pid_task+0x20/0x1f0
[ 1855.538322][ T3189]  ? __fget_files+0x2a/0x420
[ 1855.538340][ T3189]  ? __fget_files+0x3a0/0x420
[ 1855.538369][ T3189]  __sys_sendmsg+0x183/0x260
[ 1855.538393][ T3189]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1855.538427][ T3189]  ? __pfx_ksys_write+0x10/0x10
[ 1855.538458][ T3189]  __do_fast_syscall_32+0x1d2/0x540
[ 1855.538477][ T3189]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1855.538494][ T3189]  ? do_fast_syscall_32+0x33/0x70
[ 1855.538512][ T3189]  ? asm_int80_emulation+0x1a/0x20
[ 1855.538529][ T3189]  ? do_int80_emulation+0x20e/0x400
[ 1855.538552][ T3189]  do_fast_syscall_32+0x33/0x70
[ 1855.538572][ T3189]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1855.538592][ T3189] RIP: 0023:0xf7ff4539
[ 1855.538609][ T3189] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1855.538624][ T3189] RSP: 002b:00000000f54b650c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 1855.538644][ T3189] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800015c0
[ 1855.538657][ T3189] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1855.538667][ T3189] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1855.538678][ T3189] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1855.538688][ T3189] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1855.538714][ T3189]  </TASK>
[ 1856.024321][ T3200] FAULT_INJECTION: forcing a failure.
[ 1856.024321][ T3200] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1856.046561][ T3200] CPU: 0 UID: 0 PID: 3200 Comm: syz.0.8617 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1856.046590][ T3200] Tainted: [L]=SOFTLOCKUP
[ 1856.046596][ T3200] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1856.046606][ T3200] Call Trace:
[ 1856.046614][ T3200]  <TASK>
[ 1856.046622][ T3200]  dump_stack_lvl+0xe8/0x150
[ 1856.046646][ T3200]  should_fail_ex+0x412/0x560
[ 1856.046664][ T3200]  _copy_from_user+0x2d/0xb0
[ 1856.046681][ T3200]  kstrtouint_from_user+0xd6/0x180
[ 1856.046695][ T3200]  ? __pfx_kstrtouint_from_user+0x10/0x10
[ 1856.046716][ T3200]  proc_fail_nth_write+0x8e/0x210
[ 1856.046731][ T3200]  ? __pfx_proc_fail_nth_write+0x10/0x10
[ 1856.046748][ T3200]  ? __pfx_proc_fail_nth_write+0x10/0x10
[ 1856.046763][ T3200]  vfs_write+0x29a/0xb90
[ 1856.046783][ T3200]  ? __pfx_vfs_write+0x10/0x10
[ 1856.046798][ T3200]  ? __fget_files+0x2a/0x420
[ 1856.046811][ T3200]  ? __fget_files+0x3a0/0x420
[ 1856.046821][ T3200]  ? __fget_files+0x2a/0x420
[ 1856.046836][ T3200]  ksys_write+0x150/0x270
[ 1856.046852][ T3200]  ? __pfx_ksys_write+0x10/0x10
[ 1856.046868][ T3200]  ? asm_int80_emulation+0x1a/0x20
[ 1856.046880][ T3200]  ? asm_int80_emulation+0x1a/0x20
[ 1856.046889][ T3200]  do_int80_emulation+0x111/0x400
[ 1856.046901][ T3200]  ? clear_bhb_loop+0x60/0xb0
[ 1856.046911][ T3200]  ? clear_bhb_loop+0x60/0xb0
[ 1856.046923][ T3200]  asm_int80_emulation+0x1a/0x20
[ 1856.046932][ T3200] RIP: 0023:0xf71f572b
[ 1856.046942][ T3200] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[ 1856.046951][ T3200] RSP: 002b:00000000f54b64bc EFLAGS: 00000246 ORIG_RAX: 0000000000000004
[ 1856.046963][ T3200] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f54b65d0
[ 1856.046970][ T3200] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[ 1856.046976][ T3200] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1856.046982][ T3200] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1856.046989][ T3200] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1856.047003][ T3200]  </TASK>
[ 1856.598885][ T3204] netlink: 68 bytes leftover after parsing attributes in process `syz.1.8616'.
[ 1857.228086][ T3216] FAULT_INJECTION: forcing a failure.
[ 1857.228086][ T3216] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1857.346759][ T3202] bridge2: entered promiscuous mode
[ 1857.383659][ T3202] bridge2: entered allmulticast mode
[ 1857.421670][ T3202] team0: Port device bridge2 added
[ 1857.519606][ T3216] CPU: 1 UID: 0 PID: 3216 Comm: syz.2.8620 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1857.519638][ T3216] Tainted: [L]=SOFTLOCKUP
[ 1857.519646][ T3216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1857.519657][ T3216] Call Trace:
[ 1857.519668][ T3216]  <TASK>
[ 1857.519678][ T3216]  dump_stack_lvl+0xe8/0x150
[ 1857.519706][ T3216]  should_fail_ex+0x412/0x560
[ 1857.519732][ T3216]  _copy_from_iter+0x1d3/0x1670
[ 1857.519760][ T3216]  ? trace_kmem_cache_alloc+0x1f/0xb0
[ 1857.519788][ T3216]  ? __pfx__copy_from_iter+0x10/0x10
[ 1857.519811][ T3216]  ? __build_skb_around+0x22d/0x3c0
[ 1857.519833][ T3216]  ? __alloc_skb+0x193/0x390
[ 1857.519851][ T3216]  ? netlink_sendmsg+0x650/0xb40
[ 1857.519868][ T3216]  ? skb_put+0x11b/0x210
[ 1857.519891][ T3216]  netlink_sendmsg+0x6c0/0xb40
[ 1857.519918][ T3216]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1857.519939][ T3216]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1857.519961][ T3216]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1857.519980][ T3216]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1857.519998][ T3216]  ____sys_sendmsg+0xa68/0xad0
[ 1857.520027][ T3216]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1857.520053][ T3216]  ? kstrtoull+0x12f/0x1d0
[ 1857.520079][ T3216]  ___sys_sendmsg+0x2a5/0x360
[ 1857.520100][ T3216]  ? __lock_acquire+0x6b5/0x2cf0
[ 1857.520127][ T3216]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1857.520150][ T3216]  ? get_pid_task+0x20/0x1f0
[ 1857.520169][ T3216]  ? get_pid_task+0x20/0x1f0
[ 1857.520185][ T3216]  ? get_pid_task+0x20/0x1f0
[ 1857.520220][ T3216]  ? __fget_files+0x2a/0x420
[ 1857.520236][ T3216]  ? __fget_files+0x3a0/0x420
[ 1857.520259][ T3216]  __sys_sendmsg+0x183/0x260
[ 1857.520282][ T3216]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1857.520313][ T3216]  ? __pfx_ksys_write+0x10/0x10
[ 1857.520345][ T3216]  __do_fast_syscall_32+0x1d2/0x540
[ 1857.520364][ T3216]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1857.520381][ T3216]  ? do_fast_syscall_32+0x33/0x70
[ 1857.520398][ T3216]  ? asm_int80_emulation+0x1a/0x20
[ 1857.520414][ T3216]  ? do_int80_emulation+0x20e/0x400
[ 1857.520436][ T3216]  do_fast_syscall_32+0x33/0x70
[ 1857.520466][ T3216]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1857.520487][ T3216] RIP: 0023:0xf73ed539
[ 1857.520504][ T3216] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1857.520520][ T3216] RSP: 002b:00000000f541650c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 1857.520539][ T3216] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800001c0
[ 1857.520553][ T3216] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1857.520562][ T3216] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1857.520573][ T3216] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1857.520584][ T3216] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1857.520611][ T3216]  </TASK>
[ 1858.107758][ T3225] netlink: 16 bytes leftover after parsing attributes in process `syz.3.8626'.
[ 1858.289280][ T3233] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8625'.
[ 1859.191018][ T3254] FAULT_INJECTION: forcing a failure.
[ 1859.191018][ T3254] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1859.244878][ T3254] CPU: 0 UID: 0 PID: 3254 Comm: syz.3.8633 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1859.244910][ T3254] Tainted: [L]=SOFTLOCKUP
[ 1859.244918][ T3254] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1859.244929][ T3254] Call Trace:
[ 1859.244937][ T3254]  <TASK>
[ 1859.244944][ T3254]  dump_stack_lvl+0xe8/0x150
[ 1859.244970][ T3254]  should_fail_ex+0x412/0x560
[ 1859.244995][ T3254]  _copy_from_user+0x2d/0xb0
[ 1859.245019][ T3254]  kstrtouint_from_user+0xd6/0x180
[ 1859.245041][ T3254]  ? __pfx_kstrtouint_from_user+0x10/0x10
[ 1859.245076][ T3254]  proc_fail_nth_write+0x8e/0x210
[ 1859.245100][ T3254]  ? __pfx_proc_fail_nth_write+0x10/0x10
[ 1859.245126][ T3254]  ? __pfx_proc_fail_nth_write+0x10/0x10
[ 1859.245148][ T3254]  vfs_write+0x29a/0xb90
[ 1859.245175][ T3254]  ? __pfx_vfs_write+0x10/0x10
[ 1859.245195][ T3254]  ? __fget_files+0x2a/0x420
[ 1859.245216][ T3254]  ? __fget_files+0x3a0/0x420
[ 1859.245231][ T3254]  ? __fget_files+0x2a/0x420
[ 1859.245255][ T3254]  ksys_write+0x150/0x270
[ 1859.245276][ T3254]  ? __pfx_ksys_write+0x10/0x10
[ 1859.245300][ T3254]  ? asm_int80_emulation+0x1a/0x20
[ 1859.245320][ T3254]  ? asm_int80_emulation+0x1a/0x20
[ 1859.245343][ T3254]  do_int80_emulation+0x111/0x400
[ 1859.245363][ T3254]  ? clear_bhb_loop+0x60/0xb0
[ 1859.245376][ T3254]  ? clear_bhb_loop+0x60/0xb0
[ 1859.245395][ T3254]  asm_int80_emulation+0x1a/0x20
[ 1859.245409][ T3254] RIP: 0023:0xf715572b
[ 1859.245424][ T3254] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[ 1859.245438][ T3254] RSP: 002b:00000000f54164bc EFLAGS: 00000246 ORIG_RAX: 0000000000000004
[ 1859.245455][ T3254] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f54165d0
[ 1859.245466][ T3254] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[ 1859.245476][ T3254] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1859.245486][ T3254] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1859.245495][ T3254] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1859.245523][ T3254]  </TASK>
[ 1860.240658][T22595] hid-generic 0000:0000:0000.0070: unknown main item tag 0x0
[ 1860.265267][T22595] hid-generic 0000:0000:0000.0070: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1860.621135][ T3278] FAULT_INJECTION: forcing a failure.
[ 1860.621135][ T3278] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1860.641102][ T3278] CPU: 0 UID: 0 PID: 3278 Comm: syz.4.8640 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1860.641129][ T3278] Tainted: [L]=SOFTLOCKUP
[ 1860.641133][ T3278] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1860.641140][ T3278] Call Trace:
[ 1860.641145][ T3278]  <TASK>
[ 1860.641150][ T3278]  dump_stack_lvl+0xe8/0x150
[ 1860.641169][ T3278]  should_fail_ex+0x412/0x560
[ 1860.641184][ T3278]  _copy_from_iter+0x1d3/0x1670
[ 1860.641201][ T3278]  ? trace_kmem_cache_alloc+0x1f/0xb0
[ 1860.641218][ T3278]  ? __pfx__copy_from_iter+0x10/0x10
[ 1860.641231][ T3278]  ? __build_skb_around+0x22d/0x3c0
[ 1860.641245][ T3278]  ? __alloc_skb+0x193/0x390
[ 1860.641256][ T3278]  ? netlink_sendmsg+0x650/0xb40
[ 1860.641267][ T3278]  ? skb_put+0x11b/0x210
[ 1860.641280][ T3278]  netlink_sendmsg+0x6c0/0xb40
[ 1860.641295][ T3278]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1860.641307][ T3278]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1860.641321][ T3278]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1860.641333][ T3278]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1860.641343][ T3278]  ____sys_sendmsg+0xa68/0xad0
[ 1860.641360][ T3278]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1860.641375][ T3278]  ? kstrtoull+0x12f/0x1d0
[ 1860.641390][ T3278]  ___sys_sendmsg+0x2a5/0x360
[ 1860.641403][ T3278]  ? __lock_acquire+0x6b5/0x2cf0
[ 1860.641419][ T3278]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1860.641433][ T3278]  ? get_pid_task+0x20/0x1f0
[ 1860.641444][ T3278]  ? get_pid_task+0x20/0x1f0
[ 1860.641454][ T3278]  ? get_pid_task+0x20/0x1f0
[ 1860.641476][ T3278]  ? __fget_files+0x2a/0x420
[ 1860.641487][ T3278]  ? __fget_files+0x3a0/0x420
[ 1860.641502][ T3278]  __sys_sendmsg+0x183/0x260
[ 1860.641515][ T3278]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1860.641534][ T3278]  ? __pfx_ksys_write+0x10/0x10
[ 1860.641553][ T3278]  __do_fast_syscall_32+0x1d2/0x540
[ 1860.641565][ T3278]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1860.641575][ T3278]  ? do_fast_syscall_32+0x33/0x70
[ 1860.641585][ T3278]  ? asm_int80_emulation+0x1a/0x20
[ 1860.641594][ T3278]  ? do_int80_emulation+0x20e/0x400
[ 1860.641607][ T3278]  do_fast_syscall_32+0x33/0x70
[ 1860.641619][ T3278]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1860.641631][ T3278] RIP: 0023:0xf73ad539
[ 1860.641640][ T3278] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1860.641649][ T3278] RSP: 002b:00000000f53d650c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 1860.641661][ T3278] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800004c0
[ 1860.641668][ T3278] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1860.641674][ T3278] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1860.641679][ T3278] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1860.641685][ T3278] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1860.641699][ T3278]  </TASK>
[ 1861.317329][ T3284] FAULT_INJECTION: forcing a failure.
[ 1861.317329][ T3284] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1861.335484][ T3284] CPU: 1 UID: 0 PID: 3284 Comm: syz.4.8644 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1861.335511][ T3284] Tainted: [L]=SOFTLOCKUP
[ 1861.335518][ T3284] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1861.335529][ T3284] Call Trace:
[ 1861.335536][ T3284]  <TASK>
[ 1861.335545][ T3284]  dump_stack_lvl+0xe8/0x150
[ 1861.335573][ T3284]  should_fail_ex+0x412/0x560
[ 1861.335593][ T3284]  _copy_from_iter+0x1d3/0x1670
[ 1861.335610][ T3284]  ? trace_kmem_cache_alloc+0x1f/0xb0
[ 1861.335628][ T3284]  ? __pfx__copy_from_iter+0x10/0x10
[ 1861.335641][ T3284]  ? __build_skb_around+0x22d/0x3c0
[ 1861.335654][ T3284]  ? __alloc_skb+0x193/0x390
[ 1861.335665][ T3284]  ? netlink_sendmsg+0x650/0xb40
[ 1861.335676][ T3284]  ? skb_put+0x11b/0x210
[ 1861.335690][ T3284]  netlink_sendmsg+0x6c0/0xb40
[ 1861.335704][ T3284]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1861.335720][ T3284]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1861.335734][ T3284]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1861.335746][ T3284]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1861.335755][ T3284]  ____sys_sendmsg+0xa68/0xad0
[ 1861.335773][ T3284]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1861.335788][ T3284]  ? kstrtoull+0x12f/0x1d0
[ 1861.335804][ T3284]  ___sys_sendmsg+0x2a5/0x360
[ 1861.335816][ T3284]  ? __lock_acquire+0x6b5/0x2cf0
[ 1861.335832][ T3284]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1861.335846][ T3284]  ? get_pid_task+0x20/0x1f0
[ 1861.335864][ T3284]  ? get_pid_task+0x20/0x1f0
[ 1861.335873][ T3284]  ? get_pid_task+0x20/0x1f0
[ 1861.335895][ T3284]  ? __fget_files+0x2a/0x420
[ 1861.335906][ T3284]  ? __fget_files+0x3a0/0x420
[ 1861.335922][ T3284]  __sys_sendmsg+0x183/0x260
[ 1861.335935][ T3284]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1861.335954][ T3284]  ? __pfx_ksys_write+0x10/0x10
[ 1861.335978][ T3284]  __do_fast_syscall_32+0x1d2/0x540
[ 1861.335990][ T3284]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1861.336000][ T3284]  ? do_fast_syscall_32+0x33/0x70
[ 1861.336010][ T3284]  ? asm_int80_emulation+0x1a/0x20
[ 1861.336020][ T3284]  ? do_int80_emulation+0x20e/0x400
[ 1861.336032][ T3284]  do_fast_syscall_32+0x33/0x70
[ 1861.336043][ T3284]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1861.336055][ T3284] RIP: 0023:0xf73ad539
[ 1861.336065][ T3284] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1861.336073][ T3284] RSP: 002b:00000000f53d650c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 1861.336085][ T3284] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800001c0
[ 1861.336092][ T3284] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1861.336098][ T3284] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1861.336104][ T3284] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1861.336110][ T3284] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1861.336124][ T3284]  </TASK>
[ 1861.895203][ T3290] netlink: 32 bytes leftover after parsing attributes in process `syz.1.8645'.
[ 1862.037832][ T3298] FAULT_INJECTION: forcing a failure.
[ 1862.037832][ T3298] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1862.071880][ T3298] CPU: 0 UID: 0 PID: 3298 Comm: syz.1.8648 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1862.071910][ T3298] Tainted: [L]=SOFTLOCKUP
[ 1862.071921][ T3298] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1862.071933][ T3298] Call Trace:
[ 1862.071941][ T3298]  <TASK>
[ 1862.071951][ T3298]  dump_stack_lvl+0xe8/0x150
[ 1862.071977][ T3298]  should_fail_ex+0x412/0x560
[ 1862.072003][ T3298]  _copy_from_iter+0x1d3/0x1670
[ 1862.072029][ T3298]  ? trace_kmem_cache_alloc+0x1f/0xb0
[ 1862.072055][ T3298]  ? __pfx__copy_from_iter+0x10/0x10
[ 1862.072077][ T3298]  ? __build_skb_around+0x22d/0x3c0
[ 1862.072100][ T3298]  ? __alloc_skb+0x193/0x390
[ 1862.072119][ T3298]  ? netlink_sendmsg+0x650/0xb40
[ 1862.072137][ T3298]  ? skb_put+0x11b/0x210
[ 1862.072160][ T3298]  netlink_sendmsg+0x6c0/0xb40
[ 1862.072187][ T3298]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1862.072209][ T3298]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1862.072235][ T3298]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1862.072256][ T3298]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1862.072273][ T3298]  ____sys_sendmsg+0xa68/0xad0
[ 1862.072303][ T3298]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1862.072329][ T3298]  ? kstrtoull+0x12f/0x1d0
[ 1862.072356][ T3298]  ___sys_sendmsg+0x2a5/0x360
[ 1862.072376][ T3298]  ? __lock_acquire+0x6b5/0x2cf0
[ 1862.072402][ T3298]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1862.072425][ T3298]  ? get_pid_task+0x20/0x1f0
[ 1862.072444][ T3298]  ? get_pid_task+0x20/0x1f0
[ 1862.072461][ T3298]  ? get_pid_task+0x20/0x1f0
[ 1862.072501][ T3298]  ? __fget_files+0x2a/0x420
[ 1862.072517][ T3298]  ? __fget_files+0x3a0/0x420
[ 1862.072542][ T3298]  __sys_sendmsg+0x183/0x260
[ 1862.072565][ T3298]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1862.072597][ T3298]  ? __pfx_ksys_write+0x10/0x10
[ 1862.072627][ T3298]  __do_fast_syscall_32+0x1d2/0x540
[ 1862.072645][ T3298]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1862.072662][ T3298]  ? do_fast_syscall_32+0x33/0x70
[ 1862.072679][ T3298]  ? asm_int80_emulation+0x1a/0x20
[ 1862.072696][ T3298]  ? do_int80_emulation+0x20e/0x400
[ 1862.072713][ T3298]  ? rcu_is_watching+0x15/0xb0
[ 1862.072785][ T3298]  do_fast_syscall_32+0x33/0x70
[ 1862.072805][ T3298]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1862.072825][ T3298] RIP: 0023:0xf7f37539
[ 1862.072842][ T3298] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1862.072857][ T3298] RSP: 002b:00000000f53f650c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 1862.072877][ T3298] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800002c0
[ 1862.072889][ T3298] RDX: 0000000000000090 RSI: 0000000000000000 RDI: 0000000000000000
[ 1862.072900][ T3298] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1862.072911][ T3298] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1862.072922][ T3298] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1862.072948][ T3298]  </TASK>
[ 1862.569598][ T3301] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8641'.
[ 1862.619152][ T3302] netlink: 8 bytes leftover after parsing attributes in process `syz.4.8649'.
[ 1862.915357][T15631] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[ 1863.081935][T15631] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1863.084806][T22595] usb 5-1: new high-speed USB device number 127 using dummy_hcd
[ 1863.105329][T15631] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1863.122030][T15631] usb 2-1: New USB device found, idVendor=5543, idProduct=0042, bcdDevice= 0.00
[ 1863.134109][T15631] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1863.152028][T15631] usb 2-1: config 0 descriptor??
[ 1863.244799][T22595] usb 5-1: Using ep0 maxpacket: 16
[ 1863.252056][T22595] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1863.266877][T22595] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1863.294380][T22595] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1863.315013][T22595] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1863.324992][T22595] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1863.348689][T22595] usb 5-1: config 0 descriptor??
[ 1863.593123][T15631] uclogic 0003:5543:0042.0071: unknown main item tag 0x2
[ 1863.655088][T15631] uclogic 0003:5543:0042.0071: hidraw0: USB HID v0.00 Device [HID 5543:0042] on usb-dummy_hcd.1-1/input0
[ 1863.788076][ T3312] netlink: 'syz.4.8652': attribute type 13 has an invalid length.
[ 1863.792637][T15631] usb 2-1: USB disconnect, device number 20
[ 1863.976717][T22595] microsoft 0003:045E:07DA.0072: unknown main item tag 0x0
[ 1863.986802][T22595] microsoft 0003:045E:07DA.0072: unknown main item tag 0x0
[ 1864.014754][T22595] microsoft 0003:045E:07DA.0072: unknown main item tag 0x0
[ 1864.028489][T22595] microsoft 0003:045E:07DA.0072: unknown main item tag 0x0
[ 1864.056154][T22595] microsoft 0003:045E:07DA.0072: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.4-1/input0
[ 1864.077591][T22595] microsoft 0003:045E:07DA.0072: no inputs found
[ 1864.090961][T22595] microsoft 0003:045E:07DA.0072: could not initialize ff, continuing anyway
[ 1864.372435][ T3332] netlink: 72 bytes leftover after parsing attributes in process `syz.0.8657'.
[ 1864.385095][T22595] usb 3-1: new high-speed USB device number 69 using dummy_hcd
[ 1864.449716][ T3334] syzkaller1: entered promiscuous mode
[ 1864.455566][ T3334] syzkaller1: entered allmulticast mode
[ 1864.543144][T22595] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1864.562869][T22595] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1864.575207][T22595] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[ 1864.600376][T22595] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1864.635011][T22595] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1864.655784][   T30] audit: type=1326 audit(1769915464.460:2438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3338 comm="syz.0.8660" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7ff4539 code=0x0
[ 1864.690165][T22595] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1864.713696][T22595] usb 3-1: config 0 descriptor??
[ 1864.825559][T15631] usb 5-1: USB disconnect, device number 127
[ 1864.931619][ T3349] FAULT_INJECTION: forcing a failure.
[ 1864.931619][ T3349] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1864.961108][ T3349] CPU: 0 UID: 0 PID: 3349 Comm: syz.4.8662 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1864.961139][ T3349] Tainted: [L]=SOFTLOCKUP
[ 1864.961147][ T3349] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1864.961156][ T3349] Call Trace:
[ 1864.961163][ T3349]  <TASK>
[ 1864.961170][ T3349]  dump_stack_lvl+0xe8/0x150
[ 1864.961195][ T3349]  should_fail_ex+0x412/0x560
[ 1864.961218][ T3349]  _copy_from_iter+0x1d3/0x1670
[ 1864.961246][ T3349]  ? trace_kmem_cache_alloc+0x1f/0xb0
[ 1864.961269][ T3349]  ? __pfx__copy_from_iter+0x10/0x10
[ 1864.961291][ T3349]  ? __build_skb_around+0x22d/0x3c0
[ 1864.961314][ T3349]  ? __alloc_skb+0x193/0x390
[ 1864.961332][ T3349]  ? netlink_sendmsg+0x650/0xb40
[ 1864.961349][ T3349]  ? skb_put+0x11b/0x210
[ 1864.961372][ T3349]  netlink_sendmsg+0x6c0/0xb40
[ 1864.961397][ T3349]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1864.961419][ T3349]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1864.961440][ T3349]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1864.961461][ T3349]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1864.961478][ T3349]  ____sys_sendmsg+0xa68/0xad0
[ 1864.961515][ T3349]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1864.961540][ T3349]  ? kstrtoull+0x12f/0x1d0
[ 1864.961566][ T3349]  ___sys_sendmsg+0x2a5/0x360
[ 1864.961586][ T3349]  ? __lock_acquire+0x6b5/0x2cf0
[ 1864.961611][ T3349]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1864.961635][ T3349]  ? get_pid_task+0x20/0x1f0
[ 1864.961653][ T3349]  ? get_pid_task+0x20/0x1f0
[ 1864.961670][ T3349]  ? get_pid_task+0x20/0x1f0
[ 1864.961711][ T3349]  ? __fget_files+0x2a/0x420
[ 1864.961729][ T3349]  ? __fget_files+0x3a0/0x420
[ 1864.961753][ T3349]  __sys_sendmsg+0x183/0x260
[ 1864.961777][ T3349]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1864.961806][ T3349]  ? __pfx_ksys_write+0x10/0x10
[ 1864.961835][ T3349]  __do_fast_syscall_32+0x1d2/0x540
[ 1864.961854][ T3349]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1864.961871][ T3349]  ? do_fast_syscall_32+0x33/0x70
[ 1864.961888][ T3349]  ? asm_int80_emulation+0x1a/0x20
[ 1864.961904][ T3349]  ? do_int80_emulation+0x20e/0x400
[ 1864.961925][ T3349]  do_fast_syscall_32+0x33/0x70
[ 1864.961944][ T3349]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1864.961963][ T3349] RIP: 0023:0xf73ad539
[ 1864.961981][ T3349] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1864.961995][ T3349] RSP: 002b:00000000f53d650c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 1864.962012][ T3349] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000240
[ 1864.962025][ T3349] RDX: 0000000004000040 RSI: 0000000000000000 RDI: 0000000000000000
[ 1864.962035][ T3349] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1864.962045][ T3349] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1864.962056][ T3349] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1864.962083][ T3349]  </TASK>
[ 1865.585191][T22595] plantronics 0003:047F:FFFF.0073: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[ 1865.858847][ T3358] FAULT_INJECTION: forcing a failure.
[ 1865.858847][ T3358] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1865.874408][ T3358] CPU: 0 UID: 0 PID: 3358 Comm: syz.0.8665 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1865.874438][ T3358] Tainted: [L]=SOFTLOCKUP
[ 1865.874445][ T3358] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1865.874456][ T3358] Call Trace:
[ 1865.874464][ T3358]  <TASK>
[ 1865.874473][ T3358]  dump_stack_lvl+0xe8/0x150
[ 1865.874501][ T3358]  should_fail_ex+0x412/0x560
[ 1865.874527][ T3358]  _copy_from_iter+0x1d3/0x1670
[ 1865.874555][ T3358]  ? trace_kmem_cache_alloc+0x1f/0xb0
[ 1865.874581][ T3358]  ? __pfx__copy_from_iter+0x10/0x10
[ 1865.874603][ T3358]  ? __build_skb_around+0x22d/0x3c0
[ 1865.874625][ T3358]  ? __alloc_skb+0x193/0x390
[ 1865.874647][ T3358]  ? netlink_sendmsg+0x650/0xb40
[ 1865.874663][ T3358]  ? skb_put+0x11b/0x210
[ 1865.874684][ T3358]  netlink_sendmsg+0x6c0/0xb40
[ 1865.874707][ T3358]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1865.874728][ T3358]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1865.874751][ T3358]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1865.874772][ T3358]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1865.874790][ T3358]  ____sys_sendmsg+0xa68/0xad0
[ 1865.874820][ T3358]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1865.874845][ T3358]  ? kstrtoull+0x12f/0x1d0
[ 1865.874873][ T3358]  ___sys_sendmsg+0x2a5/0x360
[ 1865.874894][ T3358]  ? __lock_acquire+0x6b5/0x2cf0
[ 1865.874920][ T3358]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1865.874944][ T3358]  ? get_pid_task+0x20/0x1f0
[ 1865.874962][ T3358]  ? get_pid_task+0x20/0x1f0
[ 1865.874977][ T3358]  ? get_pid_task+0x20/0x1f0
[ 1865.875016][ T3358]  ? __fget_files+0x2a/0x420
[ 1865.875034][ T3358]  ? __fget_files+0x3a0/0x420
[ 1865.875061][ T3358]  __sys_sendmsg+0x183/0x260
[ 1865.875084][ T3358]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1865.875116][ T3358]  ? __pfx_ksys_write+0x10/0x10
[ 1865.875146][ T3358]  __do_fast_syscall_32+0x1d2/0x540
[ 1865.875165][ T3358]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1865.875182][ T3358]  ? do_fast_syscall_32+0x33/0x70
[ 1865.875199][ T3358]  ? asm_int80_emulation+0x1a/0x20
[ 1865.875216][ T3358]  ? do_int80_emulation+0x20e/0x400
[ 1865.875238][ T3358]  do_fast_syscall_32+0x33/0x70
[ 1865.875258][ T3358]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1865.875284][ T3358] RIP: 0023:0xf7ff4539
[ 1865.875300][ T3358] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1865.875341][ T3358] RSP: 002b:00000000f54b650c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 1865.875362][ T3358] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800001c0
[ 1865.875375][ T3358] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1865.875386][ T3358] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1865.875396][ T3358] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1865.875407][ T3358] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1865.875434][ T3358]  </TASK>
[ 1866.509532][T22595] usb 3-1: USB disconnect, device number 69
[ 1866.829346][T22612] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[ 1866.925972][ T3379] xt_bpf: check failed: parse error
[ 1866.986622][T22612] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[ 1867.000395][T22612] usb 5-1: New USB device found, idVendor=0419, idProduct=0600, bcdDevice= 0.00
[ 1867.010029][T22612] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1867.021684][T22612] usb 5-1: config 0 descriptor??
[ 1867.442364][T22612] usbhid 5-1:0.0: can't add hid device: -71
[ 1867.453785][T22612] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[ 1867.491431][T22612] usb 5-1: USB disconnect, device number 2
[ 1867.865046][   T31] INFO: task kworker/1:8:22611 blocked for more than 143 seconds.
[ 1867.876411][   T31]       Tainted: G             L      syzkaller #0
[ 1867.898785][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1867.916850][   T31] task:kworker/1:8     state:D stack:21472 pid:22611 tgid:22611 ppid:2      task_flags:0x4208060 flags:0x00080000
[ 1867.943490][   T31] Workqueue: usb_hub_wq hub_event
[ 1867.961750][   T31] Call Trace:
[ 1867.968869][   T31]  <TASK>
[ 1867.977444][   T31]  __schedule+0x14ea/0x5050
[ 1867.984956][   T31]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1867.997672][   T31]  ? wq_worker_sleeping+0xfe/0x250
[ 1868.007683][   T31]  ? __pfx___schedule+0x10/0x10
[ 1868.018959][   T31]  ? schedule+0x90/0x360
[ 1868.027993][   T31]  schedule+0x164/0x360
[ 1868.036881][   T31]  schedule_preempt_disabled+0x13/0x30
[ 1868.049618][   T31]  __mutex_lock+0x7fe/0x1300
[ 1868.060097][   T31]  ? __mutex_lock+0x5ac/0x1300
[ 1868.070886][   T31]  ? hub_event+0x21a2/0x4f30
[ 1868.083174][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 1868.094279][   T31]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1868.107701][   T31]  hub_event+0x21a2/0x4f30
[ 1868.117713][   T31]  ? __pfx_hub_event+0x10/0x10
[ 1868.127586][   T31]  ? process_scheduled_works+0xa0f/0x17a0
[ 1868.139743][   T31]  ? process_scheduled_works+0xa0f/0x17a0
[ 1868.152988][   T31]  ? process_scheduled_works+0xa0f/0x17a0
[ 1868.166943][   T31]  process_scheduled_works+0xaec/0x17a0
[ 1868.180397][   T31]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1868.193131][   T31]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1868.203787][   T31]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1868.217202][   T31]  ? schedule+0x90/0x360
[ 1868.226109][   T31]  worker_thread+0xda6/0x1360
[ 1868.236100][   T31]  kthread+0x726/0x8b0
[ 1868.241402][   T31]  ? __pfx_worker_thread+0x10/0x10
[ 1868.260406][   T31]  ? __pfx_kthread+0x10/0x10
[ 1868.272241][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1868.285360][   T31]  ? __pfx_kthread+0x10/0x10
[ 1868.294366][   T31]  ret_from_fork+0x51b/0xa40
[ 1868.301013][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[ 1868.307682][   T31]  ? __switch_to+0xc82/0x1410
[ 1868.312593][   T31]  ? __pfx_kthread+0x10/0x10
[ 1868.318809][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1868.324494][   T31]  </TASK>
[ 1868.329033][   T31] 
[ 1868.329033][   T31] Showing all locks held in the system:
[ 1868.344780][   T31] 1 lock held by khungtaskd/31:
[ 1868.348536][ T3402] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8676'.
[ 1868.349875][   T31]  #0: ffffffff8e55a360 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[ 1868.373157][   T31] 2 locks held by getty/5580:
[ 1868.379373][   T31]  #0: ffff88814d1320a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[ 1868.397310][   T31]  #1: ffffc9000332b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x45c/0x13c0
[ 1868.408905][   T31] 6 locks held by kworker/0:13/15629:
[ 1868.414366][   T31]  #0: ffff8880206b8548 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_scheduled_works+0x9d4/0x17a0
[ 1868.428336][   T31]  #1: ffffc90004827bc0 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_scheduled_works+0xa0f/0x17a0
[ 1868.443281][   T31]  #2: ffff888028ea3198 (&dev->mutex){....}-{4:4}, at: hub_event+0x17f/0x4f30
[ 1868.453464][   T31]  #3: ffff8880711dc198 (&dev->mutex){....}-{4:4}, at: __device_attach+0x88/0x450
[ 1868.463091][   T31]  #4: ffff88807ca12160 (&dev->mutex){....}-{4:4}, at: __device_attach+0x88/0x450
[ 1868.472519][   T31]  #5: ffffffff8e3f7790 (umhelper_sem){++++}-{4:4}, at: usermodehelper_read_trylock+0xfc/0x2c0
[ 1868.484469][   T31] 5 locks held by kworker/1:8/22611:
[ 1868.490402][   T31]  #0: ffff8880206b8548 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_scheduled_works+0x9d4/0x17a0
[ 1868.505620][   T31]  #1: ffffc900044afbc0 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_scheduled_works+0xa0f/0x17a0
[ 1868.524736][   T31]  #2: ffff8881447f5198 (&dev->mutex){....}-{4:4}, at: hub_event+0x17f/0x4f30
[ 1868.533720][   T31]  #3: ffff888144b10518 (&port_dev->status_lock){+.+.}-{4:4}, at: hub_event+0x217a/0x4f30
[ 1868.547356][   T31]  #4: ffff88814436f068 (hcd->address0_mutex){+.+.}-{4:4}, at: hub_event+0x21a2/0x4f30
[ 1868.557589][   T31] 5 locks held by kworker/0:1/28608:
[ 1868.564705][   T31]  #0: ffff8880206b8548 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_scheduled_works+0x9d4/0x17a0
[ 1868.578724][   T31]  #1: ffffc9000be0fbc0 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_scheduled_works+0xa0f/0x17a0
[ 1868.594041][   T31]  #2: ffff8881447e7198 (&dev->mutex){....}-{4:4}, at: hub_event+0x17f/0x4f30
[ 1868.606189][   T31]  #3: ffff888029eda518 (&port_dev->status_lock){+.+.}-{4:4}, at: hub_event+0x217a/0x4f30
[ 1868.619716][   T31]  #4: ffff88814436f068 (hcd->address0_mutex){+.+.}-{4:4}, at: hub_event+0x21a2/0x4f30
[ 1868.645016][   T31] 1 lock held by syz.2.8674/3384:
[ 1868.652582][   T31] 1 lock held by syz.1.8675/3387:
[ 1868.661323][   T31]  #0: ffffffff8e560b40 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x580
[ 1868.671491][   T31] 1 lock held by syz.0.8676/3401:
[ 1868.677240][   T31] 
[ 1868.679640][   T31] =============================================
[ 1868.679640][   T31] 
[ 1868.695210][   T31] NMI backtrace for cpu 1
[ 1868.695232][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1868.695255][   T31] Tainted: [L]=SOFTLOCKUP
[ 1868.695263][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1868.695272][   T31] Call Trace:
[ 1868.695280][   T31]  <TASK>
[ 1868.695289][   T31]  dump_stack_lvl+0xe8/0x150
[ 1868.695339][   T31]  nmi_cpu_backtrace+0x274/0x2d0
[ 1868.695362][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 1868.695387][   T31]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[ 1868.695413][   T31]  sys_info+0x135/0x170
[ 1868.695431][   T31]  watchdog+0xf90/0xfe0
[ 1868.695456][   T31]  ? watchdog+0x209/0xfe0
[ 1868.695479][   T31]  kthread+0x726/0x8b0
[ 1868.695506][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1868.695523][   T31]  ? __pfx_kthread+0x10/0x10
[ 1868.695544][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1868.695567][   T31]  ? __pfx_kthread+0x10/0x10
[ 1868.695587][   T31]  ret_from_fork+0x51b/0xa40
[ 1868.695613][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[ 1868.695635][   T31]  ? __switch_to+0xc82/0x1410
[ 1868.695660][   T31]  ? __pfx_kthread+0x10/0x10
[ 1868.695680][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1868.695715][   T31]  </TASK>
[ 1868.695742][   T31] Sending NMI from CPU 1 to CPUs 0:
[ 1868.823460][    C0] NMI backtrace for cpu 0
[ 1868.823480][    C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1868.823501][    C0] Tainted: [L]=SOFTLOCKUP
[ 1868.823507][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1868.823517][    C0] RIP: 0010:pv_native_safe_halt+0xf/0x20
[ 1868.823539][    C0] Code: a8 60 02 e9 53 e8 02 00 cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d d3 67 12 00 fb f4 <c3> cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 90 90 90 90 90
[ 1868.823553][    C0] RSP: 0018:ffffffff8e207dc0 EFLAGS: 00000246
[ 1868.823567][    C0] RAX: 0000000001fa334d RBX: ffffffff8199570d RCX: 0000000080000001
[ 1868.823579][    C0] RDX: 0000000000000001 RSI: ffffffff8dcc9170 RDI: ffffffff8c073a00
[ 1868.823590][    C0] RBP: ffffffff8e207eb0 R08: ffff8880b86336db R09: 1ffff110170c66db
[ 1868.823601][    C0] R10: dffffc0000000000 R11: ffffed10170c66dc R12: ffffffff8fef1b70
[ 1868.823613][    C0] R13: 1ffffffff1c52a78 R14: 0000000000000000 R15: 0000000000000000
[ 1868.823623][    C0] FS:  0000000000000000(0000) GS:ffff8881256f5000(0000) knlGS:0000000000000000
[ 1868.823636][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1868.823647][    C0] CR2: 00000000f73df71c CR3: 000000006fdaa000 CR4: 00000000003526f0
[ 1868.823661][    C0] Call Trace:
[ 1868.823668][    C0]  <TASK>
[ 1868.823674][    C0]  default_idle+0x9/0x20
[ 1868.823690][    C0]  default_idle_call+0x72/0xb0
[ 1868.823707][    C0]  do_idle+0x1bd/0x500
[ 1868.823720][    C0]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1868.823737][    C0]  ? __pfx_do_idle+0x10/0x10
[ 1868.823754][    C0]  cpu_startup_entry+0x43/0x60
[ 1868.823766][    C0]  rest_init+0x2de/0x300
[ 1868.823785][    C0]  start_kernel+0x380/0x3d0
[ 1868.823804][    C0]  x86_64_start_reservations+0x24/0x30
[ 1868.823821][    C0]  x86_64_start_kernel+0x143/0x1c0
[ 1868.823836][    C0]  common_startup_64+0x13e/0x147
[ 1868.823860][    C0]  </TASK>
[ 1869.033708][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[ 1869.040583][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1869.051288][   T31] Tainted: [L]=SOFTLOCKUP
[ 1869.055597][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1869.065641][   T31] Call Trace:
[ 1869.068911][   T31]  <TASK>
[ 1869.071828][   T31]  vpanic+0x1e0/0x670
[ 1869.075799][   T31]  panic+0xc5/0xd0
[ 1869.079506][   T31]  ? __pfx_panic+0x10/0x10
[ 1869.083917][   T31]  ? preempt_schedule_thunk+0x16/0x30
[ 1869.089298][   T31]  ? nmi_trigger_cpumask_backtrace+0x2bb/0x300
[ 1869.095436][   T31]  watchdog+0xfda/0xfe0
[ 1869.099584][   T31]  ? watchdog+0x209/0xfe0
[ 1869.103903][   T31]  kthread+0x726/0x8b0
[ 1869.107957][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1869.112613][   T31]  ? __pfx_kthread+0x10/0x10
[ 1869.117189][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1869.122458][   T31]  ? __pfx_kthread+0x10/0x10
[ 1869.127059][   T31]  ret_from_fork+0x51b/0xa40
[ 1869.131641][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[ 1869.136740][   T31]  ? __switch_to+0xc82/0x1410
[ 1869.141403][   T31]  ? __pfx_kthread+0x10/0x10
[ 1869.145981][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1869.150783][   T31]  </TASK>
[ 1869.153940][   T31] Kernel Offset: disabled
[ 1869.158248][   T31] Rebooting in 86400 seconds..