last executing test programs:

48.744860244s ago: executing program 0 (id=6872):
syz_emit_ethernet(0x46, &(0x7f00000002c0)={@multicast, @link_local, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "3f00e7", 0x10, 0x2c, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, {[@routing={0x3a, 0x0, 0x0, 0x1}], {0x0, 0x0, 0x8}}}}}}, 0x0) (fail_nth: 2)

33.113102237s ago: executing program 2 (id=6917):
r0 = syz_usb_connect(0x2, 0x24, &(0x7f00000007c0)=ANY=[@ANYBLOB="12010000ed3ec908cd0cb300ea2d010203010902120001000000"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000000)={0x1c, &(0x7f0000000080)=ANY=[], 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f00000003c0)={0x44, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
socket$kcm(0x10, 0x2, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=@newlink={0x3c, 0x10, 0xffffffffffffffff, 0x70bd25, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, 0x4454, 0x2021}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MODE={0x8, 0x1, 0x11}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x8000002)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000c40)=ANY=[@ANYBLOB="380100001a0001000000000000001000e0000002000000000000000000000000ac1414bb00000000000000000000000000000000000000000a00000000000000ebee1aebfd494456905c7ea95d171acf8195c1bffb3e3ea9b8e17bdc2f16cb6a6358", @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="fe800000000000000000000000000000000000006c000000fc0200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000480003006465666c61746500"/240], 0x138}}, 0x0)
r3 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r3, 0x7a7, &(0x7f0000000040)=0x90000)
r4 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r4, 0x7a7, &(0x7f0000000040)=0x90000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r4, 0x7a0, &(0x7f0000000080)={@hyper, 0x1})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
close(r4)

28.664234141s ago: executing program 2 (id=6928):
r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
syz_usb_disconnect(r0)
r1 = syz_usb_connect(0x0, 0x24, &(0x7f0000000740)=ANY=[@ANYBLOB="12010000ed3ec908cd0cb300042e010203010902120001000000000904"], 0x0)
ioctl$EVIOCRMFF(r0, 0x550c, 0x0)
syz_usb_control_io$uac1(r1, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r1, 0x0, &(0x7f0000000680)={0x44, &(0x7f0000000200)={0x20, 0x15}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_connect$cdc_ncm(0x2, 0x7b, &(0x7f0000000080)={{0x12, 0x1, 0x250, 0x2, 0x0, 0x0, 0x8, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x69, 0x2, 0x1, 0xd6, 0x50, 0x8a, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0xa, 0x24, 0x6, 0x0, 0x1, "b477a568c5"}, {0x5}, {0xd, 0x24, 0xf, 0x1, 0xffffffff, 0x1000, 0xff, 0x6}, {0x6, 0x24, 0x1a, 0x2}, [@mbim_extended={0x8, 0x24, 0x1c, 0x491, 0x4, 0xcd}]}, {{0x9, 0x5, 0x81, 0x3, 0x10, 0x5, 0x4, 0xd7}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x400, 0x67, 0xb}}, {{0x9, 0x5, 0x3, 0x2, 0x8, 0x8, 0xa, 0x62}}}}}}}]}}, &(0x7f0000000340)={0xa, &(0x7f0000000000)={0xa, 0x6, 0x200, 0x7, 0x3b, 0x8, 0xff, 0xa}, 0x19, &(0x7f0000000100)={0x5, 0xf, 0x19, 0x1, [@ss_container_id={0x14, 0x10, 0x4, 0x1, "6e12ff735a0abaf892913e4b3e04571f"}]}, 0x3, [{0x4, &(0x7f0000000140)=@lang_id={0x4, 0x3, 0x408}}, {0xe2, &(0x7f0000000240)=@string={0xe2, 0x3, "a22c54472e252965430e69412ea990b0960718f748fb6d0b0778bf4cf5f01b0b42b4afba13106863769ffaec45a0304b92d5b3973d6256fab402664fe078087cab20c73feba0de14f1b4e981ad4ef0e4317396bafc81746050d3a1e705704c3f7a74e99ad08ab460fdb8595aafc521e6f33297975eca4a1c0c3d672698c26a2aebdf5c57a3307561d6688e88f778834678d68d7bb2312adefc2e3150504856fd0e82ad5d7c31397e142d20e06cd1b85c62e826b759bd3fd61f7093c2a7842ae30ac54bb0993683e6f688c8e3d2b906265ee4cf949347f7f3b4b82828f5308f42"}}, {0x67, &(0x7f0000000180)=@string={0x67, 0x3, "5f502c6de29179b50aa147a927ba5e8ad3adba84922c92c57a17fa7c9f521e4d29ec55e91c1a765f32a46b3c02fb6ec6aba584ed66b919f60c6b42b2a161ebf7b45eeed9679e3c82206ed65da15ecf16efe609be7ba71c1f1b909d47f3f48d972a20bf19cf"}}]})
syz_usb_control_io$cdc_ncm(r1, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r1, 0x0, 0x0)

24.58760795s ago: executing program 2 (id=6937):
r0 = syz_usb_connect(0x2, 0x24, &(0x7f00000007c0)=ANY=[@ANYBLOB="12010000ed3ec908cd0cb300ea2d010203010902120001000000"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000000)={0x1c, &(0x7f0000000080)=ANY=[], 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f00000003c0)={0x44, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
socket$kcm(0x10, 0x2, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=@newlink={0x3c, 0x10, 0xffffffffffffffff, 0x70bd25, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, 0x4454, 0x2021}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MODE={0x8, 0x1, 0x11}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x8000002)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000c40)=ANY=[@ANYBLOB="380100001a0001000000000000001000e0000002000000000000000000000000ac1414bb00000000000000000000000000000000000000000a00000000000000ebee1aebfd494456905c7ea95d171acf8195c1bffb3e3ea9b8e17bdc2f16cb6a6358", @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="fe800000000000000000000000000000000000006c000000fc0200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000480003006465666c61746500"/240], 0x138}}, 0x0)
r3 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r3, 0x7a7, &(0x7f0000000040)=0x90000)
r4 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r4, 0x7a7, &(0x7f0000000040)=0x90000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r4, 0x7a0, &(0x7f0000000080)={@hyper, 0x1})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
close(r4)

20.552203671s ago: executing program 2 (id=6950):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000080)=ANY=[@ANYRES64], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x32, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
socket(0x2, 0x80805, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x0, 0x4012011, r0, 0x0)
r1 = openat$cgroup_ro(r0, &(0x7f00000000c0)='blkio.bfq.time_recursive\x00', 0x275a, 0x0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r2, 0x84, 0x7a, 0x0, 0xffffffffffffffff)
syz_usb_connect(0x0, 0x34, &(0x7f00000006c0)={{0x12, 0x1, 0x0, 0x7c, 0x96, 0x5c, 0x40, 0x2013, 0x251, 0xe86e, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x22, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0xff, 0xff, 0xff, 0x0, [], [{{0x9, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [@generic={0x7, 0x5, "839935191f"}]}}]}}]}}]}}, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]})
write$binfmt_script(r1, &(0x7f0000000140), 0x4)
r3 = socket$netlink(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r5 = getpid()
sched_setscheduler(r5, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setuid(0x0)
sendmsg$IPSET_CMD_TYPE(r3, 0x0, 0x4000034)
r8 = fsopen(&(0x7f0000000140)='f2fs\x00', 0x1)
fsconfig$FSCONFIG_SET_STRING(r8, 0x1, &(0x7f0000000000)='test_dummy_encryption', &(0x7f0000000080)='v2\x00ul\x00\x00\x00\x00\x00loc\x8d\x8b#\xe0\xb9\xbd\"\xeb.\xc7]\xa67\x97 \xc9\xfc|\x85o7Z\xdc}U\x8c\xdd\n\xaa?4\xafq\x1d\xf6(\xe6\x9em_\x1a\xbfDi\x15\x81\xd47\x8e\x86\xa2u~FC\x9c\xe3\x98\x87\x98\xf7\xa2\xb5\x12\x8cv\xe4_\x91\xa8G!mm\f\xcf\xfb[\xd5Qf\x15\xfe\xc80\xad\xaa\xe9', 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x3, 0x8, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
syz_open_dev$loop(&(0x7f00000006c0), 0x6, 0x22002)
newfstatat(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', 0x0, 0x4000)

15.847323355s ago: executing program 2 (id=6964):
write$binfmt_aout(0xffffffffffffffff, 0x0, 0xc8)
openat(0xffffffffffffff9c, 0x0, 0x2d41, 0xd5)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002040), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0)
syz_fuse_handle_req(r0, &(0x7f0000009b40)="de98ee653502c564abeb97fc678bde22efebcf99c2d89952950acc703a3c6268a54c8b1bd1ee165c82980cd315b55a070dc41deeb2d4c1842d936a0bcde5fd7ed6031fdd9cb58ebfe8261528f097f309813b5722c24a1af8e6bc6ddaef7e85d2659690154bc5e6ee73c3fe7176509ad7b30e1098fc9873db91d3c1816825e710374de8d40693578b598922d9c523cfff93a630f121251d17ad40bce021d7fd57945fe2a186618a40b5f3995a9f0ceaa3e22b57e4f68e53fffeb5474fb83afaf5cde6b0aaf5cf0313ede442ddf1df6c280921e43d80dddfd005969272e1719b37fd8f749fcde83f8201826b4cf5b1c1da394568aa7d8833dd11309f46422b0152ede5ab29b17bc1ae80147346155b20a98d6fc2650bec3fe73327c45cad1b38f7c983cd070556a8f8ed5d58e1052f6436fad905099d18fb3e62c2c36a1c2209a94c820e30e5234e77be3beb4cd183015d281e7bf39cdcf0f1e541211c75d64a49b55ba4c2c444bef36d98df66bea814bab91ed65386d6a491a6295c24dbaf752a5e7a856e0dfe46a6f9e718ca3919c6f8978b0fd65c9e389114e5afd8e9e2a575b854463b63f46d08795f0f1d0d48d6d610fd74e9238de32ee3fa2ffef550336341803c083ac1d749be6c5440bbe4bd3bc3015bcde2b4e2160ba266d281a9641f74d9348fb6fa8550d1e8a8362999452e40b75c412cfa77ab8e1aaf1a9e83c855ec9b7ada38690f0d2e59f67a1f3babbcda8011595ea720816c24726b833beaca0a9d11e7b99373601d27d18c9e29940503d3a12149fdc4fe0065c3d023d6e7712eb853df19f2b4b886e08d61629288ff16c2597d7fae5bfc8b41f92fc325ffe0f61683b1f661409bdd7c3d88a854f8393484f4669b5d9654fd3a0819a32110b9064539a7419c332629b3fc71da35b783ef7c693842ce83733a63f2e6af37989cfcb768ab8cea5d21b82a0e9f6fdcec26b0107708867dec54c4e739fe9b931b3c6da013bfae097c57f1e16ba54f9028e672511938a0ad9d681d7feebc65a2f5f588abd66261393f3ba02d7b2cf650a9f7c6a4ca55b4d41132908dc9c90e26f0da8e2259e3a2b63b2d9e27754e278827ab80438070698c690ec375a9aeb4193079a28a2a062961ba0e65af01644af063f3ebefda92c4986379f7b099b2fd3960929578736f09887fc5816cb1b982e5b121b79662d1674dd0c6e82627cf8c63e576e5c1eb0af9415ddc10ff880e8ae3ce8c4fb87b8f9d364974c2a1d8eba4e04bc2bc018bfabc435683b2551c0e4908570b930c4fd7c03ddb95e9ec1d1994e3df0305fdac4e5b914641ae25b0c469b194c0bb78ab04887cdc4262da468475b926a18254d23b4c44705aeca34ef8a7b04dd55a43f39996529a23804e054655c5ba8661f7c02737e7539650364928d62b9b8d80988232009acb54214f06640e9bc6614c0ce02e4a22dc8b91a0aad711e4fd01d7020b7c7185e41e27ce266b9f5aec682cbd4bba3240d6277b17b564937254f37afe580cba0b78c6b0cc81830eaf10d7cc1f7e918d49e935629fe6c24b4368a04af1b99f6981340ee031874f3d4b3a9ebc31719b3b775bfe1fdfa0460a3820bff6f61b49b11ac2ca00836a0c4a74aed92a619f34231196669b942e761538e64f965d23d4f7814256e876263fe5307985c4e6eb69c974f66276764e80ab1de3f5c55e7b2cfdb78dd183a85473e968918ad73f29a266c818b9bf9f62eed86df25b2577bb6d98e3996e94f5bdf119b869541a94eb3536c979c3d77cc0df7c0c48a902ca2f03f5ba5a8ef9431cf95f6fc89744e8440e1d5ebb837e30ef7541fbc27672c31566ac3676a173cb9e466a2d206ba1ebc2b985eddcd6ff937375fbc8415eba46f5ec68cfa9f3a669d41b078867dd9f5160ba45fa4719f32cf877d4b7a6d77c977533659f7c7ac22c68f5e93c1df6c2a3d45b55a4afd3355680aed864f6bbe13da2da28a4851f73c88e555f3bb1c34a21fc45ab6c28287902e8b5fcae6899c804f364cd878a8d1734462bb075cb7bc709cc2c5d7747c4c29a2fa9259752301c26b852b7993adf889d45dbe39094c9b7b168756e5b939ed10bb6df57b8f5e14352cfc7d8b03cda5b978b06cf2430af5db17177b1ef664bc4b00307f970c4fc606a6bab72125f62b0f59655c35b104da7af188a953cfc09b3aa0785abf330830fefedcc8bf9a11d5dc4b5642f679d45cb44fe61ab1d906345c1c345f6b8027bae9585580c20115d2504d9c83ab54ea2557b6d2dd3bc65fa29f091aa46a215e77621836154104e6969fa9107139a19f2e45cc6bf55422a0e1a6d037ad9e63df5f9cd2045e13ac2d6a15bc12008c4cd23782df7d41bfecc0037292d22c7b42f2cc1a22db7502332d9f4fa85f7640c8635b9469681adb6bcec2dfdf6926f1815156d80a835ae918527f549ea6df45f350f618dc1f3ca139759be28e35013034f8bbfd3fa1a8f302594213c18015305911f42e287f2d86f17d76f8a0ea03fb574c60c808669f9f4454fc2eaf0e93873f688e34bd3341f6874d5d8fe754172a751d6ab23dc1642220e7fb1071df0ee3c7e07c338915494a3b360bdc0b38ed221c2c2bc86b29744448b255802b3ddfe600c1d0f9acabb2185e4e9dae5e456d5825f516c857f63e72e4a5f3d45eaf11a0e3a5ad0ba30a0bf0f94cc99586fd202d6118bb6f9c272f6cbe39dd9b8b36ea7fa51dfe0bb87a633be11c16a14d1bce8492387696e195fa3c5f172690b4434aa2e91ce7d225d73b1983d2605ec725aae0ae402cd2f79fc202a307f1896f3dfcf8c0fd8b841dcfeda5d65bb7d76f7c2d2eb1b164c0368e9984f320a224d7d438bc5c699acbc18a587b7589e960af114afbc9f59243646557962fc2e0cb5b5bf160a313bcfd9ade3e140b808e9f19415808aa312ae9c9e8bcd5a47fc721eda59d10670088714984a71d5c0df8b68e675a8e31ec15a92ff6a04d17e0ef849c782b302d11f742efe6486ab904fd65c0aac4ec25c6d877b453dce80e894de703aa8b1e5d00701850f149fe437fd0944cb95e54a924a49bd86bb9a602cf2904fbd9e399f1cdcd0b45b6d8f872e285f9dfeaa26aa760074651393c6451b36c643dd0b7236ec7803d69cec1b09bf1b63fbb68ad7c01507f00083b184ff01a62096f386f4c8fdc85e93eecf3f4b384aec1c10ccc60d8109a6d887bd389c3406163f9600879f0e944443d783e8644f69344f6f44f7bbf1883cda7369c9b9904d991c01552135f158a0bbb7f40c354f292c034824d82c209ebc770f5b756768ae51d45f8875b59904a07090689e65b40625566eed5d209130db812f287b966ae21ba46a3a7a3a0360a4e284d8d91ba9ed9806ea063827c8dda0fa98f758cbfa523ac645421f444a40b95bb065a64256c19354b1ad5002bb7b2add9b5236ad64e9052734b9d263515683db121b5e4dc1eab244dd8fc0fc62d962834ba0b21aad872b127afc0a33c7869a3f213519aa2ef51bab9ab28ed18859fd8239841a6668fc614dedd099121ae6c220a143c119cb9bff9068f65d0554b4c12105e59a22e91203a08ab8c718ec62c42d7ebb7b495e9e1be8fb7e4aab2777025da37b48d9d7b97578841a73898a6eab994e250106e096390c77b0600537be881ab7d81e3cb468bf1fe318b1e804d8df9875e9b8da22e6244997317391cce608085a28b8d070d654a29afab324ba3eecf427b6dfd43501ec0db919f71a932897eb37fe3bd64ab5a34ec60011696298b74ddd7a3710d3e444cedcc5cdc357f9dd58e67dc0ed3fc8df6dad82b3c00b4290c3280c28f78df052ec9cdd9df025abe8834616eddd5bb93379c69092911cd60761e7d14b426a83e335bfc8bf67a14e01df7cefb6023f0c6556534b975ed889de0d96d968526372402ce3d21a2c5c64a449dc3ba4ee0b5ceabc2fa29679e225681c8e946dc94b48af024bb1633e1860c7d8c14500967f24e2f8f46db537232a4e9f4abf8408f53bb52b035bdb89917a6f2f4bd22403ad002c2d936b785ecd965177e9f6235787a185d0eca92532f1aab16756ae86ece13925ba4a1fd08125102ae08c428d073aa426c4e792b5a4acf618605df1707021ce1eed62da4ee87334e34edf43338a0076b8ec739e2c31071e10c6a853e19fbf25b8a356527a67c8f7696dc184e374f4641f4e5b0aa345f1e6c4bfeba3a392d9a994bc271717a051c98d6c5b1f3296caf4c01d80ffb75b6fbdd0a0583f9d4695a44a2878df0c09a85aaab14522320cc3d2611603a34e52da03677a60cc87cc3c689975e5b5366c82e040b6643b8865d8bea0c84cef9ff85245a8b4bc41af1a50775b29fe55e42ac4b29fe80ddaf02e8c9bd07cab823f3d9021ac88236525ec045688a2fc9c6df66f549b10720cebf09ead919524f071cd128fb7575c84190c698b420f89b3c11195b5d83022d1f7e48afc21203995caf8f9286dcd5bd51b65c1af1caadf5a1b3f12579066855ff851075adb959dc3e086a7fb4e9a27fe80e8f3c0959b042486310ae7b785b0612e0385e36f50d4cae3474dd000c3957955534b4907b9480e2e5d83dedbeb76cb78d893c5b64dd51e31abc8e8b4c56b96f67c4b6e43861d91681af3270aae1a8f50712bd97326ee46a2640285b2902f051071d5a3400e99b76459956ac6908688c314bd8e54365383a65b186a6386cc5218e41e0b386759de81bccf5aa68f8608831a9d33ad1af2bdbd8579c5921cd8c3dd2f3bf1f123c742e118c76e2f43618bb7885e44826b7417c9ca5a139d774c16fbf74c8969c038ba6a54f27bab46ecc94d6455188d8dc1edf1da715c8d9976226877096df4158eeecced2248c7b88de0dd11a076db1f06bae4adba8286dc39aa62a55233886e011622ae1cf97238914a55078a78908145295777dbbc4e0d34364e0f3daa9eba6fa54c085777b18c0523818ff8710dee4bfeb3db549c3f38dde73b99a7b1b219282407a4e0ab3794089e21f6f2045ab6254ac3703903edb302fb2f0f97e47cca7969ad6b5b6cf27314137a04d5f4f29c193cfc5540592ab1342a1a9cbd514a7b4d6b23f724a5d7bfa6ffe8e3d9de29b8661139f179a0fafecf234f19bee75c25faffc765e02377d83e0ad0a0029c08f5c71595bc1b2fe88f0fe958f3f1f8ba6821ab834cab9bc902b2d47bd4b5ed52b5b0d7b3bc999b2f68879be39ddcb0428ce3a617b68c11459b746651f413d9e9a098cd2b5c0fcfd0ea1db2cde1672818d7bc73b053015692f9e9259a0153e3c9ac5e73e3343dd350cfbcaa57be93cc881a35063aec2db4ed71df2b1bd90b5ecbd84f399d4530c5450d622188423e151cec49673dc633e503c497d53843f4824750dc09abae9f2f465e92888715b6879f5edbab7bcd58f0899e1430ffb5f3063450945cb0fb3b5c3088ed6966c54dddae3aab489a80341b45a17cac02ae62749f209a7e16ecdfd86b43569c7b34511c65474acf2b2c18834e158e20957bf2320e4a6b9d63caea93b3a7dd4f7ba54443aba1ac2b6f2b27e1bf6f17d3fd1582462e0debc7069bb70e219654cbb99adfed54ab94329382163f2ab6710bb581d189cb3449a02c917c1f2d1d5f51958ce605fdb0e37ae5f3cb3f123276d43b2c26ea948dee863e0b679ecddf0fe41ce78bbca30167c9c7d6b0e9193c98090facd7205a490727e1ac49bb4d639348a32546007459c61c27bf8df87dd2ed3f3228b8193422a72d15f848bac13c6ffa7b8a767cf04866feb7c7a81267d7a8e890128d4709e4873223578aa7febdd562403c6092c0a3f6e0650772ede935ab6ef95e375bcbfa395e23ef1d73532388b845a95f158dc845a123f798176c73e177926d39abd38a910d40653006375110be2f2c5f6efc87b31908be36dd07c8ba5853519a37dfc4dea981af855293f49a3270bb67cdc17b780fbf2a418fcec8953dae927909a6bbbdce230d23113efad9c02474682dafc63311050cb4f3f86c282ff29728eefac5c678360122b4ce221bcec82d24e053a631a180b48bb8d2d4de7254d91a856071df51a1d87ca7eb5d19ac3def1fdd6ebd8f57c2c9e43cb6ff2fa00d27f279368f5ee29a84ba219a51d1f0f1965781164edbb3aa6209fbce6d40284fbb4a33f59bf9e1248100a623de16613eebc11f510b7718dde9f13b4c9b2b6a10dd932696cdb7fa4b5733b0377453471462762457d42038ebf8c0fb392ca7656ad1f050c326de75fffc698c48f5d809ae360ddb9856b9a54b811073233294bf91e46414441b6665f432201da12e49718b0d7929b6cbcbf310a09ce0d22f07ee5cfa8ffb9f03acd224641171ffafdf50f18be8fa3c907226cc1a6f3b16a776781a6396dbf09f689ad6bba4d537dad490a6f036a45ee3e224e6f519e44b7352ee3e7d3f0d89f8c7c8f54b6d2698c0298a07866c9d9ca09c96c2ac8efd7974294df6dd1bb0598debadb6135e7123bbfddf84870de54476a291586fc0e64784e65fdf78d462e8b51cbac38e7ff1878b11418f188220e3deb5367a2d90ad7d44395f6965cc6d680c59daac268c16814d1085302d0453b48e4a8ae78b8a5b6951a875ef42776f6d11955da7e5734a72b61cefcc6889b8f8d58db51ee78d7b1a8ffebd90e15a64654054767aaec24dd3b5f338b572496c8731049c10622b7f54fdfa43aaea316946291fee7bc9e64640e8bccf33fd1e8693b67020b49cf77faaaa8269e2fecc4e2b43c8c3378a4a9b9b85a4fe2c346c5512cda631542e0ff5706eba996f4f72e629b076d6be1966d44b1835ce664e3c6a4f18c68f5e32f900a0a167e547d5aa79c0aede966f83d00366a623ef8107e328654c8558d5e606f69a12b6c2a6fcbe0e08f945c4ad2738ed0b28d79c98514abe0819569c6e4f4751c665fd651aaa9ee392c330560ef6d57c0a97f0764f88433b2bf7641ba391634316b0ee1dac23a63be21270e50ea1ac24ac3b429a0b46c38dbd48c540bfb1e141b8b3df6caa179c7e54f2b7b1371e8eb05a30f13da95200ab70dc58325f6bea0ee9fe1f04154998df393f2b4ff4431363f3a7450fa5210e883d67620ae63cc41f72e74e26a0244de1ac722b6f1c1d293f7483b331a0efda65a4e4e9144547fe6dce2f4535e29048b07079329b63754bb124b9e046a6e97929b1f4a387765bf93804530791c9f649db6efbebebf46fa4f9af7ff2587130d0e70a32d4aab1dfbee6aadd1f3e5317e3d4c8cde75b1479bc3dd16ea35db3dca11cf1eb1d2bbac60b83605e171619d85fd4b6d0e24be8db76df12efef05eb87473b832e59f3039df44ef034e5e7546b399cc817a41b2f020286ff139072a5b909ebb185a3c955cf88f4a9929b2112e0a9ab43da0288ce3ea268ccc9f46f852d387f5d0a2831dfc8cb0bf593905ba376c069b8c9b70558ec826c5bf9835031199c4c6d84c913da7e9e7db49c1d34511d917b9ad3c40af0598737d58fd61b8f2adc46b73a284957a99943cf73414412fa5440a5f85b63c20794d122c267fba72bfcd0e2741642fd8ff5a0ae1ffd8b30d852c053d0e31f505ca13a21c0223a8ee77cdd92de1b9f87ebee4ea332e9d4573d7efb2ad3f50c35fb7a596c4edb4b72bf6df5a16ffe3c8a236f2cab8c0712ac26c2cbcc68c1dc45209b579c952c7d645642aeed7d60407ee2dc168179d536da950108e962c5c976d3a05bf5142466ee38939ee94e707a0135f99c99b5d6376f63c711e4f64950f08dbc931c812f34735d9eb1c5997770d8159068cdca2e0f192311ca438d613728b544d6a3e50ae0e4e6b1eb611ce55a96bb2f991d49173073d8547f5ede69d8b587a34bb8f637297a15ab4fc45f1384bbd19b3feab5fb81322ba831386eeb6067e55af374c1b1eb9613a6c41dfe2bbbcfad157dd042c67c44400b350f0dc40a8611f2e947f32ea3ac3f609027b5dbc95b157c13216fe7c35edcc82950bd4e38bcb02b63d2576489c331a222e013e73b5333694889b184bedbbb6fdd6fd40a62b1d5d494e68cd2aefc264f74bf70ef38373e599faaa326f574ae32b1aad86854af22db8c9673d14666aa7c0c3bbe0d76a835ba4b391552777ed20c5c6cd0aa84f3be73ca0a3c128914107fb8fc02220317fb111cf13398480cd3325582a7e55f4c4ef5a258bcd01a97615e95f89c8064d41d04340b88cd5f4b1d827a030637145d98422facadbbbce97dc3060402a7bfa73d7b4dde53184a0923c0ee29c6e8e2c35e396808df2481af6aab053b619fcb2833f14f87051c5461567c5f8dd40383a7521971775493f896e18c78bad8219f88258ea686652780c03ebafb63ecbfcb23e24d52a2f88a77ed3b2280637807a5e155f4fad7149b76841772471a3b77aa42e8058c0af1ac2be9d88b5152851708f1a77582b3e31702864ee6a244a38f3f95d9797a60cddeb5ddf08cc48fc677f03f9e717ebe7f472883e5a6a7df31ca4272228f26991460c537ebc8aecb6a0c34a763eb1f57124fbfafd6db4c21bedf6723b252aeb21eb1fd9f4f811fd3e2e764422964761b2ef3aaaf986a48f7be66f6387578f9492feebc97dfbc6bc97380394a5635dbe582e52a1fb18ea8fc4e53974c63d198cf0d878ba8a8d58688a037c0f753c7073337ef3da4c134ef939c98c8806d09943591e6013a1342de7c722f993fd7eb36ba8e8407d1ea60eb5724b0d6262c70469dbd8ea1956b8d7f5a77707a9cbe2137079e7abda3966c5bee4fd86e8a3c4969bc88ff328a2adc8f4546f647575866d5ced16df06bf40d9a5f178f9d19e490bd76e187c441e7de0e571f6cea5512ec9bea48903d91a519dc82defe34a06b0244d623090b5a250786bbc66c1e76db6b18d81ed33c81a7c93782d5cdbe0a7cf7d1ab29c04be6ff4a9bbc10f716a67d52fd52d91425abd2002cf83c3797861db5fbeaec745a552ca4a50604340f2cf2c1b10e9ba76c8ea43b283c73f774f8be213f17f70cf93b9f6a8bab1f516a935e80c3cc6756945edafd572e6e00840eedf61fc40351869f03562d8c13006de585a1141c02f1311fbc8e45e4b3878c32810698e4764a6e8495f165eefee35714a1794f9ab50897c5565ab745425933d9d6272a172c1f2a274f9ca7bc8e1b01a27b8bd06fd9dc61880789696348c99e9a70c9dd2a62ca04d1f86dc87380b618c2a78b16229d614702fce242fa17ea90cda2648f9375bf7e78b4267d558983e08a9566d95871998d23cc6d22c23370ae067b677609844abc140df81cbd9addbf657fffaab5c22c479acca18f3e4b508cf01ff7b2ca308ff116389790f26f2c7635f89c747a5bc66f61de575653069349a89fd7e3dd785266b7bccf16eb8b4a8a86751de60d33e17d64f6e4e0f9d13a16d243ad7364114db7ad011f094c4debf20a39e35e7eeb440bbe8811db2857b965edd1e2675ceb1bc9a1691f123dedb341962fbbe539485d2241b0409adce2587d035187a0dd5a62076ac4eb5c3e2f4455569b6eac0fc16155da1774cbe505dc92e2087585a7846bae699bef32e3c5ec2356dd4433ed29d4b03ff7b38f7b3cb96b92874eefda6c2e0e326214e40f14cc2ef80e1cd3fe226257a423b8ff5bb368b87ac7066c5136487775b5b122a858334c37f6a3f53d758c3c866e2e79daf9aeab36a59eddbae2fa5b6d20973014196ef0a4cde1373c7297833e6f1e46828f4a42eebd829dd4f17999abe285218ed5dc6007b21bceb588a213b29dbb1ab1a79b41a12df26fe35f0cf6a310c9e50cf10d71ad5960626e4efec211032ec4ae52512001362ba4108d86eb774d2d4d0364cbb1dae68f03a774e328c2dc09899ee80c05ac2a8e3ba905b0b3b7a08a3df20b505901123e7dc0a15db48d09c84189ca4345c23c2010c12cc35287fad30211cab9631e148a7c1e8bfab61ced30e098d1c3cf7b6a7fbd8288dfdc48044d0d47c17f129f6b5d751af1984d395ab1b08ccca3e7309a89a8a36dfc3fb82d2a4269bffc32571438d04a7b98137b46ae1fea1bd9ea64f99e2f0c5f12ed84886b10bbd511993b0447036c4e57b9dae6d5bdad6aa3f2d12e62471194e43111613b8b6944c2baf1f539ea14dd76c356bfef7e3d4b6fb91f6d321a796a4bce5a4c6a5caaf0f3eccd914dea21ae909be7ba486075ff6139e7e351fdd7e98013ba51ff0248852398c734f245ffd7fde8cacfa4805496ad7350b1c96d7bf9da9be492f2f414e973937ac9109b6e8b8315aa9b81840f2c21239caf85a28f0e590bb6ad12148e75bd4d7ea69a9ffb053781db98d5fb5aca30a734017be7683a559c203c006ecd4b135afe3650b906e0aa208c889f2af09f3f8263260c3bd07cf8021124b6f0e0d021f9839e47996905c3d7562df810484552de3bcc9ae054b62a01af6a7991e4d63f30c7a92d8b58e01052e53818e64d7540a3208af321709a5d891ceecae5d27a999b00ed01616a73ec8854ca61973ed1fd3d82f8628b215c55eb7908e297d77098a7b0c362709005a7d13c89c54556589b2a926c6e08cc1c0afebc7eeb5d7ae4ef0507c91b8e706e6dbf83d898819192c812554ad1c6377871a8ca50f1325630f7b5266b807ef61d0c8d399fada49cb02a14c16d39f4fa7b81272573808e761c9dce7cfd12f4f18dd06b0ee471c166e095bf84aa4aaa2d82f1afcf09e5d960257c0a8dc404225b4b62187829c59e57da50bf848d72fabfb69362c117c6913541f84095a2a4ccdd2d30860cd96640bb2315e435a4af08c62c584ad129300adb02a871f3c548b96c4f6c47efdf4a1163a8a5ba9b4766b01437bc5957324660a8cd87df0f7e000d1309e896e3ce9f57b17562c9368a95a4cf66b3a5b57f0cca563b045452bbc8ad07b96fd0322728ccb3b05bfda14ef36ecfa2f32c5aa899811a67f2d62ed970db5723d6e4e4913c98c81ed6c03469112c23549f7e20be6401c6544db9078f34e6a4ad3cc868bace2e7ec6ea17225986f9e941ec67d9a3fc57958f9df8a60f585aa38b1769e26ed3f68dd85685b2cefae9dd72a18abc0de6b94689785df377ef4a812a6abc7f738a396f0e99ccbc5731801c36e746ab6b1dda88ca6ecb899528e18543cb3dfd439cd5be566594f01a4533da3638e6331fedf5b67870938ad044aa0dfdae33e3a6258ad40baadd726eacb1f3c1eb8d83ef4e185d7603a4f1eb006d90bf5849e2f65d37ffe750eb061bbad08a0c0cfabb9abf7f27d36ee5687d23feaa923e09d2ae905410a9193f21ed9b1d6331bb1f3babb90da2f2e023a6ceda4b4fe0f5d864738ee7f65a0b136021fbe076b4adf2d3af760e1361bad7ae35cb7ca010ddf4488255a2d3c492d0b26a1a5643f998b5d04a52a59f176d9bda85c916ff901329f09fe953b030b92f6415172476ad89d3e8cdcb4eda7dde5d4fcd5d6a584a312563558e784b0f9bcea7c53d26c3f2d3350c70a5e06a67c4c0373dd6279e29c320e6580fba8ab2df3039c289235c066af1b07dd112f25b25e292020f36c1aba246cba4e054d64b38f53ed57a712dffad7d3dc97f86af511638a2779107fc55da63b6498ea5f3ae36883163e5bf2324211a61a9889278f828e58daae797fdba9218d322da7aa23db7a48a00", 0x2000, 0x0)
lstat(&(0x7f0000000080)='./file0\x00', &(0x7f00000002c0))
r1 = open_tree(0xffffffffffffff9c, 0x0, 0x0)
fstat(r1, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x88}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000380)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff})
recvmmsg(r3, &(0x7f0000000400)=[{{0x0, 0xf5ffffff, 0x0, 0x0, 0x0, 0x4000000}}], 0xf00, 0x0, 0x0)
shutdown(r3, 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000000c0)='tracefs\x00', 0x1214040, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000040)={[{@xino_on}, {@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x4, 0x80)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(0xffffffffffffffff, 0xc0a85320, &(0x7f0000001400)={{0x80}, 'port1\x00', 0xe3, 0xb1c07, 0x0, 0x0, 0x8, 0x0, 0xfffffffd})
close(0xffffffffffffffff)
r4 = fsopen(&(0x7f0000000000)='bpf\x00', 0x1)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f00000000c0)='/dev/sequencer2\x00', &(0x7f0000000100)='\x00', 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140), 0x8417f, 0x0)
openat$sequencer(0xffffff9c, &(0x7f0000000180), 0x41c101, 0x0)

12.110418597s ago: executing program 4 (id=6977):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000140)=@framed={{0x18, 0x8, 0x0, 0x0, 0xffd0}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x0}, @generic={0x66, 0x8}, @initr0, @exit, @map_fd={0x18, 0x5, 0x1, 0x0, r0}]}, &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0xc}, 0x94)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x41, &(0x7f0000000000)=0x2c7d, 0x4)
bind$inet(r1, &(0x7f0000000240)={0x2, 0x0, @local}, 0x6f)
connect$inet(r1, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
ftruncate(r2, 0x8979)
r3 = syz_open_procfs(0x0, &(0x7f0000000300)='task\x00')
getdents64(r3, &(0x7f0000000100)=""/50, 0x32)
ioctl$SIOCSIFHWADDR(r3, 0x8924, &(0x7f0000000380)={'veth1_vlan\x00', @local})
sendfile(r1, r2, 0x0, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000002c0)={0x6, 0x6, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x4}, [@ldst={0x1, 0x3, 0x4, 0x4, 0x7, 0x8}, @map_val={0x18, 0xe, 0x2, 0x0, r0, 0x0, 0x0, 0x0, 0x1}]}, &(0x7f00000000c0)='syzkaller\x00', 0x1883, 0x0, 0x0, 0x1f00, 0x43, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000100)={0x1, 0x5}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x8, 0x9, 0x7}, 0x10, 0x0, 0x0, 0x6, &(0x7f0000000200)=[r0, r0, r0, r2, r0, r0], &(0x7f0000000240)=[{0x3, 0x4, 0x4}, {0x3, 0x4, 0x0, 0x9}, {0x5, 0x5, 0x6, 0x1}, {0x1, 0x3, 0xe, 0x1}, {0x5, 0x1, 0xb, 0x3}, {0x0, 0x4, 0x1, 0x7}], 0x10, 0x8}, 0x94)

11.665598896s ago: executing program 4 (id=6979):
syz_open_dev$video(&(0x7f0000000000), 0x485, 0x40000)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, 0x0, &(0x7f0000000340)='syzkaller\x00'}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x10001}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendmmsg$inet(r0, &(0x7f0000002140)=[{{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000300)="17e37d3e10", 0x5}], 0x1}}, {{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000540)='oC', 0x2}], 0x1}}], 0x2, 0x2090)
writev(r0, &(0x7f0000000140)=[{&(0x7f0000000340)="2362d79a0863cbe275aa78833c49e94ec0564f297e4c39ee828604a63240618f810902091a41d72c385e594199a02b55edfa250678abd622fb4d1f72aba98e4d65cff0a374d60fcda5f0839db9725dd8db707f2f15111c686487efc7f6759eb17a20c112e0085af6b6b021f1048e8c34ea15ed0ad01c0efa96bea6ba09ccd73776048457eaa2ebd6a6a6da548642edd52ec6b3c6f5b4e1d8be922a5a713fb78ffc1ed49e4404b411dfed0ecda2e30681f9", 0xb1}], 0x1)
r1 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_DESTROY(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x1c, 0x3, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0)

11.426636185s ago: executing program 2 (id=6981):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f00000001c0)={0x0, 0x1, 0x20}, 0xc)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000000)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0x8a}, 0x9c)
setsockopt$inet_sctp6_SCTP_AUTOCLOSE(r0, 0x84, 0x4, &(0x7f0000000100)=0xfffffffb, 0x4)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x3, 0x10, &(0x7f0000000480)=@framed={{}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1234}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}, {}, {0x85, 0x0, 0x0, 0x89}}]}, &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xa0)
ioctl$BTRFS_IOC_TREE_SEARCH(0xffffffffffffffff, 0xd0009411, &(0x7f0000000ac0)={{<r2=>0x0, 0x7, 0x2, 0xffff, 0x4, 0x8, 0xf20, 0x4, 0xfffffa03, 0x0, 0x6, 0x8, 0x0, 0x9, 0xe000000000000}})
ioctl$BTRFS_IOC_TREE_SEARCH(r1, 0xd0009411, &(0x7f0000001ac0)={{r2, 0x5, 0x2, 0x81, 0xf, 0x3, 0xeb2d, 0x1, 0xfffffff7, 0x0, 0x2, 0x75, 0x5b91a242, 0x9, 0x288da89a}})
bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x34000, 0xe0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in6={{0xa, 0x4e23, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x9c)

10.6055629s ago: executing program 4 (id=6982):
mknodat(0xffffffffffffff9c, 0x0, 0x21c0, 0x103)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000500)='/sys/power/pm_freeze_timeout', 0x101a02, 0xc8)
sendfile(r3, r3, 0x0, 0x101)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000380)='sched_switch\x00', r4}, 0x18)
keyctl$dh_compute(0x17, &(0x7f0000000800), 0x0, 0x0, &(0x7f0000000280)={0x0})
add_key(0x0, 0x0, &(0x7f00000003c0)="03234b4327f677617ccb29e7b31c5f25382b6c4ecb82efcb8f3d2b06067253af3063159e701f8b643d889f", 0x2b, 0x0)
r5 = getpid()
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff})
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmmsg$unix(r6, &(0x7f00000017c0)=[{{0x0, 0x0, &(0x7f0000000a80), 0x0, &(0x7f0000000bc0)=[@cred={{0x1c, 0x1, 0x2, {r5, 0x0, 0xee00}}}, @rights={{0x18, 0x1, 0x1, [r7, 0xffffffffffffffff]}}], 0x38, 0x1}}], 0x1, 0x4088040)
add_key(0x0, &(0x7f00000004c0)={'syz', 0x2}, &(0x7f0000000500), 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000240)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
socket(0x2, 0xa, 0x300)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000300)={0xffffffffffffffff, 0x5, 0x1f, 0x0, &(0x7f0000000100)="66d4492a0a1b30e6f5d85a6d99", 0x0, 0xca, 0x503, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe, 0x9}, 0x50)
syz_emit_ethernet(0x3e, &(0x7f0000000140)={@link_local, @link_local, @void, {@ipv4={0x800, @udp={{0x6, 0x4, 0x0, 0x0, 0x30, 0x67, 0x0, 0x0, 0x11, 0x0, @private=0xa010102, @broadcast=0xe0000001, {[@noop]}}, {0x4e23, 0xe21, 0x18, 0x0, @wg=@data={0x4, 0x8, 0x6}}}}}}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001400)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r8, 0x8b19, &(0x7f0000000040)={'wlan1\x00', @random="0100"})
socket$nl_xfrm(0x10, 0x3, 0x6)

9.80453867s ago: executing program 1 (id=6985):
syz_open_dev$admmidi(&(0x7f0000000040), 0x100000001, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000300)={0x1, &(0x7f00000002c0)=[{0xfff, 0x3, 0x78, 0x112d}]})
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffdfe}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x4000000000002e6, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = getpid()
syz_open_procfs(r3, &(0x7f00000000c0)='uid_map\x00')
r4 = add_key$fscrypt_v1(&(0x7f0000000440), &(0x7f0000000480)={'fscrypt:', @auto=[0x39, 0x0, 0x0, 0xef3621d210fa9385, 0x38, 0x0, 0x0, 0x0, 0x34, 0x63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x64]}, &(0x7f00000004c0)={0x0, "3e82554dc8ccfbc2e85ec82d4ee9df60f6ae16b1a5f2c848722ba3b132e4fde178c945bd950b0477e801fc8a1be9b4ebbe9c2289a6b0aa00"}, 0x48, 0xfffffffffffffffe)
pipe2$watch_queue(&(0x7f0000000140)={<r5=>0xffffffffffffffff}, 0x80)
keyctl$KEYCTL_WATCH_KEY(0x20, r4, r5, 0xc1)

8.563246829s ago: executing program 0 (id=6875):
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@local, @broadcast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, @private, @multicast1}, @address_request={0x11, 0x2}}}}}, 0x0) (fail_nth: 2)

8.56097061s ago: executing program 1 (id=6986):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'geneve0\x00', <r1=>0x0})
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={0x0, 0xd8}}, 0x0)
sendto$packet(r0, &(0x7f0000000180)="0b032200e0ff25000200475400f6a1", 0xf, 0x0, &(0x7f0000000140)={0x11, 0x1c, r1}, 0x14)

8.501824259s ago: executing program 3 (id=6987):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f00000007c0)="e13bd192fab81dbeeef0b1a6b8bddfe9aab8a244795506ebc3ef4d47e412f1d502dd256b80178631571f90d16e604cf61c13754e11547e9218ac8f770de1b46e7ca6c178cba7a922cbd25a19e1ae2fb96e03ac4ffcd9ed720feea744603d934066a91d115b8254163ae86a666be49df70e85e3fac2ee3ce49e40fd4b61368c6a1ea1ee7476b215103658ec1a74c04538d15a2af8e6845e6c430abb2bb9c3cf6640913ff944a78cd4d3067c9d09f6116a5af064fd317868b95756d99622b2c83f2a4981e8d7b3b7831ff03c10d11a1e87170cba286755b1e96f751f06e6360c216105463f003f2304cf5325db969a0db8a289559605613a902bb6a49ac028bddd4531e3f058370623ef3242950b737462c041a3abedb1c1f8f98300ad39540bc045fa4baafaf56de59782548c9298247b17a994df8f4a24405310aab7ce115f3d12019bab3c853aa829f6490ef79fe792158cb24d0be621cb5a07baf00860c2309ddce6a0da4a2d207acaea6d2a3da944f155c11064b2fc7296c6b020997a864d1ff3bb216f6e528e6bc30d70230728a09c95f0762e5d969652c86df9fbf616621fe43eada8229e793ebb819305e35ef3993dee9a617fb9805991880622374bf757c62405de0ed2975a17a08682884babc17436427e20242c9fa23a001b2c2dd80661888c2477a868bdd13426906388c13532bb77ee68eee40455b6d31d240b6a8fcdeb8612a967e9d7214c881606b547374d0aa41125d614dfa9238f3053df32ad70f699afa10da742dd980ed1b553c4a704ca9ab19252dc61e48d5106b69d780ff5922d973e7659660a72f66e9dc252c284d7e4ef83999dd5f4d6a570e53dc8cee61eac0628a40fbc0bae72aee8496ce83f215ff6e136f110c711cf7f1b13ac2117c04128eae3539126971f81e571a3619542cc75ed016a3bfb3a1a52d776a5465e0ebb1ed77f6269ade24fa72baf8465cc343b879695ae68e6ffe2d19824c49cb64f4a1db596f469c3f7f3eac02e597d3ac1e7f31bf270d7586202bd0ff36a4cb0e9acf594315b858cbdaec16165ff33305a6e1182e4ec7378fdede95fc9c952752b001f7a3cc1eb80f3c0c92e8e665af3cb1cfe7a62bf3fb0b86f3bde45df90b936e158c9a9f6041bb9f4aa4fdbf63e68985eef608a7c1c62e47f45ddd6b5c9ee43cadad496223086c023ec136f4002648b978fd2cfa20f0ba4331f2c7a0784a674301bf5a688d01789e119e447fe0971920b5dc7219e93bdb9e8c6b9a98e6733e91b5564c7cd736554a467a4972a56b6f6508b4c2a36643cdd6530e02383a5fc407e52af962a60840932b9396a8b31f8ab1aa23fa3da6a239deaaf695b4d614b6d0f86b5b6107852532a207bdc15195dc7b3fc1a272cba1ae4916d710d4d4d385b315545a95d33e4c98609e5af8fff3d2617098c2a8324f385b9a5d7c385e472dd0291b0fc22a7f40c02d14752620741108c7fd8fb9653738616f71526e52d7ff8aa2bd112bcd7e0363bf886890754c7fbb4027cf648993f1cd521d727e157c6f4bdd598c9484e508874e2ce9f0ce785663133c9b99a78e65add48f77efe0eedeb9e41f7bba7c35c94ba39d573b2558e4a8656f2098631f3a6ba35f916f56e000b41ac6a6f637c2bcb8a9d1a7e519331ce9baea84028b200b75a5a051ca620e9e48e8f01a69040d7334c03f232e5077ce02f02ec4d6b1e362a7917f70238724fa4b142474f60e618954cd2f8d6448d83ab63f0bca6c7d88a21d3463427fe2cda9fef9de06eb95352396576de146ee28f04d01f57b0e5596eff1b5d808af6ed0ef844ef89ee933106422ce4555c295218ad6598265e6408a7d7dd9bf50cef19568b2d4216cc655a4b6671d6256ea31fee66ecc51d42e91539e3f34bebf0d6b73d73f14833d77cd456eddd3687d75a11b134063fb9843cc14b3e72d4ac98f282128685ac708aa41b6ba6230cd65dd9f1da0aea19a3b7fb587ccccf997eb4046b8b70a250ffe80ea2ebe8510911ef545d065efaa137e78bc560ab116874cf473fd6fca96f44ca70af7224a36eca461f0bab8073605ea4b69ce50a52787df9b68b7cacfc25a9741d83a818435e5ff50caa045b027963e5e21d9f015c067b873e78779f01c7b78a1a2c2c2e8977dd5f7db5232b2a3bc816d2f531b769459a61b96b230e577fb681116963a0b955c80bbcee99289a84936458b6cff0f2963fa3bd75bf27341a4f36d7b75bd2f858770b264de00988486a42877f3edcd4e3e373bbdb7b20bc326f7a75cedebfedd9fb7af013de557d7d72b7fb6f5a1093b5fa0cbbcdefb4c5b73cdb2c31cd4e0fba270f9f34929f065da806de17a1819d3832bc8a58ea8435bb2b608edc8eb8c456238608cb673f721f4747814dbfc1092831f3471b52c333936a7f36dc4ed48ee00881b6cda508307228df435609506c9aedc8540cf64ac26a1c06681330a04327eb304f45d60303ee2f30a6112a624e3c7454630cb546086de8c7610ee92a9f7684cc1b6f46124da907df3c1be387898e93847f6699b2ba2ce25957a9287dbb5c787f69364b531043cd22a04894ddb8b057017e0b934a6be1d4f34a714c1bc3eb6d843040202218f0c1160e61d92e192c7f763800eccfa769b62396d9b8a353b2f752564be04b3f13e254d4e4cefa1d6d64f168fe0c2245076b05e802b187f4e911235ed47a554dec15a0e3d408aae905c61628f6c0c0e21c2a0d61297e1358c3a7d5dc79bfd64a52fd1575c7bf8203af47f93d463f5887a5f7c31cd83b9cf890ff8c05f94f5903ec18a740821bc1a83a79fb03c9542bb5a0fdcdfaaffd2d5d43f8c6ba2f17e1636521185ee4df0039c1dcef9bdab6795402d73dd292f97b6c602cc9b26a6ab0e73f55748dc1bafb921346cc0cf26cf0829174778faf3f86f553d4b3902be70c1219d098f53db47bf538552f0be6e34779bab7eaa54860d83b18a563ab836795c4cec7b611ea72a9213e72abfca7df22e9cf7adb433b9062a5f68bfd2b5c2b170b6f808919c79122e9ed14b1bd795937cbf695f3be3785884fe57920e00126a7a7d86bc4bcb7f2a41d348cce981dfcae6f9c22ed583fa600026110ec64080049084c5fb18c9f0552f63b3662b1579a7c09bacd73e45487ac5cff2a370d1b9cbcd5fa5df33276e8ce51f29dbb59f4ae15103fc844d80ed02a7bd049192f96695a895ea7dce49b319a668f00831fa4b34d9c8fc6b0f4ed9ca3565c48e4bb021928989b49598a915302a49e5374e4052d9d4352be8b51dc9648dc9b95fc99b2fb9c63aa70b7ce98ffac21e31c29bf8675a9772f1f38ab25ddf7a3e168a475e1e9e636a8ea5efbd0abaf15b06d096f60c96f03ac9628c5fb141120a50b8e1b43b92ccbf1afb7f627c21af0397a0a64c40ee643edc8d73242454c7e626d7ee808cd697b9918363b52143d39a6e7f72c734c92897bccb63608d2b58f8ab8bc0fb940149f31b3314f316dc02d82d748ed51d8a7b2bf70f58a45435905ed8e8cae91a3da8feb0ea257b34ea419c0f09336193ee1c3410045f5e4feddb76315fc8fd44afb0226e0ac19e0b8ba2f42e6720fef564b76b36b080563ae895e0d65ddfcde7bfe9f9aa43c77b46fa0539d56852bfa5aa1ce8f5e6632c52e4b93a42b586e345e318a5bfaff0d6c9e3f83559698c6eddeb03d60776a66cbc55cf019a9d658d768d90f99477d1d8b2517b97fd1047f2b5a3de80ee5bcf0f54c181042791f73d910b1ae582124ea7ff6a7256671188087333bbe40683f6636adb86dc4ec0a354bd121ff1386bd15e7be3b85d4927864cb5046243383bd7e9c2b4f55de09927a940910605032dea0a9b1f4f40236b563efdb2ae41a0cf76ce09313b6b88003a51968e41632488abd1b672d461a9f4c0607c96ed025dfcdd9dc3b9e8a93e1d0945dc0e6ba2f05bcfde8881b114332ae1a8b83ba98251338ebc0e1bb1c402f4a7b0f385f98d564f8a80bb6a4c594701634965b84b86d0e8990ff61cc9f7ed563a1c7b6309c2b8391dd1a94803e315f844d1c4a6e7153a0d20dde96190fcd6ec52f3048670fe53c5c0697662becf19dc97b0c240468d6493c6aba2f7c7301648c069954f3d932676f4e44f7f0b763b65e24a17754036de4720081c8d242bb620bcb7b2496e62ff836d765e2cf9b8aeeac91abf549501e4c32e3f2de611dee7907594eb287ee0e917f8e2a4c40ffc2e779f243030cbdf779f7d9b5bbd199009051f81d1ca71b93d1021e2ffa834c31c3e4c8b3ffabd1df097bcc0367e68fb3998854d4714407e85b1b20ed1a7444718a0e44e0ef496186e53cc5d09e18a6c90042685a9f22eb4b56626959800f3ef4891d9b53b6ea1e08cbef3eeb64bc9253211ea8d871ea70c70f653cdfa37b8d90110c7ce0a87a719c717876dbf74ce3532dee5997174c945100b9b3c698c65cf63f7db5867bbe1a7bed42c0b521c43951ce99a8f60ac49f0d12c1f1da5a8219ca878f87613b2283379999357c908b95e2bb249383d202affe6cf1de9ec14b27d85429f9a92b62f75e9a5f029dc2d3e944604683f98405e2989c69bd090997e0eef2f833b48c9b95d4cb8274db435c8279e25a5303f5b265de1c6377cf5ce1370a1810d92b59dbe884d23738cce76848393cf9309ad4febf589c1f628b3eedba222cfd54a51b95778ba6dab84b3d70534e0305a24df1509a936486e576c4921adc7e64314485843cf742c343fd6c36c7bef72e360437cd1d6793880aa618abd6329f27257147410f5095e942777d2e0e6e60a56a3dc662a976596e60fff709901602477adc51af72a88aec7a9581b4078c41ba8deee514937f73954d765ae659a9680330037bc331ad96a3c052a7fa01ef2d28573d91d74d06c976b4c9fccebcf4670841ddf1435650d07acf74b8d018969e835941103b4734baa1f768c9aec4860edb52a8feecdb2cd50624ec857d99447bf99187a765cefc4319c66ccbfabf38d807fbca57f92049501de53fa29e9c9a16e38bfec23f0ae0bbaa9d1b9b82f237e5cea426e3251d0c8a801140ec5bdb3329864c062c09a3080b3404048b3d333bc7f649a55aae48138b3e3ba0485d93aa2d77814deba0170dfa60f33d81b9688ba2c0e236b009ac26e2608b728ca85f6fbaf4fc96b64f296a6bb5d65cecc29f987ca586598727e98eb21e3eff179dd390586aa21afe3cfbc90bf445faa4c0a990a9dd0e43d9041d5f6fb281b232ed3a7ac711dba1edec8a4113d28264cd348a12fbaa09ffb80374bf7e3f51ac16e022eae3c0a0582a8695560a8340683b15c757135409d5ff2bb635767a56182c02009220b6d25c6c9ef9eeedc6e17e6f9f4720d4025bcca92a9d6796799556f860dc7b5d6b8acecd07f78c3b2ebba68aca77f0c40f8cb760ba9da540bd485fee85c7537d69c8292bc6beb97647891bd8cc4acd2c5d3ad8a2c1dd6f8b800f47610db615961af93e58c08d6477030e98818068acba07a3da28d425ea45322ddaa6caf2a584d25ab6346f61494644ebca5f46ca8b6d0e9a172c2ddacf44230014cd3f10a39e1ef278aa21bb4e1598950291317a52f489af279e3b343d8c4ef1b2316c7ea0bfe0e14511f66bb0e779589a5d091fd9a2ed8322e2fd3c202a554a0092dba2ebb865e8cf626179cd2ddf3e48b6a6f624315d9cf1089c2e20428418c21d43a20812a042efe993aa2acbc4f1b0fe85ac699550b94e209e4b8f91ae198879708e75482b40eca4f73166de4b439224b45543849e487b122358c7070ba37477a36015731d509df2a8ee58463725110eb20bd52fcf11", 0x1000}, {&(0x7f0000000200)="f293bf9a340f99", 0x7}, {&(0x7f0000000240)="c6bee4e23e70be218851ecdb4221468f1c92e55137780add815c42b0371e1b7e904605651a33b5e095e24ec85d9801d87329f83ddc527cecc95885d7263a7af411ba15c621d036e60449288c51007ad899e7c44d27f234478c5138de6025dca7c976d79bc8b6482e9e7f8b736c9af72160a117914fbe1d4e1073ece442bc79dace9e8439710c68a8d501b236c231741f903fbf6ff74cf02cec6bde55e689374e8fd3779b2e03653915877fbd82c6d44ce620e41cf307f219dc4c76249d3900747b70f2a63a", 0xc5}, {&(0x7f0000000340)="621412e6bc04828a1f512bf8f019b6afa530f85972469f380424f77302a879624b4774df8a3efa746a7df350c8a8dd64d39d5052130e452c8b012c7e650ff6e05aa118a3aee091e5c8218b8d0ddbd8559b1ea8e43c1e9ca4faa660b2592e05", 0x5f}, {&(0x7f00000003c0)="03cd7baf0edf8e1cfd651fb8d8f59edd423c4d24eb7e413c5224039a0bf23453735ea37108a7514c92b788ff3fc16614918999081511f393251d0db457", 0x3d}], 0x5, &(0x7f00000017c0)=ANY=[@ANYBLOB="10010000000000000f010000040000006feda18e61cb5a313d5f3f7cf3ba584c01b1076393fc3e4c2b0c48e7e968b5b0674cdcadcbd6157f76d3d5133e83b76a91b29a05c5816e708760db2bd73efa15d66241f287063ab1290067932cc766f6135fb7da9334e7d32dbd12a261fe92d5a476cb0ab4ac14a4c25fef3af007218d5a6ae6e48fe379ae00696bd096a115ff0f30c8bbe7640991222c470d15ad6cdce373d2a929c44d4fd8c078da7c44504d1cb19f878e732a92133d55da10080e2f853e41b6a0deb0cc9992622042422273d6b1f50c51afb27a71dbc482fddebaf00e0e111f2cc3ee50ef59fa1b4e5303682cf62eca8c68620ccfb536ce65352fd1284720c71353f0d3aae09732a3d9e500e80000000000000012010000040000007a4761ddb4d26c3324ce3670af94b7ca3e37b3a5ecf8349e7d9dd1bb19d36587a6015aa1fe2fd7819d32e0f6f4626680f0ac6ffa03d0df5cc6fa2757fe5fce966408a5a2aed9c2cc1f90e0721379a64b2021c8354459b5b431aec84e80192990a797e141e63804e20c1fa00c67e3d7d6377f807ab07718da4b96d24f6e395f3737b7faa40d3d44027569dd4367218b58f6782d2df9c95fe4d68daff69fe8eb88d834f34b6feb8af8fc10019ca15ae69696c8752c3b01fe483ceee6e79937231338ca674439b5241b4f144053c58f3cb96b502efff02e8298"], 0x1f8}, 0x4000841)
syz_usb_connect(0x2, 0x2d, &(0x7f0000000780)=ANY=[@ANYBLOB="12011001ec030008fb00beeb8dd40102030109021b00010700f0090904c0070197783703090501022000800702"], 0x0)
r1 = syz_init_net_socket$llc(0x1a, 0x801, 0x0)
sendmmsg(r1, &(0x7f00000001c0)=[{{&(0x7f00000000c0)=@isdn={0x22, 0x22, 0x6, 0xf, 0x6}, 0x80, 0x0}}], 0x1, 0x40400d4)
syz_usb_connect$cdc_ecm(0x6, 0x55, &(0x7f0000000540)={{0x12, 0x1, 0x341, 0x2, 0x0, 0x0, 0xff, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x43, 0x1, 0x1, 0x9, 0x0, 0x1, [{{0x9, 0x4, 0x0, 0xf2, 0x3, 0x2, 0x6, 0x0, 0x3, {{0x6, 0x24, 0x6, 0x0, 0x0, "ba"}, {0x5, 0x24, 0x0, 0x5}, {0xd, 0x24, 0xf, 0x1, 0xfffffff8, 0x3, 0x0, 0x1}, [@dmm={0x7, 0x24, 0x14, 0x5, 0x3}]}, {[], {{0x9, 0x5, 0x82, 0x2, 0x40, 0x81, 0x7, 0x7}}, {{0x9, 0x5, 0x3, 0x2, 0x200, 0x3, 0x6, 0x40}}}}}]}}]}}, &(0x7f0000001cc0)={0xa, &(0x7f00000005c0)={0xa, 0x6, 0x110, 0x3, 0xa, 0x8, 0x8, 0x5}, 0x5, &(0x7f0000000740)={0x5, 0xf, 0x5}, 0x4, [{0x4, &(0x7f0000001bc0)=@lang_id={0x4, 0x3, 0x3009}}, {0x4, &(0x7f0000001c00)=@lang_id={0x4, 0x3, 0x425}}, {0x4, &(0x7f0000001c40)=@lang_id={0x4, 0x3, 0xc09}}, {0x28, &(0x7f0000001c80)=@string={0x28, 0x3, "c9de3cd609dd5f727d03e9f58ab97dcfe7c1718294e764ac13d26b08148ddd5cf28a2f58f671"}}]})
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002", 0x29}], 0x1}, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(0xffffffffffffffff, 0xc0184800, &(0x7f0000000000)={0x1400, <r2=>r0, 0x180003})
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r3, 0x8946, &(0x7f0000000340)={'wlan0\x00', &(0x7f0000000300)=@ethtool_sset_info={0x37, 0xff, 0xfffffffffffffffa}})
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r2, 0xc0c89425, &(0x7f0000000640)={"5a0c799a1d63cbf8072fc11d8c03763f", <r4=>0x0, 0x0, {0x76424b26, 0x1}, {0x7, 0x9}, 0x3, [0x7fff, 0x10, 0x9, 0xc3c7, 0xd, 0x1000000000d, 0x800003, 0x7, 0x4a12, 0x7e, 0x7, 0x9c, 0xfff, 0x5, 0x8001, 0x9]})
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r3, 0xc0c89425, &(0x7f00000019c0)={"291689dfd4fb61efc0f29a63dda8a27a", 0x0, r4, {0x400, 0x7}, {0x1c00000000000, 0x8}, 0x3, [0x5, 0x8, 0xd99, 0x3ecd, 0x3ff, 0x101, 0x8, 0x10, 0x4, 0x800, 0xb, 0x7, 0x80000000, 0x1, 0x3cd, 0x9]})
r5 = socket$inet_sctp(0x2, 0x5, 0x84)
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
r7 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r7, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r8=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r6, 0x84, 0x22, &(0x7f0000000080)={0x7, 0x3, 0x2, 0x3, r8}, 0x10)
getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(r5, 0x84, 0x70, &(0x7f0000001ac0)={r8, @in6={{0xa, 0x4e21, 0x7ff, @empty, 0x2}}, [0x200, 0x10, 0x1, 0x4, 0xdf, 0x10e4, 0x8, 0x0, 0x3, 0x6, 0x7ff, 0x5, 0x0, 0x6]}, &(0x7f00000004c0)=0x100)

8.347780659s ago: executing program 0 (id=6988):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000400)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
syz_io_uring_setup(0x117, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x200, 0x2f2}, &(0x7f0000000000)=<r1=>0x0, &(0x7f0000000200))
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x2, 0x0, 0x1, 0xba7e}, 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000080)={r2, <r3=>0xffffffffffffffff}, 0x4)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000180)={r3, &(0x7f0000000040), 0x0}, 0x20)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffc00, 0x0, 0x4)
r4 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$MSR(0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
userfaultfd(0x801)
getsockopt$inet_sctp6_SCTP_NODELAY(0xffffffffffffffff, 0x84, 0x3, 0x0, &(0x7f0000000280))
r6 = getpid()
process_vm_readv(r6, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x15)
r7 = syz_open_dev$loop(&(0x7f0000000180), 0x0, 0x2a280)
ioctl$LOOP_SET_STATUS(r7, 0x1265, &(0x7f00000000c0)={0x0, {}, 0x0, {}, 0x40010001, 0x2, 0x15, 0x17, "9e959ff9ffffffffffffff6c4056a51695284854c382ec6bcfeef4fb0efcc1d8a6078ed98e203fd5f0643902dd8f6fac274de9d940bba5e51e92bbd4ce85450d", "f625c1076e4c36c800def96015e0fb7e904d865c2fdc458ee68d347f41be5a08", [0xf22, 0x7]})
bind$802154_raw(r4, &(0x7f0000000140)={0x24, @short={0x2, 0x2, 0xaaa3}}, 0x14)
accept4$unix(r0, &(0x7f0000000180)=@abs, &(0x7f0000000040)=0x6e, 0x0)

6.476372455s ago: executing program 3 (id=6990):
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000002c0), r0)
sendmsg$NLBL_UNLABEL_C_STATICADD(r0, &(0x7f0000000200)={0x0, 0xfffffffffffffff2, &(0x7f0000000100)={&(0x7f0000000040)={0x4c, r1, 0x201, 0x0, 0x0, {0x3, 0x0, 0x26}, [@NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @local}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'sit0\x00'}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x7, @ipv4={'\x00', '\xff\xff', @loopback}}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @loopback}]}, 0x4c}, 0x8, 0x3000000000002}, 0x0)

5.716555655s ago: executing program 1 (id=6991):
fsopen(&(0x7f00000014c0)='proc\x00', 0x0)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7b, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000140)={0x1, 0x6}, 0x4)
setsockopt$packet_fanout_data(r1, 0x107, 0x16, &(0x7f0000000100)={0x3, &(0x7f0000000180)=[{0x28, 0x0, 0x6, 0xfffff038}, {0x50, 0x0, 0x5, 0xfffffffd}, {0x6, 0x2d, 0x82, 0xffffffff}]}, 0x10)
syz_emit_ethernet(0x2a, &(0x7f00000005c0)=ANY=[], 0x0)
prlimit64(0x0, 0xe, &(0x7f00000002c0)={0x9, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
r3 = syz_open_dev$video4linux(&(0x7f0000000540), 0x5, 0x20800)
ioctl$VIDIOC_SUBDEV_ENUM_FRAME_SIZE(r3, 0xc040564a, &(0x7f0000000040)={0x0, 0x0, 0x1012, 0x221e, 0xffffeff6, 0xc251, 0x0, 0x1})
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$VIDIOC_G_EDID(r3, 0xc0285628, &(0x7f0000000340)={0x0, 0x3, 0x4a, '\x00', &(0x7f0000000300)=0x1})
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020700000000000002030207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000001"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sched_switch\x00', r6}, 0x10)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000140)='reno', 0x4)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000000040)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r0, &(0x7f0000000700)="0c268a927f1f6588b967481241ba78600a34f65ac618ded8974895abeaf4b4834ff959bcecc7a95425a3a07e758044ab4ea6f7c555d88fecf90b037511bf746bec66ba", 0x994b6e03113064ae, 0x0, 0x0, 0x0)
recvmsg(r0, &(0x7f0000000100)={0x0, 0xa, &(0x7f0000002200)=[{&(0x7f0000000780)=""/4108, 0x437aba2}], 0x1, 0x0, 0xfffffdee, 0x407006}, 0x104)

5.641989103s ago: executing program 3 (id=6992):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000e, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(r1, 0xd, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0xc)
r5 = socket(0x10, 0x3, 0x0)
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={0x0, 0x24}}, 0x0)
recvmmsg$unix(r5, &(0x7f00000003c0)=[{{0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000300)=""/83, 0x53}, {&(0x7f0000002040)=""/4078, 0xfee}, {&(0x7f00000018c0)=""/181, 0xb5}, {&(0x7f0000000640)=""/168, 0xa8}, {&(0x7f0000000140)=""/46, 0x2e}, {&(0x7f0000000480)=""/120, 0x78}], 0x6}}], 0x1, 0x40000000, 0x0)
write(r5, 0x0, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r6, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)
sendmsg$NFT_BATCH(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)={{0x14}, [@NFT_MSG_DELTABLE={0x14, 0x2, 0xa, 0x3, 0x0, 0x0, {0x2, 0x0, 0x4}}], {0x14}}, 0x3c}}, 0x0)
socket$netlink(0x10, 0x3, 0x14)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
readv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000001300)=""/244, 0xfdef}], 0x1)
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, "000080f100df00000000000000000009f600"})
write$UHID_INPUT(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
getsockopt$inet6_mptcp_buf(r0, 0x11c, 0x1, 0x0, 0x0)

2.899364859s ago: executing program 3 (id=6993):
r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='\x00'/12, @ANYRES32=0x0, @ANYBLOB="9ee200"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r1 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x200800, 0x0)
fcntl$addseals(r1, 0x406, 0x1)
sendmsg$IEEE802154_ADD_IFACE(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000380)={0x5c, 0x0, 0x4, 0x70bd25, 0x25dfdbfc, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}, @IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy0\x00'}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0202}}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan3\x00'}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0002}}]}, 0x5c}}, 0x4000)
r2 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r2, 0x10e, 0xc, &(0x7f0000000640)=0x4, 0x4)
sendmsg$netlink(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000005e"], 0x1c}], 0x1}, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000500)={0xe, <r3=>0x0}, 0x8)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000540)={{0x1, 0x1, 0x18, <r4=>r0, {0x3e8c, 0x1}}, './file0\x00'})
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x1d, 0x11, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000007}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0xd}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f00000005c0)='GPL\x00', 0x6, 0xde, &(0x7f0000000400)=""/222, 0x41100, 0x58, '\x00', 0x0, @lsm=0x1b, r0, 0x8, &(0x7f0000000240)={0x7, 0x3}, 0x8, 0x10, 0x0, 0x0, r3, 0xffffffffffffffff, 0x0, &(0x7f0000000580)=[r0, r4, 0xffffffffffffffff]}, 0x94)
syz_usb_connect(0x3, 0x0, 0x0, 0x0)
r5 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_mreq(r5, 0x29, 0x1b, &(0x7f0000000000)={@dev}, 0x14)
r6 = socket$netlink(0x10, 0x3, 0x0)
socket$inet6(0xa, 0x3, 0xff)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000140)={[0xb, 0xe, 0x9, 0x0, 0xd, 0x2, 0x8, 0x0, 0x101, 0x0, 0xffffffff, 0x9, 0x2000000000000, 0x10000, 0x6, 0xfffffffffffffd81], 0x10001, 0xc401})
sendmsg$netlink(r6, &(0x7f0000000740)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000300)=ANY=[@ANYBLOB="2000000011000100000000000053d100100000e60b"], 0x20}], 0x1, 0x0, 0x0, 0xc0e5}, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'netdevsim0\x00'})
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000d80)={{}, &(0x7f0000000d00), &(0x7f0000000d40)='%+9llu \x00'}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000240)={0xffffffffffffffff, &(0x7f0000000140), 0x0}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x9, &(0x7f0000000040)=@framed={{}, [@ldst={0x3, 0x0, 0x6, 0xa, 0x0, 0xfe00, 0x41}, @tail_call={{0x18, 0x2, 0x1, 0x0, r0}}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

2.793269265s ago: executing program 0 (id=6994):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$kcm(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000000}, 0x48881)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
pwrite64(0xffffffffffffffff, &(0x7f0000000000)='L', 0x1, 0x7ffffffe)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r0, &(0x7f0000000000), 0xd)

2.661390641s ago: executing program 1 (id=6995):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000020000000000000000000000095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
r1 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000040), 0x80000, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r1, 0x89f8, &(0x7f00000001c0)={'gretap0\x00', &(0x7f0000000580)={'syztnl1\x00', <r2=>0x0, 0x40, 0x7, 0x9, 0x0, {{0xa, 0x4, 0x2, 0x26, 0x28, 0x68, 0x0, 0x1, 0x2f, 0x0, @loopback, @multicast2, {[@lsrr={0x83, 0x13, 0xd7, [@initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1, @empty, @loopback]}]}}}}})
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f0000000280)={'sit0\x00', &(0x7f0000000400)={'syztnl2\x00', r2, 0x8, 0x7800, 0x0, 0x8, {{0x12, 0x4, 0x1, 0x2e, 0x48, 0x67, 0x0, 0x8, 0x29, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @loopback, {[@noop, @timestamp={0x44, 0x14, 0x4e, 0x0, 0x6, [0x6, 0x10000, 0x9, 0x0]}, @cipso={0x86, 0x1e, 0xffffffffffffffff, [{0x4, 0xc, "430cb317308e033d7c28"}, {0x0, 0xc, "fd05cfadee6d33cc6812"}]}]}}}}})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000180)='contention_end\x00', r0}, 0x18)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
socket$inet6(0xa, 0x3, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
close(r7)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
recvmmsg(r8, &(0x7f0000000500), 0x0, 0x40012002, 0x0)
write$binfmt_misc(r7, &(0x7f0000000040), 0xffc1)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioprio_set$uid(0x3, 0x0, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='environ\x00')
r9 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000080), 0x802, 0x0)
ioctl$UI_DEV_SETUP(r9, 0x405c5503, &(0x7f0000000480)={{0x7, 0x0, 0xfffc, 0x805}, 'syz0\x00', 0x40})
ioctl$UI_DEV_CREATE(r9, 0x5501)

2.59775139s ago: executing program 4 (id=6996):
r0 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r0, &(0x7f0000000000)={&(0x7f0000000080)=@rxrpc=@in4={0x21, 0x3f, 0x2, 0x10, {0x2, 0x4e22, @empty}}, 0x80, 0x0, 0x0, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000000040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b57000000860f5878c37ffe36e1165814d435be5b317c6c8189587d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988ab013f40afe403041323110f62055394412158e7a3adb148d641aa40d4ab077fe34232aa8b31851466d0998a61d7da0c86d70000001010"], 0x10b8}, 0x1108)
recvmsg(r0, &(0x7f0000000780)={&(0x7f0000000180)=@alg, 0x80, &(0x7f0000000640)=[{&(0x7f0000000200)=""/191, 0xbf}, {&(0x7f00000002c0)=""/61, 0x3d}, {&(0x7f0000000300)=""/123, 0x7b}, {&(0x7f0000000380)=""/187, 0xbb}, {&(0x7f0000000440)=""/243, 0xf3}, {&(0x7f0000000540)=""/248, 0xf8}], 0x6, &(0x7f00000006c0)=""/147, 0x93}, 0x0)

2.278508345s ago: executing program 0 (id=6997):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2002, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000001c0)=@bpf_lsm={0x6, 0x4, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x9}, [@ldst={0x3, 0x0, 0x6}]}, &(0x7f0000000180)='syzkaller\x00', 0x9, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x46}, 0x94)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000100)={0x1, 0x0, [{0x40000021, 0x0, 0x1}]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r4, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x0, @remote}, 0x10, 0x0}, 0x2404c854)
r5 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000280)="5c00000012006bab9e3fe3d86e6c1d000014a10d00000001000004b68675f8001d000a00a0e69ee517d34460bc24eab556a705251e6182949a36c23d3b48dfd8cdbf9367b4fa51f60a64c9f4080003000601000004000200110000", 0x5b}, {&(0x7f0000000680)='\'', 0x1}], 0x2, 0x0, 0x0, 0x1f00c00e}, 0x0)

1.498691308s ago: executing program 3 (id=6998):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000d6cff0)=[@in={0x2, 0x4e20, @loopback}], 0x10) (async)
sendto$inet(r0, &(0x7f0000000100)='7', 0x1, 0x0, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000300)=[@in6={0xa, 0x4e20, 0x9, @loopback}], 0x1c) (async)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x2c, &(0x7f00000002c0)=[@in6={0xa, 0x4e20, 0x0, @loopback}, @in={0x2, 0x4e20, @loopback}]}, &(0x7f0000000000)=0x10) (async, rerun: 32)
r2 = socket$nl_generic(0x10, 0x3, 0x10) (rerun: 32)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000900), r2) (async)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000008c0)={'wlan0\x00'})
r3 = syz_open_dev$sndpcmc(&(0x7f0000000180), 0x7, 0x212040) (async)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x880}, 0x4040035) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0xffffffffffffff01}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async)
r5 = getpid() (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000002f80)=[{{&(0x7f0000000280)=@abs={0x1, 0x0, 0x4e22}, 0x6e, &(0x7f0000000740)=[{&(0x7f0000000300)="df32d75253d2a66a3d7625f9fecfb7a24f2e5a9c50ac8808034764034134df2524eded9c048f43aabe5ef1712a801b31edb253f5bf10ad476b210059d82dc994d711d6898fe6148b974021fe1a92d6da19e6e41fd2448d3ff924dcd594abdc9d2f43324b9b57a55f7dca550905deb7a0453e73a8", 0x74}, {&(0x7f0000000380)="cd2169162c50431beffdc66c980e1fa64d9161ed8f581e972e2958056a620fca0e481b61f05d705bda7392228a946a84a00920633c3ec9e743995a105b0b43bc20d99d5efdde29da5a3eccca8749bfa0c67811364dc05d4b1175b7cb427491c7486154d3d567d4ab4fffbece26c161ddd207647f32a2e6c67d04c1a2b222fa9f47b52493b6f313cb596a7f3bd21d54027af737aea43368e821c595f39dc86a108fa841aec558c7112b1344ab578730d2237b0036", 0xb4}, {&(0x7f0000000440)="1407f819c19a827302e8ae1750126eadac7506e032424eacddf362d52a0957c3546a8d4133898a1a13950e4ac1ddd99bbe450f9066ac8919ab8500ab1eb3c5a0b934e5fe6e62fa91", 0x48}, {&(0x7f0000000d80)="8e5206466e5d8655417a737a0ce1a2f4a90c27f1da738b3b9239744c2a28ad2756c1869c94d376e8d888cf2971c5b700ce0edc5b211fc68e8b9cb9bd285bf370815e3f3af8af5fe38b3bfaa6d0e96e85d45b01ee4183abed382d9a722ae6fd02fcf924830a52e585f9147224417e11b03f8004a7da35a8f0619275e032d225ad623c29bd424a32973002d8195f462b06dab451008e350db273451513596e7b411c86866b3e408295ec8563336611ebeaf1325311e3b6387752e4b2d983a13a3841d7344465ef47263f71f0803e1eddc8ba7ac464feaa736ed7f6a61f37e552b227b92de07437349c6594865b3084510b3443bfac913d0d736a2db6581222afcc64af60e7a5c6dd21d39b72f13d3b5db19a007d8761a04b39a837398328534dc4f403e554ba6e4a9c121cc85a61b5bfed4855dc18736eed5dcdf75b14b7b1bedcdda3a28738be4e0ac0d737106287d8bdc58a631ef198f49e5634321b5b9e0ad79b01ab44093081725ad13cb91977785ff08b51431a397c3e8a647682ef4fc72d112fde7503b5a83a13ec26df65d2dc46119f7bf2a485e38da78b0d1bd6801fc865d7937adae873da7cfa8ed5b320e78c776a46e4b64fb539602ef9f4fbae733fbec79a28bd32b5f64678a613b755a89fb7737a1a0ae3f409c9f294eb1f85d3015b706ed72f5814f3aaa913fb21b1dc8960cbec95c995fdc990025df06bbf2d92b9f99c86bdbd51521fc1b4e72b369daf038a9da9fcadbef6e36d1de6f426ea7502ad6e2a34d7a62b6beb86e6601bb622eefd5aa8a825fc8ccf9ba6e26df6c30aaf252e78d7b97e7eeb7bb6cd8cb3c3798175bf3cb16afb906943406ca44c7922d1c8b0b5306710ccd0d27b77ed3618c9af3efcfd92b4e3c2f285b7956c13abce1d66e1c69fce207628e617912254c6598ee847a74f953bed8b0094ca4334d6cca94f3a59425da451d974a104686fc9a231de044406f42366c5d4fe86d6ac08166db8bbb123e3869ced51379bd4af4ed3533b730d5eb3c0c36f745d65231788bb59d8e6dc030bdbe030bc643d7a240ba10bf3324b8cadb6ac70fc0d3d0a8838c0bd6d699df3f910e7372bd54b2bea4ef336c30257aa1fc40d0a7f3df534a336d19a3788656ede8737cf029843d4fe68d3ed5b04d2eea4f0c7116dd5a8457d22120bbdcbb3cedddc1cddcee0dcc1612056f7d666bf01f74e6ed2c0b5e42ce8ab7ad293976e0816195b770e091e8e78e8ec140f040d67cb678e543172c7b0966d524cd7924ac286b8c816adf402327e2f73287f1ba1b4e723fd8f9c5504efef4c226d459906832c39de75c4bfe2d5030b0edd0cd6131708e8086fca0c95a2bea3fbbd8c7c0f1ba1f6ceaacf047ff9307d44d086303410136ed8e0088bb3d95e13c555428b3a3a70e29e38732a069f3704af9abeabc32314aa57d2d54148ca22af18bde1745213f18449274be581188783c695718d50296a6356cced7a8b858b1948e83271769769e75e36c7b2f3ec7b1cdde5528d310525510151dae58c4c9df0fdbf0de1d8d349145f9e41c6ea9cf027350e2c6ea73c2ea9c9b1a664dea652647e4763969351bbf1eaf58f7d07364ca95f62fdc9351e0ba1b60574bbc81571e505d20935ee836a78d6b9880818f31c81f438adf3486db1841371bfd2f18e0219d5569675dfab630d52756655d382b369ce982d814b707ebda221b531632f4e26ddd68dc2077b27d4b8daeb42facbbb875239ba8a0ec4ff64e85462647093a5fe9babb14dcf02318a97bef799ad08a0b8a2ad9de9dbd0755d6e9fcd3d6d3a7604aefed517ed20c76683cb73daaab794c5e1f6c1267a4737574a1d26d2bb2d209ef07f5123b034b00751a803894f3ad35f6c845c3fd029572c56d3932dd60b753675b6cc2f913de00582bdb61760b1583ffbf0f2586d858af6855bac7fd072d4b0e5a278c961a14c16e0f487f28fc8f4459a4149ba40b216c9fb6a3385b2aa6d1d4497eb633813a54370b89db790c67e45d360d7db249374318a448e314e95152f8db10360c12649cd61e2529b9453af5811acbc5677d6fad2df132b4b81bc2e2d3b612f9b8a618ada35b12bd4c0dc173a3beddb9b29d2e2b628ea4cb2f391390ed42acb054c957cc87b96496597eec218271ac75202b7262e193314fb899c54c326e847a46d080953d3335eb012714684e2bbd5e82ef608d0d54ed7097c685a8f826e73d1421b3d06021921a5cbebab656e77af8533c4a288e75a33b763ae4e98b5ae109779400cf665c9fd9acd0e0f24d133618f52a6e737d857fffee2836071fcdd64456c5e0ad31ed1402d9758f59b455730c9f3cc05a3e2ce6f12771be13d2dccb3c052aa9975ffc31d26722dc64a0397251c695d64a7944a9e2a042db77b05e041afaf6ea8d3d0cc0a78cd3ebd4b3eb920ab9df0cf137e08473042e6b72d9f744250a732c8e4c86f903282ce668e90392b64b9960340dfa96df3e931c21d0c4523ca1f934bb96fb1f364a510132d46821d1472fd19903a3a683bf49908986ebe90a6fe66c479a48088e87e3c05225b536a9215ebc5ac758864c2e06098245b707ddd6356cac1aac090d2d438f0adc93df881954280255a657d923970ea47101fc57f88654e3a47def3e0bf0467f1465398eb67ef9e7b9533076bd44312be23a74b4faf1a0c6b024c31a9b576484167be04de8ca3b654f145a3fc5bb7f6e51a967ae0fda4d4574ce657be4c4b7a4ec1890c83eaa9d6f04893f0f332e7643c00cfc6b65a4963e7654b62ffdb5d6db36cf839af3539642d2e7c4bdbeaa2efa2eeb683814dea06af0806fad6f9362b526fe92f8303bdfcc34ffcf543ddefebab267b9d63785fd973f97c61fdba6877957ee420475d93c4d5fdfde242faba40a0df4ae2de3abccb7b728cd6fd8ea3f119442b14077df839a38ccfcb0aa4ad6941848beef4f49fc6fa5da05d249ef89bd412360ba7b0460cf3abf67384630e46c5d795424517120bfbbca4cb1480fb891262d872c736af93676d5bda7d7d14c88dd98df705f3704371aef3e319dd1bc8f479f98f7945b8eae1b9da55ae121006cbafda8f46fac9a9b96d12eb6fe7061c645dca1cada4a02cbbb17f9dbb6d9be430fcd22086c3f6a03cba462dbe01410c3670625e195d41813c3e644944833cce6990d03da50e3f0d83ff6fa9e233df3d34f91e80764e528ee97d771871f2db74591f22aa812d9d32fb876c226770a33aee424b9806c1dd066ebd98a7652b71e37c76bf93d0b5056694a20775b081b7067e59fff680cf0acf4a83b9bd18e446d1918e877cbc3a45dd01131c024dd80b3bf97bb0f0a88bf7dfa5a4ca9346566015a81935002a3bfb007ba49f5b1894763c8d47f5a9b54330a2453624dfbfae8894f8d0f37e712efa2838e7f54459b9833623e1431f0cf1b91db9fa12b5c47a76402364f6d7f3d00f7995a24aad2ae702bdcf09a85c24897bef041feba424e0d24e2d84224aa412f2da749aa5605cbfd48c2a8395bd88766172356fc1b2020114ff30ddbbb10e3369ad8488700effbbcb7e362795afca48c593fec8a26b049a29c558cb73ff7d1a22aadad0d53665bd6d2936e32ba6942b048e7b8f7860554fd5e03bbd0902f25025c46bba209782c398244f75af6ec80a1a339510ede26052705af435dc80436ad6b9d8507e90b64f1099407bbd0a7f7a36092cfd0860df3dc3b6617418136808656bd92205c84eaecdf5938c3a7c5ebe00d1fd7987e155d3d5161bd729d3e4710eac15d20c226e629fa2d824e5fafc6a679eb407b3ffe80622c5bbafd03814acb7b47a59573753bc154a525a709e873add02258c15cf10392dc895644ced73379476aba8ea00251f6ae4b106f7ea8053a65a47d07522de70876265b87a9ab1f9b9d2202953db8f1dc909792a6d35f6c71e4b675fde1f210fc1972e10b7dbaa93f17f0111b312530bb78e2223e821a41e47de5b596d91a400a19d260804b26a8acb4048c2bc3662965b0b509e1c226034d16103d003641abe9101b520b2547d08179e3204bacf153f90a55312b553cf96f8bf375068f08292c369b863253e371dad3290992070d08378b2f9ad0d1fd5450ed42971ca6bf3bf924a6c531f0a326324947304ee37630dd953701acdaaa2ee41588aae986806b434313060a0a235424769b1d10a00d8f4421c406b9f78c30b8c5d5845ed9d8db4d2bd63875b9bd9823a59a7c4e72d648775ba0f8a0e0131a4d9d9add088a9aeaeb463b5a48468187b7cde423d14cedb61a7ab43a8d7878c6a1672cc33de1756065eed6e6f016106064048edb20c080624cd91a0d66ddc652583f59eecb6d8f32659e512456d8d3497f9bc7800baca50788dcb20bcc58c28ccfc01af0a74be3876968be80c4f2b55c9e156e973df031fe63dc7294ad07c9d429b1666d470be6a3f05e971c712336ef140d38f0d86ceadefbbfa4de40ab96a3bab28c109f975bfa663b47002b0ff6ffa097a8e49084c2e8be4e2bf1bc2e8144c96b9a560e74e8ad467cd884d9b101479a81aa9ae5e4674164d74acee6a201c6c4b7466ba31e93e9baba391597f08802976657f5d0d3b4c5baa664a9d04b959d95338d22ea63d01399d9092395ef2733f51eeacb9f2f60c4e508d879b9f81d27f1a30e6f53dfdd5fe27635b13e1ec33431f90cc246a32d46c50b048de0d889be308663f03811c4134ec62f5ecc4e113f99c2e9e89ecdcf75d0a0aeb092feee0dbf1408ced22983bd8daf2839b567785e19f1d2a02e604dc027f0fb5554145f2741549b5c7930013e17e6bd8e0267b108fc19d271ae7c4c921cd280d59e9b651b6cf9b2dfd9e2bcf4e8de20251967444357bf3eb7e3f5b0c1ab1b4528d251034415b0d4b92ad230bbf8d990272703ff02beac8be6030fd8e1b79bbe03da16aa70d39df6a129ee1d8388006d8d22da23dc99fdc0e872a026cb74ea4519e78554d8ffd9fd649c800fbdfa516ba6aa8371d7d6ec73dc0650a4bda8c0eab5fe301e0b59881bd3bdff9aa407f81ed283dd4c31ae8cc02f0f615f1171a67cffa8ca4f7c0a177d6b9c2f8e7a72ab438a379e70bd63caf2b2730e5a3b7eefbed03eef586edd349ff27339b8aacc0c0ae6f7147695db9337ea1bcfefae2841e9b5b23e3e19c546c50091a3c0a3aefed7fb7b6474b332702fbc1d09a24e0721e4145bc8ba093855f89def2daea2306df6d7ae61d4d4a72489ce7c7efa35c19ae9ec8debe4041362bfe5f3c77d2a3a69ac0a2b87ad9159745812b95cd0a4887b7e4d3ef0e818c41519d2e1e9a3c9405eb83f2700f5be7e1c8edf1e04bd19432cdeae28b97dee8f261e507fdeaa9d06bbea7019ee84f570a8be9df96f68cdfc165327c52bc83b3371428240ff0deb3a8155b4670f87a88cf422f1c815310f8b52c6f574859410e8f4f8634da34b19dbbabc14e030ccd6e2520d5e3f50f53910d74523c5cd3c05f0e0eddd265321f414881344bf56135d7dc7f03f11d40e9db39485b4ef144c6848da029bb9e92fc2146df317c475727012d2190bb3cefa85bea37cc8d3f522b549967067cde12ce1043680b0627d0843dc223e976baea38f52df1e99c68c7f83f8bfe36bf8002c87e4f9d49f53f64a0df5e602ee464197952b35cf002e8abeeef5f4d0d142ba8af88b35f980a4eff9d4329696c85f3e7bc0abc12456ca9c2c62b830ec68c1caf9a5e76351f8157d0be6958022fcc59dcdddf24630a045b84be4bcc11d22aab64551d9603a2b61978c4d7a2bc43e86e7cf57458219d0b586e8952fcb01806b3683954cefd5a8c", 0x1000}, {&(0x7f0000000100)="47ebff420d4a3aa3509cca0efc6a9de3f0eef9a7c7defa737a512e264bcf43dcb00dab4ff3e1184cd616ce5899bbe2ebc881695c267099", 0x37}, {&(0x7f0000000500)="af5090911fd190a9168915dabd213f17c87803da52b32396d31022db46744a286704c58e376282c9bd0c306cfafcadbd5887c14a1d114496f9b5dc615ae4d224b2730aa0f2bd7ae54d9cebf96cd82100f54baf6a48216f5369403313a74a34", 0x5f}, {&(0x7f0000000580)="5a0eddae508922a7f5a55596ef9322a3b3475f60dd0bc2ea2a8c2c8af70d38731ff58d7bc00cb40d15fdfd4098110385db3d1c9c36adabf545600447ebe8c2f1e580b2640deb3dd15d97c7b13ed02ac01a2492f35e311044f17cc30c0cffe77c552a341acfeebe5ee9718a34d76e1542d0a5d49be01757bde90ee822f3a8a656f7dc01946fcfb05ed94431b7f72d88424e70de34bb63b5c1ab395110c65ee51188b63d36fcc03695cc7db8f264c3eefed7c56b53822d65c24a64ddcaefae3de94de6d06107b4a447625f381935a93775e297f36981c3113e407b625b328599d78bb3685dfb20cf41112b529fab56b2539c", 0xf1}, {&(0x7f0000000680)="b99b2b2dce6740c4ff222d16db6aa637caca3ea10cc052f97588787df7d6ecf07c61cc8ab2fccc251b2d55458c2a024a98d238b3d3c7f5f483369837a9de7690443e5b51560a3d61e1777064b3c0a13516886007e54749af36da470ffefaac5b13969f9d6967e6c74e81f9942c9f177aaf68ee22895e2585d23783f642e146e4b42e65f3", 0x84}], 0x8, &(0x7f0000000ac0)=[@rights={{0x1c, 0x1, 0x1, [r2, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, r7, r7]}}, @rights={{0x2c, 0x1, 0x1, [r3, r7, r7, 0xffffffffffffffff, r2, r2, r7]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, r6, r6]}}, @rights={{0x10}}, @rights={{0x30, 0x1, 0x1, [r3, 0xffffffffffffffff, r2, r2, r6, r6, r6, r7]}}, @rights={{0x38, 0x1, 0x1, [r3, r6, 0xffffffffffffffff, r7, r7, r7, r6, 0xffffffffffffffff, r6, r6]}}, @cred={{0x1c, 0x1, 0x2, {r5}}}, @cred={{0x1c, 0x1, 0x2, {r5}}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, r2, r3]}}], 0x168, 0x800}}, {{&(0x7f0000000c40)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000cc0), 0x0, &(0x7f0000001f00)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32, @ANYBLOB="00000002"], 0x18, 0x20008000}}, {{0x0, 0x0, &(0x7f0000000800)=[{&(0x7f0000001f40)="9ffe3c7354683f8cf92ba7ba89a2434b451ce9cef9e278", 0x17}, {&(0x7f0000001f80)="0d8491a7f89c1116bc1f6ff4fc49e6243e52819d4f2b90e8e500d89bf582db21a5c755da1ae682962ed1b55df59eb35617a17d54f3cbbb837669a05d84c6b82e88e22e48eda4c071bb2941e17e7cc86e54815573e8c0e371da7167f6b70ddb8122354839c9e210da8c406be0ed3bb276a42e66d0c2ec4f3de150b876ec1be6d77a9ae2b6862a8ba16d37b573d6708a21ec51d9593afd630f13db5df6e8c6eb252933435a1006623128efa44671f643ade299", 0xb2}], 0x2, &(0x7f0000002080), 0x0, 0x81}}, {{0x0, 0x0, &(0x7f0000002700)=[{&(0x7f00000020c0)="9f8175294b9ba1e04af0c7ca3c8ae546670c5004751de883a7d7a70715e7a6e9288b6ca599311e1b2148b871d5357e04961e952df98bcd8b259268f35bb0474438016f0becf574a02a6292fe7d6bbffe2254e5da0a6234b0d308e7202417c2549de8a5716eced631397956876860e6bade9c8232d76b79e786d1f10bcf103e8a70d852208843cbf2dc7442edecc3b46316235daacfd844e9eb7e87b0e098c69b781eb9e676b0f303c6f5ef731f35da20f116690766cd31f55fde75", 0xbb}, {&(0x7f0000002180)="fec786814075de3ae5c2bc796389940a7777daf5db3b457e3a2772bbfd1a1e5b4020016cc17d20b263215f944a94cd1888883d183fabd6a3bdd1795cdeb8b7e41eca417b3b0d2b7e8220c06686c67c62b0e22c0d5b105736ce2e48658f3878b0f0bf940ca8cf020e50d039edb4f4957e2848da416c1c13794446a38a734349a3984e56390e880c5418242a9daabeb5346b17853863d783dfdfde2ebb7a24d4b7cc16a1a7db4500a1b882c79aeddde7c99c4933a89e3708a7a2e75be991f585a5d43b231e287c5d7e26038aca1d3627b9df376de8931bd295c75c99d4105304a8e22458126c44cf0d2ac6873baa1898", 0xef}, {&(0x7f0000002280)="366da194081c7849dde0dc710a4d07907de7b51d5d7e6eaf4a53a9303fb0589e240b48f9a3661d140ba91e24fa5034b9595872a4a99a008f9a5a7ce08bf8cda716b87a9cfe43e8ac5b29775a6e5a58f3682b54f2227ad223a13c492ef69935d7402d9721e4a61965d747911168ea9a6555027de5314488a8888363f2478c8c4db57dd394f52c41932a49f41725bd6ecc8e4b37b0caf6139ca7b8996db86b75", 0x9f}, {&(0x7f0000002340)="d992c61f93d0ad0d7218964eef0b99fb62af7224c029cef5", 0x18}, {&(0x7f0000002380)="b9fd3323f1ab5163e8255f596fa103c58eb3c4d59f4d376827c3c32f135b672b04a96a59b84b22072b0a4b95f3bd78e66ffd1738dcf480104735f2bf2bd38ebfc3a704793dec76a603befdcf6f5ccf2f5a193687dbdf0f63de4db2c2336844d2f108e52dff198c88d666f5813b5e79417d3bc977772bd03d6f58fa884d960ae7aeb34adcb703417cee83eb0e220a5d79519345c5d09ff14df246aea24a9d968f497a490ad232bac05370320117f783", 0xaf}, {&(0x7f0000002440)="bc5881a2755cc969d5de3bd0251ce062745b313dc2646b6bfa64859d814e87ac8dba76faf346584ea12874ddc12fae46abe4cef60d5487c78df886715152d735b647f52504114840543633d3ee7a46311c18f40bbae54153088f5e2dff679f78", 0x60}, {&(0x7f00000024c0)="c1ae5fb3b85e4c0d643782edd68d0642bb61b0ad6d664ea357a40ac452ffa468415777204f34e840b273ad528683509bb4775ff02564ad3950a7458bd948ac5482ed185f858697bd4d4399cba44dde2513e8b605c6a99b5429edeaa62c2b04557b760baedaf0bf9e71863220b4a9b10a92fe6505cbf2ce98a19bb3cad30b5d49fbd24fa6b40b26b93aa32212f1cab36664a70dc63b238f7ebba7e497daf730bfef8f382e03ba86aa483634759384c7a17b46dc7ade747efd5fca755099bbcdcdd5e75d64fb0654e166287a", 0xcb}, {&(0x7f00000025c0)="453513f8372f05a9ca9fce4c1c87a1afd638c0188827aa69c941b467ea87ae76e4de170aab2aad189bc7453bd814ac871e96d93cfe6deadb8bf350748bf3ed2e0e135fb6dba046e3a740258af5f0b965d93ef28557c44a151ee8101010808f0c187dfb07770af1fd415b5848c29c5d207eb34b269c1f19f45934ef006142bffd3a57a5e6d53dbedff539c012d14c907aec2b5d7c1079c9f5bdf7bb54f2931186e44f7883a115fa70e37d1757f52f38ed86a68aa3469bf78b1da227605e5bcf4c4949bf", 0xc3}, {&(0x7f00000026c0)="a4837b838969fe3c4878a69375", 0xd}, {0x0}], 0xa, 0x0, 0x0, 0x24004010}}, {{&(0x7f00000027c0)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000002ac0)=[{&(0x7f0000002840)="b5357466c115084779299b7673d00e51d5e04f09285f3edf7a0e61f493e52660eb7ddda7f467355e9696d1ab8109f3806cf959ab81c0c5d15c4a4407f7865374d414ff8c546bed611b3a8907b85c593da76a674f6128749ffc3781a8a50907a60f29416f57850254383b9c9d33d04c460d1f51429c903962e74537d7023e820c4fb85f2831154ad38ff4b87514896d3067f028a952873357a0dad400c8fb05059a8e9b0bed5a7143ffa8da96bca88d0e2a7ddf1898149cc6", 0xb8}, {&(0x7f0000002900)="b5ee25a7efa4f149e3b196f1c4aa7cb289893a1eea936c00a5c46e4a6ceb38a47ba1cb37d8015c933c40c8c62235a289279eb97b2ccd4c04145281e5ad34c418815d73c05626418fe322676b55aa6819f0168ef1d8be812743fe62b0bb114c35f8bf6ea35df78aec76c3630261f26bd8145af88c342626a16d26b00f1af5708e016a71992baf6fb4e055c9f7fa47f0cf0ca873", 0x93}, {&(0x7f00000029c0)="b2887e89b33662b2b5f656d48e43b6a1a371bc30c751eeba2afac7ddb8013ed514d30c0e26d11edcdaea73d6f4e8d46db7891a8450f824ea95bb1bb51a492d37fcd0fbef765023e83b7cd70ceec56c9e52cbb49ca3fcbe4a8e08e31328b2e0a6e072434b12e56634b80db3d4ae2ee5d27493fe00a824ac46a851ac33e92d1efa95ef8b3f0adeb460079c303cd460ba0aad6059dab46fabafab35ded347b20d15bf3b897501da976fc51d7552fb358ba59642c10b0dd6d741454bfdd0d5f6626c21b1736039bf6185e3559f96a1323773b50c45e525c20e17e1997e427f117a6a9b0d67f94ccc009d3be47ea8d0c013", 0xef}], 0x3, &(0x7f0000000840)=[@cred={{0x1c, 0x1, 0x2, {r5}}}], 0x20, 0x4000000}}, {{&(0x7f0000002b40)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000002cc0)=[{&(0x7f0000002bc0)="6e2e9cb3a2098e1e4137892467dcd86c5d71433533652b6dd705a12cdc1142f8f6cb36aeec1bcfc10ae74fc9c84e671da2d056418320f43b0524b62f8e3a0b0cf17d7f54ebb5f67cd65abd20a089dd6da8197db0", 0x54}, {&(0x7f0000002c40)="c8aa3257", 0x4}, {&(0x7f0000002c80)="0b0f8584acfedad94c4c9bb1cb", 0xd}], 0x3, &(0x7f0000002d80)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, r3]}}, @cred={{0x1c, 0x1, 0x2, {r5}}}], 0x38, 0x20000800}}, {{&(0x7f0000002dc0)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000002f40)=[{&(0x7f0000002e40)="41d7a3836870fd1ed09a38d5307985393940145d21e277825e79d843aff0dd16f525c582a7b8d4d2436a453e3a45276e397dd0c9b513d89e3f8a2254c818c3771bcd1048c2d1f42efffd23f0921466ee59a5d6def45ef09a6c43f88c442d366cf562f28e3e3a80875ef5a2ad98356e34e22e79a755ad96f0acc6a925f0899f8016a21a76e6f457ddcc569d8e67c0268cbaf22d0ef4163cc84d78924dfe31884dc5dcd49d84af83fb541a986e812e235096bf304241446ce7055e717a69a9b23a6f967404cd358523db425a", 0xcb}], 0x1, 0x0, 0x0, 0x40}}], 0x7, 0x4) (async)
sched_setaffinity(r5, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r8 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0xe2981)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000004c0)={0x1}, 0x4)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r9}, 0x10) (async, rerun: 64)
socket$nl_netfilter(0x10, 0x3, 0xc) (async, rerun: 64)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000007c0)=ANY=[@ANYRESDEC=r4], 0xd0}}, 0x0)
acct(&(0x7f00000001c0)='./file0\x00') (async, rerun: 32)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r8, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) (async, rerun: 32)
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, 0x0, 0x0)

1.377740497s ago: executing program 4 (id=6999):
socket$packet(0x11, 0x3, 0x300)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x4a8fcef8cedb941c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f0000000480)={0x0, 0x0, 0x4, {0x0, 0x1}, {0x36, 0x70}, @cond=[{0x8, 0x4, 0x3, 0xe, 0x2, 0x10}, {0x200, 0x7ff, 0x0, 0xe57, 0x2, 0x8001}]})
write$char_usb(r1, &(0x7f0000000040)="e2", 0x2250)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000010000000000000000018110000", @ANYRES16, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000440)='io_uring_defer\x00', r0, 0x0, 0x40}, 0x26)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000140)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="18d9844b8d1a7595ca4c0000000000000000000000000000009500000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x1a}, 0x1, 0x0, 0x0, 0x24040845}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x39}}, 0x8010)
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000080)={'batadv0\x00', <r4=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x2d, &(0x7f0000000180)={&(0x7f00000004c0)=@newtfilter={0x24, 0x2c, 0x200, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0x10}, {}, {0x1c, 0xfff9}}}, 0x24}, 0x1, 0x0, 0x0, 0x20000004}, 0x24000000)
socket$netlink(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000240)={'lo\x00'})
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000070000000900010073797a30000000004c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a3000000000080005400000000d08000640ffffff000800034000000038580000000c0a01010000000000000000070000000900020073797a31000000000900010073797a30000000002c000380280000800800034000000002040002800c000440000010c6f7"], 0xec}}, 0x8890)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
socket$nl_netfilter(0x10, 0x3, 0xc)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f00000000c0)=[@in6={0xa, 0x0, 0x0, @private2}]}, &(0x7f0000000180)=0x10)
pipe(&(0x7f0000000040)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
io_setup(0x3ff, &(0x7f0000000500)=<r8=>0x0)
getsockopt$inet_sctp6_SCTP_PR_STREAM_STATUS(r6, 0x84, 0x74, &(0x7f0000000340)=""/224, &(0x7f0000000180)=0xe0)
io_submit(r8, 0x2, &(0x7f0000000300)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x3}, &(0x7f0000000080)={0x0, 0x0, 0x7f000000, 0x1, 0x0, r7, 0x0, 0x0, 0x0, 0x0, 0x0, r6}])
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000100), 0x80000, 0x0)

1.365880504s ago: executing program 1 (id=7000):
syz_open_dev$admmidi(&(0x7f0000000040), 0x100000001, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000300)={0x1, &(0x7f00000002c0)=[{0xfff, 0x3, 0x78, 0x112d}]})
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffdfe}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x4000000000002e6, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = add_key$fscrypt_v1(&(0x7f0000000440), &(0x7f0000000480)={'fscrypt:', @auto=[0x39, 0x0, 0x0, 0xef3621d210fa9385, 0x38, 0x0, 0x0, 0x0, 0x34, 0x63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x64]}, &(0x7f00000004c0)={0x0, "3e82554dc8ccfbc2e85ec82d4ee9df60f6ae16b1a5f2c848722ba3b132e4fde178c945bd950b0477e801fc8a1be9b4ebbe9c2289a6b0aa00"}, 0x48, 0xfffffffffffffffe)
pipe2$watch_queue(&(0x7f0000000140)={<r4=>0xffffffffffffffff}, 0x80)
keyctl$KEYCTL_WATCH_KEY(0x20, r3, r4, 0x1d)
keyctl$KEYCTL_WATCH_KEY(0x20, r3, r4, 0xc1)

1.035998766s ago: executing program 3 (id=7001):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x400d0}, 0x4000004)
r0 = socket$nl_route(0x10, 0x3, 0x0)
syz_emit_ethernet(0xe5, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000086dd60b8192300af0000fe8000000000000000000000000000aafe8000000000000000000000000000aa890e000000000000316e"], 0x0)
sendmsg$nl_route(r0, &(0x7f0000000c80)={0x0, 0x40, &(0x7f0000000c40)={&(0x7f00000000c0)=ANY=[@ANYRES8=0x0, @ANYRES8=r0], 0x40}}, 0x8000)
r1 = syz_clone(0x2008400, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r2)
mount(0x0, &(0x7f0000000140)='.\x00', &(0x7f0000000080)='proc\x00', 0x189, 0x0)
r3 = syz_open_dev$swradio(&(0x7f0000000000), 0x0, 0x2)
r4 = syz_open_dev$loop(0x0, 0x3, 0x0)
sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x40800)
ioctl$BLKROGET(r4, 0x125e, 0x0)
ioctl$VIDIOC_TRY_EXT_CTRLS(r3, 0xc0205649, &(0x7f0000000080)={0x445f7ba6d659a383, 0x10000, 0xfcac, 0xffffffffffffffff, 0x0, 0x0})
r5 = syz_open_procfs(r1, &(0x7f0000000100)='map_files\x00')
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x7, 0x4008031, 0xffffffffffffffff, 0xba281000)
fchdir(r5)
r6 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0xe8)
getdents(r6, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[], 0x3c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[], 0x28}}, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r7, &(0x7f00000002c0), 0x40000000000009f, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240))
socket$can_raw(0x1d, 0x3, 0x1)
newfstatat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, <r8=>0x0}, 0x2000)
setresuid(r8, r8, r8)
r9 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r9, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r9, &(0x7f00000021c0)={0x2020, 0x0, <r10=>0x0}, 0x2020)
write$FUSE_INIT(r9, &(0x7f0000000040)={0x50, 0x0, r10, {0x7, 0x1f, 0xe0000000, 0x488800, 0xb, 0x7f, 0x3, 0x2, 0x0, 0x0, 0x80, 0x80000001}}, 0x50)

823.978813ms ago: executing program 0 (id=7002):
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000007c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a0101000000"], 0x7c}, 0x1, 0x0, 0x0, 0x20008800}, 0x2000c450)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=@ipv4_newroute={0x3c, 0x18, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, [@RTA_ENCAP_TYPE={0x6, 0x15, 0x1}, @RTA_ENCAP={0x18, 0x16, 0x0, 0x1, @SEG6_IPTUNNEL_SRH={0x4}}]}, 0x3c}}, 0x0)
r4 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r4)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ptrace$pokeuser(0x6, r4, 0x358, 0x800000000000)
sched_setaffinity(r4, 0x0, 0x0)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r5, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe)
listen(r5, 0x3)
accept4$bt_l2cap(r5, &(0x7f0000000200), 0x0, 0x800)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYBLOB="043e130100c900", @ANYBLOB=' '], 0x16)
sched_setscheduler(r1, 0x2, 0x0)
syz_emit_ethernet(0xa1, &(0x7f00000003c0)={@broadcast, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x93, 0x0, 0x0, 0x0, 0x67, 0x0, @rand_addr, @multicast1}, @time_exceeded={0x21, 0x0, 0x0, 0x12, 0x0, 0x2802, {0x1c, 0x2, 0x0, 0x0, 0x24, 0x64, 0x0, 0x0, 0x0, 0x0, @multicast2, @rand_addr=0xe0000000, {[@generic={0x88, 0x7, "370dccd113"}, @end, @ssrr={0x89, 0x44, 0xb, [@initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast, @remote, @local, @multicast1, @private=0xa010100, @local]}, @ssrr={0x89, 0x0, 0x25, [@empty, @private=0xa010102, @loopback, @multicast1, @empty, @local]}, @timestamp_prespec={0x44, 0x1c, 0x88, 0x3, 0x1, [{@remote, 0xfff}, {@broadcast, 0x48}, {@local, 0xb}]}, @ssrr={0x89, 0xb, 0xfb, [@initdev={0xac, 0x1e, 0x1, 0x0}, @multicast2]}, @generic={0x83, 0x2}]}}, "e97cc9cee4837a"}}}}}, 0x0)

810.637628ms ago: executing program 4 (id=7003):
socket$inet6_mptcp(0xa, 0x1, 0x106)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000e, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(r0, 0xd, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0xc)
r4 = socket(0x10, 0x3, 0x0)
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00', @ANYRES16=0x0], 0x24}}, 0x0)
recvmmsg$unix(r4, &(0x7f00000003c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40000000, 0x0)
write(r4, &(0x7f0000000100)="1400000052004f7fb3e4bf80a00008000000", 0x12)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000b40)={{0x14}, [@NFT_MSG_NEWSET={0x30, 0x12, 0xa, 0x9, 0x0, 0x0, {0x2}, [@NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}]}], {0x14}}, 0x58}}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)={{0x14}, [@NFT_MSG_DELTABLE={0x14, 0x2, 0xa, 0x3, 0x0, 0x0, {0x2, 0x0, 0x4}}], {0x14}}, 0x3c}}, 0x0)

0s ago: executing program 1 (id=7004):
r0 = socket$kcm(0x11, 0x3, 0x0)
sendmsg$kcm(r0, &(0x7f0000000080)={&(0x7f0000000100)=@hci={0x1f, 0x0, 0x3}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000600)="27050200340f14000600002fb96dbcf706e10500000086ddffff1144ee162fd4b8bf4a31accbe1ba0777cf", 0x2b}], 0x1}, 0x9cdc2384056b48b8)
r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/vs/drop_entry\x00', 0x2, 0x0)
write$cgroup_int(r1, 0x0, 0x0)
r2 = socket(0x10, 0x3, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000600)={'team0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000d40)=@newqdisc={0x90, 0x24, 0xf0b, 0x0, 0x25dfdbff, {0x0, 0x0, 0x0, r4, {0x0, 0x4}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x60, 0x2, {{0x2, [], 0x0, [0x4, 0x2, 0x0, 0x20, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6], [0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1]}, [@TCA_MQPRIO_MODE={0x6, 0x4}]}}}]}, 0x90}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r5=>r0}, './file0\x00'})
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x10001, 0x0, r1, 0x10001, '\x00', r4, r5, 0x2, 0x1, 0x2}, 0x50)

kernel console output (not intermixed with test programs):

  __x64_sys_sendmsg+0x1a1/0x260
[ 1824.256648][ T1995]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1824.256668][ T1995]  ? __pfx_ksys_write+0x10/0x10
[ 1824.256689][ T1995]  do_syscall_64+0xec/0xf80
[ 1824.256699][ T1995]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1824.256709][ T1995]  ? trace_irq_disable+0x37/0x100
[ 1824.256720][ T1995]  ? clear_bhb_loop+0x60/0xb0
[ 1824.256733][ T1995]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1824.256743][ T1995] RIP: 0033:0x7f81a613f749
[ 1824.256753][ T1995] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1824.256763][ T1995] RSP: 002b:00007f81a439e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1824.256775][ T1995] RAX: ffffffffffffffda RBX: 00007f81a6395fa0 RCX: 00007f81a613f749
[ 1824.256783][ T1995] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000003
[ 1824.256790][ T1995] RBP: 00007f81a439e090 R08: 0000000000000000 R09: 0000000000000000
[ 1824.256796][ T1995] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1824.256802][ T1995] R13: 00007f81a6396038 R14: 00007f81a6395fa0 R15: 00007ffd796e5dd8
[ 1824.256819][ T1995]  </TASK>
[ 1824.371726][ T5886] usb 2-1: new high-speed USB device number 56 using dummy_hcd
[ 1824.594285][T16213] usb 5-1: config 0 has an invalid interface number: 241 but max is 1
[ 1824.594311][T16213] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1824.594331][T16213] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 2
[ 1824.594351][T16213] usb 5-1: config 0 has no interface number 0
[ 1824.594398][T16213] usb 5-1: config 0 interface 241 altsetting 5 endpoint 0xD has an invalid bInterval 22, changing to 8
[ 1824.594424][T16213] usb 5-1: config 0 interface 241 altsetting 5 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1824.594450][T16213] usb 5-1: config 0 interface 241 has no altsetting 0
[ 1824.594484][T16213] usb 5-1: New USB device found, idVendor=2c42, idProduct=1608, bcdDevice=bd.4b
[ 1824.594506][T16213] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1824.764340][ T5886] usb 2-1: Using ep0 maxpacket: 16
[ 1825.427452][ T5886] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1825.427478][ T5886] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1825.433218][T16213] usb 5-1: config 0 descriptor??
[ 1825.449188][ T5886] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1825.449217][ T5886] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1825.449234][ T5886] usb 2-1: Product: syz
[ 1825.449245][ T5886] usb 2-1: Manufacturer: syz
[ 1825.449257][ T5886] usb 2-1: SerialNumber: syz
[ 1825.513575][T19881] usb 3-1: new full-speed USB device number 75 using dummy_hcd
[ 1825.719874][T16213] usb 5-1: string descriptor 0 read error: -71
[ 1825.734599][T16213] f81232 5-1:0.241: f81534a converter detected
[ 1825.754463][T16213] f81534a ttyUSB0: f81232_set_register failed status: -71
[ 1825.754491][T16213] f81534a ttyUSB0: probe with driver f81534a failed with error -5
[ 1825.779948][T19881] usb 3-1: config 162 has an invalid interface number: 187 but max is 1
[ 1825.779976][T19881] usb 3-1: config 162 has an invalid interface number: 192 but max is 1
[ 1825.779997][T19881] usb 3-1: config 162 has no interface number 0
[ 1825.780012][T19881] usb 3-1: config 162 has no interface number 1
[ 1825.780070][T19881] usb 3-1: config 162 interface 187 altsetting 4 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[ 1825.780674][T19881] usb 3-1: config 162 interface 192 altsetting 1 has a duplicate endpoint with address 0x9, skipping
[ 1825.780700][T19881] usb 3-1: config 162 interface 192 altsetting 1 endpoint 0x2 has invalid maxpacket 512, setting to 64
[ 1825.780727][T19881] usb 3-1: config 162 interface 192 altsetting 1 endpoint 0x3 has invalid maxpacket 1023, setting to 64
[ 1825.780765][T19881] usb 3-1: config 162 interface 192 altsetting 1 has an endpoint descriptor with address 0xA6, changing to 0x86
[ 1825.780790][T19881] usb 3-1: config 162 interface 192 altsetting 1 endpoint 0x86 has invalid maxpacket 23105, setting to 64
[ 1825.780881][T19881] usb 3-1: config 162 interface 192 altsetting 1 has 5 endpoint descriptors, different from the interface descriptor's value: 4
[ 1825.780908][T19881] usb 3-1: config 162 interface 187 has no altsetting 0
[ 1825.780926][T19881] usb 3-1: config 162 interface 192 has no altsetting 0
[ 1825.829818][T19881] usb 3-1: New USB device found, idVendor=13d3, idProduct=3350, bcdDevice=74.1e
[ 1825.829855][T19881] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1825.829875][T19881] usb 3-1: Product: syz
[ 1825.829889][T19881] usb 3-1: Manufacturer: syz
[ 1825.829904][T19881] usb 3-1: SerialNumber: syz
[ 1825.843919][ T2105] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6621'.
[ 1825.843969][ T2105] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6621'.
[ 1825.844388][ T2105] 8021q: VLANs not supported on lo
[ 1825.970341][T16213] usb 5-1: USB disconnect, device number 14
[ 1825.982281][T16213] f81232 5-1:0.241: device disconnected
[ 1826.339714][ T2112] input: syz0 as /devices/virtual/input/input135
[ 1826.942185][ T5886] usb 2-1: 0:2 : does not exist
[ 1826.948085][ T5886] usb 2-1: 5:0: failed to get current value for ch 0 (-22)
[ 1827.058372][ T5886] usb 2-1: USB disconnect, device number 56
[ 1827.061180][T19881] usb 3-1: ath9k_htc: Device endpoint numbers are not the expected ones
[ 1827.138364][T19881] usb 3-1: ath9k_htc: Device endpoint numbers are not the expected ones
[ 1827.162495][T19881] usb 3-1: USB disconnect, device number 75
[ 1827.276089][ T6150] usb 4-1: new full-speed USB device number 55 using dummy_hcd
[ 1827.444537][ T6150] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1827.444565][ T6150] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1827.447678][ T6150] usb 4-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a
[ 1827.447707][ T6150] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1827.447727][ T6150] usb 4-1: Product: syz
[ 1827.447742][ T6150] usb 4-1: Manufacturer: syz
[ 1827.447757][ T6150] usb 4-1: SerialNumber: syz
[ 1827.465007][ T6150] usb 4-1: config 0 descriptor??
[ 1827.967720][ T2133] input: syz0 as /devices/virtual/input/input136
[ 1828.501915][ T6150] usb 1-1: new high-speed USB device number 98 using dummy_hcd
[ 1828.793141][ T6150] usb 1-1: Using ep0 maxpacket: 32
[ 1828.888997][ T6150] usb 1-1: config 0 has an invalid interface number: 12 but max is 0
[ 1828.889038][ T6150] usb 1-1: config 0 has no interface number 0
[ 1828.889098][ T6150] usb 1-1: config 0 interface 12 has no altsetting 0
[ 1828.921325][ T6150] usb 1-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[ 1828.921358][ T6150] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1828.921377][ T6150] usb 1-1: Product: syz
[ 1828.921392][ T6150] usb 1-1: Manufacturer: syz
[ 1828.921406][ T6150] usb 1-1: SerialNumber: syz
[ 1828.988697][ T6150] usb 1-1: config 0 descriptor??
[ 1829.848989][ T2144] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[ 1829.849285][ T2144] overlayfs: overlapping lowerdir path
[ 1830.058121][ T8059] usb 4-1: USB disconnect, device number 55
[ 1830.592571][ T8059] usb 5-1: new full-speed USB device number 15 using dummy_hcd
[ 1830.759542][ T8059] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1830.759641][ T8059] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1830.759681][ T8059] usb 5-1: New USB device found, idVendor=28bd, idProduct=0075, bcdDevice= 0.00
[ 1830.759705][ T8059] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1830.836627][ T8059] usb 5-1: config 0 descriptor??
[ 1831.092368][ T6150] f81534 1-1:0.12: f81534_set_register: reg: 1002 data: 0 failed: -71
[ 1831.093262][ T6150] f81534 1-1:0.12: f81534_find_config_idx: read failed: -71
[ 1831.093328][ T6150] f81534 1-1:0.12: f81534_calc_num_ports: find idx failed: -71
[ 1831.094017][ T6150] f81534 1-1:0.12: probe with driver f81534 failed with error -71
[ 1831.250674][ T2161] input: syz0 as /devices/virtual/input/input137
[ 1831.792984][ T8059] uclogic 0003:28BD:0075.006F: interface is invalid, ignoring
[ 1831.806613][ T6150] usb 1-1: USB disconnect, device number 98
[ 1832.636158][ T8059] usb 5-1: USB disconnect, device number 15
[ 1832.739041][ T2174] overlayfs: "xino" feature enabled using 3 upper inode bits.
[ 1833.605683][ T8059] usb 4-1: new full-speed USB device number 56 using dummy_hcd
[ 1833.994144][ T8059] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1833.994172][ T8059] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1834.188265][ T8059] usb 4-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a
[ 1834.188329][ T8059] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1834.188563][ T8059] usb 4-1: Product: syz
[ 1834.188579][ T8059] usb 4-1: Manufacturer: syz
[ 1834.188811][ T8059] usb 4-1: SerialNumber: syz
[ 1834.327638][ T8059] usb 4-1: config 0 descriptor??
[ 1835.805600][ T2197] syz.0.6646 (2197): drop_caches: 2
[ 1836.593550][ T5809] Bluetooth: hci3: unexpected event for opcode 0x2029
[ 1836.663044][ T8059] usb 4-1: USB disconnect, device number 56
[ 1836.931016][ T2211] overlayfs: "xino" feature enabled using 3 upper inode bits.
[ 1836.987287][ T5914] usb 1-1: new high-speed USB device number 99 using dummy_hcd
[ 1837.297464][ T2213] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1837.365985][ T5914] usb 1-1: Using ep0 maxpacket: 32
[ 1837.368369][ T5914] usb 1-1: config 0 has an invalid interface number: 51 but max is 0
[ 1837.368394][ T5914] usb 1-1: config 0 has no interface number 0
[ 1837.372371][ T5914] usb 1-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[ 1837.372399][ T5914] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1837.372419][ T5914] usb 1-1: Product: syz
[ 1837.372433][ T5914] usb 1-1: Manufacturer: syz
[ 1837.372448][ T5914] usb 1-1: SerialNumber: syz
[ 1837.454681][ T5914] usb 1-1: config 0 descriptor??
[ 1837.461646][ T5914] quatech2 1-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[ 1837.530775][ T5809] Bluetooth: hci1: unexpected event for opcode 0x2029
[ 1837.902676][ T5809] Bluetooth: hci2: command 0x0406 tx timeout
[ 1838.097198][ T8059] usb 3-1: new high-speed USB device number 76 using dummy_hcd
[ 1838.411989][ T2234] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[ 1838.414049][ T2234] overlayfs: overlapping lowerdir path
[ 1838.526211][    C1] usb 1-1: qt2_read_bulk_callback - non-zero urb status: -71
[ 1838.529531][ T5914] usb 1-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[ 1838.533865][ T5914] usb 1-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[ 1838.538231][ T5914] usb 1-1: USB disconnect, device number 99
[ 1838.558281][ T5914] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[ 1838.564601][ T5914] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[ 1838.565185][ T5914] quatech2 1-1:0.51: device disconnected
[ 1838.612685][ T8059] usb 3-1: Using ep0 maxpacket: 32
[ 1838.614377][ T8059] usb 3-1: config 0 has an invalid interface number: 51 but max is 0
[ 1838.614391][ T8059] usb 3-1: config 0 has no interface number 0
[ 1838.616297][ T8059] usb 3-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[ 1838.616312][ T8059] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1838.616323][ T8059] usb 3-1: Product: syz
[ 1838.616331][ T8059] usb 3-1: Manufacturer: syz
[ 1838.616339][ T8059] usb 3-1: SerialNumber: syz
[ 1838.619327][ T8059] usb 3-1: config 0 descriptor??
[ 1838.743539][ T8059] quatech2 3-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[ 1838.843318][ T2223] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[ 1839.146245][ T2249] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6661'.
[ 1839.147005][ T2249] veth0: entered promiscuous mode
[ 1839.782752][T18455] usb 4-1: new high-speed USB device number 57 using dummy_hcd
[ 1840.053659][T18455] usb 4-1: Using ep0 maxpacket: 16
[ 1840.056607][T18455] usb 4-1: config 0 contains an unexpected descriptor of type 0x2, skipping
[ 1840.056632][T18455] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1840.056731][T18455] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1840.118168][T18455] usb 4-1: New USB device found, idVendor=2040, idProduct=c604, bcdDevice=1a.20
[ 1840.118198][T18455] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1840.118219][T18455] usb 4-1: Product: syz
[ 1840.118234][T18455] usb 4-1: Manufacturer: syz
[ 1840.118249][T18455] usb 4-1: SerialNumber: syz
[ 1840.273439][ T8059] usb 3-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[ 1840.323638][T18455] usb 4-1: config 0 descriptor??
[ 1840.324594][    C0] usb 3-1: qt2_read_bulk_callback - non-zero urb status: -71
[ 1840.328454][ T8059] usb 3-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[ 1840.332891][ T8059] usb 3-1: USB disconnect, device number 76
[ 1840.341319][ T8059] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[ 1840.346769][ T8059] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[ 1840.347438][ T8059] quatech2 3-1:0.51: device disconnected
[ 1840.570369][ T2248] veth0: left promiscuous mode
[ 1840.579797][ T2264] overlayfs: "xino" feature enabled using 3 upper inode bits.
[ 1840.729582][T18455] usb 4-1: USB disconnect, device number 57
[ 1841.289965][ T8059] usb 2-1: new high-speed USB device number 57 using dummy_hcd
[ 1841.809821][T11191] usb 1-1: new high-speed USB device number 100 using dummy_hcd
[ 1841.987371][T11191] usb 1-1: too many configurations: 33, using maximum allowed: 8
[ 1842.070697][ T8059] usb 2-1: too many configurations: 33, using maximum allowed: 8
[ 1842.072561][T11191] usb 1-1: New USB device found, idVendor=0eb1, idProduct=6668, bcdDevice=57.b8
[ 1842.072588][T11191] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1842.072604][T11191] usb 1-1: Product: syz
[ 1842.072618][T11191] usb 1-1: Manufacturer: syz
[ 1842.072633][T11191] usb 1-1: SerialNumber: syz
[ 1842.092797][T11191] usb 1-1: config 0 descriptor??
[ 1842.134869][ T8059] usb 2-1: New USB device found, idVendor=0eb1, idProduct=6668, bcdDevice=57.b8
[ 1842.134899][ T8059] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1842.134935][ T8059] usb 2-1: Product: syz
[ 1842.134950][ T8059] usb 2-1: Manufacturer: syz
[ 1842.134963][ T8059] usb 2-1: SerialNumber: syz
[ 1842.143788][ T8059] usb 2-1: config 0 descriptor??
[ 1842.183630][T11191] go7007-loader 1-1:0.0: can't handle multiple config
[ 1842.183651][T11191] go7007-loader 1-1:0.0: probe failed
[ 1842.204684][ T8059] go7007-loader 2-1:0.0: can't handle multiple config
[ 1842.204706][ T8059] go7007-loader 2-1:0.0: probe failed
[ 1843.972438][T16213] usb 1-1: USB disconnect, device number 100
[ 1844.030210][ T8059] usb 3-1: new high-speed USB device number 77 using dummy_hcd
[ 1844.263092][ T8059] usb 3-1: Using ep0 maxpacket: 8
[ 1844.472707][ T8059] usb 3-1: config 179 has an invalid interface number: 65 but max is 0
[ 1844.472735][ T8059] usb 3-1: config 179 has no interface number 0
[ 1844.472790][ T8059] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[ 1844.472816][ T8059] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[ 1844.472844][ T8059] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[ 1844.472869][ T8059] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[ 1844.472902][ T8059] usb 3-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[ 1844.472945][ T8059] usb 3-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[ 1844.472964][ T8059] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1844.611437][ T5914] usb 2-1: USB disconnect, device number 57
[ 1845.007521][ T2315] syz.4.6676 (2315): drop_caches: 2
[ 1845.834744][ T2304] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22
[ 1847.869575][ T2322] netlink: 'syz.1.6679': attribute type 12 has an invalid length.
[ 1848.203953][ T2329] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6678'.
[ 1848.878450][    C0] xpad 3-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[ 1848.878520][    C0] xpad 3-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[ 1848.879055][T18205] usb 3-1: USB disconnect, device number 77
[ 1850.523506][ T2318] usb 3-1: new high-speed USB device number 78 using dummy_hcd
[ 1850.790591][ T2318] usb 3-1: Using ep0 maxpacket: 16
[ 1850.824485][T10361] usb 4-1: new high-speed USB device number 58 using dummy_hcd
[ 1851.133612][ T2318] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1851.133638][ T2318] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1851.135913][ T2318] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1851.135929][ T2318] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1851.135940][ T2318] usb 3-1: Product: syz
[ 1851.135947][ T2318] usb 3-1: Manufacturer: syz
[ 1851.135955][ T2318] usb 3-1: SerialNumber: syz
[ 1851.164954][T10361] usb 4-1: too many configurations: 33, using maximum allowed: 8
[ 1851.240695][T10361] usb 4-1: New USB device found, idVendor=0eb1, idProduct=6668, bcdDevice=57.b8
[ 1851.240725][T10361] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1851.240745][T10361] usb 4-1: Product: syz
[ 1851.240758][T10361] usb 4-1: Manufacturer: syz
[ 1851.240773][T10361] usb 4-1: SerialNumber: syz
[ 1851.286053][T10361] usb 4-1: config 0 descriptor??
[ 1851.309669][ T2367] FAULT_INJECTION: forcing a failure.
[ 1851.309669][ T2367] name failslab, interval 1, probability 0, space 0, times 0
[ 1851.309708][ T2367] CPU: 0 UID: 0 PID: 2367 Comm: syz.0.6692 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1851.309735][ T2367] Tainted: [L]=SOFTLOCKUP
[ 1851.309743][ T2367] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1851.309755][ T2367] Call Trace:
[ 1851.309763][ T2367]  <TASK>
[ 1851.309772][ T2367]  dump_stack_lvl+0xe8/0x150
[ 1851.309803][ T2367]  should_fail_ex+0x46c/0x600
[ 1851.309836][ T2367]  should_failslab+0xa8/0x100
[ 1851.309857][ T2367]  __kmalloc_noprof+0xe0/0x7e0
[ 1851.309884][ T2367]  ? tomoyo_encode+0x28b/0x550
[ 1851.309908][ T2367]  tomoyo_encode+0x28b/0x550
[ 1851.309934][ T2367]  tomoyo_realpath_from_path+0x58d/0x5d0
[ 1851.309966][ T2367]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 1851.309993][ T2367]  tomoyo_path_number_perm+0x1e8/0x5a0
[ 1851.310021][ T2367]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1851.310045][ T2367]  ? __lock_acquire+0x6b6/0x2cf0
[ 1851.310074][ T2367]  ? do_raw_spin_lock+0x121/0x290
[ 1851.310133][ T2367]  ? __fget_files+0x2a/0x420
[ 1851.310156][ T2367]  ? __fget_files+0x2a/0x420
[ 1851.310175][ T2367]  ? __fget_files+0x3a6/0x420
[ 1851.310194][ T2367]  ? __fget_files+0x2a/0x420
[ 1851.310219][ T2367]  security_file_ioctl+0xcb/0x2d0
[ 1851.310249][ T2367]  __se_sys_ioctl+0x47/0x170
[ 1851.310275][ T2367]  do_syscall_64+0xec/0xf80
[ 1851.310295][ T2367]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1851.310316][ T2367]  ? clear_bhb_loop+0x60/0xb0
[ 1851.310340][ T2367]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1851.310359][ T2367] RIP: 0033:0x7f81a613f749
[ 1851.310382][ T2367] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1851.310400][ T2367] RSP: 002b:00007f81a439e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1851.310422][ T2367] RAX: ffffffffffffffda RBX: 00007f81a6395fa0 RCX: 00007f81a613f749
[ 1851.310437][ T2367] RDX: 0000200000000200 RSI: 00000000c0845657 RDI: 0000000000000003
[ 1851.310451][ T2367] RBP: 00007f81a439e090 R08: 0000000000000000 R09: 0000000000000000
[ 1851.310464][ T2367] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1851.310481][ T2367] R13: 00007f81a6396038 R14: 00007f81a6395fa0 R15: 00007ffd796e5dd8
[ 1851.310517][ T2367]  </TASK>
[ 1851.310600][ T2367] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1851.356077][T10361] go7007-loader 4-1:0.0: can't handle multiple config
[ 1851.356100][T10361] go7007-loader 4-1:0.0: probe failed
[ 1851.609756][T18205] usb 4-1: USB disconnect, device number 58
[ 1851.678548][ T2370] netlink: 'syz.0.6693': attribute type 12 has an invalid length.
[ 1851.916703][ T2318] usb 3-1: cannot find UAC_HEADER
[ 1851.950271][ T2318] snd-usb-audio 3-1:1.0: probe with driver snd-usb-audio failed with error -22
[ 1852.161336][ T2381] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6695'.
[ 1852.823915][T10361] usb 3-1: USB disconnect, device number 78
[ 1853.293258][ T2400] overlayfs: "xino" feature enabled using 3 upper inode bits.
[ 1853.351850][T18205] usb 4-1: new high-speed USB device number 59 using dummy_hcd
[ 1853.394933][ T2318] usb 2-1: new high-speed USB device number 58 using dummy_hcd
[ 1853.425644][ T2402] Bluetooth: hci0: unsupported parameter 255
[ 1853.425659][ T2402] Bluetooth: hci0: invalid length 0, exp 2 for type 0
[ 1853.830839][T18205] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 1853.830927][T18205] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1853.830948][T18205] usb 4-1: Product: syz
[ 1853.830963][T18205] usb 4-1: Manufacturer: syz
[ 1853.830978][T18205] usb 4-1: SerialNumber: syz
[ 1854.927336][T18205] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 1855.200019][ T2318] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 1855.200050][ T2318] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1855.200072][ T2318] usb 2-1: Product: syz
[ 1855.200086][ T2318] usb 2-1: Manufacturer: syz
[ 1855.200101][ T2318] usb 2-1: SerialNumber: syz
[ 1855.222342][ T2318] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 1855.302396][T16213] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 1855.327824][T18205] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 1855.627948][ T2397] FAULT_INJECTION: forcing a failure.
[ 1855.627948][ T2397] name failslab, interval 1, probability 0, space 0, times 0
[ 1855.628161][ T2397] CPU: 0 UID: 0 PID: 2397 Comm: syz.1.6700 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1855.628193][ T2397] Tainted: [L]=SOFTLOCKUP
[ 1855.628199][ T2397] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1855.628212][ T2397] Call Trace:
[ 1855.628219][ T2397]  <TASK>
[ 1855.628229][ T2397]  dump_stack_lvl+0xe8/0x150
[ 1855.628257][ T2397]  should_fail_ex+0x46c/0x600
[ 1855.628286][ T2397]  should_failslab+0xa8/0x100
[ 1855.628307][ T2397]  __kmalloc_noprof+0xe0/0x7e0
[ 1855.628331][ T2397]  ? kfree+0x4d/0x900
[ 1855.628349][ T2397]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 1855.628374][ T2397]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 1855.628395][ T2397]  ? tomoyo_domain+0xd9/0x130
[ 1855.628419][ T2397]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 1855.628445][ T2397]  tomoyo_path_number_perm+0x1e8/0x5a0
[ 1855.628471][ T2397]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1855.628493][ T2397]  ? __lock_acquire+0x6b6/0x2cf0
[ 1855.628520][ T2397]  ? rcu_is_watching+0x15/0xb0
[ 1855.628568][ T2397]  ? __fget_files+0x2a/0x420
[ 1855.628591][ T2397]  ? __fget_files+0x2a/0x420
[ 1855.628609][ T2397]  ? __fget_files+0x3a6/0x420
[ 1855.628626][ T2397]  ? __fget_files+0x2a/0x420
[ 1855.628650][ T2397]  security_file_ioctl+0xcb/0x2d0
[ 1855.628678][ T2397]  __se_sys_ioctl+0x47/0x170
[ 1855.628704][ T2397]  do_syscall_64+0xec/0xf80
[ 1855.628722][ T2397]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1855.628743][ T2397]  ? clear_bhb_loop+0x60/0xb0
[ 1855.628767][ T2397]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1855.628786][ T2397] RIP: 0033:0x7f66937bf34b
[ 1855.628804][ T2397] Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 1c 48 8b 44 24 18 64 48 2b 04 25 28 00 00
[ 1855.628820][ T2397] RSP: 002b:00007f6691a1cf70 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1855.628839][ T2397] RAX: ffffffffffffffda RBX: 0000000000000184 RCX: 00007f66937bf34b
[ 1855.628852][ T2397] RDX: 00007f6691a1cff0 RSI: 0000000040085507 RDI: 0000000000000003
[ 1855.628863][ T2397] RBP: 0000000000000003 R08: 00007f6693b40320 R09: 0000000000000000
[ 1855.628874][ T2397] R10: 0000000000000003 R11: 0000000000000246 R12: 0000200000000000
[ 1855.628884][ T2397] R13: 000000000000000a R14: 00007f6693a15fa0 R15: 00007ffe23c49948
[ 1855.628935][ T2397]  </TASK>
[ 1855.629079][ T2397] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1855.647965][ T2542] netlink: 'syz.4.6707': attribute type 12 has an invalid length.
[ 1855.863253][ T2553] FAULT_INJECTION: forcing a failure.
[ 1855.863253][ T2553] name failslab, interval 1, probability 0, space 0, times 0
[ 1855.863290][ T2553] CPU: 1 UID: 0 PID: 2553 Comm: syz.0.6710 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1855.863318][ T2553] Tainted: [L]=SOFTLOCKUP
[ 1855.863325][ T2553] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1855.863338][ T2553] Call Trace:
[ 1855.863347][ T2553]  <TASK>
[ 1855.863356][ T2553]  dump_stack_lvl+0xe8/0x150
[ 1855.863386][ T2553]  should_fail_ex+0x46c/0x600
[ 1855.863418][ T2553]  should_failslab+0xa8/0x100
[ 1855.863440][ T2553]  __kmalloc_noprof+0xe0/0x7e0
[ 1855.863466][ T2553]  ? kfree+0x4d/0x900
[ 1855.863487][ T2553]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 1855.863515][ T2553]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 1855.863537][ T2553]  ? tomoyo_domain+0xd9/0x130
[ 1855.863567][ T2553]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 1855.863594][ T2553]  tomoyo_path_number_perm+0x1e8/0x5a0
[ 1855.863622][ T2553]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1855.863646][ T2553]  ? __lock_acquire+0x6b6/0x2cf0
[ 1855.863674][ T2553]  ? do_raw_spin_lock+0x121/0x290
[ 1855.863733][ T2553]  ? __fget_files+0x2a/0x420
[ 1855.863758][ T2553]  ? __fget_files+0x2a/0x420
[ 1855.863777][ T2553]  ? __fget_files+0x3a6/0x420
[ 1855.863796][ T2553]  ? __fget_files+0x2a/0x420
[ 1855.863821][ T2553]  security_file_ioctl+0xcb/0x2d0
[ 1855.863850][ T2553]  __se_sys_ioctl+0x47/0x170
[ 1855.863877][ T2553]  do_syscall_64+0xec/0xf80
[ 1855.863897][ T2553]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1855.863915][ T2553]  ? trace_irq_disable+0x37/0x100
[ 1855.863936][ T2553]  ? clear_bhb_loop+0x60/0xb0
[ 1855.863960][ T2553]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1855.863978][ T2553] RIP: 0033:0x7f81a613f749
[ 1855.863997][ T2553] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1855.864014][ T2553] RSP: 002b:00007f81a439e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1855.864036][ T2553] RAX: ffffffffffffffda RBX: 00007f81a6395fa0 RCX: 00007f81a613f749
[ 1855.864051][ T2553] RDX: 0000200000000100 RSI: 00000000c0405668 RDI: 0000000000000003
[ 1855.864065][ T2553] RBP: 00007f81a439e090 R08: 0000000000000000 R09: 0000000000000000
[ 1855.864078][ T2553] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1855.864090][ T2553] R13: 00007f81a6396038 R14: 00007f81a6395fa0 R15: 00007ffd796e5dd8
[ 1855.864132][ T2553]  </TASK>
[ 1855.864231][ T2553] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1855.894845][T19881] usb 2-1: USB disconnect, device number 58
[ 1855.927708][ T5972] usb 4-1: USB disconnect, device number 59
[ 1856.061032][T10361] usb 3-1: new high-speed USB device number 79 using dummy_hcd
[ 1856.226034][T10361] usb 3-1: too many configurations: 33, using maximum allowed: 8
[ 1856.280469][T10361] usb 3-1: New USB device found, idVendor=0eb1, idProduct=6668, bcdDevice=57.b8
[ 1856.280493][T10361] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1856.280504][T10361] usb 3-1: Product: syz
[ 1856.280512][T10361] usb 3-1: Manufacturer: syz
[ 1856.280519][T10361] usb 3-1: SerialNumber: syz
[ 1856.283847][T10361] usb 3-1: config 0 descriptor??
[ 1856.287319][T10361] go7007-loader 3-1:0.0: can't handle multiple config
[ 1856.287331][T10361] go7007-loader 3-1:0.0: probe failed
[ 1856.520736][T18205] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive
[ 1856.521229][T18205] ath9k_htc: Failed to initialize the device
[ 1856.574539][T19881] usb 2-1: ath9k_htc: USB layer deinitialized
[ 1856.604965][T16213] ath9k_htc 4-1:1.0: ath9k_htc: Target is unresponsive
[ 1856.605124][T16213] ath9k_htc: Failed to initialize the device
[ 1856.607336][ T5972] usb 4-1: ath9k_htc: USB layer deinitialized
[ 1856.651693][T14116] Bluetooth: hci3: Ignoring HCI_Connection_Complete for existing connection
[ 1856.911524][ T2318] usb 3-1: USB disconnect, device number 79
[ 1857.376301][ T2564] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[ 1857.386865][ T2564] overlayfs: overlapping lowerdir path
[ 1857.640287][ T1317] ieee802154 phy0 wpan0: encryption failed: -22
[ 1857.640352][ T1317] ieee802154 phy1 wpan1: encryption failed: -22
[ 1858.383149][ T2704] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[ 1858.383646][ T2704] overlayfs: overlapping lowerdir path
[ 1858.730682][ T2708] bond1: entered promiscuous mode
[ 1858.730705][ T2708] bond1: entered allmulticast mode
[ 1858.731101][ T2708] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1859.119537][ T2725] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[ 1859.123317][ T2725] overlayfs: overlapping lowerdir path
[ 1859.431759][ T2733] netlink: 20 bytes leftover after parsing attributes in process `syz.4.6723'.
[ 1862.683862][T14116] Bluetooth: hci3: unexpected event for opcode 0x2029
[ 1862.747032][ T2763] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6732'.
[ 1862.942972][T10361] usb 1-1: new high-speed USB device number 101 using dummy_hcd
[ 1863.105640][T10361] usb 1-1: Using ep0 maxpacket: 32
[ 1863.108156][T10361] usb 1-1: config 0 has an invalid interface number: 51 but max is 0
[ 1863.108180][T10361] usb 1-1: config 0 has no interface number 0
[ 1863.111455][T10361] usb 1-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[ 1863.111482][T10361] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1863.111503][T10361] usb 1-1: Product: syz
[ 1863.111517][T10361] usb 1-1: Manufacturer: syz
[ 1863.111532][T10361] usb 1-1: SerialNumber: syz
[ 1863.635173][ T5972] usb 4-1: new high-speed USB device number 60 using dummy_hcd
[ 1863.657452][T10361] usb 1-1: config 0 descriptor??
[ 1863.670012][T10361] quatech2 1-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[ 1863.842513][ T5972] usb 4-1: device descriptor read/64, error -71
[ 1863.960776][ T2784] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[ 1863.961079][ T2784] overlayfs: overlapping lowerdir path
[ 1864.114080][ T5972] usb 4-1: new high-speed USB device number 61 using dummy_hcd
[ 1864.136049][ T8059] usb 3-1: new high-speed USB device number 80 using dummy_hcd
[ 1864.258614][ T5972] usb 4-1: device descriptor read/64, error -71
[ 1864.319792][T10361] usb 1-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[ 1864.380031][ T5972] usb usb4-port1: attempt power cycle
[ 1864.390100][ T8059] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[ 1864.390118][ T8059] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0
[ 1864.390131][ T8059] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[ 1864.390144][ T8059] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0
[ 1864.390182][ T8059] usb 3-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b
[ 1864.390205][ T8059] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1864.628781][T10361] usb 1-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[ 1864.637948][    C1] usb 1-1: qt2_read_bulk_callback - non-zero urb status: -71
[ 1864.661603][T10361] usb 1-1: USB disconnect, device number 101
[ 1864.663484][ T8059] usb 3-1: config 0 descriptor??
[ 1864.706692][T10361] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[ 1864.743773][T10361] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[ 1864.744319][T10361] quatech2 1-1:0.51: device disconnected
[ 1864.874476][ T5972] usb 4-1: new high-speed USB device number 62 using dummy_hcd
[ 1864.896008][ T5972] usb 4-1: device descriptor read/8, error -71
[ 1864.896223][ T8059] hdpvr 3-1:0.0: firmware version 0x12 dated 
[ 1865.165249][ T8059] hdpvr 3-1:0.0: device init failed
[ 1865.165540][ T5972] usb 4-1: new high-speed USB device number 63 using dummy_hcd
[ 1865.165845][ T8059] hdpvr 3-1:0.0: probe with driver hdpvr failed with error -12
[ 1865.172302][ T8059] usb 3-1: USB disconnect, device number 80
[ 1865.187128][ T5972] usb 4-1: device descriptor read/8, error -71
[ 1865.308311][ T5972] usb usb4-port1: unable to enumerate USB device
[ 1867.025056][ T5984] usb 3-1: new full-speed USB device number 81 using dummy_hcd
[ 1867.641054][ T5984] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1867.641082][ T5984] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1867.669832][ T5984] usb 3-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a
[ 1867.669861][ T5984] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1867.669883][ T5984] usb 3-1: Product: syz
[ 1867.669897][ T5984] usb 3-1: Manufacturer: syz
[ 1867.669911][ T5984] usb 3-1: SerialNumber: syz
[ 1867.706806][ T5984] usb 3-1: config 0 descriptor??
[ 1868.179673][ T5984] usb 1-1: new high-speed USB device number 102 using dummy_hcd
[ 1868.710950][ T5984] usb 1-1: Using ep0 maxpacket: 16
[ 1869.483046][ T5984] usb 1-1: config 0 has an invalid interface number: 132 but max is 0
[ 1869.483075][ T5984] usb 1-1: config 0 has no interface number 0
[ 1869.509976][ T5984] usb 1-1: New USB device found, idVendor=05ac, idProduct=0291, bcdDevice=43.25
[ 1869.510007][ T5984] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1869.510027][ T5984] usb 1-1: Product: syz
[ 1869.510042][ T5984] usb 1-1: Manufacturer: syz
[ 1869.510057][ T5984] usb 1-1: SerialNumber: syz
[ 1869.560050][ T5984] usb 1-1: config 0 descriptor??
[ 1869.570477][ T5984] hub 1-1:0.132: bad descriptor, ignoring hub
[ 1869.570515][ T5984] hub 1-1:0.132: probe with driver hub failed with error -5
[ 1869.592371][ T5984] input: bcm5974 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.132/input/input138
[ 1869.693309][ T2840] FAULT_INJECTION: forcing a failure.
[ 1869.693309][ T2840] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1869.693346][ T2840] CPU: 1 UID: 0 PID: 2840 Comm: syz.1.6753 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1869.693374][ T2840] Tainted: [L]=SOFTLOCKUP
[ 1869.693382][ T2840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1869.693394][ T2840] Call Trace:
[ 1869.693402][ T2840]  <TASK>
[ 1869.693411][ T2840]  dump_stack_lvl+0xe8/0x150
[ 1869.693440][ T2840]  should_fail_ex+0x46c/0x600
[ 1869.693472][ T2840]  _copy_from_user+0x2d/0xb0
[ 1869.693493][ T2840]  __sys_sendto+0x262/0x520
[ 1869.693519][ T2840]  ? __pfx___sys_sendto+0x10/0x10
[ 1869.693568][ T2840]  ? ksys_write+0x230/0x260
[ 1869.693597][ T2840]  ? __pfx_ksys_write+0x10/0x10
[ 1869.693628][ T2840]  __x64_sys_sendto+0xde/0x100
[ 1869.693654][ T2840]  do_syscall_64+0xec/0xf80
[ 1869.693674][ T2840]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1869.693693][ T2840]  ? trace_irq_disable+0x37/0x100
[ 1869.693714][ T2840]  ? clear_bhb_loop+0x60/0xb0
[ 1869.693738][ T2840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1869.693757][ T2840] RIP: 0033:0x7f66937bf749
[ 1869.693774][ T2840] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1869.693791][ T2840] RSP: 002b:00007f6691a1e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[ 1869.693812][ T2840] RAX: ffffffffffffffda RBX: 00007f6693a15fa0 RCX: 00007f66937bf749
[ 1869.693828][ T2840] RDX: 0000000000000001 RSI: 0000200000000240 RDI: 0000000000000004
[ 1869.693840][ T2840] RBP: 00007f6691a1e090 R08: 0000200000000080 R09: 000000000000001c
[ 1869.693854][ T2840] R10: 0000000000000051 R11: 0000000000000246 R12: 0000000000000001
[ 1869.693866][ T2840] R13: 00007f6693a16038 R14: 00007f6693a15fa0 R15: 00007ffe23c49948
[ 1869.693907][ T2840]  </TASK>
[ 1869.779016][ T2804] FAULT_INJECTION: forcing a failure.
[ 1869.779016][ T2804] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1869.779052][ T2804] CPU: 1 UID: 0 PID: 2804 Comm: syz.0.6741 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1869.779079][ T2804] Tainted: [L]=SOFTLOCKUP
[ 1869.779087][ T2804] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1869.779100][ T2804] Call Trace:
[ 1869.779108][ T2804]  <TASK>
[ 1869.779117][ T2804]  dump_stack_lvl+0xe8/0x150
[ 1869.779148][ T2804]  should_fail_ex+0x46c/0x600
[ 1869.779180][ T2804]  strncpy_from_user+0x36/0x2c0
[ 1869.779210][ T2804]  getname_flags+0xf3/0x540
[ 1869.779236][ T2804]  do_sys_openat2+0xbc/0x200
[ 1869.779261][ T2804]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1869.779285][ T2804]  ? ksys_write+0x230/0x260
[ 1869.779313][ T2804]  ? __pfx_ksys_write+0x10/0x10
[ 1869.779343][ T2804]  __x64_sys_openat+0x138/0x170
[ 1869.779372][ T2804]  do_syscall_64+0xec/0xf80
[ 1869.779391][ T2804]  ? rcu_is_watching+0x15/0xb0
[ 1869.779409][ T2804]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1869.779429][ T2804]  ? clear_bhb_loop+0x60/0xb0
[ 1869.779453][ T2804]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1869.779472][ T2804] RIP: 0033:0x7f81a613f749
[ 1869.779490][ T2804] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1869.779508][ T2804] RSP: 002b:00007f81a439e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1869.779528][ T2804] RAX: ffffffffffffffda RBX: 00007f81a6395fa0 RCX: 00007f81a613f749
[ 1869.779544][ T2804] RDX: 0000000000000041 RSI: 0000200000000100 RDI: ffffffffffffff9c
[ 1869.779557][ T2804] RBP: 00007f81a439e090 R08: 0000000000000000 R09: 0000000000000000
[ 1869.779570][ T2804] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1869.779582][ T2804] R13: 00007f81a6396038 R14: 00007f81a6395fa0 R15: 00007ffd796e5dd8
[ 1869.779616][ T2804]  </TASK>
[ 1870.860369][T19881] usb 3-1: USB disconnect, device number 81
[ 1870.887042][ T5914] usb 2-1: new full-speed USB device number 59 using dummy_hcd
[ 1871.028148][ T5914] usb 2-1: device descriptor read/64, error -71
[ 1871.288055][ T5914] usb 2-1: new full-speed USB device number 60 using dummy_hcd
[ 1871.428989][ T5914] usb 2-1: device descriptor read/64, error -71
[ 1871.548389][ T5914] usb usb2-port1: attempt power cycle
[ 1871.949359][ T5914] usb 2-1: new full-speed USB device number 61 using dummy_hcd
[ 1871.953609][ T2874] syz.0.6760 (2874): drop_caches: 2
[ 1871.973209][ T5914] usb 2-1: device descriptor read/8, error -71
[ 1872.036106][T19881] usb 4-1: new high-speed USB device number 64 using dummy_hcd
[ 1872.328484][ T5914] usb 2-1: new full-speed USB device number 62 using dummy_hcd
[ 1872.350414][T19881] usb 4-1: Using ep0 maxpacket: 32
[ 1872.351703][ T5914] usb 2-1: device descriptor read/8, error -71
[ 1872.353965][T19881] usb 4-1: config 0 has an invalid interface number: 126 but max is 0
[ 1872.353990][T19881] usb 4-1: config 0 has no interface number 0
[ 1872.354040][T19881] usb 4-1: config 0 interface 126 altsetting 16 bulk endpoint 0x6 has invalid maxpacket 1023
[ 1872.354067][T19881] usb 4-1: config 0 interface 126 altsetting 16 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1872.354090][T19881] usb 4-1: config 0 interface 126 altsetting 16 bulk endpoint 0x82 has invalid maxpacket 0
[ 1872.354114][T19881] usb 4-1: config 0 interface 126 has no altsetting 0
[ 1872.357773][T19881] usb 4-1: New USB device found, idVendor=09c4, idProduct=0011, bcdDevice=b0.1c
[ 1872.357799][T19881] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1872.357820][T19881] usb 4-1: Product: syz
[ 1872.357835][T19881] usb 4-1: Manufacturer: syz
[ 1872.357849][T19881] usb 4-1: SerialNumber: syz
[ 1872.778618][ T5914] usb usb2-port1: unable to enumerate USB device
[ 1872.957925][T19881] usb 4-1: config 0 descriptor??
[ 1872.967492][ T2892] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1873.207004][ T2892] netlink: 24 bytes leftover after parsing attributes in process `syz.3.6766'.
[ 1873.207030][ T2892] netlink: 'syz.3.6766': attribute type 1 has an invalid length.
[ 1873.207044][ T2892] netlink: 72 bytes leftover after parsing attributes in process `syz.3.6766'.
[ 1873.207058][ T2892] netlink: 252 bytes leftover after parsing attributes in process `syz.3.6766'.
[ 1873.207073][ T2892] netlink: 'syz.3.6766': attribute type 1 has an invalid length.
[ 1873.207086][ T2892] netlink: 72 bytes leftover after parsing attributes in process `syz.3.6766'.
[ 1873.465638][T19881] ir_usb 4-1:0.126: IR Dongle converter detected
[ 1873.479809][T19881] usb 4-1: IRDA class descriptor not found, device not bound
[ 1874.156524][T19881] usb 4-1: USB disconnect, device number 64
[ 1874.396002][ T2925] FAULT_INJECTION: forcing a failure.
[ 1874.396002][ T2925] name failslab, interval 1, probability 0, space 0, times 0
[ 1874.396037][ T2925] CPU: 1 UID: 0 PID: 2925 Comm: syz.3.6775 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1874.396065][ T2925] Tainted: [L]=SOFTLOCKUP
[ 1874.396073][ T2925] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1874.396085][ T2925] Call Trace:
[ 1874.396093][ T2925]  <TASK>
[ 1874.396102][ T2925]  dump_stack_lvl+0xe8/0x150
[ 1874.396132][ T2925]  should_fail_ex+0x46c/0x600
[ 1874.396164][ T2925]  should_failslab+0xa8/0x100
[ 1874.396185][ T2925]  __kmalloc_noprof+0xe0/0x7e0
[ 1874.396212][ T2925]  ? tomoyo_encode+0x28b/0x550
[ 1874.396246][ T2925]  tomoyo_encode+0x28b/0x550
[ 1874.396272][ T2925]  tomoyo_realpath_from_path+0x58d/0x5d0
[ 1874.396295][ T2925]  ? tomoyo_domain+0xd9/0x130
[ 1874.396321][ T2925]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 1874.396347][ T2925]  tomoyo_path_number_perm+0x1e8/0x5a0
[ 1874.396375][ T2925]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1874.396399][ T2925]  ? __lock_acquire+0x6b6/0x2cf0
[ 1874.396427][ T2925]  ? do_raw_spin_lock+0x121/0x290
[ 1874.396484][ T2925]  ? __fget_files+0x2a/0x420
[ 1874.396507][ T2925]  ? __fget_files+0x2a/0x420
[ 1874.396526][ T2925]  ? __fget_files+0x3a6/0x420
[ 1874.396545][ T2925]  ? __fget_files+0x2a/0x420
[ 1874.396570][ T2925]  security_file_ioctl+0xcb/0x2d0
[ 1874.396598][ T2925]  __se_sys_ioctl+0x47/0x170
[ 1874.396626][ T2925]  do_syscall_64+0xec/0xf80
[ 1874.396645][ T2925]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1874.396664][ T2925]  ? trace_irq_disable+0x37/0x100
[ 1874.396684][ T2925]  ? clear_bhb_loop+0x60/0xb0
[ 1874.396709][ T2925]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1874.396727][ T2925] RIP: 0033:0x7f8a6de5f749
[ 1874.396746][ T2925] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1874.396763][ T2925] RSP: 002b:00007f8a6c0c6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1874.396784][ T2925] RAX: ffffffffffffffda RBX: 00007f8a6e0b5fa0 RCX: 00007f8a6de5f749
[ 1874.396799][ T2925] RDX: 0000200000000040 RSI: 00000000000089f3 RDI: 0000000000000003
[ 1874.396813][ T2925] RBP: 00007f8a6c0c6090 R08: 0000000000000000 R09: 0000000000000000
[ 1874.396826][ T2925] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1874.396838][ T2925] R13: 00007f8a6e0b6038 R14: 00007f8a6e0b5fa0 R15: 00007fff6c37a068
[ 1874.396873][ T2925]  </TASK>
[ 1874.396894][ T2925] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1876.160925][T14116] Bluetooth: hci3: Ignoring HCI_Connection_Complete for existing connection
[ 1876.417842][ T2943] FAULT_INJECTION: forcing a failure.
[ 1876.417842][ T2943] name failslab, interval 1, probability 0, space 0, times 0
[ 1876.417866][ T2943] CPU: 0 UID: 0 PID: 2943 Comm: syz.2.6779 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1876.417881][ T2943] Tainted: [L]=SOFTLOCKUP
[ 1876.417885][ T2943] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1876.417893][ T2943] Call Trace:
[ 1876.417897][ T2943]  <TASK>
[ 1876.417902][ T2943]  dump_stack_lvl+0xe8/0x150
[ 1876.417921][ T2943]  should_fail_ex+0x46c/0x600
[ 1876.417938][ T2943]  ? __alloc_skb+0x1dc/0x3a0
[ 1876.417950][ T2943]  should_failslab+0xa8/0x100
[ 1876.417962][ T2943]  ? __alloc_skb+0x1dc/0x3a0
[ 1876.417972][ T2943]  kmem_cache_alloc_node_noprof+0x8b/0x6f0
[ 1876.417988][ T2943]  ? lockdep_hardirqs_on+0x7b/0x110
[ 1876.418000][ T2943]  ? __alloc_skb+0x198/0x3a0
[ 1876.418012][ T2943]  __alloc_skb+0x1dc/0x3a0
[ 1876.418025][ T2943]  netlink_sendmsg+0x5c6/0xb30
[ 1876.418039][ T2943]  ? unwind_next_frame+0xa5/0x23d0
[ 1876.418059][ T2943]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1876.418077][ T2943]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1876.418091][ T2943]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1876.418105][ T2943]  __sock_sendmsg+0x21c/0x270
[ 1876.418124][ T2943]  ____sys_sendmsg+0x534/0x810
[ 1876.418140][ T2943]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1876.418158][ T2943]  ? import_iovec+0x74/0xa0
[ 1876.418171][ T2943]  ___sys_sendmsg+0x21f/0x2a0
[ 1876.418185][ T2943]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1876.418201][ T2943]  ? kstrtouint+0x6e/0xe0
[ 1876.418228][ T2943]  ? __fget_files+0x2a/0x420
[ 1876.418239][ T2943]  ? __fget_files+0x3a6/0x420
[ 1876.418256][ T2943]  __sys_sendmmsg+0x22d/0x430
[ 1876.418272][ T2943]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1876.418290][ T2943]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[ 1876.418319][ T2943]  ? ksys_write+0x230/0x260
[ 1876.418336][ T2943]  ? __pfx_ksys_write+0x10/0x10
[ 1876.418354][ T2943]  __x64_sys_sendmmsg+0xa0/0xc0
[ 1876.418368][ T2943]  do_syscall_64+0xec/0xf80
[ 1876.418378][ T2943]  ? rcu_is_watching+0x15/0xb0
[ 1876.418387][ T2943]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1876.418398][ T2943]  ? clear_bhb_loop+0x60/0xb0
[ 1876.418411][ T2943]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1876.418420][ T2943] RIP: 0033:0x7fdcc805f749
[ 1876.418431][ T2943] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1876.418440][ T2943] RSP: 002b:00007fdcc62c6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1876.418451][ T2943] RAX: ffffffffffffffda RBX: 00007fdcc82b5fa0 RCX: 00007fdcc805f749
[ 1876.418459][ T2943] RDX: 040000000000009f RSI: 00002000000002c0 RDI: 0000000000000004
[ 1876.418467][ T2943] RBP: 00007fdcc62c6090 R08: 0000000000000000 R09: 0000000000000000
[ 1876.418473][ T2943] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1876.418480][ T2943] R13: 00007fdcc82b6038 R14: 00007fdcc82b5fa0 R15: 00007fff802feb48
[ 1876.418497][ T2943]  </TASK>
[ 1876.810766][ T6510] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[ 1877.323001][ T6510] usb 5-1: Using ep0 maxpacket: 8
[ 1877.517502][ T2963] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[ 1877.520155][ T2963] overlayfs: overlapping lowerdir path
[ 1877.660489][ T6510] usb 5-1: config 10 has an invalid interface number: 4 but max is 1
[ 1877.660535][ T6510] usb 5-1: config 10 has an invalid interface number: 228 but max is 1
[ 1877.660555][ T6510] usb 5-1: config 10 has an invalid descriptor of length 0, skipping remainder of the config
[ 1877.660573][ T6510] usb 5-1: config 10 has 3 interfaces, different from the descriptor's value: 2
[ 1877.660593][ T6510] usb 5-1: config 10 has no interface number 1
[ 1877.661493][ T6510] usb 5-1: config 10 has no interface number 2
[ 1877.664186][ T6510] usb 5-1: config 10 interface 4 altsetting 15 endpoint 0xE has an invalid bInterval 230, changing to 11
[ 1877.664217][ T6510] usb 5-1: config 10 interface 4 altsetting 15 endpoint 0x7 has invalid maxpacket 1024, setting to 64
[ 1877.664243][ T6510] usb 5-1: too many endpoints for config 10 interface 0 altsetting 172: 161, using maximum allowed: 30
[ 1877.735521][ T6510] usb 5-1: config 10 interface 0 altsetting 172 has 0 endpoint descriptors, different from the interface descriptor's value: 161
[ 1877.736076][ T6510] usb 5-1: config 10 interface 228 altsetting 127 endpoint 0xA has invalid maxpacket 512, setting to 64
[ 1877.736241][ T6510] usb 5-1: config 10 interface 228 altsetting 127 has a duplicate endpoint with address 0xE, skipping
[ 1877.736720][ T6510] usb 5-1: config 10 interface 228 altsetting 127 has an invalid descriptor for endpoint zero, skipping
[ 1877.736744][ T6510] usb 5-1: config 10 interface 228 altsetting 127 endpoint 0xD has invalid maxpacket 1023, setting to 64
[ 1877.736772][ T6510] usb 5-1: config 10 interface 228 altsetting 127 has an invalid descriptor for endpoint zero, skipping
[ 1877.736791][ T6510] usb 5-1: config 10 interface 228 altsetting 127 has 8 endpoint descriptors, different from the interface descriptor's value: 11
[ 1877.743479][ T6510] usb 5-1: config 10 interface 4 has no altsetting 0
[ 1877.743632][ T6510] usb 5-1: config 10 interface 0 has no altsetting 0
[ 1877.743713][ T6510] usb 5-1: config 10 interface 228 has no altsetting 0
[ 1877.911379][ T6510] usb 5-1: New USB device found, idVendor=19d2, idProduct=0058, bcdDevice=b3.28
[ 1877.911398][ T6510] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1877.911409][ T6510] usb 5-1: Product: 䠔꤯䣛��樔�寮ཿ亸儩��䙹躠芑愈팸婔饷蟓䩭៯无�ꄶ⣉鎖⽫ѻ帎觭㶘⦆�筞䗰₃���擀襗룲퓈䜳ㅖ꞊�洪녙�䇶栘��ਸ਼��儰뤦☯盋�솚㷰∠�㖌
[ 1877.911423][ T6510] usb 5-1: Manufacturer: �☿䞦㾰躃��莖墖븀˙킆̀鞭ᚃ뭽悺쥊봬ؔ胿�ዡ鷑ᑚꢯꃈᙇ韗溶ᾭ⧺툛➞晄貚䈀賺꽣俩솬ꗅ
[ 1877.911434][ T6510] usb 5-1: SerialNumber: syz
[ 1878.152906][ T2948] 9p: Bad value for 'rfdno'
[ 1878.166833][ T5984] usb 1-1: USB disconnect, device number 102
[ 1878.297416][ T6510] option 5-1:10.228: GSM modem (1-port) converter detected
[ 1878.525724][ T6510] usb 5-1: USB disconnect, device number 16
[ 1878.537945][ T6510] option 5-1:10.228: device disconnected
[ 1879.306555][ T2977] input: syz0 as /devices/virtual/input/input139
[ 1879.360232][ T2983] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6790'.
[ 1879.576666][ T2991] FAULT_INJECTION: forcing a failure.
[ 1879.576666][ T2991] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1879.576702][ T2991] CPU: 0 UID: 0 PID: 2991 Comm: syz.0.6793 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1879.576730][ T2991] Tainted: [L]=SOFTLOCKUP
[ 1879.576738][ T2991] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1879.576751][ T2991] Call Trace:
[ 1879.576760][ T2991]  <TASK>
[ 1879.576769][ T2991]  dump_stack_lvl+0xe8/0x150
[ 1879.576799][ T2991]  should_fail_ex+0x46c/0x600
[ 1879.576831][ T2991]  _copy_to_user+0x31/0xb0
[ 1879.576854][ T2991]  simple_read_from_buffer+0xe1/0x170
[ 1879.576881][ T2991]  proc_fail_nth_read+0x1b6/0x220
[ 1879.576912][ T2991]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1879.576943][ T2991]  ? rw_verify_area+0x2ac/0x4e0
[ 1879.576974][ T2991]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1879.577003][ T2991]  vfs_read+0x206/0xa30
[ 1879.577038][ T2991]  ? __pfx_vfs_read+0x10/0x10
[ 1879.577066][ T2991]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 1879.577088][ T2991]  ? lockdep_hardirqs_on+0x7b/0x110
[ 1879.577108][ T2991]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[ 1879.577128][ T2991]  ? mutex_lock_nested+0x154/0x1d0
[ 1879.577151][ T2991]  ? fdget_pos+0x253/0x320
[ 1879.577185][ T2991]  ksys_read+0x14b/0x260
[ 1879.577214][ T2991]  ? __pfx_ksys_read+0x10/0x10
[ 1879.577248][ T2991]  do_syscall_64+0xec/0xf80
[ 1879.577270][ T2991]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1879.577288][ T2991]  ? trace_irq_disable+0x37/0x100
[ 1879.577308][ T2991]  ? clear_bhb_loop+0x60/0xb0
[ 1879.577330][ T2991]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1879.577347][ T2991] RIP: 0033:0x7f81a613e15c
[ 1879.577365][ T2991] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1879.577382][ T2991] RSP: 002b:00007f81a439e030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1879.577401][ T2991] RAX: ffffffffffffffda RBX: 00007f81a6395fa0 RCX: 00007f81a613e15c
[ 1879.577415][ T2991] RDX: 000000000000000f RSI: 00007f81a439e0a0 RDI: 0000000000000004
[ 1879.577427][ T2991] RBP: 00007f81a439e090 R08: 0000000000000000 R09: 0000000000000000
[ 1879.577438][ T2991] R10: 0000200000000180 R11: 0000000000000246 R12: 0000000000000001
[ 1879.577449][ T2991] R13: 00007f81a6396038 R14: 00007f81a6395fa0 R15: 00007ffd796e5dd8
[ 1879.577481][ T2991]  </TASK>
[ 1881.279708][ T3017] FAULT_INJECTION: forcing a failure.
[ 1881.279708][ T3017] name failslab, interval 1, probability 0, space 0, times 0
[ 1881.279805][ T3017] CPU: 0 UID: 0 PID: 3017 Comm: syz.1.6801 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1881.279834][ T3017] Tainted: [L]=SOFTLOCKUP
[ 1881.279842][ T3017] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1881.279855][ T3017] Call Trace:
[ 1881.279863][ T3017]  <TASK>
[ 1881.279872][ T3017]  dump_stack_lvl+0xe8/0x150
[ 1881.279906][ T3017]  should_fail_ex+0x46c/0x600
[ 1881.279938][ T3017]  should_failslab+0xa8/0x100
[ 1881.279960][ T3017]  __kmalloc_cache_node_noprof+0x8b/0x700
[ 1881.279988][ T3017]  ? __schedule+0x1475/0x5070
[ 1881.280019][ T3017]  ? __get_vm_area_node+0x172/0x350
[ 1881.280050][ T3017]  __get_vm_area_node+0x172/0x350
[ 1881.280085][ T3017]  __vmalloc_node_range_noprof+0x371/0x16a0
[ 1881.280113][ T3017]  ? bpf_prog_alloc_no_stats+0x4a/0x4d0
[ 1881.280165][ T3017]  ? irqentry_exit+0x5dd/0x660
[ 1881.280187][ T3017]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1881.280230][ T3017]  ? bpf_prog_alloc_no_stats+0x4a/0x4d0
[ 1881.280252][ T3017]  __vmalloc_noprof+0xd2/0x120
[ 1881.280276][ T3017]  ? bpf_prog_alloc_no_stats+0x4a/0x4d0
[ 1881.280300][ T3017]  bpf_prog_alloc_no_stats+0x4a/0x4d0
[ 1881.280329][ T3017]  bpf_prog_alloc+0x3c/0x1a0
[ 1881.280354][ T3017]  bpf_prog_load+0x735/0x1a10
[ 1881.280390][ T3017]  ? __pfx_bpf_prog_load+0x10/0x10
[ 1881.280413][ T3017]  ? __might_fault+0xb0/0x130
[ 1881.280462][ T3017]  ? bpf_lsm_bpf+0x9/0x20
[ 1881.280479][ T3017]  ? security_bpf+0x7e/0x300
[ 1881.280510][ T3017]  __sys_bpf+0x507/0x860
[ 1881.280534][ T3017]  ? __pfx___sys_bpf+0x10/0x10
[ 1881.280581][ T3017]  ? ksys_write+0x230/0x260
[ 1881.280610][ T3017]  ? __pfx_ksys_write+0x10/0x10
[ 1881.280645][ T3017]  __x64_sys_bpf+0x7c/0x90
[ 1881.280666][ T3017]  do_syscall_64+0xec/0xf80
[ 1881.280684][ T3017]  ? rcu_is_watching+0x15/0xb0
[ 1881.280701][ T3017]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1881.280721][ T3017]  ? clear_bhb_loop+0x60/0xb0
[ 1881.280744][ T3017]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1881.280763][ T3017] RIP: 0033:0x7f66937bf749
[ 1881.280781][ T3017] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1881.280798][ T3017] RSP: 002b:00007f66919fd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1881.280819][ T3017] RAX: ffffffffffffffda RBX: 00007f6693a16090 RCX: 00007f66937bf749
[ 1881.280834][ T3017] RDX: 0000000000000090 RSI: 0000200000000680 RDI: 0000000000000005
[ 1881.280848][ T3017] RBP: 00007f66919fd090 R08: 0000000000000000 R09: 0000000000000000
[ 1881.280861][ T3017] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1881.280873][ T3017] R13: 00007f6693a16128 R14: 00007f6693a16090 R15: 00007ffe23c49948
[ 1881.280908][ T3017]  </TASK>
[ 1881.288326][ T3017] syz.1.6801: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1
[ 1881.301759][ T3017] CPU: 0 UID: 0 PID: 3017 Comm: syz.1.6801 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1881.301792][ T3017] Tainted: [L]=SOFTLOCKUP
[ 1881.301801][ T3017] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1881.301814][ T3017] Call Trace:
[ 1881.301822][ T3017]  <TASK>
[ 1881.301832][ T3017]  dump_stack_lvl+0xe8/0x150
[ 1881.301863][ T3017]  warn_alloc+0x22e/0x3b0
[ 1881.301890][ T3017]  ? should_fail_ex+0x344/0x600
[ 1881.301923][ T3017]  ? __pfx_warn_alloc+0x10/0x10
[ 1881.301948][ T3017]  ? __kmalloc_cache_node_noprof+0x2aa/0x700
[ 1881.301974][ T3017]  ? __get_vm_area_node+0x172/0x350
[ 1881.302004][ T3017]  ? __get_vm_area_node+0x2e2/0x350
[ 1881.302038][ T3017]  __vmalloc_node_range_noprof+0x396/0x16a0
[ 1881.302094][ T3017]  ? irqentry_exit+0x5dd/0x660
[ 1881.302117][ T3017]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1881.302159][ T3017]  ? bpf_prog_alloc_no_stats+0x4a/0x4d0
[ 1881.302181][ T3017]  __vmalloc_noprof+0xd2/0x120
[ 1881.302208][ T3017]  ? bpf_prog_alloc_no_stats+0x4a/0x4d0
[ 1881.302234][ T3017]  bpf_prog_alloc_no_stats+0x4a/0x4d0
[ 1881.302262][ T3017]  bpf_prog_alloc+0x3c/0x1a0
[ 1881.302287][ T3017]  bpf_prog_load+0x735/0x1a10
[ 1881.302319][ T3017]  ? __pfx_bpf_prog_load+0x10/0x10
[ 1881.302341][ T3017]  ? __might_fault+0xb0/0x130
[ 1881.302389][ T3017]  ? bpf_lsm_bpf+0x9/0x20
[ 1881.302406][ T3017]  ? security_bpf+0x7e/0x300
[ 1881.302435][ T3017]  __sys_bpf+0x507/0x860
[ 1881.302458][ T3017]  ? __pfx___sys_bpf+0x10/0x10
[ 1881.302497][ T3017]  ? ksys_write+0x230/0x260
[ 1881.302526][ T3017]  ? __pfx_ksys_write+0x10/0x10
[ 1881.302571][ T3017]  __x64_sys_bpf+0x7c/0x90
[ 1881.302592][ T3017]  do_syscall_64+0xec/0xf80
[ 1881.302610][ T3017]  ? rcu_is_watching+0x15/0xb0
[ 1881.302627][ T3017]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1881.302646][ T3017]  ? clear_bhb_loop+0x60/0xb0
[ 1881.302671][ T3017]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1881.302690][ T3017] RIP: 0033:0x7f66937bf749
[ 1881.302708][ T3017] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1881.302726][ T3017] RSP: 002b:00007f66919fd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1881.302746][ T3017] RAX: ffffffffffffffda RBX: 00007f6693a16090 RCX: 00007f66937bf749
[ 1881.302761][ T3017] RDX: 0000000000000090 RSI: 0000200000000680 RDI: 0000000000000005
[ 1881.302774][ T3017] RBP: 00007f66919fd090 R08: 0000000000000000 R09: 0000000000000000
[ 1881.302787][ T3017] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1881.302799][ T3017] R13: 00007f6693a16128 R14: 00007f6693a16090 R15: 00007ffe23c49948
[ 1881.302833][ T3017]  </TASK>
[ 1881.303503][ T3017] Mem-Info:
[ 1881.303584][ T3017] active_anon:262 inactive_anon:29105 isolated_anon:0
[ 1881.303584][ T3017]  active_file:28153 inactive_file:38674 isolated_file:0
[ 1881.303584][ T3017]  unevictable:768 dirty:175 writeback:0
[ 1881.303584][ T3017]  slab_reclaimable:8418 slab_unreclaimable:126203
[ 1881.303584][ T3017]  mapped:33374 shmem:21123 pagetables:2868
[ 1881.303584][ T3017]  sec_pagetables:0 bounce:0
[ 1881.303584][ T3017]  kernel_misc_reclaimable:0
[ 1881.303584][ T3017]  free:1243397 free_pcp:6185 free_cma:0
[ 1881.303675][ T3017] Node 0 active_anon:1048kB inactive_anon:116420kB active_file:112412kB inactive_file:154696kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:133496kB dirty:700kB writeback:0kB shmem:82956kB kernel_stack:18048kB pagetables:11320kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1881.303748][ T3017] Node 1 active_anon:0kB inactive_anon:0kB active_file:200kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB kernel_stack:32kB pagetables:152kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1881.303819][ T3017] Node 0 DMA free:15340kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1881.303947][ T3017] lowmem_reserve[]: 0 2514 2515 2515 2515
[ 1881.304235][ T3017] Node 0 DMA32 free:1065304kB boost:0kB min:3944kB low:6492kB high:9040kB reserved_highatomic:0KB free_highatomic:0KB active_anon:1048kB inactive_anon:116420kB active_file:112412kB inactive_file:154696kB unevictable:1536kB writepending:700kB zspages:0kB present:3129332kB managed:2574692kB mlocked:0kB bounce:0kB free_pcp:24740kB local_pcp:16612kB free_cma:0kB
[ 1881.304360][ T3017] lowmem_reserve[]: 0 0 1 1 1
[ 1881.304913][ T3017] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1644kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1881.305024][ T3017] lowmem_reserve[]: 0 0 0 0 0
[ 1881.305333][ T3017] Node 1 Normal free:3892944kB boost:0kB min:6360kB low:10468kB high:14576kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:200kB inactive_file:0kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1881.305456][ T3017] lowmem_reserve[]: 0 0 0 0 0
[ 1881.305684][ T3017] Node 0 DMA: 1*4kB (U) 1*8kB (U) 0*16kB 1*32kB (U) 1*64kB (U) 1*128kB (U) 1*256kB (U) 1*512kB (U) 0*1024kB 1*2048kB (M) 3*4096kB (M) = 15340kB
[ 1881.306812][ T3017] Node 0 DMA32: 3153*4kB (UME) 3334*8kB (UME) 2031*16kB (UME) 928*32kB (UME) 348*64kB (UME) 204*128kB (UME) 144*256kB (UME) 202*512kB (UME) 95*1024kB (UME) 13*2048kB (UME) 159*4096kB (M) = 1065316kB
[ 1881.308040][ T3017] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[ 1881.308601][ T3017] Node 1 Normal: 176*4kB (UE) 52*8kB (UME) 39*16kB (UME) 208*32kB (UME) 98*64kB (UME) 31*128kB (UME) 14*256kB (UME) 6*512kB (UM) 3*1024kB (UM) 3*2048kB (ME) 942*4096kB (UM) = 3892944kB
[ 1881.309837][ T3017] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1881.309892][ T3017] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[ 1881.309936][ T3017] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1881.309979][ T3017] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1881.310023][ T3017] 87948 total pagecache pages
[ 1881.310319][ T3017] 1 pages in swap cache
[ 1881.310354][ T3017] Free swap  = 124992kB
[ 1881.310389][ T3017] Total swap = 124996kB
[ 1881.310424][ T3017] 2097051 pages RAM
[ 1881.310459][ T3017] 0 pages HighMem/MovableOnly
[ 1881.310494][ T3017] 421352 pages reserved
[ 1881.310529][ T3017] 0 pages cma reserved
[ 1882.616321][ T3026] tmpfs: Unknown parameter '/××b‘i�µ•u‰•nr_inodes'
[ 1884.650348][   T37] kauditd_printk_skb: 512 callbacks suppressed
[ 1884.650367][   T37] audit: type=1326 audit(1872.046:1684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3056 comm="syz.4.6813" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1bf6d8f749 code=0x0
[ 1885.511368][ T3070] netlink: 2028 bytes leftover after parsing attributes in process `syz.0.6815'.
[ 1885.511385][ T3070] netlink: 24 bytes leftover after parsing attributes in process `syz.0.6815'.
[ 1885.667288][ T3081] FAULT_INJECTION: forcing a failure.
[ 1885.667288][ T3081] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1885.667323][ T3081] CPU: 0 UID: 0 PID: 3081 Comm: syz.4.6820 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1885.667348][ T3081] Tainted: [L]=SOFTLOCKUP
[ 1885.667355][ T3081] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1885.667368][ T3081] Call Trace:
[ 1885.667374][ T3081]  <TASK>
[ 1885.667382][ T3081]  dump_stack_lvl+0xe8/0x150
[ 1885.667411][ T3081]  should_fail_ex+0x46c/0x600
[ 1885.667450][ T3081]  strncpy_from_user+0x36/0x2c0
[ 1885.667478][ T3081]  getname_flags+0xf3/0x540
[ 1885.667504][ T3081]  __x64_sys_mknod+0x79/0xa0
[ 1885.667530][ T3081]  do_syscall_64+0xec/0xf80
[ 1885.667549][ T3081]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1885.667567][ T3081]  ? trace_irq_disable+0x37/0x100
[ 1885.667587][ T3081]  ? clear_bhb_loop+0x60/0xb0
[ 1885.667610][ T3081]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1885.667628][ T3081] RIP: 0033:0x7f1bf6d8f749
[ 1885.667645][ T3081] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1885.667662][ T3081] RSP: 002b:00007f1bf4ff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000085
[ 1885.667683][ T3081] RAX: ffffffffffffffda RBX: 00007f1bf6fe5fa0 RCX: 00007f1bf6d8f749
[ 1885.667701][ T3081] RDX: 0000000000000708 RSI: 0000000000001800 RDI: 00002000000002c0
[ 1885.667714][ T3081] RBP: 00007f1bf4ff6090 R08: 0000000000000000 R09: 0000000000000000
[ 1885.667727][ T3081] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1885.667739][ T3081] R13: 00007f1bf6fe6038 R14: 00007f1bf6fe5fa0 R15: 00007ffc4d55f098
[ 1885.667772][ T3081]  </TASK>
[ 1885.673363][ T3077] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6818'.
[ 1885.926980][ T5971] usb 2-1: new low-speed USB device number 63 using dummy_hcd
[ 1885.949334][ T3087] input: syz1 as /devices/virtual/input/input140
[ 1885.952771][ T3082] veth0: entered promiscuous mode
[ 1886.091346][T18455] usb 3-1: new high-speed USB device number 82 using dummy_hcd
[ 1886.160615][ T5971] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1886.160632][ T5971] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1886.160661][ T5971] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1886.160675][ T5971] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1886.160696][ T5971] usb 2-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[ 1886.160707][ T5971] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1886.166515][ T5971] hub 2-1:1.0: bad descriptor, ignoring hub
[ 1886.166537][ T5971] hub 2-1:1.0: probe with driver hub failed with error -5
[ 1886.167008][ T5971] cdc_wdm 2-1:1.0: skipping garbage
[ 1886.167016][ T5971] cdc_wdm 2-1:1.0: skipping garbage
[ 1886.172762][ T5971] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device
[ 1886.172781][ T5971] cdc_wdm 2-1:1.0: Unknown control protocol
[ 1886.265835][T18455] usb 3-1: Using ep0 maxpacket: 16
[ 1886.268228][T18455] usb 3-1: config 0 contains an unexpected descriptor of type 0x2, skipping
[ 1886.268250][T18455] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1886.268268][T18455] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1886.271037][T18455] usb 3-1: New USB device found, idVendor=2040, idProduct=c604, bcdDevice=1a.20
[ 1886.271064][T18455] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1886.271092][T18455] usb 3-1: Product: syz
[ 1886.271106][T18455] usb 3-1: Manufacturer: syz
[ 1886.271120][T18455] usb 3-1: SerialNumber: syz
[ 1886.274262][T18455] usb 3-1: config 0 descriptor??
[ 1886.523910][ T3076] veth0: left promiscuous mode
[ 1886.529142][T18455] usb 3-1: USB disconnect, device number 82
[ 1886.536855][ T5971] usb 2-1: USB disconnect, device number 63
[ 1886.936855][ T5984] usb 2-1: new low-speed USB device number 64 using dummy_hcd
[ 1887.113709][ T5984] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1887.113736][ T5984] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1887.113787][ T5984] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1887.113877][ T5984] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1887.113914][ T5984] usb 2-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[ 1887.113936][ T5984] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1887.188685][ T5984] hub 2-1:1.0: bad descriptor, ignoring hub
[ 1887.188724][ T5984] hub 2-1:1.0: probe with driver hub failed with error -5
[ 1887.190834][ T5984] cdc_wdm 2-1:1.0: skipping garbage
[ 1887.190870][ T5984] cdc_wdm 2-1:1.0: skipping garbage
[ 1887.196902][ T5984] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device
[ 1887.196921][ T5984] cdc_wdm 2-1:1.0: Unknown control protocol
[ 1888.481111][T18455] usb 2-1: USB disconnect, device number 64
[ 1888.818428][ T3118] 9p: Bad value for 'wfdno'
[ 1890.146065][ T3124] afs: Unknown parameter 'ÿÿÿÿÿÿÿÿ'
[ 1890.372335][ T3137] IPv6: NLM_F_REPLACE set, but no existing node found!
[ 1890.536761][T18455] usb 3-1: new high-speed USB device number 83 using dummy_hcd
[ 1890.698622][T18455] usb 3-1: Using ep0 maxpacket: 8
[ 1890.706678][T18455] usb 3-1: unable to get BOS descriptor or descriptor too short
[ 1890.707812][T18455] usb 3-1: unable to read config index 0 descriptor/start: -71
[ 1890.707843][T18455] usb 3-1: can't read configurations, error -71
[ 1890.827592][ T3147] team0: entered promiscuous mode
[ 1890.827607][ T3147] team_slave_0: entered promiscuous mode
[ 1890.827807][ T3147] team_slave_1: entered promiscuous mode
[ 1890.875978][ T3147] netdevsim netdevsim1 netdevsim0: entered promiscuous mode
[ 1890.899898][ T3147] hsr1: entered allmulticast mode
[ 1890.899912][ T3147] team0: entered allmulticast mode
[ 1890.899919][ T3147] team_slave_0: entered allmulticast mode
[ 1890.899932][ T3147] team_slave_1: entered allmulticast mode
[ 1890.899957][ T3147] netdevsim netdevsim1 netdevsim0: entered allmulticast mode
[ 1891.229671][ T6510] usb 2-1: new high-speed USB device number 65 using dummy_hcd
[ 1892.020982][ T6510] usb 2-1: Using ep0 maxpacket: 16
[ 1892.027767][ T6510] usb 2-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice=10.00
[ 1892.027796][ T6510] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1892.027817][ T6510] usb 2-1: Product: syz
[ 1892.027831][ T6510] usb 2-1: Manufacturer: syz
[ 1892.027847][ T6510] usb 2-1: SerialNumber: syz
[ 1892.066303][ T6510] usb 2-1: config 0 descriptor??
[ 1892.071302][ T6510] ftdi_sio 2-1:0.0: FTDI USB Serial Device converter detected
[ 1892.082573][ T6510] usb 2-1: Detected FT-X
[ 1892.334743][ T3164] input: syz0 as /devices/virtual/input/input141
[ 1892.338377][ T3164] FAULT_INJECTION: forcing a failure.
[ 1892.338377][ T3164] name failslab, interval 1, probability 0, space 0, times 0
[ 1892.338409][ T3164] CPU: 1 UID: 0 PID: 3164 Comm: syz.2.6843 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1892.338435][ T3164] Tainted: [L]=SOFTLOCKUP
[ 1892.338442][ T3164] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1892.338454][ T3164] Call Trace:
[ 1892.338462][ T3164]  <TASK>
[ 1892.338471][ T3164]  dump_stack_lvl+0xe8/0x150
[ 1892.338503][ T3164]  should_fail_ex+0x46c/0x600
[ 1892.338534][ T3164]  should_failslab+0xa8/0x100
[ 1892.338563][ T3164]  __kvmalloc_node_noprof+0x181/0x940
[ 1892.338591][ T3164]  ? file_tty_write+0x2ed/0xa30
[ 1892.338613][ T3164]  ? _mutex_trylock_nest_lock+0x129/0x180
[ 1892.338643][ T3164]  file_tty_write+0x2ed/0xa30
[ 1892.338677][ T3164]  vfs_write+0x5d5/0xb40
[ 1892.338709][ T3164]  ? __pfx_tty_write+0x10/0x10
[ 1892.338732][ T3164]  ? __pfx_vfs_write+0x10/0x10
[ 1892.338769][ T3164]  ? __fget_files+0x2a/0x420
[ 1892.338800][ T3164]  ksys_write+0x14b/0x260
[ 1892.338828][ T3164]  ? __pfx_ksys_write+0x10/0x10
[ 1892.338866][ T3164]  do_syscall_64+0xec/0xf80
[ 1892.338886][ T3164]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1892.338904][ T3164]  ? trace_irq_disable+0x37/0x100
[ 1892.338924][ T3164]  ? clear_bhb_loop+0x60/0xb0
[ 1892.338949][ T3164]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1892.338967][ T3164] RIP: 0033:0x7fdcc805f749
[ 1892.338985][ T3164] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1892.339001][ T3164] RSP: 002b:00007fdcc62a5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1892.339023][ T3164] RAX: ffffffffffffffda RBX: 00007fdcc82b6090 RCX: 00007fdcc805f749
[ 1892.339037][ T3164] RDX: 000000000000045c RSI: 00002000000004c0 RDI: 0000000000000007
[ 1892.339050][ T3164] RBP: 00007fdcc62a5090 R08: 0000000000000000 R09: 0000000000000000
[ 1892.339062][ T3164] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1892.339073][ T3164] R13: 00007fdcc82b6128 R14: 00007fdcc82b6090 R15: 00007fff802feb48
[ 1892.339105][ T3164]  </TASK>
[ 1892.407132][ T3167] input: syz0 as /devices/virtual/input/input142
[ 1892.571878][ T6510] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[ 1892.574460][ T6510] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[ 1892.575010][ T6510] ftdi_sio 2-1:0.0: GPIO initialisation failed: -71
[ 1892.592782][ T6510] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0
[ 1892.598605][ T6510] usb 2-1: USB disconnect, device number 65
[ 1892.605898][ T5914] usb 1-1: new high-speed USB device number 103 using dummy_hcd
[ 1892.607555][ T6510] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[ 1892.607999][ T6510] ftdi_sio 2-1:0.0: device disconnected
[ 1892.839141][ T5914] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 1892.839169][ T5914] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1892.839187][ T5914] usb 1-1: Product: syz
[ 1892.839200][ T5914] usb 1-1: Manufacturer: syz
[ 1892.839214][ T5914] usb 1-1: SerialNumber: syz
[ 1892.877943][ T5914] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 1892.909424][ T5972] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 1893.019246][ T6510] usb 4-1: new high-speed USB device number 65 using dummy_hcd
[ 1893.202208][ T6510] usb 4-1: Using ep0 maxpacket: 32
[ 1893.216505][ T6510] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[ 1893.216550][ T6510] usb 4-1: config 0 has no interface number 0
[ 1893.217000][ T6510] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1893.217403][ T6510] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1893.218009][ T6510] usb 4-1: New USB device found, idVendor=28bd, idProduct=0094, bcdDevice= 0.00
[ 1893.218034][ T6510] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1893.398643][T16213] usb 1-1: USB disconnect, device number 103
[ 1893.640762][ T6510] usb 4-1: config 0 descriptor??
[ 1893.857136][ T3180] 9p: Bad value for 'rfdno'
[ 1893.859123][ T3180] netlink: 20 bytes leftover after parsing attributes in process `syz.2.6849'.
[ 1894.183175][ T5914] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[ 1894.186857][ T5972] ath9k_htc 1-1:1.0: ath9k_htc: Target is unresponsive
[ 1894.187042][ T5972] ath9k_htc: Failed to initialize the device
[ 1894.210447][T16213] usb 1-1: ath9k_htc: USB layer deinitialized
[ 1895.211282][ T5914] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1895.211316][ T5914] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1895.211354][ T5914] usb 5-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.80
[ 1895.211376][ T5914] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1895.216056][ T5914] usb 5-1: config 0 descriptor??
[ 1895.269617][ T3170] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1895.270146][ T3170] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1895.271363][T14116] Bluetooth: hci5: unexpected event for opcode 0x040e
[ 1895.301416][ T6510] uclogic 0003:28BD:0094.0070: pen parameters not found
[ 1895.301442][ T6510] uclogic 0003:28BD:0094.0070: interface is invalid, ignoring
[ 1895.745942][ T5914] cp2112 0003:10C4:EA90.0071: unknown main item tag 0x0
[ 1895.751110][ T5914] cp2112 0003:10C4:EA90.0071: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.4-1/input0
[ 1896.553356][ T5914] cp2112 0003:10C4:EA90.0071: Part Number: 0x82 Device Version: 0xFE
[ 1896.553409][ T6510] usb 4-1: USB disconnect, device number 65
[ 1896.909255][ T3213] binder: 3212:3213 ioctl 4018620d 0 returned -22
[ 1897.388259][ T6510] usb 2-1: new high-speed USB device number 66 using dummy_hcd
[ 1897.861787][ T3214] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1897.882201][ T3214] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1897.893641][ T5914] usb 5-1: USB disconnect, device number 17
[ 1897.929529][ T3226] FAULT_INJECTION: forcing a failure.
[ 1897.929529][ T3226] name failslab, interval 1, probability 0, space 0, times 0
[ 1897.929564][ T3226] CPU: 1 UID: 0 PID: 3226 Comm: syz.2.6862 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1897.929592][ T3226] Tainted: [L]=SOFTLOCKUP
[ 1897.929599][ T3226] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1897.929612][ T3226] Call Trace:
[ 1897.929621][ T3226]  <TASK>
[ 1897.929630][ T3226]  dump_stack_lvl+0xe8/0x150
[ 1897.929661][ T3226]  should_fail_ex+0x46c/0x600
[ 1897.929693][ T3226]  should_failslab+0xa8/0x100
[ 1897.929715][ T3226]  __kmalloc_noprof+0xe0/0x7e0
[ 1897.929740][ T3226]  ? kfree+0x4d/0x900
[ 1897.929759][ T3226]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 1897.929786][ T3226]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 1897.929806][ T3226]  ? tomoyo_domain+0xd9/0x130
[ 1897.929832][ T3226]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 1897.929858][ T3226]  tomoyo_path_number_perm+0x1e8/0x5a0
[ 1897.929898][ T3226]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1897.929921][ T3226]  ? __lock_acquire+0x6b6/0x2cf0
[ 1897.929949][ T3226]  ? do_raw_spin_lock+0x121/0x290
[ 1897.930004][ T3226]  ? __fget_files+0x2a/0x420
[ 1897.930029][ T3226]  ? __fget_files+0x2a/0x420
[ 1897.930048][ T3226]  ? __fget_files+0x3a6/0x420
[ 1897.930065][ T3226]  ? __fget_files+0x2a/0x420
[ 1897.930095][ T3226]  security_file_ioctl+0xcb/0x2d0
[ 1897.930121][ T3226]  __se_sys_ioctl+0x47/0x170
[ 1897.930148][ T3226]  do_syscall_64+0xec/0xf80
[ 1897.930168][ T3226]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1897.930187][ T3226]  ? trace_irq_disable+0x37/0x100
[ 1897.930208][ T3226]  ? clear_bhb_loop+0x60/0xb0
[ 1897.930229][ T3226]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1897.930246][ T3226] RIP: 0033:0x7fdcc805f749
[ 1897.930262][ T3226] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1897.930278][ T3226] RSP: 002b:00007fdcc62c6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1897.930298][ T3226] RAX: ffffffffffffffda RBX: 00007fdcc82b5fa0 RCX: 00007fdcc805f749
[ 1897.930313][ T3226] RDX: 00002000000001c0 RSI: 00000000c048aec8 RDI: 0000000000000004
[ 1897.930326][ T3226] RBP: 00007fdcc62c6090 R08: 0000000000000000 R09: 0000000000000000
[ 1897.930339][ T3226] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1897.930350][ T3226] R13: 00007fdcc82b6038 R14: 00007fdcc82b5fa0 R15: 00007fff802feb48
[ 1897.930385][ T3226]  </TASK>
[ 1897.930687][ T3226] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1900.823691][ T3243] input: syz0 as /devices/virtual/input/input143
[ 1901.209790][ T5972] usb 4-1: new high-speed USB device number 66 using dummy_hcd
[ 1901.395490][ T5972] usb 4-1: device descriptor read/64, error -71
[ 1901.677194][ T5972] usb 4-1: new high-speed USB device number 67 using dummy_hcd
[ 1901.680659][ T3259] binder: 3256:3259 ioctl 4018620d 0 returned -22
[ 1901.783666][ T3263] FAULT_INJECTION: forcing a failure.
[ 1901.783666][ T3263] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1901.783701][ T3263] CPU: 0 UID: 0 PID: 3263 Comm: syz.0.6872 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1901.783739][ T3263] Tainted: [L]=SOFTLOCKUP
[ 1901.783748][ T3263] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1901.783760][ T3263] Call Trace:
[ 1901.783769][ T3263]  <TASK>
[ 1901.783778][ T3263]  dump_stack_lvl+0xe8/0x150
[ 1901.783808][ T3263]  should_fail_ex+0x46c/0x600
[ 1901.783840][ T3263]  _copy_from_iter+0x1cd/0x1630
[ 1901.783866][ T3263]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1901.783899][ T3263]  ? __pfx__copy_from_iter+0x10/0x10
[ 1901.783930][ T3263]  ? set_page_refcounted+0xa0/0x1e0
[ 1901.783950][ T3263]  ? page_copy_sane+0x4e/0x280
[ 1901.783975][ T3263]  copy_page_from_iter+0xdd/0x170
[ 1901.784004][ T3263]  tun_get_user+0x1d40/0x3de0
[ 1901.784031][ T3263]  ? tun_get_user+0x6fc/0x3de0
[ 1901.784064][ T3263]  ? __pfx_tun_get_user+0x10/0x10
[ 1901.784087][ T3263]  ? __lock_acquire+0x6b6/0x2cf0
[ 1901.784112][ T3263]  ? kstrtoull+0x12f/0x1d0
[ 1901.784142][ T3263]  ? ref_tracker_alloc+0x2fe/0x450
[ 1901.784165][ T3263]  ? get_pid_task+0x20/0x1f0
[ 1901.784193][ T3263]  ? __pfx_ref_tracker_alloc+0x10/0x10
[ 1901.784218][ T3263]  ? tun_get+0x1c/0x2f0
[ 1901.784240][ T3263]  ? tun_get+0x1c/0x2f0
[ 1901.784267][ T3263]  ? tun_get+0x1c/0x2f0
[ 1901.784288][ T3263]  ? tun_get+0x1c/0x2f0
[ 1901.784316][ T3263]  tun_chr_write_iter+0x119/0x200
[ 1901.784341][ T3263]  vfs_write+0x5d5/0xb40
[ 1901.784371][ T3263]  ? __pfx_tun_chr_write_iter+0x10/0x10
[ 1901.784394][ T3263]  ? __pfx_vfs_write+0x10/0x10
[ 1901.784429][ T3263]  ? __fget_files+0x2a/0x420
[ 1901.784457][ T3263]  ksys_write+0x14b/0x260
[ 1901.784489][ T3263]  ? __pfx_ksys_write+0x10/0x10
[ 1901.784525][ T3263]  do_syscall_64+0xec/0xf80
[ 1901.784544][ T3263]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1901.784562][ T3263]  ? trace_irq_disable+0x37/0x100
[ 1901.784581][ T3263]  ? clear_bhb_loop+0x60/0xb0
[ 1901.784603][ T3263]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1901.784622][ T3263] RIP: 0033:0x7f81a613e1ff
[ 1901.784639][ T3263] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[ 1901.784656][ T3263] RSP: 002b:00007f81a439e000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 1901.784677][ T3263] RAX: ffffffffffffffda RBX: 00007f81a6395fa0 RCX: 00007f81a613e1ff
[ 1901.784692][ T3263] RDX: 0000000000000046 RSI: 00002000000002c0 RDI: 00000000000000c8
[ 1901.784704][ T3263] RBP: 00007f81a439e090 R08: 0000000000000000 R09: 0000000000000000
[ 1901.784716][ T3263] R10: 0000000000000046 R11: 0000000000000293 R12: 0000000000000001
[ 1901.784737][ T3263] R13: 00007f81a6396038 R14: 00007f81a6395fa0 R15: 00007ffd796e5dd8
[ 1901.784771][ T3263]  </TASK>
[ 1901.818143][ T5972] usb 4-1: device descriptor read/64, error -71
[ 1902.176418][ T5972] usb usb4-port1: attempt power cycle
[ 1902.696133][ T8059] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[ 1902.858574][ T8059] usb 5-1: Using ep0 maxpacket: 16
[ 1902.861139][ T8059] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1902.861191][ T8059] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1902.861218][ T8059] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[ 1902.861239][ T8059] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[ 1902.861262][ T8059] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1902.863728][ T8059] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[ 1902.863754][ T8059] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[ 1902.863774][ T8059] usb 5-1: Manufacturer: syz
[ 1902.901812][ T5972] usb 4-1: new high-speed USB device number 68 using dummy_hcd
[ 1902.928772][ T3265] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[ 1902.928812][ T3265] overlayfs: overlapping lowerdir path
[ 1902.930982][ T5972] usb 4-1: device descriptor read/8, error -71
[ 1902.989190][ T8059] usb 5-1: config 0 descriptor??
[ 1904.222219][ T8059] rc_core: IR keymap rc-hauppauge not found
[ 1904.222277][ T8059] Registered IR keymap rc-empty
[ 1904.228732][ T8059] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[ 1904.246040][ T8059] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[ 1904.276118][ T8059] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[ 1904.335617][ T8059] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input144
[ 1904.385018][ T8059] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[ 1904.397508][ T8059] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[ 1904.452107][ T8059] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[ 1904.474127][ T8059] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[ 1904.494943][ T8059] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[ 1904.516874][ T8059] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[ 1904.538388][ T8059] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[ 1904.560853][ T8059] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[ 1904.581911][ T8059] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[ 1904.606926][ T8059] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[ 1904.626415][ T8059] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[ 1904.660470][ T8059] mceusb 5-1:0.0: Registered 424242424242 with mce emulator interface version 1
[ 1904.660494][ T8059] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[ 1905.015793][ T6510] usb 5-1: USB disconnect, device number 18
[ 1905.119225][ T5809] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1905.150694][ T3286] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1905.165182][ T5809] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1905.188186][ T5809] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1905.201987][ T5972] usb 4-1: new high-speed USB device number 69 using dummy_hcd
[ 1905.203199][ T5809] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1905.208749][ T3286] FAULT_INJECTION: forcing a failure.
[ 1905.208749][ T3286] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1905.208770][ T3286] CPU: 1 UID: 0 PID: 3286 Comm: syz.2.6879 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1905.208786][ T3286] Tainted: [L]=SOFTLOCKUP
[ 1905.208790][ T3286] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1905.208797][ T3286] Call Trace:
[ 1905.208802][ T3286]  <TASK>
[ 1905.208808][ T3286]  dump_stack_lvl+0xe8/0x150
[ 1905.208827][ T3286]  should_fail_ex+0x46c/0x600
[ 1905.208845][ T3286]  _copy_to_user+0x31/0xb0
[ 1905.208858][ T3286]  simple_read_from_buffer+0xe1/0x170
[ 1905.208872][ T3286]  proc_fail_nth_read+0x1b6/0x220
[ 1905.208890][ T3286]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1905.208907][ T3286]  ? rw_verify_area+0x2ac/0x4e0
[ 1905.208921][ T3286]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1905.208937][ T3286]  vfs_read+0x206/0xa30
[ 1905.208956][ T3286]  ? __pfx_vfs_read+0x10/0x10
[ 1905.208971][ T3286]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 1905.208983][ T3286]  ? lockdep_hardirqs_on+0x7b/0x110
[ 1905.208993][ T3286]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[ 1905.209003][ T3286]  ? mutex_lock_nested+0x154/0x1d0
[ 1905.209016][ T3286]  ? fdget_pos+0x253/0x320
[ 1905.209032][ T3286]  ksys_read+0x14b/0x260
[ 1905.209048][ T3286]  ? __pfx_ksys_read+0x10/0x10
[ 1905.209068][ T3286]  do_syscall_64+0xec/0xf80
[ 1905.209078][ T3286]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1905.209088][ T3286]  ? trace_irq_disable+0x37/0x100
[ 1905.209099][ T3286]  ? clear_bhb_loop+0x60/0xb0
[ 1905.209112][ T3286]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1905.209122][ T3286] RIP: 0033:0x7fdcc805e15c
[ 1905.209132][ T3286] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1905.209141][ T3286] RSP: 002b:00007fdcc62c6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1905.209153][ T3286] RAX: ffffffffffffffda RBX: 00007fdcc82b5fa0 RCX: 00007fdcc805e15c
[ 1905.209161][ T3286] RDX: 000000000000000f RSI: 00007fdcc62c60a0 RDI: 0000000000000004
[ 1905.209168][ T3286] RBP: 00007fdcc62c6090 R08: 0000000000000000 R09: 0000000000000000
[ 1905.209175][ T3286] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1905.209181][ T3286] R13: 00007fdcc82b6038 R14: 00007fdcc82b5fa0 R15: 00007fff802feb48
[ 1905.209199][ T3286]  </TASK>
[ 1905.221540][ T5809] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1905.280821][ T5972] usb 4-1: config 0 has an invalid interface number: 121 but max is 0
[ 1905.280849][ T5972] usb 4-1: config 0 has an invalid interface number: 151 but max is 0
[ 1905.280869][ T5972] usb 4-1: config 0 has 2 interfaces, different from the descriptor's value: 1
[ 1905.280888][ T5972] usb 4-1: config 0 has no interface number 0
[ 1905.280904][ T5972] usb 4-1: config 0 has no interface number 1
[ 1905.280958][ T5972] usb 4-1: config 0 interface 121 altsetting 0 endpoint 0xA has an invalid bInterval 24, changing to 8
[ 1905.280985][ T5972] usb 4-1: config 0 interface 121 altsetting 0 endpoint 0x8C has invalid maxpacket 30963, setting to 1024
[ 1905.281009][ T5972] usb 4-1: config 0 interface 121 altsetting 0 bulk endpoint 0x8C has invalid maxpacket 1024
[ 1905.281033][ T5972] usb 4-1: config 0 interface 121 altsetting 0 endpoint 0x6 has invalid maxpacket 1024, setting to 64
[ 1905.281058][ T5972] usb 4-1: config 0 interface 121 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1905.281078][ T5972] usb 4-1: config 0 interface 121 altsetting 0 has 6 endpoint descriptors, different from the interface descriptor's value: 5
[ 1905.281104][ T5972] usb 4-1: too many endpoints for config 0 interface 151 altsetting 42: 101, using maximum allowed: 30
[ 1905.281139][ T5972] usb 4-1: config 0 interface 151 altsetting 42 has 0 endpoint descriptors, different from the interface descriptor's value: 101
[ 1905.281164][ T5972] usb 4-1: config 0 interface 151 has no altsetting 0
[ 1905.281197][ T5972] usb 4-1: New USB device found, idVendor=046d, idProduct=092f, bcdDevice=93.71
[ 1905.281218][ T5972] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1905.326334][ T5972] usb 4-1: config 0 descriptor??
[ 1905.336382][ T3281] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1905.655232][ T3281] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1905.655619][ T3281] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1905.660486][ T5972] usb 4-1: string descriptor 0 read error: -71
[ 1905.782952][ T5972] usb 4-1: USB disconnect, device number 69
[ 1906.099026][ T3298] input: syz0 as /devices/virtual/input/input145
[ 1906.739766][ T3303] netlink: 'syz.2.6881': attribute type 10 has an invalid length.
[ 1906.784140][ T3303] bridge0: port 1(team0) entered blocking state
[ 1906.784584][ T3303] bridge0: port 1(team0) entered disabled state
[ 1906.785156][ T3303] team0: entered allmulticast mode
[ 1906.785180][ T3303] geneve0: entered allmulticast mode
[ 1906.819893][ T3303] team0: entered promiscuous mode
[ 1906.819918][ T3303] geneve0: entered promiscuous mode
[ 1906.975897][ T3310] binder: 3307:3310 ioctl 4018620d 0 returned -22
[ 1908.052845][ T5809] Bluetooth: hci4: command tx timeout
[ 1908.185494][ T3324] FAULT_INJECTION: forcing a failure.
[ 1908.185494][ T3324] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1908.185524][ T3324] CPU: 1 UID: 0 PID: 3324 Comm: syz.1.6888 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1908.185544][ T3324] Tainted: [L]=SOFTLOCKUP
[ 1908.185549][ T3324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1908.185558][ T3324] Call Trace:
[ 1908.185564][ T3324]  <TASK>
[ 1908.185571][ T3324]  dump_stack_lvl+0xe8/0x150
[ 1908.185594][ T3324]  should_fail_ex+0x46c/0x600
[ 1908.185617][ T3324]  _copy_from_user+0x2d/0xb0
[ 1908.185633][ T3324]  sctp_setsockopt+0x1c4/0x12c0
[ 1908.185652][ T3324]  ? sock_common_setsockopt+0x36/0xc0
[ 1908.185666][ T3324]  ? __pfx_sock_common_setsockopt+0x10/0x10
[ 1908.185681][ T3324]  do_sock_setsockopt+0x17c/0x1b0
[ 1908.185701][ T3324]  __x64_sys_setsockopt+0x145/0x1b0
[ 1908.185721][ T3324]  do_syscall_64+0xec/0xf80
[ 1908.185735][ T3324]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1908.185748][ T3324]  ? trace_irq_disable+0x37/0x100
[ 1908.185764][ T3324]  ? clear_bhb_loop+0x60/0xb0
[ 1908.185781][ T3324]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1908.185795][ T3324] RIP: 0033:0x7f66937bf749
[ 1908.185808][ T3324] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1908.185821][ T3324] RSP: 002b:00007f6691a1e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[ 1908.185837][ T3324] RAX: ffffffffffffffda RBX: 00007f6693a15fa0 RCX: 00007f66937bf749
[ 1908.185848][ T3324] RDX: 000000000000007d RSI: 0000000000000084 RDI: 0000000000000003
[ 1908.185857][ T3324] RBP: 00007f6691a1e090 R08: 0000000000000090 R09: 0000000000000000
[ 1908.185867][ T3324] R10: 0000200000000500 R11: 0000000000000246 R12: 0000000000000001
[ 1908.185876][ T3324] R13: 00007f6693a16038 R14: 00007f6693a15fa0 R15: 00007ffe23c49948
[ 1908.185901][ T3324]  </TASK>
[ 1908.224696][ T3284] chnl_net:caif_netlink_parms(): no params data found
[ 1908.633893][ T5972] usb 2-1: new high-speed USB device number 67 using dummy_hcd
[ 1908.800574][ T5972] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1908.800606][ T5972] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1908.800644][ T5972] usb 2-1: New USB device found, idVendor=0755, idProduct=2626, bcdDevice= 0.00
[ 1908.800667][ T5972] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1908.805929][ T5972] usb 2-1: config 0 descriptor??
[ 1909.393144][ T3347] input: syz0 as /devices/virtual/input/input146
[ 1909.926703][ T3329] syz.4.6889 (3329): drop_caches: 2
[ 1910.136887][ T5972] usbhid 2-1:0.0: can't add hid device: -71
[ 1910.139392][ T5972] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[ 1910.172202][ T5972] usb 2-1: USB disconnect, device number 67
[ 1910.260621][ T5809] Bluetooth: hci4: command tx timeout
[ 1910.310212][ T3355] binder: 3354:3355 ioctl 4018620d 0 returned -22
[ 1910.400871][ T3357] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6898'.
[ 1910.400897][ T3357] netlink: 20 bytes leftover after parsing attributes in process `syz.3.6898'.
[ 1910.498457][ T3357] geneve2: entered promiscuous mode
[ 1910.498473][ T3357] geneve2: entered allmulticast mode
[ 1910.511467][ T3284] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1910.511665][ T3284] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1910.511971][ T3284] bridge_slave_0: entered allmulticast mode
[ 1910.516656][ T3284] bridge_slave_0: entered promiscuous mode
[ 1910.542382][ T8059] usb 5-1: new full-speed USB device number 19 using dummy_hcd
[ 1910.555427][ T3284] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1910.555625][ T3284] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1910.555934][ T3284] bridge_slave_1: entered allmulticast mode
[ 1910.558587][ T3284] bridge_slave_1: entered promiscuous mode
[ 1910.709554][ T8059] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1910.709582][ T8059] usb 5-1: config 0 has no interfaces?
[ 1910.712381][ T8059] usb 5-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[ 1910.712408][ T8059] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1910.712428][ T8059] usb 5-1: Product: syz
[ 1910.712441][ T8059] usb 5-1: Manufacturer: syz
[ 1910.712456][ T8059] usb 5-1: SerialNumber: syz
[ 1910.720445][ T8059] usb 5-1: config 0 descriptor??
[ 1910.926694][ T3284] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1910.931944][ T3284] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1912.532078][ T5809] Bluetooth: hci4: command tx timeout
[ 1912.584124][ T3378] 9p: Bad value for 'wfdno'
[ 1913.763622][ T5914] usb 5-1: USB disconnect, device number 19
[ 1913.865258][ T3284] team0: Port device team_slave_0 added
[ 1913.886968][ T3284] team0: Port device team_slave_1 added
[ 1914.112824][ T3396] binder: 3394:3396 ioctl 4018620d 0 returned -22
[ 1914.218040][ T5809] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[ 1914.261994][ T5914] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[ 1914.405802][ T3407] netlink: 16 bytes leftover after parsing attributes in process `syz.3.6912'.
[ 1914.567889][ T5914] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1914.567923][ T5914] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1914.567961][ T5914] usb 5-1: New USB device found, idVendor=054c, idProduct=0df2, bcdDevice=d6.af
[ 1914.567983][ T5914] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1914.573513][ T5914] usb 5-1: config 0 descriptor??
[ 1915.403699][ T5809] Bluetooth: hci4: command tx timeout
[ 1915.492668][ T3415] 9p: Bad value for 'rfdno'
[ 1915.525842][ T3284] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1915.525860][ T3284] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1915.525938][ T3284] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1915.573395][ T3284] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1915.573631][ T3284] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1915.573660][ T3284] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1915.797877][ T5914] playstation 0003:054C:0DF2.0072: unknown main item tag 0x0
[ 1915.797914][ T5914] playstation 0003:054C:0DF2.0072: unknown main item tag 0x0
[ 1915.797941][ T5914] playstation 0003:054C:0DF2.0072: unknown main item tag 0x0
[ 1915.797967][ T5914] playstation 0003:054C:0DF2.0072: unknown main item tag 0x0
[ 1915.797992][ T5914] playstation 0003:054C:0DF2.0072: unknown main item tag 0x0
[ 1916.814781][ T5914] playstation 0003:054C:0DF2.0072: hidraw0: USB HID v1.01 Device [HID 054c:0df2] on usb-dummy_hcd.4-1/input0
[ 1917.750841][ T8059] usb 3-1: new full-speed USB device number 85 using dummy_hcd
[ 1917.751049][T18205] usb 2-1: new high-speed USB device number 68 using dummy_hcd
[ 1917.792357][ T3284] hsr_slave_0: entered promiscuous mode
[ 1917.796846][ T3284] hsr_slave_1: entered promiscuous mode
[ 1917.798147][ T3284] debugfs: 'hsr0' already exists in 'hsr'
[ 1917.798173][ T3284] Cannot create hsr debugfs directory
[ 1917.914593][T18205] usb 2-1: Using ep0 maxpacket: 32
[ 1917.917088][T18205] usb 2-1: config 0 has an invalid interface number: 51 but max is 0
[ 1917.917113][T18205] usb 2-1: config 0 has no interface number 0
[ 1917.921255][T18205] usb 2-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[ 1917.921282][T18205] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1917.921301][T18205] usb 2-1: Product: syz
[ 1917.921315][T18205] usb 2-1: Manufacturer: syz
[ 1917.921330][T18205] usb 2-1: SerialNumber: syz
[ 1917.937501][T18205] usb 2-1: config 0 descriptor??
[ 1917.960420][T18205] quatech2 2-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[ 1918.002339][ T8059] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1918.002365][ T8059] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1918.005828][ T8059] usb 3-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[ 1918.005855][ T8059] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1918.005917][ T8059] usb 3-1: Product: syz
[ 1918.005925][ T8059] usb 3-1: Manufacturer: syz
[ 1918.005933][ T8059] usb 3-1: SerialNumber: syz
[ 1918.054681][ T8059] usb 3-1: config 0 descriptor??
[ 1918.265012][ T5914] playstation 0003:054C:0DF2.0072: Failed to retrieve feature with reportID 32: -71
[ 1918.265053][ T5914] playstation 0003:054C:0DF2.0072: Failed to retrieve DualSense firmware info: -71
[ 1918.265110][ T5914] playstation 0003:054C:0DF2.0072: Failed to get firmware info from DualSense
[ 1918.265131][ T5914] playstation 0003:054C:0DF2.0072: Failed to create dualsense.
[ 1918.268205][ T5914] playstation 0003:054C:0DF2.0072: probe with driver playstation failed with error -71
[ 1918.522362][ T3446] overlayfs: failed to clone lowerpath
[ 1918.569537][T18205] usb 2-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[ 1918.587516][T18205] usb 2-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[ 1918.797740][ T5971] usb 2-1: USB disconnect, device number 68
[ 1918.798288][    C0] usb 2-1: qt2_read_bulk_callback - non-zero urb status: -71
[ 1918.820446][ T5971] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[ 1918.845701][ T5971] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[ 1918.847421][ T5971] quatech2 2-1:0.51: device disconnected
[ 1920.127655][ T3284] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1920.155507][ T5914] usb 5-1: USB disconnect, device number 20
[ 1920.944967][ T8059] usb 3-1: USB disconnect, device number 85
[ 1921.654367][ T3475] overlayfs: failed to clone lowerpath
[ 1921.771209][ T3284] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1922.066646][ T3482] binder: 3481:3482 ioctl 4018620d 0 returned -22
[ 1922.507487][ T8059] usb 3-1: new high-speed USB device number 86 using dummy_hcd
[ 1922.712824][ T5971] usb 2-1: new high-speed USB device number 69 using dummy_hcd
[ 1922.878329][ T8059] usb 3-1: Using ep0 maxpacket: 8
[ 1922.911691][ T8059] usb 3-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2e.04
[ 1922.911721][ T8059] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1922.911741][ T8059] usb 3-1: Product: syz
[ 1922.911755][ T8059] usb 3-1: Manufacturer: syz
[ 1922.911768][ T8059] usb 3-1: SerialNumber: syz
[ 1922.924143][ T8059] usb 3-1: config 0 descriptor??
[ 1923.493982][ T5971] usb 2-1: Using ep0 maxpacket: 16
[ 1923.621117][ T5971] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1923.621173][ T5971] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1923.621201][ T5971] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[ 1923.621221][ T5971] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[ 1923.621243][ T5971] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1923.623057][ T5971] usb 2-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[ 1923.623083][ T5971] usb 2-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[ 1923.623102][ T5971] usb 2-1: Manufacturer: syz
[ 1923.661191][ T8059] usb 3-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[ 1923.736427][ T5971] usb 2-1: config 0 descriptor??
[ 1923.741440][ T3284] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1923.922520][ T3474] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1923.936966][ T3474] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1924.111168][ T5971] rc_core: IR keymap rc-hauppauge not found
[ 1924.111189][ T5971] Registered IR keymap rc-empty
[ 1924.111346][ T5971] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1924.140482][ T5971] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1924.275962][ T1317] ieee802154 phy0 wpan0: encryption failed: -22
[ 1924.276040][ T1317] ieee802154 phy1 wpan1: encryption failed: -22
[ 1924.287376][ T8059] dvb_usb_rtl28xxu 3-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[ 1924.292047][ T8059] usb 3-1: USB disconnect, device number 86
[ 1924.314709][ T5971] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0
[ 1924.316271][ T5971] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0/input147
[ 1925.242600][ T5971] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1925.277388][ T5971] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1925.294645][ T5971] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1925.358119][ T5971] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1925.390410][ T5971] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1925.412035][ T5971] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1925.413825][ T3284] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1925.433856][ T5971] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1925.466076][ T5971] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1925.586004][ T5971] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1925.614359][ T5971] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1925.638126][ T5971] mceusb 2-1:0.0: Registered 424242424242 with mce emulator interface version 1
[ 1925.638151][ T5971] mceusb 2-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[ 1925.649649][ T5971] usb 2-1: USB disconnect, device number 69
[ 1926.075291][T16136] usb 3-1: new full-speed USB device number 87 using dummy_hcd
[ 1926.243700][T16136] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1926.243726][T16136] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1926.277036][T16136] usb 3-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[ 1926.277067][T16136] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1926.277087][T16136] usb 3-1: Product: syz
[ 1926.277100][T16136] usb 3-1: Manufacturer: syz
[ 1926.277114][T16136] usb 3-1: SerialNumber: syz
[ 1926.282987][T16136] usb 3-1: config 0 descriptor??
[ 1926.502148][ T3284] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1926.506762][ T3524] can0: slcan on ttyS3.
[ 1926.526587][ T5809] Bluetooth: to_multiplier 44037 > 3200
[ 1927.628279][ T5809] Bluetooth: hci2: adv larger than maximum supported
[ 1928.230035][ T3284] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1928.255398][ T3526] can0 (unregistered): slcan off ttyS3.
[ 1928.338180][ T3284] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1928.842094][ T5809] Bluetooth: hci5: command 0x0406 tx timeout
[ 1929.469683][ T3284] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1929.697070][T16136] usb 3-1: USB disconnect, device number 87
[ 1929.893573][ T3563] Bluetooth: hci0: invalid length 0, exp 2 for type 22
[ 1929.966752][ T3284] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1930.026681][ T3284] 8021q: adding VLAN 0 to HW filter on device team0
[ 1930.053296][ T1148] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1930.059981][ T1148] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1930.099512][T18725] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1930.099701][T18725] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1931.041674][ T3584] FAULT_INJECTION: forcing a failure.
[ 1931.041674][ T3584] name failslab, interval 1, probability 0, space 0, times 0
[ 1931.041709][ T3584] CPU: 0 UID: 0 PID: 3584 Comm: syz.1.6958 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1931.041740][ T3584] Tainted: [L]=SOFTLOCKUP
[ 1931.041747][ T3584] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1931.041760][ T3584] Call Trace:
[ 1931.041768][ T3584]  <TASK>
[ 1931.041776][ T3584]  dump_stack_lvl+0xe8/0x150
[ 1931.041806][ T3584]  should_fail_ex+0x46c/0x600
[ 1931.041836][ T3584]  ? __alloc_skb+0x1dc/0x3a0
[ 1931.041857][ T3584]  should_failslab+0xa8/0x100
[ 1931.041878][ T3584]  ? __alloc_skb+0x1dc/0x3a0
[ 1931.041896][ T3584]  kmem_cache_alloc_node_noprof+0x8b/0x6f0
[ 1931.041922][ T3584]  ? lockdep_hardirqs_on+0x7b/0x110
[ 1931.041943][ T3584]  ? __alloc_skb+0x198/0x3a0
[ 1931.041965][ T3584]  __alloc_skb+0x1dc/0x3a0
[ 1931.041990][ T3584]  netlink_sendmsg+0x5c6/0xb30
[ 1931.042026][ T3584]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1931.042058][ T3584]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1931.042082][ T3584]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1931.042108][ T3584]  __sock_sendmsg+0x21c/0x270
[ 1931.042138][ T3584]  ____sys_sendmsg+0x508/0x810
[ 1931.042168][ T3584]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1931.042201][ T3584]  ? import_iovec+0x74/0xa0
[ 1931.042224][ T3584]  ___sys_sendmsg+0x21f/0x2a0
[ 1931.042250][ T3584]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1931.042310][ T3584]  ? __fget_files+0x2a/0x420
[ 1931.042329][ T3584]  ? __fget_files+0x3a6/0x420
[ 1931.042360][ T3584]  __x64_sys_sendmsg+0x1a1/0x260
[ 1931.042394][ T3584]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1931.042428][ T3584]  ? __pfx_ksys_write+0x10/0x10
[ 1931.042466][ T3584]  do_syscall_64+0xec/0xf80
[ 1931.042485][ T3584]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1931.042503][ T3584]  ? trace_irq_disable+0x37/0x100
[ 1931.042523][ T3584]  ? clear_bhb_loop+0x60/0xb0
[ 1931.042547][ T3584]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1931.042566][ T3584] RIP: 0033:0x7f66937bf749
[ 1931.042584][ T3584] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1931.042601][ T3584] RSP: 002b:00007f6691a1e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1931.042622][ T3584] RAX: ffffffffffffffda RBX: 00007f6693a15fa0 RCX: 00007f66937bf749
[ 1931.042637][ T3584] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[ 1931.042650][ T3584] RBP: 00007f6691a1e090 R08: 0000000000000000 R09: 0000000000000000
[ 1931.042663][ T3584] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1931.042675][ T3584] R13: 00007f6693a16038 R14: 00007f6693a15fa0 R15: 00007ffe23c49948
[ 1931.042708][ T3584]  </TASK>
[ 1933.782749][ T3599] FAULT_INJECTION: forcing a failure.
[ 1933.782749][ T3599] name failslab, interval 1, probability 0, space 0, times 0
[ 1933.782785][ T3599] CPU: 1 UID: 0 PID: 3599 Comm: syz.4.6961 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1933.782811][ T3599] Tainted: [L]=SOFTLOCKUP
[ 1933.782819][ T3599] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1933.782840][ T3599] Call Trace:
[ 1933.782848][ T3599]  <TASK>
[ 1933.782856][ T3599]  dump_stack_lvl+0xe8/0x150
[ 1933.782886][ T3599]  should_fail_ex+0x46c/0x600
[ 1933.782916][ T3599]  ? __alloc_skb+0x1dc/0x3a0
[ 1933.782936][ T3599]  should_failslab+0xa8/0x100
[ 1933.782956][ T3599]  ? __alloc_skb+0x1dc/0x3a0
[ 1933.782975][ T3599]  kmem_cache_alloc_node_noprof+0x8b/0x6f0
[ 1933.783002][ T3599]  ? lockdep_hardirqs_on+0x7b/0x110
[ 1933.783023][ T3599]  ? __alloc_skb+0x198/0x3a0
[ 1933.783045][ T3599]  __alloc_skb+0x1dc/0x3a0
[ 1933.783070][ T3599]  netlink_sendmsg+0x5c6/0xb30
[ 1933.783105][ T3599]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1933.783137][ T3599]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1933.783162][ T3599]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1933.783188][ T3599]  __sock_sendmsg+0x21c/0x270
[ 1933.783219][ T3599]  ____sys_sendmsg+0x508/0x810
[ 1933.783249][ T3599]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1933.783282][ T3599]  ? import_iovec+0x74/0xa0
[ 1933.783305][ T3599]  ___sys_sendmsg+0x21f/0x2a0
[ 1933.783332][ T3599]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1933.783392][ T3599]  ? __fget_files+0x2a/0x420
[ 1933.783412][ T3599]  ? __fget_files+0x3a6/0x420
[ 1933.783444][ T3599]  __x64_sys_sendmsg+0x1a1/0x260
[ 1933.783470][ T3599]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1933.783504][ T3599]  ? __pfx_ksys_write+0x10/0x10
[ 1933.783542][ T3599]  do_syscall_64+0xec/0xf80
[ 1933.783561][ T3599]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1933.783579][ T3599]  ? trace_irq_disable+0x37/0x100
[ 1933.783599][ T3599]  ? clear_bhb_loop+0x60/0xb0
[ 1933.783623][ T3599]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1933.783642][ T3599] RIP: 0033:0x7f1bf6d8f749
[ 1933.783660][ T3599] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1933.783677][ T3599] RSP: 002b:00007f1bf4ff6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1933.783698][ T3599] RAX: ffffffffffffffda RBX: 00007f1bf6fe5fa0 RCX: 00007f1bf6d8f749
[ 1933.783713][ T3599] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000003
[ 1933.783726][ T3599] RBP: 00007f1bf4ff6090 R08: 0000000000000000 R09: 0000000000000000
[ 1933.783739][ T3599] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1933.783751][ T3599] R13: 00007f1bf6fe6038 R14: 00007f1bf6fe5fa0 R15: 00007ffc4d55f098
[ 1933.783783][ T3599]  </TASK>
[ 1934.779187][ T3612] overlayfs: "xino" feature enabled using 3 upper inode bits.
[ 1935.423304][ T3284] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1936.033277][ T3625] fuse: Bad value for 'user_id'
[ 1936.033296][ T3625] fuse: Bad value for 'user_id'
[ 1936.095231][ T3284] veth0_vlan: entered promiscuous mode
[ 1936.139467][ T3284] veth1_vlan: entered promiscuous mode
[ 1937.040979][T10361] usb 5-1: new full-speed USB device number 21 using dummy_hcd
[ 1937.070530][ T3284] veth0_macvtap: entered promiscuous mode
[ 1937.270307][T10361] usb 5-1: config 7 has an invalid interface number: 192 but max is 0
[ 1937.270325][T10361] usb 5-1: config 7 has no interface number 0
[ 1937.270351][T10361] usb 5-1: config 7 interface 192 has no altsetting 0
[ 1937.272200][T10361] usb 5-1: New USB device found, idVendor=00fb, idProduct=ebbe, bcdDevice=d4.8d
[ 1937.272216][T10361] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1937.272226][T10361] usb 5-1: Product: syz
[ 1937.272233][T10361] usb 5-1: Manufacturer: syz
[ 1937.272240][T10361] usb 5-1: SerialNumber: syz
[ 1937.311861][ T3284] veth1_macvtap: entered promiscuous mode
[ 1937.523233][ T3632] netlink: 'syz.4.6972': attribute type 10 has an invalid length.
[ 1937.572550][T10361] usb 5-1: USB disconnect, device number 21
[ 1937.774038][ T3284] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1937.797693][ T3284] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1937.856377][T18205] usb 2-1: new high-speed USB device number 70 using dummy_hcd
[ 1938.048626][T18205] usb 2-1: Using ep0 maxpacket: 32
[ 1938.051053][T18205] usb 2-1: config 0 has an invalid interface number: 51 but max is 0
[ 1938.051079][T18205] usb 2-1: config 0 has no interface number 0
[ 1938.055278][T18205] usb 2-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[ 1938.055306][T18205] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1938.055326][T18205] usb 2-1: Product: syz
[ 1938.055340][T18205] usb 2-1: Manufacturer: syz
[ 1938.055355][T18205] usb 2-1: SerialNumber: syz
[ 1938.113894][T18205] usb 2-1: config 0 descriptor??
[ 1938.118351][T18205] quatech2 2-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[ 1938.246499][ T1162] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1938.272991][ T1162] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1938.274349][ T1162] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1938.302741][ T1162] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1938.862225][T18205] usb 2-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[ 1939.101006][    C0] usb 2-1: qt2_read_bulk_callback - non-zero urb status: -71
[ 1939.185756][T18205] usb 2-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[ 1939.435958][T18205] usb 2-1: USB disconnect, device number 70
[ 1939.492607][T18205] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[ 1939.518029][T18205] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[ 1939.518705][T18205] quatech2 2-1:0.51: device disconnected
[ 1940.376570][ T1160] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1940.376591][ T1160] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1940.417666][ T3661] overlayfs: failed to resolve './bus': -2
[ 1940.479226][ T1013] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1940.479247][ T1013] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1941.824536][ T3678] FAULT_INJECTION: forcing a failure.
[ 1941.824536][ T3678] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1941.824572][ T3678] CPU: 1 UID: 0 PID: 3678 Comm: syz.0.6875 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1941.824598][ T3678] Tainted: [L]=SOFTLOCKUP
[ 1941.824606][ T3678] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1941.824618][ T3678] Call Trace:
[ 1941.824626][ T3678]  <TASK>
[ 1941.824636][ T3678]  dump_stack_lvl+0xe8/0x150
[ 1941.824666][ T3678]  should_fail_ex+0x46c/0x600
[ 1941.824698][ T3678]  _copy_from_iter+0x1cd/0x1630
[ 1941.824725][ T3678]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1941.824757][ T3678]  ? __pfx__copy_from_iter+0x10/0x10
[ 1941.824788][ T3678]  ? set_page_refcounted+0xa0/0x1e0
[ 1941.824809][ T3678]  ? page_copy_sane+0x4e/0x280
[ 1941.824834][ T3678]  copy_page_from_iter+0xdd/0x170
[ 1941.824865][ T3678]  tun_get_user+0x1d40/0x3de0
[ 1941.824892][ T3678]  ? tun_get_user+0x6fc/0x3de0
[ 1941.824928][ T3678]  ? __pfx_tun_get_user+0x10/0x10
[ 1941.824951][ T3678]  ? __lock_acquire+0x6b6/0x2cf0
[ 1941.824977][ T3678]  ? kstrtoull+0x12f/0x1d0
[ 1941.825009][ T3678]  ? ref_tracker_alloc+0x2fe/0x450
[ 1941.825031][ T3678]  ? get_pid_task+0x20/0x1f0
[ 1941.825057][ T3678]  ? __pfx_ref_tracker_alloc+0x10/0x10
[ 1941.825084][ T3678]  ? tun_get+0x1c/0x2f0
[ 1941.825103][ T3678]  ? tun_get+0x1c/0x2f0
[ 1941.825128][ T3678]  ? tun_get+0x1c/0x2f0
[ 1941.825148][ T3678]  ? tun_get+0x1c/0x2f0
[ 1941.825176][ T3678]  tun_chr_write_iter+0x119/0x200
[ 1941.825196][ T3678]  vfs_write+0x5d5/0xb40
[ 1941.825219][ T3678]  ? __pfx_tun_chr_write_iter+0x10/0x10
[ 1941.825238][ T3678]  ? __pfx_vfs_write+0x10/0x10
[ 1941.825269][ T3678]  ? __fget_files+0x2a/0x420
[ 1941.825299][ T3678]  ksys_write+0x14b/0x260
[ 1941.825332][ T3678]  ? __pfx_ksys_write+0x10/0x10
[ 1941.825360][ T3678]  do_syscall_64+0xec/0xf80
[ 1941.825376][ T3678]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1941.825390][ T3678]  ? trace_irq_disable+0x37/0x100
[ 1941.825406][ T3678]  ? clear_bhb_loop+0x60/0xb0
[ 1941.825430][ T3678]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1941.825445][ T3678] RIP: 0033:0x7f8afd9fe1ff
[ 1941.825463][ T3678] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[ 1941.825480][ T3678] RSP: 002b:00007f8afbc5e000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 1941.825499][ T3678] RAX: ffffffffffffffda RBX: 00007f8afdc55fa0 RCX: 00007f8afd9fe1ff
[ 1941.825512][ T3678] RDX: 000000000000002a RSI: 0000200000000000 RDI: 00000000000000c8
[ 1941.825523][ T3678] RBP: 00007f8afbc5e090 R08: 0000000000000000 R09: 0000000000000000
[ 1941.825534][ T3678] R10: 000000000000002a R11: 0000000000000293 R12: 0000000000000001
[ 1941.825545][ T3678] R13: 00007f8afdc56038 R14: 00007f8afdc55fa0 R15: 00007ffdad76c948
[ 1941.825578][ T3678]  </TASK>
[ 1947.377315][ T5809] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1947.414752][ T5809] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1947.424569][ T5809] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1947.425929][ T5809] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1947.427760][ T5809] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1947.766760][ T3705] Bluetooth: hci0: invalid length 0, exp 2 for type 0
[ 1948.179090][ T3715] input: syz0 as /devices/virtual/input/input148
[ 1949.049953][ T3696] chnl_net:caif_netlink_parms(): no params data found
[ 1949.155492][   T37] audit: type=1326 audit(1931.569:1685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3727 comm="syz.4.6999" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1bf6d8f749 code=0x7ffc0000
[ 1949.155549][   T37] audit: type=1326 audit(1931.569:1686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3727 comm="syz.4.6999" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1bf6d8f749 code=0x7ffc0000
[ 1949.155593][   T37] audit: type=1326 audit(1931.569:1687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3727 comm="syz.4.6999" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f1bf6d8f749 code=0x7ffc0000
[ 1949.155635][   T37] audit: type=1326 audit(1931.569:1688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3727 comm="syz.4.6999" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1bf6d8f749 code=0x7ffc0000
[ 1949.155678][   T37] audit: type=1326 audit(1931.569:1689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3727 comm="syz.4.6999" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1bf6d8f749 code=0x7ffc0000
[ 1949.156547][   T37] audit: type=1326 audit(1931.569:1690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3727 comm="syz.4.6999" exe="/root/syz-executor" sig=0 arch=c000003e syscall=48 compat=0 ip=0x7f1bf6d8f749 code=0x7ffc0000
[ 1949.156600][   T37] audit: type=1326 audit(1931.569:1691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3727 comm="syz.4.6999" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1bf6d8f749 code=0x7ffc0000
[ 1949.156642][   T37] audit: type=1326 audit(1931.569:1692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3727 comm="syz.4.6999" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1bf6d8f749 code=0x7ffc0000
[ 1949.355723][   T37] audit: type=1326 audit(1931.569:1693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3727 comm="syz.4.6999" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1bf6d8f749 code=0x7ffc0000
[ 1949.355786][   T37] audit: type=1326 audit(1931.579:1694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3727 comm="syz.4.6999" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1bf6d8f749 code=0x7ffc0000
[ 1949.500712][ T3739] netlink: 24 bytes leftover after parsing attributes in process `syz.0.7002'.
[ 1949.732049][T14116] Bluetooth: hci3: command tx timeout
[ 1950.267853][T14116] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:201'
[ 1950.267883][T14116] CPU: 0 UID: 0 PID: 14116 Comm: kworker/u9:1 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1950.267912][T14116] Tainted: [L]=SOFTLOCKUP
[ 1950.267920][T14116] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1950.267935][T14116] Workqueue: hci4 hci_rx_work
[ 1950.267961][T14116] Call Trace:
[ 1950.267969][T14116]  <TASK>
[ 1950.267980][T14116]  dump_stack_lvl+0xe8/0x150
[ 1950.268011][T14116]  sysfs_create_dir_ns+0x259/0x280
[ 1950.268040][T14116]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[ 1950.268068][T14116]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[ 1950.268100][T14116]  ? rt_spin_unlock+0x161/0x200
[ 1950.268129][T14116]  kobject_add_internal+0x6b1/0xcd0
[ 1950.268162][T14116]  kobject_add+0x155/0x220
[ 1950.268189][T14116]  ? __pfx_kobject_add+0x10/0x10
[ 1950.268217][T14116]  ? get_device_parent+0x370/0x3a0
[ 1950.268244][T14116]  device_add+0x408/0xb80
[ 1950.268271][T14116]  hci_conn_add_sysfs+0xd5/0x210
[ 1950.268303][T14116]  le_conn_complete_evt+0xf1d/0x1420
[ 1950.268338][T14116]  ? __pfx_le_conn_complete_evt+0x10/0x10
[ 1950.268363][T14116]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 1950.268383][T14116]  ? lockdep_hardirqs_on+0x7b/0x110
[ 1950.268406][T14116]  ? skb_pull_data+0xfb/0x200
[ 1950.268439][T14116]  hci_le_conn_complete_evt+0x187/0x480
[ 1950.268471][T14116]  hci_event_packet+0x78f/0x1260
[ 1950.268505][T14116]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 1950.268532][T14116]  ? __pfx_hci_event_packet+0x10/0x10
[ 1950.268571][T14116]  ? rt_spin_unlock+0x150/0x200
[ 1950.268608][T14116]  ? hci_send_to_monitor+0xe2/0x590
[ 1950.268638][T14116]  hci_rx_work+0x3ee/0x1060
[ 1950.268666][T14116]  ? process_scheduled_works+0x9ef/0x1770
[ 1950.268692][T14116]  process_scheduled_works+0xad1/0x1770
[ 1950.268747][T14116]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1950.268768][T14116]  ? do_raw_spin_lock+0x121/0x290
[ 1950.268809][T14116]  worker_thread+0x8a0/0xda0
[ 1950.268861][T14116]  kthread+0x711/0x8a0
[ 1950.268891][T14116]  ? __pfx_worker_thread+0x10/0x10
[ 1950.268914][T14116]  ? __pfx_kthread+0x10/0x10
[ 1950.268937][T14116]  ? rt_spin_unlock+0x150/0x200
[ 1950.268968][T14116]  ? rt_spin_unlock+0x161/0x200
[ 1950.268990][T14116]  ? __pfx_kthread+0x10/0x10
[ 1950.269018][T14116]  ret_from_fork+0x510/0xa50
[ 1950.269044][T14116]  ? __pfx_ret_from_fork+0x10/0x10
[ 1950.269064][T14116]  ? __switch_to+0xc9e/0x1480
[ 1950.269097][T14116]  ? __pfx_kthread+0x10/0x10
[ 1950.269130][T14116]  ret_from_fork_asm+0x1a/0x30
[ 1950.269177][T14116]  </TASK>
[ 1950.269206][T14116] kobject: kobject_add_internal failed for hci4:201 with -EEXIST, don't try to register things with the same name in the same directory.
[ 1950.269251][T14116] Bluetooth: hci4: failed to register connection device
[ 1950.484096][T14116] ==================================================================
[ 1950.484115][T14116] BUG: KASAN: slab-use-after-free in l2cap_connect_cfm+0x6d0/0x10e0
[ 1950.484152][T14116] Read of size 8 at addr ffff888052d0a500 by task kworker/u9:1/14116
[ 1950.484172][T14116] 
[ 1950.484187][T14116] CPU: 0 UID: 0 PID: 14116 Comm: kworker/u9:1 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1950.484216][T14116] Tainted: [L]=SOFTLOCKUP
[ 1950.484225][T14116] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1950.484240][T14116] Workqueue: hci4 hci_rx_work
[ 1950.484262][T14116] Call Trace:
[ 1950.484270][T14116]  <TASK>
[ 1950.484281][T14116]  dump_stack_lvl+0xe8/0x150
[ 1950.484310][T14116]  print_report+0xca/0x240
[ 1950.484333][T14116]  ? l2cap_connect_cfm+0x6d0/0x10e0
[ 1950.484357][T14116]  kasan_report+0x118/0x150
[ 1950.484379][T14116]  ? l2cap_connect_cfm+0x6d0/0x10e0
[ 1950.484409][T14116]  l2cap_connect_cfm+0x6d0/0x10e0
[ 1950.484439][T14116]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[ 1950.484464][T14116]  ? lockdep_hardirqs_on+0x7b/0x110
[ 1950.484483][T14116]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[ 1950.484503][T14116]  ? mutex_lock_nested+0x154/0x1d0
[ 1950.484527][T14116]  ? hci_connect_cfm+0x2c/0x140
[ 1950.484548][T14116]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[ 1950.484574][T14116]  hci_connect_cfm+0x95/0x140
[ 1950.484603][T14116]  le_conn_complete_evt+0xf65/0x1420
[ 1950.484633][T14116]  ? __pfx_le_conn_complete_evt+0x10/0x10
[ 1950.484657][T14116]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 1950.484676][T14116]  ? lockdep_hardirqs_on+0x7b/0x110
[ 1950.484697][T14116]  ? skb_pull_data+0xfb/0x200
[ 1950.484726][T14116]  hci_le_conn_complete_evt+0x187/0x480
[ 1950.484753][T14116]  hci_event_packet+0x78f/0x1260
[ 1950.484783][T14116]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 1950.484807][T14116]  ? __pfx_hci_event_packet+0x10/0x10
[ 1950.484835][T14116]  ? rt_spin_unlock+0x150/0x200
[ 1950.484865][T14116]  ? hci_send_to_monitor+0xe2/0x590
[ 1950.484892][T14116]  hci_rx_work+0x3ee/0x1060
[ 1950.484915][T14116]  ? process_scheduled_works+0x9ef/0x1770
[ 1950.484938][T14116]  process_scheduled_works+0xad1/0x1770
[ 1950.484975][T14116]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1950.484996][T14116]  ? do_raw_spin_lock+0x121/0x290
[ 1950.485027][T14116]  worker_thread+0x8a0/0xda0
[ 1950.485062][T14116]  kthread+0x711/0x8a0
[ 1950.485090][T14116]  ? __pfx_worker_thread+0x10/0x10
[ 1950.485112][T14116]  ? __pfx_kthread+0x10/0x10
[ 1950.485136][T14116]  ? rt_spin_unlock+0x150/0x200
[ 1950.485178][T14116]  ? rt_spin_unlock+0x161/0x200
[ 1950.485202][T14116]  ? __pfx_kthread+0x10/0x10
[ 1950.485228][T14116]  ret_from_fork+0x510/0xa50
[ 1950.485250][T14116]  ? __pfx_ret_from_fork+0x10/0x10
[ 1950.485270][T14116]  ? __switch_to+0xc9e/0x1480
[ 1950.485299][T14116]  ? __pfx_kthread+0x10/0x10
[ 1950.485326][T14116]  ret_from_fork_asm+0x1a/0x30
[ 1950.485362][T14116]  </TASK>
[ 1950.485369][T14116] 
[ 1950.485375][T14116] Allocated by task 14116:
[ 1950.485385][T14116]  kasan_save_track+0x3e/0x80
[ 1950.485409][T14116]  __kasan_kmalloc+0x93/0xb0
[ 1950.485434][T14116]  __kmalloc_cache_noprof+0x1fb/0x6d0
[ 1950.485458][T14116]  l2cap_chan_create+0x51/0x7a0
[ 1950.485483][T14116]  l2cap_sock_new_connection_cb+0x182/0x2e0
[ 1950.485510][T14116]  l2cap_connect_cfm+0x367/0x10e0
[ 1950.485532][T14116]  hci_connect_cfm+0x95/0x140
[ 1950.485551][T14116]  le_conn_complete_evt+0xf65/0x1420
[ 1950.485571][T14116]  hci_le_conn_complete_evt+0x187/0x480
[ 1950.485597][T14116]  hci_event_packet+0x78f/0x1260
[ 1950.485622][T14116]  hci_rx_work+0x3ee/0x1060
[ 1950.485637][T14116]  process_scheduled_works+0xad1/0x1770
[ 1950.485656][T14116]  worker_thread+0x8a0/0xda0
[ 1950.485675][T14116]  kthread+0x711/0x8a0
[ 1950.485698][T14116]  ret_from_fork+0x510/0xa50
[ 1950.485716][T14116]  ret_from_fork_asm+0x1a/0x30
[ 1950.485740][T14116] 
[ 1950.485746][T14116] Freed by task 3744:
[ 1950.485755][T14116]  kasan_save_track+0x3e/0x80
[ 1950.485779][T14116]  kasan_save_free_info+0x46/0x50
[ 1950.485799][T14116]  __kasan_slab_free+0x5c/0x80
[ 1950.485824][T14116]  kfree+0x1bd/0x900
[ 1950.485844][T14116]  l2cap_sock_cleanup_listen+0xf0/0x450
[ 1950.485869][T14116]  l2cap_sock_release+0x6e/0x270
[ 1950.485891][T14116]  sock_close+0xc3/0x240
[ 1950.485915][T14116]  __fput+0x45b/0xa80
[ 1950.485934][T14116]  task_work_run+0x1d4/0x260
[ 1950.485958][T14116]  get_signal+0x11c4/0x1310
[ 1950.485977][T14116]  arch_do_signal_or_restart+0x9a/0x7a0
[ 1950.486003][T14116]  exit_to_user_mode_loop+0x87/0x4e0
[ 1950.486026][T14116]  do_syscall_64+0x2b7/0xf80
[ 1950.486043][T14116]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1950.486062][T14116] 
[ 1950.486067][T14116] The buggy address belongs to the object at ffff888052d0a000
[ 1950.486067][T14116]  which belongs to the cache kmalloc-2k of size 2048
[ 1950.486084][T14116] The buggy address is located 1280 bytes inside of
[ 1950.486084][T14116]  freed 2048-byte region [ffff888052d0a000, ffff888052d0a800)
[ 1950.486106][T14116] 
[ 1950.486111][T14116] The buggy address belongs to the physical page:
[ 1950.486129][T14116] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x52d08
[ 1950.486150][T14116] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 1950.486167][T14116] flags: 0x80000000000040(head|node=0|zone=1)
[ 1950.486185][T14116] page_type: f5(slab)
[ 1950.486209][T14116] raw: 0080000000000040 ffff88813ff27000 dead000000000100 dead000000000122
[ 1950.486228][T14116] raw: 0000000000000000 0000000080080008 00000000f5000000 0000000000000000
[ 1950.486249][T14116] head: 0080000000000040 ffff88813ff27000 dead000000000100 dead000000000122
[ 1950.486267][T14116] head: 0000000000000000 0000000080080008 00000000f5000000 0000000000000000
[ 1950.486287][T14116] head: 0080000000000003 ffffea00014b4201 00000000ffffffff 00000000ffffffff
[ 1950.486305][T14116] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000008
[ 1950.486317][T14116] page dumped because: kasan: bad access detected
[ 1950.486328][T14116] page_owner tracks the page as allocated
[ 1950.486340][T14116] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5972, tgid 5972 (kworker/1:9), ts 1586660098167, free_ts 1585467908518
[ 1950.486377][T14116]  post_alloc_hook+0x234/0x290
[ 1950.486403][T14116]  get_page_from_freelist+0x28c0/0x2960
[ 1950.486422][T14116]  __alloc_frozen_pages_noprof+0x181/0x370
[ 1950.486440][T14116]  alloc_pages_mpol+0xd1/0x380
[ 1950.486457][T14116]  allocate_slab+0x86/0x3b0
[ 1950.486477][T14116]  ___slab_alloc+0xb10/0x13e0
[ 1950.486495][T14116]  __slab_alloc+0xc6/0x1f0
[ 1950.486512][T14116]  __kmalloc_node_track_caller_noprof+0x2bf/0x810
[ 1950.486538][T14116]  kmalloc_reserve+0x136/0x290
[ 1950.486558][T14116]  __alloc_skb+0x204/0x3a0
[ 1950.486576][T14116]  mld_newpack+0x13c/0xc40
[ 1950.486606][T14116]  add_grhead+0x5a/0x2a0
[ 1950.486621][T14116]  add_grec+0x1452/0x1740
[ 1950.486645][T14116]  mld_ifc_work+0x6ed/0xd60
[ 1950.486669][T14116]  process_scheduled_works+0xad1/0x1770
[ 1950.486689][T14116]  worker_thread+0x8a0/0xda0
[ 1950.486708][T14116] page last free pid 5788 tgid 5788 stack trace:
[ 1950.486720][T14116]  __free_frozen_pages+0xfe1/0x1170
[ 1950.486745][T14116]  __folio_put+0x247/0x300
[ 1950.486769][T14116]  skb_release_data+0x49a/0x7c0
[ 1950.486790][T14116]  __kfree_skb+0x55/0x70
[ 1950.486809][T14116]  tcp_ack+0x2341/0x6a30
[ 1950.486827][T14116]  tcp_rcv_established+0xbe0/0x2580
[ 1950.486845][T14116]  tcp_v4_do_rcv+0xe1a/0x12b0
[ 1950.486868][T14116]  __release_sock+0x285/0x3e0
[ 1950.486891][T14116]  release_sock+0x75/0x210
[ 1950.486906][T14116]  tcp_sendmsg+0x39/0x50
[ 1950.486925][T14116]  __sock_sendmsg+0x19c/0x270
[ 1950.486949][T14116]  sock_write_iter+0x27f/0x370
[ 1950.486971][T14116]  vfs_write+0x5d5/0xb40
[ 1950.486994][T14116]  ksys_write+0x14b/0x260
[ 1950.487016][T14116]  do_syscall_64+0xec/0xf80
[ 1950.487033][T14116]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1950.487051][T14116] 
[ 1950.487056][T14116] Memory state around the buggy address:
[ 1950.487067][T14116]  ffff888052d0a400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1950.487080][T14116]  ffff888052d0a480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1950.487094][T14116] >ffff888052d0a500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1950.487105][T14116]                    ^
[ 1950.487115][T14116]  ffff888052d0a580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1950.487128][T14116]  ffff888052d0a600: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1950.487139][T14116] ==================================================================
[ 1950.487202][T14116] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 1950.487225][T14116] CPU: 0 UID: 0 PID: 14116 Comm: kworker/u9:1 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1950.487254][T14116] Tainted: [L]=SOFTLOCKUP
[ 1950.487262][T14116] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1950.487276][T14116] Workqueue: hci4 hci_rx_work
[ 1950.487294][T14116] Call Trace:
[ 1950.487303][T14116]  <TASK>
[ 1950.487313][T14116]  vpanic+0x1e0/0x670
[ 1950.487341][T14116]  panic+0xb9/0xc0
[ 1950.487366][T14116]  ? __pfx_panic+0x10/0x10
[ 1950.487393][T14116]  ? preempt_schedule_thunk+0x16/0x30
[ 1950.487420][T14116]  ? l2cap_connect_cfm+0x6d0/0x10e0
[ 1950.487444][T14116]  check_panic_on_warn+0x89/0xb0
[ 1950.487471][T14116]  ? l2cap_connect_cfm+0x6d0/0x10e0
[ 1950.487496][T14116]  end_report+0x6f/0x140
[ 1950.487513][T14116]  kasan_report+0x129/0x150
[ 1950.487533][T14116]  ? l2cap_connect_cfm+0x6d0/0x10e0
[ 1950.487562][T14116]  l2cap_connect_cfm+0x6d0/0x10e0
[ 1950.487598][T14116]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[ 1950.487623][T14116]  ? lockdep_hardirqs_on+0x7b/0x110
[ 1950.487642][T14116]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[ 1950.487663][T14116]  ? mutex_lock_nested+0x154/0x1d0
[ 1950.487687][T14116]  ? hci_connect_cfm+0x2c/0x140
[ 1950.487709][T14116]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[ 1950.487735][T14116]  hci_connect_cfm+0x95/0x140
[ 1950.487758][T14116]  le_conn_complete_evt+0xf65/0x1420
[ 1950.487787][T14116]  ? __pfx_le_conn_complete_evt+0x10/0x10
[ 1950.487811][T14116]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 1950.487830][T14116]  ? lockdep_hardirqs_on+0x7b/0x110
[ 1950.487850][T14116]  ? skb_pull_data+0xfb/0x200
[ 1950.487878][T14116]  hci_le_conn_complete_evt+0x187/0x480
[ 1950.487905][T14116]  hci_event_packet+0x78f/0x1260
[ 1950.487936][T14116]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 1950.487959][T14116]  ? __pfx_hci_event_packet+0x10/0x10
[ 1950.487986][T14116]  ? rt_spin_unlock+0x150/0x200
[ 1950.488016][T14116]  ? hci_send_to_monitor+0xe2/0x590
[ 1950.488041][T14116]  hci_rx_work+0x3ee/0x1060
[ 1950.488064][T14116]  ? process_scheduled_works+0x9ef/0x1770
[ 1950.488087][T14116]  process_scheduled_works+0xad1/0x1770
[ 1950.488123][T14116]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1950.488144][T14116]  ? do_raw_spin_lock+0x121/0x290
[ 1950.488174][T14116]  worker_thread+0x8a0/0xda0
[ 1950.488211][T14116]  kthread+0x711/0x8a0
[ 1950.488238][T14116]  ? __pfx_worker_thread+0x10/0x10
[ 1950.488260][T14116]  ? __pfx_kthread+0x10/0x10
[ 1950.488283][T14116]  ? rt_spin_unlock+0x150/0x200
[ 1950.488310][T14116]  ? rt_spin_unlock+0x161/0x200
[ 1950.488333][T14116]  ? __pfx_kthread+0x10/0x10
[ 1950.488359][T14116]  ret_from_fork+0x510/0xa50
[ 1950.488382][T14116]  ? __pfx_ret_from_fork+0x10/0x10
[ 1950.488402][T14116]  ? __switch_to+0xc9e/0x1480
[ 1950.488431][T14116]  ? __pfx_kthread+0x10/0x10
[ 1950.488457][T14116]  ret_from_fork_asm+0x1a/0x30
[ 1950.488492][T14116]  </TASK>
[ 1950.488904][T14116] Kernel Offset: disabled