last executing test programs:

11.546467903s ago: executing program 4 (id=868):
ioctl$XFS_IOC_FSGROWFSRT(0xffffffffffffffff, 0x40105870, &(0x7f0000000080)={0x5, 0xfff})
syz_usb_connect$hid(0x2, 0x36, 0x0, 0x0)
ioctl$sock_inet_SIOCSARP(0xffffffffffffffff, 0x8953, 0x0)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xa, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x4, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffffd, {0x0, 0x0, 0x0, r2, {0x0, 0xfff3}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x4c840)
sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=@newtfilter={0x54, 0x2c, 0xf3f, 0x30bd29, 0x25dfdbbd, {0x0, 0x0, 0x0, r2, {0xb, 0xfff3}, {0x0, 0xfff3}, {0xd, 0x10}}, [@filter_kind_options=@f_basic={{0xa}, {0x24, 0x2, [@TCA_BASIC_EMATCHES={0x20, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x1}}, @TCA_EMATCH_TREE_LIST={0x14, 0x2, 0x0, 0x1, [@TCF_EM_IPSET={0x10, 0x1, 0x0, 0x0, {{0x6, 0x8, 0x140}, {0x0, 0x0, 0xa}}}]}]}]}}]}, 0x54}, 0x1, 0x0, 0x0, 0x20041090}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000080)={'vxcan1\x00', <r4=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="240000001800010000000c00000000001d01000008000a00", @ANYRES32, @ANYBLOB='\b\x00\t\x00', @ANYRES32=r4, @ANYBLOB], 0x24}}, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_emit_ethernet(0x42, 0x0, 0x0)
pipe(0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
sched_setscheduler(0x0, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

10.198113231s ago: executing program 1 (id=869):
r0 = socket$kcm(0x11, 0x2, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
setsockopt$bt_l2cap_L2CAP_OPTIONS(r1, 0x6, 0x1, 0x0, 0x0)
setsockopt$sock_attach_bpf(r0, 0x107, 0x14, &(0x7f0000000000), 0x4)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000280)=@tipc=@name={0x1e, 0x2, 0x1, {{0x46, 0x1}, 0x3}}, 0x80, 0x0}, 0x4000080)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x341, &(0x7f0000006680))
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
socket$inet_mptcp(0x2, 0x1, 0x106)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_clone(0x4088080, 0x0, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x400000bce)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000032680)=""/102400, 0x19000)
socketpair(0x1d, 0x800, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xe, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x59, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r7, 0x1, 0x32, &(0x7f0000000180)=r6, 0x4)
sendmsg$inet(r8, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x20000000)
bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)

10.019971733s ago: executing program 1 (id=870):
r0 = socket$kcm(0x11, 0x2, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
setsockopt$bt_l2cap_L2CAP_OPTIONS(r1, 0x6, 0x1, 0x0, 0x0)
setsockopt$sock_attach_bpf(r0, 0x107, 0x14, &(0x7f0000000000), 0x4)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000280)=@tipc=@name={0x1e, 0x2, 0x1, {{0x46, 0x1}, 0x3}}, 0x80, 0x0}, 0x4000080)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x341, &(0x7f0000006680))
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
socket$inet_mptcp(0x2, 0x1, 0x106)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_clone(0x4088080, 0x0, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x400000bce)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000032680)=""/102400, 0x19000)
socketpair(0x1d, 0x800, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xe, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x59, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r7, 0x1, 0x32, &(0x7f0000000180)=r6, 0x4)
sendmsg$inet(r8, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x20000000)
bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)

9.607710285s ago: executing program 4 (id=875):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x3, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x3000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000000c0), 0x0, 0x20008008)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/drop_packet\x00', 0x2, 0x0)
r4 = shmget$private(0x0, 0x3000, 0x400, &(0x7f0000ffd000/0x3000)=nil)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$sock(r5, &(0x7f00000008c0)={&(0x7f0000000900)=@pppoe={0x18, 0x0, {0x404, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x41}, 'pimreg1\x00'}}, 0x80, 0x0, 0x0, &(0x7f00000007c0)=[@mark={{0x14, 0x1, 0x24, 0x1}}, @timestamping={{0x14, 0x1, 0x25, 0x80000001}}, @timestamping={{0x14, 0x1, 0x25, 0x10009}}, @txtime={{0x18, 0x1, 0x3d, 0x7ff}}, @timestamping={{0x14, 0x1, 0x25, 0x8}}, @timestamping={{0x14, 0x1, 0x25, 0x2}}, @txtime={{0x18, 0x1, 0x3d, 0x9}}, @mark={{0x14, 0x1, 0x24, 0xffffffff}}, @mark={{0x14, 0x1, 0x24, 0x6e1}}, @mark={{0x14, 0x1, 0x24, 0x1ff}}], 0xf0}, 0x20004000)
shmat(r4, &(0x7f0000ffc000/0x2000)=nil, 0x5000)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x2, 0x3, 0x0, &(0x7f0000000200)='GPL\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000300)={r6, 0xffffffffffffffff, 0x39, 0x0, @val=@uprobe_multi={0x0, 0x0, 0x0, 0xc, 0x0, 0x1}}, 0x40)
get_mempolicy(0x0, 0x0, 0xffffffffffffffff, &(0x7f00008b2000/0x4000)=nil, 0x3)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r7 = syz_usb_connect$printer(0x4, 0x2d, &(0x7f0000000000)=ANY=[@ANYRES64=r3], 0x0)
syz_usb_control_io$printer(r7, 0x0, &(0x7f00000011c0)={0x34, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001180)={0x20, 0x0, 0x1}})
r8 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
pwritev2(r8, &(0x7f00000015c0), 0x1, 0xfffff, 0x2, 0x10)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=ANY=[@ANYBLOB="6c00000010000104000000000300000000000000", @ANYRES32=0x0, @ANYBLOB="fab0817dbcedf71a38001280110001006272696467655f736c617665000000002000058005001c000500000005001b0000000002040018000500210001000000140003006272696467655f736c6176655f30"], 0x6c}, 0x1, 0x0, 0x0, 0x20044010}, 0x4040)
sendmsg$netlink(r9, &(0x7f00000047c0)={0x0, 0x0, &(0x7f00000005c0), 0x0, 0x0, 0x2d}, 0x0)
r10 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r10, 0xc0045005, &(0x7f0000001180)=0x3)
mmap$dsp(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x3, 0x12, r10, 0x0)
ioctl$SNDCTL_DSP_GETOPTR(r10, 0x5008, 0x0)

8.807989297s ago: executing program 1 (id=879):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000000))
fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000040)={0x0, 0x0, 0x8000, 0x3ff})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{0x77359400}, {0x0, 0x3938700}}, 0x0)
msgrcv(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2000)

7.930273891s ago: executing program 1 (id=882):
symlink(&(0x7f0000000040)='.\x00', &(0x7f0000000100)='./file0\x00')
getpid()
connect$inet(0xffffffffffffffff, &(0x7f0000000280)={0x2, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10)
syz_open_dev$video4linux(0x0, 0x7, 0xe0c61)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000000c0)=0x3)
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000400), 0x0, 0x0)
read$msr(r0, &(0x7f000001aa40)=""/102392, 0x18ff8)
set_mempolicy(0x3, &(0x7f0000000000)=0x7, 0x7)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x20040844)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f00000004c0), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000a, 0x28011, r1, 0x0)
openat$cgroup_ro(r1, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
setpriority(0x1, 0x0, 0x8)
r2 = syz_pidfd_open(0x0, 0x0)
setns(r2, 0x24020000)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)

6.80956295s ago: executing program 3 (id=891):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@dev, @in6=@mcast1, 0x0, 0x0, 0xffff, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x1}, {0x0, 0x1}, 0x0, 0x0, 0x1}, {{@in=@rand_addr=0x64010102, 0x4d5, 0x33}, 0x2, @in6=@loopback, 0x0, 0x0, 0x0, 0xb7, 0x0, 0x8000000}}, 0xe8)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)

6.390958766s ago: executing program 1 (id=893):
r0 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
read$eventfd(r0, &(0x7f0000000040), 0x8)
writev(r0, &(0x7f0000000180)=[{&(0x7f0000000080)='1Rb', 0x3}, {&(0x7f00000000c0)="4d23a7a2129fdb18bef2f2edb5df823a985c9b05abc5f6de71073e61fbccf2ddd360a7d2c0773ff425f5ea8b7bcd67ef163868d10c334b105ddefccb046fd160a7bc970be4162372b094eb7c514ed31af4002681114b", 0x56}, {&(0x7f0000000140)}], 0x3)
ioctl$VHOST_GET_FEATURES(r0, 0x8008af00, &(0x7f00000001c0))
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x8000000000000001, 0xffff, &(0x7f0000000200)=0x1)
r1 = accept4$tipc(r0, &(0x7f0000000240)=@id, &(0x7f0000000280)=0x10, 0x80000)
fsetxattr$security_ima(r1, &(0x7f00000002c0), &(0x7f0000000300), 0x1, 0x0)
write$binfmt_register(r0, &(0x7f0000000340)={0x3a, 'syz3', 0x3a, 'M', 0x3a, 0x3, 0x3a, '/selinux/policy\x00', 0x3a, 'security.ima\x00', 0x3a, './file0', 0x3a, [0x43, 0x46, 0x4f, 0x43, 0x50, 0x46, 0x50, 0x4f]}, 0x4c)
setsockopt$IP_VS_SO_SET_EDIT(r0, 0x0, 0x483, &(0x7f00000003c0)={0x5c, @local, 0x4e22, 0x4, 'lc\x00', 0x9, 0x5, 0x6e}, 0x2c)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000400)='/proc/sysvipc/msg\x00', 0x0, 0x0)
fsetxattr$trusted_overlay_upper(r2, &(0x7f0000000440), &(0x7f0000000480)={0x0, 0xfb, 0x91, 0x4, 0xc, "95a969d553f7ee0e703e57418f8971dd", "ee2f5575eb4e90c43ab693ce03bcac27bc5aff8863dd5ca152f05feea209bdfa8d8badb5dda24434eb6f8b41a6c5f3270d911865f5fdcb960c2f9145ac38ae0ef713c6e3f343545fad074180668c7909c0704d58e643c3284c21bad9824444a535918375123178346d92b2f46d1acb155f4c4c286f21ba553f84e54f"}, 0x91, 0x3)
r3 = syz_io_uring_setup(0x6eb2, &(0x7f0000000540)={0x0, 0x9a72, 0x400, 0x1, 0x6b, 0x0, r2}, &(0x7f00000005c0), &(0x7f0000000600), &(0x7f0000000640))
connect$caif(r2, &(0x7f0000000680), 0x18)
mprotect(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x3000000)
setsockopt$inet_sctp6_SCTP_HMAC_IDENT(r0, 0x84, 0x16, &(0x7f00000006c0)={0x1, [0xe]}, 0x6)
r4 = syz_open_dev$sndctrl(&(0x7f0000000700), 0x3, 0x8000)
ioctl$SNDRV_CTL_IOCTL_TLV_COMMAND(r4, 0xc008551c, &(0x7f0000000740)={0x9, 0x28, [0x1000, 0xe, 0x2, 0x400, 0x6, 0xfffffffa, 0x8ed6, 0x36e5, 0x3, 0xfff]})
ioctl$EVIOCGMTSLOTS(r2, 0x8040450a, &(0x7f0000000780)=""/152)
r5 = add_key$keyring(&(0x7f0000000840), &(0x7f0000000880)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffb)
keyctl$KEYCTL_WATCH_KEY(0x20, r5, r0, 0xe5)
syz_emit_ethernet(0x1d6, &(0x7f00000008c0)={@multicast, @random="07607f9db433", @void, {@ipv6={0x86dd, @generic={0xf, 0x6, "d8d315", 0x1a0, 0x11, 0x1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @private2={0xfc, 0x2, '\x00', 0x1}, {[@srh={0x1d, 0x8, 0x4, 0x4, 0x1b, 0x40, 0xbc51, [@local, @empty, @remote, @rand_addr=' \x01\x00']}, @routing={0x84, 0xe, 0x1, 0x5, 0x0, [@loopback, @local, @private2={0xfc, 0x2, '\x00', 0x1}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @mcast1, @private1={0xfc, 0x1, '\x00', 0x1}, @mcast1]}], "1d4a990ffb7098f5ee41ffacbdb35b0014d6fcc2f2c15f7d35481b70f85a82c0b4dc36f8097ee5512c98b696841f1255137581e43c74f223ca1e66d93bb2e7173b501db28d59d8c8503e9a31c84f80568852109e08e9dac92e022922d7409e15287a0310201c3c34183d16cc3e0b47bfc8dae9ef470f6cfdeef0909f54b841d8fa454874b716126a97c6d17a6d7f71c63b4bef28f6d9f32e8662d14dce9b23a0c8aa6999c3c7118224e3451d4ef9d80f9b50d0fa4c17a4dbc14bd192f72e9cfb8e50a63af6876630c988175f13292a82069e66833f9a7b87912a9cb03af0acd0"}}}}}, 0x0)
write$tun(r2, &(0x7f0000000ac0)={@void, @val={0x1, 0xbbcd01f5806066ba, 0x0, 0xfff, 0x4, 0x6}, @mpls={[{0x9}, {0xffffa}, {0xffe01}, {0x8}, {0xff74e, 0x0, 0x1}, {0x1c, 0x0, 0x1}, {0x6}, {0x2, 0x0, 0x1}, {0x3}, {0x4, 0x0, 0x1}], @ipv4=@dccp={{0x54, 0x4, 0x3, 0x2, 0x253, 0x65, 0x0, 0x76, 0x21, 0x0, @private=0xa010100, @multicast2, {[@timestamp_addr={0x44, 0x14, 0xa7, 0x1, 0x9, [{@dev={0xac, 0x14, 0x14, 0x44}, 0xb7f}, {@multicast2, 0xe}]}, @generic={0x94, 0x8, "54a3191943a4"}, @lsrr={0x83, 0x1f, 0x80, [@broadcast, @multicast2, @local, @empty, @multicast1, @dev={0xac, 0x14, 0x14, 0x28}, @rand_addr=0x64010100]}, @cipso={0x86, 0x48, 0x3, [{0x2, 0xe, "809d55476d9a6dc1c4f0573e"}, {0x0, 0x9, "3ba1f0e45edba9"}, {0x5b53af953e7f51af, 0x4, "d856"}, {0x5, 0x6, "bacb60ed"}, {0x2, 0xf, "3df403cc0995489a968fdf9d4f"}, {0x0, 0x5, "31af7b"}, {0x2, 0x6, "83d047bb"}, {0x0, 0x4, ' Z'}, {0x6, 0x3, "e8"}]}, @rr={0x7, 0x1b, 0x84, [@remote, @multicast1, @empty, @multicast2, @local, @private=0xa010101]}, @timestamp_addr={0x44, 0x4c, 0xfa, 0x1, 0x5, [{@rand_addr=0x64010100, 0x8}, {@broadcast, 0x10}, {@loopback, 0x9}, {@remote, 0x4}, {@multicast1, 0x5}, {@private=0xa010102, 0x8}, {@remote, 0x2}, {@rand_addr=0x64010101, 0xe9f9}, {@dev={0xac, 0x14, 0x14, 0x37}, 0x1}]}, @timestamp={0x44, 0x20, 0xdf, 0x0, 0x3, [0x0, 0x7fffffff, 0x9, 0x8, 0x0, 0x5fee, 0xac11]}, @ra={0x94, 0x4}, @timestamp_prespec={0x44, 0x2c, 0xed, 0x3, 0xd, [{@multicast1, 0x800}, {@loopback, 0xaf09}, {@rand_addr=0x64010102, 0xfffffffe}, {@dev={0xac, 0x14, 0x14, 0x41}, 0x10000}, {@broadcast, 0x5}]}]}}, {{0x4e22, 0x4e20, 0x4, 0x1, 0x3, 0x0, 0x0, 0x3, 0x4, "89203f", 0x9, 'x\vI'}, "e865e2ade0a243b5b87f3315e101ac6618b7b3c897e0722ada381c931d9448f25ddedcba998006a71be71c233ff406fb584a081f8d450bdec58761cfb7f2a801d34b7391b24e693f8bcc64643a9cc3089aa9959bdc7f387a9a9084bb2d32e8548e698a189e3f241316740f5b8acaf9220893e8bf4ffdc776236d1a6e4d4c75d1302bd575bbf1d6614012333589b15913d275a44e839284826b39d30b2e41403ceb879125bc7ac3f448fe8bb02fa10ee6a7954327ad37cdeebab10c4ed88cb2688b3fb1a601411572e3a602694343333acf7167d21a355eded8c6607d2de2eba771bdcb476590a19ca033afb53e2b7876b1ec3e"}}}}, 0x285)
mprotect(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
ioctl$SIOCSIFHWADDR(r2, 0x8924, &(0x7f0000000d80)={'pimreg0\x00', @random="c0f2fb2a4777"})
ioctl$FS_IOC_GETFLAGS(r4, 0x80086601, &(0x7f0000000dc0))
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000e00)={0x0, @in={{0x2, 0x4e24, @loopback}}, 0x9, 0x8}, 0x90)
ioctl$F2FS_IOC_RESIZE_FS(r3, 0x4008f510, &(0x7f0000000ec0)=0x1)
setsockopt$inet_int(r2, 0x0, 0x14, &(0x7f0000000f00)=0x1, 0x4)
getsockopt$inet_tcp_int(r2, 0x6, 0x8, &(0x7f0000000f40), &(0x7f0000000f80)=0x4)
recvmsg$inet_nvme(r2, &(0x7f0000002280)={&(0x7f0000000fc0)=@l2, 0x80, &(0x7f0000002200)=[{&(0x7f0000001040)=""/109, 0x6d}, {&(0x7f00000010c0)}, {&(0x7f0000001100)=""/4096, 0x1000}, {&(0x7f0000002100)=""/254, 0xfe}], 0x4, &(0x7f0000002240)=""/13, 0xd}, 0x102)

6.175252852s ago: executing program 3 (id=894):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x9f)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105042, 0x1ff)
ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f0000000000)=0x60)
truncate(&(0x7f0000000000)='./file1\x00', 0xffff)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r2, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000001c0)=ANY=[@ANYBLOB="3c00000010001fff000000000100000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b00010067656e65766500000400028008000a00", @ANYRES32=r2], 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@newlink={0x2c, 0x10, 0x403, 0x70bd25, 0x0, {0x0, 0x0, 0x0, r2, 0x500}, [@IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20008004}, 0x8000)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x5)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r5 = socket$pptp(0x18, 0x1, 0x2)
accept(r5, 0x0, 0x0)

5.844891586s ago: executing program 4 (id=896):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000c00000009"], 0x50)
openat$tun(0xffffffffffffff9c, 0x0, 0xa2f01, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0), &(0x7f0000001040), 0xadc, r3, 0x700}, 0x38)

5.775259675s ago: executing program 2 (id=897):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x28, 0x40, 0x107, 0xfffffefe, 0x0, {0x1, 0x7c}, [@nested={0x4, 0x142}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x6, 0xb, 0x0, 0x0, @str='\x80\n'}]}, @nested={0x4, 0x2}]}, 0x28}, 0x1, 0x0, 0x0, 0x48815}, 0xc000)

5.709822414s ago: executing program 3 (id=898):
r0 = syz_usb_connect(0x2, 0x24, &(0x7f00000007c0)=ANY=[@ANYBLOB="12010000ed3ec908cd0cb300ea2d010203010902120001000000000904"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
r1 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @empty, 0x4}, 0x1c)
r3 = syz_init_net_socket$ax25(0x3, 0x5, 0xc4)
ioctl$sock_ax25_SIOCDELRT(r3, 0x890c, &(0x7f0000002a00)={@default, @null, 0x1, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @default]})
listen(r2, 0x5)
setsockopt$inet_sctp6_SCTP_ASSOCINFO(r2, 0x84, 0x1, &(0x7f00000001c0)={0x0, 0x1ff, 0x200, 0x5, 0x4, 0x1}, 0x14)
r4 = memfd_secret(0x0)
ppoll(&(0x7f0000000080)=[{r1, 0x204}, {r2, 0x4100}, {r4, 0x10}], 0x3, &(0x7f00000000c0)={0x0, 0x3938700}, &(0x7f0000000100)={[0x2]}, 0x8)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000000)={0x1c, &(0x7f0000000240)=ANY=[], 0x0, 0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
recvmsg(r5, &(0x7f0000004ac0)={0x0, 0x0, 0x0}, 0x4002)
recvmsg(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000002440)=[{&(0x7f0000002a00)=""/4106, 0x679}, {&(0x7f0000001440)=""/4096, 0x1000}], 0x2}, 0x100)
sendmsg$nl_generic(r5, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c0000001000010700000000000000000a0000000600010018", @ANYRES32=r1], 0x1c}}, 0x20000840)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)

5.68043479s ago: executing program 2 (id=899):
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$F2FS_IOC_SET_COMPRESS_OPTION(0xffffffffffffffff, 0x4002f516, &(0x7f0000000180)={0x52, 0x1})
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xf, &(0x7f0000000380)={0x8, 0x3}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
syz_open_dev$radio(&(0x7f00000000c0), 0xffffffffffffffff, 0x2)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
userfaultfd(0x80001)
r1 = getpgrp(0x0)
ptrace$getenv(0x4201, r1, 0x1, &(0x7f0000000140))
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/fscaps', 0x800, 0x4)
read$char_usb(r2, &(0x7f0000000040)=""/236, 0xec)
unshare(0x22020400)
pselect6(0x40, &(0x7f0000000240)={0x0, 0x0, 0x1ff, 0x7d, 0x0, 0x8000, 0x4, 0x1}, 0x0, &(0x7f00000002c0)={0x3ff, 0x6, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000006}, 0x0, 0x0)

5.45804468s ago: executing program 0 (id=900):
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, 0x0, 0x48000)
syz_emit_ethernet(0xfdef, &(0x7f0000000000)={@local, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, @rand_addr, @multicast1=0xe0000300}, @address_request}}}}, 0x0)

5.314012006s ago: executing program 0 (id=901):
r0 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
ioctl$SIOCAX25ADDUID(r0, 0x8915, &(0x7f0000000240)={0x3, @null, 0xee00})

5.258488088s ago: executing program 0 (id=902):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)={0x54, 0x9, 0x6, 0x3, 0x0, 0x0, {0x5, 0x0, 0x40}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x2c, 0x7, 0x0, 0x1, [@IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e21}, @IPSET_ATTR_PROTO={0x5, 0x7, 0xff}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @private=0xe0004000}}, @IPSET_ATTR_IP2={0xc, 0x14, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast=0xffff0011}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x10004893}, 0x80) (fail_nth: 5)

5.188106064s ago: executing program 0 (id=903):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x6, &(0x7f0000000200)=0x2000000a)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setattr(0x0, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = socket(0x2, 0x80805, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_DEACTIVATE_KEY(r5, 0x84, 0x23, &(0x7f0000000000)={0x0, 0xa001}, 0x8)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
r7 = socket$inet_tcp(0x2, 0x1, 0x0)
connect$inet(r7, &(0x7f0000000180)={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x11}}, 0x10)
sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a50000000060a0b0400000000200000000200000124000480200001800700010063740000140002800800014000000900010073797a30000000020900020073797a32000000000f00000a"], 0x78}}, 0x10)
r8 = socket$inet_udp(0x2, 0x2, 0x0)
r9 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r9, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000840)=ANY=[@ANYBLOB="fc0000001900010000000000fcdbdf2564010102000000000000000000000000fe8000000000000000000000000000bb00000000000000000200000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000012000004000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000100000000000000000000000000000000000000002000000000000000000000010000000000000001000000000000004400050000000000000000000000000000000000000000022b0000000a080000fe8000000000000000000000000000aa000000000400"/180], 0xfc}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
bind$inet(r5, &(0x7f0000000240)={0x2, 0x0, @empty}, 0x10)
setsockopt$sock_int(r8, 0x1, 0x6, &(0x7f0000000140)=0x8, 0x4)
connect$inet(r8, &(0x7f00000003c0)={0x2, 0x4e21, @loopback}, 0x10)
sendmmsg$inet(r8, &(0x7f0000004d00)=[{{0x0, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x30000}}], 0x300, 0xf00)
connect$unix(r0, &(0x7f00000001c0)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)

4.678017806s ago: executing program 2 (id=904):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@dev, @in6=@mcast1, 0x0, 0x0, 0xffff, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x1}, {0x0, 0x1}, 0x0, 0x0, 0x1}, {{@in=@rand_addr=0x64010102, 0x4d5, 0x33}, 0x2, @in6=@loopback, 0x0, 0x0, 0x0, 0xb7, 0x0, 0x8000000}}, 0xe8)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)

4.197048943s ago: executing program 2 (id=905):
socket$nl_rdma(0x10, 0x3, 0x14)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xd7a667c799430127, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'pimreg0\x00'})
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)={0x1b, 0x0, 0x0, 0x4, 0x0, 0xffffffffffffffff, 0x87f2, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4}, 0x50)
r3 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r3, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10)
gettid()
socketpair$unix(0x1, 0x5, 0x0, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @thr={&(0x7f0000000340)="88a583c7495a586fedf21e8aac57e0b3a5e5500a2eb11cf43c6ef41bce8c516fd7f59bbadcf0b2fc2ecbea22c5ac49639bff7b39ef36fe87f53d46c013541255baece96478a2e718afd514e2a9ae38", &(0x7f00000004c0)="0cf97239b829a3705e62d8241f75bbebc643a464b45987757d1b79b15f71103eb23535e0db8899fb3484fcd22130e7c787dd3922888ebbc5466696cdd1e8918a721475b34d5abc7e9241e2375a566376accaf096030ec9d1719272d9327bc5204867cc02c04468992c5f1d968459d2f9ff817a52097081140fcd18c32153b1fa90691f65d56bbb71e01eb63e39ad0074acf56471842de0dd559b508d1572545da3c354be94b901019b7d"}}, &(0x7f0000bbdffc))
syz_open_dev$swradio(&(0x7f0000000040), 0x1, 0x2)
r4 = socket$nl_rdma(0x10, 0x3, 0x14)
syz_usb_control_io$cdc_ncm(0xffffffffffffffff, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x2, 0x7}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(0xffffffffffffffff, 0x3ba0, &(0x7f0000000580)={0x48})
read$msr(r5, &(0x7f0000005580)=""/102392, 0x18ff8)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, &(0x7f00000002c0))
execveat(0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x100)
r6 = syz_open_dev$dvb_demux(&(0x7f0000000080), 0x0, 0x41)
ioctl$DVB_DEMUX_DMX_START(r6, 0x6f29)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="38000000031401002dbd7000ffdbdf2509000200737903000000000000007700040033006261746164765f736c6176655f31000000"], 0x38}, 0x1, 0x0, 0x0, 0x200008c0}, 0x40)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)

4.113513101s ago: executing program 4 (id=906):
syz_io_uring_submit(0x0, 0x0, 0x0, &(0x7f0000000200)=@IORING_OP_MKDIRAT={0x25, 0x13, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0xc0})
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000007c0), 0x0, 0x0)
setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$usbfs(0x0, 0x205, 0x2581)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r3)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)={0x30, r4, 0x1, 0x70bd2f, 0x204, {}, [@IEEE802154_ATTR_LLSEC_KEY_MODE={0x5, 0x2b, 0x1}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}, @IEEE802154_ATTR_LLSEC_SECLEVEL={0x5, 0x2a, 0x40}]}, 0x30}, 0x1, 0x0, 0x0, 0x4000000}, 0x8014)
sendmsg$IEEE802154_SET_MACPARAMS(r2, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x1c, r4, 0x800, 0x70bd25, 0x25dfdbfb, {}, [@IEEE802154_ATTR_FRAME_RETRIES={0x5, 0x28, 0x7}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x200480d1)
sendmsg$nl_generic(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000c40)=ANY=[@ANYBLOB="9000000042000701feffffffffdbdf25037c000004004580750001"], 0x90}}, 0x2004c000)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f0000000f80)=@raw={'raw\x00', 0x3c1, 0x3, 0x330, 0x0, 0x168, 0x10, 0x0, 0xb, 0x260, 0x250, 0x250, 0x260, 0x250, 0x3, 0x0, {[{{@ipv6={@remote, @private1={0xfc, 0x1, '\x00', 0x1}, [0x0, 0x0, 0xff000000], [0x0, 0xffffffff], 'veth1_to_batadv\x00', 'veth1_to_hsr\x00', {}, {}, 0x3a}, 0x6000000, 0x128, 0x190, 0x0, {0x0, 0x28e}, [@common=@icmp6={{0x28}, {0x0, 'K\r'}}, @common=@inet=@hashlimit1={{0x58}, {'tunl0\x00', {0x0, 0x0, 0x9, 0x1, 0x0, 0x10000, 0x80000001}}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, '\x00', 'syz1\x00'}}}, {{@ipv6={@ipv4={'\x00', '\xff\xff', @remote}, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, [0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff], [0xffffffff, 0x0, 0xffffffff, 0xff], 'veth1_vlan\x00', 'pimreg0\x00', {0xff}, {0xff}, 0x21, 0xff, 0x1, 0x52}, 0x0, 0xa8, 0xd0}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xffffffffffffffff}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x390)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000440)={'sit0\x00', &(0x7f0000000380)={'gretap0\x00', <r7=>0x0, 0x40, 0x700, 0xb75, 0x1, {{0x1e, 0x4, 0x1, 0x2a, 0x78, 0x67, 0x0, 0x9, 0x2f, 0x0, @broadcast, @rand_addr=0x64010100, {[@cipso={0x86, 0x61, 0x2, [{0x7, 0x3, "85"}, {0x0, 0xe, "bbce9f85a0cf19bf9eddbcdd"}, {0x5, 0xc, "0da55451ff953a4c3a74"}, {0x2, 0x7, "2f89d680c5"}, {0x1, 0xa, "f02886104ea54324"}, {0x0, 0x10, "023444c8923899b4fd7a44f5a3cc"}, {0x5, 0xa, "3cbe712819a882d4"}, {0xc27fb3030238aa70, 0x6, "7bb15cf1"}, {0x0, 0xd, "96682645d613259e58549c"}]}, @end, @end]}}}}})
sendmsg$nl_route_sched(r6, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000800)=@newqdisc={0x6c, 0x24, 0x400, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, r7, {0x6}, {0xffff, 0x1}, {0x0, 0xe}}, [@TCA_EGRESS_BLOCK={0x8, 0xe, 0xc}, @TCA_RATE={0x6, 0x5, {0x6, 0x40}}, @TCA_RATE={0x6, 0x5, {0xf, 0x80}}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x5}, @TCA_RATE={0x6, 0x5, {0x8, 0xd9}}, @qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0x10001, 0x9, 0x7}}}}]}, 0x6c}}, 0x0)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="120100009dea7840b418fbff7bdc01020301090212000100000000090401"], 0x0)
syz_usb_control_io$cdc_ecm(r10, 0x0, &(0x7f00000008c0)={0x1c, &(0x7f0000010000)=ANY=[@ANYBLOB="00000100000001"], 0x0, 0x0})
r11 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402)
writev(r11, &(0x7f0000002900)=[{&(0x7f0000000100)="ec", 0x1}], 0x1)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000480)=0x85d, 0x4)
r12 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r12, 0x4008ae89, &(0x7f00000000c0)={0x1, 0x0, [{0xce, 0x0, 0x2000000000001}]})
syz_emit_ethernet(0x66, &(0x7f0000000b80)=ANY=[@ANYBLOB="ffffffffffff6487a2bed3d608004500001403000000006c907800000000000000000420880b0000000000000800000086dd080088be00000000100000000100000000000000080022eb00000007200080000200000000000000000000000800655800000000"], 0x0)

2.842276092s ago: executing program 2 (id=907):
r0 = memfd_create(&(0x7f0000000640)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc9\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\xa4(V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93i|\xc0\x00\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\xfd\x89\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\rW\xef\x10\xd6d#\xf2\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\xb5\x13^\x13\xcb\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8\x1f\xb2C\xf8\'?]\x16C\x166\xc0\xbcJT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8', 0x2)
r1 = socket$caif_stream(0x25, 0x1, 0x5)
sendfile(r1, r0, 0x0, 0x2000081)

2.724065485s ago: executing program 2 (id=908):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
mlock(&(0x7f00007fe000/0x800000)=nil, 0x800000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000240), 0x2, 0x40102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2f)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000680)=ANY=[@ANYBLOB="c40100002a00070127bd700000000000017c00000c00028005007c802800000004000780b6000680"], 0x1c4}, 0x1, 0x0, 0x0, 0xc000}, 0x4040)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="a81400002a00070127bd700000000000017c00000c00028005007c80280000"], 0x14a8}, 0x1, 0x0, 0x0, 0xc080}, 0x2004040)
munlockall()
madvise(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x19)
sendmmsg$inet6(r0, &(0x7f0000019680), 0x0, 0x48800)
r4 = syz_usb_connect(0x0, 0x4a, &(0x7f0000000040)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582"], 0x0)
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)={0x77359400}, &(0x7f0000000200)={&(0x7f00000001c0)={[0x10000]}, 0x8})
syz_usb_control_io$cdc_ecm(r4, &(0x7f0000000140)={0x14, 0x0, &(0x7f0000000100)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r4, 0x82, 0xc38, &(0x7f0000000d80)=ANY=[@ANYBLOB="ddf963"])

2.591955582s ago: executing program 3 (id=909):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x9f)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x1ff)
ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, 0x0)
truncate(&(0x7f0000000000)='./file1\x00', 0xffff)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r2, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000001c0)=ANY=[@ANYBLOB="3c00000010001fff000000000100000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b00010067656e65766500000400028008000a00", @ANYRES32=r2], 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@newlink={0x2c, 0x10, 0x403, 0x70bd25, 0x0, {0x0, 0x0, 0x0, r2, 0x500}, [@IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20008004}, 0x8000)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x5)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r5 = socket$pptp(0x18, 0x1, 0x2)
accept(r5, 0x0, 0x0)

2.426049066s ago: executing program 1 (id=910):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=@ipv4_newrule={0x24, 0x20, 0xf4db158ec847dc81, 0x70bd2b, 0x25dfdbfe, {0x2, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x6, 0x1f}, [@FRA_GENERIC_POLICY=@FRA_L3MDEV={0x5, 0x13, 0x2}]}, 0x24}, 0x1, 0x0, 0x0, 0xd5}, 0x44004)
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000004"], 0x0, 0x26, 0x0, 0x1}, 0x28)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x7, &(0x7f0000000180)=@framed={{}, [@func={0x85, 0x0, 0x1, 0x0, 0x3}, @map_val, @exit]}, &(0x7f0000000280)='GPL\x00', 0x5, 0xe2, &(0x7f00000002c0)=""/226, 0x0, 0x0, '\x00', 0x0, 0x25, r1, 0x8, 0x0, 0x0, 0x10, &(0x7f00000004c0)={0x0, 0x1010000}, 0xfdeb}, 0x80)
r2 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r2, 0x40000000af01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000240)={0x1, 0x1, 0x0, &(0x7f0000000200)=""/51, 0x0})
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000340))
r4 = dup(r3)
ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f0000000040)={0x3, 0x0, [{0x286, 0x0, 0x3}, {0xba8, 0x0, 0x2}, {0x2ce, 0x0, 0x4}]})
r5 = socket$netlink(0x10, 0x3, 0x4)
write(r5, &(0x7f00000000c0)="2700000014000707030e0000120f11000100f5fe0012ff000000073e8a151f7508bfb4df056439", 0x27)
ioctl$VHOST_NET_SET_BACKEND(r2, 0x4008af30, &(0x7f0000000000)={0x1, r4})
r6 = gettid()
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r7 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
write$dsp(r7, &(0x7f0000000040)='\x00', 0x1)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
r8 = syz_open_procfs(r6, &(0x7f0000000080)='statm\x00')
read$FUSE(r8, &(0x7f0000000640)={0x2020}, 0x2020)
ioctl$VHOST_SET_FEATURES(r2, 0x4008af00, 0x0)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r9, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[], 0xe0}, 0x1, 0x0, 0x0, 0x891}, 0x0)

2.096992676s ago: executing program 4 (id=911):
modify_ldt$write2(0x11, &(0x7f0000000000)={0x6, 0x20000000, 0xffffffffffffffff, 0x1}, 0x10)
io_uring_setup(0xf08, &(0x7f0000000780)={0x0, 0xef7c, 0x38c1, 0x4, 0x78})
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x72, 0x0, 0x7fff0000}]})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xb, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000300)=0x1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x4, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = creat(&(0x7f0000000080)='./file0\x00', 0x8d)
close(r3)
socket$vsock_stream(0x28, 0x1, 0x0)
r4 = socket$tipc(0x1e, 0x5, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r4, @ANYBLOB="89c408f39ca2ede1f1b096eafc2afd7c0948"])
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'ghash-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f0000000200)="ad56b6cc0400aeb995298992ea5400c2", 0x10)
close_range(r0, 0xffffffffffffffff, 0x0)
r6 = fsopen(&(0x7f0000000000)='exfat\x00', 0x0)
r7 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_int(r7, 0x29, 0x4e, &(0x7f0000000380)=0x7fffffff, 0x4)
fsconfig$FSCONFIG_SET_STRING(r6, 0x1, &(0x7f0000000080)='iocharset', &(0x7f00000000c0)='io#harset', 0x0)
fsconfig$FSCONFIG_SET_STRING(r6, 0x1, &(0x7f0000000080)='iocharset', &(0x7f00000000c0)='io#harset', 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001300)=ANY=[@ANYBLOB="142000003e0007010300000000000000017c00000400428011000100686d61d31acb1b323234290100000000e81f02"], 0x2014}, 0x1, 0x0, 0x0, 0x4048011}, 0xc000)
madvise(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0xa)

1.65507855s ago: executing program 0 (id=912):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=@bridge_dellink={0x34, 0x13, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x0, 0x1}, [@IFLA_AF_SPEC={0x14, 0x1a, 0x0, 0x1, [@AF_INET={0x10, 0x4, 0x0, 0x1, {0xc, 0x3, 0x0, 0x1, [{0x8, 0x1d, 0x0, 0x0, 0xffffffff}]}}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000001}, 0x0) (fail_nth: 5)

1.126051217s ago: executing program 4 (id=913):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
io_submit(0x0, 0x1, &(0x7f0000000040)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x3, 0xffff, r0, 0x0}])
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0xc0}, 0x24000000)
r1 = add_key$user(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000280)="d25a98", 0x3, 0xfffffffffffffffe)
r2 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r1, r2, r1}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x20042, 0x0)
add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = dup(r4)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000840)={0x204, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r4, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

194.724669ms ago: executing program 3 (id=914):
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000940)=0x200000000)
write$vhost_msg_v2(r0, &(0x7f0000000980)={0x2, 0x0, {0x0, 0x4b, 0x0, 0x0, 0x2}}, 0x48)
write$vhost_msg_v2(r0, &(0x7f0000001f00)={0x2, 0x0, {&(0x7f00000004c0)=""/110, 0x6e, 0x0, 0x2, 0x2}}, 0x48)
write$vhost_msg_v2(r0, &(0x7f00000003c0)={0x2, 0x600, {&(0x7f00000002c0)=""/119, 0x77, 0x0, 0x3, 0x3}}, 0x48)

82.909401ms ago: executing program 0 (id=915):
socket$nl_generic(0x10, 0x3, 0x10)
mknodat$loop(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x1004, 0x1)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000001180), 0x42, 0x0)
r1 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000180), 0x40, 0x0)
getsockname$netrom(r1, &(0x7f00000001c0)={{0x3, @netrom}, [@rose, @null, @null, @default, @remote, @null, @null, @netrom]}, &(0x7f0000000340)=0x48)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f00000083c0)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000100)={0x50, 0x0, r2, {0x7, 0x1f, 0x1000001, 0x5069f481, 0x8, 0x7fff, 0x0, 0x800, 0x0, 0x0, 0x10}}, 0x50)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_sctp(0xa, 0x1, 0x84)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
r5 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f0000000000)={'vxcan1\x00', <r6=>0x0})
bind$can_j1939(r5, &(0x7f00000000c0)={0x1d, r6}, 0x18)
connect$can_j1939(r5, &(0x7f0000000100)={0x1d, r6, 0x0, {0x0, 0xff, 0xa8fe8ad4eea2351f}, 0x2}, 0x5a)
sendmmsg(r5, &(0x7f0000003e40), 0x3fffffffffffe3d, 0xf5)
getsockopt$SO_J1939_PROMISC(r5, 0x6b, 0x2, 0x0, &(0x7f00000001c0))
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$binfmt(0xffffffffffffff9c, 0x0, 0x41, 0x1ff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x4000f2, 0x1000)
keyctl$instantiate(0xc, 0x0, 0x0, 0x2a, 0x0)
r7 = add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000400)={'syz', 0x1}, &(0x7f0000000100), 0x0, 0xfffffffffffffffa)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="aaeb951b17fbe2056418de9b0600e3ff03000000010000000800000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x12, &(0x7f0000000480)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0xc}, {{0x18, 0x1, 0x1, 0x0, r8}}, {}, [@ldst={0x3, 0x0, 0x3, 0xb, 0xb, 0x100, 0xfffffffffffffffc}, @map_fd={0x18, 0x8}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
keyctl$read(0xb, r7, &(0x7f0000000240)=""/112, 0x349b7f55)

0s ago: executing program 3 (id=916):
r0 = syz_open_dev$video(0x0, 0x101, 0xab02)
socket$tipc(0x1e, 0x2, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeef, 0xc831, r1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r3, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
r5 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00')
r6 = openat$binfmt(0xffffffffffffff9c, r5, 0x42, 0x1ff)
close(r6)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000002540)=@newtaction={0x898, 0x30, 0x12f, 0x0, 0x0, {}, [{0x884, 0x1, [@m_police={0x880, 0x1, 0x0, 0x0, {{0xb}, {0x854, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, {0x7, 0x0, 0xfffe, 0x0, 0x98, 0x7}, {0x7, 0x0, 0x2, 0x0, 0x0, 0x7}}}], [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfffffffd, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x3, 0x0, 0x4, 0xffff0003, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffff35, 0x0, 0xfffffffc, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe0000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7883, 0x100000, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x1]}], [@TCA_POLICE_PEAKRATE64={0xc, 0x9, 0xffffffffffffffca}, @TCA_POLICE_RATE={0x404, 0x2, [0x7, 0x6, 0x2, 0x7f, 0x401, 0x2, 0x0, 0x2, 0x80000000, 0x4, 0x5, 0x8, 0x0, 0x7fff, 0x75ba, 0x7fffffff, 0x5, 0xffffffff, 0x7ff, 0x2, 0x9, 0x2, 0x0, 0x1000, 0x1, 0x3, 0x6, 0x0, 0xfa, 0x4, 0x0, 0xf, 0x80000001, 0x7, 0xfffffffb, 0x1, 0x20, 0x5, 0x8, 0x1, 0x2f2, 0x7fff, 0x0, 0x81, 0x6, 0x1ff, 0x7, 0x3, 0x5, 0x3, 0x9, 0xffc, 0x401, 0x623, 0x6, 0xa, 0x2, 0x4, 0x7f, 0x5, 0xfffffffb, 0x4, 0x4, 0x5, 0x8, 0x9, 0x9, 0x10, 0x9, 0x7, 0xffffff00, 0x97, 0x0, 0x4, 0x8, 0x8, 0x1, 0x958, 0x200, 0x4, 0x6, 0x7, 0x80, 0x5, 0xe53, 0x0, 0xfffffffc, 0x4, 0x8, 0x9, 0x7fff, 0x30, 0x2, 0xfffffff7, 0x4, 0x9, 0x1, 0x4, 0x7, 0x9, 0x5, 0x7, 0x6, 0x0, 0x5, 0x2, 0x7, 0x3, 0xffffe601, 0x2, 0xd67, 0x7, 0x7, 0x25, 0x10, 0x7, 0xfffffff7, 0x2, 0x400, 0x8, 0x0, 0x7, 0x5, 0x8, 0xa, 0x400, 0x9, 0x100005, 0xdb5, 0x105, 0x4, 0x74e4, 0x7ffc, 0x7, 0x7ff, 0x1, 0xd70, 0x1, 0x6, 0xa, 0x7, 0x1, 0x82, 0x52e, 0x1, 0x4, 0x5, 0x26, 0x1, 0xe, 0x81, 0x0, 0x14, 0x767, 0x7, 0x9, 0x10, 0xc2a, 0xff, 0x4, 0x6, 0x7, 0x3, 0xfffffff4, 0x8, 0x3, 0xfff, 0xde94, 0x5, 0x1, 0x7, 0x3, 0xd7c5, 0x22, 0x10000, 0x7fff, 0x5, 0x5, 0x0, 0x2000d, 0x7, 0x2, 0x0, 0x6ee1847d, 0x100, 0x7ff, 0x1, 0xf0, 0x7, 0x2, 0x7, 0x4, 0x4, 0x4, 0x7, 0x2, 0x0, 0x1, 0xfffffffb, 0x3, 0xffe, 0x80000001, 0x7, 0x676, 0x3, 0x100009, 0x2, 0x4, 0x7fff, 0x4a5, 0x23, 0x4, 0x9, 0x8, 0x0, 0x80, 0xa, 0x9, 0xca000000, 0x2, 0xfffffffa, 0x81, 0x7, 0x8, 0x7, 0x65fe, 0x1, 0x1006, 0x4, 0x2, 0x5, 0x7ff, 0xb848, 0x6, 0x6, 0x4, 0x7, 0x1, 0xb, 0x80, 0x2, 0x3, 0x6, 0x4, 0x4, 0x7, 0xc, 0x80000001, 0x5, 0x2, 0x10000000, 0xb, 0x7, 0x5, 0x2, 0x79e]}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa}}}]}]}, 0x898}}, 0x0)
execveat$binfmt(0xffffffffffffff9c, r5, 0x0, 0x0, 0x0)
close(0xffffffffffffffff)
execveat$binfmt(0xffffffffffffff9c, r5, 0x0, 0x0, 0x0)
execveat$binfmt(0xffffffffffffff9c, r5, 0x0, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r8 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_S_INPUT(r8, 0xc0045627, &(0x7f0000000100)=0x3)
ioctl$VIDIOC_S_CROP(r0, 0x4014563c, &(0x7f0000000040)={0xc, {0xf8000001, 0x4, 0x2008, 0xffffbfff}})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
r9 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r9, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})

kernel console output (not intermixed with test programs):

7768 comm="syz.1.512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2350f9c819 code=0x7ffc0000
[  205.815997][ T5829] usb 1-1: Manufacturer: syz
[  205.820684][ T5829] usb 1-1: SerialNumber: syz
[  205.826564][   T29] audit: type=1326 audit(1776668947.339:714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7768 comm="syz.1.512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2350f9c819 code=0x7ffc0000
[  205.850449][   T29] audit: type=1326 audit(1776668947.349:715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7768 comm="syz.1.512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=229 compat=0 ip=0x7f2350f9c819 code=0x7ffc0000
[  205.874256][   T29] audit: type=1326 audit(1776668947.349:716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7768 comm="syz.1.512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2350f9c819 code=0x7ffc0000
[  205.901561][   T29] audit: type=1326 audit(1776668947.349:717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7768 comm="syz.1.512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2350f9c819 code=0x7ffc0000
[  205.930016][   T29] audit: type=1326 audit(1776668947.349:718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7768 comm="syz.1.512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f2350f9c819 code=0x7ffc0000
[  205.957458][   T29] audit: type=1326 audit(1776668947.349:719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7768 comm="syz.1.512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2350f9c819 code=0x7ffc0000
[  206.095934][ T7760] input: syz0 as /devices/virtual/input/input13
[  206.213185][ T7760] netlink: 4 bytes leftover after parsing attributes in process `syz.0.508'.
[  206.420967][ T5892] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  206.423059][ T5829] rtl8150 1-1:1.0: couldn't reset the device
[  206.436668][ T5829] rtl8150 1-1:1.0: probe with driver rtl8150 failed with error -5
[  206.482691][ T5829] usb 1-1: USB disconnect, device number 19
[  206.591086][ T5892] usb 5-1: Using ep0 maxpacket: 8
[  206.618343][ T5892] usb 5-1: New USB device found, idVendor=046d, idProduct=08dd, bcdDevice=ff.f4
[  206.648008][ T5892] usb 5-1: New USB device strings: Mfr=8, Product=2, SerialNumber=3
[  206.675264][ T5892] usb 5-1: Product: syz
[  206.685987][ T5892] usb 5-1: Manufacturer: syz
[  206.700840][ T5892] usb 5-1: SerialNumber: syz
[  206.708748][ T5892] usb 5-1: config 0 descriptor??
[  206.722905][ T5892] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08dd
[  206.879123][ T7796] rdma_rxe: rxe_newlink: failed to add vxcan1
[  207.090970][   T10] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  207.170907][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  208.389300][ T5892] gspca_zc3xx: reg_r err -110
[  208.396755][ T5892] gspca_zc3xx 5-1:0.0: probe with driver gspca_zc3xx failed with error -110
[  208.438596][ T5892] usb 5-1: USB disconnect, device number 15
[  208.494418][   T10] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  208.519494][   T10] usb 4-1: config 0 has no interfaces?
[  208.525781][   T10] usb 4-1: New USB device found, idVendor=041e, idProduct=2801, bcdDevice= 0.00
[  208.535630][   T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  208.550466][   T10] usb 4-1: config 0 descriptor??
[  208.980301][ T7813] FAULT_INJECTION: forcing a failure.
[  208.980301][ T7813] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  208.996794][ T7813] CPU: 0 UID: 0 PID: 7813 Comm: syz.4.526 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  208.996827][ T7813] Tainted: [L]=SOFTLOCKUP
[  208.996834][ T7813] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  208.996845][ T7813] Call Trace:
[  208.996851][ T7813]  <TASK>
[  208.996859][ T7813]  dump_stack_lvl+0x100/0x190
[  208.996886][ T7813]  should_fail_ex.cold+0x5/0xa
[  208.996908][ T7813]  ? prepare_alloc_pages+0x16d/0x5f0
[  208.996930][ T7813]  should_fail_alloc_page+0xeb/0x140
[  208.996951][ T7813]  prepare_alloc_pages+0x1f0/0x5f0
[  208.996976][ T7813]  __alloc_frozen_pages_noprof+0x19a/0x2bc0
[  208.997008][ T7813]  ? __lock_acquire+0x4a5/0x2630
[  208.997060][ T7813]  ? __lock_acquire+0x4a5/0x2630
[  208.997081][ T7813]  ? is_bpf_text_address+0x94/0x1a0
[  208.997106][ T7813]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  208.997140][ T7813]  ? rcu_is_watching+0x12/0xc0
[  208.997169][ T7813]  ? __mutex_lock+0x26d/0x1b10
[  208.997188][ T7813]  ? anon_pipe_write+0x15b/0x18c0
[  208.997210][ T7813]  ? avc_has_perm_noaudit+0x145/0x3b0
[  208.997235][ T7813]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  208.997257][ T7813]  ? policy_nodemask+0xed/0x4f0
[  208.997279][ T7813]  alloc_pages_mpol+0x1fb/0x540
[  208.997298][ T7813]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  208.997328][ T7813]  alloc_pages_noprof+0x1a/0x160
[  208.997350][ T7813]  anon_pipe_write+0xacb/0x18c0
[  208.997380][ T7813]  ? __pfx_anon_pipe_write+0x10/0x10
[  208.997400][ T7813]  ? selinux_file_permission+0x8f/0x6d0
[  208.997422][ T7813]  ? bpf_lsm_file_permission+0x9/0x10
[  208.997449][ T7813]  ? security_file_permission+0x76/0x210
[  208.997470][ T7813]  ? rw_verify_area+0xce/0x6d0
[  208.997499][ T7813]  vfs_write+0x6ac/0x1070
[  208.997519][ T7813]  ? __pfx_anon_pipe_write+0x10/0x10
[  208.997542][ T7813]  ? __pfx_vfs_write+0x10/0x10
[  208.997559][ T7813]  ? find_held_lock+0x2b/0x80
[  208.997590][ T7813]  ksys_write+0x1f8/0x250
[  208.997609][ T7813]  ? __pfx_ksys_write+0x10/0x10
[  208.997629][ T7813]  ? rcu_is_watching+0x12/0xc0
[  208.997657][ T7813]  do_syscall_64+0x10b/0xf80
[  208.997673][ T7813]  ? clear_bhb_loop+0x40/0x90
[  208.997696][ T7813]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  208.997713][ T7813] RIP: 0033:0x7f953b79c819
[  208.997729][ T7813] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  208.997746][ T7813] RSP: 002b:00007f953c6d9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  208.997764][ T7813] RAX: ffffffffffffffda RBX: 00007f953ba15fa0 RCX: 00007f953b79c819
[  208.997776][ T7813] RDX: 00000000fffffecc RSI: 0000200000000000 RDI: 0000000000000005
[  208.997787][ T7813] RBP: 00007f953c6d9090 R08: 0000000000000000 R09: 0000000000000000
[  208.997797][ T7813] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  208.997808][ T7813] R13: 00007f953ba16038 R14: 00007f953ba15fa0 R15: 00007fff2d10d818
[  208.997832][ T7813]  </TASK>
[  209.497622][ T7818] vxcan1 speed is unknown, defaulting to 1000
[  209.993342][   T29] kauditd_printk_skb: 40 callbacks suppressed
[  209.993358][   T29] audit: type=1400 audit(1776668951.909:760): avc:  denied  { map } for  pid=7821 comm="syz.2.529" path="socket:[16140]" dev="sockfs" ino=16140 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1
[  210.257403][ T7834] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=43 sclass=netlink_route_socket pid=7834 comm=syz.1.534
[  210.336861][   T10] usb 4-1: USB disconnect, device number 16
[  210.762139][    T9] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  210.801031][   T10] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  210.941042][    T9] usb 1-1: Using ep0 maxpacket: 32
[  211.467407][   T10] usb 4-1: Using ep0 maxpacket: 8
[  211.481077][    T9] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  211.492886][    T9] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  211.507799][   T10] usb 4-1: New USB device found, idVendor=046d, idProduct=08dd, bcdDevice=ff.f4
[  211.520388][    T9] usb 1-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  211.531629][   T10] usb 4-1: New USB device strings: Mfr=8, Product=2, SerialNumber=3
[  211.541634][    T9] usb 1-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  211.550400][   T10] usb 4-1: Product: syz
[  211.555873][    T9] usb 1-1: Product: syz
[  211.560228][   T10] usb 4-1: Manufacturer: syz
[  211.564958][    T9] usb 1-1: Manufacturer: syz
[  211.569713][   T10] usb 4-1: SerialNumber: syz
[  211.576168][    T9] usb 1-1: SerialNumber: syz
[  211.588042][   T10] usb 4-1: config 0 descriptor??
[  211.596497][    T9] usb 1-1: config 0 descriptor??
[  211.616916][   T10] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08dd
[  211.864521][    T9] usb 1-1: USB disconnect, device number 20
[  212.014769][   T29] audit: type=1400 audit(1776668953.929:761): avc:  denied  { ioctl } for  pid=7857 comm="syz.2.543" path="socket:[16217]" dev="sockfs" ino=16217 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  212.042013][   T29] audit: type=1400 audit(1776668953.959:762): avc:  denied  { connect } for  pid=7857 comm="syz.2.543" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  212.065338][   T10] gspca_zc3xx: reg_r err -71
[  212.070122][   T10] gspca_zc3xx 4-1:0.0: probe with driver gspca_zc3xx failed with error -71
[  212.081825][   T29] audit: type=1400 audit(1776668953.959:763): avc:  denied  { write } for  pid=7857 comm="syz.2.543" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  212.106186][   T10] usb 4-1: USB disconnect, device number 17
[  212.122744][   T29] audit: type=1400 audit(1776668953.999:764): avc:  denied  { bind } for  pid=7861 comm="syz.4.544" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  212.155157][   T29] audit: type=1400 audit(1776668954.039:765): avc:  denied  { setopt } for  pid=7861 comm="syz.4.544" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  212.552025][   T29] audit: type=1400 audit(1776668954.469:766): avc:  denied  { name_bind } for  pid=7869 comm="syz.0.547" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[  212.954031][ T7875] vxcan1 speed is unknown, defaulting to 1000
[  213.757100][ T7885] FAULT_INJECTION: forcing a failure.
[  213.757100][ T7885] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  213.770643][ T7885] CPU: 0 UID: 0 PID: 7885 Comm: syz.0.552 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  213.770672][ T7885] Tainted: [L]=SOFTLOCKUP
[  213.770678][ T7885] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  213.770687][ T7885] Call Trace:
[  213.770692][ T7885]  <TASK>
[  213.770698][ T7885]  dump_stack_lvl+0x100/0x190
[  213.770717][ T7885]  should_fail_ex.cold+0x5/0xa
[  213.770733][ T7885]  _copy_to_user+0x32/0xd0
[  213.770748][ T7885]  simple_read_from_buffer+0xcb/0x170
[  213.770763][ T7885]  proc_fail_nth_read+0x1af/0x230
[  213.770783][ T7885]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  213.770802][ T7885]  ? rw_verify_area+0xce/0x6d0
[  213.770818][ T7885]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  213.770836][ T7885]  vfs_read+0x1e4/0xb30
[  213.770849][ T7885]  ? __pfx_vfs_read+0x10/0x10
[  213.770859][ T7885]  ? __fget_files+0x215/0x3d0
[  213.770883][ T7885]  ? __fget_files+0x21f/0x3d0
[  213.770909][ T7885]  ksys_read+0x12a/0x250
[  213.770925][ T7885]  ? __pfx_ksys_read+0x10/0x10
[  213.770935][ T7885]  ? v4l2_ioctl+0x1c5/0x250
[  213.770952][ T7885]  ? rcu_is_watching+0x12/0xc0
[  213.770970][ T7885]  do_syscall_64+0x10b/0xf80
[  213.770981][ T7885]  ? clear_bhb_loop+0x40/0x90
[  213.770995][ T7885]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  213.771006][ T7885] RIP: 0033:0x7fb57df5d04e
[  213.771021][ T7885] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  213.771031][ T7885] RSP: 002b:00007fb57ee78fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  213.771042][ T7885] RAX: ffffffffffffffda RBX: 00007fb57ee796c0 RCX: 00007fb57df5d04e
[  213.771049][ T7885] RDX: 000000000000000f RSI: 00007fb57ee790a0 RDI: 0000000000000004
[  213.771056][ T7885] RBP: 00007fb57ee79090 R08: 0000000000000000 R09: 0000000000000000
[  213.771062][ T7885] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  213.771069][ T7885] R13: 00007fb57e216038 R14: 00007fb57e215fa0 R15: 00007ffff0b04228
[  213.771082][ T7885]  </TASK>
[  214.016146][ T7887] FAULT_INJECTION: forcing a failure.
[  214.016146][ T7887] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  214.032031][ T7887] CPU: 1 UID: 0 PID: 7887 Comm: syz.0.553 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  214.032060][ T7887] Tainted: [L]=SOFTLOCKUP
[  214.032066][ T7887] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  214.032076][ T7887] Call Trace:
[  214.032081][ T7887]  <TASK>
[  214.032088][ T7887]  dump_stack_lvl+0x100/0x190
[  214.032112][ T7887]  should_fail_ex.cold+0x5/0xa
[  214.032135][ T7887]  _copy_from_user+0x2e/0xd0
[  214.032155][ T7887]  kstrtouint_from_user+0xd6/0x1d0
[  214.032179][ T7887]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  214.032201][ T7887]  ? __lock_acquire+0x4a5/0x2630
[  214.032225][ T7887]  ? lock_acquire+0x1b1/0x370
[  214.032255][ T7887]  proc_fail_nth_write+0x83/0x220
[  214.032272][ T7887]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  214.032295][ T7887]  vfs_write+0x2aa/0x1070
[  214.032312][ T7887]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  214.032330][ T7887]  ? __pfx_vfs_write+0x10/0x10
[  214.032346][ T7887]  ? __fget_files+0x215/0x3d0
[  214.032370][ T7887]  ? __fget_files+0x21f/0x3d0
[  214.032395][ T7887]  ksys_write+0x12a/0x250
[  214.032412][ T7887]  ? __pfx_ksys_write+0x10/0x10
[  214.032430][ T7887]  ? rcu_is_watching+0x12/0xc0
[  214.032456][ T7887]  do_syscall_64+0x10b/0xf80
[  214.032471][ T7887]  ? clear_bhb_loop+0x40/0x90
[  214.032491][ T7887]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  214.032508][ T7887] RIP: 0033:0x7fb57df5d04e
[  214.032521][ T7887] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  214.032536][ T7887] RSP: 002b:00007fb57ee78fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  214.032553][ T7887] RAX: ffffffffffffffda RBX: 00007fb57ee796c0 RCX: 00007fb57df5d04e
[  214.032563][ T7887] RDX: 0000000000000001 RSI: 00007fb57ee790a0 RDI: 0000000000000004
[  214.032573][ T7887] RBP: 00007fb57ee79090 R08: 0000000000000000 R09: 0000000000000000
[  214.032581][ T7887] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  214.032590][ T7887] R13: 00007fb57e216038 R14: 00007fb57e215fa0 R15: 00007ffff0b04228
[  214.032613][ T7887]  </TASK>
[  214.515310][   T29] audit: type=1400 audit(1776668956.429:767): avc:  denied  { read } for  pid=7895 comm="syz.2.557" name="btrfs-control" dev="devtmpfs" ino=1316 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[  215.081901][   T29] audit: type=1400 audit(1776668956.429:768): avc:  denied  { open } for  pid=7895 comm="syz.2.557" path="/dev/btrfs-control" dev="devtmpfs" ino=1316 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[  215.107230][   T29] audit: type=1400 audit(1776668956.459:769): avc:  denied  { write } for  pid=7890 comm="syz.4.554" name="autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  215.140407][   T29] audit: type=1400 audit(1776668956.939:770): avc:  denied  { ioctl } for  pid=7895 comm="syz.2.557" path="/dev/btrfs-control" dev="devtmpfs" ino=1316 ioctlcmd=0x9375 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[  215.540958][ T5885] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  215.702320][ T5885] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  215.712580][ T5885] usb 1-1: config 0 has no interfaces?
[  215.727642][ T5885] usb 1-1: New USB device found, idVendor=041e, idProduct=2801, bcdDevice= 0.00
[  215.730762][ T7912] loop2: detected capacity change from 0 to 7
[  215.782641][ T5885] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  215.959382][ T5885] usb 1-1: config 0 descriptor??
[  216.087439][ T7912] Dev loop2: unable to read RDB block 7
[  216.102535][ T7912]  loop2: AHDI p2 p3
[  216.111046][   T24] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  216.124143][ T7912] loop2: partition table partially beyond EOD, truncated
[  216.272885][   T24] usb 5-1: Using ep0 maxpacket: 8
[  216.288217][   T24] usb 5-1: config 0 has an invalid interface number: 101 but max is 0
[  216.306006][   T24] usb 5-1: config 0 has no interface number 0
[  216.320458][   T24] usb 5-1: too many endpoints for config 0 interface 101 altsetting 115: 45, using maximum allowed: 30
[  216.354016][   T24] usb 5-1: config 0 interface 101 altsetting 115 has 0 endpoint descriptors, different from the interface descriptor's value: 45
[  216.386254][   T24] usb 5-1: config 0 interface 101 has no altsetting 0
[  216.406936][   T24] usb 5-1: New USB device found, idVendor=046d, idProduct=08dd, bcdDevice=ff.f4
[  216.425553][   T24] usb 5-1: New USB device strings: Mfr=8, Product=2, SerialNumber=3
[  216.451007][   T24] usb 5-1: Product: syz
[  216.456679][   T24] usb 5-1: Manufacturer: syz
[  216.472463][   T24] usb 5-1: SerialNumber: syz
[  216.488908][   T24] usb 5-1: config 0 descriptor??
[  216.867063][   T24] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08dd
[  216.875395][   T24] gspca_zc3xx: reg_w_i err -71
[  216.882336][   T24] gspca_zc3xx 5-1:0.101: probe with driver gspca_zc3xx failed with error -71
[  217.040656][   T29] audit: type=1326 audit(1776668958.869:771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7935 comm="syz.3.567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3af699c819 code=0x7ffc0000
[  217.301571][   T24] usb 5-1: USB disconnect, device number 16
[  217.340471][   T29] audit: type=1326 audit(1776668958.869:772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7935 comm="syz.3.567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3af699c819 code=0x7ffc0000
[  217.391042][   T29] audit: type=1326 audit(1776668958.869:773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7935 comm="syz.3.567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=229 compat=0 ip=0x7f3af699c819 code=0x7ffc0000
[  217.416319][   T29] audit: type=1326 audit(1776668958.869:774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7935 comm="syz.3.567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3af699c819 code=0x7ffc0000
[  217.442720][   T29] audit: type=1326 audit(1776668958.869:775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7935 comm="syz.3.567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3af699c819 code=0x7ffc0000
[  217.467916][   T29] audit: type=1326 audit(1776668958.879:776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7935 comm="syz.3.567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3af699c819 code=0x7ffc0000
[  217.491500][   T29] audit: type=1326 audit(1776668958.879:777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7935 comm="syz.3.567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3af699c819 code=0x7ffc0000
[  218.072459][ T7947] FAULT_INJECTION: forcing a failure.
[  218.072459][ T7947] name failslab, interval 1, probability 0, space 0, times 0
[  218.086411][ T7947] CPU: 0 UID: 0 PID: 7947 Comm: syz.2.571 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  218.086441][ T7947] Tainted: [L]=SOFTLOCKUP
[  218.086447][ T7947] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  218.086457][ T7947] Call Trace:
[  218.086463][ T7947]  <TASK>
[  218.086469][ T7947]  dump_stack_lvl+0x100/0x190
[  218.086495][ T7947]  should_fail_ex.cold+0x5/0xa
[  218.086520][ T7947]  should_failslab+0xc2/0x120
[  218.086538][ T7947]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[  218.086564][ T7947]  ? __alloc_skb+0x140/0x710
[  218.086586][ T7947]  __alloc_skb+0x140/0x710
[  218.086603][ T7947]  ? __pfx___alloc_skb+0x10/0x10
[  218.086628][ T7947]  tcp_stream_alloc_skb+0x34/0x660
[  218.086656][ T7947]  tcp_connect+0xefd/0x5510
[  218.086683][ T7947]  ? secure_tcpv6_seq_and_ts_off+0x218/0x310
[  218.086708][ T7947]  ? __pfx_tcp_connect+0x10/0x10
[  218.086726][ T7947]  ? __pfx_tcp_fastopen_defer_connect+0x10/0x10
[  218.086757][ T7947]  ? inet6_hash_connect+0xe7/0x180
[  218.086778][ T7947]  tcp_v6_connect+0x183d/0x23d0
[  218.086798][ T7947]  ? tcp_sendmsg_fastopen+0x24d/0x750
[  218.086822][ T7947]  ? tcp_sendmsg_locked+0x27bb/0x4500
[  218.086852][ T7947]  ? __pfx_tcp_v6_connect+0x10/0x10
[  218.086884][ T7947]  __inet_stream_connect+0x208/0xfa0
[  218.086915][ T7947]  ? __pfx___inet_stream_connect+0x10/0x10
[  218.086952][ T7947]  tcp_sendmsg_fastopen+0x3ed/0x750
[  218.086981][ T7947]  tcp_sendmsg_locked+0x27bb/0x4500
[  218.087012][ T7947]  ? __lock_acquire+0x4a5/0x2630
[  218.087041][ T7947]  ? __pfx_tcp_sendmsg_locked+0x10/0x10
[  218.087070][ T7947]  ? do_raw_spin_lock+0x128/0x260
[  218.087094][ T7947]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  218.087123][ T7947]  ? __local_bh_enable_ip+0x9e/0x120
[  218.087151][ T7947]  tcp_sendmsg+0x2e/0x50
[  218.087175][ T7947]  ? __pfx_tcp_sendmsg+0x10/0x10
[  218.087199][ T7947]  inet6_sendmsg+0xb9/0x140
[  218.087220][ T7947]  __sys_sendto+0x383/0x4b0
[  218.087244][ T7947]  ? __pfx___sys_sendto+0x10/0x10
[  218.087281][ T7947]  ? ksys_write+0x1ac/0x250
[  218.087299][ T7947]  ? __pfx_ksys_write+0x10/0x10
[  218.087319][ T7947]  __x64_sys_sendto+0xe0/0x1c0
[  218.087335][ T7947]  ? do_syscall_64+0x90/0xf80
[  218.087351][ T7947]  ? lockdep_hardirqs_on+0x78/0x100
[  218.087377][ T7947]  do_syscall_64+0x10b/0xf80
[  218.087392][ T7947]  ? clear_bhb_loop+0x40/0x90
[  218.087412][ T7947]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  218.087430][ T7947] RIP: 0033:0x7f1cc279c819
[  218.087449][ T7947] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  218.087465][ T7947] RSP: 002b:00007f1cc36cb028 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  218.087482][ T7947] RAX: ffffffffffffffda RBX: 00007f1cc2a15fa0 RCX: 00007f1cc279c819
[  218.087493][ T7947] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
[  218.087503][ T7947] RBP: 00007f1cc36cb090 R08: 0000200000000000 R09: 000000000000001c
[  218.087513][ T7947] R10: 0000000024040014 R11: 0000000000000246 R12: 0000000000000001
[  218.087524][ T7947] R13: 00007f1cc2a16038 R14: 00007f1cc2a15fa0 R15: 00007ffcac302008
[  218.087548][ T7947]  </TASK>
[  218.446096][ T5885] usb 1-1: USB disconnect, device number 21
[  219.620968][ T5829] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  219.675119][ T7971] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7971 comm=syz.1.577
[  219.695924][ T7971] netlink: 'syz.1.577': attribute type 1 has an invalid length.
[  219.791856][ T5829] usb 3-1: Using ep0 maxpacket: 8
[  219.804550][ T5829] usb 3-1: New USB device found, idVendor=046d, idProduct=08dd, bcdDevice=ff.f4
[  219.817111][ T7975] netlink: 4 bytes leftover after parsing attributes in process `syz.1.577'.
[  219.827054][ T5829] usb 3-1: New USB device strings: Mfr=8, Product=2, SerialNumber=3
[  219.841423][ T5829] usb 3-1: Product: syz
[  219.850026][ T5829] usb 3-1: Manufacturer: syz
[  219.854915][ T5829] usb 3-1: SerialNumber: syz
[  219.868162][ T5829] usb 3-1: config 0 descriptor??
[  219.884253][ T5829] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08dd
[  220.190565][ T5947] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  220.295396][ T5829] gspca_zc3xx: reg_r err -71
[  220.306083][ T5829] gspca_zc3xx 3-1:0.0: probe with driver gspca_zc3xx failed with error -71
[  220.326785][ T5829] usb 3-1: USB disconnect, device number 17
[  220.340967][ T5947] usb 5-1: Using ep0 maxpacket: 8
[  220.352628][ T5947] usb 5-1: config 0 has an invalid interface number: 101 but max is 0
[  220.362236][ T5947] usb 5-1: config 0 has no interface number 0
[  220.368460][ T5947] usb 5-1: too many endpoints for config 0 interface 101 altsetting 115: 45, using maximum allowed: 30
[  220.388559][ T5947] usb 5-1: config 0 interface 101 altsetting 115 has 0 endpoint descriptors, different from the interface descriptor's value: 45
[  220.402439][ T5947] usb 5-1: config 0 interface 101 has no altsetting 0
[  220.443010][ T5947] usb 5-1: New USB device found, idVendor=046d, idProduct=08dd, bcdDevice=ff.f4
[  220.452417][ T5947] usb 5-1: New USB device strings: Mfr=8, Product=2, SerialNumber=3
[  220.462111][ T5947] usb 5-1: Product: syz
[  220.480952][ T5947] usb 5-1: Manufacturer: syz
[  220.502031][ T5947] usb 5-1: SerialNumber: syz
[  220.512137][ T5947] usb 5-1: config 0 descriptor??
[  220.523106][   T29] kauditd_printk_skb: 25 callbacks suppressed
[  220.523122][   T29] audit: type=1400 audit(1776668962.439:803): avc:  denied  { create } for  pid=7989 comm="syz.1.581" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  220.573110][   T29] audit: type=1400 audit(1776668962.459:804): avc:  denied  { connect } for  pid=7989 comm="syz.1.581" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  220.594358][   T29] audit: type=1400 audit(1776668962.469:805): avc:  denied  { setopt } for  pid=7989 comm="syz.1.581" laddr=172.20.20.170 lport=5769 faddr=172.20.20.170 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  220.633296][   T29] audit: type=1400 audit(1776668962.469:806): avc:  denied  { write } for  pid=7989 comm="syz.1.581" path="socket:[17450]" dev="sockfs" ino=17450 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  220.665641][   T29] audit: type=1400 audit(1776668962.469:807): avc:  denied  { read } for  pid=7989 comm="syz.1.581" laddr=172.20.20.170 lport=5769 faddr=172.20.20.170 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  220.690567][   T29] audit: type=1800 audit(1776668962.469:808): pid=7990 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.1.581" name="nullb0" dev="tmpfs" ino=710 res=0 errno=0
[  220.774087][ T5947] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08dd
[  220.791129][ T5947] gspca_zc3xx: reg_w_i err -71
[  220.796965][ T5947] gspca_zc3xx 5-1:0.101: probe with driver gspca_zc3xx failed with error -71
[  220.811359][ T5947] usb 5-1: USB disconnect, device number 17
[  220.951806][ T7994] netlink: 'syz.2.583': attribute type 1 has an invalid length.
[  221.439228][   T29] audit: type=1400 audit(1776668963.349:809): avc:  denied  { write } for  pid=8001 comm="syz.4.586" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  221.565639][   T29] audit: type=1400 audit(1776668963.479:810): avc:  denied  { ioctl } for  pid=8005 comm="syz.2.588" path="socket:[17474]" dev="sockfs" ino=17474 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  221.590808][ T8009] FAULT_INJECTION: forcing a failure.
[  221.590808][ T8009] name failslab, interval 1, probability 0, space 0, times 0
[  221.615694][ T8007] netlink: 8 bytes leftover after parsing attributes in process `syz.2.588'.
[  221.631180][ T8007] netlink: 8 bytes leftover after parsing attributes in process `syz.2.588'.
[  221.640457][ T8009] CPU: 1 UID: 0 PID: 8009 Comm: syz.4.586 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  221.640488][ T8009] Tainted: [L]=SOFTLOCKUP
[  221.640494][ T8009] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  221.640504][ T8009] Call Trace:
[  221.640510][ T8009]  <TASK>
[  221.640517][ T8009]  dump_stack_lvl+0x100/0x190
[  221.640544][ T8009]  should_fail_ex.cold+0x5/0xa
[  221.640567][ T8009]  ? lsm_blob_alloc+0x68/0x90
[  221.640588][ T8009]  should_failslab+0xc2/0x120
[  221.640607][ T8009]  __kmalloc_noprof+0xe0/0x850
[  221.640631][ T8009]  ? audit_alloc+0xa2/0x7b0
[  221.640656][ T8009]  lsm_blob_alloc+0x68/0x90
[  221.640680][ T8009]  security_task_alloc+0x2a/0x260
[  221.640700][ T8009]  copy_process+0x2865/0x7fa0
[  221.640741][ T8009]  ? __pfx_copy_process+0x10/0x10
[  221.640770][ T8009]  ? lockdep_init_map_type+0x5c/0x250
[  221.640798][ T8009]  ? lockdep_init_map_type+0x5c/0x250
[  221.640820][ T8009]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  221.640840][ T8009]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  221.640866][ T8009]  vhost_task_create+0x1db/0x370
[  221.640887][ T8009]  ? __pfx_vhost_task_create+0x10/0x10
[  221.640906][ T8009]  ? register_lock_class+0x40/0x560
[  221.640931][ T8009]  ? __pfx_vhost_task_fn+0x10/0x10
[  221.640953][ T8009]  ? __pfx___mutex_lock+0x10/0x10
[  221.640968][ T8009]  ? kasan_quarantine_put+0x104/0x240
[  221.640997][ T8009]  kvm_mmu_post_init_vm+0x1b3/0x370
[  221.641022][ T8009]  kvm_arch_vcpu_ioctl_run+0x66/0x1890
[  221.641046][ T8009]  ? kvm_vcpu_ioctl+0x1546/0x1720
[  221.641070][ T8009]  kvm_vcpu_ioctl+0x730/0x1720
[  221.641090][ T8009]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  221.641109][ T8009]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  221.641130][ T8009]  ? do_vfs_ioctl+0x226/0x13e0
[  221.641154][ T8009]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  221.641171][ T8009]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  221.641198][ T8009]  ? __fget_files+0x215/0x3d0
[  221.641218][ T8009]  ? hook_file_ioctl_common+0x149/0x410
[  221.641248][ T8009]  ? selinux_file_ioctl+0x13b/0x290
[  221.641265][ T8009]  ? selinux_file_ioctl+0xb6/0x290
[  221.641284][ T8009]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  221.641303][ T8009]  __x64_sys_ioctl+0x18e/0x210
[  221.641321][ T8009]  do_syscall_64+0x10b/0xf80
[  221.641337][ T8009]  ? clear_bhb_loop+0x40/0x90
[  221.641358][ T8009]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  221.641374][ T8009] RIP: 0033:0x7f953b79c819
[  221.641390][ T8009] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  221.641406][ T8009] RSP: 002b:00007f953c6b8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  221.641424][ T8009] RAX: ffffffffffffffda RBX: 00007f953ba16090 RCX: 00007f953b79c819
[  221.641435][ T8009] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  221.641444][ T8009] RBP: 00007f953c6b8090 R08: 0000000000000000 R09: 0000000000000000
[  221.641454][ T8009] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  221.641463][ T8009] R13: 00007f953ba16128 R14: 00007f953ba16090 R15: 00007fff2d10d818
[  221.641487][ T8009]  </TASK>
[  223.275986][ T8038] netlink: 8 bytes leftover after parsing attributes in process `syz.1.596'.
[  223.286649][ T8038] netlink: 8 bytes leftover after parsing attributes in process `syz.1.596'.
[  223.295691][ T8038] netlink: 8 bytes leftover after parsing attributes in process `syz.1.596'.
[  223.305001][ T8038] netlink: 8 bytes leftover after parsing attributes in process `syz.1.596'.
[  223.313996][ T8038] netlink: 8 bytes leftover after parsing attributes in process `syz.1.596'.
[  223.381174][ T5829] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  223.389764][    T9] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  223.611100][    T9] usb 4-1: Using ep0 maxpacket: 8
[  223.633310][ T5829] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  223.648827][ T5829] usb 3-1: config 0 has no interfaces?
[  223.655025][    T9] usb 4-1: New USB device found, idVendor=046d, idProduct=08dd, bcdDevice=ff.f4
[  223.696037][ T8046] sctp: [Deprecated]: syz.1.598 (pid 8046) Use of int in max_burst socket option deprecated.
[  223.696037][ T8046] Use struct sctp_assoc_value instead
[  223.716169][    T9] usb 4-1: New USB device strings: Mfr=8, Product=2, SerialNumber=3
[  223.729179][ T5829] usb 3-1: New USB device found, idVendor=041e, idProduct=2801, bcdDevice= 0.00
[  223.739632][    T9] usb 4-1: Product: syz
[  223.744673][ T5829] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  223.754145][    T9] usb 4-1: Manufacturer: syz
[  223.759417][    T9] usb 4-1: SerialNumber: syz
[  223.831065][ T5829] usb 3-1: config 0 descriptor??
[  223.841938][    T9] usb 4-1: config 0 descriptor??
[  223.914989][    T9] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08dd
[  223.970995][ T5892] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  224.121501][ T5892] usb 5-1: Using ep0 maxpacket: 8
[  224.135228][ T5892] usb 5-1: config 0 has an invalid interface number: 101 but max is 0
[  224.146165][ T5892] usb 5-1: config 0 has no interface number 0
[  224.154082][ T5892] usb 5-1: too many endpoints for config 0 interface 101 altsetting 115: 45, using maximum allowed: 30
[  224.165402][ T5892] usb 5-1: config 0 interface 101 altsetting 115 has 0 endpoint descriptors, different from the interface descriptor's value: 45
[  224.180489][ T5892] usb 5-1: config 0 interface 101 has no altsetting 0
[  224.189335][ T5892] usb 5-1: New USB device found, idVendor=046d, idProduct=08dd, bcdDevice=ff.f4
[  224.198726][ T5892] usb 5-1: New USB device strings: Mfr=8, Product=2, SerialNumber=3
[  224.207168][ T5892] usb 5-1: Product: syz
[  224.212240][ T5892] usb 5-1: Manufacturer: syz
[  224.216953][ T5892] usb 5-1: SerialNumber: syz
[  224.295281][    T9] gspca_zc3xx: reg_r err -71
[  224.301332][    T9] gspca_zc3xx 4-1:0.0: probe with driver gspca_zc3xx failed with error -71
[  224.313222][    T9] usb 4-1: USB disconnect, device number 18
[  224.336711][ T5892] usb 5-1: config 0 descriptor??
[  224.567649][ T5892] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08dd
[  224.589462][ T5892] gspca_zc3xx: reg_w_i err -71
[  224.599375][ T5892] gspca_zc3xx 5-1:0.101: probe with driver gspca_zc3xx failed with error -71
[  224.636925][   T29] audit: type=1400 audit(1776668966.549:811): avc:  denied  { watch_reads } for  pid=8059 comm="syz.1.602" path="/139/file0" dev="tmpfs" ino=749 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  224.682429][ T5892] usb 5-1: USB disconnect, device number 18
[  226.175846][ T8073] vxcan1 speed is unknown, defaulting to 1000
[  226.761795][ T5892] usb 3-1: USB disconnect, device number 18
[  227.155417][   T29] audit: type=1400 audit(1776668969.069:812): avc:  denied  { setopt } for  pid=8076 comm="syz.3.607" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  227.161663][ T8084] FAULT_INJECTION: forcing a failure.
[  227.161663][ T8084] name failslab, interval 1, probability 0, space 0, times 0
[  227.327154][ T8084] CPU: 1 UID: 0 PID: 8084 Comm: syz.3.607 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  227.327185][ T8084] Tainted: [L]=SOFTLOCKUP
[  227.327191][ T8084] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  227.327200][ T8084] Call Trace:
[  227.327206][ T8084]  <TASK>
[  227.327212][ T8084]  dump_stack_lvl+0x100/0x190
[  227.327237][ T8084]  should_fail_ex.cold+0x5/0xa
[  227.327261][ T8084]  should_failslab+0xc2/0x120
[  227.327280][ T8084]  __kmalloc_cache_noprof+0x7a/0x6f0
[  227.327301][ T8084]  ? virtio_transport_do_socket_init+0x4a/0x350
[  227.327325][ T8084]  ? vhost_transport_has_remote_cid+0xb8/0x1e0
[  227.327352][ T8084]  virtio_transport_do_socket_init+0x4a/0x350
[  227.327376][ T8084]  vsock_assign_transport+0x7ca/0xb00
[  227.327404][ T8084]  vsock_connect+0x77c/0xe90
[  227.327427][ T8084]  ? release_sock+0x21/0x280
[  227.327446][ T8084]  ? do_raw_spin_lock+0x128/0x260
[  227.327470][ T8084]  ? __pfx_vsock_connect+0x10/0x10
[  227.327493][ T8084]  ? find_held_lock+0x2b/0x80
[  227.327509][ T8084]  ? selinux_netlbl_socket_connect+0x30/0x40
[  227.327527][ T8084]  ? rcu_is_watching+0x12/0xc0
[  227.327552][ T8084]  ? __pfx_autoremove_wake_function+0x10/0x10
[  227.327571][ T8084]  ? lockdep_hardirqs_on+0x78/0x100
[  227.327596][ T8084]  ? selinux_netlbl_socket_connect+0x30/0x40
[  227.327612][ T8084]  ? __local_bh_enable_ip+0x9e/0x120
[  227.327636][ T8084]  ? selinux_netlbl_socket_connect+0x30/0x40
[  227.327658][ T8084]  ? selinux_socket_connect+0x6b/0x80
[  227.327687][ T8084]  ? __pfx_vsock_connect+0x10/0x10
[  227.327710][ T8084]  __sys_connect_file+0x141/0x1a0
[  227.327740][ T8084]  __sys_connect+0x141/0x170
[  227.327767][ T8084]  ? __pfx___sys_connect+0x10/0x10
[  227.327791][ T8084]  ? __fget_files+0x21f/0x3d0
[  227.327822][ T8084]  ? __pfx_ksys_write+0x10/0x10
[  227.327845][ T8084]  __x64_sys_connect+0x72/0xb0
[  227.327869][ T8084]  ? lockdep_hardirqs_on+0x78/0x100
[  227.327894][ T8084]  do_syscall_64+0x10b/0xf80
[  227.327908][ T8084]  ? clear_bhb_loop+0x40/0x90
[  227.327929][ T8084]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  227.327946][ T8084] RIP: 0033:0x7f3af699c819
[  227.327961][ T8084] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  227.327977][ T8084] RSP: 002b:00007f3af4bf6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  227.327994][ T8084] RAX: ffffffffffffffda RBX: 00007f3af6c16180 RCX: 00007f3af699c819
[  227.328005][ T8084] RDX: 0000000000000010 RSI: 0000200000000000 RDI: 0000000000000004
[  227.328015][ T8084] RBP: 00007f3af4bf6090 R08: 0000000000000000 R09: 0000000000000000
[  227.328025][ T8084] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  227.328035][ T8084] R13: 00007f3af6c16218 R14: 00007f3af6c16180 R15: 00007ffce7da1208
[  227.328059][ T8084]  </TASK>
[  227.917897][   T29] audit: type=1400 audit(1776668969.789:813): avc:  denied  { module_request } for  pid=8087 comm="syz.2.611" kmod="crypto-essiv(ccm(arc4-generic),sha384-arm)" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  228.023630][ T8089] netlink: 132 bytes leftover after parsing attributes in process `syz.0.612'.
[  228.969104][   T29] audit: type=1400 audit(1776668970.879:814): avc:  denied  { load_policy } for  pid=8122 comm="syz.3.616" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  229.221121][ T5892] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  229.416516][ T5892] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  229.476421][ T5892] usb 3-1: config 0 has no interfaces?
[  229.499958][ T5892] usb 3-1: New USB device found, idVendor=041e, idProduct=2801, bcdDevice= 0.00
[  229.586960][ T8123] SELinux: failed to load policy
[  229.635845][ T5892] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  229.722997][ T5892] usb 3-1: config 0 descriptor??
[  229.779246][ T8135] vxcan1 speed is unknown, defaulting to 1000
[  230.427389][ T8149] wg1 speed is unknown, defaulting to 1000
[  230.433572][ T8149] wg1 speed is unknown, defaulting to 1000
[  230.440228][ T8149] wg1 speed is unknown, defaulting to 1000
[  230.446571][ T8149] smbdirect: ib_dev[syz0]: added: RNIC max_fast_reg_page_list_len=256 device_cap_flags=0x200000 kernel_cap_flags=0x10 page_size_cap=0x1000
[  230.460832][ T8149] smbdirect: ib_dev[syz0]: num_ports=1 max_qp_rd_atom=128 max_qp_init_rd_atom=128 max_sgl_rd=0 max_sge_rd=1 max_cqe=3276800 max_qp_wr=32768 max_send_sge=6 max_recv_sge=6
[  230.654392][ T8160] vxcan1 speed is unknown, defaulting to 1000
[  231.443378][ T8160] wg1 speed is unknown, defaulting to 1000
[  231.474179][ T8161] 9p: Bad value for 'wfdno'
[  231.479593][ T8161] /dev/nullb0: Can't lookup blockdev
[  231.486946][ T8149] smbdirect: ib_dev[syz0]PORT[1]: iwarp=1 ib=0 roce=0 v1=0 v2=0 core_cap_flags=0x400008
[  231.918336][ T8149] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  231.932271][ T8149] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  231.951303][ T8149] wg1 speed is unknown, defaulting to 1000
[  231.958037][ T8149] wg1 speed is unknown, defaulting to 1000
[  231.964654][ T8149] wg1 speed is unknown, defaulting to 1000
[  231.971228][ T8149] wg1 speed is unknown, defaulting to 1000
[  231.977707][ T8149] wg1 speed is unknown, defaulting to 1000
[  231.984827][ T8149] wg1 speed is unknown, defaulting to 1000
[  232.068365][ T5829] usb 3-1: USB disconnect, device number 19
[  232.391743][ T5892] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  232.912329][ T5892] usb 5-1: Using ep0 maxpacket: 8
[  232.938539][ T8176] netlink: 36 bytes leftover after parsing attributes in process `syz.2.630'.
[  232.969947][ T5892] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  232.985366][ T8176] netlink: 8 bytes leftover after parsing attributes in process `syz.2.630'.
[  233.042872][ T8177] netlink: 8 bytes leftover after parsing attributes in process `syz.2.630'.
[  233.120745][ T5892] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  233.217788][ T5892] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  233.245837][ T6470] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  233.320336][ T6470] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  233.398874][ T6470] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  233.456067][ T5892] usb 5-1: config 0 descriptor??
[  233.484383][ T6470] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  233.763877][   T29] audit: type=1400 audit(1776668975.549:815): avc:  denied  { read } for  pid=8180 comm="syz.3.632" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  233.928907][ T5892] iowarrior 5-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  234.057466][   T29] audit: type=1400 audit(1776668975.969:816): avc:  denied  { unmount } for  pid=5823 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  234.141798][ T5892] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  234.158507][ T8198] input: syz1 as /devices/virtual/input/input14
[  234.310962][ T5892] usb 1-1: Using ep0 maxpacket: 8
[  234.317769][ T5892] usb 1-1: unable to get BOS descriptor or descriptor too short
[  234.326684][ T5892] usb 1-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config
[  234.338800][ T5892] usb 1-1: New USB device found, idVendor=03fd, idProduct=ebbe, bcdDevice=2c.a5
[  234.348445][ T5892] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  234.356687][ T5892] usb 1-1: Product: syz
[  234.360934][ T5892] usb 1-1: Manufacturer: syz
[  234.365542][ T5892] usb 1-1: SerialNumber: syz
[  234.400976][  T802] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  234.552285][  T802] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  234.562838][  T802] usb 4-1: config 0 has no interfaces?
[  234.568380][  T802] usb 4-1: New USB device found, idVendor=041e, idProduct=2801, bcdDevice= 0.00
[  234.577657][  T802] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  234.579882][ T8187] capability: warning: `syz.0.633' uses 32-bit capabilities (legacy support in use)
[  234.588341][  T802] usb 4-1: config 0 descriptor??
[  234.629075][ T5892] usb 1-1: USB disconnect, device number 22
[  235.485781][   T29] audit: type=1326 audit(1776668977.349:817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8208 comm="syz.0.642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb57df9c819 code=0x7ffc0000
[  235.803134][  T802] usb 5-1: USB disconnect, device number 19
[  235.835694][   T29] audit: type=1326 audit(1776668977.349:818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8208 comm="syz.0.642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb57df9c819 code=0x7ffc0000
[  235.867558][   T29] audit: type=1326 audit(1776668977.359:819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8208 comm="syz.0.642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=229 compat=0 ip=0x7fb57df9c819 code=0x7ffc0000
[  235.899973][   T29] audit: type=1326 audit(1776668977.359:820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8208 comm="syz.0.642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb57df9c819 code=0x7ffc0000
[  235.925760][   T29] audit: type=1326 audit(1776668977.359:821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8208 comm="syz.0.642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb57df9c819 code=0x7ffc0000
[  235.984789][   T29] audit: type=1326 audit(1776668977.369:822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8208 comm="syz.0.642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb57df9c819 code=0x7ffc0000
[  236.016179][   T29] audit: type=1326 audit(1776668977.369:823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8208 comm="syz.0.642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb57df9c819 code=0x7ffc0000
[  236.043543][   T29] audit: type=1326 audit(1776668977.369:824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8208 comm="syz.0.642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb57df9c819 code=0x7ffc0000
[  236.303597][ T8234] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(16)
[  236.310487][ T8234] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  236.350969][ T8234] vhci_hcd vhci_hcd.0: Device attached
[  236.465253][ T8248] netlink: 28 bytes leftover after parsing attributes in process `syz.2.654'.
[  236.571017][  T802] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  236.590963][ T5885] usb 41-1: new low-speed USB device number 2 using vhci_hcd
[  236.701200][  T802] usb 5-1: device descriptor read/64, error -71
[  236.941327][  T802] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  237.091318][  T802] usb 5-1: device descriptor read/64, error -71
[  237.157335][    T9] usb 4-1: USB disconnect, device number 19
[  237.216267][ T8268] netlink: 'syz.0.661': attribute type 4 has an invalid length.
[  237.235222][  T802] usb usb5-port1: attempt power cycle
[  237.255126][ T8268] netlink: 'syz.0.661': attribute type 4 has an invalid length.
[  237.601403][  T802] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  237.912682][  T802] usb 5-1: device descriptor read/8, error -71
[  238.160973][  T802] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  238.381581][  T802] usb 5-1: device descriptor read/8, error -71
[  238.508462][  T802] usb usb5-port1: unable to enumerate USB device
[  239.164768][   T29] kauditd_printk_skb: 53 callbacks suppressed
[  239.164823][   T29] audit: type=1400 audit(1776668980.829:876): avc:  denied  { bind } for  pid=8291 comm="syz.0.670" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  239.281795][ T8301] FAULT_INJECTION: forcing a failure.
[  239.281795][ T8301] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  239.315675][ T8235] vhci_hcd: connection reset by peer
[  239.328750][ T8301] CPU: 1 UID: 0 PID: 8301 Comm: syz.2.672 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  239.328776][ T8301] Tainted: [L]=SOFTLOCKUP
[  239.328781][ T8301] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  239.328790][ T8301] Call Trace:
[  239.328795][ T8301]  <TASK>
[  239.328800][ T8301]  dump_stack_lvl+0x100/0x190
[  239.328822][ T8301]  should_fail_ex.cold+0x5/0xa
[  239.328843][ T8301]  _copy_to_user+0x32/0xd0
[  239.328862][ T8301]  simple_read_from_buffer+0xcb/0x170
[  239.328881][ T8301]  proc_fail_nth_read+0x1af/0x230
[  239.328905][ T8301]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  239.328930][ T8301]  ? rw_verify_area+0xce/0x6d0
[  239.328951][ T8301]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  239.328974][ T8301]  vfs_read+0x1e4/0xb30
[  239.328998][ T8301]  ? __pfx_vfs_read+0x10/0x10
[  239.329012][ T8301]  ? __fget_files+0x215/0x3d0
[  239.329034][ T8301]  ? __fget_files+0x21f/0x3d0
[  239.329056][ T8301]  ksys_read+0x12a/0x250
[  239.329070][ T8301]  ? __pfx_ksys_read+0x10/0x10
[  239.329085][ T8301]  ? rcu_is_watching+0x12/0xc0
[  239.329110][ T8301]  do_syscall_64+0x10b/0xf80
[  239.329123][ T8301]  ? clear_bhb_loop+0x40/0x90
[  239.329141][ T8301]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  239.329157][ T8301] RIP: 0033:0x7f1cc275d04e
[  239.329170][ T8301] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  239.329185][ T8301] RSP: 002b:00007f1cc36cafe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  239.329200][ T8301] RAX: ffffffffffffffda RBX: 00007f1cc36cb6c0 RCX: 00007f1cc275d04e
[  239.329210][ T8301] RDX: 000000000000000f RSI: 00007f1cc36cb0a0 RDI: 0000000000000003
[  239.329219][ T8301] RBP: 00007f1cc36cb090 R08: 0000000000000000 R09: 0000000000000000
[  239.329227][ T8301] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  239.329235][ T8301] R13: 00007f1cc2a16038 R14: 00007f1cc2a15fa0 R15: 00007ffcac302008
[  239.329255][ T8301]  </TASK>
[  239.525895][   T29] audit: type=1400 audit(1776668980.899:877): avc:  denied  { connect } for  pid=8291 comm="syz.0.670" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  239.546326][   T29] audit: type=1400 audit(1776668980.899:878): avc:  denied  { write } for  pid=8291 comm="syz.0.670" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  239.574683][   T13] vhci_hcd vhci_hcd.4: stop threads
[  239.580836][   T13] vhci_hcd vhci_hcd.4: release socket
[  239.587039][   T13] vhci_hcd vhci_hcd.4: disconnect device
[  239.766404][ T8310] FAULT_INJECTION: forcing a failure.
[  239.766404][ T8310] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  239.780066][ T8310] CPU: 1 UID: 0 PID: 8310 Comm: syz.4.675 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  239.780097][ T8310] Tainted: [L]=SOFTLOCKUP
[  239.780103][ T8310] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  239.780113][ T8310] Call Trace:
[  239.780119][ T8310]  <TASK>
[  239.780126][ T8310]  dump_stack_lvl+0x100/0x190
[  239.780152][ T8310]  should_fail_ex.cold+0x5/0xa
[  239.780178][ T8310]  _copy_from_user+0x2e/0xd0
[  239.780200][ T8310]  ucma_write+0x128/0x330
[  239.780224][ T8310]  ? __pfx_ucma_write+0x10/0x10
[  239.780246][ T8310]  ? bpf_lsm_file_permission+0x9/0x10
[  239.780272][ T8310]  ? security_file_permission+0x76/0x210
[  239.780293][ T8310]  ? rw_verify_area+0xce/0x6d0
[  239.780322][ T8310]  ? __pfx_ucma_write+0x10/0x10
[  239.780343][ T8310]  vfs_writev+0x5ea/0xe10
[  239.780366][ T8310]  ? __pfx_vfs_writev+0x10/0x10
[  239.780383][ T8310]  ? find_held_lock+0x2b/0x80
[  239.780399][ T8310]  ? ksys_write+0x190/0x250
[  239.780430][ T8310]  ? __fget_files+0x21f/0x3d0
[  239.780456][ T8310]  ? do_writev+0x28a/0x340
[  239.780471][ T8310]  do_writev+0x28a/0x340
[  239.780488][ T8310]  ? __pfx_do_writev+0x10/0x10
[  239.780506][ T8310]  ? rcu_is_watching+0x12/0xc0
[  239.780535][ T8310]  do_syscall_64+0x10b/0xf80
[  239.780552][ T8310]  ? clear_bhb_loop+0x40/0x90
[  239.780574][ T8310]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  239.780592][ T8310] RIP: 0033:0x7f953b79c819
[  239.780607][ T8310] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  239.780624][ T8310] RSP: 002b:00007f953c6d9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  239.780641][ T8310] RAX: ffffffffffffffda RBX: 00007f953ba15fa0 RCX: 00007f953b79c819
[  239.780652][ T8310] RDX: 0000000000000002 RSI: 0000200000000040 RDI: 0000000000000013
[  239.780662][ T8310] RBP: 00007f953c6d9090 R08: 0000000000000000 R09: 0000000000000000
[  239.780672][ T8310] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  239.780682][ T8310] R13: 00007f953ba16038 R14: 00007f953ba15fa0 R15: 00007fff2d10d818
[  239.780705][ T8310]  </TASK>
[  240.385316][ T8316] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(13)
[  240.391958][ T8316] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  240.408384][ T8316] vhci_hcd vhci_hcd.0: Device attached
[  240.701231][ T5947] usb 5-1: new low-speed USB device number 24 using dummy_hcd
[  240.856530][ T5947] usb 5-1: config index 0 descriptor too short (expected 8192, got 45)
[  240.869664][ T5947] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  240.894193][ T5947] usb 5-1: config 0 has no interfaces?
[  240.912900][ T5947] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  240.943594][ T5947] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  241.075926][ T5947] usb 5-1: config 0 descriptor??
[  241.481992][ T5947] usb 5-1: string descriptor 0 read error: -71
[  241.501453][ T8318] vhci_hcd: connection closed
[  241.529417][   T48] vhci_hcd vhci_hcd.4: stop threads
[  241.685549][ T5947] usb 5-1: USB disconnect, device number 24
[  241.720065][   T48] vhci_hcd vhci_hcd.4: release socket
[  241.813147][   T48] vhci_hcd vhci_hcd.4: disconnect device
[  241.982187][ T5885] vhci_hcd vhci_hcd.4: vhci_device speed not set
[  242.080784][   T29] audit: type=1326 audit(1776668983.959:879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8328 comm="syz.0.681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb57df9c819 code=0x7ffc0000
[  242.430108][   T29] audit: type=1326 audit(1776668983.959:880): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8328 comm="syz.0.681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb57df9c819 code=0x7ffc0000
[  242.508657][   T29] audit: type=1326 audit(1776668983.959:881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8328 comm="syz.0.681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=229 compat=0 ip=0x7fb57df9c819 code=0x7ffc0000
[  242.537313][   T29] audit: type=1326 audit(1776668983.959:882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8328 comm="syz.0.681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb57df9c819 code=0x7ffc0000
[  242.561002][ T8341] FAULT_INJECTION: forcing a failure.
[  242.561002][ T8341] name failslab, interval 1, probability 0, space 0, times 0
[  242.561881][   T29] audit: type=1326 audit(1776668983.969:883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8328 comm="syz.0.681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb57df9c819 code=0x7ffc0000
[  242.615131][   T29] audit: type=1326 audit(1776668983.969:884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8328 comm="syz.0.681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb57df9c819 code=0x7ffc0000
[  242.640490][   T29] audit: type=1326 audit(1776668983.969:885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8328 comm="syz.0.681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb57df9c819 code=0x7ffc0000
[  242.650935][ T8341] CPU: 0 UID: 0 PID: 8341 Comm: syz.2.682 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  242.650962][ T8341] Tainted: [L]=SOFTLOCKUP
[  242.650968][ T8341] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  242.650977][ T8341] Call Trace:
[  242.650982][ T8341]  <TASK>
[  242.650988][ T8341]  dump_stack_lvl+0x100/0x190
[  242.651011][ T8341]  should_fail_ex.cold+0x5/0xa
[  242.651029][ T8341]  ? sock_alloc_send_pskb+0x751/0x980
[  242.651055][ T8341]  should_failslab+0xc2/0x120
[  242.651071][ T8341]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  242.651092][ T8341]  ? __skb_ext_alloc+0x1a/0x80
[  242.651116][ T8341]  __skb_ext_alloc+0x1a/0x80
[  242.651135][ T8341]  skb_ext_add+0x40b/0x810
[  242.651161][ T8341]  isotp_sendmsg+0x993/0x2000
[  242.651187][ T8341]  ? __pfx_tomoyo_socket_sendmsg_permission+0x10/0x10
[  242.651207][ T8341]  ? __pfx_isotp_sendmsg+0x10/0x10
[  242.651229][ T8341]  ? __fget_files+0x21f/0x3d0
[  242.651252][ T8341]  __sys_sendto+0x468/0x4b0
[  242.651265][ T8341]  ? __pfx_isotp_sendmsg+0x10/0x10
[  242.651285][ T8341]  ? __pfx___sys_sendto+0x10/0x10
[  242.651316][ T8341]  ? ksys_write+0x1ac/0x250
[  242.651331][ T8341]  ? __pfx_ksys_write+0x10/0x10
[  242.651348][ T8341]  __x64_sys_sendto+0xe0/0x1c0
[  242.651362][ T8341]  ? do_syscall_64+0x90/0xf80
[  242.651375][ T8341]  ? lockdep_hardirqs_on+0x78/0x100
[  242.651398][ T8341]  do_syscall_64+0x10b/0xf80
[  242.651411][ T8341]  ? clear_bhb_loop+0x40/0x90
[  242.651429][ T8341]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  242.651444][ T8341] RIP: 0033:0x7f1cc279c819
[  242.651458][ T8341] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  242.651471][ T8341] RSP: 002b:00007f1cc36aa028 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  242.651488][ T8341] RAX: ffffffffffffffda RBX: 00007f1cc2a16090 RCX: 00007f1cc279c819
[  242.651497][ T8341] RDX: 0000000000000001 RSI: 0000200000001380 RDI: 0000000000000003
[  242.651507][ T8341] RBP: 00007f1cc36aa090 R08: 0000000000000000 R09: 0000000000000000
[  242.651515][ T8341] R10: 0000000004004000 R11: 0000000000000246 R12: 0000000000000001
[  242.651524][ T8341] R13: 00007f1cc2a16128 R14: 00007f1cc2a16090 R15: 00007ffcac302008
[  242.651544][ T8341]  </TASK>
[  243.703820][ T8352] netlink: 8 bytes leftover after parsing attributes in process `syz.1.686'.
[  243.918500][ T8364] netlink: 172 bytes leftover after parsing attributes in process `syz.3.689'.
[  243.956571][ T8364] Bluetooth: MGMT ver 1.23
[  244.341253][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  244.767083][ T8365] fuse: fd is not a fuse device
[  246.301515][ T8386] netlink: 44 bytes leftover after parsing attributes in process `syz.1.694'.
[  246.891042][   T29] kauditd_printk_skb: 29 callbacks suppressed
[  246.891075][   T29] audit: type=1326 audit(1776668988.789:915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8387 comm="syz.4.695" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f953b79c819 code=0x7ffc0000
[  247.020767][   T29] audit: type=1326 audit(1776668988.789:916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8387 comm="syz.4.695" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f953b79c819 code=0x7ffc0000
[  247.320492][   T29] audit: type=1326 audit(1776668988.789:917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8387 comm="syz.4.695" exe="/root/syz-executor" sig=0 arch=c000003e syscall=229 compat=0 ip=0x7f953b79c819 code=0x7ffc0000
[  247.409868][ T8396] vxcan1 speed is unknown, defaulting to 1000
[  247.423406][   T29] audit: type=1326 audit(1776668988.789:918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8387 comm="syz.4.695" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f953b79c819 code=0x7ffc0000
[  247.593021][ T8404] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device nullb0.
[  247.644761][   T29] audit: type=1326 audit(1776668988.789:919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8387 comm="syz.4.695" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f953b79c819 code=0x7ffc0000
[  247.751163][   T29] audit: type=1326 audit(1776668988.789:920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8387 comm="syz.4.695" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f953b79c819 code=0x7ffc0000
[  247.787764][   T29] audit: type=1326 audit(1776668988.789:921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8387 comm="syz.4.695" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f953b79c819 code=0x7ffc0000
[  247.901102][  T802] usb 1-1: new full-speed USB device number 23 using dummy_hcd
[  248.048959][   T29] audit: type=1326 audit(1776668988.789:922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8387 comm="syz.4.695" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f953b79c819 code=0x7ffc0000
[  248.133308][  T802] usb 1-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  248.147348][   T29] audit: type=1326 audit(1776668988.789:923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8387 comm="syz.4.695" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f953b79c819 code=0x7ffc0000
[  248.176021][  T802] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  248.193489][  T802] usb 1-1: Product: syz
[  248.203936][ T5885] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  248.211265][  T802] usb 1-1: Manufacturer: syz
[  248.230455][  T802] usb 1-1: SerialNumber: syz
[  248.244809][   T29] audit: type=1326 audit(1776668988.789:924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8387 comm="syz.4.695" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f953b79c819 code=0x7ffc0000
[  248.278439][ T8396] wg1 speed is unknown, defaulting to 1000
[  248.287802][  T802] usb 1-1: config 0 descriptor??
[  248.402241][ T5885] usb 4-1: Using ep0 maxpacket: 8
[  248.412052][ T5885] usb 4-1: New USB device found, idVendor=046d, idProduct=08dd, bcdDevice=ff.f4
[  248.434832][ T5885] usb 4-1: New USB device strings: Mfr=8, Product=2, SerialNumber=3
[  248.455413][ T5885] usb 4-1: Product: syz
[  248.459697][ T5885] usb 4-1: Manufacturer: syz
[  248.465813][ T5885] usb 4-1: SerialNumber: syz
[  248.473570][ T5885] usb 4-1: config 0 descriptor??
[  248.482600][ T5885] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08dd
[  248.505804][  T802] usb 1-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  249.070622][ T5885] gspca_zc3xx: reg_w_i err -110
[  249.077718][ T5885] gspca_zc3xx 4-1:0.0: probe with driver gspca_zc3xx failed with error -110
[  250.120899][    T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!!
[  250.180903][    T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!!
[  250.299552][ T1307] ieee802154 phy0 wpan0: encryption failed: -22
[  250.310725][ T1307] ieee802154 phy1 wpan1: encryption failed: -22
[  250.334834][  T802] dvb_usb_rtl28xxu 1-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32
[  250.904511][ T8428] netlink: 'syz.4.705': attribute type 21 has an invalid length.
[  251.415575][ T8441] netlink: 8 bytes leftover after parsing attributes in process `syz.2.710'.
[  251.426381][ T8441] netlink: 8 bytes leftover after parsing attributes in process `syz.2.710'.
[  251.448818][  T802] usb 4-1: USB disconnect, device number 20
[  251.567359][ T8445] capability: warning: `syz.3.712' uses deprecated v2 capabilities in a way that may be insecure
[  251.647619][ T8449] netlink: 40 bytes leftover after parsing attributes in process `syz.4.713'.
[  252.120950][  T802] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  252.406916][ T8464] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  252.481648][ T5885] usb 1-1: USB disconnect, device number 23
[  252.493926][  T802] usb 4-1: Using ep0 maxpacket: 8
[  252.515707][  T802] usb 4-1: New USB device found, idVendor=110a, idProduct=1450, bcdDevice=62.cb
[  252.546827][  T802] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  252.556891][  T802] usb 4-1: Product: syz
[  252.561459][  T802] usb 4-1: Manufacturer: syz
[  252.566431][  T802] usb 4-1: SerialNumber: syz
[  253.004260][  T802] mxuport 4-1:254.0: mxuport_recv_ctrl_urb - usb_control_msg failed (-71)
[  253.036804][  T802] mxuport 4-1:254.0: probe with driver mxuport failed with error -5
[  253.073647][  T802] usb 4-1: USB disconnect, device number 21
[  253.455561][   T29] kauditd_printk_skb: 15 callbacks suppressed
[  253.455594][   T29] audit: type=1326 audit(1776668995.339:940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8473 comm="syz.1.722" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2350f9c819 code=0x7ffc0000
[  253.558559][ T8486] FAULT_INJECTION: forcing a failure.
[  253.558559][ T8486] name failslab, interval 1, probability 0, space 0, times 0
[  253.797220][ T8486] CPU: 0 UID: 0 PID: 8486 Comm: syz.2.725 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  253.797246][ T8486] Tainted: [L]=SOFTLOCKUP
[  253.797251][ T8486] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  253.797259][ T8486] Call Trace:
[  253.797265][ T8486]  <TASK>
[  253.797270][ T8486]  dump_stack_lvl+0x100/0x190
[  253.797294][ T8486]  should_fail_ex.cold+0x5/0xa
[  253.797314][ T8486]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x100/0x2f0
[  253.797337][ T8486]  should_failslab+0xc2/0x120
[  253.797353][ T8486]  __kmalloc_noprof+0xe0/0x850
[  253.797381][ T8486]  genl_family_rcv_msg_attrs_parse.isra.0+0x100/0x2f0
[  253.797411][ T8486]  genl_family_rcv_msg_doit+0xc7/0x300
[  253.797435][ T8486]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  253.797464][ T8486]  ? bpf_lsm_capable+0x9/0x10
[  253.797478][ T8486]  ? security_capable+0x80/0x260
[  253.797504][ T8486]  genl_rcv_msg+0x560/0x800
[  253.797528][ T8486]  ? __pfx_genl_rcv_msg+0x10/0x10
[  253.797548][ T8486]  ? irqentry_exit+0x246/0x790
[  253.797573][ T8486]  ? __pfx_netlbl_unlabel_staticremove+0x10/0x10
[  253.797596][ T8486]  netlink_rcv_skb+0x159/0x420
[  253.797616][ T8486]  ? __pfx_genl_rcv_msg+0x10/0x10
[  253.797640][ T8486]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  253.797670][ T8486]  ? netlink_deliver_tap+0x1ae/0xcc0
[  253.797693][ T8486]  genl_rcv+0x28/0x40
[  253.797715][ T8486]  netlink_unicast+0x585/0x850
[  253.797742][ T8486]  ? __pfx_netlink_unicast+0x10/0x10
[  253.797772][ T8486]  netlink_sendmsg+0x8b0/0xda0
[  253.797801][ T8486]  ? __pfx_netlink_sendmsg+0x10/0x10
[  253.797821][ T8486]  ? __might_fault+0x90/0x140
[  253.797855][ T8486]  ____sys_sendmsg+0x9e1/0xb70
[  253.797878][ T8486]  ? __pfx_netlink_sendmsg+0x10/0x10
[  253.797903][ T8486]  ? __pfx_____sys_sendmsg+0x10/0x10
[  253.797934][ T8486]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  253.797963][ T8486]  ___sys_sendmsg+0x190/0x1e0
[  253.797990][ T8486]  ? __pfx____sys_sendmsg+0x10/0x10
[  253.798012][ T8486]  ? find_held_lock+0x2b/0x80
[  253.798028][ T8486]  ? rcu_preempt_deferred_qs_irqrestore+0x4fd/0xb90
[  253.798081][ T8486]  __sys_sendmsg+0x170/0x220
[  253.798100][ T8486]  ? __pfx___sys_sendmsg+0x10/0x10
[  253.798127][ T8486]  ? rcu_is_watching+0x12/0xc0
[  253.798152][ T8486]  ? exit_to_user_mode_loop+0xdd/0x4a0
[  253.798175][ T8486]  ? rcu_is_watching+0x12/0xc0
[  253.798203][ T8486]  do_syscall_64+0x10b/0xf80
[  253.798223][ T8486]  ? clear_bhb_loop+0x40/0x90
[  253.798245][ T8486]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  253.798263][ T8486] RIP: 0033:0x7f1cc279c819
[  253.798278][ T8486] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  253.798295][ T8486] RSP: 002b:00007f1cc36cb028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  253.798313][ T8486] RAX: ffffffffffffffda RBX: 00007f1cc2a15fa0 RCX: 00007f1cc279c819
[  253.798324][ T8486] RDX: 0000000000000040 RSI: 00002000000005c0 RDI: 0000000000000004
[  253.798335][ T8486] RBP: 00007f1cc36cb090 R08: 0000000000000000 R09: 0000000000000000
[  253.798344][ T8486] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  253.798354][ T8486] R13: 00007f1cc2a16038 R14: 00007f1cc2a15fa0 R15: 00007ffcac302008
[  253.798378][ T8486]  </TASK>
[  254.142064][   T29] audit: type=1326 audit(1776668995.339:941): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8473 comm="syz.1.722" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2350f9c819 code=0x7ffc0000
[  254.165340][   T29] audit: type=1326 audit(1776668995.349:942): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8473 comm="syz.1.722" exe="/root/syz-executor" sig=0 arch=c000003e syscall=229 compat=0 ip=0x7f2350f9c819 code=0x7ffc0000
[  254.189033][   T29] audit: type=1326 audit(1776668995.349:943): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8473 comm="syz.1.722" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2350f9c819 code=0x7ffc0000
[  254.212397][   T29] audit: type=1326 audit(1776668995.349:944): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8473 comm="syz.1.722" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2350f9c819 code=0x7ffc0000
[  254.235726][   T29] audit: type=1326 audit(1776668995.349:945): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8473 comm="syz.1.722" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f2350f9c819 code=0x7ffc0000
[  254.260248][   T29] audit: type=1326 audit(1776668995.349:946): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8473 comm="syz.1.722" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2350f9c819 code=0x7ffc0000
[  254.284177][   T29] audit: type=1326 audit(1776668995.349:947): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8473 comm="syz.1.722" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2350f9c819 code=0x7ffc0000
[  254.309257][   T29] audit: type=1326 audit(1776668995.349:948): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8473 comm="syz.1.722" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f2350f9c819 code=0x7ffc0000
[  254.332557][   T29] audit: type=1326 audit(1776668995.349:949): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8473 comm="syz.1.722" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2350f9c819 code=0x7ffc0000
[  255.091772][ T8504] FAULT_INJECTION: forcing a failure.
[  255.091772][ T8504] name failslab, interval 1, probability 0, space 0, times 0
[  255.115346][ T8504] CPU: 0 UID: 0 PID: 8504 Comm: syz.0.730 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  255.115377][ T8504] Tainted: [L]=SOFTLOCKUP
[  255.115384][ T8504] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  255.115394][ T8504] Call Trace:
[  255.115400][ T8504]  <TASK>
[  255.115407][ T8504]  dump_stack_lvl+0x100/0x190
[  255.115433][ T8504]  should_fail_ex.cold+0x5/0xa
[  255.115458][ T8504]  should_failslab+0xc2/0x120
[  255.115476][ T8504]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  255.115500][ T8504]  ? skb_clone+0x190/0x400
[  255.115524][ T8504]  skb_clone+0x190/0x400
[  255.115543][ T8504]  netlink_deliver_tap+0xaed/0xcc0
[  255.115571][ T8504]  netlink_unicast+0x62b/0x850
[  255.115597][ T8504]  ? __pfx_netlink_unicast+0x10/0x10
[  255.115627][ T8504]  netlink_sendmsg+0x8b0/0xda0
[  255.115652][ T8504]  ? __pfx_netlink_sendmsg+0x10/0x10
[  255.115673][ T8504]  ? __might_fault+0x90/0x140
[  255.115706][ T8504]  ____sys_sendmsg+0x9e1/0xb70
[  255.115729][ T8504]  ? __pfx_netlink_sendmsg+0x10/0x10
[  255.115753][ T8504]  ? __pfx_____sys_sendmsg+0x10/0x10
[  255.115788][ T8504]  ___sys_sendmsg+0x190/0x1e0
[  255.115814][ T8504]  ? __pfx____sys_sendmsg+0x10/0x10
[  255.115874][ T8504]  __sys_sendmsg+0x170/0x220
[  255.115894][ T8504]  ? __pfx___sys_sendmsg+0x10/0x10
[  255.115923][ T8504]  ? rcu_is_watching+0x12/0xc0
[  255.115952][ T8504]  do_syscall_64+0x10b/0xf80
[  255.115968][ T8504]  ? clear_bhb_loop+0x40/0x90
[  255.115990][ T8504]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  255.116007][ T8504] RIP: 0033:0x7fb57df9c819
[  255.116022][ T8504] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  255.116037][ T8504] RSP: 002b:00007fb57ee79028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  255.116055][ T8504] RAX: ffffffffffffffda RBX: 00007fb57e215fa0 RCX: 00007fb57df9c819
[  255.116066][ T8504] RDX: 00000000240008c4 RSI: 0000200000000000 RDI: 0000000000000004
[  255.116076][ T8504] RBP: 00007fb57ee79090 R08: 0000000000000000 R09: 0000000000000000
[  255.116086][ T8504] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  255.116096][ T8504] R13: 00007fb57e216038 R14: 00007fb57e215fa0 R15: 00007ffff0b04228
[  255.116120][ T8504]  </TASK>
[  255.407459][ T8510] netlink: 8 bytes leftover after parsing attributes in process `syz.1.731'.
[  255.781497][ T8515] fuse: fd is not a fuse device
[  256.401071][ T1576] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[  256.860346][ T1576] usb 4-1: unable to get BOS descriptor or descriptor too short
[  257.314680][ T1576] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  257.326057][ T1576] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  257.336971][ T1576] usb 4-1: New USB device found, idVendor=1235, idProduct=0010, bcdDevice= 0.40
[  257.347013][ T1576] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  257.355287][ T1576] usb 4-1: Product: syz
[  257.361084][ T1576] usb 4-1: Manufacturer: syz
[  257.366155][ T1576] usb 4-1: SerialNumber: syz
[  257.377669][ T1576] usb 4-1: selecting invalid altsetting 1
[  257.384071][ T1576] usb 4-1: unit 6 not found!
[  257.434514][ T1576] snd-usb-audio 4-1:1.0: probe with driver snd-usb-audio failed with error -22
[  257.532953][ T5813] udevd[5813]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  257.551145][ T8544] netlink: 'syz.2.742': attribute type 1 has an invalid length.
[  258.155075][ T8544] 8021q: adding VLAN 0 to HW filter on device bond5
[  258.242554][ T8528] ptrace attach of "./syz-executor exec"[5822] was attempted by " ��      ��      �      ��      ��      ��      ��              ��      ��      ��                 ����                           \x07                  
                                �h      p�      ��      ��                 ����                                                                                                                                                                                                                                                                                                                                                       syzkaller                                                       8             
�      \x0c       �       
    ����  ����                                                                        blkio.bfq.dequeue                                                                                                                                                                       
[  258.647432][ T8558] FAULT_INJECTION: forcing a failure.
[  258.647432][ T8558] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  258.775114][ T8560] netlink: 8 bytes leftover after parsing attributes in process `syz.4.745'.
[  258.794914][ T8558] CPU: 0 UID: 0 PID: 8558 Comm: syz.2.744 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  258.794941][ T8558] Tainted: [L]=SOFTLOCKUP
[  258.794947][ T8558] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  258.794956][ T8558] Call Trace:
[  258.794962][ T8558]  <TASK>
[  258.794968][ T8558]  dump_stack_lvl+0x100/0x190
[  258.794999][ T8558]  should_fail_ex.cold+0x5/0xa
[  258.795018][ T8558]  ? prepare_alloc_pages+0x16d/0x5f0
[  258.795040][ T8558]  should_fail_alloc_page+0xeb/0x140
[  258.795059][ T8558]  prepare_alloc_pages+0x1f0/0x5f0
[  258.795082][ T8558]  __alloc_frozen_pages_noprof+0x19a/0x2bc0
[  258.795122][ T8558]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  258.795149][ T8558]  ? rcu_is_watching+0x12/0xc0
[  258.795173][ T8558]  ? trace_kmalloc+0xe3/0x110
[  258.795191][ T8558]  ? __kasan_kmalloc+0xaa/0xb0
[  258.795221][ T8558]  ? find_held_lock+0x2b/0x80
[  258.795237][ T8558]  ? avc_has_perm_noaudit+0x11e/0x3b0
[  258.795259][ T8558]  ? avc_has_perm_noaudit+0x11e/0x3b0
[  258.795282][ T8558]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  258.795304][ T8558]  ? policy_nodemask+0xed/0x4f0
[  258.795322][ T8558]  alloc_pages_mpol+0x1fb/0x540
[  258.795340][ T8558]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  258.795363][ T8558]  folio_alloc_mpol_noprof+0x36/0x260
[  258.795386][ T8558]  vma_alloc_folio_noprof+0xed/0x1d0
[  258.795406][ T8558]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  258.795426][ T8558]  ? rcu_read_unlock+0x2d/0xb0
[  258.795448][ T8558]  ? rcu_read_unlock+0x2d/0xb0
[  258.795476][ T8558]  do_wp_page+0xd75/0x4350
[  258.795508][ T8558]  ? __pfx_do_wp_page+0x10/0x10
[  258.795530][ T8558]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  258.795559][ T8558]  __handle_mm_fault+0x1ab6/0x2a00
[  258.795585][ T8558]  ? mt_find+0x45e/0x8e0
[  258.795605][ T8558]  ? __pfx___handle_mm_fault+0x10/0x10
[  258.795626][ T8558]  ? __pfx_mt_find+0x10/0x10
[  258.795655][ T8558]  ? find_vma+0xbf/0x140
[  258.795671][ T8558]  ? __pfx_find_vma+0x10/0x10
[  258.795690][ T8558]  handle_mm_fault+0x36d/0xa20
[  258.795715][ T8558]  do_user_addr_fault+0x74c/0x12f0
[  258.795742][ T8558]  ? trace_page_fault_kernel+0x7a/0x200
[  258.795764][ T8558]  exc_page_fault+0x6f/0xd0
[  258.795796][ T8558]  asm_exc_page_fault+0x26/0x30
[  258.795813][ T8558] RIP: 0010:__put_user_4+0xd/0x20
[  258.795845][ T8558] Code: 66 89 01 31 c9 0f 01 ca e9 c0 d7 03 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 89 cb 48 c1 fb 3f 48 09 d9 0f 01 cb <89> 01 31 c9 0f 01 ca e9 97 d7 03 00 0f 1f 80 00 00 00 00 90 90 90
[  258.795860][ T8558] RSP: 0018:ffffc90003aefcd0 EFLAGS: 00050202
[  258.795875][ T8558] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000200000001c38
[  258.795885][ T8558] RDX: ffff8880317e4a00 RSI: ffffffff825a4781 RDI: ffffffff8c1c1300
[  258.795895][ T8558] RBP: 0000000000000000 R08: 0000000000000001 R09: 00000000000001c8
[  258.795904][ T8558] R10: 0000000000000200 R11: 0000000000000000 R12: 0000000000040840
[  258.795914][ T8558] R13: 0000000000000158 R14: 0000000000000159 R15: 0000200000001c00
[  258.795931][ T8558]  ? __might_fault+0x111/0x140
[  258.795958][ T8558]  __sys_sendmmsg+0x239/0x430
[  258.795980][ T8558]  ? __pfx___sys_sendmmsg+0x10/0x10
[  258.796005][ T8558]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  258.796031][ T8558]  ? fput+0x79/0x100
[  258.796053][ T8558]  ? ksys_write+0x1ac/0x250
[  258.796070][ T8558]  ? __pfx_ksys_write+0x10/0x10
[  258.796091][ T8558]  __x64_sys_sendmmsg+0x9c/0x100
[  258.796108][ T8558]  ? lockdep_hardirqs_on+0x78/0x100
[  258.796130][ T8558]  do_syscall_64+0x10b/0xf80
[  258.796143][ T8558]  ? clear_bhb_loop+0x40/0x90
[  258.796163][ T8558]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  258.796179][ T8558] RIP: 0033:0x7f1cc279c819
[  258.796192][ T8558] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  258.796206][ T8558] RSP: 002b:00007f1cc36aa028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  258.796221][ T8558] RAX: ffffffffffffffda RBX: 00007f1cc2a16090 RCX: 00007f1cc279c819
[  258.796231][ T8558] RDX: 0400000000000159 RSI: 0000200000001c00 RDI: 0000000000000004
[  258.796240][ T8558] RBP: 00007f1cc36aa090 R08: 0000000000000000 R09: 0000000000000000
[  258.796249][ T8558] R10: 0000000000040840 R11: 0000000000000246 R12: 0000000000000001
[  258.796258][ T8558] R13: 00007f1cc2a16128 R14: 00007f1cc2a16090 R15: 00007ffcac302008
[  258.796278][ T8558]  </TASK>
[  258.803661][ T8560] fuse: Unknown parameter 'user_i00000000000000000000'
[  259.703846][ T5947] usb 4-1: USB disconnect, device number 22
[  259.730273][   T29] kauditd_printk_skb: 14 callbacks suppressed
[  259.730288][   T29] audit: type=1400 audit(1776669001.639:964): avc:  denied  { nlmsg_read } for  pid=8574 comm="syz.1.749" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  259.759950][ T8577] netlink: 'syz.3.751': attribute type 1 has an invalid length.
[  259.761867][ T8575] netlink: 224 bytes leftover after parsing attributes in process `syz.1.749'.
[  259.851953][ T8584] netlink: 'syz.1.753': attribute type 4 has an invalid length.
[  259.859841][ T8584] netlink: 4168 bytes leftover after parsing attributes in process `syz.1.753'.
[  259.863124][ T8577] bond3: entered promiscuous mode
[  259.908822][ T8577] 8021q: adding VLAN 0 to HW filter on device bond3
[  259.979030][ T8586] 8021q: adding VLAN 0 to HW filter on device bond3
[  259.989688][ T8593] netlink: 'syz.2.754': attribute type 1 has an invalid length.
[  259.999630][ T8586] bond3: (slave vti0): The slave device specified does not support setting the MAC address
[  260.011916][ T8586] bond3: (slave vti0): Setting fail_over_mac to active for active-backup mode
[  260.023672][ T8586] bond3: (slave vti0): making interface the new active one
[  260.032412][ T8586] vti0: entered promiscuous mode
[  260.045059][ T8586] bond3: (slave vti0): Enslaving as an active interface with an up link
[  260.083981][ T8593] 8021q: adding VLAN 0 to HW filter on device bond6
[  260.091543][   T24] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[  260.202793][ T5885] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  260.350940][   T24] usb 1-1: Using ep0 maxpacket: 8
[  260.357146][   T24] usb 1-1: config 6 has an invalid interface number: 3 but max is 1
[  260.365286][   T24] usb 1-1: config 6 has an invalid interface number: 75 but max is 1
[  260.374160][   T24] usb 1-1: config 6 has no interface number 0
[  260.380360][   T24] usb 1-1: config 6 has no interface number 1
[  261.118329][   T29] audit: type=1400 audit(1776669002.639:965): avc:  denied  { mount } for  pid=8597 comm="syz.3.755" name="/" dev="rpc_pipefs" ino=19863 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:rpc_pipefs_t tclass=filesystem permissive=1
[  261.175673][   T24] usb 1-1: config 6 interface 3 altsetting 225 endpoint 0xD has an invalid bInterval 127, changing to 10
[  261.192876][ T5885] usb 5-1: Using ep0 maxpacket: 16
[  261.195719][   T24] usb 1-1: config 6 interface 3 altsetting 225 has a duplicate endpoint with address 0xD, skipping
[  261.216025][ T5885] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  261.229987][   T24] usb 1-1: config 6 interface 3 has no altsetting 0
[  261.239151][   T24] usb 1-1: config 6 interface 75 has no altsetting 0
[  261.253442][ T8607] netlink: 32 bytes leftover after parsing attributes in process `syz.3.757'.
[  261.256493][ T5885] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  261.266796][ T8607] FAULT_INJECTION: forcing a failure.
[  261.266796][ T8607] name failslab, interval 1, probability 0, space 0, times 0
[  261.311284][ T5885] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  261.332077][ T5885] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  261.351025][ T8607] CPU: 0 UID: 0 PID: 8607 Comm: syz.3.757 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  261.351055][ T8607] Tainted: [L]=SOFTLOCKUP
[  261.351061][ T8607] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  261.351071][ T8607] Call Trace:
[  261.351077][ T8607]  <TASK>
[  261.351083][ T8607]  dump_stack_lvl+0x100/0x190
[  261.351108][ T8607]  should_fail_ex.cold+0x5/0xa
[  261.351131][ T8607]  should_failslab+0xc2/0x120
[  261.351147][ T8607]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[  261.351173][ T8607]  ? __alloc_skb+0x140/0x710
[  261.351195][ T8607]  __alloc_skb+0x140/0x710
[  261.351210][ T8607]  ? __alloc_skb+0x5b7/0x710
[  261.351227][ T8607]  ? __pfx___alloc_skb+0x10/0x10
[  261.351242][ T8607]  ? genl_rcv_msg+0x4be/0x800
[  261.351275][ T8607]  netlink_ack+0x117/0xb80
[  261.351304][ T8607]  netlink_rcv_skb+0x333/0x420
[  261.351327][ T8607]  ? __pfx_genl_rcv_msg+0x10/0x10
[  261.351354][ T8607]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  261.351388][ T8607]  ? netlink_deliver_tap+0x1ae/0xcc0
[  261.351413][ T8607]  genl_rcv+0x28/0x40
[  261.351436][ T8607]  netlink_unicast+0x585/0x850
[  261.351462][ T8607]  ? __pfx_netlink_unicast+0x10/0x10
[  261.351492][ T8607]  netlink_sendmsg+0x8b0/0xda0
[  261.351519][ T8607]  ? __pfx_netlink_sendmsg+0x10/0x10
[  261.351541][ T8607]  ? __might_fault+0x90/0x140
[  261.351573][ T8607]  ____sys_sendmsg+0x9e1/0xb70
[  261.351595][ T8607]  ? __pfx_netlink_sendmsg+0x10/0x10
[  261.351619][ T8607]  ? __pfx_____sys_sendmsg+0x10/0x10
[  261.351654][ T8607]  ___sys_sendmsg+0x190/0x1e0
[  261.351681][ T8607]  ? __pfx____sys_sendmsg+0x10/0x10
[  261.351734][ T8607]  __sys_sendmsg+0x170/0x220
[  261.351760][ T8607]  ? __pfx___sys_sendmsg+0x10/0x10
[  261.351789][ T8607]  ? rcu_is_watching+0x12/0xc0
[  261.351818][ T8607]  do_syscall_64+0x10b/0xf80
[  261.351835][ T8607]  ? clear_bhb_loop+0x40/0x90
[  261.351855][ T8607]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  261.351872][ T8607] RIP: 0033:0x7f3af699c819
[  261.351889][ T8607] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  261.351905][ T8607] RSP: 002b:00007f3af779b028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  261.351922][ T8607] RAX: ffffffffffffffda RBX: 00007f3af6c15fa0 RCX: 00007f3af699c819
[  261.351933][ T8607] RDX: 000000002004c0c4 RSI: 00002000000003c0 RDI: 0000000000000004
[  261.351943][ T8607] RBP: 00007f3af779b090 R08: 0000000000000000 R09: 0000000000000000
[  261.351954][ T8607] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  261.351963][ T8607] R13: 00007f3af6c16038 R14: 00007f3af6c15fa0 R15: 00007ffce7da1208
[  261.351987][ T8607]  </TASK>
[  261.359700][ T5885] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  261.419223][   T24] usb 1-1: New USB device found, idVendor=19d2, idProduct=1432, bcdDevice=c9.c9
[  261.635509][ T5885] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  261.651818][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  261.693770][ T5885] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  261.717018][ T5885] usb 5-1: Manufacturer: syz
[  261.734708][ T5885] usb 5-1: config 0 descriptor??
[  261.778244][   T24] usb 1-1: Product: syz
[  261.789467][   T24] usb 1-1: Manufacturer: syz
[  261.795053][ T8621] netlink: 8 bytes leftover after parsing attributes in process `syz.1.762'.
[  261.809114][   T24] usb 1-1: SerialNumber: syz
[  261.893648][ T8624] fuse: fd is not a fuse device
[  262.208397][   T29] audit: type=1400 audit(1776669004.119:966): avc:  denied  { append } for  pid=8578 comm="syz.0.750" name="rtc0" dev="devtmpfs" ino=921 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  262.242079][ T5885] rc_core: IR keymap rc-hauppauge not found
[  262.250494][ T5885] Registered IR keymap rc-empty
[  262.256383][ T5885] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  262.294275][ T5885] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  262.324757][ T5885] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  262.338680][ T5885] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input15
[  262.360817][ T5885] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  262.381070][ T5885] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  262.400989][ T5885] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  262.420988][ T5885] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  262.440994][ T5885] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  262.464822][ T5885] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  262.490986][ T5885] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  262.511027][ T5885] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  262.531166][ T5885] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  262.552013][ T5885] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  262.586279][ T5885] mceusb 5-1:0.0: Registered 424242424242 with mce emulator interface version 1
[  262.602078][ T5885] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  262.980553][ T5829] usb 5-1: USB disconnect, device number 25
[  263.698437][   T24] option 1-1:6.75: GSM modem (1-port) converter detected
[  263.748284][   T24] usb 1-1: USB disconnect, device number 24
[  263.782591][   T24] option 1-1:6.75: device disconnected
[  263.815394][ T8646] FAULT_INJECTION: forcing a failure.
[  263.815394][ T8646] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  263.868220][ T8646] CPU: 0 UID: 0 PID: 8646 Comm: syz.4.769 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  263.868250][ T8646] Tainted: [L]=SOFTLOCKUP
[  263.868255][ T8646] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  263.868265][ T8646] Call Trace:
[  263.868271][ T8646]  <TASK>
[  263.868277][ T8646]  dump_stack_lvl+0x100/0x190
[  263.868303][ T8646]  should_fail_ex.cold+0x5/0xa
[  263.868327][ T8646]  _copy_from_user+0x2e/0xd0
[  263.868349][ T8646]  kstrtouint_from_user+0xd6/0x1d0
[  263.868373][ T8646]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  263.868396][ T8646]  ? __lock_acquire+0x4a5/0x2630
[  263.868421][ T8646]  ? lock_acquire+0x1b1/0x370
[  263.868446][ T8646]  proc_fail_nth_write+0x83/0x220
[  263.868464][ T8646]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  263.868486][ T8646]  vfs_write+0x2aa/0x1070
[  263.868505][ T8646]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  263.868528][ T8646]  ? __pfx_vfs_write+0x10/0x10
[  263.868544][ T8646]  ? __fget_files+0x215/0x3d0
[  263.868575][ T8646]  ? __fget_files+0x21f/0x3d0
[  263.868599][ T8646]  ksys_write+0x12a/0x250
[  263.868613][ T8646]  ? __pfx_ksys_write+0x10/0x10
[  263.868630][ T8646]  ? rcu_is_watching+0x12/0xc0
[  263.868656][ T8646]  do_syscall_64+0x10b/0xf80
[  263.868671][ T8646]  ? clear_bhb_loop+0x40/0x90
[  263.868690][ T8646]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  263.868705][ T8646] RIP: 0033:0x7f953b75d04e
[  263.868719][ T8646] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  263.868732][ T8646] RSP: 002b:00007f953c6d8fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  263.868748][ T8646] RAX: ffffffffffffffda RBX: 00007f953c6d96c0 RCX: 00007f953b75d04e
[  263.868764][ T8646] RDX: 0000000000000001 RSI: 00007f953c6d90a0 RDI: 0000000000000004
[  263.868772][ T8646] RBP: 00007f953c6d9090 R08: 0000000000000000 R09: 0000000000000000
[  263.868782][ T8646] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  263.868791][ T8646] R13: 00007f953ba16038 R14: 00007f953ba15fa0 R15: 00007fff2d10d818
[  263.868815][ T8646]  </TASK>
[  264.298973][ T8654] FAULT_INJECTION: forcing a failure.
[  264.298973][ T8654] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  264.313402][ T8654] CPU: 0 UID: 0 PID: 8654 Comm: syz.0.772 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  264.313426][ T8654] Tainted: [L]=SOFTLOCKUP
[  264.313430][ T8654] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  264.313437][ T8654] Call Trace:
[  264.313441][ T8654]  <TASK>
[  264.313445][ T8654]  dump_stack_lvl+0x100/0x190
[  264.313462][ T8654]  should_fail_ex.cold+0x5/0xa
[  264.313478][ T8654]  _copy_from_user+0x2e/0xd0
[  264.313491][ T8654]  copy_msghdr_from_user+0x9f/0x4f0
[  264.313510][ T8654]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  264.313525][ T8654]  ? rcu_is_watching+0x12/0xc0
[  264.313544][ T8654]  ? __schedule+0x10fb/0x6820
[  264.313561][ T8654]  ? rcu_is_watching+0x12/0xc0
[  264.313579][ T8654]  ___sys_sendmsg+0x106/0x1e0
[  264.313596][ T8654]  ? __pfx____sys_sendmsg+0x10/0x10
[  264.313626][ T8654]  ? irqentry_exit+0x246/0x790
[  264.313640][ T8654]  ? lockdep_hardirqs_on+0x78/0x100
[  264.313663][ T8654]  ? __sys_sendmmsg+0x107/0x430
[  264.313674][ T8654]  ? __sys_sendmmsg+0x158/0x430
[  264.313687][ T8654]  __sys_sendmmsg+0x205/0x430
[  264.313700][ T8654]  ? __pfx___sys_sendmmsg+0x10/0x10
[  264.313717][ T8654]  ? preempt_schedule_irq+0x7b/0x90
[  264.313743][ T8654]  __x64_sys_sendmmsg+0x9c/0x100
[  264.313760][ T8654]  do_syscall_64+0x10b/0xf80
[  264.313770][ T8654]  ? clear_bhb_loop+0x40/0x90
[  264.313783][ T8654]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  264.313794][ T8654] RIP: 0033:0x7fb57df9c819
[  264.313803][ T8654] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  264.313814][ T8654] RSP: 002b:00007fb57ee58028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  264.313826][ T8654] RAX: ffffffffffffffda RBX: 00007fb57e216090 RCX: 00007fb57df9c819
[  264.313832][ T8654] RDX: 0000000004000095 RSI: 0000200000005240 RDI: 0000000000000004
[  264.313838][ T8654] RBP: 00007fb57ee58090 R08: 0000000000000000 R09: 0000000000000000
[  264.313844][ T8654] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  264.313851][ T8654] R13: 00007fb57e216128 R14: 00007fb57e216090 R15: 00007ffff0b04228
[  264.313864][ T8654]  </TASK>
[  264.877977][ T8664] netlink: 8 bytes leftover after parsing attributes in process `syz.3.774'.
[  264.890602][ T8666] FAULT_INJECTION: forcing a failure.
[  264.890602][ T8666] name failslab, interval 1, probability 0, space 0, times 0
[  264.914763][ T8664] fuse: Unknown parameter 'user_id00000000000000000000'
[  264.931309][ T8666] CPU: 1 UID: 0 PID: 8666 Comm: syz.4.776 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  264.931340][ T8666] Tainted: [L]=SOFTLOCKUP
[  264.931346][ T8666] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  264.931355][ T8666] Call Trace:
[  264.931360][ T8666]  <TASK>
[  264.931367][ T8666]  dump_stack_lvl+0x100/0x190
[  264.931392][ T8666]  should_fail_ex.cold+0x5/0xa
[  264.931414][ T8666]  ? bcm_sendmsg+0x33d4/0x4510
[  264.931435][ T8666]  should_failslab+0xc2/0x120
[  264.931451][ T8666]  __kmalloc_noprof+0xe0/0x850
[  264.931475][ T8666]  ? lockdep_init_map_type+0x5c/0x250
[  264.931499][ T8666]  bcm_sendmsg+0x33d4/0x4510
[  264.931520][ T8666]  ? sock_has_perm+0x258/0x2f0
[  264.931548][ T8666]  ? __pfx_bcm_sendmsg+0x10/0x10
[  264.931567][ T8666]  ? iovec_from_user+0xda/0x140
[  264.931602][ T8666]  ____sys_sendmsg+0x9e1/0xb70
[  264.931626][ T8666]  ? __pfx_bcm_sendmsg+0x10/0x10
[  264.931650][ T8666]  ? __pfx_____sys_sendmsg+0x10/0x10
[  264.931685][ T8666]  ___sys_sendmsg+0x190/0x1e0
[  264.931715][ T8666]  ? __pfx____sys_sendmsg+0x10/0x10
[  264.931761][ T8666]  __sys_sendmsg+0x170/0x220
[  264.931780][ T8666]  ? __pfx___sys_sendmsg+0x10/0x10
[  264.931808][ T8666]  ? rcu_is_watching+0x12/0xc0
[  264.931837][ T8666]  do_syscall_64+0x10b/0xf80
[  264.931854][ T8666]  ? clear_bhb_loop+0x40/0x90
[  264.931876][ T8666]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  264.931894][ T8666] RIP: 0033:0x7f953b79c819
[  264.931909][ T8666] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  264.931925][ T8666] RSP: 002b:00007f953c6b8028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  264.931944][ T8666] RAX: ffffffffffffffda RBX: 00007f953ba16090 RCX: 00007f953b79c819
[  264.931955][ T8666] RDX: 0000000000000000 RSI: 0000200000001fc8 RDI: 0000000000000005
[  264.931965][ T8666] RBP: 00007f953c6b8090 R08: 0000000000000000 R09: 0000000000000000
[  264.931974][ T8666] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  264.931984][ T8666] R13: 00007f953ba16128 R14: 00007f953ba16090 R15: 00007fff2d10d818
[  264.932007][ T8666]  </TASK>
[  265.220661][ T8673] netlink: 'syz.2.779': attribute type 10 has an invalid length.
[  265.238502][ T8673] macvlan1: entered allmulticast mode
[  265.281346][ T8673] veth1_vlan: entered allmulticast mode
[  265.381876][ T8673] team0: Port device macvlan1 added
[  266.146288][   T29] audit: type=1326 audit(1776669008.009:967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8681 comm="syz.2.783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cc279c819 code=0x7ffc0000
[  266.980301][   T29] audit: type=1326 audit(1776669008.009:968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8681 comm="syz.2.783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cc279c819 code=0x7ffc0000
[  267.028493][ T8695] vxcan1 speed is unknown, defaulting to 1000
[  267.138665][ T8695] wg1 speed is unknown, defaulting to 1000
[  267.169974][   T29] audit: type=1326 audit(1776669008.009:969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8681 comm="syz.2.783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=229 compat=0 ip=0x7f1cc279c819 code=0x7ffc0000
[  267.214942][   T29] audit: type=1326 audit(1776669008.009:970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8681 comm="syz.2.783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cc279c819 code=0x7ffc0000
[  267.277440][   T29] audit: type=1326 audit(1776669008.009:971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8681 comm="syz.2.783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cc279c819 code=0x7ffc0000
[  267.423379][   T29] audit: type=1326 audit(1776669008.009:972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8681 comm="syz.2.783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f1cc279c819 code=0x7ffc0000
[  267.540289][   T29] audit: type=1326 audit(1776669008.009:973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8681 comm="syz.2.783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cc279c819 code=0x7ffc0000
[  267.900958][   T29] audit: type=1326 audit(1776669008.009:974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8681 comm="syz.2.783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cc279c819 code=0x7ffc0000
[  268.047939][   T29] audit: type=1326 audit(1776669008.009:975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8681 comm="syz.2.783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1cc279c819 code=0x7ffc0000
[  268.141527][   T29] audit: type=1326 audit(1776669008.009:976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8681 comm="syz.2.783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cc279c819 code=0x7ffc0000
[  268.181023][ T8713] vxcan1 speed is unknown, defaulting to 1000
[  268.203660][ T8715] fuse: Unknown parameter '��������'
[  269.156406][ T8713] wg1 speed is unknown, defaulting to 1000
[  269.570295][   T10] usb 1-1: new high-speed USB device number 25 using dummy_hcd
[  269.760932][   T10] usb 1-1: Using ep0 maxpacket: 16
[  269.771413][   T10] usb 1-1: unable to get BOS descriptor or descriptor too short
[  269.789354][   T10] usb 1-1: config 7 has an invalid interface number: 118 but max is 0
[  269.789380][   T10] usb 1-1: config 7 has no interface number 0
[  269.789402][   T10] usb 1-1: config 7 interface 118 has no altsetting 0
[  269.796752][   T10] usb 1-1: New USB device found, idVendor=07ca, idProduct=b800, bcdDevice=22.09
[  269.796780][   T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  269.796799][   T10] usb 1-1: Product: syz
[  269.796814][   T10] usb 1-1: Manufacturer: syz
[  269.796828][   T10] usb 1-1: SerialNumber: syz
[  269.883568][ T8741] netlink: 20 bytes leftover after parsing attributes in process `syz.2.798'.
[  269.892551][ T8741] netlink: 28 bytes leftover after parsing attributes in process `syz.2.798'.
[  270.055569][   T10]  (null): radio-mr800 - initialization failed
[  270.063187][   T10] radio-mr800 1-1:7.118: probe with driver radio-mr800 failed with error -22
[  270.074561][   T10] usbhid 1-1:7.118: couldn't find an input interrupt endpoint
[  270.443878][   T10] usb 1-1: USB disconnect, device number 25
[  270.450037][ T8749] vxcan1 speed is unknown, defaulting to 1000
[  270.546750][ T8749] wg1 speed is unknown, defaulting to 1000
[  270.671549][ T8752] siw: device registration error -23
[  270.922342][   T24] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  270.933187][ T8756] tipc: Started in network mode
[  270.946695][ T8756] tipc: Node identity 7f000001, cluster identity 4711
[  270.968123][ T8756] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  271.091414][   T24] usb 5-1: Using ep0 maxpacket: 32
[  271.106416][   T24] usb 5-1: config 0 has an invalid interface number: 51 but max is 0
[  271.121261][ T8767] vxcan1 speed is unknown, defaulting to 1000
[  271.121853][   T24] usb 5-1: config 0 has no interface number 0
[  271.147968][   T24] usb 5-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  271.161429][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  271.180410][   T24] usb 5-1: Product: syz
[  271.198584][   T24] usb 5-1: Manufacturer: syz
[  271.214108][   T24] usb 5-1: SerialNumber: syz
[  271.243852][   T24] usb 5-1: config 0 descriptor??
[  271.273809][   T24] quatech2 5-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  271.494606][   T24] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  271.538812][   T24] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  272.880900][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  273.190890][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  274.468495][ T8767] wg1 speed is unknown, defaulting to 1000
[  274.631649][    C1] usb 5-1: qt2_read_bulk_callback - non-zero urb status: -71
[  274.633520][   T10] usb 5-1: USB disconnect, device number 26
[  274.746821][   T10] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  274.827609][   T10] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  274.858362][   T10] quatech2 5-1:0.51: device disconnected
[  275.403772][ T8801] netlink: 16 bytes leftover after parsing attributes in process `syz.1.816'.
[  276.564806][ T8812] FAULT_INJECTION: forcing a failure.
[  276.564806][ T8812] name failslab, interval 1, probability 0, space 0, times 0
[  276.614551][ T8812] CPU: 0 UID: 0 PID: 8812 Comm: syz.4.817 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  276.614572][ T8812] Tainted: [L]=SOFTLOCKUP
[  276.614576][ T8812] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  276.614585][ T8812] Call Trace:
[  276.614589][ T8812]  <TASK>
[  276.614593][ T8812]  dump_stack_lvl+0x100/0x190
[  276.614610][ T8812]  should_fail_ex.cold+0x5/0xa
[  276.614630][ T8812]  should_failslab+0xc2/0x120
[  276.614642][ T8812]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  276.614659][ T8812]  ? skb_clone+0x190/0x400
[  276.614673][ T8812]  skb_clone+0x190/0x400
[  276.614686][ T8812]  netlink_deliver_tap+0xaed/0xcc0
[  276.614704][ T8812]  netlink_unicast+0x62b/0x850
[  276.614722][ T8812]  ? __pfx_netlink_unicast+0x10/0x10
[  276.614741][ T8812]  netlink_sendmsg+0x8b0/0xda0
[  276.614759][ T8812]  ? __pfx_netlink_sendmsg+0x10/0x10
[  276.614773][ T8812]  ? __might_fault+0x90/0x140
[  276.614793][ T8812]  ____sys_sendmsg+0x9e1/0xb70
[  276.614807][ T8812]  ? __pfx_netlink_sendmsg+0x10/0x10
[  276.614823][ T8812]  ? __pfx_____sys_sendmsg+0x10/0x10
[  276.614844][ T8812]  ___sys_sendmsg+0x190/0x1e0
[  276.614861][ T8812]  ? __pfx____sys_sendmsg+0x10/0x10
[  276.614893][ T8812]  __sys_sendmsg+0x170/0x220
[  276.614906][ T8812]  ? __pfx___sys_sendmsg+0x10/0x10
[  276.614923][ T8812]  ? rcu_is_watching+0x12/0xc0
[  276.614942][ T8812]  do_syscall_64+0x10b/0xf80
[  276.614952][ T8812]  ? clear_bhb_loop+0x40/0x90
[  276.614965][ T8812]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  276.614976][ T8812] RIP: 0033:0x7f953b79c819
[  276.614986][ T8812] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  276.614996][ T8812] RSP: 002b:00007f953c697028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  276.615008][ T8812] RAX: ffffffffffffffda RBX: 00007f953ba16180 RCX: 00007f953b79c819
[  276.615015][ T8812] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000004
[  276.615021][ T8812] RBP: 00007f953c697090 R08: 0000000000000000 R09: 0000000000000000
[  276.615027][ T8812] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  276.615033][ T8812] R13: 00007f953ba16218 R14: 00007f953ba16180 R15: 00007fff2d10d818
[  276.615047][ T8812]  </TASK>
[  276.841665][ T8805] netlink: 4 bytes leftover after parsing attributes in process `syz.1.818'.
[  279.782012][ T8842] vxcan1 speed is unknown, defaulting to 1000
[  279.858746][ T8842] wg1 speed is unknown, defaulting to 1000
[  279.950177][   T29] kauditd_printk_skb: 11 callbacks suppressed
[  279.950193][   T29] audit: type=1400 audit(1776669021.859:988): avc:  denied  { create } for  pid=8848 comm="syz.2.828" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  279.993249][   T29] audit: type=1400 audit(1776669021.899:989): avc:  denied  { mounton } for  pid=8848 comm="syz.2.828" path="/184/file0" dev="tmpfs" ino=1002 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  280.374841][ T8855] bridge0: port 2(bridge_slave_1) entered disabled state
[  280.386667][ T8855] bridge0: port 1(bridge_slave_0) entered disabled state
[  281.593093][ T8873] netlink: 'syz.4.835': attribute type 1 has an invalid length.
[  281.691977][   T29] audit: type=1400 audit(1776669023.599:990): avc:  denied  { unlink } for  pid=5823 comm="syz-executor" name="file0" dev="tmpfs" ino=1002 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  281.902790][ T8885] netlink: 'syz.2.839': attribute type 39 has an invalid length.
[  282.014002][   T29] audit: type=1400 audit(1776669023.929:991): avc:  denied  { mount } for  pid=8887 comm="syz.3.840" name="/" dev="autofs" ino=21551 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1
[  282.128663][   T29] audit: type=1400 audit(1776669024.039:992): avc:  denied  { mount } for  pid=8889 comm="syz.0.841" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[  282.162245][   T29] audit: type=1400 audit(1776669024.069:993): avc:  denied  { mounton } for  pid=8889 comm="syz.0.841" path="/160/file0" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=dir permissive=1
[  282.288830][   T29] audit: type=1400 audit(1776669024.199:994): avc:  denied  { getopt } for  pid=8894 comm="syz.0.843" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  282.571392][ T5899] usb 3-1: new low-speed USB device number 20 using dummy_hcd
[  282.738746][ T5899] usb 3-1: unable to get BOS descriptor or descriptor too short
[  282.764875][ T5899] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid maxpacket 1023, setting to 0
[  282.789366][ T5899] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 4
[  282.811956][ T5899] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid maxpacket 1023, setting to 0
[  282.856554][ T5899] usb 3-1: New USB device found, idVendor=0ccd, idProduct=0014, bcdDevice= 0.40
[  282.890960][ T5899] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  282.930011][ T5899] usb 3-1: Manufacturer: ᕷ낙懁Ძᠣ홙糑嘰涺⤩ꋓ锸㶱﹝
[  283.073363][ T8910] xt_connbytes: Forcing CT accounting to be enabled
[  283.081430][ T8910] set match dimension is over the limit!
[  283.099831][   T29] audit: type=1400 audit(1776669025.009:995): avc:  denied  { connect } for  pid=8909 comm="syz.4.848" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  283.303973][ T5885] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[  283.852187][ T5885] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  283.864696][ T5885] usb 4-1: config 0 has no interfaces?
[  283.872094][ T5885] usb 4-1: New USB device found, idVendor=041e, idProduct=2801, bcdDevice= 0.00
[  283.881428][ T5885] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  283.892407][ T5885] usb 4-1: config 0 descriptor??
[  284.304252][ T5885] usb 1-1: new high-speed USB device number 26 using dummy_hcd
[  284.399756][   T29] audit: type=1400 audit(1776669026.309:996): avc:  denied  { mount } for  pid=8923 comm="syz.4.853" name="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[  284.473329][ T5885] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  284.487816][ T5885] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  284.499707][ T5885] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  284.510103][ T5885] usb 1-1: Product: syz
[  284.515210][ T5885] usb 1-1: Manufacturer: syz
[  284.520081][ T5885] usb 1-1: SerialNumber: syz
[  285.168439][ T8922] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  285.179138][ T8922] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  285.193489][ T8922] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  285.205115][ T8922] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  285.235804][ T5885] cdc_ncm 1-1:1.0: failed GET_NTB_PARAMETERS
[  285.246341][ T5885] cdc_ncm 1-1:1.0: bind() failure
[  285.267758][ T5885] cdc_ncm 1-1:1.1: CDC Union missing and no IAD found
[  285.274750][ T5885] cdc_ncm 1-1:1.1: bind() failure
[  285.289222][ T5885] usb 1-1: USB disconnect, device number 26
[  285.415794][ T5899] usb 3-1: low speed audio streaming not supported
[  285.424955][ T5899] usb 3-1: low speed audio streaming not supported
[  285.592152][ T5899] usb 3-1: USB disconnect, device number 20
[  285.753228][   T29] audit: type=1326 audit(1776669027.649:997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8947 comm="syz.2.860" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cc279c819 code=0x7ffc0000
[  286.053263][ T5813] udevd[5813]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  286.069898][ T8949] netlink: 24 bytes leftover after parsing attributes in process `syz.4.859'.
[  286.092136][   T29] audit: type=1326 audit(1776669027.649:998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8947 comm="syz.2.860" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cc279c819 code=0x7ffc0000
[  286.115985][   T29] audit: type=1326 audit(1776669027.649:999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8947 comm="syz.2.860" exe="/root/syz-executor" sig=0 arch=c000003e syscall=229 compat=0 ip=0x7f1cc279c819 code=0x7ffc0000
[  286.149239][   T29] audit: type=1326 audit(1776669027.649:1000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8947 comm="syz.2.860" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cc279c819 code=0x7ffc0000
[  286.199431][ T5892] usb 4-1: USB disconnect, device number 23
[  286.237682][   T29] audit: type=1326 audit(1776669027.649:1001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8947 comm="syz.2.860" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cc279c819 code=0x7ffc0000
[  286.286652][   T29] audit: type=1326 audit(1776669027.649:1002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8947 comm="syz.2.860" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f1cc279c819 code=0x7ffc0000
[  286.376189][   T29] audit: type=1326 audit(1776669027.649:1003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8947 comm="syz.2.860" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cc279c819 code=0x7ffc0000
[  286.403724][   T29] audit: type=1326 audit(1776669027.649:1004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8947 comm="syz.2.860" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cc279c819 code=0x7ffc0000
[  286.440113][ T8956] netlink: 4 bytes leftover after parsing attributes in process `syz.1.861'.
[  286.472230][   T29] audit: type=1326 audit(1776669027.649:1005): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8947 comm="syz.2.860" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1cc279c819 code=0x7ffc0000
[  286.530524][   T29] audit: type=1326 audit(1776669027.659:1006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8947 comm="syz.2.860" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cc279c819 code=0x7ffc0000
[  286.761172][ T5892] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[  286.920915][ T5892] usb 4-1: Using ep0 maxpacket: 32
[  286.929303][ T5892] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  286.945841][ T5892] usb 4-1: config 0 interface 0 altsetting 128 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  286.957313][ T5892] usb 4-1: config 0 interface 0 altsetting 128 endpoint 0x81 has invalid wMaxPacketSize 0
[  286.968422][ T5892] usb 4-1: config 0 interface 0 altsetting 128 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  286.983150][ T5892] usb 4-1: config 0 interface 0 has no altsetting 0
[  286.990551][ T5892] usb 4-1: New USB device found, idVendor=1b1c, idProduct=1c09, bcdDevice= 0.00
[  287.032329][ T5892] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  287.064595][ T5892] usb 4-1: config 0 descriptor??
[  287.225798][ T8970] netlink: 24 bytes leftover after parsing attributes in process `syz.1.866'.
[  287.541760][ T5892] hid_parser_main: 28 callbacks suppressed
[  287.541780][ T5892] corsair-psu 0003:1B1C:1C09.0003: unknown main item tag 0x0
[  287.564578][ T5892] corsair-psu 0003:1B1C:1C09.0003: unknown main item tag 0x0
[  287.572622][ T5892] corsair-psu 0003:1B1C:1C09.0003: unknown main item tag 0x0
[  287.580186][ T5892] corsair-psu 0003:1B1C:1C09.0003: unknown main item tag 0x0
[  287.685941][ T5892] corsair-psu 0003:1B1C:1C09.0003: unknown main item tag 0x0
[  288.371177][ T5892] corsair-psu 0003:1B1C:1C09.0003: hidraw0: USB HID v4.08 Device [HID 1b1c:1c09] on usb-dummy_hcd.3-1/input0
[  288.447751][ T5892] corsair-psu 0003:1B1C:1C09.0003: unable to initialize device (-38)
[  288.661721][ T5892] corsair-psu 0003:1B1C:1C09.0003: probe with driver corsair-psu failed with error -38
[  289.407186][ T8999] netlink: 12 bytes leftover after parsing attributes in process `syz.2.872'.
[  289.440329][ T5892] usb 4-1: USB disconnect, device number 24
[  290.415313][ T9020] netlink: 'syz.3.874': attribute type 1 has an invalid length.
[  290.603975][ T9020] 8021q: adding VLAN 0 to HW filter on device bond4
[  290.628631][ T9032] bond4: entered promiscuous mode
[  291.059567][   T29] kauditd_printk_skb: 34 callbacks suppressed
[  291.059583][   T29] audit: type=1326 audit(1776669032.969:1041): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9025 comm="syz.2.881" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cc279c819 code=0x7ffc0000
[  291.114080][   T29] audit: type=1326 audit(1776669032.969:1042): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9025 comm="syz.2.881" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cc279c819 code=0x7ffc0000
[  291.289231][   T29] audit: type=1400 audit(1776669033.199:1043): avc:  denied  { create } for  pid=9038 comm="syz.0.884" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  291.396091][   T29] audit: type=1400 audit(1776669033.309:1044): avc:  denied  { bind } for  pid=9043 comm="syz.2.885" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  291.617210][ T9052] hpfs: Bad magic ... probably not HPFS
[  291.754740][ T9048] overlayfs: failed to clone upperpath
[  292.140454][   T29] audit: type=1400 audit(1776669034.049:1045): avc:  denied  { read } for  pid=9058 comm="syz.3.889" name="loop-control" dev="devtmpfs" ino=646 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  292.171324][   T29] audit: type=1400 audit(1776669034.089:1046): avc:  denied  { open } for  pid=9058 comm="syz.3.889" path="/dev/loop-control" dev="devtmpfs" ino=646 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  292.199185][   T29] audit: type=1400 audit(1776669034.089:1047): avc:  denied  { ioctl } for  pid=9058 comm="syz.3.889" path="/dev/loop-control" dev="devtmpfs" ino=646 ioctlcmd=0x4c3f scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  292.317905][   T29] audit: type=1400 audit(1776669034.229:1048): avc:  denied  { getopt } for  pid=9060 comm="syz.2.890" lport=1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  292.361156][   T29] audit: type=1400 audit(1776669034.279:1049): avc:  denied  { setopt } for  pid=9060 comm="syz.2.890" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  292.513704][   T29] audit: type=1400 audit(1776669034.429:1050): avc:  denied  { unmount } for  pid=5825 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  293.087305][ T9070] netlink: 'syz.3.894': attribute type 1 has an invalid length.
[  293.150651][ T9070] 8021q: adding VLAN 0 to HW filter on device bond5
[  293.196326][ T9070] bond5: entered promiscuous mode
[  293.340117][ T9080] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  293.704515][ T1576] usb 4-1: new full-speed USB device number 25 using dummy_hcd
[  293.886966][ T1576] usb 4-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  293.920711][ T1576] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  293.949327][ T1576] usb 4-1: Product: syz
[  293.964994][ T1576] usb 4-1: Manufacturer: syz
[  293.982140][ T1576] usb 4-1: SerialNumber: syz
[  294.011164][ T1576] usb 4-1: config 0 descriptor??
[  294.319727][ T1576] usb 4-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  294.334655][ T9099] netlink: 24 bytes leftover after parsing attributes in process `syz.0.903'.
[  295.092420][ T1576] dvb_usb_rtl28xxu 4-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32
[  295.146766][ T9108] netlink: 'syz.4.906': attribute type 1 has an invalid length.
[  295.161730][ T9108] No such timeout policy "syz1"
[  295.267799][ T9111] netlink: 28 bytes leftover after parsing attributes in process `syz.2.905'.
[  295.761526][ T5885] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  295.923577][ T5885] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[  295.941564][ T5885] usb 5-1: config 0 has no interface number 0
[  295.962512][ T5885] usb 5-1: config 0 interface 1 has no altsetting 0
[  295.982314][ T5885] usb 5-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  296.004023][ T5885] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  296.025177][ T5885] usb 5-1: Product: syz
[  296.037212][ T5885] usb 5-1: Manufacturer: syz
[  296.045948][ T5885] usb 5-1: SerialNumber: syz
[  296.058786][ T5885] usb 5-1: config 0 descriptor??
[  296.304580][ T5885] dvb_usb_ec168 5-1:0.1: probe with driver dvb_usb_ec168 failed with error -71
[  296.342666][ T5885] usb 5-1: USB disconnect, device number 27
[  296.474749][   T10] usb 4-1: USB disconnect, device number 25
[  296.563901][ T9120] netlink: 'syz.3.909': attribute type 1 has an invalid length.
[  296.679852][ T9120] 8021q: adding VLAN 0 to HW filter on device bond6
[  296.763329][ T9124] netlink: 'syz.2.908': attribute type 6 has an invalid length.
[  296.771864][ T9124] netlink: 232 bytes leftover after parsing attributes in process `syz.2.908'.
[  296.833648][ T9125] netlink: 5256 bytes leftover after parsing attributes in process `syz.2.908'.
[  296.842889][ T9125] nbd: must specify at least one socket
[  297.215449][ T9129] 9p: Bad value for 'wfdno'
[  297.244051][ T9123] bond6: entered promiscuous mode
[  297.300246][ T9130] netlink: 'syz.4.911': attribute type 2 has an invalid length.
[  297.381317][   T10] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  297.604556][   T10] usb 3-1: Using ep0 maxpacket: 16
[  297.841946][ T9130] hma��224)
: entered promiscuous mode
[  297.932772][   T10] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  298.155653][   T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  298.355077][   T10] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  298.605359][   T10] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  298.605624][ T9134] FAULT_INJECTION: forcing a failure.
[  298.605624][ T9134] name failslab, interval 1, probability 0, space 0, times 0
[  298.629806][ T9134] CPU: 1 UID: 0 PID: 9134 Comm: syz.0.912 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  298.629832][ T9134] Tainted: [L]=SOFTLOCKUP
[  298.629839][ T9134] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  298.629848][ T9134] Call Trace:
[  298.629854][ T9134]  <TASK>
[  298.629860][ T9134]  dump_stack_lvl+0x100/0x190
[  298.629885][ T9134]  should_fail_ex.cold+0x5/0xa
[  298.629910][ T9134]  should_failslab+0xc2/0x120
[  298.629928][ T9134]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  298.629952][ T9134]  ? skb_clone+0x190/0x400
[  298.629975][ T9134]  skb_clone+0x190/0x400
[  298.629993][ T9134]  netlink_deliver_tap+0xaed/0xcc0
[  298.630021][ T9134]  netlink_unicast+0x62b/0x850
[  298.630047][ T9134]  ? __pfx_netlink_unicast+0x10/0x10
[  298.630077][ T9134]  netlink_sendmsg+0x8b0/0xda0
[  298.630108][ T9134]  ? __pfx_netlink_sendmsg+0x10/0x10
[  298.630127][ T9134]  ? __might_fault+0x90/0x140
[  298.630165][ T9134]  ____sys_sendmsg+0x9e1/0xb70
[  298.630187][ T9134]  ? __pfx_netlink_sendmsg+0x10/0x10
[  298.630212][ T9134]  ? __pfx_____sys_sendmsg+0x10/0x10
[  298.630245][ T9134]  ___sys_sendmsg+0x190/0x1e0
[  298.630271][ T9134]  ? __pfx____sys_sendmsg+0x10/0x10
[  298.630322][ T9134]  __sys_sendmsg+0x170/0x220
[  298.630341][ T9134]  ? __pfx___sys_sendmsg+0x10/0x10
[  298.630369][ T9134]  ? rcu_is_watching+0x12/0xc0
[  298.630398][ T9134]  do_syscall_64+0x10b/0xf80
[  298.630414][ T9134]  ? clear_bhb_loop+0x40/0x90
[  298.630435][ T9134]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  298.630452][ T9134] RIP: 0033:0x7fb57df9c819
[  298.630467][ T9134] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  298.630482][ T9134] RSP: 002b:00007fb57ee79028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  298.630499][ T9134] RAX: ffffffffffffffda RBX: 00007fb57e215fa0 RCX: 00007fb57df9c819
[  298.630510][ T9134] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000003
[  298.630521][ T9134] RBP: 00007fb57ee79090 R08: 0000000000000000 R09: 0000000000000000
[  298.630531][ T9134] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  298.630540][ T9134] R13: 00007fb57e216038 R14: 00007fb57e215fa0 R15: 00007ffff0b04228
[  298.630563][ T9134]  </TASK>
[  298.856640][   T10] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  298.864710][   T10] usb 3-1: Manufacturer: syz
[  298.871875][   T10] usb 3-1: config 0 descriptor??
[  299.158060][   T29] audit: type=1400 audit(1776669041.069:1051): avc:  denied  { mounton } for  pid=9142 comm="syz.0.915" path="/181/file0" dev="tmpfs" ino=960 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=fifo_file permissive=1
[  300.729041][   T29] audit: type=1400 audit(1776669042.639:1052): avc:  denied  { getopt } for  pid=9142 comm="syz.0.915" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  304.070868][    C1] sched: DL replenish lagged too much
[  305.427457][   T29] audit: type=1326 audit(1776669042.679:1053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9139 comm="syz.1.910" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f2350f9c819 code=0x0
[  312.198411][ T1307] ieee802154 phy0 wpan0: encryption failed: -22
[  312.757984][ T1307] ieee802154 phy1 wpan1: encryption failed: -22
[  325.446093][ T7635] usb 3-1: USB disconnect, device number 21
[  363.333145][    C0] vxcan1: j1939_tp_rxtimer: 0xffff888038386c00: Timeout. Failed to send simple message.
[  374.125695][ T1307] ieee802154 phy0 wpan0: encryption failed: -22
[  376.161965][ T1307] ieee802154 phy1 wpan1: encryption failed: -22
[  449.263267][ T1307] ieee802154 phy0 wpan0: encryption failed: -22
[  450.170666][ T1307] ieee802154 phy1 wpan1: encryption failed: -22
[  494.309031][    C0] vxcan1: j1939_tp_rxtimer: 0xffff88802b39bc00: Timeout. Failed to send simple message.
[  498.555626][ T1307] ieee802154 phy0 wpan0: encryption failed: -22
[  499.792919][ T1307] ieee802154 phy1 wpan1: encryption failed: -22
[  540.649035][    C0] vxcan1: j1939_tp_rxtimer: 0xffff88802b39b400: Timeout. Failed to send simple message.
[  575.335523][ T1307] ieee802154 phy0 wpan0: encryption failed: -22
[  575.460925][ T1307] ieee802154 phy1 wpan1: encryption failed: -22
[  583.100762][    C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  583.107744][    C0] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P8993/1:b..l
[  583.116067][    C0] rcu: 	(detected by 0, t=10502 jiffies, g=34897, q=1639 ncpus=2)
[  583.123868][    C0] task:syz.1.869       state:R  running task     stack:23592 pid:8993  tgid:8993  ppid:5824   task_flags:0x40064c flags:0x00080001
[  583.138028][    C0] Call Trace:
[  583.141365][    C0]  <TASK>
[  583.144315][    C0]  __schedule+0x10e9/0x6820
[  583.148814][    C0]  ? __pfx___schedule+0x10/0x10
[  583.153658][    C0]  ? rcu_is_watching+0x12/0xc0
[  583.158461][    C0]  preempt_schedule_irq+0x50/0x90
[  583.163499][    C0]  irqentry_exit+0x1fe/0x790
[  583.168099][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  583.174079][    C0] RIP: 0010:memcg1_uncharge_batch+0xe4/0x120
[  583.180056][    C0] Code: 80 3c 02 00 75 4a 44 89 ee 48 89 df 48 8b 83 c0 0b 00 00 65 4c 01 20 e8 4a d2 ff ff e8 e5 ae 92 ff 9c 58 f6 c4 02 75 17 fb 5b <5d> 41 5c 41 5d c3 cc cc cc cc 5b 5d 41 5c 41 5d e9 d7 1f 1a 09 e8
[  583.199660][    C0] RSP: 0018:ffffc900031b7198 EFLAGS: 00000246
[  583.205701][    C0] RAX: 0000000000000002 RBX: ffffc900031b7230 RCX: 0000000000000000
[  583.213661][    C0] RDX: 0000000000000000 RSI: ffffffff8df562a9 RDI: ffffffff8c1c1300
[  583.221627][    C0] RBP: 000000000000001f R08: 0000000000000001 R09: 0000000000000000
[  583.229587][    C0] R10: 0000000000000001 R11: 0000000000000000 R12: 000000000000001f
[  583.237539][    C0] R13: 0000000000000000 R14: dffffc0000000000 R15: ffffc900031b75b8
[  583.245522][    C0]  uncharge_batch+0xe8/0x430
[  583.250112][    C0]  __mem_cgroup_uncharge_folios+0x142/0x1e0
[  583.256004][    C0]  ? __pfx_lru_gen_del_folio.constprop.0+0x10/0x10
[  583.262499][    C0]  ? __pfx___mem_cgroup_uncharge_folios+0x10/0x10
[  583.268955][    C0]  ? find_held_lock+0x2b/0x80
[  583.273606][    C0]  ? folios_put_refs+0x50a/0xa90
[  583.278541][    C0]  ? folios_put_refs+0x50a/0xa90
[  583.283466][    C0]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  583.289261][    C0]  folios_put_refs+0x564/0xa90
[  583.294030][    C0]  ? __pfx_folios_put_refs+0x10/0x10
[  583.299302][    C0]  ? folio_batch_remove_exceptionals+0x115/0x1a0
[  583.305635][    C0]  shmem_undo_range+0x5e5/0x1570
[  583.310679][    C0]  ? __pfx_shmem_undo_range+0x10/0x10
[  583.316081][    C0]  shmem_evict_inode+0x3f3/0xc40
[  583.321024][    C0]  ? inode_wait_for_writeback+0x171/0x390
[  583.326729][    C0]  ? __pfx_shmem_evict_inode+0x10/0x10
[  583.332174][    C0]  ? __pfx_inode_wait_for_writeback+0x10/0x10
[  583.338260][    C0]  ? find_held_lock+0x2b/0x80
[  583.342959][    C0]  ? evict+0x37e/0xad0
[  583.347106][    C0]  ? evict+0x37e/0xad0
[  583.351175][    C0]  ? __pfx_shmem_evict_inode+0x10/0x10
[  583.356705][    C0]  evict+0x3c2/0xad0
[  583.360604][    C0]  ? find_held_lock+0x2b/0x80
[  583.365294][    C0]  ? __pfx_evict+0x10/0x10
[  583.369703][    C0]  ? iput.part.0+0x5fd/0xf50
[  583.374275][    C0]  iput.part.0+0x605/0xf50
[  583.378677][    C0]  ? __pfx_inode_just_drop+0x10/0x10
[  583.383938][    C0]  iput+0x35/0x40
[  583.387555][    C0]  dentry_unlink_inode+0x2a1/0x490
[  583.392654][    C0]  __dentry_kill+0x1d0/0x600
[  583.397240][    C0]  finish_dput+0x76/0x480
[  583.401563][    C0]  dput.part.0+0x456/0x570
[  583.405972][    C0]  dput+0x1f/0x30
[  583.409701][    C0]  __fput+0x519/0xb50
[  583.413694][    C0]  task_work_run+0x150/0x240
[  583.418295][    C0]  ? __pfx_task_work_run+0x10/0x10
[  583.423495][    C0]  ? free_uts_ns+0x16e/0x330
[  583.428094][    C0]  do_exit+0x8d2/0x2a60
[  583.432255][    C0]  ? __pfx_do_exit+0x10/0x10
[  583.437006][    C0]  ? __pfx_proc_coredump_connector+0x10/0x10
[  583.443067][    C0]  do_group_exit+0xd5/0x2a0
[  583.447555][    C0]  get_signal+0x1ec7/0x21e0
[  583.452065][    C0]  ? __pfx_get_signal+0x10/0x10
[  583.456903][    C0]  ? force_sig_fault+0xc3/0x100
[  583.461729][    C0]  arch_do_signal_or_restart+0x91/0x7a0
[  583.467259][    C0]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  583.473505][    C0]  ? __bad_area_nosemaphore+0x320/0x3f0
[  583.479039][    C0]  ? rcu_is_watching+0x12/0xc0
[  583.483806][    C0]  irqentry_exit+0x403/0x790
[  583.488399][    C0]  asm_exc_page_fault+0x26/0x30
[  583.493273][    C0] RIP: 0033:0x7f2350e527f7
[  583.497694][    C0] RSP: 002b:00007f234f1b61a0 EFLAGS: 00010206
[  583.503743][    C0] RAX: 0000000000000000 RBX: 000000000000000b RCX: 00007f2350f9c819
[  583.511716][    C0] RDX: 00007f234f1b61c0 RSI: 00007f234f1b62f0 RDI: 000000000000000b
[  583.519693][    C0] RBP: 00007f2351032c91 R08: 0000000000000000 R09: 0000000000000000
[  583.527735][    C0] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000
[  583.535718][    C0] R13: 00007f2351216128 R14: 00007f2351216090 R15: 00007ffe2a0cfb78
[  583.543685][    C0]  </TASK>
[  583.546745][    C0] rcu: rcu_preempt kthread starved for 5413 jiffies! g34897 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
[  583.557839][    C0] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  583.567881][    C0] rcu: RCU grace-period kthread stack dump:
[  583.573845][    C0] task:rcu_preempt     state:R  running task     stack:28904 pid:16    tgid:16    ppid:2      task_flags:0x208040 flags:0x00080000
[  583.587398][    C0] Call Trace:
[  583.590829][    C0]  <TASK>
[  583.593792][    C0]  __schedule+0x10e9/0x6820
[  583.598346][    C0]  ? __pfx___schedule+0x10/0x10
[  583.603214][    C0]  ? find_held_lock+0x2b/0x80
[  583.607931][    C0]  ? schedule+0x2bf/0x390
[  583.612262][    C0]  schedule+0xdd/0x390
[  583.616347][    C0]  schedule_timeout+0x127/0x280
[  583.621206][    C0]  ? __pfx_schedule_timeout+0x10/0x10
[  583.626591][    C0]  ? __pfx_process_timeout+0x10/0x10
[  583.631861][    C0]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  583.637677][    C0]  ? prepare_to_swait_event+0xdf/0x4a0
[  583.643171][    C0]  rcu_gp_fqs_loop+0x1a9/0x900
[  583.648003][    C0]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[  583.653571][    C0]  ? prepare_to_swait_event+0xae/0x4a0
[  583.659036][    C0]  ? __pfx_rcu_gp_init+0x10/0x10
[  583.664150][    C0]  ? __pfx_rcu_gp_cleanup+0x10/0x10
[  583.669354][    C0]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  583.675162][    C0]  rcu_gp_kthread+0x179/0x230
[  583.680212][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  583.685534][    C0]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  583.691364][    C0]  ? __kthread_parkme+0x18c/0x230
[  583.696413][    C0]  ? kthread+0x13a/0x450
[  583.700671][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  583.705865][    C0]  kthread+0x370/0x450
[  583.709932][    C0]  ? __pfx_kthread+0x10/0x10
[  583.714502][    C0]  ret_from_fork+0x72b/0xd50
[  583.719100][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[  583.724241][    C0]  ? __switch_to+0x800/0x1100
[  583.729685][    C0]  ? __pfx_kthread+0x10/0x10
[  583.734721][    C0]  ret_from_fork_asm+0x1a/0x30
[  583.739601][    C0]  </TASK>
[  583.742651][    C0] rcu: Stack dump where RCU GP kthread last ran:
[  583.748973][    C0] CPU: 0 UID: 0 PID: 6482 Comm: kworker/u8:22 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  583.760362][    C0] Tainted: [L]=SOFTLOCKUP
[  583.764672][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  583.774704][    C0] Workqueue: wg-kex-wg1 wg_packet_handshake_send_worker
[  583.781888][    C0] RIP: 0010:__pv_queued_spin_lock_slowpath+0x415/0xc00
[  583.788720][    C0] Code: 00 80 00 00 48 8d 84 24 80 00 00 00 48 c1 e9 03 41 83 e7 07 48 89 44 24 10 4c 8d 2c 29 b9 00 01 00 00 66 89 8c 24 80 00 00 00 <41> 0f b6 45 00 44 38 f8 7f 08 84 c0 0f 85 c8 06 00 00 0f b6 03 84
[  583.808386][    C0] RSP: 0018:ffffc90000007608 EFLAGS: 00000202
[  583.814533][    C0] RAX: 0000000000000001 RBX: ffff88802d86f940 RCX: 0000000000000100
[  583.822506][    C0] RDX: 0000000000000001 RSI: 0000000000000002 RDI: ffff88802d86f942
[  583.830489][    C0] RBP: dffffc0000000000 R08: 0000000000000001 R09: ffffed1005b0df28
[  583.838547][    C0] R10: ffff88802d86f943 R11: 0000000000000000 R12: 0000000000007b5e
[  583.846614][    C0] R13: ffffed1005b0df28 R14: ffff8880b843c200 R15: 0000000000000000
[  583.854570][    C0] FS:  0000000000000000(0000) GS:ffff8881242e7000(0000) knlGS:0000000000000000
[  583.864027][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  583.870701][    C0] CR2: 00005555709054e8 CR3: 000000000e596000 CR4: 00000000003526f0
[  583.878669][    C0] Call Trace:
[  583.882037][    C0]  <IRQ>
[  583.884877][    C0]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  583.890759][    C0]  ? __pfx___pv_queued_spin_lock_slowpath+0x10/0x10
[  583.897686][    C0]  ? __pfx_netif_skb_features+0x10/0x10
[  583.903308][    C0]  ? validate_xmit_xfrm+0x44f/0x1360
[  583.908580][    C0]  do_raw_spin_lock+0x1e0/0x260
[  583.913422][    C0]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  583.918780][    C0]  __dev_queue_xmit+0x19c4/0x4950
[  583.923783][    C0]  ? __napi_poll.constprop.0+0xaf/0x450
[  583.929304][    C0]  ? net_rx_action+0xa40/0xf20
[  583.934064][    C0]  ? handle_softirqs+0x1ea/0xa00
[  583.938983][    C0]  ? do_softirq+0xac/0xe0
[  583.943301][    C0]  ? __local_bh_enable_ip+0xf8/0x120
[  583.948585][    C0]  ? kernel_fpu_end+0x64/0x80
[  583.953259][    C0]  ? blake2s_compress+0x78/0xf0
[  583.958103][    C0]  ? kdf.constprop.0+0x14d/0x280
[  583.963033][    C0]  ? message_ephemeral+0x5e/0x70
[  583.967955][    C0]  ? __pfx___dev_queue_xmit+0x10/0x10
[  583.973305][    C0]  ? process_one_work+0xa0e/0x1980
[  583.978415][    C0]  ? worker_thread+0x5ef/0xe50
[  583.983174][    C0]  ? kthread+0x370/0x450
[  583.987403][    C0]  ? ret_from_fork+0x6c0/0xd50
[  583.992169][    C0]  ? ret_from_fork_asm+0x1a/0x30
[  583.997106][    C0]  ? rcu_is_watching+0x12/0xc0
[  584.001866][    C0]  ? trace_kmem_cache_alloc+0xd5/0x100
[  584.007413][    C0]  ? __kasan_slab_alloc+0x89/0x90
[  584.012431][    C0]  can_send+0x5d7/0xbd0
[  584.016573][    C0]  ? __pfx_can_send+0x10/0x10
[  584.021247][    C0]  ? __skb_clone+0x570/0x760
[  584.025848][    C0]  can_can_gw_rcv+0x820/0xca0
[  584.030520][    C0]  ? __pfx_can_can_gw_rcv+0x10/0x10
[  584.035796][    C0]  can_rcv_filter+0x153/0x890
[  584.040449][    C0]  can_receive+0x2cb/0x500
[  584.044882][    C0]  ? __pfx_can_rcv+0x10/0x10
[  584.049465][    C0]  can_rcv+0x29e/0x300
[  584.053529][    C0]  __netif_receive_skb_one_core+0x1b2/0x1e0
[  584.059410][    C0]  ? __pfx___netif_receive_skb_one_core+0x10/0x10
[  584.065908][    C0]  ? lock_acquire+0x1b1/0x370
[  584.070627][    C0]  ? process_backlog+0x32a/0x1580
[  584.076074][    C0]  ? process_backlog+0x32a/0x1580
[  584.081084][    C0]  __netif_receive_skb+0x1f/0x120
[  584.086094][    C0]  process_backlog+0x37a/0x1580
[  584.090932][    C0]  __napi_poll.constprop.0+0xaf/0x450
[  584.096292][    C0]  net_rx_action+0xa40/0xf20
[  584.100981][    C0]  ? __pfx_net_rx_action+0x10/0x10
[  584.106082][    C0]  ? mark_held_locks+0x40/0x70
[  584.110930][    C0]  ? lockdep_hardirqs_on+0x78/0x100
[  584.116211][    C0]  ? tmigr_handle_remote+0x132/0x380
[  584.121496][    C0]  ? run_timer_base+0x121/0x190
[  584.126338][    C0]  ? __pfx_run_timer_base+0x10/0x10
[  584.131538][    C0]  handle_softirqs+0x1ea/0xa00
[  584.136286][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  584.141564][    C0]  ? __hrtimer_rearm_deferred+0x9b/0x740
[  584.147355][    C0]  ? kernel_fpu_end+0x5f/0x80
[  584.152025][    C0]  do_softirq+0xac/0xe0
[  584.156182][    C0]  </IRQ>
[  584.159096][    C0]  <TASK>
[  584.162007][    C0]  __local_bh_enable_ip+0xf8/0x120
[  584.167116][    C0]  kernel_fpu_end+0x64/0x80
[  584.171624][    C0]  blake2s_compress+0x78/0xf0
[  584.176337][    C0]  blake2s_update+0xef/0x320
[  584.180954][    C0]  hmac.constprop.0+0x33f/0x480
[  584.185828][    C0]  ? __pfx_hmac.constprop.0+0x10/0x10
[  584.191223][    C0]  ? __pfx_curve25519_ever64_base+0x10/0x10
[  584.197120][    C0]  ? crng_fast_key_erasure+0x1d6/0x260
[  584.202591][    C0]  ? lockdep_hardirqs_on+0x78/0x100
[  584.207775][    C0]  ? kernel_fpu_end+0x5f/0x80
[  584.212447][    C0]  ? __local_bh_enable_ip+0x9e/0x120
[  584.217736][    C0]  kdf.constprop.0+0x14d/0x280
[  584.222504][    C0]  ? __pfx_kdf.constprop.0+0x10/0x10
[  584.227787][    C0]  ? __pfx_mix_hash+0x10/0x10
[  584.232467][    C0]  message_ephemeral+0x5e/0x70
[  584.237413][    C0]  wg_noise_handshake_create_initiation+0x322/0x610
[  584.244038][    C0]  ? __pfx_wg_noise_handshake_create_initiation+0x10/0x10
[  584.251151][    C0]  ? find_held_lock+0x2b/0x80
[  584.255830][    C0]  ? ktime_get_coarse_with_offset+0x1af/0x240
[  584.261891][    C0]  ? lockdep_hardirqs_on+0x78/0x100
[  584.267076][    C0]  ? ktime_get_coarse_with_offset+0x1c1/0x240
[  584.273134][    C0]  ? ktime_get_coarse_with_offset+0x150/0x240
[  584.279198][    C0]  wg_packet_send_handshake_initiation+0x19c/0x360
[  584.285697][    C0]  ? __pfx_wg_packet_send_handshake_initiation+0x10/0x10
[  584.292702][    C0]  ? __lock_acquire+0x4a5/0x2630
[  584.297627][    C0]  ? rcu_is_watching+0x12/0xc0
[  584.302391][    C0]  wg_packet_handshake_send_worker+0x1c/0x30
[  584.308473][    C0]  process_one_work+0xa0e/0x1980
[  584.313463][    C0]  ? __pfx_process_one_work+0x10/0x10
[  584.318937][    C0]  ? __pfx_wg_packet_handshake_send_worker+0x10/0x10
[  584.325622][    C0]  worker_thread+0x5ef/0xe50
[  584.330234][    C0]  ? kthread+0x13a/0x450
[  584.334485][    C0]  ? __pfx_worker_thread+0x10/0x10
[  584.339587][    C0]  kthread+0x370/0x450
[  584.343643][    C0]  ? __pfx_kthread+0x10/0x10
[  584.348221][    C0]  ret_from_fork+0x72b/0xd50
[  584.352800][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[  584.357987][    C0]  ? __switch_to+0x800/0x1100
[  584.362853][    C0]  ? __pfx_kthread+0x10/0x10
[  584.367462][    C0]  ret_from_fork_asm+0x1a/0x30
[  584.372268][    C0]  </TASK>
[  584.929820][    C0] vxcan1: j1939_tp_rxtimer: 0xffff88802b398800: Timeout. Failed to send simple message.