last executing test programs:

15m34.350828458s ago: executing program 4 (id=156):
syz_usb_connect(0x5, 0x24, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0xe8, 0x3e, 0x4, 0x10, 0x409, 0x63, 0x834b, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x4, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x33, 0x2, 0x0, 0xed, 0x43, 0x60}}]}}]}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000280)={@mcast1, 0x800, 0x0, 0x103, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f0000000040)=0x5, 0x4)
sendmsg$inet6(r0, &(0x7f00000000c0)={&(0x7f00000001c0)={0xa, 0x4e23, 0x80000, @private1={0xfc, 0x1, '\x00', 0x1}}, 0x18, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="110000000000000029000000", @ANYRES16=r0], 0x18}, 0x40c0)

15m32.437728309s ago: executing program 4 (id=160):
r0 = io_uring_setup(0x6ddd, &(0x7f00000002c0)={0x0, 0x62af, 0x40, 0xffffffff})
io_uring_register$IORING_REGISTER_FILES_UPDATE2(r0, 0xd, &(0x7f0000000000)={0x7, 0x0, 0x0, 0x0, 0x32}, 0x20)
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000500)=ANY=[@ANYBLOB="12010000000000207d1e5a2d00000000000109022400010000000009040000010300000009210000000122080009058103"], 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
syz_usb_control_io$hid(r1, &(0x7f0000000740)={0x24, 0x0, 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="002208000000a20100c3"], 0x0}, 0x0)
r2 = syz_open_dev$hiddev(&(0x7f0000000000), 0x0, 0x880)
preadv2(r2, &(0x7f00000005c0)=[{&(0x7f00000000c0)=""/18, 0x12}, {&(0x7f0000000100)=""/134, 0x86}, {0x0}], 0x3, 0x5, 0x8, 0x1)
bpf$MAP_CREATE(0x100000000000000, &(0x7f00000006c0)=ANY=[@ANYBLOB="0a00000016000000b4", @ANYBLOB="0000003c1a6c9053"], 0x48)

15m26.963199213s ago: executing program 4 (id=166):
r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000005c0)=@newtaction={0x100, 0x30, 0x1, 0x0, 0x0, {}, [{0xec, 0x1, [@m_ct={0x9c, 0x2, 0x0, 0x0, {{0x7}, {0x74, 0x2, 0x0, 0x1, [@TCA_CT_LABELS={0x14, 0x7, "d0be4705f1a9d31eebbd66ced51c1d62"}, @TCA_CT_LABELS={0x14, 0x7, "39e680828fae81f26e410cd2b7ef3e70"}, @TCA_CT_PARMS={0x18, 0x1, {0x6, 0x9, 0x1, 0x9}}, @TCA_CT_ACTION={0x6, 0x3, 0x3c}, @TCA_CT_MARK={0x8, 0x5, 0x8}, @TCA_CT_ZONE={0x6, 0x4, 0x3}, @TCA_CT_ZONE={0x6, 0x4, 0x9}, @TCA_CT_NAT_PORT_MIN={0x6, 0xd, 0x4e22}, @TCA_CT_NAT_PORT_MAX={0x6, 0xe, 0x4e24}]}, {0x4, 0x2}, {0xc}, {0xc}}}, @m_ife={0x4c, 0x1, 0x0, 0x0, {{0x8}, {0x24, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0xfffffffffffffffe}}}, @TCA_IFE_METALST={0x4}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x100}}, 0x0)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r2, 0x84, 0x6, &(0x7f0000000280)={0x0, @in6={{0xa, 0x4e20, 0x4, @empty}}}, 0x84)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), r0)
syz_usb_connect(0x5, 0x34, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000094ba78084e080110aeed010203010902220001000000000904000001437b6a00090500000000000000070594ef"], 0x0)
r3 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(r3, 0x84, 0x70, &(0x7f0000000400)={0x0, @in6={{0xa, 0x4e23, 0x295, @private0, 0x7}}, [0xffffffffffffffff, 0xfffffffffffffffc, 0x400, 0xb2, 0x6, 0x3, 0xfffffffffffffcd1, 0x4, 0x800, 0xfffffffffffffff9, 0x3, 0x200000004, 0x7, 0xfffffffffffffff6]}, &(0x7f0000000000)=0x100)
socket$inet_sctp(0x2, 0x1, 0x84)
r4 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r4, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r5=>0x0}, &(0x7f00000000c0)=0x8)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r3, 0x84, 0x6, &(0x7f0000000200)={r5, @in={{0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x3a}}}}, 0x0)
setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000580)={r5, 0x3de7}, 0x8)
setsockopt$inet_sctp6_SCTP_ADD_STREAMS(r2, 0x84, 0x79, &(0x7f0000000080)={r5, 0x6, 0x9}, 0x8)

15m22.490776128s ago: executing program 4 (id=178):
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x101000)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000000c0)={0x53, 0xfffffffe, 0x0, 0x2, @scatter={0x0, 0x40000, 0x0}, 0x0, 0x0, 0x800004, 0x10030, 0x1, 0x0})
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
connect$bt_l2cap(r4, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
setsockopt$bt_BT_FLUSHABLE(r4, 0x112, 0x8, &(0x7f0000000240), 0x4)
getpgid(0x0)
r5 = syz_open_dev$mouse(&(0x7f00000000c0), 0x0, 0x2042)
openat$mice(0xffffffffffffff9c, &(0x7f00000002c0), 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000040)={'wlan1\x00'})

15m21.674421009s ago: executing program 4 (id=180):
syz_extract_tcp_res(&(0x7f00000000c0), 0xd7, 0x2)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
r2 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/comedi4\x00', 0x40, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x1, 0x31, 0xffffffffffffffff, 0x8871b000)
ioctl$COMEDI_BUFCONFIG(r2, 0x8020640d, &(0x7f0000000040)={0x0, 0x5, 0x5, 0x24})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, 0x0, 0x0)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_emit_ethernet(0x52, &(0x7f0000000840)=ANY=[], 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x62001, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000640)=ANY=[@ANYBLOB="300000002c0007012bbd7000ffdbdf25067c00000800f57f0100dd80140003801000018000002f80000074000000fe000400000000004c0000004800e000000200008a00ac14141592557b1db244ab351d2a49c5d3353e00a7c863b7a4e97cf78a6d05ab3f777541105a91db173d000000c3beb899adffc9c05eb8c1126ae35569f307076b0926b332d3469eb51c22e2ad08d45d9a15c8e07521442eb906e345d5f7f6c5826f5fcaef4b5dd7f7938088ef6434cca8de28558248719d15c75c1e7a986fbf19734b1cdba2c8622e21c82835e31a63b9eda6cd5afcf7d09d6c35db1f3455cea6e21829a8ff488d88ef4d77892be7211d9bbaa724fafb6253858450c6b156518155ecfa7e5d2f00a7394cab8c3dd121484859bc94b7a936aa00006500", @ANYRES32=0x0, @ANYBLOB], 0x30}, 0x1, 0x0, 0x0, 0x10000004}, 0xc010)
openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000100), 0x10100, 0x0)
r6 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x7fff, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r6, 0xc0145608, &(0x7f00000000c0)={0xb, 0x1, 0x4, 0x0, 0x7})
r7 = syz_open_dev$video(&(0x7f0000000040), 0x7f, 0x0)
ioctl$VIDIOC_S_FMT(r7, 0xc0d05605, &(0x7f0000000180)={0x1, @pix={0x280, 0x3, 0x31363553, 0x6, 0x0, 0xa, 0x8, 0xfeedcafe, 0x2, 0x6, 0x1, 0x3}})
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0xc8b5}, 0x2)

15m20.601913137s ago: executing program 4 (id=182):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r1, 0x0, 0x0)
r2 = socket$packet(0x11, 0xa, 0x300)
recvmmsg(r2, &(0x7f0000003c80), 0x3ffff87, 0x2, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)={0x24, 0x25, 0x109, 0x870bd22, 0xfffffff9, {0x2}, [@nested={0x8, 0x69, 0x0, 0x1, [@nested={0x4, 0x122}]}, @typed={0x8, 0x3, 0x0, 0x0, @binary='G\x00\x00\x00'}]}, 0x24}, 0x1, 0x0, 0x0, 0x1000c957}, 0x0)
r3 = syz_open_dev$sg(&(0x7f0000001600), 0x0, 0x22c01)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000035c0)="5c00000013006bcd9e3fe3dc4e48aa31086b8703340000001f00000000000000040014000d000a00140000009ee517d34460bc08eab556a705251e61", 0x3c}], 0x1, 0x0, 0x0, 0x1f000801}, 0x240000c0)
setreuid(0x0, 0xee00)
ioctl$SCSI_IOCTL_SEND_COMMAND(r3, 0x1, &(0x7f00000000c0)=ANY=[@ANYRES64=r3])
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=@newlink={0x34, 0x10, 0x401, 0x800000, 0x0, {0x0, 0x0, 0x0, 0x0, 0x32b, 0x3069e}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bond={{0x9}, {0x4}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000000}, 0xc050)

15m5.153546727s ago: executing program 32 (id=182):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r1, 0x0, 0x0)
r2 = socket$packet(0x11, 0xa, 0x300)
recvmmsg(r2, &(0x7f0000003c80), 0x3ffff87, 0x2, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)={0x24, 0x25, 0x109, 0x870bd22, 0xfffffff9, {0x2}, [@nested={0x8, 0x69, 0x0, 0x1, [@nested={0x4, 0x122}]}, @typed={0x8, 0x3, 0x0, 0x0, @binary='G\x00\x00\x00'}]}, 0x24}, 0x1, 0x0, 0x0, 0x1000c957}, 0x0)
r3 = syz_open_dev$sg(&(0x7f0000001600), 0x0, 0x22c01)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000035c0)="5c00000013006bcd9e3fe3dc4e48aa31086b8703340000001f00000000000000040014000d000a00140000009ee517d34460bc08eab556a705251e61", 0x3c}], 0x1, 0x0, 0x0, 0x1f000801}, 0x240000c0)
setreuid(0x0, 0xee00)
ioctl$SCSI_IOCTL_SEND_COMMAND(r3, 0x1, &(0x7f00000000c0)=ANY=[@ANYRES64=r3])
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=@newlink={0x34, 0x10, 0x401, 0x800000, 0x0, {0x0, 0x0, 0x0, 0x0, 0x32b, 0x3069e}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bond={{0x9}, {0x4}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000000}, 0xc050)

14m33.10869992s ago: executing program 0 (id=277):
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x20, 0x4, &(0x7f00000006c0)=ANY=[@ANYBLOB="1800000000000000000000000000000063019f000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
socket$vsock_stream(0x28, 0x1, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/anycast6\x00')
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="04060380c902"], 0x6)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000280)={r0, &(0x7f0000000140)="2f70286be4cc39d9122111fea26187b4d7b4f05cb1182ce5c3c16cab6fbe8afd21bfdc72118a1e064722553c2e07c6673c05db4e631f75fa0bd17130fdf7b0a1d9e3f8b85b760ce66b0f1a9e3ef4c2666e44c630d22dc23677e29bb2db957ecad7ad6ec073d5b63b4c312985391c2efe872c30f700c3e00e9a2a5fd78edaf398ac346981efa68f343aa108f00d473689ba42c2fe0a8ad719754b1ba7af18a3b2c410d668303119f9f4b33e352645d3526aca13be2dde8d8d3764fe55cec9938e4a25f4fdf068", &(0x7f0000000240)=""/29}, 0x20)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000e5876e4040200516940a0000000109021b00010000000009040000015883b200090585"], 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x28801, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
close(r2)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x15)
r3 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = socket$inet6_icmp(0xa, 0x2, 0x3a)
sendfile(r4, r3, 0x0, 0x7ffff004)
ioctl$SIOCGETSGCNT(0xffffffffffffffff, 0x89e1, 0x0)
pipe2(&(0x7f0000000040), 0x0)
r5 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000017dcb4401e04114098af23000001090212000100000000090400000082dd7b00"], 0x0)
syz_usb_control_io$hid(r5, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x24000010)
socket$packet(0x11, 0x2, 0x300)
socket$packet(0x11, 0x2, 0x300)
r6 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r6, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r7=>0x0})
bind$can_j1939(r6, &(0x7f0000000080)={0x1d, r7, 0xfffffffffffffffc, {0x2, 0x0, 0x6}, 0xfe}, 0x18)
setsockopt$sock_int(r6, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)
r8 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r8, 0x8933, &(0x7f00000000c0)={'vcan0\x00'})

14m31.405193462s ago: executing program 0 (id=282):
syz_extract_tcp_res(&(0x7f00000000c0), 0xd7, 0x2)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
r2 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/comedi4\x00', 0x40, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x1, 0x31, 0xffffffffffffffff, 0x8871b000)
ioctl$COMEDI_BUFCONFIG(r2, 0x8020640d, &(0x7f0000000040)={0x0, 0x5, 0x5, 0x24})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, 0x0, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_emit_ethernet(0x52, &(0x7f0000000840)=ANY=[], 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x62001, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000640)=ANY=[@ANYBLOB="300000002c0007012bbd7000ffdbdf25067c00000800f57f0100dd80140003801000018000002f80000074000000fe000400000000004c0000004800e000000200008a00ac14141592557b1db244ab351d2a49c5d3353e00a7c863b7a4e97cf78a6d05ab3f777541105a91db173d000000c3beb899adffc9c05eb8c1126ae35569f307076b0926b332d3469eb51c22e2ad08d45d9a15c8e07521442eb906e345d5f7f6c5826f5fcaef4b5dd7f7938088ef6434cca8de28558248719d15c75c1e7a986fbf19734b1cdba2c8622e21c82835e31a63b9eda6cd5afcf7d09d6c35db1f3455cea6e21829a8ff488d88ef4d77892be7211d9bbaa724fafb6253858450c6b156518155ecfa7e5d2f00a7394cab8c3dd121484859bc94b7a936aa00006500", @ANYRES32=0x0, @ANYBLOB], 0x30}, 0x1, 0x0, 0x0, 0x10000004}, 0xc010)
openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000100), 0x10100, 0x0)
r6 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x7fff, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r6, 0xc0145608, &(0x7f00000000c0)={0xb, 0x1, 0x4, 0x0, 0x7})
r7 = syz_open_dev$video(&(0x7f0000000040), 0x7f, 0x0)
ioctl$VIDIOC_S_FMT(r7, 0xc0d05605, &(0x7f0000000180)={0x1, @pix={0x280, 0x3, 0x31363553, 0x6, 0x0, 0xa, 0x8, 0xfeedcafe, 0x2, 0x6, 0x1, 0x3}})
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0xc8b5}, 0x2)

14m30.044604976s ago: executing program 0 (id=287):
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x101000)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000000c0)={0x53, 0xfffffffe, 0x0, 0x2, @scatter={0x0, 0x40000, 0x0}, 0x0, 0x0, 0x800004, 0x10030, 0x1, 0x0})
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
connect$bt_l2cap(r4, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
setsockopt$bt_BT_FLUSHABLE(r4, 0x112, 0x8, &(0x7f0000000240), 0x4)
getpgid(r2)
r5 = syz_open_dev$mouse(&(0x7f00000000c0), 0x0, 0x2042)
openat$mice(0xffffffffffffff9c, &(0x7f00000002c0), 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000040)={'wlan1\x00'})

14m25.743245088s ago: executing program 0 (id=288):
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x100)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000042c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
syz_fuse_handle_req(r0, &(0x7f00000020c0)="5b095762e4ceba7d280612b7511913c90df9e94f4e38e6e5dd2dac0bd4683a92d758ad90f9e2842073d15a2d5baa4db0b69c47e278e3f50f394189dd7fce63890ce3ed1f24e67a79c1cbc5eae3984e9d3e8759a9229593ad412b129b68928ed908711b6d1213f9355ff80c2579fa58ced926b267a2264063dd3fdea384c58f4ac5bf66c361e8ec046ddf824495c5b6947ebab4e24257d117313fd45b6873262073e64e3da2431276466d75447ae3eb562d00423b8edb3729fa059a5f004010d551edb43813821d27006eb0eefa536590139123f218b3b0e2d994953269636885ffa849a905e62cfe5f64cd04940568809738ed7306e2430d382667d87f54013a5cee43dae2ee75111ed33350d86c757a8362a81375befca2d0f555cfcc58af87c184bf154694ebb8f0b6ef09f13370833a44cedd5b3091768bbbbfa1d0859a114ea6b4d9f25c11d9f3f45db19fa5586d36bb6a8a15f9d55210caaeb983f1d2e6688e107b6de6cca9d9c640afab7620dc440e93f9d5e920e8fe7e74bbf8754a7195110fedcd8269be84a945305ee09de4997a5a2796f5090d2f9ee3bc0b2228c389ecb6468c24d2c5699dc30e2c9ad71ab272e16a4a645516458bb1f2a92b6ff06bf697503a43205473baf112ffe468a9c727ace967ad603d335ac634db4534540ef15611f113ca28c3a3cbc7f6c96945bdf291cf39a5bae0277b51e959dcd26d1117ff63f1bf748c845b7641905f83f6a0e468c75f88fd74d36ca638e5fb055dbd55c14fe30813e2518e390dc65db7372755306779d7fb13fb9403578fe91422cdb8dc8db0cbbc986369ff7780afab5755a039b37364347d73835c96389288b3768e1d4e59cf77fd58228100d397badfdf52dd5eb453ccaad785d21418e509f734f19e8cdb5a0993ba59abcf654625000eddf387d0c291a3000e87c4fec269a9c787997e0d106fcbd9f488c75559c0664be295d8dc20d214f17c392ba0bb73df8bcde0f47e449ab40f51b02bec01fa48171e5e39777aa7fd94525e76d78e2f2e692eea0ed254b2ce1db59e5cfa91d9b30ec2d39868c32afc6797ff333b1ce9dd2c0b3034124b1c004d9dc0cbcd4432006d54528e3e28e96e911eba7681a035d4e4551c7b497cb0fde2845ba18c4b8b19efe147d90394ebed77e7c0a3702fe2b6df71ff354ea5d55a77c899975df86aab5abb2ce370f3d8f4bfcb417ecb82ea0746997a1ca1e9765251a6d33402ad0c0c151fa1930d557248f2aef24e59821f7c649f6824f3a00cbc60c78fc3478969443b03cff9bd6dd1944f79fa7b55005874a7c3b6e6e4e19c84975dbf266a572fa0653111af78e2637f9588ae0cb8283f29f55b5e03bfa9caabdb322be5a2c097b8ed1fc6b5de9e2d9833840da9a036738f5a260b2bbbe0392ba7d982bd567573c9a8c3558103dc62e16c0072a97e2355629fc50960bc3b89949a2aa52bce12379c500e767a986762628cff8f69f73d359ef604a48dd15e7d5c298330ba5be94afcfc913f8329aabae358a9b936e6c19f9a0a45f239eccebcae9143aeb66dda74a0a9714038db0986fcd6c8b2f27330657cc35a1e1da3e4805d4f360cd2de4f798bebaf60daa49e5e4abef7dfb930080bc962d66f859c2138c3d72cbbb8ab11ba47d19406e2fbefb30751631e1fad5cab36fc18907fc4790534fe4ef07b2b0058ae14e0762a4a185f1008f4f4f7b8f30aa62f83806a7ff0e0bca2178981a472071f7bd2ba12578b53a131ad4643caacb8cba98caca210e732e7f2df5373f0c637826c4daedcee4d8439392e9e817fc01f3b504142639273a73cd6f5c8c8033e8aa145359ee6808e4f7b10d35646e642f1c2693002f4bf321c72b33d2a7c6bf1864cbc543d1b07785c12ae87f908498a18b32be69f11d8db79d899f605b4c8bf74ae5cdedd5bfd17cb24469076e9d357b7a0abd9a55384f70ad49997948037a630d2d016e85d468c53127b09ac8d7314245ee0082aaa56559c41ce1a986b04bc21fbabaab0731a870eb0aa98d02ce78ec899b8d1ca5488d0492ad0eafb7c17170806f229fb01739d6ec50040cdbcfe16089e478ffc1713c06bb0b7db29f6a5c5ff20c5d1168ec0f138d36a9465e304c3ef6bbee4f6adb26348b469c0718ecd34f0f4ce7886690fe17c8160ec5ba873483ade45233392be8ad11c97f95509d8ae60846c62f0ba45f5f23cc4840280f043677ffda3385d8f4a3a2bad3bb8f9077dfadfe230e6e093eccb4ff6c0e7cab3df81e073c880f9fc41a404ec3144507ebc53c0778068a3ed3abce5d90ba084d71d221373663e9a9686ab654eecbc45fb0bf308ae22543ebbe65996d329018bbd6d4426d774a4babcc3e97c95acc40877bd1120f0208b54541138f4eb88517e2ca4562b409de39c41d636a0f3594f3d065c2e710af90aa55d0ecd20f383dd6fac7c93cc6011469fe5f4fabefc0c12ac0b77a1f44da769a1b6720a29a7969459feb18f61f73457b2aff8b410ff264d10f4be0ac000c4c6f29d656b9a1887df1eeb786bed0c5ff84be315167ad0506786a9cbf64fbebb4d7eab1d9bd9108bf10dfce2559007edcd6fab26b195534e06a6f3f862e351b7b68fe9e3eb6bd9f47f83a6bf49a36c8ed2f6c8c5d3bd2f4a33d791ea61ee2e21a46e46807add328bb3c3109ef7a402b9e3fa16957693dba1d4a4c361bf6848114cbe29e601bb38a532a387edcd5c39b1171471d8590dd4fda56c7d43b9007b1490ab3219d598048fb50d9290713c079031642fcee9d2ebf03c193ea152b30a1ef9e1b30cfb7c3069432295befdd94bb04c8e9d67e367b787031515dc4f64e3496e8c2c390676c7a89a85c02fd681fc7851c0f652b3d9444002991620ac3a0ba7a77139bea95fa8d053359fbc58c392cb194ec3e6903b841404f735f37e5d1608606be851db16bb9d0d659cb16a3edebbd3613f16cd52b5398196d3fc031a611e7b8d61e4f91c2ab9310a6ae26321c7486568f23298552b4a824cb797b3171bf2f7e2d8444734aa8af3a720cbc8a61161b462f9189c11d687948b7271226406f37429ef09d13b17dd21c4e72be1bc0b816fdc096312aff7f19f3a2181ccb08d1f92aa003c284fcebcc8584cfe242dc8fb0e8cedd71dc2ca48df33c9e650e8bc6f331f9eecb4c2de8b75133760b4c51948b990675e724a68ecae3f2d88c7abfc9bee0875f7feb691b813c1825a0326d887032b5016b69c228cb01243d150c6a188cca6d22f469e6195bf2f3d6d4cedd8ef43e9486f5e9cb9f70e5a92cd2e62bd9c70775d900784bf6283b074c9c0df6e5da7465fe30fd723cd4918dd3da6b7e5475c89d34a4075e94a938047625efa4fb8d02b8616f4f84378ca26c875a364e68e3a02ce5dccb0dc0b686ec52384c076133ddbf7eebf178411109c72171a87625ee0607f94f1ad9dc795906ec7012a51d3621f4fa19f25891d8415bc4a0e3273c21159bff5ceeba3767445fa6a24383e5f165a6fd4fa579a02935943aded524f6d6a540d67b44f4d7d0cefd1c08a53a1a06a4ab5157f8f64b22f3875f6c9fdd76507e277691aaaef9a90352cfbe5005d13b35fe0ce04d3b3362590053c5a7e3b6932364426aeba2bd79943a2b50d5856d3ecfc74bc02318f9eaffdd08f20560bd1d0f7f643ec8e05fc19a3188fa77913092b0ddf40f8be0cc278998dc32da328ddead37f6659d780bd530a48b4bfa230370853db872385b5ece3a9a1f39c69a2f7290ae92f769cc996ad69e22038352fffddfde95f9951c4e0029e6244809bc8d77f262cd3057ab49277ad4edc55f94235c01f774de6a7e61f5e688d71e26348cd61c30348bdc9debb28eff7206bd67bd92b038b584afa3526c32cdcad81402b3642ee9fb608a4e18da9b4250c54feb404cf636caa798bd7e1087f60f424904616c959548650976d8577176356b2d47f46417f00000000000000b1b7f9ac7220efbdb49c081dd38f7c8f718f2969237a49f6200d62e879030b0b6229f39dcac78af38be9287fe0bd04b2e65e8555399ec5613856688d547bb43b472ce03ba3190112a004def789771f83faf390ea062a2b093aea35027c6331d097db997a612bfddeda832226851a751b2116ede07459e6e1717a47cb2f93d7f140361183f5d2a0773b8ef0e458b3489176672223eff9701ddf0a3caa2848feaa54ebf4943b409fbe9369b8c2d0f27a9fa6caeb6c321b19f9e7daf7410142a8e1f1649a855165b6dbfa61570926069d94894f616ef85469113add5fce8db6f22a1bcc3f93b75d94644ff75e5716536c727747621e7664a93519faf3acdab5f29b346172892697909f01051474bb8811d4cf1bdb32ead2364a2d89965fb7d523d5d31f7c7bb891e49d0387c2b235f610fadc23b4463f6a31d4a8a068b8e392ed3d27dd27832c9fa6a7d9a170137cef0bea684311e098b6cc60f36e09b1abc09cb089364e0e256f5d624e6098f02e53fc74724ce9f1d13517fa53968554b523c973ecb03643ec452addd7b566d6d12cad7a0acfdd8a97fffeae567c87aff01b2be11e3a95c54bcce3449c4564132be69c08f309ab97c57349f29a1b8d3d78bcd623409966550e294523e21750930b97f012c4129dd0b55142b4c559fba8cd07083cf6cdd0fd36cfd38f3e0de2da821f2d9f79f82239d6ec1db4dc9dde063e35b1d5ffe929c56744c56c3862b8bd8b95dee19254cd480500c2942b594f0eaae14c3eb07d9d1c5d201425e9e3923b41457fd7fbdf747b2fbc61480aad014d8917ff8f5bd048458c55348b292ff00026690a04a07e90fc0373e1b6ed62ba81af0bc4bda161ef8400887481fcfb8cdc4127500e3fb2a071896f657d6fb04912f3395e5f9e66eab3b85c28a2e37b156511bad5b0d2720670e2b1a762333f42ba528668fda6ea0a80a398129eb3347310260f9f26d5ae249bef77d51d2ed248e0775cb634e48c830cc2c2512376bc411258edd8f73a2d7adbaef40ab79d2ae37f27e2893048d59693a355c87e43b53d545c16997fa318f1bff6a7edb29a7ab80a2381ca828b6d8c5d7976abb11d955faef8b8d5589fea555be1803eac4730a4b9ff3477cf462dda1fadbbdbbcf6826276144875d58e12eb9670c6324f0249b220f1336f9ba43b732bd8c421b040680417a1f68977d6beefbfa9358a4d861cdbcab618043e661208b6939313e2bb01d77509c1df93d87d94da5737d2a10a935b44b264fd232dbc2e59036e0d690431627e0903343b8352ac291eea31d1424c34f9f8fff7fd8df9f6330f88598004a353bfaa5e71d039b8caa33770f9050dbce61ed1c2c0285d23bd4a0b4cd9237ec7c2773474d02881cd7d5541dabca4bafb11f7362160c4a871716720d8d2e26c0400b4abd45c93ff25602d93a1031ffaca642d6f88f8b7ba38de3d8cdaeb89f8fe8de3f0c089bd8b360552d1c26845ccabd2d86acedb16f20640648527a420c497c4af51ef463ce1e3fd8f70f06fa016f12b307e1d846ca35e0f22654456705ce42334401fd2e993c6744918f578fe4d1ee955b6a5a15b11f58357036ea2c3b03ed9676094fa9693345b0db656273e350b10815755ff9010769af2fb6c5cbc859cce9c8a313cf802a2375d1664b61716067fec9609928f0ccb97397f52765a00334c5a620203977c1df6f9a6f13e46e3be2503ca6e1b1332293dcb2babf2f6019a99274621d0ffdafd9447ba70c948d4c8d9b5b093d36f8e6b8136b16a7da020cf6022b10cd13237aee15319c83b0522aebf523b13ca037d0aa604c5a53fb6536edb8a3d0fafcd66dfd4cdb461f8195c41df043fa6f46e490f43c71422e6de020dbe2ac543c516446ce1ee5890df424ba716eb91da1f8e127777a0e4396fb35654468747179d2884951e06c952f7f1ea15ee46b60aa15e562023eebfc3a79693adcd67fb23ab6b74b55b65d8421be9f454f8d89bd76340c46d5309c892121dc19f8124cacd2b8da3fc0c0ab92dbb5e0537bdbfcffacce03376cd10223815f7801b1e20e32080694dfc8a416e0aa0fc76dcfd037366406aaa84d48a8cbad3fa48ba342ec4aa02f391c6039403fd4dfd8a5cdf4b8c4345febc085798b5c7dace7a3646e2b9e4cf57c13b959f21e33bbfec54c85922a8095f2c2de1f1db72493fa9756d69b0ace403bc48adde75bfaa4d723a8dac4dfd370cf02329df1a8e8576e11fb8137910cf753cc76585a2d1c7a0da1304f44c26076d87b5d402c72a724b464b5cc2c0ee6d1fb472a40a41e858697dbb82b6103fce576063d2aae0b4dcefef78f8de0640c82d955c72f5b1280973410100000000000000b419e18c7c62e080b8034ac7e1134524c1fcc4f93833280fecd0ff424e39cfecb21e714e0f9e1843296cfddea2e35fa6a7bfe6069b366316ef5e6b73aea9e069d1538eaf11cd503b50435e976dfdd39e05918be1b4f91005583c8b84c33b13692bb8ff005fb9d29958f9697cc83c48a0f3666dfc6cdff0d5f923ddeb4c74db22597414f1973d3cf339af2b5b2640857c232788e21ab92cfecf7938d7ccc0162cf913d88967b5abe80c61d3ce1efd120a856ae450e4d7593ebad568a74c7f5ee1bdfd17ef1f72e7703b36b5001e593f1c6908edcb023095fa059e97d68af2ea295b766aaf819eacd85946bfc5bf0c35363530870cd8ce3931ce7c3885fbae123dd924871797070b80ff914b7bfaed7d0a54a372716bbead8797a49524e77025bd9b62e1fd69ec8a7d55741716df76be640ab8e7c44600882d316f220780013a80ca957fa9ad31c910e3565a8e1e1a1e96c5362bd0cbfac2a53328df35fbadc141f10e5a1ef3d1bbaf877d0659b051de0f7636712cbbbebf095718c96349a96fbe6e0389a511635f0cf31906fd6bb6c2d7ad9be31e9293b418f13c22929c90eb0950aeb343b61401e632fe3de3dabf51dd308d17d6d6643f08c757ee17131cb91b611d20ab2ab35190859d8e4d76a44199765c1efa2bdf5e3c3994585e0a7d866dfe5be4601442da0b686f4f44ba8dae33d639ec2a5acf11e6650593bdfdcbfc5860144a15734eaf58e9e2f5495471ead9a25ec659df37e11e84f4dd7283687533de576a9de4b705f9e35964849206259862a5a4c956d26945ff0b8456e536d72136b4989ca135f00026107662cfae9696f2bf46a8b3207330961c8b31c8bb8dd2b0a6c3a833ab7b7aa97df0c14941d1833db60892511ce0a77f87bf54927f3d912de88581cbd301e87554f76b46a850177e550924db74794f6b5f8db5a74c1f932b3b4bf4ece2cf045c4fd490906f2ff09bdc8f683cc61a5923be82011fed297c962f8d7690a9fe980130d4b6545cbdad82ce198c8a1b884bb36288dac252c69b0d8a4eb53767d297eb64ef7e9f90faa994863efe194040a984a1461b04d1baa746afc353e006b71d4839d4b2ba10d681c344642fedeb8d6a2d518a42c9b252a7d6ba4ee5cbc7a81d543af5fccbc284df3ccc226dcd79b20b987b30ef767d2f810fcc55266802abc38cbed144621a6c0c52bec0706bda66bf7d5e957210e2eb6fba79d7deafbea073c1e298861f46c6e17523182f67e133121f3ea2d8316ffe6de51fb3717edc99361c979e9ecb51e3474a15accb8254003358975b786d81281bacfdffb655a5855da5c5edabcfc5e3e5ca570c16efae87032d3b85cf3d52b020fef5fa8339f776a2d629173252fefc9fb2085b49354fb255b0ca941d60c41a2cb10c742af0ea277b65b960f49184297336f1a8e049eb80c3d40ef78b0e8a9a4b5848caf5131b2773a7c18421db56afea355d869ab81f0f7e753651e8ce742c379ee4f08fe23e7c1307bb9f00e60a4cc804f4b47ac42903e1b1ad99ff795130833a202c36afa8851a7ae7c0eb7d25b006bafbf6b0f579e910c9207bce105f73cd219dd352af1b3250a273a7eae3fbbb8ece80d2b61591dd25679e541bef9579a538e0c0fde66ddb176c84c235de570860128ae90a44e8219841a1ed84d5a3721afce3b24e0173542644cffa2b2603171bdbf3a5b2d7c9d51b7a31f7b6675d98938c8e003fc26a2931811dfcce100fd5eed707884c9f1a9ff629967eaab2908f2988378a271c373828a9a836dbc6b1db9881bb30509f693a92daf26f0741b01855af81e594c318f0dd13a89e87fb3d7b3527e7b007bb2e744a322ac3a40e05d24619c3d41643b6b811af49eda5448c21af06b8707baa6b8a2f7690966152ada65a5253aaece296c1ef46a12b399074fbc40a791f4677f05109bbc103c5bd37ccf7b67e4fd6b6ad97314a9dd236dee6e1371186ccc03d4d8560a22cb6709c35a391481d659d7ebeae325f5c9a20de7374b6715b4d8e77997873929d7339b20ed8172d68b0510defabae5712e5509e41afc5d8bc531e296832d285d9410a0d1173d194b3d15571773c97fd12b817fc2d3e0eb6a4bd6720f57d487023f52e3e0f7dbb0e8a7807283951bc8dc7344afb95d8d93f34020d7b1d6b90bf0520a35cefcc8895807286f624c7df58c89d3fcc2495e3acbb98d4424b1c1d199878dcd9ac5e7a2b216aeaff32d04b74495d16a20aa5854e750c0a66f60c69db44674d695eb8d3bb7ae36065d1e6efe9d68527e57c21dc4bfb33f4d8625a95fe3d2d3ac42abf540dd46e32619e63f9cb40e2de1b6c2102553c1907f6c62c0c689c85a1aa0b1e801b0115aeffb9618d1b412d9d7be9fda786fc9729c6819f60dff95c14720ef7afd69e92fd36fcb3f25b5388f15e621593132418a5caf60074ced3e1f6b0120fd162ac0e13395cb8d4462dc32406c9a04252666ae7e74e9da335522da7ac76d377ee77a1a4d4fb0ceacc3259d486466f8f45f795bcf04ad2935d7a4b0aed6eafd4bcf1830480d044af5fba3146a7730aa87b3b33494fcc3f4111507f059c65b82171acfb5a3f6c7c9d3b156788ecaf9b3581b36d0a059e28fae2f3f40fa631342dbdd89c28429e1eb511121f2dff45f73a8eebca82caa064c1e158dec6d8fed2d05e3090f70cc8406d3d9cc429783f60e63bbddb2a61d6e995238ee4f0e3eeb23bc529535dbdafd7db565541ca2dccba24388c7cbf1989e9d71eb2a3804b224350fa30e979c08871e5010a32ec886ed30128f6e509ed87056fb45e1845282b5acb1262fbcf5361284a12a009c0dc914a20572e6c4c61bfbc5a01fd9e605aa95ae85fb704e8a59580fc00d0720c1b212c44d33c05193d4c6f9f87406c0be25e5d9cf7f548a2ab9cf829a543cbea4c9d338790100fac6cb3a3c989a1c53f581b459e5b4d90a4c08b633d54c9687b33da736ec62f141b50bcb4ecc13044a598696ba9c0f9bb9644565ab5c2163df0a47f0b7362c0e51746ad2fdebb31b57c1ccbcd8dbb0071c0a69280bd8a7e97abeb6ee17e8cf704d24229e55905b5799ed5d7b98b08a6a7da5c31225edf80a487fb897301b0d134b953c918b320bda3ab29e69f759f1bece2910079d3aea3da89fd6cff8e4c2e24c1dc1a1d6f222f45f61747c2e0d5962846a85180d0b0963d33b24a2daf082b69f2957f6e90e69841b4cbfa1166226cdd6c06c24dd89c2e9b1a495851e1e5f7e1cb6944f660f65ce5e41b12d003e365393b15f13fcaf21031ca6ef8f270c0109b1298ac11c6fc87397bfd5b6e96339f2449082488e9f74cc5cb08f85d9705c53477f25d2f988f817014f2065261e568d3e8175da7811f1a05cbeb07f9b0a156b6abe016e9b8300e212b5e5453c765e5c466e88a5d8f98ec785df0267349c8ee49c18de6d3910d09843310a390522b8751433ebfc6206f6c3e654e710d3a3f76b1ac79842c0451d4904bb82fb631d94dfa7658727f2ac53feaa2f120202d616a9db782f5c25a2b8c6ab387cf3c5dbfdc2631891d875a0ce758bd35772efd9eb1c18a1d92e7a45f958721216585f2d85b8826a16c5bc4e528626e80851f49f29e2cf7f6ef9a6b8b3faee63c8da84b12ce71a153db2af86b29496e52ef13f9f9c86f05001b61f3290b565af6c8c404d2bbdfee74c1f623660647150d487bc5c4a0ec8509c47e89e795ad207463e1bd4f0aadda0d735a2f69028e8b361e4b259eeb81113587fc2fc28c26e82949a3f0a6e9f86247d8408ffbfbf96dc892dce4d8759130198b54e6305d2cd07835c5cf9659920a4cf024285b7584b70e831256813fa3a200f3ab8851b411d6cfb91bce34fb0cf503d439ee1b8fc434cac3a318f1bf65402487503b5c7bbb076ebeaddb2ed22b444902b24cd9c3375621684dc854c4af685b6f768c1085862e94ef0337a4458b1dbb3ff0c724041c82aa956636c40d15dbf0ba1f7b8188d48b5520fbbe65df81bdf86fc2480f65c8ac523b1cf57a37904ebb704b4c27b01f60b514cfe990220f187943ec138a673e08a52477cc2f3cad746ee251ddbba7ba13101eae9d32a20df248569d1ab882aff778c544c7b530d5171f04d3518b4ee6a99e07212f8bd72697037551ef3ff35794e01cba640041fc910e599e3d163577f6c837280f84fdbf9a54a1744b32f62834c9d5cdcb94cbd184687b89b3a9cb8a76be61e5f8bf5528baffa774cba2577ffddec869bc24eaa6ec0cec8c6afc3cba22891e8b09fdb5254dca8117e927d4d8ac2ee20775ca7793b82a1d94c0555df748fab1ba794fa608ed282190e5f84eebd49fa12943ad56f205a2e843429bb550d5b160c74083be846d4d70e4e5bb6c2bc5ac764e5c29029604b2bac9eed579184f7b8f98dbd1a168196b42cb57347f6e55d8e4126e9a51ac2daa61e74ba71188606e2a175028b8634fe1c9a636061e163b993068a13c5e9904e1e2c128596768eb842111569526d128f249fc3f7ad4bc3999b1001af8faffe9b264697bfa964e4d5ca4218d1fe0307052057c04435e4a853f44fdedb07083c85fd32a5ce0e0179d97ab921cd541a5def8c3aaf2b63857c195098783e340675e41fbd73657c83fa94781b910a61d4ceec44d7b8865f5a983b56503647f8fe63fd81f67484753a550e1f3b19ecf5c82e0a84e45ef36da1506cb0c083cb8f24808e1d4a9e2990a25ba8dbb6f5d3eb94bf5d9dcd65ed15fea1a995578b8ffe8ffa8f59eab41607774998459527c2f5447e0076506a3b10dd03ab7c858ed9f800ac489e1cedbddbaae0245dc1bb7b3256e686c9b280c50c49333f6d461db5d3e945309014528bfdbaa6b5c94efce80be1b9174a42bd08d2113bb26a0168c8d25758c993e9623ef9a35724e689a903c0712792d9e76f3e2399ff371d47151c9cd559f53a3e338acfe715ba3ede12f8fbe62cb1ffceee3de90d78f63db72474caa58c4e2cc1436419de2f6c8b738125b0ad76ad393eb162aae5d1fc501e6ba51a2ae5a47628a92bdddec71bbde7587613e293be04d6a9a3e6f886f25aebf4569a0e1ea5b3102efbbc051d368b005c791e0ad48b0569f4c3918080383f7789447e5a658e26646d39a8c827339255e766e2535ca2a0c87d3153823a27b8ccf1cf4c30c71fd9b265b00a955caeb7241a894a86e32e51ac7c729c98f4ea46e1fc90da62b1150afdec4c1a0994594bd14e59ae2abe2c4eee60194eba156e1aaf118d017c2ce4b3e92004aa6718e4abf7ce72df63fe0ce6496cba35df00d5760d634e1e934bd", 0x2000, &(0x7f0000006e40)={&(0x7f0000000340)={0x50, 0x0, 0x0, {0x7, 0x21, 0x10000000, 0x20200000, 0x0, 0x400, 0x1fc, 0x0, 0x0, 0x0, 0x12}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
setxattr$system_posix_acl(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000080)='system.posix_acl_access\x00', &(0x7f00000000c0)={{}, {0x1, 0x5}, [], {0x4, 0x6}, [], {0x10, 0x2}}, 0x24, 0x2)
syz_fuse_handle_req(r0, &(0x7f0000004300)="e05acff62a41134e0f28a6ba227995b05776c837ab3a066a329e33b775d4586b7a0c48f3471ede96c5e03e1f347acdb576b1b8c75ad4fe76f3ceb2331adb9676968ebcc8bc70b50acd984f9067e2499ec9e28061d978efb1ebbb90d82d973c7b4bdadf6dcf1cd1ba8a4b8882779ab3c5a956791fcf5097ee4b0da8d910938b1edf34fbb493d106ad0270110e14f0c94d02e722ba66bc7e3d90197f4fc676d18723513482dbaa39e68b3a4c0d23f9706f67f76202f16de2f3a40b48a2de184a15f89b2935a65017dbd8783a3d9153c275b72470d0fc15920a659c531d6ca85c36012deb6bf650f9d0a598707c1798a3636b7339a0a5b0a3a62073dbc94eaeecccc58722b8d76d0a447fe0ec7c122ee5d028f5dd17813e62da599f209c621c06c98e0440c008b8678dd65ec6ae2b0b659d6883ff1170ff904db86d0748e8dd1e870c6255ddfc90cbb5aba594c593f64f518d69ab7e02425299303d7d37d5ed28afde8fa2daa4627855dba7c4ab12209d5a836ea0c4592cba568dabd5453382eb5f7e6ce5bd0489b876d4d1dabe18f0440190f5898675bff139d7e8c953abb31383b932a67808cc2a2f67cb714b9a2c8e75f68c21fbe56ecb49f39136b7a0b7b6a53a93f33f9987fb7e7437a0852b9194cb75bb84f3b40f4617ae8ce9a8da6ca74d4e7c737bbc5126b0b8bd0c86f4fb861fea02fd7b8649fb1c0523b30f28a24bd7f58495f29cd2e092f5b6ff29f4de5ce56894fbd9fa78df0fb93efe2192e966e14bc9bd4671b0a2c6873d7750773a8aef7f1d35cad742e64664dcd277b2d604f564fdc519911c0749575c7136226cd68f2ec02a1563c727c1eac916cc426da130ac5c5fd6c0169161c2d7f79fb16b9d8025a6c74e14abccaaf30e5e39806a8b1866cc62e8e238c38036cbcb0abf003861103634409202ffac458605f599ae67db8f4cbd45f72ac9bfd126783135f552dd6639937ff0f77e15ebf8a49fe3d6a7da4fd6faf018b62956957c13ae52537c5ffbb4b2c28f3076468b1d11b018b6afd86f706f17c4babd4987bf9afe98a4b9aa357137d9383b8fb6ca370dd2fdc582aa701e85d926bf3087565231d6089911b2cf578786607ec5849d3d58dd423ff4558092c9a22a1153b787f37c9075555e1d06bc99b95b03bb0862da5be4f8d4718b1c6b892c1ad1138cded558e910553a70699e9d6ac935c227bd3326bfe40f389b16517801826d0ba7a1d74528fa273eca268a74e11423f0ea00e2745abbb7342c846566cf067b38a308babc8a45e607f39b66ddd2e772867cee3e14b3e7dd8844c3651330d15db8aa51d94c98ece900f4443bcbbf8849c3fafd4e5d4e1e5ea4306c081438e1694c59bdafa3b6bf80302b48f09a541dd30db6026ac247303db3facce171b64b48a74a1865db29a15db73f6989f7e5d6b6f39431511246b2ac2873dcdbea3fa5636af6813c83a7fe8b3b7936911a6a47f10823188d0ad18dbf3e4c45c296210e5bfc3abc3dc3836fd60a691005857db271290243709c57fc1ca3ad9a7938550b81b473c66e614fdf7ff35b8e19e60f7616ed19af91e4818c5b2c30f5ff903a3da9c7b7debc5d1b9e41f4a12f122a727a627cc5e6a0f8d81161088a93e4d0e592b7e977287833ec9446a6b44aba303e12ecc19c7fda316f6049db6bf1617f6fefeebcded95f75371fbd6db605ed7b77f8f91ea27468a68e068d1aad50a4118bd619aa85d1f5ee0eb9bbdfcad7335628e3ae1340681ce824204a9997f8aad87c8ce0534482cd748148689ec331002203b94af4ecd11d5b75d80838478c26cfee0fa076c5baaa82483b04898ead705bdb37247956ee25db667ea6668a4f3082332070489da02c3b5d25091e3a00f884265185a28757cdeedb3a1e4a0ada801d4a386fbab0c1de6f35fbb6c7d81fd15370909a387eabd3415f146129647a13f20ccfa69e436ce067ed1a9e0dfb877c85f0b8032e64f5379a9f5a92967533f9b45584ce1a04b962306d2d707e0e462d9d2ce94dbf4c52835c2bc005d1c21fd4e64b0f2578a072d8c442c49bb9450a8fcb49a4b2167912ff1f5946585983087deffee403a0c079ba90a0b644584137c58626afc604ab684650aac5ede8632f3e035da41c511bfb25a62d0a283e35fdd67dc0ef135d428297805b5fd0ad62294531f46171f546c61eb6475fd9fc7c8357e65737d39a741417f8a0a7e035f696c1a83d44837e360592db9ae7afd2ae7be9859f062d274b0862746c9ad804eb1c72aecf6ef9cfbbed33f68f38f25eb493d165f3012c04ec02d42421e2232aa4b30910f9d4fb91b9ba2e7b40ea4fdb60f6957e3afed8cab6d076b2f5ac59ea53bd1e9d944cb53deaa2b8ba097664fca77ab97666c6add05e7556b92d8ad11d19887e83a8ae9dc086bbb4d23cabb3615fdc05e35c61fc3e28315659509df1cbaf449ac909f36c69f5366f1bbe9b3bf9899533f06a6161c986607292a202bfcfeb2508aa18dd993d2d239b32e4f06ba1321d607c154965b9d1f52c940777e69430967d456cafabf236a2f8cea019cc87b350a5bc2aed7f1469ae6cadbcd579864d2194e3bc71e2596c690226b15c86aa0c2aede98cec57c4e752edb6fbe58046ca59546511805a71aa187ce4bcd5399c36eb3f76681a63e5a1d948a9cf98703aebda62c0759477f1be96841d60256bb2d7140fe4481d4d5180df9595fae750da2a9178c89fab47766ae30cd3d8ffcb94eb4b4245ef19ee3d95b89094f528c16ed7289703afd5805e923ce48bb5e451a93ceadbef1443e61b6b59fc13e79ed418dc73cf12b302ff40aa09994374eeabec532bc98b820c21d15f2cd10f755132b12c824a8875387c6682e991dfc01280ce1619c23593659de590b080c7f2eac12ec00704ab8b3bc2052ba9ba6f59a2312b9ebf62c6ea1ec5250435c25215f87350903140a4a12d8e3f8e233f0d63002dbbbd12a7ba9282768dc2b2b9aceb9e45e9da4a2d4a8da83e72bf0cf91bc12324b544a1d6145525dd9cf44199d7448d839bc67b1d33d7da10a9abc08f8f08a894edbd42c1baf8482feb06d68f25c4405a624998bd4c28cb9b845712ba307ca9b9ff56131617ceccd2927ecd57796eb103b6b15dfa12b3e8e9aa2ac8af20cde7877501a98d8b04dbd96d606661066dd80ef55d45fbd5c410d4a0d59ad53cfe3779350e71f109118bccb61121bb8eefced8feaa72c95ed737490c7318e7db86d94eda2ce5f9b04f2308dadbd8a2be6991309a56959c6be4312623a04483bd72a64c210bc6ea600d887aeb3781030a0c4a6ee06f38896bb95688ba5c735180ed50f1fce6c321aa0503f714a000b6e10f22d019e0c5bdbf982bc0a3b15ee59e9c573f77073ac64394f3610f68eca10092a7b7544bc1e643c30017133fec103af1111536ec6b37472157ef7a57186d4b64812ee20f51257d2cdaa19b5508fc40824aeb678c368149387f9083d645c9b616fdf08459aa792897293e7dabfab1144ea74d39a2f0d3632d16ce1b1973717eb83d217250646903207ccd9804e584c12bd98be5096c2a43f21161547f6b2fcf244f12a3c6863a90b45901379a1df5948dba63c34aedb7b877c675dec404acdc0348482502c3e9a886d0829a17c06457a2bb3b6c843285b1aecb4c917d9d586b5b47be2895dad99e620cc824f4d0c577f8b737c20c39c40b77db27e8e72d83c6d220011e7e304c97e281697afe31e077f490f0e632a3fb5125351051543125d7895e86007e0be5527f57f98db8235bfaa3c4d25514ae88d06289261b49013f25326461a5672c0fd975af977d9e9725d14c923decf5b60cb800a267644e0fb5e8dfc734c5b1ba810ff276f24f8fd0608bda3ab335252fbfce4e75c533bf44d2f6a2d14314b5bf24ab3d3dc0794a120379264d2bdfb4111e614b4f68d36f930b4802863bd47dc7b8520f8e95b9673a9bac79dd4e68b7dd9e095d87eb8004f19763459171142145ff6ba160709fa7732579c48bbd4ace904fed83603de20179c6d230b1b098b2800749c1836b222b52da56a2d47dcd9a87e4ea2a2fc3da46b05fb446d1b6e134d5979c43c1e79b00ce0909a020fa2e0377e19bbbeb5c4453a0f04a09242a477bcf0fdf824b58b196d7ee987ed68092c6696cf2dbf942310ed22d674512a4428e9e194127eb44828f9a812c762460486889d715dc6dc4377e557834f31cab1db1b276a5e3c14618c233ae523f1e3f3c0078fe150354855b3c31d0f333928efff70c7383cf65880420cf7ec307b708307fed0745032cb81891b85d67fb55303a30da8f4b3bedeabddc6bd38d92edeec80aff10f0d29f116cfe31f1b1a96962a713300635329c04977ab606e50b93cb1305f5a82c826febf41318f1ddb7e6fd0eaf37936f6950f841c8853bf1acbb96ba04dcc4fa5a23d8eb8e5b22fea5b5784453d51799442c665df83b45ed6fa99401ceec8e0f62b89fab9fadaa0d51e845fcf2ec20676b3d867304b7f893054490af7a0080bdaacfddd54fee4349e03dff156c9f08ceffa31e3701d333251f7cd4b07c52a9901d4fd32bb01261544c7842df78b420b99645e7c2695fcc6dc4e402ddc0ac039bdaf4129a4ae70b37b1c61ebd47e6cb7d6dfde13e7e972c74b706e8a3ad7fddd50cf581d2055ff5b127695d6f5c8fc67df49aaa56afb789a9fa384125f13d928feea35139cd9153b254c6b39f838c0f0367c5efa13c5fbdcbec5c9f88d7d2ff54aaf8d0c4db4cada8b74ea780d32aa0e66942e936061692182be3c5b21fcd99dfbfd22467d4d3ce3d78e88f1481bc2ed388f0dc3f262a079bdcf41d2f21f1de75202fac6b4f8f9f8a7ee0bdb646ce582f6fd358461fc4266f980f33138c41daa3c8a82088eccb8a2944b6dc432f8149414115f209282945e51e5d0a999d518a32fec37e64e8618879f7d65e088514efed5104ead3fab91c017447a645575a50dba5f28a3a6359a9d591ee2c7eadd08b86e733a6a8723880890d3158e527b4d9a676b02ef0faabff71865c487641c6c104c15178106d878c6cd588b2c6f834a4a2ebb9d129ab28eb7dc6a556f3d868e2765034bb146c7be493d19302b31881a11257ed202bd20d53f05d7b5c96954b55cfb933fcf0945a10b460bf7e276ddb6fa313225b7bee647e8e6d5c1ef68dae19d4cca98f00d3a860602b66b09a1392ad01739a5ddb7117dcb0053e9c31602727101225c627225674aa1e49f3c3abeffada9f5ac76b5f10a2de55951de24b1fb144f4c1eae80e27bc36e5da70e01ff37ca465190180644a27eb9a96a15d6fb4eace5e652176a02d4ef8228bd72df5142351a6f1b08981a5c66eeab943983277c1bb192b668ff25cecae19229da67e2d8e3655c409f597b68260c70c47c5843082d94a94e72fc42ed11eed5a0cc5c9eb57de53947d2823cedbd9e417682b7b19ed3be8d27b3a887795b062c88317a0dc04bd6a62cf05fb78b2955af0514a99e3fe0e0f382c9fc2ff820af6451e0915722162c53b060250890c381ebe2edbb63359643ebd780a32770e78c6af810f341f3e07781ee25c92275ab427de063326239514c6623c9a3a2ee2c80da4c77404607cd208e2e9a273cfff2cf9c6cac6ed4cd6641d8890ce82f229cec11b483db0e4fe70161829bebcdc65351e75eef29d4ec70495415927aa6be603dfb8c5c34f4d2a0afe0bd0700540b8ccd9e0421efb4d449225fe38cf4ea8145e7e1ecdcfda0c1b8a6439b3535a7c853065f665cd28c86fcf4b47ce321edc9ba1bed1a6e4160e62819cc8f9d0914ca7c8f54c6392d9b8d8a9e23e6877e240cf50208b5dc085cbf5932d730dde94314d269f8e4730e72c62ebf1100b423e7c02c0c7b3d579fe738a75bf3d29264bc27009673ebc5fd0d777e2b43d4b738addf5e1c1d084270f5ad6441d10e723331ef5d41d1da2597817968e3c33324fd876bb2c4829921fb5c835ed01e78d0fa88d1f4043693a5cbf592f350505d37efd84845feb77ed38a25df0e98678047f320080972ae011d5ecc9b9cb1aa519fc661c3c909ccf1002844a4f3a9ff21dcb3e861cec427cea26eb765e3d30c532f3c67aead616cca4ed0ef627e3edec6a98e0f0866af49b0019ef8c50104b4e21c17b17b36b0bd5d785c0a46dd5e84dc7327d46c73637602f159900ddc1e6bd3f9afddf45ca54cc7958a6fc0a7e9b93c7e91da8afba0a63238f3847860ebe9403ff3b80e067493d34c55e7562b8b0fb06a2f8c1ddc9cd0f785aa9814cd40aa66ded541de15e647303864b27b5cb7631666f4166b6daf929fbff41fd95bf16994a6f9bc8ce579da13442357cd500f10c392ec78b0c161c99742c03b4d745262d86500e2a981586627350cfe1bcf4710b0824070abca21e1a53a36bfbc12ea7fe8336f741784746abef46f52ad131eafd02ac24c1d1636fa30337251a5f169cdb8c57fa214f2a900af0ee866748661f1a67a6c2c6a6e49ce1939139e45a456c7dbbec8a09be48853cd9b1feeefc6729740dde9de04dd1e0f9c774d387a902174274729e6349a7effd237e63c40bdbccb72e44dab5ac1eab96eb75a6ea8f2f7dd362159131072dd8d733fe9c54d1ea4771e85e7cc0b0455dae0a5c8ece44aeff7e2d247e94639c9a74f48e690c02e89d0377fe3afce5d6abc706dd3e23d19809dfa948b010b6d66556ea81ca3690c3322478dfa1e9ef6de5e4d21b6e9867c611fc4e78abc94bd3c9f112739f8d2996834f54d1137f34ff5442c2432746c37031bc7e9201fdeb7d73a24163fe423fdf3e8e22b655ec159664e905675d8bb80d651d4dda22dfed198d02c2b8ff5b0760fd2aea35e519619393cb66b048b59d4e6cf398652a4726925c8a1936ee29cde1bd70fdeeec0aa1e9289711c57ab8ba170c427173fada71e9a1f0fc4cbe23c248f5340db3f9ba4f8c23da230ef4c1013ba0ffaaf5bfc58cc2eb5084f96bcdce7c1ce76c4206189bfbc9d8f1238aed641c39693363762f2cbb1b3433cb01fba42dfbc7b1aa6a46cb9bfcc98a8d8f46cde8a5dc9d74de7fc73aa22420acd949a26c2bd0c8c6f05fcac03a88e622c851454f583623b35f825038ab1aaa3091d05018c2179f473a889219e3414bbbf4eb62333df13ca9eef4dd987358c90d6bdc113aa2972cbff9b7d7e5a76fa182609401567889febe7f2443b338982c3be4328caa199f4b14652ff609b3012fc66cd7a02d8e837bf85f7d2ee7f5061b359104a90e5a74179f6fe7ea44acaf2e8531b05875e041a7f42f6551e89518dd06f04ceaa5140fee9535cc3de18ca42721661d395e23828b07d449e4e09614c8aa753d28215608a56dbb66a929a47fe1beddc6123afad8d4f64cc5602138a289ef1287548d914647d144c3010cb5e3a90753aafebb70703a4f0eb4edbb991f47ed529b219a9fd421782a8a9d73d18e9ac69768791f408ee65af8f78ca3986e878276993c8dc140949f7410c8aee7b57739ffd57e5096ef3c1edc9d242d8ed7d0b5c8f7d4ff37b4ef76a6d4ca8960793508313c751a194ce0dcd0b08e3c3b91f06cb9f158347af1689fa86e9229970ab49bd44bf99da76818f7deb102bffbc575cf53966e247ce3558f77937d822ab74a437c5575dbcbd907199d5b645ee6ee122dc77090960302f8fce044fcb5d19a803b92a95950c262ea117522e6cbe44f5c277d6d7e36890eb7702136dc78abfdc5105f138b9415ee6ed0b4e1f805b3bdb5d0e7aba7d0aaf7c6c100edae89b8496804a7cc9e61d002ba42abb6ada2fdb12f672a15f2f3ef7d23330a5d411195bd2e3caf54d7c29a4ac9e13db64d88c35587059465e59507acd1ed7393f3557b8991116fdbb675f7f4a30acfa0cce3e31b817834a3037a18479aa764a83820f7186460fb96e07adcd529cdf66d0f6dad80260f51d3a9a1ebe213d03b9b71c9c522b4b8bdfe40b06a9da4c722f9a73d43423b456b2464bbb546b0527f71cbe600478169bab6caab15b98d4383552cf0dbf3c4b5208d901873f79901d174410ccd887073c1c9c6091f01c1772123f8354efdd6646d1e5373ef0e7750406b2c9acc1315c9fe1e9b0dba050717ee4f1ed17fc73357150921e5092c8edeb79f25a5b5e142e6813f20871252ebf52752d643a2965058509271b370bf98ef0fe8983a4725d39685647416757b85f87cef3ed7265d67a479d7752dcb3fb78447e6dff107a51365cba79fdf6edba21db2d3b52bf70579a398c36847bb3ec5e8ced0ad82c68c22d422335f73ea5297a95c5263d2403e06b7fb1d30804efd4d535894e0e0fb4747bd77caf3e92fd23d0bc8c73e08374ca42b52fa8c02f1ff3d19d8eaa78ef2ba7b3b1bea75faabf2658cf0a49f59bdd1fc49618fb60260053033184ede8c6a10fbf5f295a8a96553d469b160b17d9dbef52a651afd41fa87a169e5b34c8f3f0299aab066bcfadb07055502432b285f42e369606c4217f10f947fab6bd24889ca0aafad8be5ecbf11462b3a1cfd0c93c80e0a5611d6248a0a4fcc3a2307a7de22d1e301aae233155bd10d11f6b37d89a34c5104049bfe242ceba72e5968ead5ec6ec6b7056c8a1c390f6c6640ec92afbd76fb1072784ad7349ca30b605d6e755f0a21703724394a7681709f7b73aa34f6f44dea15264ef10e86a1079d64f98f6f7bb50bd2e0caca18df8b09a51ca436834ddc235d60fa9500bfb09fbb1dba93c95e1406086f83f6950a0cb9a4cd8ba97333b0de1e658d42469ac93529c596712231f8e0410992d789d326a127bc8c0d901f4dc99b36948c782410052229769f5177b328a6ca68df9e4fc4638cf090d17a4704cf142271418c5a85c7cd292b6fe1ac9e1f2a1858d17e5318d4d75cad3c4e7f2b3d3da458e4581217a07b28ca94043cd0d31d1af5264b8170ef325855a5b5863f01541dd1428cac12793e9080919f6d4b6f9f1255032b44daf64d2ae7b1084384d0d9eb76b7aa18c70b8ce5a174f2a3f73b31f98a9dc329c3f5e1a4ff04c6b85ab3e2eb95f8e265915937b5bad0088c7ab15e2c9cc97707039045758b56f613f58d8100ab0a829c2672e99624494ae81983c23dced6381e718454e714c00d6df6d76f502bc2bc7dd8dd67279418cc4855e33d9250dfd9eff61c98fb06d578d92d1510c1589025dc2bba8208b8d4554d9718bc846666c984ecd7442c60c3437dc9adb4a8bb671cb828ae0a1be34a4db662ef440fce64a6194a296726e7fd6c2b0d2dd52c785d01b26c66b363c6be384471c0e5e60aacb8c1c47751f8c689892ea1ead15f157dc7b567243cc298583e5f37a6bd4ff9d947e2ae56a466f0c27408cdb8b2b7036598aaef45c995b4b1bcb7f110b5c5aa87fdd652e30998796982fcfa0911558395ec8f63e7fc898221d6a9b904951600f1caf077870db43f5e1c59907e4d5c50c9b51e365cf82f4a77c5bccbfaf90b1ce51aef03675e7c45e2bf46f98bfc0d140273dc2ad2e1c25c74ca2edd2efca89aa1432d1c5450125b8a0c19326b0a8c845e657bf69481918a75502de4fff5db8c706fb0e6d0d7263f3b213171f478b71a67257924a8f5ffbf29215783d21d379f50722972cd7c96c4577dfd958155d15214fe704e73effd98092f640b4e376804013028539422407156de850d0cf7797383d0c9c7e7a0c79718003d5748b5393eb3cd8c18f314cd94139f432f4bc82f908533cdaa7c80d0d6d26e1228f8d00a8882b9b07fc6a177d20231e7f42eb40eaa029a1576cd0cd32d7da652d01824077bcf175d7f9540522f38a815aa0e2267588d9ddca13bbc0e45decb68c93091a3607c0d8f158387e0e152bb4a8da4e66fc3c6fde1fb8f4d00f03885b7822a8587abd72c36d10c77e1c7222d24e2bf1992a17c07d586540a0ae2631687cb9197a655fb66690c3b0a0de8808945ba66ffa1e60e0d9623d067fc6f8a233ab53332478d538597fd798f0abfcc97182ff22249f95bce4a07d9f410ae919fd3e0d313a5b12c03f58de66ff5d211e25c791c108ff82ade5be2d59cdb15c6a4759dca915ddf3c07bda00b13018bdb95caea0bf170a15b6cf53a230ef717e1c90233735b9693379e7ef711a367ce42fd7c3ffe25496789342517332a68350a46a3a8da15bfbb63c45f8dc7c5d25db7ab473da177398443857e81bb58d9aa6d97e0bc685e1b40a0704c330e1c0850b9e799207be79508f927fcd5df193b929e0aad5a426990f7c19c50c50427c66a73347fc0937f091c98668f1ece95fa029dcce72977d51a836b6d7e5c93084968ffbca70619eee8700b1a9cc5056b5485ae3d5440b4711b8600fd10fd814cadde2ed11cc6b241464a002fb06ade3ceb7e89fb74462c9abdeb3d88eb9e57eb4f9abbabd23fea5f970417a7fa8a0e78f96b233ec75c6ff89c0068dac52bbafbdc1636f8156a1681acc405b52c65960ad32bac32189c074390c11385dec2b6bad34e95de5e848845adab92a7edf2e60f3c70fda609cb76662a4b98b187b93a739bbe139054b09f5488428b2c8b462e8f5cea5df40290f2dab5ed51cf9e719688ecec4ab1c72b8497efa1746d1bc9b3dff2dabfcb1092f1856f17c2a9a7c37656eb3ec485ffdb0f51149391d6131dd1d8554310c60598e49afad834f5e5255f21c432abb377f54cdf2ea82148d73475214e28346785d797bc4e657d9a2f1f4ce54da741f8caf8262335e284e2f8a04a823de564e553474c39ec1e763700bce1bf030eacaedd345fbe3c3af2120f3fa962ceb2b1427663d791b5936a80b336941c6079f468f92d5c10deab0dfefe9593b76b673a71ad499c5d0fff4a9db2a5f5a0caa0c2c5620abf503deb905d8cb7b6c66865ee69bf31982ef6d9ae8834d361dce14d535a2025db065f5429f3945d5628886163892e1e41fd34c44949cd97592f1a378027de0e81637c11594609c1808da0cdb64de43a871b2b2640f2642d6c1aae34d83b0b0eb73aedf94ce7c1daeddf8cf684672edaf1ce0c7757f163dae3a4350cef5803a60f1e1f3d5eb277a17d38cc32ca8b6fdf536720ce186e7be6507d720810ce8801be2cc5488c7a6f0e398878ebb2ee530d62b61bf67fd4a7fdc811ecb119e4a6e7c6555685850656cf52dbc2a1da93d8550a7941a8a7716fa348f2cbcd6f58489051bf01c0ad0745b8a1e9a10fb748a9ae9f7897dfa81efc7fe240959a3857385f8be3a8102efb0791e1e01e539b370b8ea57d3b7b747bfce3a206612410c0a9aa9130320d80a912434c5a47048c1ab6901e7806c72fef1f4f59322bbf5a79f444a0eec2397a76ae63a22c5bc76a98c4e65212258f963709c07c54dc36ac15d16d7f34c6becd2de54a3ca98babdbe1068275e18585abd3a1fb4e889ea087d918ce2e791098a3e337926a408e9301f2e8f681c50b700cfc240d2a692516e491b7f4774309953b34372fc5425832d4206079872e4387f2343de66525c63c71b1c9625e7649adcc92f279d51d55fc771f7c8b81c02e8a7a6b2bb6f0170d6e5552882434382163f07ea5e4c5971bff35f530e04ca0247f5bdd27929eee90e2078141cfd2d45a1cc2a1bf47012025fa808b9e849978011e482fb7e851e5efcb02796b6a4ce2b72e8e83bba54670b912668723803b", 0x2000, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

14m22.659300646s ago: executing program 0 (id=297):
r0 = syz_open_dev$sndpcmp(&(0x7f0000000000), 0x80000000, 0x416000)
ioctl$BTRFS_IOC_SYNC(r0, 0x9408, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000040)={0x40000000, 0x2, 0x101})
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r1=>r0}, './file0\x00'})
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000180)={'pimreg\x00', &(0x7f00000000c0)=@ethtool_perm_addr={0x20, 0xb2, "2b9315e41464931c916449b99157b6b82322019ba59362244eb67356795fe8b3598e94e21d310675b168a1276b3422d652cda4298cca2c6e719381a4c8913b4ce75cf0945c7cc3f389d2c92731e4f09f915509848c82706bdae116bb28782f8ba3610a929e2c1f21c0a17e2609da5d52eedc81d0fd2fd524d4b3881842a55722ae20e66431680914cd68539cd9d4f3d3871fb32ac5a3f671e4ddd2efcbe2d438933c52fb73f454214ed514747a0ad864b5fb"}})
pause()
r2 = dup2(r1, r0)
move_mount(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', r2, &(0x7f0000000200)='./file0/file0\x00', 0x40)
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$packet(0x11, 0x2, 0x300)
getsockname$packet(r3, &(0x7f0000000240)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000280)=0x14)
sendmsg$xdp(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f00000002c0)="24f17899ae8fbf75c7295fbf8afa0d9c560a331567d346e0db57bd2cb1", 0x1d}], 0x1, 0x0, 0x0, 0x10000005}, 0x20000040)
read$FUSE(r1, &(0x7f0000000380)={0x2020, 0x0, 0x0, <r5=>0x0}, 0x2020)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f00000023c0)={{{@in=@dev={0xac, 0x14, 0x14, 0x19}, @in=@remote, 0x4e23, 0x6, 0x4e21, 0x100, 0x2, 0x20, 0x20, 0x67, r4, r5}, {0x9, 0xcd, 0xc0000, 0x8000, 0x200, 0x561f, 0x9, 0x2}, {0x2, 0x3, 0x4, 0x4}, 0x6, 0x6e6bb8, 0x0, 0x0, 0x3, 0x1}, {{@in=@loopback, 0x4d5, 0xff}, 0x2, @in=@loopback, 0x3506, 0x3, 0x2, 0x8, 0x8, 0x9, 0xe875}}, 0xe8)
setsockopt$MRT6_ADD_MFC_PROXY(r2, 0x29, 0xd2, &(0x7f00000024c0)={{0xa, 0x4e22, 0x8e51, @loopback, 0x4}, {0xa, 0x4e21, 0x7fb, @private2, 0x81}, 0x0, {[0x5, 0x6, 0xb57, 0x9, 0x400, 0x263, 0x800, 0x4]}}, 0x5c)
landlock_create_ruleset(&(0x7f0000002540)={0x8}, 0x18, 0x1)
ioctl$TIOCSRS485(r1, 0x542f, &(0x7f0000002580)={0x5, 0x0, 0x4})
write$sndseq(r1, &(0x7f00000026c0)=[{0x1, 0x80, 0x8, 0x2, @time={0x54a, 0x9}, {0x2, 0x8}, {0x9, 0x8}, @ext={0xd2, &(0x7f00000025c0)="9fc5a3ee21b4984ee979f8fcaf3c38c164458b57bb312acbc608a0f705520a295c51f5cfe6427ca669ec59e91c6a7f90002f267676c43a63e56d5af71cb312505142d57a38d3bc2dda199974f70fec393e78cecc24bfda5b96ac5012d6f1d5e68e3d07cad0343f0c56aef35690b890442f7492bdc7754e62dd0be05730d07e538ff9e722a38ced3e3278db76d07b9e8b3db3704964b1efa5e7ff80b651b85ae653b0416e6b125cebeb75acd2f0622da0540ca2c7b20c081545813ebe9e80eb3dd772cbe24766370698aa395583b3d7df56f1"}}, {0x6, 0x9, 0x0, 0x9, @time={0x4, 0x7fffffff}, {0xe, 0x7}, {0x2, 0xb}, @result={0x3, 0x9}}, {0x6, 0x3, 0x8, 0x1, @time={0x40, 0x7ff}, {0x8, 0xa}, {0x6, 0x5}, @note={0xfb, 0x4, 0x8, 0x6, 0x2}}, {0x9, 0x8, 0x96, 0x19, @tick=0x1, {0x0, 0xa}, {0xf9, 0x4}, @time=@tick=0x9}], 0x70)
r6 = syz_clone(0x200000, &(0x7f0000002740), 0x0, &(0x7f0000002780), &(0x7f00000027c0), &(0x7f0000002800)="6068fd1ec04fd5c3c8507966c09e3caac1b7123d0e6f4a86e34c30022858dd0e601ba666f4fbbbb891b146d2421a8f0b70ba62ff7773ddeabdd5263fd213a0c6c4fede6d600cfdd550bda7ef953f80bd6948017c1276095c420172caa87dc08d0c3fa487af6c9e871cf838d6aa96a97361ea64488d12c7135576173b08377e9007882fdd2868a1cae83cc26b8fb02d33679191765497982f39215d5250726d325a5879e46153212a5e5c093b371e5226")
syz_pidfd_open(r6, 0x0)
pause()
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000002980)={&(0x7f00000028c0)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000002940)={&(0x7f0000002900)={0x2c, 0x2, 0x6, 0x204, 0x0, 0x0, {0x5, 0x0, 0x9}, [@IPSET_ATTR_TYPENAME={0x15, 0x3, 'hash:ip,port,net\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x0)
r7 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f00000029c0), 0x1, 0x0)
write$binfmt_register(r7, &(0x7f0000002a00)={0x3a, 'syz3', 0x3a, 'M', 0x3a, 0x8, 0x3a, '/dev/snd/pcmC#D#p\x00', 0x3a, '\x00', 0x3a, './file0', 0x3a, [0x50, 0x46, 0x46, 0x43, 0x50, 0x43, 0x43]}, 0x41)

14m21.037914506s ago: executing program 0 (id=301):
r0 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_FLUSH(r0, 0x0, 0xd4, &(0x7f0000000080)=0x2, 0x4) (async, rerun: 64)
fsetxattr$security_smack_transmute(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000040), 0x4, 0x7) (rerun: 64)

14m5.619007833s ago: executing program 33 (id=301):
r0 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_FLUSH(r0, 0x0, 0xd4, &(0x7f0000000080)=0x2, 0x4) (async, rerun: 64)
fsetxattr$security_smack_transmute(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000040), 0x4, 0x7) (rerun: 64)

8.459098568s ago: executing program 5 (id=2967):
r0 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000440)=@raw={'raw\x00', 0x8, 0x3, 0x4c8, 0x170, 0xffffffff, 0xffffffff, 0x170, 0xffffffff, 0x3f8, 0xffffffff, 0xffffffff, 0x3f8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0x148, 0x170, 0x0, {}, [@common=@unspec=@helper={{0x48}}, @common=@inet=@hashlimit1={{0x58}, {'bond_slave_1\x00', {0x41, 0x1ff, 0x6, 0xb0e2, 0x10001, 0x84e, 0xfffffffb, 0x18, 0x8}, {0x1}}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'erspan0\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'vcan0\x00', {0x3, 0x0, 0x41, 0x0, 0x2, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x528)
bind$unix(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
shutdown(r1, 0x1)
bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20, 0x2, @empty, 0x2}, 0x1c)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, 0x0, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e20, 0x1, @empty, 0x8}, 0x1c)
sendmmsg$inet6(r1, &(0x7f00000000c0)=[{{&(0x7f0000000100)={0xa, 0x4e20, 0x2, @empty, 0xfffffffe}, 0x1c, 0x0}}], 0x1, 0x240c089d)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x20040040)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x200, 0x0)

8.158078114s ago: executing program 5 (id=2970):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r1, &(0x7f00000001c0), 0x12)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x19, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000001000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sockopt=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000400)={r2, 0x3, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r3 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_int(r3, 0x0, 0x20, &(0x7f0000000000)=0x1, 0x4)

7.822559765s ago: executing program 5 (id=2973):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000200)=0x474c, 0x4)
bind$inet(r0, &(0x7f0000000240)={0x2, 0x0, @local}, 0x6f)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x300)
setsockopt$inet_int(r0, 0x0, 0x19, &(0x7f0000000180)=0x1f5, 0x4)
setsockopt$inet_int(r0, 0x0, 0xc, &(0x7f0000000000)=0x40, 0x4)
recvmmsg(r0, &(0x7f0000000680)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000640), 0x2a}, 0x1532}], 0x1, 0x45833af92e4b39ff, 0x0)

7.330912526s ago: executing program 3 (id=2976):
socket$inet6(0xa, 0x3, 0x1)
socket$inet_sctp(0x2, 0x1, 0x84)
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="d800000026000186"], 0xd8}, 0x1, 0x0, 0x0, 0x1}, 0x20004440)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB="700000001000ffff25bd7000fddbdf2500000000", @ANYRES32=0x0, @ANYBLOB="920a050000000000480012800e0001006970366772657461700000003400028014000700fe"], 0x70}, 0x1, 0x0, 0x0, 0x4000080}, 0x20048004)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x68010}, 0x0)
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffffffffe, 0x4031, 0xffffffffffffffff, 0x7542d000)
read(r0, &(0x7f0000000180)=""/167, 0xa7)

6.839846959s ago: executing program 3 (id=2980):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="12000000040000000400000001"], 0x48)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={r0, &(0x7f0000000280), &(0x7f0000000180)=@udp6=r1, 0x1}, 0x20)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000080)={r0, &(0x7f0000000000), &(0x7f0000000200)=@udp=r2, 0x1}, 0x20)

6.558062366s ago: executing program 3 (id=2984):
recvmmsg$unix(0xffffffffffffffff, &(0x7f0000000e40)=[{{0x0, 0x0, &(0x7f0000000440), 0x0, &(0x7f0000000540)=[@rights={{0x10}}], 0x10}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0xb}}, 0x6}, 0x1c)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}, 0xd}, 0x1c)
r1 = fcntl$dupfd(r0, 0x0, r0)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(0xffffffffffffffff, 0x0, 0x4)
sendmmsg$inet6(r1, &(0x7f0000000240)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000002c0)="cd", 0x1}]}}], 0x40000000000010e, 0x8001)

6.415480603s ago: executing program 5 (id=2986):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x100)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
chroot(&(0x7f0000000100)='./file0\x00')
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f00000003c0)='./file0\x00', 0x0, 0x2a05004, 0x0)
pivot_root(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='./file0/../file0\x00')

6.284928183s ago: executing program 3 (id=2987):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
mount$bind(&(0x7f00000001c0)='./file0\x00', &(0x7f00000007c0)='./file0/file0\x00', 0x0, 0x1000, 0x0)
move_mount(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', r0, &(0x7f0000000640)='./file0/file0\x00', 0x272)

6.077384557s ago: executing program 3 (id=2989):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}, 0x1, 0x0, 0x0, 0xc000}, 0x0)
sendto$packet(r0, &(0x7f0000000300)="39c3946534ecf02e7e0e9ca208004da0a00a6d72c30fa0698b032818eb63982e90890800000000000000", 0x2a, 0x0, &(0x7f0000000440)={0x11, 0x0, r3, 0x1, 0x95, 0x6, @local}, 0x14)

6.027439526s ago: executing program 5 (id=2990):
r0 = gettid()
timer_create(0x1, &(0x7f0000000800)={0x0, 0x21, 0x4, @tid=r0}, &(0x7f0000000000))
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x3ed4, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x9)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000280)={@fallback, 0x10, 0x1, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)

5.225875508s ago: executing program 5 (id=2998):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x2, 0x0, 0x7fff0000}]})
execveat(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x800)

4.883196287s ago: executing program 34 (id=2998):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x2, 0x0, 0x7fff0000}]})
execveat(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x800)

4.833854557s ago: executing program 3 (id=3002):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r1, 0x4068aea3, &(0x7f00000001c0)={0x79, 0x0, 0x24e})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000040)=0x3)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

4.311629421s ago: executing program 35 (id=3002):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r1, 0x4068aea3, &(0x7f00000001c0)={0x79, 0x0, 0x24e})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000040)=0x3)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

2.876378195s ago: executing program 1 (id=3021):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
sendmmsg$inet(r0, &(0x7f0000000880)=[{{&(0x7f0000007b00)={0x2, 0x4e21, @empty}, 0x10, &(0x7f0000000b00)=[{&(0x7f0000007b40)="fb", 0x1}], 0x1}}], 0x1, 0x40000)

2.75119941s ago: executing program 1 (id=3023):
syz_emit_ethernet(0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000002, 0x13, r2, 0x0)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f00000000c0)={[0x1, 0x0, 0x0, 0x0, 0x9, 0x6, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x9, 0x0, 0x5, 0x6, 0x0, 0xfffffffffffffffe], 0x0, 0x8340})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

2.348923832s ago: executing program 1 (id=3027):
madvise(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x15)

2.228657677s ago: executing program 1 (id=3029):
r0 = socket$inet6(0xa, 0x3, 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x44, &(0x7f0000000300)={0xa, 0x4e21, 0xfffeffff, @empty}, 0x1c)

2.126996218s ago: executing program 6 (id=3030):
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
clock_adjtime(0x0, &(0x7f0000000000)={0x3ff, 0x4, 0x0, 0xc, 0x7d45, 0x0, 0x8, 0x200000000000000, 0x0, 0x103, 0x0, 0x200, 0x9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x1000, 0x8, 0x2, 0x3, 0xfffffffffffffffa, 0x3})
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(0xffffffffffffffff, 0x84, 0x65, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x0, @local}], 0x1c)
ioctl$SCSI_IOCTL_GET_PCI(r0, 0x5393, &(0x7f0000000000))

1.99948226s ago: executing program 1 (id=3031):
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f0000000040)={0x0, 0x0, "d607f8f9951e76c13f64323723e7eecdf40c363423eb3d259266ec9c37865c6c1a4640ce1b22bb3327ef4f001d34c09f39c3539e4f8d3ee0878ae95bc7f52363c468b257ff3e24852548deb01efd54f11ed2c41d078b9cf1fc8f72566153c97e4af37017ea6b16b694bb4a6e4606c3fb19d1d2bd3c8c4e97da2213f9d5c3b90400000000000000c279f03558083906666827d61dcc3a633bffff250b5a293e3877adc1660edbc9a0307a25720a170e7f5670e419dc44febf7ddc73fd4a5a0b6c28665f7f46c7084e17c809268103a2584ab40a68e528329d97afc3612e325c1eb4a3ab2e156a97444800", "0615e456c196e819a321fdb3690bfab19538829a732a01781564ef7738cb5b82a704b3952f81c68bb4ceeaad63206f88201638e87c4981cbf9332cbc9c4d69e392bd33237ece7ad91e44edac0da8dacad81adf2e08c21ad6b44ce1f90bd618c255ca40cdb411485fb48a51d329c816b3488c7d032ef69c502c6e1236bd381efd410165988847c1dcb98a18ca2b853910e52044fa3b3026cb88de269537c8f26ffc3b15cbf279832bfc90bd95939043182e88050dfd2a4784a5d1453610fb1f1c2bac36c3ecd3e6fb756ef8880debeef3636afd981d8af4ab119928448f90351aec113335eacf52a18c87738d9679d3acc032a16fbefc64776f363610a15b37bcd36e6a7cba931151b9c9ba5779d550e9ab21603a43a25f3b4895d8dc4f3ce0e7d5e964e888169ea79a0848e9338b3d34d62e963fbf98834f4455419907f0ffdb76373af77a34edee7789f56e7f01bdab9614a0d460f791a06e6cf5243bf2b3a1624a80ec7e1116f1c81f5ef4b895be74bf67eea9193428b58a8b62b7976d3d2e59796c46ec918c83cd49c3f43dbd2967586966c19ace7b0bef5f94eb333b362649f1bfa114f8b1f126e97ec672cff77e2130823fa7a1df6760c6a8917815e9f0a409ed32b133df7dc9afceffcd472b35145c83c9167764d25ce214133c6170adeb6653b30b226a3b6ff1363ac862a540c7fab584cd051ce7ee951e0f121d43cff75afbdec6bc6f6e8f7db58c8086751320d22ee8582e915cabc536e3767e9a9230c9ae8b92398f0ca2a7141ea4588af7afde10e5ec2a6fe85ba5712e126629d4e3998fc4721cb638f2ef8356049e3448466e2c400d5e8baf843fa399907cb526b791c5350ce29204cb6fe50b892a69ec6dbecc28f032a745738faa12c2a34222942fef0ec0511da5fe0b565ceac429da7cc25cfe0320b40a514723e2392a6a361032343edb79fd83cd0a354837153542fd61b3156b54c566036e493250c3a3214738e3cacc24a50d5dfd17d5008b4ca629c3062f3417cb69c48b8b888ae51256bb4e6c68e95a71a00383ad9df263f6a775ded64fef20ed5cb5f31c33cb86f839d00a12e40cd31219113619c4e0585454cb1776278bfd7f5c4275792afb790e83ff0fc6925355c7aee7a070477d9ec2292366e39b9dc66f7adcf449a1a718e5217183faf0f679efc5cef20bcdcf2d12ea0684084ec0d693256e280025b23b5a08b7b1ebe7d41fb045793f971d6ee066604818cb09d86c1eda99a44c35476a113fd5d1a7543f8f99424ebb78dd9e00d719502a6eafa743a061fa3fa55e4deaa0a011b6b9d633f10e0c9446b5a2e3f6d6014ab00695366c1a6bf0c32f703aebb7988c7d4d322681458e85626302c70f37628835e1fcfff1da3099c0b4af433eb9a51f9609f2c0c09a98b18880c846b34d6ac0210f073765666100976ee1d928893f983580ea47a012144633b98e02c3e81869534ab985eb3a73e0bac892dac949f85db949285a6a7a490b1075467226af23df82d8dd09b7282490fbb3ada9ed4cae8f761aefbe0701de6b132f12044c58ac1c2607c8f51361de5bed021dea13fd0a440263cf0b304522a324b581ab274e7bdae5994316657b5c0ab0220d9b08739729f7a35d436878c182aec4f08dd161c11ee5b7937fae7835e8bfe98a44c8d4bbb2e0eee0cb5d7c93517e96a9fc8132e60f3ef7c735bea1934b37df451f981c8d9210e61278c871e6dad6ceb89aa4d7245658a63e65cec7b81d307426a60a31cc917844a14e1d9ad83bef1c9f736d1836687c950d1275caece0d46ab9f3b0e95d9cf560eb8134e8346b35e0a6f60e6a87a14c4aeb3e0d06158390660a52a6e44b524c1e16de2bf99870f78fc81d267072bc63e97d3f26d23fd59799ff2c847d6a724cebc2377a582ba73d99a610a095c28d66c60910ac64b7d18847fa98fd8528b72e0a149b082c731575b2e2763e67c821ba29eecd8b8c87981c4fb1fbbaaa4e8aa077ec98de1362fc7af7a0ac5e3297fd0d924124b2e255b5cc4f6b0873f3d34418d5ae0d6f734628f38cb9b856b2db3fbb2fafb76983eabc51a348e55789e997fa25cbe6e5031bd2e33d4e2686f964a65d1abf7f96a20a8b270b1522ace4adf6fdade5cd3f101574960d13267e2382f70027ebe5ef7f9418e14e6a8a130d2aec2253c8fe21825e3295774db0c9b1340ea28a96589ba0d9f79aa61b92aea6f704ef7f716d849b8c77e6922e198a086d8133491d0bb85b925825a6d307d7cc8f09c655aa3edabf84c75560dfb279ee3e8b825323279edc58c3161e72cf9ae02ef80d500da922c0abeb8b164abd9c17ef7c02e89000d67b0c2ddd078cacbf37c4826be3845948d598980d63c1d7aade89d0637d80a4c102a35eb027a08ef90cc20d17fc514926914e68e5de54b861200ffa4ce1cbc16e4ecf342a1176cdb561f7dea38b3ae0fd81260f72d34e6f33d364cf313d3b3161410dcbf5f0f0579a1d235b49bb5d27f85825b94f1899e7846d0292ad912d934574f9d55d2152dbfb39d662e6e0f2496182d012af8b4bebbdfa1d68e3e988869fb5cd9612db97e6cc574444f4b5025ec9827bafc55341bf6ad3fd4fab2ee43f343cb9bcec0c38384b5699e5c6d5973ba591978275c51a40200d340b9ed3681f08c69f58320f538f9cd78a34eb6ed55710d2478ea4bd15813921817b42f88f1bb038033b519668f0a2e8693b9a19c7bcf96eec04bda625b31c32f4286be922ab2c87aa30310c8f46551450d5bc26b5fbfdedaae0f756384023bb9a28d3200cfeaedd63d6afe076513e8ad73d16607cd4ede16344e60d8707357e82b1089258c56d851a435e23ce0919825e04471dd61a44c43e87c2959d4e89311a30ee8be010094d0ef109bb210dda58b21b685b9e9c078c9ded6117d9a88dd7799291969851cd4c3f22b5f870a275a692188dafcf6e89ba87b0eb61011de031fda25fb3349901d40da2bbdb76eda417c9fafd90fb23504ab150ca0033ea1d00000000000086ba3aaa79d0df4f2e4e4afa565e66d28aa167f835d080bf1d41d0e52dbf81c671f8eacae234bf4fc328302671fab46613b73daf2ace80aff2f80f6a9d84b82480178cc612aa90adfc80ab3bba7d1527fc6ab04f009011bf093494a0d329df4e53d855b1c0ff6a25d22052b3a778e1ca2fbe59c9eeedf99e13682d06da269560524ffa0f404b73b946edf900ee958ceba09a051e27a620fb78e7a352c182c8c2981ce822eeaf6323965b4b3f322d40d406a158b6f3cf5d74822de952fefc341d0dead6c1c8fed8e48e0a85b51c1dcc7796d3f45bb1f50467a475da76c356c9e031b096867da1dbb89c3a038d475dbcdb2df1278d5dba55c2fb5ba6a9778c2a244198491f0f711cdb2ef0332f347afffb1b098b4c59041ccb0c286bb2dd40e7ec713f6ffe0b1067678c748615dae3c1e090f3739a9035767fb9972580d19fdef49a5071f99c3706b8fa4991f430721cf3ca11af0e3bd7c4d0cd0ab5b7d98ee66730c20a098110e4a15ce0bfc88c41fe375f261fe3557e14eb5ff4a2cdf6a008fd7b6702951b8456e940fbd269a0f3ed515ac03cfecce67027d579e1226bd7b7381827453550343566508d38790ee838c3bf85c6c91a45e7a44752f57313533a3e82e4042e65d346afb20c0527575f79080aef4e1aa8d5868d190c8d37bdae7592e41bed37b9d4c30d8126d3debde02dff25f5ef1e48133e2a41cd55347bd23dcce57a00189619db629c530dc112d22ac72bce353681264b5175be40b3ba84408d0f56762cc720e96c128447be7128748e185be2640115556bac64d060207e629b0144e501c1c49c6abd15c7982b01e22da2ad04bb28df1a27f31e18040c16406071d798bb40d901d001e22cc5ed870d08702f49f0021814cdd814901a13c7ab061bb4b8172c639b3449e24f656fee58186e69e6874ea95d946da781b49ca080ffb4a3c87746c661f43e9be52d0ba2ee368b9c143687c8846abac599069decf41e69fddcadf31c5f715917df12df4eedbfcc5805fe8e661b8fcd7b130d7bcc4a9a152de93a15dddacf3cf52479956185a3c5000d18ddce0236d5858c0d8761bca7446e3d30f3e8f48d5e8f86a60cbe46f038b1028ffd35590bdacfeebb86e28d42a923bdc3f9a307b919341a2a7dda096d41070db245c2c424aedd4a4bb9863169454d09f25fd0aa2da7bfc97ad7aca886dd998e041133e07899ad48f7cda600de48ac3951152dfbe6331b8acae24cfd2dd2b14696c75040685c756942a0d049ee9863a2e480388f93876f3910ecb3a59fa16c25b2b3636a542f92744495e10a4ce37f19f5c2256e2d61775d388e2a86b52f76add2f956aa02501f5badb94da12595b2bbf88b05dc70caae6766fd3df4f299d0ff71c8787249b255ea49b3d33b3f1a8c9403cb75d64264465c3578538382b23d721f8a49134020ca2d9e887d9949624ac6d63322b6507e277a0020db9bfa2928736b96c72fa3406a95adfe6b374ffa27001d37d3bbe725e75c257834572026c511f57dce67153a4008f9e75e07ed9237f600005800ee667c137fc78bc4fd4ebf4d228979ab0ccafbcd8b8daad76fb2abcfc585377ea6e19f170db898b950a7b0f4e75466a2ba26e7d60e0a6f5c54a3fe78677f3362c5b01ae791b62ee8a5d0fd65b739ece4f3b758d05a8e4e4ea7e4866ee67750ce2769f72a9f45780eadfae73b42d4dd4c614c797c694ece8af88cc732edabfa26ace57de54835c7551154dfa3be11a0d3b5845ac97b2da84410a652e72cd563acbb2b02bb59370cebaaa80014e3ad280944eae6fbf8d5f85237257bb5b8e5ec3e52dc06f8394176b325a577804e9eb78d7015172d17ed15f905f705d56687f53988bb207c74fbeb2b03a700258e835362886239f4d8f1c2cf6d4d10ff26d2579ea40a5fb99e5b6d01cdeda050d3faa78ed674f2899be08332086c8bf0410a7d06099c50a2d949d49a0f21b43bcdfbdf435875cf5a9def46db63746574ee8a5b1fbcef411154e914dd9e5bb1b1bd2944581083fb66a017e7972df3daefc487e4198cb281d3a80637d52b41738b7f1a57c867d5b2ee5d72465657593339506fd0c3807cd6445eb54cfb5ca9d35ef93eec6383224ebf85197eb6ed75f6c324f6a0345a25be6bb52ed347e57ccb059b903fb7db4e9f46513a4158ce29c1f5d6081b556bbc471e89225cad81aed34dae0f90ee8e7237b3b286e29b49d7a1700c537b28571f7d7e2a55e10792d6f7779ddefa3febdea5693048372a45903c04f1035a96c6cfbe6f6c2b754581aac02f8a70e698be6e37fd411cf4b76317b47683f6b0f80dfdeef3a9767c7e5c30dff786093a21477431fea0458023953700"})
mprotect(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x4)
rseq(&(0x7f0000001080)={0x0, 0x0, 0x0, 0x1}, 0x20, 0x0, 0x0)
madvise(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x15)
setrlimit(0x6, &(0x7f0000000f80)={0x2, 0x2})

1.879760025s ago: executing program 6 (id=3032):
r0 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
write$tcp_congestion(r0, &(0x7f0000000040)='scalable\x00', 0x9)
sendfile(r1, r1, 0x0, 0x5)
write$P9_RREADLINK(r1, &(0x7f00000003c0)={0xa, 0x17, 0x1, {0x1, '.'}}, 0xa)

1.770302801s ago: executing program 1 (id=3033):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = dup(r1)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
writev(r0, &(0x7f0000000080)=[{&(0x7f0000000200)="c082b44eb524", 0x6}, {&(0x7f0000000480)="5690d1604440a408001700070000000488a8", 0x12}, {&(0x7f00000002c0)=')', 0x1}], 0x3)

1.707168304s ago: executing program 6 (id=3034):
r0 = syz_open_procfs(0x0, &(0x7f0000000580)='cpuset\x00')
lseek(r0, 0x4000000000a, 0x0)

1.580305101s ago: executing program 6 (id=3035):
r0 = socket(0x1, 0x2, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f670600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b52710aeee835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5bc6d3fd0500000022eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe326c2ed0a432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1b172191d359645fae2d074ea5724ab77ea04fe507938b1213cdd4a92860e59808689382734d24b3123dd40c6d612c8a19948cd257748b1e7324adddbe61d51013f7d6b313c6df7b7b29678d70fc94dcc3e99e2472e78968ed94e7a54988656e8fff6b1d9b9993c71edd5cc10a2bea8d94d751b77fa7c48c712af35a9ffe670e8fa451942f48741119496bc30137e1202aed6bb5cd5c2d0256d049e4a335e2ea5545e5624be2391c37c0a2ae3bbb5b58778b85424bcdb84358359b2cb2782fc0e82f17b12d641ce6a72ab0ac794f878140897703bebe4420115d26675f27598841965fa91088252"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)=ANY=[@ANYRES32=r2, @ANYRES32=r1, @ANYBLOB='&'], 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r2, &(0x7f0000000180), &(0x7f00000000c0)=@tcp6=r0}, 0x20)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000900)={0x1, &(0x7f00000008c0)=[{0x6, 0x0, 0x0, 0x6}]})
mount$9p_unix(0x0, 0x0, 0x0, 0x12c9498, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)

1.579388971s ago: executing program 2 (id=3036):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$F2FS_IOC_COMPRESS_FILE(r0, 0xf518, 0x0)
ioctl$FS_IOC_READ_VERITY_METADATA(r0, 0xc0286687, &(0x7f0000000180)={0x2, 0x6, 0x0, 0x0})
ioctl$TCSETSW(r0, 0x5403, &(0x7f0000000280)={0x6, 0x10000, 0x4, 0x40, 0x1b, "42c98603604e27f49ae16b0129b76fe3344c0f"})
ioctl$TIOCL_PASTESEL(r0, 0x541c, &(0x7f0000000600))

1.479163812s ago: executing program 2 (id=3037):
madvise(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x15)

1.430891705s ago: executing program 2 (id=3038):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], 0x0}, 0x94)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[], &(0x7f0000001200)='syzkaller\x00'}, 0x94)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000140)={r0, 0xffffffffffffffff, 0x7, 0x0, @val=@netfilter={0x3, 0x0, 0x8}}, 0x20)

1.334546926s ago: executing program 2 (id=3039):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000001c0)={{{@in=@private=0xa010101, @in=@loopback, 0x0, 0x20, 0x2001, 0x0, 0xa, 0x0, 0x80, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0x0, 0x400000000, 0x3, 0x0, 0xffffffffffffffff, 0x40000, 0xffffffff}, {}, 0x0, 0x4}, {{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0xffffffff, 0x6c}, 0x0, @in6=@ipv4={'\x00', '\xff\xff', @multicast2}, 0x3507, 0x0, 0x3, 0x0, 0xe, 0x4000000, 0x3}}, 0xe8)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, &(0x7f0000000000)="0f20e06635400000000f22e00f237e3e660f124bfab853058ec80f01ca0f20d86635080000000f22d80f01cad838ddeff20f58f3", 0xfffffffffffffe3c}], 0x1, 0x2, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, 0x0}], 0x1, 0x4, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, 0x0}], 0x1, 0x43, 0x0, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@x86={0x40, 0x1, 0xc, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x80, 0x9, 0x0, 0x0, 0x0, 0xfffffff8, 0x80, 0xff, 0x2})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000380)={0x2, 0x0, @ioapic={0xeeef0000, 0x8563, 0x9, 0xffff, 0x0, [{0x80, 0x7, 0x0, '\x00', 0x5}, {0x10, 0x1, 0xc, '\x00', 0xee}, {0x2, 0x4, 0x4, '\x00', 0x4}, {0x5, 0x9, 0x6, '\x00', 0x3}, {0x2d, 0x9, 0x5, '\x00', 0x5}, {0x0, 0x1, 0xa3}, {0x2, 0x8, 0x8, '\x00', 0x5}, {0xfb, 0x3, 0xfb, '\x00', 0x7}, {0xfe, 0x2, 0x7, '\x00', 0x76}, {0x5, 0x5e, 0x42, '\x00', 0x1}, {0x7, 0x5, 0x5, '\x00', 0xf8}, {0x6f, 0x9, 0x2, '\x00', 0x3}, {0xb8, 0x7, 0x8, '\x00', 0x6}, {0xc, 0x5, 0xf, '\x00', 0x6}, {0x6, 0xad, 0x1, '\x00', 0x9}, {0x4, 0x4, 0x2, '\x00', 0xc7}, {0x40, 0xe, 0x7d, '\x00', 0x6}, {0x7, 0x8, 0x6, '\x00', 0x5}, {0x25, 0xb, 0xd, '\x00', 0x8}, {0x8, 0x9, 0x9, '\x00', 0x8}, {0x7, 0xff, 0x7f, '\x00', 0x80}, {0x9, 0x2, 0x6, '\x00', 0x9}, {0xda, 0x7, 0x2, '\x00', 0x2}, {0x2, 0xf8, 0xd, '\x00', 0x6}]}})

675.825854ms ago: executing program 6 (id=3040):
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_clone(0x4400, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace$setsig(0x4203, r0, 0x2, &(0x7f0000000000)={0xd, 0x20, 0x4})

226.34135ms ago: executing program 6 (id=3041):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x5a, &(0x7f0000000140)={&(0x7f0000000240)=@ipv4_newroute={0x24, 0x18, 0x1, 0x70bd2c, 0x25dfdbfe, {0x2, 0x20, 0x80, 0x0, 0xfc, 0x4, 0xff, 0x3, 0x3f00}}, 0x24}, 0x1, 0x0, 0x0, 0x4040880}, 0x83992ac82ebb58d6)

168.735389ms ago: executing program 2 (id=3042):
r0 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
write$tcp_congestion(r0, &(0x7f0000000040)='scalable\x00', 0x9)
write$P9_RREADLINK(r1, &(0x7f00000003c0)={0xa, 0x17, 0x1, {0x1, '.'}}, 0xa)

0s ago: executing program 2 (id=3043):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000700)=@newqdisc={0xac, 0x24, 0x4ee4e6a52ff56541, 0x8000000, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0xfff7}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x7c, 0x2, {{0xfffffffe, 0x2, 0x40, 0x7, 0xe9, 0xcc36}, [@TCA_NETEM_LOSS={0x34, 0x5, 0x0, 0x1, [@NETEM_LOSS_GI={0x18, 0x1, {0x40, 0xf, 0xa, 0x4006559, 0x8}}, @NETEM_LOSS_GI={0x18, 0x1, {0xcfbb, 0xfffffff9, 0x0, 0x8, 0x1}}]}, @TCA_NETEM_SLOT={0x2c, 0xc, {0x9, 0x5, 0x0, 0x5, 0x2c, 0xffffffff}}]}}}]}, 0xac}}, 0x0)

kernel console output (not intermixed with test programs):

 usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  989.414920][ T6037] usb 3-1: too many endpoints for config 1 interface 0 altsetting 7: 255, using maximum allowed: 30
[  989.414962][ T6037] usb 3-1: config 1 interface 0 altsetting 7 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[  989.414992][ T6037] usb 3-1: config 1 interface 0 has no altsetting 0
[  989.417693][ T6037] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  989.417773][ T6037] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  989.417796][ T6037] usb 3-1: SerialNumber: syz
[  989.428558][ T6080] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  989.428601][ T6080] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  989.609829][ T6080] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  989.609853][ T6080] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  990.260249][T14278] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  990.260832][T14278] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  990.305811][ T5886] usb 3-1: USB disconnect, device number 47
[  990.471636][ T5809] plantronics 0003:047F:FFFF.0056: reserved main item tag 0xe
[  990.471698][ T5809] plantronics 0003:047F:FFFF.0056: unknown main item tag 0x3
[  990.604425][ T5809] plantronics 0003:047F:FFFF.0056: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0
[  990.821505][ T5809] usb 6-1: USB disconnect, device number 22
[  990.848885][T14293] fido_id[14293]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.5/usb6/6-1/report_descriptor': No such file or directory
[  994.683696][    T9] usb 2-1: new high-speed USB device number 46 using dummy_hcd
[  994.959501][    T9] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  994.959600][    T9] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  994.965713][    T9] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  994.965746][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  994.965768][    T9] usb 2-1: Product: syz
[  994.965784][    T9] usb 2-1: Manufacturer: syz
[  994.965800][    T9] usb 2-1: SerialNumber: syz
[  995.059511][    T9] cdc_ncm 2-1:1.0: skipping garbage
[  995.059542][    T9] usb 2-1: selecting invalid altsetting 1
[  996.363515][T13013] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  996.411293][T13013] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  996.412957][T13013] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  996.534203][T13013] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  996.536833][T13013] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  997.130384][    T9] cdc_ncm 2-1:1.0: failed GET_NTB_PARAMETERS
[  997.130484][    T9] cdc_ncm 2-1:1.0: bind() failure
[  997.165072][    T9] cdc_ncm 2-1:1.1: skipping garbage
[  997.165095][    T9] cdc_ncm 2-1:1.1: CDC Union missing and no IAD found
[  997.165138][    T9] cdc_ncm 2-1:1.1: bind() failure
[  997.251815][    T9] usb 2-1: USB disconnect, device number 46
[  997.385813][T14323] lo speed is unknown, defaulting to 1000
[  998.594443][ T1323] ieee802154 phy0 wpan0: encryption failed: -22
[  998.594519][ T1323] ieee802154 phy1 wpan1: encryption failed: -22
[  999.068005][T13013] Bluetooth: hci1: command tx timeout
[  999.181808][T14349] FAULT_INJECTION: forcing a failure.
[  999.181808][T14349] name failslab, interval 1, probability 0, space 0, times 0
[  999.181875][T14349] CPU: 1 UID: 0 PID: 14349 Comm: syz.5.2626 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  999.181907][T14349] Tainted: [L]=SOFTLOCKUP
[  999.181916][T14349] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  999.181930][T14349] Call Trace:
[  999.181940][T14349]  <TASK>
[  999.181951][T14349]  dump_stack_lvl+0xe8/0x150
[  999.181989][T14349]  should_fail_ex+0x46c/0x600
[  999.182024][T14349]  ? xfrm_state_alloc+0x24/0x2f0
[  999.182060][T14349]  should_failslab+0xa8/0x100
[  999.182084][T14349]  ? xfrm_state_alloc+0x24/0x2f0
[  999.182117][T14349]  kmem_cache_alloc_noprof+0x84/0x6c0
[  999.182159][T14349]  xfrm_state_alloc+0x24/0x2f0
[  999.182195][T14349]  pfkey_add+0x6e4/0x2e00
[  999.182244][T14349]  ? __pfx_pfkey_add+0x10/0x10
[  999.182269][T14349]  ? pfkey_broadcast+0x3c2/0x3e0
[  999.182316][T14349]  pfkey_sendmsg+0xbfe/0x1090
[  999.182362][T14349]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  999.182423][T14349]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  999.182454][T14349]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  999.182483][T14349]  __sock_sendmsg+0x21c/0x270
[  999.182523][T14349]  ____sys_sendmsg+0x534/0x810
[  999.182559][T14349]  ? __pfx_____sys_sendmsg+0x10/0x10
[  999.182599][T14349]  ? import_iovec+0x74/0xa0
[  999.182626][T14349]  ___sys_sendmsg+0x21f/0x2a0
[  999.182660][T14349]  ? __pfx____sys_sendmsg+0x10/0x10
[  999.182714][T14349]  ? lockdep_hardirqs_on+0x7b/0x110
[  999.182756][T14349]  ? __sys_sendmmsg+0x205/0x430
[  999.182804][T14349]  __sys_sendmmsg+0x22d/0x430
[  999.182841][T14349]  ? __pfx___sys_sendmmsg+0x10/0x10
[  999.182919][T14349]  __x64_sys_sendmmsg+0xa0/0xc0
[  999.182951][T14349]  do_syscall_64+0xec/0xf80
[  999.182973][T14349]  ? rcu_is_watching+0x15/0xb0
[  999.182994][T14349]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  999.183017][T14349]  ? clear_bhb_loop+0x60/0xb0
[  999.183046][T14349]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  999.183068][T14349] RIP: 0033:0x7fdfaeebf749
[  999.183089][T14349] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  999.183109][T14349] RSP: 002b:00007fdfad0dc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  999.183133][T14349] RAX: ffffffffffffffda RBX: 00007fdfaf116180 RCX: 00007fdfaeebf749
[  999.183150][T14349] RDX: 000000000400008a RSI: 0000200000000180 RDI: 0000000000000006
[  999.183164][T14349] RBP: 00007fdfad0dc090 R08: 0000000000000000 R09: 0000000000000000
[  999.183179][T14349] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  999.183193][T14349] R13: 00007fdfaf116218 R14: 00007fdfaf116180 R15: 00007ffefaf57d68
[  999.183229][T14349]  </TASK>
[ 1000.467948][T14359] =======================================================
[ 1000.467948][T14359] WARNING: The mand mount option has been deprecated and
[ 1000.467948][T14359]          and is ignored by this kernel. Remove the mand
[ 1000.467948][T14359]          option from the mount to silence this warning.
[ 1000.467948][T14359] =======================================================
[ 1001.029234][T11061] usb 2-1: new high-speed USB device number 47 using dummy_hcd
[ 1001.774950][T13013] Bluetooth: hci1: command tx timeout
[ 1002.040387][T14323] chnl_net:caif_netlink_parms(): no params data found
[ 1003.086288][T11061] usb 2-1: Using ep0 maxpacket: 8
[ 1003.090031][T11061] usb 2-1: config 16 has an invalid interface number: 245 but max is 1
[ 1003.090063][T11061] usb 2-1: config 16 has an invalid interface number: 201 but max is 1
[ 1003.090085][T11061] usb 2-1: config 16 has no interface number 0
[ 1003.090103][T11061] usb 2-1: config 16 has no interface number 1
[ 1003.090155][T11061] usb 2-1: config 16 interface 245 has no altsetting 0
[ 1003.090175][T11061] usb 2-1: config 16 interface 201 has no altsetting 0
[ 1003.096352][T11061] usb 2-1: New USB device found, idVendor=05e3, idProduct=f191, bcdDevice=3d.f9
[ 1003.096385][T11061] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1003.096409][T11061] usb 2-1: Product: syz
[ 1003.096426][T11061] usb 2-1: Manufacturer: syz
[ 1003.096444][T11061] usb 2-1: SerialNumber: syz
[ 1003.476369][ T6037] usb 6-1: new high-speed USB device number 23 using dummy_hcd
[ 1003.481885][T14323] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1003.482215][T14323] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1003.482785][T14323] bridge_slave_0: entered allmulticast mode
[ 1003.524786][T14323] bridge_slave_0: entered promiscuous mode
[ 1003.547435][   T31] usb 7-1: new high-speed USB device number 26 using dummy_hcd
[ 1003.547547][T14323] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1003.548996][T14323] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1003.549251][T14323] bridge_slave_1: entered allmulticast mode
[ 1003.608308][T11061] usb 2-1: USB disconnect, device number 47
[ 1003.623676][T14323] bridge_slave_1: entered promiscuous mode
[ 1003.668839][ T6037] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1003.668911][ T6037] usb 6-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1003.669018][ T6037] usb 6-1: config 1 interface 1 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[ 1003.672818][ T6037] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1003.672852][ T6037] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1003.672876][ T6037] usb 6-1: Product: syz
[ 1003.672892][ T6037] usb 6-1: Manufacturer: syz
[ 1003.672908][ T6037] usb 6-1: SerialNumber: syz
[ 1003.703735][   T31] usb 7-1: Using ep0 maxpacket: 16
[ 1003.706824][   T31] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1003.706886][   T31] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1003.706917][   T31] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[ 1003.706950][   T31] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[ 1003.706974][   T31] usb 7-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1003.711382][   T31] usb 7-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[ 1003.711414][   T31] usb 7-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[ 1003.711435][   T31] usb 7-1: Manufacturer: syz
[ 1003.712218][ T6037] cdc_ncm 6-1:1.0: skipping garbage
[ 1004.022522][T13013] Bluetooth: hci1: command tx timeout
[ 1004.506875][   T31] usb 7-1: config 0 descriptor??
[ 1004.716354][T14396] random: crng reseeded on system resumption
[ 1004.944350][T14323] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1004.973353][T14383] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1004.974179][T14383] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1005.016354][   T31] rc_core: IR keymap rc-hauppauge not found
[ 1005.016377][   T31] Registered IR keymap rc-empty
[ 1005.017450][   T31] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[ 1005.036394][   T31] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[ 1005.079956][   T31] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/rc/rc0
[ 1005.085589][   T31] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/rc/rc0/input15
[ 1005.097559][T14323] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1005.140976][   T31] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[ 1005.156394][   T31] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[ 1005.186482][   T31] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[ 1005.206382][   T31] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[ 1005.226446][   T31] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[ 1005.256450][   T31] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[ 1005.286394][   T31] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[ 1005.312072][   T31] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[ 1005.325357][T14404] input: syz1 as /devices/virtual/input/input16
[ 1005.326382][   T31] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[ 1005.350639][   T31] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[ 1005.392861][   T31] mceusb 7-1:0.0: Registered 424242424242 with mce emulator interface version 1
[ 1005.392889][   T31] mceusb 7-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[ 1005.445700][   T31] usb 7-1: USB disconnect, device number 26
[ 1005.482654][ T6037] cdc_ncm 6-1:1.0: bind() failure
[ 1005.526699][ T6037] cdc_ncm 6-1:1.1: probe with driver cdc_ncm failed with error -71
[ 1005.533774][ T6037] cdc_mbim 6-1:1.1: probe with driver cdc_mbim failed with error -71
[ 1005.566410][T14323] team0: Port device team_slave_0 added
[ 1005.572777][ T6037] usbtest 6-1:1.1: probe with driver usbtest failed with error -71
[ 1005.575373][T14323] team0: Port device team_slave_1 added
[ 1005.615137][ T6037] usb 6-1: USB disconnect, device number 23
[ 1006.033748][T13013] Bluetooth: hci1: command tx timeout
[ 1006.128229][ T6037] hid-generic 0000:0000:0004.0057: unknown main item tag 0x0
[ 1006.128276][ T6037] hid-generic 0000:0000:0004.0057: unknown main item tag 0x0
[ 1006.128308][ T6037] hid-generic 0000:0000:0004.0057: unknown main item tag 0x0
[ 1006.128338][ T6037] hid-generic 0000:0000:0004.0057: unknown main item tag 0x0
[ 1006.128367][ T6037] hid-generic 0000:0000:0004.0057: unknown main item tag 0x0
[ 1006.128398][ T6037] hid-generic 0000:0000:0004.0057: unknown main item tag 0x0
[ 1006.128427][ T6037] hid-generic 0000:0000:0004.0057: unknown main item tag 0x0
[ 1006.128457][ T6037] hid-generic 0000:0000:0004.0057: unknown main item tag 0x0
[ 1006.128487][ T6037] hid-generic 0000:0000:0004.0057: unknown main item tag 0x0
[ 1006.128517][ T6037] hid-generic 0000:0000:0004.0057: unknown main item tag 0x0
[ 1006.380203][ T6037] hid-generic 0000:0000:0004.0057: hidraw0: <UNKNOWN> HID v0.03 Device [syz1] on syz0
[ 1007.339133][T14422] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2645'.
[ 1007.508453][T14419] fido_id[14419]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[ 1007.603835][T14323] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1007.603855][T14323] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1007.604646][T14323] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1007.655650][T14323] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1007.655671][T14323] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1007.655704][T14323] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1008.006472][   T37] audit: type=1326 audit(1766708310.169:741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14408 comm="syz.6.2640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32c006f749 code=0x7ffc0000
[ 1008.006542][   T37] audit: type=1326 audit(1766708310.169:742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14408 comm="syz.6.2640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32c006f749 code=0x7ffc0000
[ 1008.159098][T14323] hsr_slave_0: entered promiscuous mode
[ 1008.160242][T14323] hsr_slave_1: entered promiscuous mode
[ 1008.161028][T14323] debugfs: 'hsr0' already exists in 'hsr'
[ 1008.161048][T14323] Cannot create hsr debugfs directory
[ 1009.116014][   T37] audit: type=1326 audit(1766708311.319:743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14442 comm="syz.5.2648" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fdfaeebf749 code=0x0
[ 1010.377385][ T6003] hid-generic 0000:0000:0004.0058: hidraw0: <UNKNOWN> HID v0.03 Device [syz1] on syz0
[ 1011.518915][T14466] fido_id[14466]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[ 1011.559955][T14475] 9p: Bad value for 'rfdno'
[ 1014.700644][T14323] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1015.458799][T14323] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1018.315672][T14323] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1018.503713][T14520] netlink: 'syz.5.2668': attribute type 2 has an invalid length.
[ 1018.503739][T14520] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2668'.
[ 1018.839557][T14323] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1019.440367][   T37] audit: type=1326 audit(1766708321.619:744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14525 comm="syz.3.2670" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f392da9f749 code=0x7ffc0000
[ 1019.440889][   T37] audit: type=1326 audit(1766708321.619:745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14525 comm="syz.3.2670" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f392da9f749 code=0x7ffc0000
[ 1020.642018][T14543] FAULT_INJECTION: forcing a failure.
[ 1020.642018][T14543] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1020.642061][T14543] CPU: 0 UID: 0 PID: 14543 Comm: syz.5.2675 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1020.642092][T14543] Tainted: [L]=SOFTLOCKUP
[ 1020.642101][T14543] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1020.642115][T14543] Call Trace:
[ 1020.642124][T14543]  <TASK>
[ 1020.642135][T14543]  dump_stack_lvl+0xe8/0x150
[ 1020.642170][T14543]  should_fail_ex+0x46c/0x600
[ 1020.642206][T14543]  _copy_from_iter+0x1cd/0x1630
[ 1020.642254][T14543]  ? __pfx__copy_from_iter+0x10/0x10
[ 1020.642289][T14543]  ? __pfx_smack_socket_sendmsg+0x10/0x10
[ 1020.642332][T14543]  ? __lock_acquire+0x6b6/0x2cf0
[ 1020.642361][T14543]  ? skb_put+0x11b/0x210
[ 1020.642393][T14543]  hci_sock_sendmsg+0x41c/0xf30
[ 1020.642428][T14543]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x300
[ 1020.642460][T14543]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[ 1020.642504][T14543]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1020.642536][T14543]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[ 1020.642570][T14543]  __sock_sendmsg+0x21c/0x270
[ 1020.642609][T14543]  sock_write_iter+0x27f/0x370
[ 1020.642645][T14543]  ? __pfx_sock_write_iter+0x10/0x10
[ 1020.642702][T14543]  vfs_write+0x5d5/0xb40
[ 1020.642741][T14543]  ? __pfx_sock_write_iter+0x10/0x10
[ 1020.642775][T14543]  ? __pfx_vfs_write+0x10/0x10
[ 1020.642820][T14543]  ? __fget_files+0x2a/0x420
[ 1020.642853][T14543]  ksys_write+0x14b/0x260
[ 1020.642889][T14543]  ? __pfx_ksys_write+0x10/0x10
[ 1020.642934][T14543]  do_syscall_64+0xec/0xf80
[ 1020.642957][T14543]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1020.642980][T14543]  ? trace_irq_disable+0x37/0x100
[ 1020.643004][T14543]  ? clear_bhb_loop+0x60/0xb0
[ 1020.643032][T14543]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1020.643056][T14543] RIP: 0033:0x7fdfaeebf749
[ 1020.643076][T14543] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1020.643097][T14543] RSP: 002b:00007fdfad11e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1020.643120][T14543] RAX: ffffffffffffffda RBX: 00007fdfaf115fa0 RCX: 00007fdfaeebf749
[ 1020.643137][T14543] RDX: 000000000000000d RSI: 0000200000000000 RDI: 0000000000000018
[ 1020.643152][T14543] RBP: 00007fdfad11e090 R08: 0000000000000000 R09: 0000000000000000
[ 1020.643166][T14543] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1020.643180][T14543] R13: 00007fdfaf116038 R14: 00007fdfaf115fa0 R15: 00007ffefaf57d68
[ 1020.643215][T14543]  </TASK>
[ 1022.231723][T14323] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1022.281759][   T31] hid_parser_main: 192 callbacks suppressed
[ 1022.281788][   T31] hid-generic 0000:0000:0004.0059: unknown main item tag 0x0
[ 1022.281829][   T31] hid-generic 0000:0000:0004.0059: unknown main item tag 0x0
[ 1022.281859][   T31] hid-generic 0000:0000:0004.0059: unknown main item tag 0x0
[ 1022.281888][   T31] hid-generic 0000:0000:0004.0059: unknown main item tag 0x0
[ 1022.281917][   T31] hid-generic 0000:0000:0004.0059: unknown main item tag 0x0
[ 1022.281947][   T31] hid-generic 0000:0000:0004.0059: unknown main item tag 0x0
[ 1022.281976][   T31] hid-generic 0000:0000:0004.0059: unknown main item tag 0x0
[ 1022.282004][   T31] hid-generic 0000:0000:0004.0059: unknown main item tag 0x0
[ 1022.282040][   T31] hid-generic 0000:0000:0004.0059: unknown main item tag 0x0
[ 1022.282069][   T31] hid-generic 0000:0000:0004.0059: unknown main item tag 0x0
[ 1022.320714][T14552] binder: BINDER_SET_CONTEXT_MGR already set
[ 1022.320732][T14552] binder: 14550:14552 ioctl 4018620d 200000000040 returned -16
[ 1022.448341][   T31] hid-generic 0000:0000:0004.0059: hidraw0: <UNKNOWN> HID v0.03 Device [syz1] on syz0
[ 1022.503538][T14323] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1022.676002][T14323] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1022.806368][T14558] fido_id[14558]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[ 1022.875657][T14323] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1023.081158][T14562] FAULT_INJECTION: forcing a failure.
[ 1023.081158][T14562] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1023.081210][T14562] CPU: 1 UID: 0 PID: 14562 Comm: syz.5.2680 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1023.081239][T14562] Tainted: [L]=SOFTLOCKUP
[ 1023.081247][T14562] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1023.081260][T14562] Call Trace:
[ 1023.081268][T14562]  <TASK>
[ 1023.081278][T14562]  dump_stack_lvl+0xe8/0x150
[ 1023.081314][T14562]  should_fail_ex+0x46c/0x600
[ 1023.081349][T14562]  _copy_to_iter+0x1de/0x1790
[ 1023.081393][T14562]  ? lockdep_hardirqs_on+0x7b/0x110
[ 1023.081417][T14562]  ? __pfx__copy_to_iter+0x10/0x10
[ 1023.081457][T14562]  ? __local_bh_enable+0x1e2/0x2f0
[ 1023.081487][T14562]  ? page_copy_sane+0x16a/0x280
[ 1023.081522][T14562]  copy_page_to_iter+0x10c/0x1c0
[ 1023.081560][T14562]  sk_msg_recvmsg+0x2c3/0xc90
[ 1023.081588][T14562]  ? sk_msg_recvmsg+0x46/0xc90
[ 1023.081636][T14562]  unix_bpf_recvmsg+0x5a1/0xda0
[ 1023.081691][T14562]  ? __pfx_unix_bpf_recvmsg+0x10/0x10
[ 1023.081728][T14562]  ? __pfx_woken_wake_function+0x10/0x10
[ 1023.081760][T14562]  ? is_bpf_text_address+0x26/0x2b0
[ 1023.081801][T14562]  unix_stream_recvmsg+0x144/0x1b0
[ 1023.081833][T14562]  ? __pfx_unix_stream_recvmsg+0x10/0x10
[ 1023.081859][T14562]  ? __pfx_unix_stream_read_actor+0x10/0x10
[ 1023.081891][T14562]  ? __lock_acquire+0x6b6/0x2cf0
[ 1023.081925][T14562]  ? bpf_lsm_socket_recvmsg+0x9/0x20
[ 1023.081954][T14562]  ? security_socket_recvmsg+0x7e/0x2e0
[ 1023.081983][T14562]  ? __pfx_unix_stream_recvmsg+0x10/0x10
[ 1023.082010][T14562]  sock_recvmsg+0x22c/0x270
[ 1023.082050][T14562]  ____sys_recvmsg+0x1ce/0x470
[ 1023.082089][T14562]  ? __pfx_____sys_recvmsg+0x10/0x10
[ 1023.082136][T14562]  ? import_iovec+0x74/0xa0
[ 1023.082162][T14562]  ___sys_recvmsg+0x1b5/0x510
[ 1023.082198][T14562]  ? get_pid_task+0x20/0x1f0
[ 1023.082235][T14562]  ? __pfx____sys_recvmsg+0x10/0x10
[ 1023.082270][T14562]  ? __fget_files+0x2a/0x420
[ 1023.082314][T14562]  ? __fget_files+0x3a6/0x420
[ 1023.082350][T14562]  __x64_sys_recvmsg+0x19e/0x260
[ 1023.082383][T14562]  ? __pfx___x64_sys_recvmsg+0x10/0x10
[ 1023.082426][T14562]  ? __pfx_ksys_write+0x10/0x10
[ 1023.082469][T14562]  do_syscall_64+0xec/0xf80
[ 1023.082492][T14562]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1023.082514][T14562]  ? trace_irq_disable+0x37/0x100
[ 1023.082538][T14562]  ? clear_bhb_loop+0x60/0xb0
[ 1023.082566][T14562]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1023.082588][T14562] RIP: 0033:0x7fdfaeebf749
[ 1023.082609][T14562] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1023.082628][T14562] RSP: 002b:00007fdfad11e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[ 1023.082653][T14562] RAX: ffffffffffffffda RBX: 00007fdfaf115fa0 RCX: 00007fdfaeebf749
[ 1023.082669][T14562] RDX: 0000000000000012 RSI: 00002000000004c0 RDI: 0000000000000003
[ 1023.082684][T14562] RBP: 00007fdfad11e090 R08: 0000000000000000 R09: 0000000000000000
[ 1023.082697][T14562] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1023.082710][T14562] R13: 00007fdfaf116038 R14: 00007fdfaf115fa0 R15: 00007ffefaf57d68
[ 1023.082747][T14562]  </TASK>
[ 1023.309113][ T5979] usb 2-1: new high-speed USB device number 48 using dummy_hcd
[ 1023.723322][T14323] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1023.781947][ T5979] usb 2-1: Using ep0 maxpacket: 32
[ 1023.795054][ T5979] usb 2-1: config 0 has an invalid interface number: 51 but max is 0
[ 1023.795086][ T5979] usb 2-1: config 0 has no interface number 0
[ 1023.812529][ T5979] usb 2-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[ 1023.812565][ T5979] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1023.812587][ T5979] usb 2-1: Product: syz
[ 1023.812603][ T5979] usb 2-1: Manufacturer: syz
[ 1023.812620][ T5979] usb 2-1: SerialNumber: syz
[ 1024.382264][ T5979] usb 2-1: config 0 descriptor??
[ 1024.452391][ T5979] quatech2 2-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[ 1024.510599][T14323] 8021q: adding VLAN 0 to HW filter on device team0
[ 1024.637434][ T5963] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1024.640072][ T5963] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1024.846250][ T5963] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1024.859064][ T5963] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1025.376688][   T37] audit: type=1326 audit(1766708327.589:746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14583 comm="syz.6.2682" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32c006f749 code=0x7ffc0000
[ 1025.376740][   T37] audit: type=1326 audit(1766708327.589:747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14583 comm="syz.6.2682" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32c006f749 code=0x7ffc0000
[ 1026.317307][ T5979] usb 2-1: qt2_attach - failed to power on unit: -71
[ 1026.317590][ T5979] quatech2 2-1:0.51: probe with driver quatech2 failed with error -71
[ 1026.356055][ T5979] usb 2-1: USB disconnect, device number 48
[ 1026.913854][T14609] ieee802154 phy0 wpan0: encryption failed: -22
[ 1027.058605][ T6038] hid-generic 0000:0000:0004.005A: hidraw0: <UNKNOWN> HID v0.03 Device [syz1] on syz0
[ 1027.062344][T14323] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1027.217073][T14323] veth0_vlan: entered promiscuous mode
[ 1027.274256][T14323] veth1_vlan: entered promiscuous mode
[ 1027.402924][T14323] veth0_macvtap: entered promiscuous mode
[ 1027.425437][T14323] veth1_macvtap: entered promiscuous mode
[ 1027.502997][T14323] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1027.541785][T14323] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1028.451003][   T82] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1028.468852][   T82] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1028.512862][   T82] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1028.526908][   T82] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1029.236693][   T31] usb 4-1: new high-speed USB device number 27 using dummy_hcd
[ 1029.278523][   T37] audit: type=1326 audit(1766708331.489:748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14627 comm="syz.1.2694" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32ca77f749 code=0x7ffc0000
[ 1029.278578][   T37] audit: type=1326 audit(1766708331.489:749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14627 comm="syz.1.2694" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32ca77f749 code=0x7ffc0000
[ 1029.432755][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1029.432781][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1029.441619][   T31] usb 4-1: Using ep0 maxpacket: 16
[ 1029.446069][   T31] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1029.446105][   T31] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1029.446128][   T31] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[ 1029.446307][   T31] usb 4-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[ 1029.446332][   T31] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1029.570597][   T31] usb 4-1: config 0 descriptor??
[ 1030.121886][   T31] hid_parser_main: 192 callbacks suppressed
[ 1030.121926][   T31] appleir 0003:05AC:8241.005B: unknown main item tag 0x3
[ 1030.121958][   T31] appleir 0003:05AC:8241.005B: item fetching failed at offset 2/5
[ 1030.122474][   T31] appleir 0003:05AC:8241.005B: parse failed
[ 1030.122554][   T31] appleir 0003:05AC:8241.005B: probe with driver appleir failed with error -22
[ 1030.139381][   T51] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1030.139419][   T51] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1032.240269][ T5806] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 1032.271015][ T5806] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 1032.284439][ T5806] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 1032.319448][ T5806] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 1032.319880][   T44] hid-generic 0000:0000:0004.005C: unknown main item tag 0x0
[ 1032.319916][   T44] hid-generic 0000:0000:0004.005C: unknown main item tag 0x0
[ 1032.319943][   T44] hid-generic 0000:0000:0004.005C: unknown main item tag 0x0
[ 1032.319967][   T44] hid-generic 0000:0000:0004.005C: unknown main item tag 0x0
[ 1032.319992][   T44] hid-generic 0000:0000:0004.005C: unknown main item tag 0x0
[ 1032.320017][   T44] hid-generic 0000:0000:0004.005C: unknown main item tag 0x0
[ 1032.320042][   T44] hid-generic 0000:0000:0004.005C: unknown main item tag 0x0
[ 1032.320067][   T44] hid-generic 0000:0000:0004.005C: unknown main item tag 0x0
[ 1032.320185][   T44] hid-generic 0000:0000:0004.005C: unknown main item tag 0x0
[ 1032.325338][   T44] hid-generic 0000:0000:0004.005C: hidraw0: <UNKNOWN> HID v0.03 Device [syz1] on syz0
[ 1032.440766][ T5806] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 1032.793483][T14655] lo speed is unknown, defaulting to 1000
[ 1032.896675][ T5979] usb 6-1: new high-speed USB device number 24 using dummy_hcd
[ 1032.944050][T14661] fido_id[14661]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[ 1032.987910][   T31] usb 4-1: USB disconnect, device number 27
[ 1033.067630][ T5979] usb 6-1: Using ep0 maxpacket: 32
[ 1033.072865][ T5979] usb 6-1: config 0 has an invalid interface number: 35 but max is 0
[ 1033.072895][ T5979] usb 6-1: config 0 has no interface number 0
[ 1033.157521][ T5979] usb 6-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.8f
[ 1033.157554][ T5979] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1033.157577][ T5979] usb 6-1: Product: syz
[ 1033.157592][ T5979] usb 6-1: Manufacturer: syz
[ 1033.157607][ T5979] usb 6-1: SerialNumber: syz
[ 1033.223640][ T5979] usb 6-1: config 0 descriptor??
[ 1033.633426][   T37] audit: type=1326 audit(1766708335.839:750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14666 comm="syz.3.2705" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f392da9f749 code=0x7ffc0000
[ 1033.633484][   T37] audit: type=1326 audit(1766708335.839:751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14666 comm="syz.3.2705" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f392da9f749 code=0x7ffc0000
[ 1033.821237][ T5979] radio-si470x 6-1:0.35: si470x_get_report: usb_control_msg returned -71
[ 1033.821624][ T5979] radio-si470x 6-1:0.35: probe with driver radio-si470x failed with error -5
[ 1033.855287][ T5979] radio-raremono 6-1:0.35: this is not Thanko's Raremono.
[ 1033.887303][ T5979] usb 6-1: USB disconnect, device number 24
[ 1034.586715][T13013] Bluetooth: hci6: command tx timeout
[ 1037.136277][T13013] Bluetooth: hci6: command tx timeout
[ 1037.313141][T14703] netlink: 220 bytes leftover after parsing attributes in process `syz.3.2714'.
[ 1037.359158][ T1268] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1037.416662][T13013] Bluetooth: hci5: ACL packet for unknown connection handle 0
[ 1037.590542][ T6425] usb 7-1: new high-speed USB device number 27 using dummy_hcd
[ 1039.251106][   T37] audit: type=1326 audit(1766708341.459:752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14704 comm="syz.2.2716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aae1af749 code=0x7ffc0000
[ 1039.251172][   T37] audit: type=1326 audit(1766708341.459:753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14704 comm="syz.2.2716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aae1af749 code=0x7ffc0000
[ 1040.549207][T13013] Bluetooth: hci6: command tx timeout
[ 1040.696270][ T6425] usb 7-1: Using ep0 maxpacket: 16
[ 1040.729652][ T6425] usb 7-1: device descriptor read/all, error -71
[ 1042.383873][ T1268] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1042.616383][T13013] Bluetooth: hci6: command tx timeout
[ 1044.732556][   T37] audit: type=1326 audit(1766708346.879:754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14765 comm="syz.2.2729" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aae1af749 code=0x7ffc0000
[ 1044.732955][   T37] audit: type=1326 audit(1766708346.889:755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14765 comm="syz.2.2729" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aae1af749 code=0x7ffc0000
[ 1046.939540][ T1268] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1046.956314][ T6425] usb 7-1: new high-speed USB device number 29 using dummy_hcd
[ 1047.061619][T14655] chnl_net:caif_netlink_parms(): no params data found
[ 1047.138388][ T6425] usb 7-1: config 220 has an invalid interface number: 76 but max is 2
[ 1047.138418][ T6425] usb 7-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[ 1047.138447][ T6425] usb 7-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[ 1047.138470][ T6425] usb 7-1: config 220 has no interface number 2
[ 1047.138554][ T6425] usb 7-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[ 1047.138584][ T6425] usb 7-1: config 220 interface 0 has no altsetting 0
[ 1047.138604][ T6425] usb 7-1: config 220 interface 76 has no altsetting 0
[ 1047.138624][ T6425] usb 7-1: config 220 interface 1 has no altsetting 0
[ 1047.141101][ T6425] usb 7-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[ 1047.141134][ T6425] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1047.141155][ T6425] usb 7-1: Product: syz
[ 1047.141171][ T6425] usb 7-1: Manufacturer: syz
[ 1047.141187][ T6425] usb 7-1: SerialNumber: syz
[ 1047.504394][ T6425] uvcvideo 7-1:220.0: Found UVC 7.01 device syz (8086:0b07)
[ 1047.504433][ T6425] uvcvideo 7-1:220.0: No valid video chain found.
[ 1047.504505][ T6425] usb 7-1: selecting invalid altsetting 0
[ 1047.566100][ T6425] usb 7-1: selecting invalid altsetting 0
[ 1047.572274][ T6425] usbtest 7-1:220.1: probe with driver usbtest failed with error -22
[ 1047.602341][ T6425] usb 7-1: USB disconnect, device number 29
[ 1048.132439][   T44] usb 3-1: new high-speed USB device number 48 using dummy_hcd
[ 1049.317067][   T44] usb 3-1: Using ep0 maxpacket: 32
[ 1049.320076][   T44] usb 3-1: config 0 has an invalid interface number: 51 but max is 0
[ 1049.320107][   T44] usb 3-1: config 0 has no interface number 0
[ 1049.356323][   T44] usb 3-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[ 1049.356358][   T44] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1049.356380][   T44] usb 3-1: Product: syz
[ 1049.356396][   T44] usb 3-1: Manufacturer: syz
[ 1049.356411][   T44] usb 3-1: SerialNumber: syz
[ 1049.402178][   T44] usb 3-1: config 0 descriptor??
[ 1049.422685][   T44] quatech2 3-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[ 1049.540169][T14807] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2739'.
[ 1049.691723][   T44] usb 3-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[ 1049.738795][   T44] usb 3-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[ 1049.799952][ T1268] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1050.049536][    C1] usb 3-1: qt2_read_bulk_callback - non-zero urb status: -71
[ 1050.050298][ T5945] usb 3-1: USB disconnect, device number 48
[ 1050.137926][ T5945] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[ 1050.269509][ T5945] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[ 1050.270538][ T5945] quatech2 3-1:0.51: device disconnected
[ 1050.620544][T14655] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1050.635856][T14655] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1050.636349][T14655] bridge_slave_0: entered allmulticast mode
[ 1050.683395][T14655] bridge_slave_0: entered promiscuous mode
[ 1050.783369][T14655] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1050.783933][T14655] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1050.784221][T14655] bridge_slave_1: entered allmulticast mode
[ 1050.822322][T14655] bridge_slave_1: entered promiscuous mode
[ 1051.245912][   T37] audit: type=1326 audit(1766708353.439:756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14813 comm="syz.2.2741" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aae1af749 code=0x7ffc0000
[ 1051.271088][   T37] audit: type=1326 audit(1766708353.439:757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14813 comm="syz.2.2741" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aae1af749 code=0x7ffc0000
[ 1053.948711][T14822] Driver unsupported XDP return value 0 on prog  (id 301) dev N/A, expect packet loss!
[ 1054.845151][T14655] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1055.018277][T14655] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1055.678827][T14834] FAULT_INJECTION: forcing a failure.
[ 1055.678827][T14834] name failslab, interval 1, probability 0, space 0, times 0
[ 1055.678867][T14834] CPU: 1 UID: 0 PID: 14834 Comm: syz.2.2748 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1055.678899][T14834] Tainted: [L]=SOFTLOCKUP
[ 1055.678907][T14834] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1055.678922][T14834] Call Trace:
[ 1055.678932][T14834]  <TASK>
[ 1055.678941][T14834]  dump_stack_lvl+0xe8/0x150
[ 1055.678979][T14834]  should_fail_ex+0x46c/0x600
[ 1055.679025][T14834]  should_failslab+0xa8/0x100
[ 1055.679050][T14834]  __kmalloc_cache_noprof+0x84/0x6d0
[ 1055.679085][T14834]  ? j1939_session_new+0x98/0x4a0
[ 1055.679127][T14834]  j1939_session_new+0x98/0x4a0
[ 1055.679166][T14834]  j1939_tp_send+0x33b/0x8c0
[ 1055.679198][T14834]  ? j1939_sk_sendmsg+0x90b/0x1330
[ 1055.679236][T14834]  j1939_sk_sendmsg+0xb8b/0x1330
[ 1055.679276][T14834]  ? j1939_sk_sendmsg+0x531/0x1330
[ 1055.679318][T14834]  ? __pfx_j1939_sk_sendmsg+0x10/0x10
[ 1055.679347][T14834]  ? is_bpf_text_address+0x26/0x2b0
[ 1055.679383][T14834]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1055.679414][T14834]  ? __pfx_j1939_sk_sendmsg+0x10/0x10
[ 1055.679447][T14834]  __sock_sendmsg+0x21c/0x270
[ 1055.679488][T14834]  ____sys_sendmsg+0x534/0x810
[ 1055.679524][T14834]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1055.679564][T14834]  ? import_iovec+0x74/0xa0
[ 1055.679591][T14834]  ___sys_sendmsg+0x21f/0x2a0
[ 1055.679624][T14834]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1055.679660][T14834]  ? kstrtouint+0x6e/0xe0
[ 1055.679718][T14834]  ? __fget_files+0x2a/0x420
[ 1055.679742][T14834]  ? __fget_files+0x3a6/0x420
[ 1055.679785][T14834]  __sys_sendmmsg+0x22d/0x430
[ 1055.679820][T14834]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1055.679860][T14834]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[ 1055.679908][T14834]  ? ksys_write+0x230/0x260
[ 1055.679943][T14834]  ? __pfx_ksys_write+0x10/0x10
[ 1055.679982][T14834]  __x64_sys_sendmmsg+0xa0/0xc0
[ 1055.680015][T14834]  do_syscall_64+0xec/0xf80
[ 1055.680037][T14834]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1055.680060][T14834]  ? trace_irq_disable+0x37/0x100
[ 1055.680083][T14834]  ? clear_bhb_loop+0x60/0xb0
[ 1055.680110][T14834]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1055.680133][T14834] RIP: 0033:0x7f3aae1af749
[ 1055.680154][T14834] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1055.680174][T14834] RSP: 002b:00007f3aac40e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1055.680197][T14834] RAX: ffffffffffffffda RBX: 00007f3aae405fa0 RCX: 00007f3aae1af749
[ 1055.680213][T14834] RDX: 0000000000000001 RSI: 00002000000017c0 RDI: 0000000000000003
[ 1055.680228][T14834] RBP: 00007f3aac40e090 R08: 0000000000000000 R09: 0000000000000000
[ 1055.680243][T14834] R10: 00000000000000f5 R11: 0000000000000246 R12: 0000000000000001
[ 1055.680257][T14834] R13: 00007f3aae406038 R14: 00007f3aae405fa0 R15: 00007ffd437145d8
[ 1055.680293][T14834]  </TASK>
[ 1058.126118][T14848] FAULT_INJECTION: forcing a failure.
[ 1058.126118][T14848] name failslab, interval 1, probability 0, space 0, times 0
[ 1058.126351][T14848] CPU: 1 UID: 0 PID: 14848 Comm: syz.2.2751 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1058.126385][T14848] Tainted: [L]=SOFTLOCKUP
[ 1058.126394][T14848] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1058.126408][T14848] Call Trace:
[ 1058.126418][T14848]  <TASK>
[ 1058.126429][T14848]  dump_stack_lvl+0xe8/0x150
[ 1058.126467][T14848]  should_fail_ex+0x46c/0x600
[ 1058.126503][T14848]  ? __alloc_skb+0x1dc/0x3a0
[ 1058.126533][T14848]  should_failslab+0xa8/0x100
[ 1058.126557][T14848]  ? __alloc_skb+0x1dc/0x3a0
[ 1058.126581][T14848]  kmem_cache_alloc_node_noprof+0x8b/0x6f0
[ 1058.126615][T14848]  ? lockdep_hardirqs_on+0x7b/0x110
[ 1058.126641][T14848]  ? __alloc_skb+0x198/0x3a0
[ 1058.126667][T14848]  __alloc_skb+0x1dc/0x3a0
[ 1058.126698][T14848]  sctp_packet_transmit+0x293/0x2ac0
[ 1058.126752][T14848]  ? sctp_outq_flush+0xbef/0x3190
[ 1058.126784][T14848]  ? sctp_outq_flush+0xbef/0x3190
[ 1058.126808][T14848]  ? sctp_outq_flush+0xbef/0x3190
[ 1058.126834][T14848]  sctp_outq_flush+0xecb/0x3190
[ 1058.126858][T14848]  ? sctp_outq_flush+0xbef/0x3190
[ 1058.126883][T14848]  ? sctp_make_heartbeat+0x389/0x470
[ 1058.126922][T14848]  ? __pfx_sctp_make_heartbeat+0x10/0x10
[ 1058.126958][T14848]  ? __pfx_sctp_outq_flush+0x10/0x10
[ 1058.126990][T14848]  ? sctp_outq_tail+0x612/0x920
[ 1058.127013][T14848]  ? sctp_do_8_2_transport_strike+0x43c/0x8d0
[ 1058.127043][T14848]  ? sctp_outq_uncork+0x4d/0xa0
[ 1058.127071][T14848]  sctp_do_sm+0x5472/0x5c40
[ 1058.127107][T14848]  ? do_raw_spin_unlock+0x122/0x240
[ 1058.127148][T14848]  ? __pfx_sctp_do_sm+0x10/0x10
[ 1058.127230][T14848]  sctp_primitive_REQUESTHEARTBEAT+0x98/0xc0
[ 1058.127280][T14848]  sctp_apply_peer_addr_params+0xdf/0x1880
[ 1058.127323][T14848]  sctp_setsockopt_peer_addr_params+0x46f/0x6b0
[ 1058.127357][T14848]  sctp_setsockopt+0x752/0x12c0
[ 1058.127390][T14848]  ? sock_common_setsockopt+0x36/0xc0
[ 1058.127413][T14848]  ? __pfx_sock_common_setsockopt+0x10/0x10
[ 1058.127438][T14848]  do_sock_setsockopt+0x17c/0x1b0
[ 1058.127472][T14848]  __x64_sys_setsockopt+0x145/0x1b0
[ 1058.127506][T14848]  do_syscall_64+0xec/0xf80
[ 1058.127529][T14848]  ? rcu_is_watching+0x15/0xb0
[ 1058.127550][T14848]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1058.127574][T14848]  ? clear_bhb_loop+0x60/0xb0
[ 1058.127603][T14848]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1058.127626][T14848] RIP: 0033:0x7f3aae1af749
[ 1058.127646][T14848] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1058.127667][T14848] RSP: 002b:00007f3aac3ed038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[ 1058.127691][T14848] RAX: ffffffffffffffda RBX: 00007f3aae406090 RCX: 00007f3aae1af749
[ 1058.127708][T14848] RDX: 0000000000000009 RSI: 0000000000000084 RDI: 0000000000000003
[ 1058.127721][T14848] RBP: 00007f3aac3ed090 R08: 000000000000009c R09: 0000000000000000
[ 1058.127735][T14848] R10: 0000200000000300 R11: 0000000000000246 R12: 0000000000000001
[ 1058.127749][T14848] R13: 00007f3aae406128 R14: 00007f3aae406090 R15: 00007ffd437145d8
[ 1058.127791][T14848]  </TASK>
[ 1061.275323][ T1323] ieee802154 phy0 wpan0: encryption failed: -22
[ 1061.275402][ T1323] ieee802154 phy1 wpan1: encryption failed: -22
[ 1062.493509][ T1268] bond0 (unregistering): (slave bridge0): Releasing backup interface
[ 1063.092864][T14872] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2759'.
[ 1063.092902][T14872] netlink: 48 bytes leftover after parsing attributes in process `syz.3.2759'.
[ 1063.326457][   T10] usb 7-1: new high-speed USB device number 30 using dummy_hcd
[ 1063.666422][   T10] usb 7-1: Using ep0 maxpacket: 32
[ 1063.676548][   T10] usb 7-1: config 0 has an invalid interface number: 51 but max is 0
[ 1063.676578][   T10] usb 7-1: config 0 has no interface number 0
[ 1063.700508][   T10] usb 7-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[ 1063.700541][   T10] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1063.700564][   T10] usb 7-1: Product: syz
[ 1063.700580][   T10] usb 7-1: Manufacturer: syz
[ 1063.700596][   T10] usb 7-1: SerialNumber: syz
[ 1064.672685][   T10] usb 7-1: config 0 descriptor??
[ 1064.774341][   T10] quatech2 7-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[ 1065.343236][ T1268] bond0 (unregistering): Released all slaves
[ 1065.681543][T14885] syzkaller1: entered promiscuous mode
[ 1065.681574][T14885] syzkaller1: entered allmulticast mode
[ 1065.750923][T14655] team0: Port device team_slave_0 added
[ 1066.110387][   T37] audit: type=1326 audit(1766708368.319:758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14893 comm="syz.2.2763" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aae1af749 code=0x7ffc0000
[ 1066.110456][   T37] audit: type=1326 audit(1766708368.319:759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14893 comm="syz.2.2763" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aae1af749 code=0x7ffc0000
[ 1066.364277][   T10] usb 7-1: qt2_attach - failed to power on unit: -71
[ 1066.364590][   T10] quatech2 7-1:0.51: probe with driver quatech2 failed with error -71
[ 1066.442588][   T10] usb 7-1: USB disconnect, device number 30
[ 1066.659005][T14655] team0: Port device team_slave_1 added
[ 1066.782306][T14898] hub 1-0:1.0: USB hub found
[ 1066.798596][T14898] hub 1-0:1.0: 1 port detected
[ 1066.878853][ T6038] usb 6-1: new high-speed USB device number 25 using dummy_hcd
[ 1067.057037][ T6038] usb 6-1: Using ep0 maxpacket: 16
[ 1067.107453][ T6038] usb 6-1: New USB device found, idVendor=06b9, idProduct=4061, bcdDevice= 1.88
[ 1067.107489][ T6038] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1067.107512][ T6038] usb 6-1: Product: syz
[ 1067.107528][ T6038] usb 6-1: Manufacturer: syz
[ 1067.107546][ T6038] usb 6-1: SerialNumber: syz
[ 1067.168868][ T6038] usb 6-1: config 0 descriptor??
[ 1069.572423][T14924] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[ 1069.572696][T14924] CIFS mount error: No usable UNC path provided in device string!
[ 1069.572696][T14924] 
[ 1069.573086][T14924] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[ 1070.058468][T14927] FAULT_INJECTION: forcing a failure.
[ 1070.058468][T14927] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1070.058511][T14927] CPU: 0 UID: 0 PID: 14927 Comm: syz.6.2772 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1070.058541][T14927] Tainted: [L]=SOFTLOCKUP
[ 1070.058550][T14927] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1070.058564][T14927] Call Trace:
[ 1070.058573][T14927]  <TASK>
[ 1070.058584][T14927]  dump_stack_lvl+0xe8/0x150
[ 1070.058623][T14927]  should_fail_ex+0x46c/0x600
[ 1070.058661][T14927]  _copy_from_user+0x2d/0xb0
[ 1070.058684][T14927]  do_sys_poll+0x23d/0xed0
[ 1070.058714][T14927]  ? __lock_acquire+0x6b6/0x2cf0
[ 1070.058752][T14927]  ? __pfx_do_sys_poll+0x10/0x10
[ 1070.058775][T14927]  ? is_bpf_text_address+0x292/0x2b0
[ 1070.058805][T14927]  ? is_bpf_text_address+0x26/0x2b0
[ 1070.058835][T14927]  ? do_sys_openat2+0x15a/0x200
[ 1070.058861][T14927]  ? kernel_text_address+0xa5/0xe0
[ 1070.058971][T14927]  ? ktime_get_ts64+0xa9/0x3d0
[ 1070.059029][T14927]  ? __pfx_timespec64_add_safe+0x10/0x10
[ 1070.059075][T14927]  __se_sys_poll+0x128/0x320
[ 1070.059115][T14927]  ? __pfx___se_sys_poll+0x10/0x10
[ 1070.059182][T14927]  do_syscall_64+0xec/0xf80
[ 1070.059206][T14927]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1070.059229][T14927]  ? trace_irq_disable+0x37/0x100
[ 1070.059255][T14927]  ? clear_bhb_loop+0x60/0xb0
[ 1070.059284][T14927]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1070.059306][T14927] RIP: 0033:0x7f32c006f749
[ 1070.059326][T14927] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1070.059346][T14927] RSP: 002b:00007f32be2ad038 EFLAGS: 00000246 ORIG_RAX: 0000000000000007
[ 1070.059370][T14927] RAX: ffffffffffffffda RBX: 00007f32c02c6090 RCX: 00007f32c006f749
[ 1070.059387][T14927] RDX: 0000000000000002 RSI: 000000000000001f RDI: 0000200000000080
[ 1070.059402][T14927] RBP: 00007f32be2ad090 R08: 0000000000000000 R09: 0000000000000000
[ 1070.059417][T14927] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1070.059431][T14927] R13: 00007f32c02c6128 R14: 00007f32c02c6090 R15: 00007fff8c2151c8
[ 1070.059466][T14927]  </TASK>
[ 1070.471680][T14929] FAULT_INJECTION: forcing a failure.
[ 1070.471680][T14929] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1070.471712][T14929] CPU: 0 UID: 0 PID: 14929 Comm: syz.2.2773 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1070.471758][T14929] Tainted: [L]=SOFTLOCKUP
[ 1070.471767][T14929] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1070.471781][T14929] Call Trace:
[ 1070.471790][T14929]  <TASK>
[ 1070.471800][T14929]  dump_stack_lvl+0xe8/0x150
[ 1070.471836][T14929]  should_fail_ex+0x46c/0x600
[ 1070.471881][T14929]  _copy_from_user+0x2d/0xb0
[ 1070.471916][T14929]  iommufd_fops_ioctl+0x408/0x580
[ 1070.471953][T14929]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[ 1070.472001][T14929]  ? bpf_lsm_file_ioctl+0x9/0x20
[ 1070.472039][T14929]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[ 1070.472066][T14929]  __se_sys_ioctl+0xff/0x170
[ 1070.472113][T14929]  do_syscall_64+0xec/0xf80
[ 1070.472138][T14929]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1070.472161][T14929]  ? trace_irq_disable+0x37/0x100
[ 1070.472184][T14929]  ? clear_bhb_loop+0x60/0xb0
[ 1070.472216][T14929]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1070.472238][T14929] RIP: 0033:0x7f3aae1af749
[ 1070.472253][T14929] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1070.472287][T14929] RSP: 002b:00007f3aac40e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1070.472312][T14929] RAX: ffffffffffffffda RBX: 00007f3aae405fa0 RCX: 00007f3aae1af749
[ 1070.472329][T14929] RDX: 0000200000000080 RSI: 0000000000003b87 RDI: 0000000000000003
[ 1070.472343][T14929] RBP: 00007f3aac40e090 R08: 0000000000000000 R09: 0000000000000000
[ 1070.472356][T14929] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1070.472369][T14929] R13: 00007f3aae406038 R14: 00007f3aae405fa0 R15: 00007ffd437145d8
[ 1070.472404][T14929]  </TASK>
[ 1071.962516][   T37] audit: type=1326 audit(1766708373.869:760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14932 comm="syz.3.2775" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f392da9f749 code=0x7ffc0000
[ 1071.962583][   T37] audit: type=1326 audit(1766708373.879:761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14932 comm="syz.3.2775" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f392da9f749 code=0x7ffc0000
[ 1072.293984][ T6038] speedtch 6-1:0.0: speedtch_bind: data interface not found!
[ 1072.294029][ T6038] speedtch 6-1:0.0: usbatm_usb_probe: bind failed: -19!
[ 1072.806536][T14946] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1072.807091][T14946] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1072.899545][ T6038] usb 3-1: new high-speed USB device number 49 using dummy_hcd
[ 1073.058975][ T6038] usb 3-1: config 220 has an invalid interface number: 76 but max is 2
[ 1073.059003][ T6038] usb 3-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[ 1073.059018][ T6038] usb 3-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[ 1073.059032][ T6038] usb 3-1: config 220 has no interface number 2
[ 1073.059086][ T6038] usb 3-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[ 1073.059107][ T6038] usb 3-1: config 220 interface 0 has no altsetting 0
[ 1073.059121][ T6038] usb 3-1: config 220 interface 76 has no altsetting 0
[ 1073.059135][ T6038] usb 3-1: config 220 interface 1 has no altsetting 0
[ 1073.061449][ T6038] usb 3-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[ 1073.061471][ T6038] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1073.061487][ T6038] usb 3-1: Product: syz
[ 1073.061498][ T6038] usb 3-1: Manufacturer: syz
[ 1073.061509][ T6038] usb 3-1: SerialNumber: syz
[ 1073.571989][T14655] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1073.572010][T14655] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1073.572035][T14655] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1073.836871][T14655] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1073.836892][T14655] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1073.836924][T14655] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1074.935229][ T6038] usb 3-1: selecting invalid altsetting 0
[ 1074.938932][ T6038] uvcvideo 3-1:220.0: Found UVC 7.01 device syz (8086:0b07)
[ 1074.938967][ T6038] uvcvideo 3-1:220.0: No valid video chain found.
[ 1076.920303][ T6038] usb 3-1: selecting invalid altsetting 0
[ 1076.920334][ T6038] usbtest 3-1:220.1: probe with driver usbtest failed with error -22
[ 1076.987248][ T6038] usb 3-1: USB disconnect, device number 49
[ 1077.059147][T14962] FAULT_INJECTION: forcing a failure.
[ 1077.059147][T14962] name failslab, interval 1, probability 0, space 0, times 0
[ 1077.059191][T14962] CPU: 0 UID: 0 PID: 14962 Comm: syz.2.2784 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1077.059245][T14962] Tainted: [L]=SOFTLOCKUP
[ 1077.059258][T14962] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1077.059272][T14962] Call Trace:
[ 1077.059281][T14962]  <TASK>
[ 1077.059291][T14962]  dump_stack_lvl+0xe8/0x150
[ 1077.059326][T14962]  should_fail_ex+0x46c/0x600
[ 1077.059363][T14962]  should_failslab+0xa8/0x100
[ 1077.059388][T14962]  __kmalloc_noprof+0xe0/0x7e0
[ 1077.059421][T14962]  ? tomoyo_encode+0x28b/0x550
[ 1077.059450][T14962]  tomoyo_encode+0x28b/0x550
[ 1077.059475][T14962]  tomoyo_realpath_from_path+0x58d/0x5d0
[ 1077.059499][T14962]  ? tomoyo_domain+0xd9/0x130
[ 1077.059527][T14962]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 1077.059557][T14962]  tomoyo_path_number_perm+0x1e8/0x5a0
[ 1077.059591][T14962]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1077.059623][T14962]  ? __lock_acquire+0x6b6/0x2cf0
[ 1077.059698][T14962]  ? do_raw_spin_lock+0x121/0x290
[ 1077.059756][T14962]  ? __fget_files+0x2a/0x420
[ 1077.059782][T14962]  ? __fget_files+0x2a/0x420
[ 1077.059804][T14962]  ? __fget_files+0x3a6/0x420
[ 1077.059826][T14962]  ? __fget_files+0x2a/0x420
[ 1077.059854][T14962]  security_file_ioctl+0xcb/0x2d0
[ 1077.059889][T14962]  __se_sys_ioctl+0x47/0x170
[ 1077.059925][T14962]  do_syscall_64+0xec/0xf80
[ 1077.059949][T14962]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1077.059971][T14962]  ? trace_irq_disable+0x37/0x100
[ 1077.059996][T14962]  ? clear_bhb_loop+0x60/0xb0
[ 1077.060024][T14962]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1077.060047][T14962] RIP: 0033:0x7f3aae1af749
[ 1077.060067][T14962] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1077.060089][T14962] RSP: 002b:00007f3aac40e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1077.060113][T14962] RAX: ffffffffffffffda RBX: 00007f3aae405fa0 RCX: 00007f3aae1af749
[ 1077.060130][T14962] RDX: 0000200000001e40 RSI: 0000000000008946 RDI: 0000000000000004
[ 1077.060145][T14962] RBP: 00007f3aac40e090 R08: 0000000000000000 R09: 0000000000000000
[ 1077.060159][T14962] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1077.060172][T14962] R13: 00007f3aae406038 R14: 00007f3aae405fa0 R15: 00007ffd437145d8
[ 1077.060208][T14962]  </TASK>
[ 1077.060231][T14962] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1077.666934][T14967] FAULT_INJECTION: forcing a failure.
[ 1077.666934][T14967] name failslab, interval 1, probability 0, space 0, times 0
[ 1077.666963][T14967] CPU: 1 UID: 0 PID: 14967 Comm: syz.3.2786 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1077.666986][T14967] Tainted: [L]=SOFTLOCKUP
[ 1077.666992][T14967] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1077.667003][T14967] Call Trace:
[ 1077.667009][T14967]  <TASK>
[ 1077.667016][T14967]  dump_stack_lvl+0xe8/0x150
[ 1077.667043][T14967]  should_fail_ex+0x46c/0x600
[ 1077.667068][T14967]  should_failslab+0xa8/0x100
[ 1077.667085][T14967]  __kmalloc_noprof+0xe0/0x7e0
[ 1077.667109][T14967]  ? tomoyo_encode+0x28b/0x550
[ 1077.667129][T14967]  tomoyo_encode+0x28b/0x550
[ 1077.667148][T14967]  tomoyo_realpath_from_path+0x58d/0x5d0
[ 1077.667174][T14967]  tomoyo_check_open_permission+0x1c1/0x3b0
[ 1077.667197][T14967]  ? tomoyo_check_open_permission+0x16a/0x3b0
[ 1077.667220][T14967]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[ 1077.667265][T14967]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[ 1077.667291][T14967]  ? tomoyo_file_open+0x168/0x220
[ 1077.667311][T14967]  security_file_open+0xb1/0x270
[ 1077.667335][T14967]  do_dentry_open+0x35c/0x1270
[ 1077.667361][T14967]  vfs_open+0x3b/0x350
[ 1077.667376][T14967]  ? path_openat+0x340f/0x3df0
[ 1077.667399][T14967]  path_openat+0x342a/0x3df0
[ 1077.667445][T14967]  ? __pfx_path_openat+0x10/0x10
[ 1077.667466][T14967]  ? kasan_save_track+0x4f/0x80
[ 1077.667487][T14967]  ? kasan_save_track+0x3e/0x80
[ 1077.667507][T14967]  ? __kasan_slab_alloc+0x6c/0x80
[ 1077.667529][T14967]  ? kmem_cache_alloc_noprof+0x18d/0x6c0
[ 1077.667550][T14967]  ? getname_flags+0xb8/0x540
[ 1077.667563][T14967]  ? do_sys_openat2+0xbc/0x200
[ 1077.667587][T14967]  ? do_raw_spin_lock+0x121/0x290
[ 1077.667623][T14967]  do_filp_open+0x1fa/0x410
[ 1077.667647][T14967]  ? __pfx_do_filp_open+0x10/0x10
[ 1077.667667][T14967]  ? rt_mutex_slowunlock+0x493/0x8a0
[ 1077.667706][T14967]  ? alloc_fd+0x64f/0x6c0
[ 1077.667730][T14967]  do_sys_openat2+0x121/0x200
[ 1077.667750][T14967]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1077.667769][T14967]  ? ksys_write+0x230/0x260
[ 1077.667793][T14967]  ? __pfx_ksys_write+0x10/0x10
[ 1077.667819][T14967]  __x64_sys_openat+0x138/0x170
[ 1077.667841][T14967]  do_syscall_64+0xec/0xf80
[ 1077.667856][T14967]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1077.667873][T14967]  ? trace_irq_disable+0x37/0x100
[ 1077.667890][T14967]  ? clear_bhb_loop+0x60/0xb0
[ 1077.667910][T14967]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1077.667925][T14967] RIP: 0033:0x7f392da9f749
[ 1077.667940][T14967] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1077.667955][T14967] RSP: 002b:00007f392bd06038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1077.667972][T14967] RAX: ffffffffffffffda RBX: 00007f392dcf5fa0 RCX: 00007f392da9f749
[ 1077.667984][T14967] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 00000000ffffff9c
[ 1077.667995][T14967] RBP: 00007f392bd06090 R08: 0000000000000000 R09: 0000000000000000
[ 1077.668005][T14967] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1077.668015][T14967] R13: 00007f392dcf6038 R14: 00007f392dcf5fa0 R15: 00007ffd08803158
[ 1077.668040][T14967]  </TASK>
[ 1077.668057][T14967] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1077.766301][ T6038] usb 3-1: new high-speed USB device number 50 using dummy_hcd
[ 1078.065897][T14655] hsr_slave_0: entered promiscuous mode
[ 1078.067546][T14655] hsr_slave_1: entered promiscuous mode
[ 1078.068587][T14655] debugfs: 'hsr0' already exists in 'hsr'
[ 1078.068615][T14655] Cannot create hsr debugfs directory
[ 1078.156348][ T6038] usb 3-1: device descriptor read/64, error -71
[ 1079.274542][ T6038] usb 3-1: new high-speed USB device number 51 using dummy_hcd
[ 1079.284091][ T5806] Bluetooth: hci2: command 0x0406 tx timeout
[ 1079.757183][   T37] audit: type=1326 audit(1766708381.839:762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14971 comm="syz.5.2787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfaeebf749 code=0x7ffc0000
[ 1079.757247][   T37] audit: type=1326 audit(1766708381.839:763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14971 comm="syz.5.2787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfaeebf749 code=0x7ffc0000
[ 1079.856444][ T6038] usb 3-1: device descriptor read/64, error -71
[ 1080.152108][ T6038] usb usb3-port1: attempt power cycle
[ 1080.206421][ T1268] hsr_slave_0: left promiscuous mode
[ 1080.227704][ T1268] hsr_slave_1: left promiscuous mode
[ 1080.486385][ T6038] usb 3-1: new high-speed USB device number 52 using dummy_hcd
[ 1080.517899][ T6038] usb 3-1: device descriptor read/8, error -71
[ 1080.748022][ T1268] veth1_macvtap: left promiscuous mode
[ 1080.748133][ T1268] veth0_macvtap: left promiscuous mode
[ 1080.748393][ T1268] veth1_vlan: left promiscuous mode
[ 1080.748573][ T1268] veth0_vlan: left promiscuous mode
[ 1081.456327][   T10] usb 4-1: new high-speed USB device number 28 using dummy_hcd
[ 1081.629996][   T10] usb 4-1: config 220 has an invalid interface number: 76 but max is 2
[ 1081.630027][   T10] usb 4-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[ 1081.630049][   T10] usb 4-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[ 1081.630070][   T10] usb 4-1: config 220 has no interface number 2
[ 1081.630139][   T10] usb 4-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[ 1081.630168][   T10] usb 4-1: config 220 interface 0 has no altsetting 0
[ 1081.630188][   T10] usb 4-1: config 220 interface 76 has no altsetting 0
[ 1081.630207][   T10] usb 4-1: config 220 interface 1 has no altsetting 0
[ 1081.658800][   T10] usb 4-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[ 1081.658833][   T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1081.658856][   T10] usb 4-1: Product: syz
[ 1081.658872][   T10] usb 4-1: Manufacturer: syz
[ 1081.658888][   T10] usb 4-1: SerialNumber: syz
[ 1082.472366][T15013] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1082.472852][T15013] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1082.613871][   T10] usb 4-1: selecting invalid altsetting 0
[ 1082.678401][   T10] uvcvideo 4-1:220.0: Found UVC 7.01 device syz (8086:0b07)
[ 1082.678449][   T10] uvcvideo 4-1:220.0: No valid video chain found.
[ 1082.729556][   T10] usb 4-1: selecting invalid altsetting 0
[ 1082.729600][   T10] usbtest 4-1:220.1: probe with driver usbtest failed with error -22
[ 1082.777793][   T10] usb 4-1: USB disconnect, device number 28
[ 1083.456201][   T37] audit: type=1326 audit(1766708385.659:764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15016 comm="syz.3.2798" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f392da9f749 code=0x7ffc0000
[ 1083.456271][   T37] audit: type=1326 audit(1766708385.659:765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15016 comm="syz.3.2798" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f392da9f749 code=0x7ffc0000
[ 1083.460424][T15019] netlink: 16 bytes leftover after parsing attributes in process `syz.6.2797'.
[ 1083.460465][T15019] netlink: 16 bytes leftover after parsing attributes in process `syz.6.2797'.
[ 1086.103329][   T10] usb 6-1: USB disconnect, device number 25
[ 1089.245591][T15030] FAULT_INJECTION: forcing a failure.
[ 1089.245591][T15030] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1089.245633][T15030] CPU: 0 UID: 0 PID: 15030 Comm: syz.2.2801 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1089.245664][T15030] Tainted: [L]=SOFTLOCKUP
[ 1089.245673][T15030] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1089.245687][T15030] Call Trace:
[ 1089.245696][T15030]  <TASK>
[ 1089.245706][T15030]  dump_stack_lvl+0xe8/0x150
[ 1089.245744][T15030]  should_fail_ex+0x46c/0x600
[ 1089.245781][T15030]  _copy_from_user+0x2d/0xb0
[ 1089.245805][T15030]  kstrtouint_from_user+0xc4/0x170
[ 1089.245849][T15030]  ? __pfx_kstrtouint_from_user+0x10/0x10
[ 1089.245900][T15030]  proc_fail_nth_write+0x88/0x200
[ 1089.245936][T15030]  ? __pfx_proc_fail_nth_write+0x10/0x10
[ 1089.245978][T15030]  ? __pfx_proc_fail_nth_write+0x10/0x10
[ 1089.246015][T15030]  vfs_write+0x287/0xb40
[ 1089.246060][T15030]  ? __pfx_vfs_write+0x10/0x10
[ 1089.246095][T15030]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 1089.246128][T15030]  ? lockdep_hardirqs_on+0x7b/0x110
[ 1089.246149][T15030]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[ 1089.246170][T15030]  ? mutex_lock_nested+0x154/0x1d0
[ 1089.246198][T15030]  ? fdget_pos+0x253/0x320
[ 1089.246233][T15030]  ksys_write+0x14b/0x260
[ 1089.246269][T15030]  ? __pfx_ksys_write+0x10/0x10
[ 1089.246316][T15030]  do_syscall_64+0xec/0xf80
[ 1089.246340][T15030]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1089.246363][T15030]  ? trace_irq_disable+0x37/0x100
[ 1089.246388][T15030]  ? clear_bhb_loop+0x60/0xb0
[ 1089.246418][T15030]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1089.246441][T15030] RIP: 0033:0x7f3aae1ae1ff
[ 1089.246463][T15030] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[ 1089.246484][T15030] RSP: 002b:00007f3aac40e030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 1089.246508][T15030] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f3aae1ae1ff
[ 1089.246524][T15030] RDX: 0000000000000001 RSI: 00007f3aac40e0a0 RDI: 0000000000000004
[ 1089.246538][T15030] RBP: 00007f3aac40e090 R08: 0000000000000000 R09: 0000000000000000
[ 1089.246552][T15030] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[ 1089.246566][T15030] R13: 00007f3aae406038 R14: 00007f3aae405fa0 R15: 00007ffd437145d8
[ 1089.246602][T15030]  </TASK>
[ 1090.287481][T15031] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2800'.
[ 1093.397137][T15062] 9pnet_virtio: no channels available for device syz
[ 1093.747829][ T5806] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1093.775437][ T5806] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1093.794158][ T5806] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1093.825221][ T5806] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1093.836342][ T5806] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1093.883962][   T37] audit: type=1326 audit(1766708396.089:766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15060 comm="syz.2.2809" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aae1af749 code=0x7ffc0000
[ 1093.884021][   T37] audit: type=1326 audit(1766708396.089:767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15060 comm="syz.2.2809" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aae1af749 code=0x7ffc0000
[ 1094.048122][ T5809] usb 7-1: new high-speed USB device number 31 using dummy_hcd
[ 1094.196318][ T5809] usb 7-1: Using ep0 maxpacket: 32
[ 1094.199171][ T5809] usb 7-1: config 0 has an invalid interface number: 51 but max is 0
[ 1094.199206][ T5809] usb 7-1: config 0 has no interface number 0
[ 1094.234851][T15067] lo speed is unknown, defaulting to 1000
[ 1094.301137][ T5809] usb 7-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[ 1094.301172][ T5809] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1094.301204][ T5809] usb 7-1: Product: syz
[ 1094.301220][ T5809] usb 7-1: Manufacturer: syz
[ 1094.301236][ T5809] usb 7-1: SerialNumber: syz
[ 1094.311827][ T5809] usb 7-1: config 0 descriptor??
[ 1094.455289][ T5809] quatech2 7-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[ 1096.347068][ T5806] Bluetooth: hci4: command tx timeout
[ 1096.744060][ T5809] usb 7-1: qt2_attach - failed to power on unit: -71
[ 1096.744348][ T5809] quatech2 7-1:0.51: probe with driver quatech2 failed with error -71
[ 1096.785198][ T5809] usb 7-1: USB disconnect, device number 31
[ 1097.062924][ T1268] IPVS: stop unused estimator thread 0...
[ 1097.112312][T15103] FAULT_INJECTION: forcing a failure.
[ 1097.112312][T15103] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1097.112353][T15103] CPU: 0 UID: 0 PID: 15103 Comm: syz.2.2816 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1097.112384][T15103] Tainted: [L]=SOFTLOCKUP
[ 1097.112393][T15103] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1097.112406][T15103] Call Trace:
[ 1097.112415][T15103]  <TASK>
[ 1097.112426][T15103]  dump_stack_lvl+0xe8/0x150
[ 1097.112462][T15103]  should_fail_ex+0x46c/0x600
[ 1097.112498][T15103]  _copy_from_user+0x2d/0xb0
[ 1097.112520][T15103]  copy_from_sockptr+0x5e/0xa0
[ 1097.112553][T15103]  do_tcp_getsockopt+0xc76/0x2680
[ 1097.112594][T15103]  ? __pfx_do_tcp_getsockopt+0x10/0x10
[ 1097.112625][T15103]  ? sock_recv_errqueue+0x460/0x510
[ 1097.112652][T15103]  ? handle_mm_fault+0xd1/0x1330
[ 1097.112682][T15103]  ? handle_mm_fault+0x123f/0x1330
[ 1097.112722][T15103]  ? handle_mm_fault+0xd1/0x1330
[ 1097.112756][T15103]  ? __pfx_handle_mm_fault+0x10/0x10
[ 1097.112807][T15103]  ? do_user_addr_fault+0xbbc/0x1380
[ 1097.112839][T15103]  ? up_read+0x23/0x40
[ 1097.112860][T15103]  ? do_user_addr_fault+0xc85/0x1380
[ 1097.112895][T15103]  ? irqentry_exit+0x5dd/0x660
[ 1097.112933][T15103]  tcp_getsockopt+0x83/0x130
[ 1097.112964][T15103]  ? sock_recv_errqueue+0x460/0x510
[ 1097.112983][T15103]  ? rep_movs_alternative+0xf/0x90
[ 1097.113010][T15103]  ? sock_recv_errqueue+0x460/0x510
[ 1097.113029][T15103]  ? __pfx_sock_common_getsockopt+0x10/0x10
[ 1097.113053][T15103]  do_sock_getsockopt+0x2b4/0x3d0
[ 1097.113084][T15103]  ? __pfx_do_sock_getsockopt+0x10/0x10
[ 1097.113112][T15103]  ? __fget_files+0x3a6/0x420
[ 1097.113136][T15103]  ? __fget_files+0x2a/0x420
[ 1097.113175][T15103]  __x64_sys_getsockopt+0x1ab/0x250
[ 1097.113214][T15103]  do_syscall_64+0xec/0xf80
[ 1097.113235][T15103]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1097.113257][T15103]  ? trace_irq_disable+0x37/0x100
[ 1097.113281][T15103]  ? clear_bhb_loop+0x60/0xb0
[ 1097.113308][T15103]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1097.113330][T15103] RIP: 0033:0x7f3aae1af749
[ 1097.113350][T15103] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1097.113370][T15103] RSP: 002b:00007f3aac40e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[ 1097.113393][T15103] RAX: ffffffffffffffda RBX: 00007f3aae405fa0 RCX: 00007f3aae1af749
[ 1097.113409][T15103] RDX: 0000000000000023 RSI: 0000000000000006 RDI: 0000000000000004
[ 1097.113423][T15103] RBP: 00007f3aac40e090 R08: 0000200000000000 R09: 0000000000000000
[ 1097.113437][T15103] R10: 0000200000000140 R11: 0000000000000246 R12: 0000000000000001
[ 1097.113451][T15103] R13: 00007f3aae406038 R14: 00007f3aae405fa0 R15: 00007ffd437145d8
[ 1097.113485][T15103]  </TASK>
[ 1097.469728][T15067] chnl_net:caif_netlink_parms(): no params data found
[ 1097.686487][ T5885] usb 4-1: new high-speed USB device number 29 using dummy_hcd
[ 1097.839822][ T5885] usb 4-1: Using ep0 maxpacket: 16
[ 1097.855280][ T5885] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1097.855317][ T5885] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1097.855342][ T5885] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[ 1097.855387][ T5885] usb 4-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[ 1097.855412][ T5885] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1097.944415][ T5885] usb 4-1: config 0 descriptor??
[ 1098.426303][ T5806] Bluetooth: hci4: command tx timeout
[ 1098.471849][ T5885] hid_parser_main: 92 callbacks suppressed
[ 1098.471879][ T5885] appleir 0003:05AC:8241.005D: unknown main item tag 0x3
[ 1098.471912][ T5885] appleir 0003:05AC:8241.005D: item fetching failed at offset 2/5
[ 1098.472676][ T5885] appleir 0003:05AC:8241.005D: parse failed
[ 1098.512694][ T5885] appleir 0003:05AC:8241.005D: probe with driver appleir failed with error -22
[ 1098.743957][ T6038] usb 4-1: USB disconnect, device number 29
[ 1098.864569][T15067] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1098.864814][T15067] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1098.865064][T15067] bridge_slave_0: entered allmulticast mode
[ 1098.903853][T15067] bridge_slave_0: entered promiscuous mode
[ 1098.923543][T15067] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1098.936447][T15067] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1098.936740][T15067] bridge_slave_1: entered allmulticast mode
[ 1098.939603][T15067] bridge_slave_1: entered promiscuous mode
[ 1099.153082][   T37] audit: type=1326 audit(1766708401.359:768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15122 comm="syz.2.2820" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aae1af749 code=0x7ffc0000
[ 1099.153214][   T37] audit: type=1326 audit(1766708401.359:769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15122 comm="syz.2.2820" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aae1af749 code=0x7ffc0000
[ 1099.456346][ T5885] usb 6-1: new high-speed USB device number 26 using dummy_hcd
[ 1099.563191][T15067] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1099.599897][T15067] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1099.616259][ T5885] usb 6-1: Using ep0 maxpacket: 32
[ 1099.618624][ T5885] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 102, changing to 10
[ 1099.618661][ T5885] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24624, setting to 1024
[ 1099.618690][ T5885] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1099.621921][ T5885] usb 6-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22
[ 1099.621952][ T5885] usb 6-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131
[ 1099.621976][ T5885] usb 6-1: Product: syz
[ 1099.621992][ T5885] usb 6-1: Manufacturer: syz
[ 1099.622008][ T5885] usb 6-1: SerialNumber: syz
[ 1099.696889][T14482] usb 7-1: new high-speed USB device number 32 using dummy_hcd
[ 1099.813775][ T5885] input: appletouch as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/input/input17
[ 1099.846472][T14482] usb 7-1: Using ep0 maxpacket: 32
[ 1099.852376][T14482] usb 7-1: config 0 has an invalid interface number: 51 but max is 0
[ 1099.853567][T14482] usb 7-1: config 0 has no interface number 0
[ 1099.880827][T14482] usb 7-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[ 1099.880862][T14482] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1099.880885][T14482] usb 7-1: Product: syz
[ 1099.880900][T14482] usb 7-1: Manufacturer: syz
[ 1099.880916][T14482] usb 7-1: SerialNumber: syz
[ 1099.935365][T14482] usb 7-1: config 0 descriptor??
[ 1099.961253][T15127] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2822'.
[ 1099.974094][ T5806] Bluetooth: hci5: unexpected event for opcode 0x1003
[ 1100.006587][T14482] quatech2 7-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[ 1100.011204][ T5979] usb 6-1: USB disconnect, device number 26
[ 1100.506303][ T5806] Bluetooth: hci4: command tx timeout
[ 1100.518283][ T5979] appletouch 6-1:1.0: input: appletouch disconnected
[ 1100.731450][T15067] team0: Port device team_slave_0 added
[ 1100.758796][T15067] team0: Port device team_slave_1 added
[ 1101.919038][T15163] ieee802154 phy0 wpan0: encryption failed: -22
[ 1101.949484][T14482] usb 7-1: qt2_attach - failed to power on unit: -71
[ 1101.949761][T14482] quatech2 7-1:0.51: probe with driver quatech2 failed with error -71
[ 1101.994356][T15165] netlink: 36 bytes leftover after parsing attributes in process `syz.5.2828'.
[ 1101.999796][T14482] usb 7-1: USB disconnect, device number 32
[ 1102.155999][ T1268] bridge_slave_1: left allmulticast mode
[ 1102.156039][ T1268] bridge_slave_1: left promiscuous mode
[ 1102.167313][ T1268] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1102.246426][ T1268] bridge_slave_0: left allmulticast mode
[ 1102.246459][ T1268] bridge_slave_0: left promiscuous mode
[ 1102.246748][ T1268] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1102.576653][ T5885] usb 6-1: new full-speed USB device number 27 using dummy_hcd
[ 1102.596297][ T5806] Bluetooth: hci4: command tx timeout
[ 1102.821298][ T5885] usb 6-1: config index 0 descriptor too short (expected 36, got 10)
[ 1102.821329][ T5885] usb 6-1: config 0 descriptor has 1 excess byte, ignoring
[ 1102.821350][ T5885] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1102.858209][ T5885] usb 6-1: New USB device found, idVendor=15c2, idProduct=0046, bcdDevice=6c.78
[ 1102.858242][ T5885] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1102.858266][ T5885] usb 6-1: Product: syz
[ 1102.858282][ T5885] usb 6-1: Manufacturer: syz
[ 1102.858298][ T5885] usb 6-1: SerialNumber: syz
[ 1102.864110][ T5885] usb 6-1: config 0 descriptor??
[ 1103.029156][T15174] FAULT_INJECTION: forcing a failure.
[ 1103.029156][T15174] name failslab, interval 1, probability 0, space 0, times 0
[ 1103.029198][T15174] CPU: 0 UID: 0 PID: 15174 Comm: syz.6.2830 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1103.029228][T15174] Tainted: [L]=SOFTLOCKUP
[ 1103.029236][T15174] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1103.029250][T15174] Call Trace:
[ 1103.029259][T15174]  <TASK>
[ 1103.029269][T15174]  dump_stack_lvl+0xe8/0x150
[ 1103.029304][T15174]  should_fail_ex+0x46c/0x600
[ 1103.029340][T15174]  ? fsnotify_add_mark_locked+0x549/0xdb0
[ 1103.029371][T15174]  should_failslab+0xa8/0x100
[ 1103.029394][T15174]  ? fsnotify_add_mark_locked+0x549/0xdb0
[ 1103.029423][T15174]  kmem_cache_alloc_noprof+0x84/0x6c0
[ 1103.029465][T15174]  fsnotify_add_mark_locked+0x549/0xdb0
[ 1103.029508][T15174]  __se_sys_inotify_add_watch+0xa8e/0xf60
[ 1103.029553][T15174]  ? ksys_write+0x230/0x260
[ 1103.029587][T15174]  ? __pfx___se_sys_inotify_add_watch+0x10/0x10
[ 1103.029637][T15174]  do_syscall_64+0xec/0xf80
[ 1103.029661][T15174]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1103.029683][T15174]  ? trace_irq_disable+0x37/0x100
[ 1103.029714][T15174]  ? clear_bhb_loop+0x60/0xb0
[ 1103.029743][T15174]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1103.029765][T15174] RIP: 0033:0x7f32c006f749
[ 1103.029785][T15174] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1103.029805][T15174] RSP: 002b:00007f32be2ad038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fe
[ 1103.029829][T15174] RAX: ffffffffffffffda RBX: 00007f32c02c6090 RCX: 00007f32c006f749
[ 1103.029846][T15174] RDX: 0000000060000526 RSI: 0000200000000240 RDI: 0000000000000003
[ 1103.029861][T15174] RBP: 00007f32be2ad090 R08: 0000000000000000 R09: 0000000000000000
[ 1103.029875][T15174] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1103.029889][T15174] R13: 00007f32c02c6128 R14: 00007f32c02c6090 R15: 00007fff8c2151c8
[ 1103.029926][T15174]  </TASK>
[ 1103.082341][ T5809] usb 6-1: USB disconnect, device number 27
[ 1103.905129][   T37] audit: type=1326 audit(1766708406.109:770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15178 comm="syz.6.2832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32c006f749 code=0x7ffc0000
[ 1103.905257][   T37] audit: type=1326 audit(1766708406.109:771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15178 comm="syz.6.2832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32c006f749 code=0x7ffc0000
[ 1104.027296][ T5806] Bluetooth: hci5: Controller not accepting commands anymore: ncmd = 0
[ 1104.027765][ T5806] Bluetooth: hci5: Injecting HCI hardware error event
[ 1104.031787][T13013] Bluetooth: hci5: hardware error 0x00
[ 1104.087298][ T5809] usb 4-1: new full-speed USB device number 30 using dummy_hcd
[ 1104.238756][ T5809] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1104.238817][ T5809] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF9, changing to 0x89
[ 1104.238846][ T5809] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 10
[ 1104.238875][ T5809] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 65535, setting to 64
[ 1104.238917][ T5809] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[ 1104.238941][ T5809] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1104.242120][ T5809] usb 4-1: New USB device found, idVendor=0bc7, idProduct=0008, bcdDevice=4f.c8
[ 1104.242152][ T5809] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1104.242174][ T5809] usb 4-1: Product: syz
[ 1104.242191][ T5809] usb 4-1: Manufacturer: syz
[ 1104.242207][ T5809] usb 4-1: SerialNumber: syz
[ 1104.258166][ T5809] usb 4-1: config 0 descriptor??
[ 1104.260205][T15177] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1104.267367][ T5809] ati_remote 4-1:0.0: ati_remote_probe: Unexpected endpoint_out
[ 1104.408427][ T1268] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1104.534649][ T5809] usb 4-1: USB disconnect, device number 30
[ 1104.535723][ T5885] usb 6-1: new high-speed USB device number 28 using dummy_hcd
[ 1105.229733][T15194] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8)
[ 1105.229765][T15194] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1105.273971][T15194] vhci_hcd vhci_hcd.0: Device attached
[ 1105.437196][ T1268] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1105.496423][ T5885] usb 6-1: Using ep0 maxpacket: 32
[ 1105.500082][ T5885] usb 6-1: config 0 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1105.500121][ T5885] usb 6-1: config 0 interface 0 has no altsetting 0
[ 1105.500159][ T5885] usb 6-1: New USB device found, idVendor=5543, idProduct=006e, bcdDevice= 0.00
[ 1105.500253][ T5885] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1105.505530][ T1268] bond0 (unregistering): Released all slaves
[ 1105.555985][T14482] usb 37-1: new high-speed USB device number 2 using vhci_hcd
[ 1105.595332][ T5885] usb 6-1: config 0 descriptor??
[ 1105.602180][T15195] vhci_hcd: connection reset by peer
[ 1105.658699][   T12] vhci_hcd vhci_hcd.2: stop threads
[ 1105.660223][   T12] vhci_hcd vhci_hcd.2: release socket
[ 1105.692169][   T12] vhci_hcd vhci_hcd.2: disconnect device
[ 1105.693249][T15067] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1105.693273][T15067] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1105.693304][T15067] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1105.816653][T15067] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1105.816674][T15067] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1105.816704][T15067] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1106.188195][T13013] Bluetooth: hci5: Opcode 0x0c03 failed: -110
[ 1106.249534][   T10] usb 7-1: new high-speed USB device number 33 using dummy_hcd
[ 1106.294876][T15207] FAULT_INJECTION: forcing a failure.
[ 1106.294876][T15207] name failslab, interval 1, probability 0, space 0, times 0
[ 1106.294918][T15207] CPU: 1 UID: 0 PID: 15207 Comm: syz.3.2841 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1106.294954][T15207] Tainted: [L]=SOFTLOCKUP
[ 1106.294963][T15207] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1106.294978][T15207] Call Trace:
[ 1106.294987][T15207]  <TASK>
[ 1106.294997][T15207]  dump_stack_lvl+0xe8/0x150
[ 1106.295035][T15207]  should_fail_ex+0x46c/0x600
[ 1106.295070][T15207]  ? skb_clone+0x212/0x3a0
[ 1106.295101][T15207]  should_failslab+0xa8/0x100
[ 1106.295124][T15207]  ? skb_clone+0x212/0x3a0
[ 1106.295161][T15207]  kmem_cache_alloc_noprof+0x84/0x6c0
[ 1106.295195][T15207]  ? safesetid_security_capable+0xa9/0x1a0
[ 1106.295235][T15207]  skb_clone+0x212/0x3a0
[ 1106.295263][T15207]  ? nfnetlink_rcv+0x4ba/0x2590
[ 1106.295293][T15207]  nfnetlink_rcv+0x4ec/0x2590
[ 1106.295323][T15207]  ? __local_bh_enable_ip+0x1af/0x2c0
[ 1106.295357][T15207]  ? __dev_queue_xmit+0x259/0x31d0
[ 1106.295391][T15207]  ? __dev_queue_xmit+0x1936/0x31d0
[ 1106.295422][T15207]  ? netlink_unicast+0x811/0xa10
[ 1106.295447][T15207]  ? netlink_sendmsg+0x805/0xb30
[ 1106.295476][T15207]  ? __sock_sendmsg+0x21c/0x270
[ 1106.295525][T15207]  ? __dev_queue_xmit+0x259/0x31d0
[ 1106.295561][T15207]  ? __pfx_nfnetlink_rcv+0x10/0x10
[ 1106.295605][T15207]  ? ref_tracker_free+0x61e/0x7c0
[ 1106.295639][T15207]  ? __asan_memcpy+0x40/0x70
[ 1106.295668][T15207]  ? __pfx_ref_tracker_free+0x10/0x10
[ 1106.295697][T15207]  ? __skb_clone+0x63/0x7a0
[ 1106.295731][T15207]  ? __skb_clone+0x483/0x7a0
[ 1106.295767][T15207]  ? skb_clone+0x246/0x3a0
[ 1106.295801][T15207]  ? __netlink_deliver_tap+0x807/0x850
[ 1106.295832][T15207]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1106.295879][T15207]  netlink_unicast+0x846/0xa10
[ 1106.295914][T15207]  ? __pfx_netlink_unicast+0x10/0x10
[ 1106.295940][T15207]  ? __alloc_skb+0x198/0x3a0
[ 1106.295965][T15207]  ? netlink_sendmsg+0x642/0xb30
[ 1106.295994][T15207]  ? skb_put+0x11b/0x210
[ 1106.296024][T15207]  netlink_sendmsg+0x805/0xb30
[ 1106.296064][T15207]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1106.296104][T15207]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1106.296206][T15207]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1106.296239][T15207]  __sock_sendmsg+0x21c/0x270
[ 1106.296277][T15207]  ____sys_sendmsg+0x508/0x810
[ 1106.296312][T15207]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1106.296352][T15207]  ? import_iovec+0x74/0xa0
[ 1106.296377][T15207]  ___sys_sendmsg+0x21f/0x2a0
[ 1106.296410][T15207]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1106.296479][T15207]  ? __fget_files+0x2a/0x420
[ 1106.296502][T15207]  ? __fget_files+0x3a6/0x420
[ 1106.296538][T15207]  __x64_sys_sendmsg+0x1a1/0x260
[ 1106.296571][T15207]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1106.296613][T15207]  ? __pfx_ksys_write+0x10/0x10
[ 1106.296659][T15207]  do_syscall_64+0xec/0xf80
[ 1106.296682][T15207]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1106.296704][T15207]  ? trace_irq_disable+0x37/0x100
[ 1106.296730][T15207]  ? clear_bhb_loop+0x60/0xb0
[ 1106.296759][T15207]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1106.296782][T15207] RIP: 0033:0x7f392da9f749
[ 1106.296803][T15207] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1106.296823][T15207] RSP: 002b:00007f392bd06038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1106.296847][T15207] RAX: ffffffffffffffda RBX: 00007f392dcf5fa0 RCX: 00007f392da9f749
[ 1106.296865][T15207] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[ 1106.296880][T15207] RBP: 00007f392bd06090 R08: 0000000000000000 R09: 0000000000000000
[ 1106.296894][T15207] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1106.296908][T15207] R13: 00007f392dcf6038 R14: 00007f392dcf5fa0 R15: 00007ffd08803158
[ 1106.296944][T15207]  </TASK>
[ 1106.394979][ T5885] usb 6-1: string descriptor 0 read error: -71
[ 1106.405181][ T5885] uclogic 0003:5543:006E.005E: failed retrieving string descriptor #200: -71
[ 1106.405390][ T5885] uclogic 0003:5543:006E.005E: failed retrieving pen parameters: -71
[ 1106.405443][ T5885] uclogic 0003:5543:006E.005E: failed probing pen v2 parameters: -71
[ 1106.405586][ T5885] uclogic 0003:5543:006E.005E: failed probing parameters: -71
[ 1106.405881][ T5885] uclogic 0003:5543:006E.005E: probe with driver uclogic failed with error -71
[ 1106.467694][ T5885] usb 6-1: USB disconnect, device number 28
[ 1106.610079][   T10] usb 7-1: Using ep0 maxpacket: 32
[ 1106.667112][   T10] usb 7-1: config 0 has an invalid interface number: 51 but max is 0
[ 1106.667198][   T10] usb 7-1: config 0 has no interface number 0
[ 1106.796391][   T10] usb 7-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[ 1106.796425][   T10] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1106.796447][   T10] usb 7-1: Product: syz
[ 1106.796462][   T10] usb 7-1: Manufacturer: syz
[ 1106.796478][   T10] usb 7-1: SerialNumber: syz
[ 1106.842612][   T10] usb 7-1: config 0 descriptor??
[ 1106.843374][ T1268] hsr_slave_0: left promiscuous mode
[ 1106.877878][   T10] quatech2 7-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[ 1106.969090][ T1268] hsr_slave_1: left promiscuous mode
[ 1106.970309][ T1268] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1107.018473][ T1268] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1107.496016][   T37] audit: type=1326 audit(1766708409.699:772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15213 comm="syz.5.2843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfaeebf749 code=0x7ffc0000
[ 1107.496314][   T37] audit: type=1326 audit(1766708409.699:773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15213 comm="syz.5.2843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfaeebf749 code=0x7ffc0000
[ 1107.752893][   T10] usb 7-1: qt2_attach - failed to power on unit: -71
[ 1107.753208][   T10] quatech2 7-1:0.51: probe with driver quatech2 failed with error -71
[ 1107.776110][   T10] usb 7-1: USB disconnect, device number 33
[ 1108.507071][   T10] usb 3-1: new high-speed USB device number 54 using dummy_hcd
[ 1108.746289][ T5979] usb 6-1: new high-speed USB device number 29 using dummy_hcd
[ 1108.906457][   T10] usb 3-1: Using ep0 maxpacket: 32
[ 1108.912120][   T10] usb 3-1: config 0 has an invalid interface number: 51 but max is 0
[ 1108.912152][   T10] usb 3-1: config 0 has no interface number 0
[ 1108.915357][   T10] usb 3-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[ 1108.915389][   T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1108.915413][   T10] usb 3-1: Product: syz
[ 1108.915430][   T10] usb 3-1: Manufacturer: syz
[ 1108.915446][   T10] usb 3-1: SerialNumber: syz
[ 1109.006669][T15231] netlink: 269 bytes leftover after parsing attributes in process `syz.6.2848'.
[ 1109.158199][ T5979] usb 6-1: Using ep0 maxpacket: 16
[ 1109.747992][ T5979] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1109.748029][ T5979] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1109.748055][ T5979] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[ 1109.748102][ T5979] usb 6-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[ 1109.748129][ T5979] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1110.007521][   T10] usb 3-1: config 0 descriptor??
[ 1110.026880][   T10] quatech2 3-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[ 1110.049186][ T5979] usb 6-1: config 0 descriptor??
[ 1110.295480][   T10] usb 3-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[ 1110.516865][ T5979] input: HID 05ac:8241 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:05AC:8241.005F/input/input18
[ 1110.559672][   T10] usb 3-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[ 1110.654486][    C0] usb 3-1: qt2_read_bulk_callback - non-zero urb status: -71
[ 1110.674242][   T10] usb 3-1: USB disconnect, device number 54
[ 1110.705903][   T10] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[ 1110.749143][ T1268] team0 (unregistering): Port device team_slave_1 removed
[ 1110.780911][   T10] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[ 1110.782043][   T10] quatech2 3-1:0.51: device disconnected
[ 1110.816429][T14482] vhci_hcd vhci_hcd.2: vhci_device speed not set
[ 1110.863396][ T5979] appleir 0003:05AC:8241.005F: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.5-1/input0
[ 1110.886912][T15236] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1111.011562][ T5979] usb 6-1: USB disconnect, device number 29
[ 1111.313273][ T1268] team0 (unregistering): Port device team_slave_0 removed
[ 1112.280795][   T37] audit: type=1326 audit(1766708414.489:774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15243 comm="syz.2.2853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aae1af749 code=0x7ffc0000
[ 1112.281017][   T37] audit: type=1326 audit(1766708414.489:775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15243 comm="syz.2.2853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aae1af749 code=0x7ffc0000
[ 1112.757479][ T6037] usb 6-1: new high-speed USB device number 30 using dummy_hcd
[ 1112.936283][ T6037] usb 6-1: Using ep0 maxpacket: 16
[ 1112.938694][ T6037] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1112.938730][ T6037] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1112.938754][ T6037] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[ 1112.938798][ T6037] usb 6-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[ 1112.938823][ T6037] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1112.944924][ T6037] usb 6-1: config 0 descriptor??
[ 1113.361327][ T6037] appleir 0003:05AC:8241.0060: unknown main item tag 0x3
[ 1113.361367][ T6037] appleir 0003:05AC:8241.0060: item fetching failed at offset 2/5
[ 1113.387066][ T6037] appleir 0003:05AC:8241.0060: parse failed
[ 1113.387185][ T6037] appleir 0003:05AC:8241.0060: probe with driver appleir failed with error -22
[ 1113.521909][T15067] hsr_slave_0: entered promiscuous mode
[ 1113.523465][T15067] hsr_slave_1: entered promiscuous mode
[ 1113.527647][T15067] debugfs: 'hsr0' already exists in 'hsr'
[ 1113.527724][T15067] Cannot create hsr debugfs directory
[ 1113.763205][ T5809] usb 3-1: new high-speed USB device number 55 using dummy_hcd
[ 1114.226300][ T5809] usb 3-1: Using ep0 maxpacket: 32
[ 1114.228553][ T5809] usb 3-1: config 0 has an invalid interface number: 51 but max is 0
[ 1114.228581][ T5809] usb 3-1: config 0 has no interface number 0
[ 1114.231571][ T5809] usb 3-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[ 1114.231601][ T5809] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1114.231622][ T5809] usb 3-1: Product: syz
[ 1114.231637][ T5809] usb 3-1: Manufacturer: syz
[ 1114.231652][ T5809] usb 3-1: SerialNumber: syz
[ 1114.261284][ T5809] usb 3-1: config 0 descriptor??
[ 1114.273954][ T5809] quatech2 3-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[ 1114.345758][T15264] FAULT_INJECTION: forcing a failure.
[ 1114.345758][T15264] name failslab, interval 1, probability 0, space 0, times 0
[ 1114.345793][T15264] CPU: 0 UID: 0 PID: 15264 Comm: syz.6.2859 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1114.345820][T15264] Tainted: [L]=SOFTLOCKUP
[ 1114.345827][T15264] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1114.345839][T15264] Call Trace:
[ 1114.345847][T15264]  <TASK>
[ 1114.345855][T15264]  dump_stack_lvl+0xe8/0x150
[ 1114.345886][T15264]  should_fail_ex+0x46c/0x600
[ 1114.345915][T15264]  ? __d_alloc+0x37/0x6f0
[ 1114.345937][T15264]  should_failslab+0xa8/0x100
[ 1114.345956][T15264]  ? __d_alloc+0x37/0x6f0
[ 1114.345975][T15264]  kmem_cache_alloc_lru_noprof+0x88/0x6c0
[ 1114.346010][T15264]  __d_alloc+0x37/0x6f0
[ 1114.346032][T15264]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 1114.346056][T15264]  d_alloc_pseudo+0x21/0xc0
[ 1114.346079][T15264]  alloc_file_pseudo+0xcc/0x210
[ 1114.346099][T15264]  ? rt_spin_lock+0x1c1/0x3e0
[ 1114.346132][T15264]  ? __pfx_alloc_file_pseudo+0x10/0x10
[ 1114.346155][T15264]  ? rt_spin_unlock+0x150/0x200
[ 1114.346187][T15264]  anon_inode_getfile+0xc5/0x1a0
[ 1114.346212][T15264]  ? bpf_link_prime+0x47/0x270
[ 1114.346231][T15264]  bpf_link_prime+0x125/0x270
[ 1114.346250][T15264]  bpf_raw_tp_link_attach+0x499/0x640
[ 1114.346282][T15264]  ? __pfx_bpf_raw_tp_link_attach+0x10/0x10
[ 1114.346320][T15264]  ? __fget_files+0x2a/0x420
[ 1114.346354][T15264]  bpf_raw_tracepoint_open+0x1b8/0x220
[ 1114.346381][T15264]  __sys_bpf+0x73e/0x860
[ 1114.346403][T15264]  ? __pfx___sys_bpf+0x10/0x10
[ 1114.346421][T15264]  ? rt_mutex_slowunlock+0x1be/0x2e0
[ 1114.346461][T15264]  ? ksys_write+0x230/0x260
[ 1114.346489][T15264]  ? __pfx_ksys_write+0x10/0x10
[ 1114.346521][T15264]  __x64_sys_bpf+0x7c/0x90
[ 1114.346539][T15264]  do_syscall_64+0xec/0xf80
[ 1114.346558][T15264]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1114.346576][T15264]  ? trace_irq_disable+0x37/0x100
[ 1114.346594][T15264]  ? clear_bhb_loop+0x60/0xb0
[ 1114.346617][T15264]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1114.346634][T15264] RIP: 0033:0x7f32c006f749
[ 1114.346651][T15264] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1114.346668][T15264] RSP: 002b:00007f32be2ce038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1114.346699][T15264] RAX: ffffffffffffffda RBX: 00007f32c02c5fa0 RCX: 00007f32c006f749
[ 1114.346727][T15264] RDX: 0000000000000010 RSI: 00002000000001c0 RDI: 0000000000000011
[ 1114.346738][T15264] RBP: 00007f32be2ce090 R08: 0000000000000000 R09: 0000000000000000
[ 1114.346750][T15264] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1114.346761][T15264] R13: 00007f32c02c6038 R14: 00007f32c02c5fa0 R15: 00007fff8c2151c8
[ 1114.346791][T15264]  </TASK>
[ 1114.998614][T15266] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2860'.
[ 1115.129246][T15266] Unsupported ieee802154 address type: 0
[ 1115.157570][ T5809] usb 3-1: qt2_attach - failed to power on unit: -71
[ 1115.157818][ T5809] quatech2 3-1:0.51: probe with driver quatech2 failed with error -71
[ 1115.198310][ T5809] usb 3-1: USB disconnect, device number 55
[ 1116.776954][   T10] usb 6-1: USB disconnect, device number 30
[ 1117.558384][   T37] audit: type=1326 audit(1766708419.769:776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15273 comm="syz.5.2863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfaeebf749 code=0x7ffc0000
[ 1117.585686][   T37] audit: type=1326 audit(1766708419.769:777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15273 comm="syz.5.2863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfaeebf749 code=0x7ffc0000
[ 1117.997938][T15286] TCP: TCP_TX_DELAY enabled
[ 1117.998657][T15288] netlink: 76 bytes leftover after parsing attributes in process `syz.2.2867'.
[ 1118.424185][T15303] IPVS: set_ctl: invalid protocol: 43 10.1.1.0:20003
[ 1118.756622][T15272] usb 4-1: new high-speed USB device number 31 using dummy_hcd
[ 1118.796360][T11845] usb 7-1: new high-speed USB device number 34 using dummy_hcd
[ 1118.907268][T15272] usb 4-1: Using ep0 maxpacket: 32
[ 1118.909779][T15272] usb 4-1: config 0 has an invalid interface number: 51 but max is 0
[ 1118.909808][T15272] usb 4-1: config 0 has no interface number 0
[ 1118.913096][T15272] usb 4-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[ 1118.913127][T15272] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1118.913150][T15272] usb 4-1: Product: syz
[ 1118.913167][T15272] usb 4-1: Manufacturer: syz
[ 1118.913185][T15272] usb 4-1: SerialNumber: syz
[ 1118.976314][T11845] usb 7-1: Using ep0 maxpacket: 32
[ 1118.984477][T11845] usb 7-1: config 0 has an invalid interface number: 191 but max is 0
[ 1118.984526][T11845] usb 7-1: config 0 has no interface number 0
[ 1118.984577][T11845] usb 7-1: config 0 interface 191 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 24
[ 1119.030670][T11845] usb 7-1: New USB device found, idVendor=0789, idProduct=0160, bcdDevice=2c.d1
[ 1119.030706][T11845] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1119.030730][T11845] usb 7-1: Product: syz
[ 1119.030745][T11845] usb 7-1: Manufacturer: syz
[ 1119.030872][T11845] usb 7-1: SerialNumber: syz
[ 1119.372417][   T37] audit: type=1326 audit(1766708421.579:778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15308 comm="syz.5.2875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfaeebf749 code=0x7ffc0000
[ 1119.372568][   T37] audit: type=1326 audit(1766708421.579:779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15308 comm="syz.5.2875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfaeebf749 code=0x7ffc0000
[ 1119.456867][T15272] usb 4-1: config 0 descriptor??
[ 1119.526080][T15272] quatech2 4-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[ 1119.546933][T11845] usb 7-1: config 0 descriptor??
[ 1119.554946][T15307] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22
[ 1119.655820][T15311] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2877'.
[ 1119.681137][   T37] audit: type=1326 audit(1766708421.889:780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15312 comm="syz.2.2876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aae1af749 code=0x7ffc0000
[ 1119.701241][   T37] audit: type=1326 audit(1766708421.889:781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15312 comm="syz.2.2876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aae1af749 code=0x7ffc0000
[ 1119.766396][T15307] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22
[ 1119.790842][   T37] audit: type=1326 audit(1766708421.989:782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15312 comm="syz.2.2876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=203 compat=0 ip=0x7f3aae1af749 code=0x7ffc0000
[ 1119.790904][   T37] audit: type=1326 audit(1766708421.989:783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15312 comm="syz.2.2876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aae1af749 code=0x7ffc0000
[ 1119.790953][   T37] audit: type=1326 audit(1766708421.999:784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15312 comm="syz.2.2876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aae1af749 code=0x7ffc0000
[ 1119.792931][   T37] audit: type=1326 audit(1766708421.999:785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15312 comm="syz.2.2876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f3aae1af749 code=0x7ffc0000
[ 1119.971855][T11845] asix 7-1:0.191 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[ 1119.972416][T11845] asix 7-1:0.191: probe with driver asix failed with error -71
[ 1120.061299][T11845] usb 7-1: USB disconnect, device number 34
[ 1120.132304][T15146] udevd[15146]: setting owner of /dev/bus/usb/007/034 to uid=0, gid=0 failed: No such file or directory
[ 1120.698707][T15272] usb 4-1: qt2_attach - failed to power on unit: -71
[ 1120.698948][T15272] quatech2 4-1:0.51: probe with driver quatech2 failed with error -71
[ 1120.730461][T15272] usb 4-1: USB disconnect, device number 31
[ 1120.883639][T15067] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1120.978893][T15067] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1121.030458][T15067] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1121.090060][T15067] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1122.160580][ T1323] ieee802154 phy0 wpan0: encryption failed: -22
[ 1122.160652][ T1323] ieee802154 phy1 wpan1: encryption failed: -22
[ 1123.819451][T15067] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1123.910116][T15067] 8021q: adding VLAN 0 to HW filter on device team0
[ 1123.957729][   T82] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1123.957951][   T82] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1124.216275][T13013] Bluetooth: hci1: command 0x0406 tx timeout
[ 1124.261619][ T1199] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1124.261774][ T1199] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1124.382723][   T37] kauditd_printk_skb: 16 callbacks suppressed
[ 1124.382743][   T37] audit: type=1326 audit(1766708426.589:802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15352 comm="syz.2.2886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aae1af749 code=0x7ffc0000
[ 1124.385203][   T37] audit: type=1326 audit(1766708426.589:803): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15352 comm="syz.2.2886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aae1af749 code=0x7ffc0000
[ 1124.596383][T15272] usb 4-1: new high-speed USB device number 32 using dummy_hcd
[ 1124.769450][T15272] usb 4-1: Using ep0 maxpacket: 16
[ 1124.775296][T15272] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[ 1124.775325][T15272] usb 4-1: config 0 has no interface number 0
[ 1124.815671][T15272] usb 4-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d
[ 1124.815706][T15272] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1124.815728][T15272] usb 4-1: Product: syz
[ 1124.815744][T15272] usb 4-1: Manufacturer: syz
[ 1124.815761][T15272] usb 4-1: SerialNumber: syz
[ 1124.868785][T15272] usb 4-1: config 0 descriptor??
[ 1124.886411][T15272] gspca_main: spca1528-2.14.0 probing 04fc:1528
[ 1125.229808][T15067] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1125.236992][T11061] usb 7-1: new high-speed USB device number 35 using dummy_hcd
[ 1125.295033][T15370] FAULT_INJECTION: forcing a failure.
[ 1125.295033][T15370] name failslab, interval 1, probability 0, space 0, times 0
[ 1125.295133][T15370] CPU: 0 UID: 0 PID: 15370 Comm: syz.5.2891 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1125.295165][T15370] Tainted: [L]=SOFTLOCKUP
[ 1125.295174][T15370] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1125.295189][T15370] Call Trace:
[ 1125.295198][T15370]  <TASK>
[ 1125.295208][T15370]  dump_stack_lvl+0xe8/0x150
[ 1125.295249][T15370]  should_fail_ex+0x46c/0x600
[ 1125.295286][T15370]  should_failslab+0xa8/0x100
[ 1125.295312][T15370]  __kmalloc_cache_noprof+0x84/0x6d0
[ 1125.295348][T15370]  ? xfrm_policy_alloc+0x78/0x310
[ 1125.295378][T15370]  xfrm_policy_alloc+0x78/0x310
[ 1125.295403][T15370]  xfrm_policy_construct+0x39/0x6b0
[ 1125.295446][T15370]  xfrm_add_policy+0x267/0x800
[ 1125.295476][T15370]  ? rcu_is_watching+0x15/0xb0
[ 1125.295501][T15370]  ? __pfx_xfrm_add_policy+0x10/0x10
[ 1125.295536][T15370]  ? __nla_parse+0x40/0x60
[ 1125.295576][T15370]  xfrm_user_rcv_msg+0x7a3/0xab0
[ 1125.295611][T15370]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[ 1125.295676][T15370]  ? __lock_acquire+0x6b6/0x2cf0
[ 1125.295714][T15370]  ? ref_tracker_free+0x61e/0x7c0
[ 1125.295746][T15370]  ? __asan_memcpy+0x40/0x70
[ 1125.295776][T15370]  ? __pfx_ref_tracker_free+0x10/0x10
[ 1125.295812][T15370]  ? __skb_clone+0x63/0x7a0
[ 1125.295849][T15370]  netlink_rcv_skb+0x208/0x470
[ 1125.295881][T15370]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[ 1125.295911][T15370]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1125.295956][T15370]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[ 1125.295981][T15370]  ? mutex_lock_nested+0x154/0x1d0
[ 1125.296009][T15370]  ? xfrm_netlink_rcv+0x6a/0x90
[ 1125.296040][T15370]  xfrm_netlink_rcv+0x79/0x90
[ 1125.296067][T15370]  netlink_unicast+0x846/0xa10
[ 1125.296105][T15370]  ? __pfx_netlink_unicast+0x10/0x10
[ 1125.296129][T15370]  ? __alloc_skb+0x198/0x3a0
[ 1125.296154][T15370]  ? netlink_sendmsg+0x642/0xb30
[ 1125.296183][T15370]  ? skb_put+0x11b/0x210
[ 1125.296212][T15370]  netlink_sendmsg+0x805/0xb30
[ 1125.296252][T15370]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1125.296292][T15370]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1125.296322][T15370]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1125.296354][T15370]  __sock_sendmsg+0x21c/0x270
[ 1125.296391][T15370]  ____sys_sendmsg+0x508/0x810
[ 1125.296426][T15370]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1125.296465][T15370]  ? import_iovec+0x74/0xa0
[ 1125.296490][T15370]  ___sys_sendmsg+0x21f/0x2a0
[ 1125.296521][T15370]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1125.296588][T15370]  ? __fget_files+0x2a/0x420
[ 1125.296611][T15370]  ? __fget_files+0x3a6/0x420
[ 1125.296645][T15370]  __x64_sys_sendmsg+0x1a1/0x260
[ 1125.296674][T15370]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1125.296707][T15370]  ? __pfx_ksys_write+0x10/0x10
[ 1125.296749][T15370]  do_syscall_64+0xec/0xf80
[ 1125.296772][T15370]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1125.296803][T15370]  ? trace_irq_disable+0x37/0x100
[ 1125.296827][T15370]  ? clear_bhb_loop+0x60/0xb0
[ 1125.296855][T15370]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1125.296877][T15370] RIP: 0033:0x7fdfaeebf749
[ 1125.296897][T15370] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1125.296917][T15370] RSP: 002b:00007fdfad11e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1125.296940][T15370] RAX: ffffffffffffffda RBX: 00007fdfaf115fa0 RCX: 00007fdfaeebf749
[ 1125.296956][T15370] RDX: 0000000020040014 RSI: 0000200000000100 RDI: 0000000000000004
[ 1125.296971][T15370] RBP: 00007fdfad11e090 R08: 0000000000000000 R09: 0000000000000000
[ 1125.296986][T15370] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1125.296999][T15370] R13: 00007fdfaf116038 R14: 00007fdfaf115fa0 R15: 00007ffefaf57d68
[ 1125.297034][T15370]  </TASK>
[ 1125.387323][T11061] usb 7-1: Using ep0 maxpacket: 32
[ 1125.391745][T11061] usb 7-1: config 0 has an invalid interface number: 51 but max is 0
[ 1125.391797][T11061] usb 7-1: config 0 has no interface number 0
[ 1125.466616][T11061] usb 7-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[ 1125.466695][T11061] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1125.466717][T11061] usb 7-1: Product: syz
[ 1125.466733][T11061] usb 7-1: Manufacturer: syz
[ 1125.466748][T11061] usb 7-1: SerialNumber: syz
[ 1125.606522][T11061] usb 7-1: config 0 descriptor??
[ 1125.653132][T11061] quatech2 7-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[ 1125.756845][T15359] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2888'.
[ 1126.249043][T15373] macsec1: entered promiscuous mode
[ 1126.249293][T15373] vlan1: entered promiscuous mode
[ 1126.250848][T15373] macsec1: entered allmulticast mode
[ 1126.251252][T15373] vlan1: entered allmulticast mode
[ 1126.251269][T15373] veth0_vlan: entered allmulticast mode
[ 1126.344930][T15373] vlan1: left allmulticast mode
[ 1126.345018][T15373] veth0_vlan: left allmulticast mode
[ 1126.345058][T15373] vlan1: left promiscuous mode
[ 1126.675493][T15272] gspca_spca1528: reg_w err -110
[ 1126.675684][T15272] spca1528 4-1:0.1: probe with driver spca1528 failed with error -110
[ 1126.754157][T11061] usb 7-1: qt2_attach - failed to power on unit: -71
[ 1126.754432][T11061] quatech2 7-1:0.51: probe with driver quatech2 failed with error -71
[ 1126.822056][T11061] usb 7-1: USB disconnect, device number 35
[ 1126.950132][T15067] veth0_vlan: entered promiscuous mode
[ 1127.002351][T15067] veth1_vlan: entered promiscuous mode
[ 1127.394134][T15067] veth0_macvtap: entered promiscuous mode
[ 1128.294274][T15067] veth1_macvtap: entered promiscuous mode
[ 1130.658348][T15067] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1130.685971][T15067] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1130.754786][   T13] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1130.755044][   T13] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1130.755085][   T13] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1130.755123][   T13] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1131.077562][ T5945] usb 4-1: USB disconnect, device number 32
[ 1131.346556][T15392] netlink: 48 bytes leftover after parsing attributes in process `syz.3.2898'.
[ 1131.346583][T15392] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2898'.
[ 1131.595806][ T6173] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1131.595833][ T6173] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1132.657187][ T6080] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1132.657212][ T6080] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1132.779482][T15403] tap0: tun_chr_ioctl cmd 1074025677
[ 1132.779755][T15403] tap0: linktype set to 1
[ 1132.946300][T11845] usb 3-1: new full-speed USB device number 56 using dummy_hcd
[ 1133.098171][T11845] usb 3-1: New USB device found, idVendor=056e, idProduct=4010, bcdDevice=20.1c
[ 1133.098206][T11845] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1133.105824][T11845] usb 3-1: config 0 descriptor??
[ 1133.206332][T15059] usb 2-1: new full-speed USB device number 49 using dummy_hcd
[ 1133.312727][T15401] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2900'.
[ 1133.357556][T11845] pegasus 3-1:0.0: probe with driver pegasus failed with error -71
[ 1133.374741][T15059] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[ 1133.374795][T15059] usb 2-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[ 1133.374819][T15059] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1133.417131][T11845] usb 3-1: USB disconnect, device number 56
[ 1133.418531][T15059] usb 2-1: config 0 descriptor??
[ 1133.420103][T15408] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[ 1134.197978][T15059] elan 0003:04F3:0755.0061: unknown main item tag 0x0
[ 1134.198021][T15059] elan 0003:04F3:0755.0061: unknown main item tag 0x0
[ 1134.198053][T15059] elan 0003:04F3:0755.0061: unknown main item tag 0x0
[ 1134.198084][T15059] elan 0003:04F3:0755.0061: unknown main item tag 0x0
[ 1134.198115][T15059] elan 0003:04F3:0755.0061: unknown main item tag 0x0
[ 1134.874858][ T5809] usb 7-1: new high-speed USB device number 36 using dummy_hcd
[ 1134.891197][T15059] elan 0003:04F3:0755.0061: hidraw0: USB HID v1.01 Device [HID 04f3:0755] on usb-dummy_hcd.1-1/input0
[ 1134.900870][T15059] usb 2-1: USB disconnect, device number 49
[ 1135.022366][ T5809] usb 7-1: Using ep0 maxpacket: 32
[ 1135.025464][ T5809] usb 7-1: config 0 has an invalid interface number: 51 but max is 0
[ 1135.025495][ T5809] usb 7-1: config 0 has no interface number 0
[ 1135.056406][ T5809] usb 7-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[ 1135.056440][ T5809] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1135.056462][ T5809] usb 7-1: Product: syz
[ 1135.056479][ T5809] usb 7-1: Manufacturer: syz
[ 1135.056496][ T5809] usb 7-1: SerialNumber: syz
[ 1135.135690][ T5809] usb 7-1: config 0 descriptor??
[ 1135.151188][ T5809] quatech2 7-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[ 1135.203107][T15431] fido_id[15431]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory
[ 1135.897100][T15444] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2913'.
[ 1136.097192][T15444] bond1: entered promiscuous mode
[ 1136.099225][T15444] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1136.321034][T15450] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1136.321956][T15450] bond1: (slave ipip0): The slave device specified does not support setting the MAC address
[ 1136.382232][T15450] bond1: (slave ipip0): Error -95 calling set_mac_address
[ 1136.601042][ T5809] usb 7-1: qt2_attach - failed to power on unit: -71
[ 1136.601324][ T5809] quatech2 7-1:0.51: probe with driver quatech2 failed with error -71
[ 1136.656236][ T5809] usb 7-1: USB disconnect, device number 36
[ 1137.451151][T15481] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2927'.
[ 1138.897094][   T37] audit: type=1326 audit(1766708441.109:804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15502 comm="syz.2.2934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aae1af749 code=0x7ffc0000
[ 1138.928725][   T37] audit: type=1326 audit(1766708441.109:805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15502 comm="syz.2.2934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aae1af749 code=0x7ffc0000
[ 1138.928785][   T37] audit: type=1326 audit(1766708441.109:806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15502 comm="syz.2.2934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aae1af749 code=0x7ffc0000
[ 1138.928835][   T37] audit: type=1326 audit(1766708441.109:807): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15502 comm="syz.2.2934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=233 compat=0 ip=0x7f3aae1af749 code=0x7ffc0000
[ 1138.928885][   T37] audit: type=1326 audit(1766708441.109:808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15502 comm="syz.2.2934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aae1af749 code=0x7ffc0000
[ 1138.928935][   T37] audit: type=1326 audit(1766708441.109:809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15502 comm="syz.2.2934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aae1af749 code=0x7ffc0000
[ 1138.928986][   T37] audit: type=1326 audit(1766708441.109:810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15502 comm="syz.2.2934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aae1af749 code=0x7ffc0000
[ 1138.929036][   T37] audit: type=1326 audit(1766708441.109:811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15502 comm="syz.2.2934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aae1af749 code=0x7ffc0000
[ 1138.929086][   T37] audit: type=1326 audit(1766708441.109:812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15502 comm="syz.2.2934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=232 compat=0 ip=0x7f3aae1af749 code=0x7ffc0000
[ 1138.929136][   T37] audit: type=1326 audit(1766708441.119:813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15502 comm="syz.2.2934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aae1af749 code=0x7ffc0000
[ 1139.617370][T15525] 9p: Bad value for 'rfdno'
[ 1141.290284][T15565] ip6gre1: entered promiscuous mode
[ 1141.290313][T15565] ip6gre1: entered allmulticast mode
[ 1141.646541][T15571] ip6gretap1: default qdisc (pfifo_fast) fail, fallback to noqueue
[ 1141.831660][T15575] kvm: pic: non byte read
[ 1141.831973][T15575] kvm: pic: level sensitive irq not supported
[ 1141.832040][T15575] kvm: pic: non byte read
[ 1141.832642][T15575] kvm: pic: single mode not supported
[ 1141.832724][T15575] kvm: pic: non byte read
[ 1141.833096][T15575] kvm: pic: non byte read
[ 1141.833448][T15575] kvm: pic: non byte read
[ 1141.833801][T15575] kvm: pic: non byte read
[ 1141.834101][T15575] kvm: pic: single mode not supported
[ 1141.834111][T15575] kvm: pic: level sensitive irq not supported
[ 1141.834178][T15575] kvm: pic: non byte read
[ 1141.907519][T15580] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[ 1143.410607][T15613] netlink: 180 bytes leftover after parsing attributes in process `syz.3.2976'.
[ 1143.427426][T15613] netlink: 180 bytes leftover after parsing attributes in process `syz.3.2976'.
[ 1143.435343][T15613] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2976'.
[ 1143.435382][T15613] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2976'.
[ 1143.580737][T15613] ip6gretap1: entered allmulticast mode
[ 1143.580994][T15616] netlink: 180 bytes leftover after parsing attributes in process `syz.3.2976'.
[ 1146.230409][ T5806] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1146.237522][ T5806] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1146.258558][ T5806] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1146.260049][ T5806] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1146.260929][ T5806] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1146.353788][ T6173] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1146.605552][    T9] kernel read not supported for file inotify (pid: 9 comm: kworker/0:0)
[ 1146.662719][ T5806] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1146.690336][T15667] lo speed is unknown, defaulting to 1000
[ 1146.693011][ T5806] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1146.694621][ T5806] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1146.707071][ T5806] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1146.711388][ T5806] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1147.004893][   T31] kernel read not supported for file /vcs (pid: 31 comm: kworker/1:0)
[ 1147.023826][ T6173] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1147.203480][T15693] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1147.232605][T15693] evm: overlay not supported
[ 1147.262995][T15695] kvm: user requested TSC rate below hardware speed
[ 1147.452155][ T6173] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1147.774482][ T6173] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1147.903724][T15677] lo speed is unknown, defaulting to 1000
[ 1148.020017][T15719] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1148.346582][ T5806] Bluetooth: hci2: command tx timeout
[ 1148.654531][    C1] sd 0:0:1:0: [sda] tag#7973 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[ 1148.654602][    C1] sd 0:0:1:0: [sda] tag#7973 CDB: Write(6) 0a 00 00 00 00 00 00 00 fe 80 00 00
[ 1148.826480][ T5806] Bluetooth: hci5: command tx timeout
[ 1148.966793][T15667] chnl_net:caif_netlink_parms(): no params data found
[ 1149.004334][ T6173] bridge_slave_1: left allmulticast mode
[ 1149.004363][ T6173] bridge_slave_1: left promiscuous mode
[ 1149.005442][ T6173] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1149.075867][   T37] kauditd_printk_skb: 48 callbacks suppressed
[ 1149.075889][   T37] audit: type=1326 audit(1766708710.285:862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15750 comm="syz.6.3035" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f32c006f749 code=0x0
[ 1149.117520][ T6173] bridge_slave_0: left allmulticast mode
[ 1149.117545][ T6173] bridge_slave_0: left promiscuous mode
[ 1149.117753][ T6173] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1150.446425][ T5806] Bluetooth: hci2: command tx timeout
[ 1150.474187][T15770] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3041'.
[ 1150.916864][ T5806] Bluetooth: hci5: command tx timeout
[ 1151.997810][ T6173] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1152.080032][ T6173] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1152.129497][ T6173] bond0 (unregistering): Released all slaves
[ 1152.510481][ T5806] Bluetooth: hci2: command tx timeout
[ 1152.990018][ T5806] Bluetooth: hci5: command tx timeout
[ 1153.169051][ T6173] bond1 (unregistering): Released all slaves
[ 1153.466761][   T38] INFO: task syz.2.1036:9640 blocked for more than 144 seconds.
[ 1153.466790][   T38]       Tainted: G             L      syzkaller #0
[ 1153.466801][   T38]       Blocked by coredump.
[ 1153.466807][   T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1153.466816][   T38] task:syz.2.1036      state:D stack:27040 pid:9640  tgid:9640  ppid:5801   task_flags:0x40044c flags:0x00080003
[ 1153.466875][   T38] Call Trace:
[ 1153.466883][   T38]  <TASK>
[ 1153.466896][   T38]  __schedule+0x145f/0x5070
[ 1153.466955][   T38]  ? __pfx___schedule+0x10/0x10
[ 1153.466998][   T38]  ? schedule+0x91/0x360
[ 1153.467028][   T38]  schedule+0x165/0x360
[ 1153.467071][   T38]  schedule_timeout+0x9a/0x270
[ 1153.467099][   T38]  ? __pfx_schedule_timeout+0x10/0x10
[ 1153.467128][   T38]  ? do_raw_spin_lock+0x121/0x290
[ 1153.467159][   T38]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1153.467178][   T38]  ? wait_for_completion+0x267/0x5d0
[ 1153.467197][   T38]  wait_for_completion+0x2bf/0x5d0
[ 1153.467225][   T38]  ? __pfx_wait_for_completion+0x10/0x10
[ 1153.467249][   T38]  ? __flush_work+0xce/0xd20
[ 1153.467274][   T38]  ? __flush_work+0xce/0xd20
[ 1153.467300][   T38]  __flush_work+0x9c1/0xd20
[ 1153.467323][   T38]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1153.467345][   T38]  ? __flush_work+0xce/0xd20
[ 1153.467371][   T38]  ? __pfx___flush_work+0x10/0x10
[ 1153.467395][   T38]  ? __pfx_wq_barrier_func+0x10/0x10
[ 1153.467426][   T38]  ? work_grab_pending+0x123/0x8e0
[ 1153.467459][   T38]  ? __cancel_work_sync+0x5c/0x110
[ 1153.467486][   T38]  __cancel_work_sync+0xbe/0x110
[ 1153.467513][   T38]  hci_cmd_sync_clear+0x30/0x230
[ 1153.467538][   T38]  hci_unregister_dev+0x194/0x5b0
[ 1153.467560][   T38]  vhci_release+0x155/0x1b0
[ 1153.467590][   T38]  ? __pfx_vhci_release+0x10/0x10
[ 1153.467617][   T38]  __fput+0x45b/0xa80
[ 1153.467650][   T38]  task_work_run+0x1d4/0x260
[ 1153.467681][   T38]  ? __pfx_task_work_run+0x10/0x10
[ 1153.467709][   T38]  ? do_exit+0x68f/0x22f0
[ 1153.467736][   T38]  ? do_exit+0x68f/0x22f0
[ 1153.467765][   T38]  do_exit+0x694/0x22f0
[ 1153.467794][   T38]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 1153.467814][   T38]  ? lockdep_hardirqs_on+0x7b/0x110
[ 1153.467850][   T38]  ? __pfx_do_exit+0x10/0x10
[ 1153.467874][   T38]  ? rt_mutex_slowunlock+0x493/0x8a0
[ 1153.467899][   T38]  ? reacquire_held_locks+0x104/0x190
[ 1153.467928][   T38]  ? rt_spin_lock+0x1c1/0x3e0
[ 1153.467963][   T38]  do_group_exit+0x21c/0x2d0
[ 1153.467990][   T38]  ? rt_spin_unlock+0x161/0x200
[ 1153.468017][   T38]  get_signal+0x125d/0x1310
[ 1153.468068][   T38]  arch_do_signal_or_restart+0x9a/0x7a0
[ 1153.468099][   T38]  ? __pfx_get_timespec64+0x10/0x10
[ 1153.468128][   T38]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 1153.468164][   T38]  ? __se_sys_clock_nanosleep+0x339/0x390
[ 1153.468193][   T38]  exit_to_user_mode_loop+0x87/0x4e0
[ 1153.468219][   T38]  ? rcu_is_watching+0x15/0xb0
[ 1153.468240][   T38]  do_syscall_64+0x2b7/0xf80
[ 1153.468259][   T38]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1153.468277][   T38]  ? trace_irq_disable+0x37/0x100
[ 1153.468299][   T38]  ? clear_bhb_loop+0x60/0xb0
[ 1153.468322][   T38]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1153.468341][   T38] RIP: 0033:0x7fec11042005
[ 1153.468358][   T38] RSP: 002b:00007fec0f275f80 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6
[ 1153.468378][   T38] RAX: fffffffffffffdfc RBX: 00007fec11265fa0 RCX: 00007fec11042005
[ 1153.468393][   T38] RDX: 00007fec0f275fc0 RSI: 0000000000000000 RDI: 0000000000000000
[ 1153.468405][   T38] RBP: 00007fec11093f91 R08: 0000000000000000 R09: 0000000000000000
[ 1153.468417][   T38] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1153.468438][   T38] R13: 00007fec11266038 R14: 00007fec11265fa0 R15: 00007fff8e3f58f8
[ 1153.468487][   T38]  </TASK>
[ 1153.468542][   T38] 
[ 1153.468542][   T38] Showing all locks held in the system:
[ 1153.468553][   T38] 3 locks held by kworker/u8:0/12:
[ 1153.468564][   T38]  #0: ffff88813ff69938 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x1770
[ 1153.468619][   T38]  #1: ffffc90000117bc0 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x1770
[ 1153.468663][   T38]  #2: ffffffff8e8a5838 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0xe/0x60
[ 1153.468714][   T38] 3 locks held by kworker/1:0/31:
[ 1153.468724][   T38]  #0: ffff88813ff55138 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x1770
[ 1153.468768][   T38]  #1: ffffc90000a5fbc0 (deferred_process_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x1770
[ 1153.468810][   T38]  #2: ffffffff8e8a5838 (rtnl_mutex){+.+.}-{4:4}, at: switchdev_deferred_process_work+0xe/0x20
[ 1153.468854][   T38] 1 lock held by khungtaskd/38:
[ 1153.468873][   T38]  #0: ffffffff8d5ae940 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[ 1153.468953][   T38] 3 locks held by kworker/u8:12/1276:
[ 1153.468963][   T38]  #0: ffff88802fc89938 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x1770
[ 1153.469007][   T38]  #1: ffffc90005417bc0 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x1770
[ 1153.469059][   T38]  #2: ffffffff8e8a5838 (rtnl_mutex){+.+.}-{4:4}, at: addrconf_verify_work+0x19/0x30
[ 1153.469122][   T38] 2 locks held by getty/5552:
[ 1153.469132][   T38]  #0: ffff88814e4550a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[ 1153.469178][   T38]  #1: ffffc90003e7e2e0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x44f/0x1460
[ 1153.469219][   T38] 3 locks held by kworker/u9:7/5817:
[ 1153.469229][   T38]  #0: ffff888027271138 ((wq_completion)hci0){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x1770
[ 1153.469272][   T38]  #1: ffffc90004c07bc0 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x1770
[ 1153.469317][   T38]  #2: ffff888035ce8f80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d3/0x400
[ 1153.469372][   T38] 3 locks held by kworker/u8:20/6173:
[ 1153.469382][   T38]  #0: ffff888019ad4938 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x1770
[ 1153.469425][   T38]  #1: ffffc9000668fbc0 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x1770
[ 1153.469467][   T38]  #2: ffffffff8e898720 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xf7/0x7b0
[ 1153.469518][   T38] 2 locks held by syz-executor/15667:
[ 1153.469529][   T38]  #0: ffffffff8e02f288 (&ops->srcu#2){.+.+}-{0:0}, at: rtnl_link_ops_get+0x23/0x250
[ 1153.469578][   T38]  #1: ffffffff8e8a5838 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8ec/0x1c90
[ 1153.469620][   T38] 2 locks held by syz-executor/15677:
[ 1153.469630][   T38]  #0: ffffffff8edb4c28 (&ops->srcu#2){.+.+}-{0:0}, at: rtnl_link_ops_get+0x23/0x250
[ 1153.469677][   T38]  #1: ffffffff8e8a5838 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8ec/0x1c90
[ 1153.469719][   T38] 1 lock held by syz.1.3033/15741:
[ 1153.469730][   T38] 1 lock held by syz.6.3041/15770:
[ 1153.469740][   T38]  #0: ffffffff8e8a5838 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newroute+0x109/0x210
[ 1153.469786][   T38] 1 lock held by syz.2.3043/15774:
[ 1153.469796][   T38]  #0: ffffffff8e8a5838 (rtnl_mutex){+.+.}-{4:4}, at: rtnetlink_rcv_msg+0x71c/0xb70
[ 1153.469837][   T38] 
[ 1153.469842][   T38] =============================================
[ 1153.469842][   T38] 
[ 1153.469860][   T38] NMI backtrace for cpu 1
[ 1153.469878][   T38] CPU: 1 UID: 0 PID: 38 Comm: khungtaskd Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1153.469902][   T38] Tainted: [L]=SOFTLOCKUP
[ 1153.469909][   T38] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1153.469920][   T38] Call Trace:
[ 1153.469929][   T38]  <TASK>
[ 1153.469938][   T38]  dump_stack_lvl+0xe8/0x150
[ 1153.469965][   T38]  nmi_cpu_backtrace+0x274/0x2d0
[ 1153.469990][   T38]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 1153.470012][   T38]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[ 1153.470048][   T38]  sys_info+0x135/0x170
[ 1153.470068][   T38]  watchdog+0xf95/0xfe0
[ 1153.470093][   T38]  ? watchdog+0x20a/0xfe0
[ 1153.470119][   T38]  kthread+0x711/0x8a0
[ 1153.470147][   T38]  ? __pfx_watchdog+0x10/0x10
[ 1153.470166][   T38]  ? __pfx_kthread+0x10/0x10
[ 1153.470189][   T38]  ? rt_spin_unlock+0x150/0x200
[ 1153.470217][   T38]  ? rt_spin_unlock+0x161/0x200
[ 1153.470240][   T38]  ? __pfx_kthread+0x10/0x10
[ 1153.470266][   T38]  ret_from_fork+0x510/0xa50
[ 1153.470290][   T38]  ? __pfx_ret_from_fork+0x10/0x10
[ 1153.470308][   T38]  ? __switch_to+0xc9e/0x1480
[ 1153.470338][   T38]  ? __pfx_kthread+0x10/0x10
[ 1153.470364][   T38]  ret_from_fork_asm+0x1a/0x30
[ 1153.470405][   T38]  </TASK>
[ 1153.470413][   T38] Sending NMI from CPU 1 to CPUs 0:
[ 1153.470449][    C0] NMI backtrace for cpu 0
[ 1153.470469][    C0] CPU: 0 UID: 0 PID: 15741 Comm: syz.1.3033 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1153.470496][    C0] Tainted: [L]=SOFTLOCKUP
[ 1153.470503][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1153.470515][    C0] RIP: 0010:zap_class+0xcf/0x340
[ 1153.470535][    C0] Code: 49 81 fc 00 00 08 00 0f 84 a4 01 00 00 4e 8b 2c e5 c0 b3 76 92 4d 85 ed 0f 94 c0 49 83 c5 f8 0f 94 c1 08 c1 75 d7 45 8b 75 00 <41> f6 c6 fc 0f 84 e1 00 00 00 41 c1 ee 08 4a 8d 1c 75 90 b3 bb 91
[ 1153.470552][    C0] RSP: 0018:ffffc900056af920 EFLAGS: 00000046
[ 1153.470570][    C0] RAX: 00000000000cb700 RBX: ffffffff91d522a8 RCX: 00000000000cb700
[ 1153.470584][    C0] RDX: ffffffff9276b3b8 RSI: 0000000000000007 RDI: 00000000000f001f
[ 1153.470598][    C0] RBP: ffffffff92bab830 R08: ffffffff81a9df28 R09: ffffffff8d5ae940
[ 1153.470613][    C0] R10: dffffc0000000000 R11: fffffbfff1db668f R12: 000000000002feb3
[ 1153.470627][    C0] R13: ffffffff932ded10 R14: 0000000016578310 R15: 000000000000117e
[ 1153.470642][    C0] FS:  0000555565117500(0000) GS:ffff888126cef000(0000) knlGS:0000000000000000
[ 1153.470659][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1153.470673][    C0] CR2: 00007f7bc0d2ce80 CR3: 000000007d14e000 CR4: 00000000003526f0
[ 1153.470691][    C0] Call Trace:
[ 1153.470698][    C0]  <TASK>
[ 1153.470709][    C0]  lockdep_unregister_key+0x1c4/0x350
[ 1153.470740][    C0]  ? __pfx_pfifo_fast_destroy+0x10/0x10
[ 1153.470763][    C0]  __qdisc_destroy+0x166/0x400
[ 1153.470789][    C0]  dev_shutdown+0x34c/0x440
[ 1153.470815][    C0]  unregister_netdevice_many_notify+0x11b3/0x2330
[ 1153.470854][    C0]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[ 1153.470887][    C0]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 1153.470906][    C0]  ? lockdep_hardirqs_on+0x7b/0x110
[ 1153.470926][    C0]  ? rt_mutex_slowunlock+0x493/0x8a0
[ 1153.470952][    C0]  ? rt_spin_lock+0x1c1/0x3e0
[ 1153.470979][    C0]  unregister_netdevice_queue+0x317/0x350
[ 1153.471010][    C0]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[ 1153.471040][    C0]  ? rt_spin_unlock+0x161/0x200
[ 1153.471070][    C0]  __tun_detach+0xe4d/0x1600
[ 1153.471104][    C0]  ? __tun_detach+0x93b/0x1600
[ 1153.471130][    C0]  ? __pfx_tun_chr_close+0x10/0x10
[ 1153.471154][    C0]  tun_chr_close+0x10d/0x1c0
[ 1153.471179][    C0]  __fput+0x45b/0xa80
[ 1153.471206][    C0]  task_work_run+0x1d4/0x260
[ 1153.471238][    C0]  ? __pfx_task_work_run+0x10/0x10
[ 1153.471272][    C0]  exit_to_user_mode_loop+0xef/0x4e0
[ 1153.471306][    C0]  ? rcu_is_watching+0x15/0xb0
[ 1153.471327][    C0]  do_syscall_64+0x2b7/0xf80
[ 1153.471346][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1153.471366][    C0]  ? trace_irq_disable+0x37/0x100
[ 1153.471387][    C0]  ? clear_bhb_loop+0x60/0xb0
[ 1153.471410][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1153.471429][    C0] RIP: 0033:0x7f9905d1f749
[ 1153.471446][    C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1153.471464][    C0] RSP: 002b:00007ffed36a2de8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 1153.471484][    C0] RAX: 0000000000000000 RBX: 00007f9905f77da0 RCX: 00007f9905d1f749
[ 1153.471498][    C0] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[ 1153.471510][    C0] RBP: 00007f9905f77da0 R08: 0000000000000074 R09: 00000006d36a30df
[ 1153.471524][    C0] R10: 00000000003ffd68 R11: 0000000000000246 R12: 000000000011888d
[ 1153.471537][    C0] R13: 00007f9905f76090 R14: ffffffffffffffff R15: 00007ffed36a2f00
[ 1153.471560][    C0]  </TASK>
[ 1153.472452][   T38] Kernel panic - not syncing: hung_task: blocked tasks
[ 1153.472474][   T38] CPU: 1 UID: 0 PID: 38 Comm: khungtaskd Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1153.472499][   T38] Tainted: [L]=SOFTLOCKUP
[ 1153.472506][   T38] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1153.472517][   T38] Call Trace:
[ 1153.472526][   T38]  <TASK>
[ 1153.472534][   T38]  vpanic+0x1e0/0x670
[ 1153.472564][   T38]  panic+0xb9/0xc0
[ 1153.472589][   T38]  ? __pfx_panic+0x10/0x10
[ 1153.472622][   T38]  ? nmi_trigger_cpumask_backtrace+0x234/0x300
[ 1153.472651][   T38]  watchdog+0xfdf/0xfe0
[ 1153.472676][   T38]  ? watchdog+0x20a/0xfe0
[ 1153.472703][   T38]  kthread+0x711/0x8a0
[ 1153.472731][   T38]  ? __pfx_watchdog+0x10/0x10
[ 1153.472750][   T38]  ? __pfx_kthread+0x10/0x10
[ 1153.472773][   T38]  ? rt_spin_unlock+0x150/0x200
[ 1153.472802][   T38]  ? rt_spin_unlock+0x161/0x200
[ 1153.472824][   T38]  ? __pfx_kthread+0x10/0x10
[ 1153.472851][   T38]  ret_from_fork+0x510/0xa50
[ 1153.472873][   T38]  ? __pfx_ret_from_fork+0x10/0x10
[ 1153.472891][   T38]  ? __switch_to+0xc9e/0x1480
[ 1153.472922][   T38]  ? __pfx_kthread+0x10/0x10
[ 1153.472948][   T38]  ret_from_fork_asm+0x1a/0x30
[ 1153.472990][   T38]  </TASK>
[ 1153.494364][   T38] Kernel Offset: disabled