last executing test programs:

2m32.254598443s ago: executing program 2 (id=1751):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x10001, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = syz_open_dev$dri(0x0, 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, 0x0)
write$dsp(0xffffffffffffffff, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffed850000006d000000a50000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r3 = getpid()
syz_pidfd_open(r3, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x59, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x9, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
pselect6(0x40, &(0x7f00000001c0)={0x3, 0x0, 0x3, 0xfffffffffffffffd, 0x0, 0x9, 0x0, 0xfffffffffffffffe}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff, 0x40000000000}, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_open_procfs(0x0, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r5, 0x0, 0x0)

2m32.082731397s ago: executing program 2 (id=1754):
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1000, 0x10008)
pipe2$9p(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000000)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_GETXATTR(r2, &(0x7f00000004c0)={0x18}, 0x18)
write$FUSE_CREATE_OPEN(r2, &(0x7f00000005c0)={0xa0, 0x0, 0x0, {{0x1, 0x3, 0x1, 0x845, 0xfffffffa, 0x2c, {0x0, 0x7fffffff, 0x5, 0xa, 0x3, 0x8000000000000001, 0x4, 0x7, 0x101, 0x2000, 0x8e5, 0x0, 0x0, 0x7f, 0xffff}}, {0x0, 0x13}}}, 0xa0)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000080), 0x4000, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_fscache}]}})
r3 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
writev(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)="14", 0x1f68}], 0x2)
read$FUSE(r3, &(0x7f0000000680)={0x2020, 0x0, <r4=>0x0}, 0x2020)
write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18, 0xffffffffffffffda, r4, {0xffffffffffffffff}}, 0x20000)

2m31.682921665s ago: executing program 2 (id=1756):
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1000, 0x10008)
pipe2$9p(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000000)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_GETXATTR(r2, &(0x7f00000004c0)={0x18}, 0x18)
write$FUSE_CREATE_OPEN(r2, &(0x7f00000005c0)={0xa0, 0x0, 0x0, {{0x1, 0x3, 0x1, 0x845, 0xfffffffa, 0x2c, {0x0, 0x7fffffff, 0x5, 0xa, 0x3, 0x8000000000000001, 0x4, 0x7, 0x101, 0x2000, 0x8e5, 0x0, 0x0, 0x7f, 0xffff}}, {0x0, 0x13}}}, 0xa0)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000080), 0x4000, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_fscache}]}})
r3 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
writev(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)="14", 0x1f68}], 0x2) (fail_nth: 2)
read$FUSE(r3, &(0x7f0000000680)={0x2020, 0x0, <r4=>0x0}, 0x2020)
write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18, 0xffffffffffffffda, r4, {0xffffffffffffffff}}, 0x20000)

2m31.098858521s ago: executing program 2 (id=1760):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r3, 0x7a7, &(0x7f0000000100)=0x80000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r3, 0x7a0, &(0x7f0000000140)={@my=0x1})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r3, 0x7a8, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x8, &(0x7f0000000880)=ANY=[@ANYBLOB="7a0af8ff7525337cbfa100000000000007010000f8ffffffb702000005000000bf130000000000008500000006000000b700000000000000950000f700000000b2595285fa97ead0169191d54f8196217fc563e2fc91f6da4dad4f0078b1b5956fc4a3f611a7c80000040000000000b1a297cfddd73f30f2382f6c2d3ffdd45be583823c0f092248a57d48621f3c1c65ee19ee875daf45006a4c4ea5e15b2f9618d547244a22000000000800db583620ce7243d1aebdb638d91dbef6619358399aa9c2acd068c03efefd8bc77edf2d34b12cd48a1b20fb7dd843267e0331759f4ec6b5b0af58e604f494eff289026d5045ef08000000000000007718a09f4886afc26abba34635d0e8b598a51bc742135a6e1d33fe226c944bc70bb30d435aa80000010061014b1b999a12df6bee431a6681000000263b6233e1c0fe30e384c3cb07b74a72291a1a2b523dd81b6651b1ee48e999bb004823ebcd8c65743f31f84b263ab9b3426692d01ad194f302d7a658e90000000001000000b6b2f25ddb8c640ab321a402058c92cdfbea882b0b1891ac21b61bbd1e9833c0695b79fff5eb156e0a000000000000f2bd164a178d86d6935eb8b75bc4eb680d10e8b6a54c6c8674caf63ff76622939a20d4aadf85db40179c2cf83ee07e30a279d8f9f3bc282deb43a03409f8e6972f3f720d045923702cede0f3e91411f3f1b16f065624f280a7dcce8db910f93c49b9e0aa390d0da6972ed719d7e0efb2bb713d1890e317c8de105c3933fd5d5bf38f6b9fc39fc829dcfe4af8ac5fbb7314a7a433e0182767d1376eda2b9c66200349e62d4d0ab1a1dc51907c9800000000a857d61b0d66c3f6da8aed31027c33204ea0fa0620111920d3f24980e9995a510bd87b06440a0a26130098b901c53a02cfbfd8bcbdec9f34542c3c9652adefde555ecd28ebc88082bab431ee3e1adb5b0ad14c79dd4411ecc96c512f3b72a9b3a0c3e07ec6b427bdc0bf3963e9f802a5feab82a989db62d8d1339f842b3f593d6c24fe015ec63c658ba7c4fae17514f802709ab4fa5caa932d4b65a5ecfc422899513ddde6ec04974f9981a8c155c26e2e3b8f97845311c58530aad9f1e541caebd398ac2c15edd039d91f067a108a3aa563fcde20d0108d21ac3f7f3738602d4e661225e1ae7322c46d60aa353f8459340c5429a0ce885c8bf30fbc72440cf335bc2ab5ae2d5646728c45ba78662b2a54946cc98bc93f4b695311335d8aac5a3d368830279e515d842ce2fa549bd289a1a89d4c"], &(0x7f00000001c0)='GPL\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r4, 0x2800000002000000, 0x0, 0x0, &(0x7f0000000180), 0x0, 0x0, 0x4000000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x8, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r4, 0x0, 0x3e, 0x50, &(0x7f0000000200)="0d6200404fc51a092c5ef9ef45dfb2bfc98a7590b7bfec88f22f3b94e668ee421014719ce2a18970503476fffa7ecfd95650d64c83dee58764bd9bddba83", &(0x7f0000000280)=""/80, 0x1ff, 0x0, 0x2e, 0x1000, &(0x7f0000000300)="c367e28aeb3c6b6ea2904d43573fa0bfb52f3eff3b768f72f73374bfd59f733539611fcd38888b864fa78ba0f70f", &(0x7f0000001480)="1bd89de94b5bc8e5b3b0804bde799d4f88ef02ae8ee909a67145544f99ee2ee551964ae97c0881cf92d6acb3690cd7beb15edbb50ea00a1c97f3d53352c5e59d99812b05762f9b3cb024911db8fced98af03e07a406d78ca0f1c9bcacff4f48e8fe229c01226c024b90455ceff287c49a16d253ec57b774a9f446cd0561009465f8183aa249c2945d9d2826cdc784620abf155acf9b04d2ded149f26546cf63a5848f83f4d061d3b31cff64a45adb663fe4ba85b0944988bc0165e0c671e96011086ecf7f4660c629b4931eb4f8e47d0e14480351880c4f1cc1c709d77cc5f1a77599140d1f361ac0bccf26ea9e587a52f33f4215afc5d07018e3895f800edf43d22156a769857875a072df59571976b780fc8bd78dbe930cc6f02acb733864b174a98ffd76dd7283d91deb641ea766b6874c3e4a07922288f87cbc261d651d10fc9ab638b588387cfe8ed40b36f6c358f3d7a2e7af46ea9dd9684535c6d8e63b2fa707cccc2b61c40fded90657df65bd0af0b02644216ab0e6c012eaa18c0ea5b17f60cc57eee62f9d1c9577a79d8dcd1b2b0b84b2277003d016ae67a12f87c6842ab9f08b8f0eec332bee2275d4f1ee9b8966d66d53d4eac78a92e4955de80a5ae65839d28145296088cfe486e9158a484d76fc6119c35c54fa7230063b85a28c836bf427b81044192367ac9d6c54f5f560b51095b68f264cab87a61d9211c8b982236316e6df9eaa217a8e52c77eceebbf2efc1c76ea40b38edb559520d7425fbed980edf06d2c75104d56be6f7ed2ea235d46b4610677581e81d5701a0a6aa67af3a731271569c4f5c6a369710b3f1dc0234ee12a72b126fe0fc2bb758880e2d26c58a42da21595ee262cdfabc1653b4a8fe66d6692862944d867f936347f21a99880ae512a882ba206b3b82d7724836cd04adcf9a8656ce041c1d6017725dfcb727e8e75e2824ce1e22e268aaa77f49bdec0d8182ff0a5efd8ed71bebde001279a99426f9f6520247a857c59f80eecbed2afe1573b49702d8e30f52b5f1d9272ffb0bf056760748bb839c4683644c7e752f6f90a86e19e1b98be6c0111e9758955957279799c25a15fe28183c1f6833f32b7bcafa2e0f48ae7ec77c2d8773dbb2e755cd2909ed3d233d43a122efb8a5310518d2d1d3ef38ee7ba1cb016e46bfe206c7cdf31b3368ef9203dfa6cfd99e890a37d01a72e4d5e4556b238c4dd6074779cc469a01324064756ec222d197d6ea9fa07372a6905b0b9a965345d461ebb4806c3dffa7b9414b8e71f5ffcbbcb6fe39022c0ea1304d7d82418c54e63bf399585c3056696f430fb78b8a95a6afd82b311b56903cbea9227b8f70cb5ca1efc689afc49ec2fdf8ee630bce77bc8d0c14deebabd208635430f2c117affb97e5d7b2a8ed776c85615a535ce82e87a48ae07a1d83f09377722e369694c3eca7f81e7ee75f7e6ba1d7c4e1e835defad72ec6fc2e957543126b895e540699e2cecdb69154901d90379c47f6ed59d5d20b4a4a79f8f203ef59946123a0fcfc4bb7ef6474819ad7136625b2b852671a61c45211ec622fbf57e6ece2516b24fb3167fbd5bb78a5c90515fb7dca81e2107b09c8f609403beaa53a20f5bec77b3747cd846ef87ea7463af7943176808d41737696bf1fc77ca47528a25ea28f129ba9326cf0714c7483abf08cb7b319514045c33e27886a045b69d94f403a6ee412a4d4d69db574f577e99aa10cef754c871e114aee2c6019ec00574a7f6df76e1569d726941fc3fe5455c284bf6b749889f83164e984824274ce3a8a7d77b4735a8c845cb1c9627bab15619695109e403b423564e42b00695f89ca9f659cfdd413df0c50d75a23288cc7465914e024f38687adbbf8b5a6c744b4930f7f5648a34aaff93a4656694f690b371518fd6a236048ca2d1ed4042909f0f51fb098786386b2b95aab6913f9c981b2fbea0b69a84464645b27518573d3d94ec37a4446af698356bcb04cd76a44d7e35d5d3960ea6af0ecfe8a87cb507a3572e610d34281fc8833599d87edba98d8dd1835618235e27447bb76284267e76780d5e123d6a59f164c0bb8f4ce05068ea93ec4affc90b6a97abf753d28e79c0845a63ba242bb20e80ac6cb5a6a60c0a641a2d8f163f63ad120d65f964cd2a084a23f0601f8c87fc5eccbbd46b5d8ace311494109014a1a0a64af8ecd1ff3b86abe831224816a9ddd32fbee93ef9e2c5c81b802716a7491a0eb212fc306f530f01c764cd5f8d4ee1e6c856ea0a21e34ca15ed63dc3e772aef39dab563d95ae2e17d664bae912d100840e8ab06348395abc8b90099cd575d5de18056daff893ddbec3b593e12028a13311bec7be1a3030b7595ba679d1b8175cea135a93eda5a9e6c4481fd355d3522df51720c21a364e05b249e623a5ce2c0da4546ffb6ac127ec4c06aa1867d664a701d77eecd0b6cfc63fd9f6305e720a8df4314f82fb8aa40af9ffd8c2a34d7832ee8b7f4e56f21939d771dbc30842f977fc9e693d70ed5e949a0456703ff9f6c3e1148ac0bcf7d90115af22052390e42041453284a114286325284b0ed13eeeee0016402c297dd530bca7387710889ae2820284facdc9e83a70026f9e07fde68c67f40f3c15a4bf374dbe2c06d82cc20835609f0e316ec6e549364184f9903ae4beaa317df856f44771276eaefcd70456d2514ab6f930d5f4a2e55fe6de03669aeb9db79038b518335001c7d32988a37ce2ad092432558961bf4ec030be8ca7baf14f89ff8a8e691b38541eb2196a5ff50fe2577362b9459000bbd17c5c10f9c1b85af5af9802ec479afcbd349cae2cba5976efc61a1e4bac0de42e6126f6a7765908fec6274908e9e0cd95d769524c481b97083455fa4947aad4a5f3e2c0c63f01c50d34d6fe7b3027f02c79de574e728b4398a13f237fe66f27dc9c6f2505a4dbc08222d51a0ecc5f7018041a4bd68ad553f8ce95e9f23f9476db64391f19375f37b92af6d83e0267ff18aef1a51fe3f26168cc561deed337bdcdb89ed47b8eb409cbfc990fafeb8969c66626aa3685dd9b7c20b97ef2ec78937f8548caaa2415bb9044a9bf08e184c9fbf72fe81218bdd7ce16f347b6dfa81d6155221b7f7bd3dca72b177ef6e847ed12b7a35d704556578d1f9da8964f8ff33d319329fe6e8fc0459fbcbd65c1301a58a6e231ef01c7160aee3375c1b00d3edddd6d3dd14e692134fa065ac5a507a46e00194e439199a39cec6bc12fdd21f0a0fbaacb80416f4c59227a94000b9191085bc21ede6a9371c078060edac746c208845032fe4049fa2079680ee9bfc055683b1e69b2f9d62b437dbd8914f8bc2832cb51927ec51654a24fb0af23c9a17049d3a7329705c5b8752a18556cc816ce7f5898f878f0f87d3215b43f2ef48269c2f14972f4bcc3f69e7d10b172d503c468a795059836ac1db7a5ae8eafaf93b11a801de3bd3c26aab65e0e91f988f3f467f3f516747a1cbd03e3bba27f048dd4244971e413a4ec72dae899de64301e89620c47ee322eff87d5756691e00776fe923a089780c0cfca874ed082b208a68ff136ba58dccaaf8eb633a34ba921c1d512076610bac3eb7255674f8fcc74e3c7d51c8cc0f934d113a3176ad4ec682140b2ca560ac08033b6bfbbdbb02400c7631d546cbbe086c59911588ae25675b3f3f695327cfd57b729c04a87a3aae793eeb69f21b5e00bf2d4e17ac6b66305c6520fac2dadda9a5c2e98f84a09f6deae47642ca46d7198cad2fd4c18938584b833384dafe76b0444912e714934158e2c6f0622164f27d08d562963872f7dc2452bd872e37b906d9aa4ec4d9fa0be44266f1553af271b0c73dfc5ad364c9451781c9369a914fa76eb85896a01aa85b6c24b8cc31dfd72d7bea86f63e849c9fda9e4ef98b68e641fba7bb88ef4697e68aae673eaf4b2bb968c501f210de97436d2a287212ecc718aa27d95b97b5a2b514f232a3412e58c9e9082ad6ce646780462068f886a0d164f9c5e2330bff1146c5b6e7245e45479405079566c794181542b100a0f965bcdb7acd07744ce4c9263a491d163d313bb6678ec13d6a55d58a29bf1eedfdd655779bf8fb15d4be69384f6674dba67bdff39d6b541038c4a05887fa693364b72d8051a9b5af35af35acc46c0b79880ae27b50e650a867022e3d5e384aa149bd9490e0bc0c3d6ecac1839ea77f73a056230b6c24cf4acfcc37a5fb46042bc96363ce0c4e909edf29304ab2ff7653c521215f2e42dab4d9930af1810854cc64602ba46de4d2580255b1ecdc2028c849e4ec5103d6221570da4190219c57681cea1eee23132be2db2f762682b3aa68c3793469e47a651516bfa6ea925636c9c28369a69017b7b374b4a86869dd412d776ac2c05d761d399d2aff88b5afd988add6515391ad7c836ff2b4a37e41c46b45863166d3653041a90776e5438b69947749de796d8de53636661c24c7a710e7ba0c6aa288d52a71c22284eb4d5a931a3b5284e22f086612cc3b05acceb8d0b0ff22bf99d9e2bf3d5e5a1790ec04d55fa057e05eedecebf823a1b1a77c49a23cbca7bd54bd2ed4b9a9d5fa1ee8bea2414d7effc9cd56b353eb6e3a218a7288ce71a07df07b3b23512718827ccee58351513cd165a84129ee471bececb8716a753157de3379cf7b0acafa32d53f9aa8570003ebc6fb519bfb107bbf83f712f1915b8d9be62c206dfe46a5758ea74ce944fa1320a3213c10062fbe1a120f4a2368a899b0e491160ef53810538207b8d6cc955eacbe6718fe0d7f34118a371ded88d4d990ba19939f8c61063522cda7b4d6580d9edb8dacc0c8f74bbc8ad8752fabc3cf12c7829763b39a9de763442f9f97878b7164686b093570d4694aa2347ff15f83e789eac56f2da6e550475ecf58c915bcfd3966e1570c21278052d90a1a1390dc0e48edaf2a564df82cda679b379f13121f584cb944a877120e4a855d9948bc2c729c342267ec188cc7c11cf3a5ec869f21ce9930eb58015cc447e9d95f0c5c34b7224cf8ea90f175584b250212b433c5e7bef0860cead48c7ed07dbe0d49ad240f57eaca9c6bc84720bac9fc3ebbf5be5ba834bcbf4d2876f0278d1e9faf651c734fe5fcf0ea9a39b09b1a631787c9d33d1ec9636f104be9fd30a32f8120b081afaf95892e6ee7c0c533268e860a73f3c8b3cd44757bbcd82cb8d6780f78508c768256f3c1d6879d364ee10f3ff12e2c76a2de394bd76743065140855c16024a4bcfda85a5a660705c1ff97bbd2cc8b1d779366648de1f5b88cf89223a9e4f4722d09f97230113980dc3dd439f915c6e567bd5d3e660bc6a1cf4817882f1ac7eb4a82e772a07cbfcfd5ba41877d59b400fa2a49b3433271d389579eca4a40f4539fbb1586d49b219edb14bbe3800643c93a50f38f10e32a21dd594c73fcf5bf019a5edc43fb5bfcfaa678f20ff5bc7aceddcae9e1d87d90369ab2d52cab05b72afd7e4570ee665aaf3be0d116ff1ec37821b910eea38058726680d85d949dea707b7ed446e390a7ebf3cca4b8681249c48aa0130853eeaa744bd461820e2970fd9f4d43b43bb203266d404c0bc0a8b712f98bf67faf195a2af46990477e88adf1108b9ed2f83e8bbc50d091751f275ae08b3e8d89225da72fb933de6049206586bf00cd6f2aae4557e56763df893abee23b07c605f1b4cd023e6390dee62616e36d912398680fda4ce6123210f0a7c1ee21c1337ad9bdb34479f90230ad65883c9f96714c9db1978649764d2b6b9600c7fa0dd08648f71336bc7bb66d1c9dc728480", 0x4, 0x0, 0x5}, 0x50)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$batadv(&(0x7f0000000240), r6)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r6, 0x8933, &(0x7f00000003c0)={'batadv_slave_1\x00', <r8=>0x0})
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r6, 0x8933, &(0x7f0000000400)={'batadv0\x00', <r9=>0x0})
sendmsg$BATADV_CMD_SET_HARDIF(r6, &(0x7f0000000640)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000006c0)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010025bdf000fcdbdf251000000008008e00", @ANYRES32=r9, @ANYBLOB="08000600", @ANYRES32=r8, @ANYBLOB="050035000700000008003a0001000000"], 0x34}, 0x1, 0x0, 0x0, 0x4800}, 0x20004804)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000380)='sys_enter\x00', r5}, 0x18)
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
open$dir(&(0x7f0000000100)='./file0\x00', 0x1afc40, 0x0)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_user\x00', 0x275a, 0x0)
ftruncate(r10, 0x2000009)
sendfile(0xffffffffffffffff, r10, 0x0, 0x7ffff000)

2m27.372747385s ago: executing program 2 (id=1765):
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1000, 0x10008)
pipe2$9p(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000000)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_GETXATTR(r2, &(0x7f00000004c0)={0x18}, 0x18)
write$FUSE_CREATE_OPEN(r2, &(0x7f00000005c0)={0xa0, 0x0, 0x0, {{0x1, 0x3, 0x1, 0x845, 0xfffffffa, 0x2c, {0x0, 0x7fffffff, 0x5, 0xa, 0x3, 0x8000000000000001, 0x4, 0x7, 0x101, 0x2000, 0x8e5, 0x0, 0x0, 0x7f, 0xffff}}, {0x0, 0x13}}}, 0xa0)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000080), 0x4000, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_fscache}]}})
r3 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
writev(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)="14", 0x1f68}], 0x2)
read$FUSE(r3, &(0x7f0000000680)={0x2020, 0x0, <r4=>0x0}, 0x2020)
write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18, 0xffffffffffffffda, r4, {0xffffffffffffffff}}, 0x20000) (fail_nth: 2)

2m26.220035605s ago: executing program 2 (id=1768):
r0 = openat$ttyS3(0xffffffffffffff9c, 0x0, 0x2982, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0)
preadv(r1, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r3, <r4=>0xffffffffffffffff}, &(0x7f00000006c0), &(0x7f0000000700)=r2}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000000c0)={r4, &(0x7f0000000180)}, 0x20)
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0)
sendfile(r0, r5, 0x0, 0x20000023896)
r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000040)=0x1)
ioctl$TIOCVHANGUP(r6, 0x5437, 0x0)

2m9.787572045s ago: executing program 32 (id=1768):
r0 = openat$ttyS3(0xffffffffffffff9c, 0x0, 0x2982, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0)
preadv(r1, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r3, <r4=>0xffffffffffffffff}, &(0x7f00000006c0), &(0x7f0000000700)=r2}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000000c0)={r4, &(0x7f0000000180)}, 0x20)
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0)
sendfile(r0, r5, 0x0, 0x20000023896)
r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000040)=0x1)
ioctl$TIOCVHANGUP(r6, 0x5437, 0x0)

9.372234366s ago: executing program 4 (id=2147):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00"/12], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000280)='kvm_unmap_hva_range\x00', r2}, 0x18)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0}, 0x18)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)

8.252305388s ago: executing program 4 (id=2151):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @multicast2}, 0x10)
r1 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r1, 0xc0d05640, &(0x7f00000001c0)={0x8, @vbi={0x3, 0xff, 0xa, 0x584e4f53, [0x8144, 0x200], [0x9], 0x13a}})
connect$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @empty}, 0x10)
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000003040), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r3, &(0x7f0000003180)={0x0, 0x0, &(0x7f0000003140)={&(0x7f0000003080)={0x28, r2, 0xe6e964277ae08d57, 0x70bd2a, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @loopback}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x8040000}, 0x90)
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000002740), 0x181802)
r4 = syz_io_uring_setup(0x22f, &(0x7f0000000080)={0x0, 0x5325, 0x8, 0x0, 0x100002cf}, &(0x7f0000000000)=<r5=>0x0, &(0x7f0000000040)=<r6=>0x0)
syz_io_uring_submit(r5, r6, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xffffffffffffff31})
io_uring_enter(r4, 0x7a98, 0x0, 0x0, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x4e24, 0xa6e, @dev={0xfe, 0x80, '\x00', 0x18}, 0x4}, 0x1c)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
r7 = socket(0x2, 0x3, 0xff)
connect$inet(r7, &(0x7f00000000c0)={0x2, 0x4e22, @remote}, 0x10)
openat$iommufd(0xffffffffffffff9c, &(0x7f00000002c0), 0x400040, 0x0)
sendmmsg$inet(r0, &(0x7f00000045c0)=[{{0x0, 0x0, &(0x7f0000001400)=[{&(0x7f00000000c0)="14e2d6d65ce5575d5f8e79705c5777b1c4553f79291f8ba6b506334d0720fb2a758ed9bbf4f562dea8f8d0a4009ccd8497e0b4b0d06be7b4f9c81049f7f208d20bb7061438ae3f9bd923352402bf505f97fad8a5c90e09ecb34879a2a940d0c4cc9976e6fa80e5d4ffad", 0x6a}, {&(0x7f0000000140)="20a0491008c05b116a3251dc1dc4d218940d01e4a7cc86040763ac9730bbaf11f914b76a08d49d1a5164800449cd5b9c774076f89bbf283fcaff5bee4cb0a5e793f563134de312073a1299776bd9a948b2f8c96f86432d9734492142d93b6c570e2af7614caff612b006a86c4e52661ecde73610ab130232e1a5b0c6b42ea817dafb432a0b13d0ad32ecd614d2df320bed90c9219fb3b315d8538bb8cdefc8a83c20cadef456dac3ab283f7ddc8742d85d42df82afeb97e991cc2ad053c144aec8ba55474a9c332bf5bc5aa8a0cc942ab716d831b9df2c57cf05e024bb62d04ad435be", 0xe3}, {&(0x7f0000000240)="06d67c2d4a6fc605700c96b546ab819d515bea9dc1a112f72b6a1f3e63029df1005da1c101e8a9f7c53d5f1dde8261c3cbaefe76f3fe55b3b12d764250f22f17c8e290f47e71a7e1b8236f2996950758713b729894ed7cb11970e662551698fb5cd8824fa239811e1f9871b59ce58eadf4f4f1987b02f40e4f0e6c75", 0x7c}], 0x3}}, {{0x0, 0x0, &(0x7f0000002600)=[{&(0x7f00000031c0)="d3f54899002ad20d8912df7f1cc7c59aceeaae2394cde4016a0050f4ba7c55e07b185e8f5ea3a037a2cc43662efa49caeb0140b84a5a868b548b132d663edc72c5bb917fff02f011e0c72448c215d5997211463de3cb397f0714c7a8e3776738a55fcc9854cc83f65e8dffe1e62b49208da125caa56e494065576eff2906502699fe8f904b86f961dc81247d9f2d30aec7f2c518367857bfa226f327a03472b02d77b1d9eb32954cf7fe69f49710f97975d03dc14a8cf4ebf7e23f576acbd28af387b6b08e1032aeb27427cc19cb0b05a554bc5c4cec7ac77f22d543dcc5297682d6d9372e8e51bb8e89078d4b11146a34be5c3ed9b9e8f3eaa9422b6a68c25686a54b1e6b5a8f7a2aa68964f32ac1a23e65b9c8c587b264d4b8847ede327044e2903b711e520997ad730845898db355a4d7d9fed2fa26c6e050ef918df985dc45e2f58b10b72aa65e5cf833fb09e5682cf391aa5a8b197edf163b9aa97674e409d7b446f7219d392a97fae14388d9ada6dcea57d9a9a166ea9b8466594c36f9077fd80f5d493d11cf05a7db46957a4d9eef987a87acad9556b6647ae07d38524ae51d5861f8938880e72fae6ac97004656597eb1b33a280db91de22edcf7c70c63041162c8d3aa290f0f38616df9e0ad32aa440d6cdba8f5d3b558e3dd293fda1cf61116e749f0f7b3d6e10af28f6e3f26b36217a534b6fefdc2c29482a4690b6f333b14dc3239662c943440603c8b39d6aa2763dcd20bfe0315662becfb8f648b1c6a7271234cbce652f5ab778e4e839267ddc38e303c93955c2bccc65f1b4737590ae599a3d176390cf90c3661034844f038181e49e1b89c851fb5667f4b95d748d91d52c99a391bf9558626f1042ceb8fa4813db2307397b8cb45d986855c6056c48fb7ae144322d01b361a31621fb47382369e3d5919ce2320d1a22073f09306f977c77be8d5d7bfe2690b517aa64902300249a789b9c488f1225d101156432fdecb79f2a010dda72c54e37f00a11ebfae78476cda0f9feef1d8c6706370962baf0c7d02f961081b9f5bb6e815bf067e79789c53441356e640e4521d9245aa345225410a0436e59d0c43a41a3bb60f4b57d3e41ae1b79a221ad0fd88ebb3a531b3186707bd33308fd6f2ecad55d4b040d1394a2dab3eea4a80c20e0ef66be125eac6b899e925340e20ecde0cf2673d0b46a67418e28c0a6bc3af885bd96dad06e6edc115ec9c1132d4425170a331f173d521988916d5c153d748ad2b4f3d30a2a199b1d73d17a42c0164211ee0d2ca0033f432240c29421bf8face77f5b04f0d248da948a33ee94162e17008a34339bdbc92396f59da39916a89c049a218118d71a22c1d4a333962ad39bff7fa8f24e89d6965805159d9241cb118431f789eafb5730c2889ca5a1da36b207b4a427a2dd429c7466864c74fb9a73f4c0cc410dc048901d4db528651dcfd8b6253e89f28e6055f7917bd44d7cbe93b7b26aeba10ae20a78e43f0c6d28388daee361e6df93f2fe40ffd90f89963b41c2c8772dac167b8733b155f05cb5573516c3e1d2f534d800b6f98e6f7f6a2a381371861aa682012d8bd8f1f104eac23ec1395a017d46ab3bfdd03ffa1776ec14de0d52e4e5be65654e535fd38c70f5ec6ebbed1950e762fc9fe7ac263cfe8d7b34c56282bc4e5cd98039a45264b182f6bc1b04ab0772532c79af13fc3f906c960cbae8a9c02cb0f6bc3a865d39f17818ad4668da7c61eaf646c80e1ebf4b876b045546ad5f978551779c37429f45a26e28a62c3ec10d643b0654247fd8aef559ba47bdd5963a59b95a02c3014b9b8b4f8b9f245c640ee4e308b8eafdb87743a1dacb897087de460080f89f564612caf684c1c356e6888f58d818de3efc8ab59f93e5edc4a1cf5ac22dd70f5ac87f52a9c21db8de14439f40bb75e7c4556afa780e3b1e85171788e9a0f967e74043a46cdcced17bcf23c043dca7519313b1fa9bcc7d74ad1caecd1cb7d00447f886a4b6e93b5957f2f952073f0141047b9990d6dcd579ff77fd52ec9b323aed084acb6e4b5a38323627b69e67a8fa4a0e9faa07b453f6d41a754f648b4271262984b583a03fd900e6134639882a979c9bad7b4bcca019730495fc086a174350dfd58d995a1181e7b19edaa791393158012ef289ee84aa1d110ae7f9c53a42b99507c6f5e4ee7a58b0605df0aef8a55c17f43890e9ac213d347f31a6b7abeb80278b13432182bed8fa5e759e059596319712244f277c4bae513eb951e074bd7f18323cbc53380d8fa1e36bcf28b323845662f346698e5fc69e5dd4bd8e709e4ce22543b09d4dc51013786d807a1ccdb563fed75b1e46ba7386b12e38281bb3bebc4b3fa87e2d6353410ead0e1b90df8ede33c8677e6069056d6d8086b995f29eb9d3cea799bda76e3450fd09e529a1ba573383dfdfd274dfb438544176599aff34d1dd6b400e54741bc5b14c35cb3c889c15989491f324bfbf4b78948ce7fe230c909aea06b9ba6a5a67929cef163d7f4e6c50c15ebc933d360e785be1368c960a8425aea5f32fb190643661a8d9368149029dd2b0cc983b8561571a2a3555df4d900ce5d652869d9e1e75786fc5caabcbaff7179868301d7080afec3b3dd835773a804cf554ba0cbbb67ac0a505f4962e0d8cf604110da4cafb9cc6d1ebb46f1fe2b27ee58eebc3d58341dc75786e57c425c61d7c27bd4cef5a78ed79197214c72ef55b1ce29da1fc150a06500659af4872ead28d6cf205239cd1dae52aeba80e30dd8b85373e7d490dae3cfba0594709b34bdce2b842bf86bd3a9d034d11e1fefba05fadb14d4403747c31e8c8ecadb12f6ca9e9b4bc7123e8e1691c3912350f41cc81d0ea4a16b81153b896ceeb79bc9c6677bf80b93167ad532ece2a0446ca1adb9b1b97eeca65ecace003dc809a35b58bd9029cc84a27dfc8c2a319006006ff853e1289cd7f4ecc9adf45c1d1f08cc9dcd886f0c58b339b26df8fb216a98159485128194fe2bc4b2741266c96da6469c46fd09f72cc17a3af40fae7bf899df40370e57e69bd0427eb4bbe7747cc6357729c2b06cb1f420629f98861f996e2d869e7a03a00b8aa64f87e830f4b0a26ec7d1cd76790efe0b666eb7b0e8672e1852f3e0a9bfb93e88f6bf98e09af410b0177461ae4fddddb1dca3dad9aed3b6c4c64e92aa7c85637f33db4b9d10375e0d556bea56824d3f531ada44d9c86a9f9f0d7ebd74c08fe7fd0f6fdfafcc8f169d8a94be239f0b88439980c4d886ca54c8b44003567eeed8264b739586fe45b7a4df9ba6d9077a303ba2e23399edbb56c1221cce85710e310d92bfe8de0a29d769e93173136488ccbc66026c743e5dd8127b4e292405a20f3c63716f6cd326416d11aa70dbc5785f034a60977b202a05e89186962005102304d04581a3069098b3bc6b33d7dbaef1e5c4216811456955d6f3d49eeb2a46a3eb87e98be530dc545d9ef014fd15870385a5134bb5b45c344a738727092744ca55a760cf06fa4b47f6d7c334f173fc68f85553de54378cf24be7f5dd505a7d3601dfa40b51bf1b261336ae111e8f4b8b0b0e1b7ce2ce6caa3d53173a1430921e80038fdaba74bcf1be3c26557c9522b9a50abdc28e5a5d62246632e8221b739c5327594ada7d07559986826b8782674abbc02ba876951e2561aaca76bbbd47a187feb17eb264c8ce4d9bc0a81a5c834ccf2424837a015b2df422063027c4d019e1e7ff7f5b3bda17ae89e74624b72c1ce47f40640fa14fc7ff16d363ffc87bc729d14aae5f74c3856ea631a062b4a78e2f910a8711a916f091179d83c0afd08bbb93c88d75204e35f3948c339b43dd80665980e4ad5fc8e1e8e2b181b9fb314bb609b77a15235aa2c08170912e25e8bef559b70f4b0f942a883de62b2b9d544ee7bd114b42c10db26975aab64a125ead9891683a1afb2d48acb1b0a1c11a09f1da92f65c61a360cb620f209da3232e9d84febb30b31192d544a22cd00535d3bba064a39e5d727b0d8998d7d1280fe92569070232e9ae33dc2bd8192ce81ce5e68e871bb8c8ade32b8add9520f908fcaabc52438b372cf457cbbc593578aa34804c3ef3c4500917e8a888d039df234d13a362acc806158092dbfe8d4db5139f52585804d7525568e4a79acdbc7b69f8a76a1c04e48c1adb94a77b64b71160f5a520ef79d8814b7070e9d28ab0f8596c8cf1ce003cbbc30860a131cda0493d5319f3e7b8fdc7d3a1360393538d57325a34961691229a3f2943344727a0963e58fd9f4adb5a15db9857e6f361be06ca8f4a0309152280ac26d4a64e0495d090b64a35822d5d6af74f7ad7acc6bdb7581d9f96eddebc00cdd7bb4ef93639c4f7ed7444e5bdc22b0e6999ad17e71e43f19ecc110432f7d5da64b6e58f76283ba535faf51d0253e204d45702c9f927ac23a7f0f499f40e872558208ea207b9519b278cae3c2d0dfff41eb283f211c5ca9b53e98b09f1722ebd7b3c5edb61024542bfa04b0cbd77450d7b1a295e6a14c02c6e4b2274008b6c708aca9f62018969b30b70a62b9ac74944d9192078138f03a4bdb4c95572f3d9ec696492e002b275c8634e64e13d5b6885eab6ea9877f267754a3789444bc89f079b905cd7075345d3097415e0c4e0a76dc497e975f78a554dcc888ea9d1fd032cdc296f7487325dd7563addcb868a52ded21a7922819fd9be212c93b676daad33d9386d893e80a8f893d3995e57f3df6b60a83cbf8a546fbdb6e2ddfbf508c1cf38f1c7933302aba8307679224f75c8d38cde2c9035c03a9a52de8c6d472d5f1f4d7108b37bba41a6157293eae665b1f7f0ca3faf3fbadc8028ac7b597ce01f92c96364b0c2170b9e47044e3ea84ee499baf4d526bc99123e7828a74d3f972578d996f2327b4231a612ecd23e3cc9295fac05a834930a92665dc7d2e9b6d1e43d9ca4d579ad8c29482509f3cd29d2fcf1d501fd7319e1d5c2ec16b111b93360f928b6a577d63d05f6d7a28f9e1bae1df7fc432b1a9372cd4e7a73901ac550fb72f27c035e2d18fb4af2ed7808725338739db5fbfa358f9bca5447f8de08425d5b3f835c36d2dacd3cc", 0xe10}], 0x1}}], 0x2, 0x8005)

8.109157261s ago: executing program 3 (id=2152):
r0 = fsopen(&(0x7f00000000c0)='omfs\x00', 0x1)
r1 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r1, 0x0, &(0x7f0000001480))
sendmsg$BATADV_CMD_SET_MESH(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000003c0)=ANY=[@ANYBLOB=',\x00\x00', @ANYBLOB="010000ff0000b1c40079f6080000", @ANYRES32=0x0], 0x2c}, 0x1, 0x100000000000000, 0x0, 0x4000059}, 0x0)
ioctl$sock_inet6_SIOCDELRT(r1, 0x890c, &(0x7f0000000380)={@mcast1, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @empty, 0x7, 0x8, 0x400, 0x100, 0x80, 0x4200202})
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, r2, 0x901f0000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
add_key(&(0x7f0000000140)='encrypted\x00', 0x0, &(0x7f0000000100), 0x0, 0xfffffffffffffffe)
read$char_usb(0xffffffffffffffff, &(0x7f0000000180)=""/152, 0x98)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000240)='uid', &(0x7f00000008c0)='0\x00#\x00\xd0\x00 \x00\x00qS\x00\x00\x00\x00\x00\x00\x00\x00$\xf6_\xbdI\x1c\xf2\xa9]\xcc\xe0*\xef\x01\x8d\x15\xd2h\x93\xc9\xb57\xc3\xea\\Eb\xf8\xe6,\xdf\xd4\xfae\x84\xcc\xd5\"d\xf0D-\x98\x9f\x81{\xfc$\xc4\xbcF\xf8\xc8\x8d\xcb\xb8\xf2\x1e\xe4\'U\xb3\xb8\xd3\xe6\xd7\x80=\x8a\xeb\n\xb8_\xe8\x96YY\xe3\xc7\xe6\xf28\x19\xa6\xa7\xfa\xdb\x1ce\xc1\x03\x86J\xb2fh\x19\xee#\xcc\x0f\xed\xfea\xdc\x88\xcb%bW\xd35\xda=\xac\x1d\xae\x93\xfd\'T6\x94\n\xa4\x9cU\xc4\fA~[\xbf\x8b\x90\xfe\x04\xe7U\xf3h\x81\x14l7u\x95\x96t\\\x0f\xef;\x03\xa4C\xbc(Vc!a\xc1\xe39\xc6b\x905\x1f\x03\x00\x00\x00\x00\x00\x00\xdf9\xaf5\xc8a:z\xe4\xcbag&67\x814\xf6}\xe10v6l\xd6,\x1e\xa0\xcc\xbf\xfdkm\b?\x839\x85N\x1c\xc1\xcb\xfc\x85\xd2\n\x02\"\xf2\x81g\x90\x01n%\x7f_\xe1.f>>\xa5\xfb\"\xab\xdb\x06\x12e\x14\x11~\x9a\bR-\x85\xc3\xa9\xe6\xf6R\x11\"\xc3\xc9\xfc\x14s X\xec\xdd\xc2qB\x85\xf0\xd7\x04\xdd<\x9ak\x00\x00\x00\x00\x00\x00\x00\n\xa72\xa3\xef^\xe7\x8f', 0x0)

5.9198909s ago: executing program 3 (id=2153):
sendmsg$key(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000500)=ANY=[@ANYBLOB="02074e052400000029bd7000fcdbdf25070019000000000002004e23e000000200000000000000000a004e2000000005ff010000000000000000000000000001070000000000000015000800f8040000d0f541ed6ff5f006d4de5f6aae408d18217ac3923261954c0c7b98857036af1d072bfc7ac08d7c80b65839d2786254ea8e7024a1bc4233e296609f21c0841157c4fcc818b2795ec06c9a1d586e16963805c1db946f2fe13b89c56b247c07d6bbc4ce8ad4ba638e409938b1f57753c766cc5b4a41f405238760c2c2394141d1712faa71c76ff4bdff"], 0x120}}, 0x4040004)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_ADD(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000005c0)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="99742dbd7000fbdbdf2515"], 0x60}, 0x1, 0x0, 0x0, 0x4000080}, 0x2400c000)

5.832144203s ago: executing program 0 (id=2154):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket$packet(0x11, 0x2, 0x300)
r2 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r2, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4)
setsockopt$packet_rx_ring(r2, 0x107, 0x5, &(0x7f0000000140)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x7ff, 0xf83, 0x6}, 0x1c)
r3 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'gretap0\x00', <r4=>0x0})
sendto$packet(r3, &(0x7f00000004c0)="0563", 0x2, 0x240458d1, &(0x7f0000000200)={0x11, 0x8100, r4, 0x1, 0x85, 0x6, @broadcast}, 0x14)
bind$netlink(r0, &(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8822d55593a2179}, 0xc)
socket$nl_xfrm(0x10, 0x3, 0x6)
r5 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x8031, r5, 0x1000)
syz_emit_ethernet(0x9b, &(0x7f0000000640)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @multicast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x65, 0x6, 0x0, @local, @local, {[], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}, {"05000000c4bbdbc6ef1d2b01a58774a22a07000000000000009974f0e6fcab06789114cc01aa7753182174d48af862bdfda1cbcc07c7e10af54be8b1a33156000000fa6ed0cb2720000000000100000000"}}}}}}}, 0x0)
r6 = socket(0x10, 0x3, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
ioctl$PPPIOCGL2TPSTATS(r6, 0x80487436, &(0x7f00000000c0)="ac59e477024ef18c6dad2e0a9aa4feb589ae2abbd15d7a9c23c939088ab09657cb0722702ddbd6a613dc2852b2230a419d50608b69c3f6d85c1a705b0f8d8f8ed4357d378931deb87154f31166e15c9e23efc98ab5b188c2361dda65f3455fe994e379e28316f612822bf3804a9056d7d918")
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r7, 0x6, 0x1e, &(0x7f0000000180)=0x400000001, 0xc2)
socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_tcp_int(r7, 0x6, 0x2000000000000022, &(0x7f0000000040)=0x1, 0x4)
connect$inet6(r7, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)
pselect6(0x40, &(0x7f0000000000)={0x200, 0x5, 0x1, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x3}, 0x0, &(0x7f00000002c0)={0x3ff, 0x1bb, 0x0, 0x49, 0x0, 0x0, 0xe3a}, 0x0, 0x0)

5.66541551s ago: executing program 4 (id=2156):
r0 = syz_init_net_socket$ax25(0x3, 0x2, 0x6)
bind$ax25(r0, &(0x7f0000000480)={{0x3, @default, 0x21}, [@null, @default, @default, @default, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}]}, 0x48)
connect$ax25(r0, 0x0, 0x0)

5.615048515s ago: executing program 3 (id=2157):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$urandom(0xffffffffffffff9c, 0x0, 0x103902, 0x0)
r2 = accept4$vsock_stream(0xffffffffffffffff, 0x0, 0x0, 0x80000)
ioctl$EXT4_IOC_CHECKPOINT(r2, 0x4004662b, 0x0)
openat(0xffffffffffffff9c, 0x0, 0xc4042, 0x1ff)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2}, &(0x7f0000000300)=<r3=>0x0)
r4 = msgget$private(0x0, 0x3ac)
msgsnd(r4, 0x0, 0x8, 0x800)
msgrcv(r4, 0x0, 0x0, 0xd3ee73c716b4091b, 0x2000)
fcntl$lock(0xffffffffffffffff, 0x26, &(0x7f0000000040)={0x0, 0x0, 0x47f2, 0x5})
timer_settime(r3, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
open(&(0x7f0000000240)='./file1\x00', 0x14d142, 0x0)
r5 = ioctl$KVM_CREATE_GUEST_MEMFD(r1, 0xc040aed4, &(0x7f00000001c0)={0x200001fe0000})
fallocate(r5, 0x1, 0x100000000, 0x10000)

5.484246305s ago: executing program 4 (id=2159):
r0 = syz_usb_connect$cdc_ecm(0x0, 0x4d, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000020000402505a1a440000010010109023b000101000000090400001202060000052406000005240000000d240f01000000000000000000090582020002000000090503020002000000"], &(0x7f0000001400)={0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000300)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', r6}, 0x9)
r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
epoll_create1(0x0)
ioctl$BINDER_THREAD_EXIT(r7, 0x40046208, 0x0)
syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)

3.979928469s ago: executing program 5 (id=2162):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000013c0)=ANY=[@ANYBLOB="0b000000050000000004000009"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r1, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x3800, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

3.837235293s ago: executing program 5 (id=2163):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10)
writev(r0, &(0x7f0000000200)=[{&(0x7f00000000c0)='X', 0x8030000}], 0x1)
pselect6(0x40, &(0x7f0000000140)={0x1, 0x4, 0x3, 0xff, 0x4, 0xea2b, 0x7, 0x2300000000000}, 0x0, &(0x7f00000001c0)={0x9, 0xbb18, 0x2, 0xc, 0x0, 0x4f, 0x0, 0x4}, &(0x7f0000000200)={0x0, 0x3938700}, 0x0)

3.650764321s ago: executing program 1 (id=2165):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x10001, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = syz_open_dev$dri(0x0, 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, 0x0)
write$dsp(0xffffffffffffffff, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffed850000006d000000a50000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r3 = getpid()
syz_pidfd_open(r3, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x59, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x9, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
pselect6(0x40, &(0x7f00000001c0)={0x3, 0x0, 0x3, 0xfffffffffffffffd, 0x0, 0x9, 0x0, 0xfffffffffffffffe}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff, 0x40000000000}, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_open_procfs(0x0, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r5, 0x0, 0x0)

3.514796108s ago: executing program 0 (id=2166):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x64}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000000)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000400)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWSET={0x70, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}, @NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0xb}, @NFTA_SET_EXPRESSIONS={0x2c, 0x12, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, @last={{0x9}, @val={0x4}}}, {0x14, 0x1, 0x0, 0x1, @reject={{0xb}, @val={0x4}}}]}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x130}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x98}, 0x1, 0x0, 0x0, 0x4044050}, 0x40)

3.42568375s ago: executing program 1 (id=2167):
r0 = syz_socket_connect_nvme_tcp()
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
openat$cuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000140))
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, &(0x7f0000004340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000002c0)=ANY=[], 0x1c}}, 0x0)
write$rfkill(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x1, 0x3, 0x1}, 0x8)
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x80000000005, 0x100000001000087}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
shutdown(0xffffffffffffffff, 0xb403dc3ee651df83)
sched_setaffinity(0x0, 0x14, &(0x7f0000000040)=0x6)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket(0x2, 0xa, 0x6)
r3 = syz_open_dev$vbi(&(0x7f0000000040), 0x0, 0x2)
ioctl$VIDIOC_S_INPUT(r3, 0xc0045627, &(0x7f0000000100)=0x3)
ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r3, 0xc0845657, &(0x7f0000000200)={0x0, @bt={0x6, 0x1, 0x1, 0x2, 0x3, 0x6, 0x4, 0x1, 0x3, 0x80000001, 0xe, 0x7f, 0xf43, 0x800000c, 0xe, 0x8, {0x3, 0x4}, 0x0, 0x2}})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00'})
r4 = bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20044070}, 0x20004891)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000500)=@bpf_ext={0x1c, 0x1, &(0x7f00000005c0)=ANY=[@ANYBLOB="578b47f7c5ebd14777e9ad33d05f018b21f6769d195a7976d37edf2ed6c5f2706af500d63e3e6084801938cbe0d510e323245a5760115044d2863413ed7e6918b191146eae9429da2e9d7304ea487867a93c36bfd3ff1c0e99ac2eabda6c8eaa212613df471b224996f2205cc43dbd2fbd64d15b99338f0f41c08e40b7bda6eb64cfbd3230ce65765095fe05e0ff7a393d19a800547f22519df8888d0b0199a9fe4b381c4a95bd09368fa778eed2ec5d774171a9549b88d477da2a35c7486401bb8cb9fe09a54b1f"], &(0x7f0000000000)='syzkaller\x00', 0xfffffffc, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x2469, r4, 0x2, &(0x7f0000000480), &(0x7f00000004c0)=[{0x2, 0x5, 0xf, 0xf}, {0x0, 0x5, 0x10000, 0x7}], 0x10, 0x878}, 0x94)
close(r0)
socket$inet(0x2, 0x80000, 0xfffffffa)

2.687988054s ago: executing program 0 (id=2168):
sendmsg$key(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000500)=ANY=[@ANYBLOB="02074e052400000029bd7000fcdbdf25070019000000000002004e23e000000200000000000000000a004e2000000005ff010000000000000000000000000001070000000000000015000800f8040000d0f541ed6ff5f006d4de5f6aae408d18217ac3923261954c0c7b98857036af1d072bfc7ac08d7c80b65839d2786254ea8e7024a1bc4233e296609f21c0841157c4fcc818b2795ec06c9a1d586e16963805c1db946f2fe13b89c56b247c07d6bbc4ce8ad4ba638e409938b1f57753c766cc5b4a41f405238760c2c2394141d1712faa71c76ff4bdff"], 0x120}}, 0x4040004)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_ADD(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000005c0)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="99742dbd7000fbdbdf25"], 0x60}, 0x1, 0x0, 0x0, 0x4000080}, 0x2400c000)

2.682033625s ago: executing program 5 (id=2169):
r0 = syz_init_net_socket$ax25(0x3, 0x2, 0x6)
bind$ax25(r0, &(0x7f0000000480)={{0x3, @default, 0x21}, [@null, @default, @default, @default, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}]}, 0x48)
connect$ax25(r0, 0x0, 0x0)

2.613797273s ago: executing program 1 (id=2170):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
io_setup(0x6, &(0x7f0000001380)=<r1=>0x0)
r2 = openat2(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)={0x8000, 0x12, 0x24}, 0x18)
ioctl$MEDIA_REQUEST_IOC_QUEUE(r2, 0x7c80, 0x0)
close(0x3)
r3 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r3, 0x7a7, &(0x7f0000000080)=0xb0000)
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r3, 0x7a5, &(0x7f0000000180)={{@my=0x0}, 0x0, 0x1})
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r3, 0x7a5, &(0x7f00000000c0)={{@my=0x0}, 0x1, 0x0, 0x7ff})
io_submit(r1, 0x1, &(0x7f0000000380)=[&(0x7f0000000340)={0x1000000, 0x0, 0x0, 0x5, 0xe, r0, 0x0}])

2.503302342s ago: executing program 0 (id=2171):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x40042, 0x1)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_TREAD_OLD(r0, 0x40045402, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x8, 0x0, 0x0)
getsockopt$inet6_buf(0xffffffffffffffff, 0x29, 0x6, 0x0, 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000083c0)={{0x3}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f00000000c0)={0x7, 0x9dc5, 0x0, 0x0, 0xf})

2.502343702s ago: executing program 5 (id=2172):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r3, 0x7a7, &(0x7f0000000100)=0x80000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r3, 0x7a0, &(0x7f0000000140)={@my=0x1})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r3, 0x7a8, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x8, &(0x7f0000000880)=ANY=[@ANYBLOB="7a0af8ff7525337cbfa100000000000007010000f8ffffffb702000005000000bf130000000000008500000006000000b700000000000000950000f700000000b2595285fa97ead0169191d54f8196217fc563e2fc91f6da4dad4f0078b1b5956fc4a3f611a7c80000040000000000b1a297cfddd73f30f2382f6c2d3ffdd45be583823c0f092248a57d48621f3c1c65ee19ee875daf45006a4c4ea5e15b2f9618d547244a22000000000800db583620ce7243d1aebdb638d91dbef6619358399aa9c2acd068c03efefd8bc77edf2d34b12cd48a1b20fb7dd843267e0331759f4ec6b5b0af58e604f494eff289026d5045ef08000000000000007718a09f4886afc26abba34635d0e8b598a51bc742135a6e1d33fe226c944bc70bb30d435aa80000010061014b1b999a12df6bee431a6681000000263b6233e1c0fe30e384c3cb07b74a72291a1a2b523dd81b6651b1ee48e999bb004823ebcd8c65743f31f84b263ab9b3426692d01ad194f302d7a658e90000000001000000b6b2f25ddb8c640ab321a402058c92cdfbea882b0b1891ac21b61bbd1e9833c0695b79fff5eb156e0a000000000000f2bd164a178d86d6935eb8b75bc4eb680d10e8b6a54c6c8674caf63ff76622939a20d4aadf85db40179c2cf83ee07e30a279d8f9f3bc282deb43a03409f8e6972f3f720d045923702cede0f3e91411f3f1b16f065624f280a7dcce8db910f93c49b9e0aa390d0da6972ed719d7e0efb2bb713d1890e317c8de105c3933fd5d5bf38f6b9fc39fc829dcfe4af8ac5fbb7314a7a433e0182767d1376eda2b9c66200349e62d4d0ab1a1dc51907c9800000000a857d61b0d66c3f6da8aed31027c33204ea0fa0620111920d3f24980e9995a510bd87b06440a0a26130098b901c53a02cfbfd8bcbdec9f34542c3c9652adefde555ecd28ebc88082bab431ee3e1adb5b0ad14c79dd4411ecc96c512f3b72a9b3a0c3e07ec6b427bdc0bf3963e9f802a5feab82a989db62d8d1339f842b3f593d6c24fe015ec63c658ba7c4fae17514f802709ab4fa5caa932d4b65a5ecfc422899513ddde6ec04974f9981a8c155c26e2e3b8f97845311c58530aad9f1e541caebd398ac2c15edd039d91f067a108a3aa563fcde20d0108d21ac3f7f3738602d4e661225e1ae7322c46d60aa353f8459340c5429a0ce885c8bf30fbc72440cf335bc2ab5ae2d5646728c45ba78662b2a54946cc98bc93f4b695311335d8aac5a3d368830279e515d842ce2fa549bd289a1a89d4c"], &(0x7f00000001c0)='GPL\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r4, 0x2800000002000000, 0x0, 0x0, &(0x7f0000000180), 0x0, 0x0, 0x4000000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x8, &(0x7f00000037c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000a70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c21f664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffaf4ab87b1bfed9fbe586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff90326eea31ae460f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf8714d7bb2366fde41f94290c2a5fdecb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1f5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27832b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd210819203a513a67da4a571ce585a17a02a210382f14d12ca3c3431ee97471c785a69da7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedda1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a540f0c10ec3a11667290b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad95971030000007d00000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfadfdd708789a20287d58187fbd49fa410632f95a5f622f851c66ee7e30393cd574d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91647b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf06d0000f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe6e7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a1914b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d0104361c37c61a43b5afd865b60d4cae891b73220f17d25979a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c056d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e64701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c617f005ac2d371a95b8adc67ec92d13a4faa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a2689217380400a9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c259d3f28b9ea81232fbef665f6212f875b2a000000000000000000000000000020bd79e41c682139c58ac1deb039a691ad640e12c12fe11d70fe495906f2d5d71778acbd4eee53a3996cb0de84bd2b059d60c0f96a53ea44e0b293865aa68df494f87db976e36ad6c06912244d4c883c4aaa60b4a1392ce0b2f2c519663b4652ff871e0f6dfff9f7d34ecf04be0a58c3d53174b67d1886e34b81ad8c60da56acc64739c3acab24aa8d0ac92d465074f915608b1b60a948bad401b1a7fb3627bbe6c45123ed44bfdf8cc143bdd27e663dc3d0476b8e39becffc429e41f66b1e37ae52aacaff0f1dc8ea70780025072e20586b19127d75fa71577f265c5100"/3836], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r4, 0x0, 0x3e, 0x50, &(0x7f0000000200)="0d6200404fc51a092c5ef9ef45dfb2bfc98a7590b7bfec88f22f3b94e668ee421014719ce2a18970503476fffa7ecfd95650d64c83dee58764bd9bddba83", &(0x7f0000000280)=""/80, 0x1ff, 0x0, 0x2e, 0x1000, &(0x7f0000000300)="c367e28aeb3c6b6ea2904d43573fa0bfb52f3eff3b768f72f73374bfd59f733539611fcd38888b864fa78ba0f70f", &(0x7f0000001480)="1bd89de94b5bc8e5b3b0804bde799d4f88ef02ae8ee909a67145544f99ee2ee551964ae97c0881cf92d6acb3690cd7beb15edbb50ea00a1c97f3d53352c5e59d99812b05762f9b3cb024911db8fced98af03e07a406d78ca0f1c9bcacff4f48e8fe229c01226c024b90455ceff287c49a16d253ec57b774a9f446cd0561009465f8183aa249c2945d9d2826cdc784620abf155acf9b04d2ded149f26546cf63a5848f83f4d061d3b31cff64a45adb663fe4ba85b0944988bc0165e0c671e96011086ecf7f4660c629b4931eb4f8e47d0e14480351880c4f1cc1c709d77cc5f1a77599140d1f361ac0bccf26ea9e587a52f33f4215afc5d07018e3895f800edf43d22156a769857875a072df59571976b780fc8bd78dbe930cc6f02acb733864b174a98ffd76dd7283d91deb641ea766b6874c3e4a07922288f87cbc261d651d10fc9ab638b588387cfe8ed40b36f6c358f3d7a2e7af46ea9dd9684535c6d8e63b2fa707cccc2b61c40fded90657df65bd0af0b02644216ab0e6c012eaa18c0ea5b17f60cc57eee62f9d1c9577a79d8dcd1b2b0b84b2277003d016ae67a12f87c6842ab9f08b8f0eec332bee2275d4f1ee9b8966d66d53d4eac78a92e4955de80a5ae65839d28145296088cfe486e9158a484d76fc6119c35c54fa7230063b85a28c836bf427b81044192367ac9d6c54f5f560b51095b68f264cab87a61d9211c8b982236316e6df9eaa217a8e52c77eceebbf2efc1c76ea40b38edb559520d7425fbed980edf06d2c75104d56be6f7ed2ea235d46b4610677581e81d5701a0a6aa67af3a731271569c4f5c6a369710b3f1dc0234ee12a72b126fe0fc2bb758880e2d26c58a42da21595ee262cdfabc1653b4a8fe66d6692862944d867f936347f21a99880ae512a882ba206b3b82d7724836cd04adcf9a8656ce041c1d6017725dfcb727e8e75e2824ce1e22e268aaa77f49bdec0d8182ff0a5efd8ed71bebde001279a99426f9f6520247a857c59f80eecbed2afe1573b49702d8e30f52b5f1d9272ffb0bf056760748bb839c4683644c7e752f6f90a86e19e1b98be6c0111e9758955957279799c25a15fe28183c1f6833f32b7bcafa2e0f48ae7ec77c2d8773dbb2e755cd2909ed3d233d43a122efb8a5310518d2d1d3ef38ee7ba1cb016e46bfe206c7cdf31b3368ef9203dfa6cfd99e890a37d01a72e4d5e4556b238c4dd6074779cc469a01324064756ec222d197d6ea9fa07372a6905b0b9a965345d461ebb4806c3dffa7b9414b8e71f5ffcbbcb6fe39022c0ea1304d7d82418c54e63bf399585c3056696f430fb78b8a95a6afd82b311b56903cbea9227b8f70cb5ca1efc689afc49ec2fdf8ee630bce77bc8d0c14deebabd208635430f2c117affb97e5d7b2a8ed776c85615a535ce82e87a48ae07a1d83f09377722e369694c3eca7f81e7ee75f7e6ba1d7c4e1e835defad72ec6fc2e957543126b895e540699e2cecdb69154901d90379c47f6ed59d5d20b4a4a79f8f203ef59946123a0fcfc4bb7ef6474819ad7136625b2b852671a61c45211ec622fbf57e6ece2516b24fb3167fbd5bb78a5c90515fb7dca81e2107b09c8f609403beaa53a20f5bec77b3747cd846ef87ea7463af7943176808d41737696bf1fc77ca47528a25ea28f129ba9326cf0714c7483abf08cb7b319514045c33e27886a045b69d94f403a6ee412a4d4d69db574f577e99aa10cef754c871e114aee2c6019ec00574a7f6df76e1569d726941fc3fe5455c284bf6b749889f83164e984824274ce3a8a7d77b4735a8c845cb1c9627bab15619695109e403b423564e42b00695f89ca9f659cfdd413df0c50d75a23288cc7465914e024f38687adbbf8b5a6c744b4930f7f5648a34aaff93a4656694f690b371518fd6a236048ca2d1ed4042909f0f51fb098786386b2b95aab6913f9c981b2fbea0b69a84464645b27518573d3d94ec37a4446af698356bcb04cd76a44d7e35d5d3960ea6af0ecfe8a87cb507a3572e610d34281fc8833599d87edba98d8dd1835618235e27447bb76284267e76780d5e123d6a59f164c0bb8f4ce05068ea93ec4affc90b6a97abf753d28e79c0845a63ba242bb20e80ac6cb5a6a60c0a641a2d8f163f63ad120d65f964cd2a084a23f0601f8c87fc5eccbbd46b5d8ace311494109014a1a0a64af8ecd1ff3b86abe831224816a9ddd32fbee93ef9e2c5c81b802716a7491a0eb212fc306f530f01c764cd5f8d4ee1e6c856ea0a21e34ca15ed63dc3e772aef39dab563d95ae2e17d664bae912d100840e8ab06348395abc8b90099cd575d5de18056daff893ddbec3b593e12028a13311bec7be1a3030b7595ba679d1b8175cea135a93eda5a9e6c4481fd355d3522df51720c21a364e05b249e623a5ce2c0da4546ffb6ac127ec4c06aa1867d664a701d77eecd0b6cfc63fd9f6305e720a8df4314f82fb8aa40af9ffd8c2a34d7832ee8b7f4e56f21939d771dbc30842f977fc9e693d70ed5e949a0456703ff9f6c3e1148ac0bcf7d90115af22052390e42041453284a114286325284b0ed13eeeee0016402c297dd530bca7387710889ae2820284facdc9e83a70026f9e07fde68c67f40f3c15a4bf374dbe2c06d82cc20835609f0e316ec6e549364184f9903ae4beaa317df856f44771276eaefcd70456d2514ab6f930d5f4a2e55fe6de03669aeb9db79038b518335001c7d32988a37ce2ad092432558961bf4ec030be8ca7baf14f89ff8a8e691b38541eb2196a5ff50fe2577362b9459000bbd17c5c10f9c1b85af5af9802ec479afcbd349cae2cba5976efc61a1e4bac0de42e6126f6a7765908fec6274908e9e0cd95d769524c481b97083455fa4947aad4a5f3e2c0c63f01c50d34d6fe7b3027f02c79de574e728b4398a13f237fe66f27dc9c6f2505a4dbc08222d51a0ecc5f7018041a4bd68ad553f8ce95e9f23f9476db64391f19375f37b92af6d83e0267ff18aef1a51fe3f26168cc561deed337bdcdb89ed47b8eb409cbfc990fafeb8969c66626aa3685dd9b7c20b97ef2ec78937f8548caaa2415bb9044a9bf08e184c9fbf72fe81218bdd7ce16f347b6dfa81d6155221b7f7bd3dca72b177ef6e847ed12b7a35d704556578d1f9da8964f8ff33d319329fe6e8fc0459fbcbd65c1301a58a6e231ef01c7160aee3375c1b00d3edddd6d3dd14e692134fa065ac5a507a46e00194e439199a39cec6bc12fdd21f0a0fbaacb80416f4c59227a94000b9191085bc21ede6a9371c078060edac746c208845032fe4049fa2079680ee9bfc055683b1e69b2f9d62b437dbd8914f8bc2832cb51927ec51654a24fb0af23c9a17049d3a7329705c5b8752a18556cc816ce7f5898f878f0f87d3215b43f2ef48269c2f14972f4bcc3f69e7d10b172d503c468a795059836ac1db7a5ae8eafaf93b11a801de3bd3c26aab65e0e91f988f3f467f3f516747a1cbd03e3bba27f048dd4244971e413a4ec72dae899de64301e89620c47ee322eff87d5756691e00776fe923a089780c0cfca874ed082b208a68ff136ba58dccaaf8eb633a34ba921c1d512076610bac3eb7255674f8fcc74e3c7d51c8cc0f934d113a3176ad4ec682140b2ca560ac08033b6bfbbdbb02400c7631d546cbbe086c59911588ae25675b3f3f695327cfd57b729c04a87a3aae793eeb69f21b5e00bf2d4e17ac6b66305c6520fac2dadda9a5c2e98f84a09f6deae47642ca46d7198cad2fd4c18938584b833384dafe76b0444912e714934158e2c6f0622164f27d08d562963872f7dc2452bd872e37b906d9aa4ec4d9fa0be44266f1553af271b0c73dfc5ad364c9451781c9369a914fa76eb85896a01aa85b6c24b8cc31dfd72d7bea86f63e849c9fda9e4ef98b68e641fba7bb88ef4697e68aae673eaf4b2bb968c501f210de97436d2a287212ecc718aa27d95b97b5a2b514f232a3412e58c9e9082ad6ce646780462068f886a0d164f9c5e2330bff1146c5b6e7245e45479405079566c794181542b100a0f965bcdb7acd07744ce4c9263a491d163d313bb6678ec13d6a55d58a29bf1eedfdd655779bf8fb15d4be69384f6674dba67bdff39d6b541038c4a05887fa693364b72d8051a9b5af35af35acc46c0b79880ae27b50e650a867022e3d5e384aa149bd9490e0bc0c3d6ecac1839ea77f73a056230b6c24cf4acfcc37a5fb46042bc96363ce0c4e909edf29304ab2ff7653c521215f2e42dab4d9930af1810854cc64602ba46de4d2580255b1ecdc2028c849e4ec5103d6221570da4190219c57681cea1eee23132be2db2f762682b3aa68c3793469e47a651516bfa6ea925636c9c28369a69017b7b374b4a86869dd412d776ac2c05d761d399d2aff88b5afd988add6515391ad7c836ff2b4a37e41c46b45863166d3653041a90776e5438b69947749de796d8de53636661c24c7a710e7ba0c6aa288d52a71c22284eb4d5a931a3b5284e22f086612cc3b05acceb8d0b0ff22bf99d9e2bf3d5e5a1790ec04d55fa057e05eedecebf823a1b1a77c49a23cbca7bd54bd2ed4b9a9d5fa1ee8bea2414d7effc9cd56b353eb6e3a218a7288ce71a07df07b3b23512718827ccee58351513cd165a84129ee471bececb8716a753157de3379cf7b0acafa32d53f9aa8570003ebc6fb519bfb107bbf83f712f1915b8d9be62c206dfe46a5758ea74ce944fa1320a3213c10062fbe1a120f4a2368a899b0e491160ef53810538207b8d6cc955eacbe6718fe0d7f34118a371ded88d4d990ba19939f8c61063522cda7b4d6580d9edb8dacc0c8f74bbc8ad8752fabc3cf12c7829763b39a9de763442f9f97878b7164686b093570d4694aa2347ff15f83e789eac56f2da6e550475ecf58c915bcfd3966e1570c21278052d90a1a1390dc0e48edaf2a564df82cda679b379f13121f584cb944a877120e4a855d9948bc2c729c342267ec188cc7c11cf3a5ec869f21ce9930eb58015cc447e9d95f0c5c34b7224cf8ea90f175584b250212b433c5e7bef0860cead48c7ed07dbe0d49ad240f57eaca9c6bc84720bac9fc3ebbf5be5ba834bcbf4d2876f0278d1e9faf651c734fe5fcf0ea9a39b09b1a631787c9d33d1ec9636f104be9fd30a32f8120b081afaf95892e6ee7c0c533268e860a73f3c8b3cd44757bbcd82cb8d6780f78508c768256f3c1d6879d364ee10f3ff12e2c76a2de394bd76743065140855c16024a4bcfda85a5a660705c1ff97bbd2cc8b1d779366648de1f5b88cf89223a9e4f4722d09f97230113980dc3dd439f915c6e567bd5d3e660bc6a1cf4817882f1ac7eb4a82e772a07cbfcfd5ba41877d59b400fa2a49b3433271d389579eca4a40f4539fbb1586d49b219edb14bbe3800643c93a50f38f10e32a21dd594c73fcf5bf019a5edc43fb5bfcfaa678f20ff5bc7aceddcae9e1d87d90369ab2d52cab05b72afd7e4570ee665aaf3be0d116ff1ec37821b910eea38058726680d85d949dea707b7ed446e390a7ebf3cca4b8681249c48aa0130853eeaa744bd461820e2970fd9f4d43b43bb203266d404c0bc0a8b712f98bf67faf195a2af46990477e88adf1108b9ed2f83e8bbc50d091751f275ae08b3e8d89225da72fb933de6049206586bf00cd6f2aae4557e56763df893abee23b07c605f1b4cd023e6390dee62616e36d912398680fda4ce6123210f0a7c1ee21c1337ad9bdb34479f90230ad65883c9f96714c9db1978649764d2b6b9600c7fa0dd08648f71336bc7bb66d1c9dc728480", 0x4, 0x0, 0x5}, 0x50)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$batadv(&(0x7f0000000240), r6)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r6, 0x8933, &(0x7f00000003c0)={'batadv_slave_1\x00', <r8=>0x0})
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r6, 0x8933, &(0x7f0000000400)={'batadv0\x00', <r9=>0x0})
sendmsg$BATADV_CMD_SET_HARDIF(r6, &(0x7f0000000640)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000006c0)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010025bdf000fcdbdf251000000008008e00", @ANYRES32=r9, @ANYBLOB="08000600", @ANYRES32=r8, @ANYBLOB="050035000700000008003a0001000000"], 0x34}, 0x1, 0x0, 0x0, 0x4800}, 0x20004804)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000380)='sys_enter\x00', r5}, 0x18)
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
open$dir(&(0x7f0000000100)='./file0\x00', 0x1afc40, 0x0)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_user\x00', 0x275a, 0x0)
ftruncate(r10, 0x2000009)
sendfile(0xffffffffffffffff, r10, 0x0, 0x7ffff000)

2.369157773s ago: executing program 4 (id=2173):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000013c0)=ANY=[@ANYBLOB="0b000000050000000004000009"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r1, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x3800, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

2.312443226s ago: executing program 3 (id=2174):
socket$rxrpc(0x21, 0x2, 0xa)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff9000/0x2000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ff1000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
r0 = io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0x362, 0xc000, 0x7, 0x337})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000093c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@deltfilter={0x24, 0x2d, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {}, {0x0, 0xffff}}}, 0x24}}, 0x0)
sendmsg(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000000)='9', 0x1}], 0x1, 0x0, 0x0, 0x2c}, 0x4000845)
io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0)

913.636039ms ago: executing program 0 (id=2175):
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10)
r1 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r1, &(0x7f0000000240)={&(0x7f0000000080)=@name={0x1e, 0x2, 0x0, {{0x41}}}, 0x10, &(0x7f0000000340)=[{&(0x7f00000002c0)='/', 0x1}], 0x1, 0x0, 0x0, 0x40}, 0x0)
accept4(r0, 0x0, 0x0, 0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff8000}]})
close_range(r2, 0xffffffffffffffff, 0x0)

773.111201ms ago: executing program 4 (id=2176):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
r1 = syz_io_uring_setup(0x7b, &(0x7f0000000540)={0x0, 0x3bce, 0x10100, 0x0, 0x313}, &(0x7f00000005c0)=<r2=>0x0, &(0x7f0000000100)=<r3=>0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_RECVMSG={0xa, 0x40, 0x0, r5, 0x0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000019c0)=[{&(0x7f00000002c0)=""/183, 0xb7}], 0x1}, 0x0, 0x40000103})
io_uring_enter(r1, 0x46f3, 0x0, 0x0, 0x0, 0x0)
recvmmsg(r5, &(0x7f0000001400)=[{{0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f0000000680)=""/84, 0x54}], 0x1}}, {{0x0, 0x0, &(0x7f0000000e80)=[{&(0x7f0000000e00)=""/41, 0x29}], 0x1}, 0x1}], 0x2, 0x40000000, 0x0)
write(r4, &(0x7f0000000200)='~', 0x1)
r6 = socket(0x1e, 0x1, 0x0)
connect$tipc(r6, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth1\x00', <r7=>0x0})
bind$packet(r0, &(0x7f00000001c0)={0x11, 0x1a, r7, 0x1, 0xf, 0x6, @local}, 0x14)
sendto$packet(r0, &(0x7f0000000180)="0b0312002e0064000200475400f6a13fb1000000086086dd4803", 0x1a, 0x88a8ffbf, &(0x7f0000000140)={0x11, 0x8100, r7, 0x1, 0x0, 0x6, @broadcast}, 0x14)
sched_setscheduler(0x0, 0x0, &(0x7f0000000040)=0x1)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r6, 0x84, 0x1f, &(0x7f0000000200)={<r8=>0x0, @in6={{0xa, 0x4e24, 0x10, @private2={0xfc, 0x2, '\x00', 0x1}, 0xf22a}}, 0x4, 0xfd}, &(0x7f0000000080)=0x90)
getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r6, 0x84, 0x71, &(0x7f00000000c0)={r8}, &(0x7f00000002c0)=0x8)

678.503065ms ago: executing program 5 (id=2177):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x10001, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = syz_open_dev$dri(0x0, 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, 0x0)
write$dsp(0xffffffffffffffff, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffed850000006d000000a50000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r3 = getpid()
syz_pidfd_open(r3, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x59, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x9, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
pselect6(0x40, &(0x7f00000001c0)={0x3, 0x0, 0x3, 0xfffffffffffffffd, 0x0, 0x9, 0x0, 0xfffffffffffffffe}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff, 0x40000000000}, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_open_procfs(0x0, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r5, 0x0, 0x0)

632.283004ms ago: executing program 1 (id=2178):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000480), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000003c0)={0x0, 0x18, 0xfa00, {0xffffffffffffffff, &(0x7f0000000380)={<r1=>0xffffffffffffffff}, 0x2, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000200)={0x3, 0x40, 0xfa00, {{0xa, 0xfffe, 0x0, @empty, 0x4}, {0xa, 0x0, 0x0, @loopback, 0xfffffffc}, r1, 0x400}}, 0x48)
write$RDMA_USER_CM_CMD_JOIN_MCAST(r0, &(0x7f0000000d40)={0x16, 0x98, 0xfa00, {0x0, 0x2, r1, 0x30, 0x1, @ib={0x1b, 0x8000, 0x3, {"3f8c0d6cf777eaa6ace6d3ec00ed4771"}, 0x500e, 0x0, 0xf}}}, 0xa0)

628.688229ms ago: executing program 0 (id=2179):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10)
writev(r0, &(0x7f0000000200)=[{&(0x7f00000000c0)='X', 0x8030000}], 0x1)
pselect6(0x40, &(0x7f0000000140)={0x1, 0x4, 0x3, 0xff, 0x4, 0xea2b, 0x7, 0x2300000000000}, 0x0, &(0x7f00000001c0)={0x9, 0xbb18, 0x2, 0xc, 0x0, 0x4f, 0x0, 0x4}, &(0x7f0000000200)={0x0, 0x3938700}, 0x0)

449.734618ms ago: executing program 3 (id=2180):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58) (async)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3", 0x5) (async)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0}], 0x1, 0x0) (async)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}], 0x1}, 0x0)
r2 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c) (async)
setsockopt$XDP_UMEM_COMPLETION_RING(r2, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$XDP_RX_RING(r2, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r4=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r2, 0x11b, 0x5, &(0x7f0000000300)=0x1, 0x4) (async)
bind$xdp(r2, &(0x7f0000000100)={0x2c, 0x0, r4}, 0x10) (async)
getsockopt$XDP_STATISTICS(r2, 0x11b, 0x7, &(0x7f0000000a00), &(0x7f0000000a40)=0x30)

390.978174ms ago: executing program 1 (id=2181):
sendmsg$key(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000500)=ANY=[@ANYBLOB="02074e052400000029bd7000fcdbdf25070019000000000002004e23e000000200000000000000000a004e2000000005ff010000000000000000000000000001070000000000000015000800f8040000d0f541ed6ff5f006d4de5f6aae408d18217ac3923261954c0c7b98857036af1d072bfc7ac08d7c80b65839d2786254ea8e7024a1bc4233e296609f21c0841157c4fcc818b2795ec06c9a1d586e16963805c1db946f2fe13b89c56b247c07d6bbc4ce8ad4ba638e409938b1f57753c766cc5b4a41f405238760c2c2394141d1712faa71c76ff4bdff"], 0x120}}, 0x4040004)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_ADD(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000005c0)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="99742dbd7000fbdbdf25"], 0x60}, 0x1, 0x0, 0x0, 0x4000080}, 0x2400c000)

305.072958ms ago: executing program 5 (id=2182):
r0 = socket$inet6_icmp(0xa, 0x2, 0x3a)
ioctl$sock_inet_SIOCSIFNETMASK(r0, 0x891c, &(0x7f0000000300)={'ip_vti0\x00', {0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x37}}})
sendto$inet6(r0, &(0x7f0000000040)="a16163ec41ff6022c01af121", 0xc, 0x40008011, &(0x7f00000000c0)={0xa, 0x4e21, 0x1000, @ipv4={'\x00', '\xff\xff', @remote}, 0x8}, 0x1c)
socket$kcm(0x10, 0x2, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
socket(0xa, 0x2400000001, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
writev(r1, &(0x7f0000019880)=[{&(0x7f0000000400)="fb", 0xffffff5c}, {&(0x7f00000197c0)="1902eb02d5e5f29e59e1a7caec33eb76d2430da474d87e367f6598d026438b65eda8341073b6752abdcee080c8e1e876b25227c37d7dd79886ce33f13e857c8eda1cecf6ac36c03dbf54e3cb5136da5a33fee76fb3113f8b6700e9e5fc006b8eed665fed48738d59395ad07438c3610ae3976aac75caf2facafa21c25be3c2", 0x7f}], 0x2)
socket$inet_sctp(0x2, 0x1, 0x84)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="09000000030000000400010005"], 0x50)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xe, 0x4, 0x4, 0x5}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000680)='sys_exit\x00'}, 0x10)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
ppoll(&(0x7f0000000500)=[{r2}], 0x1, 0x0, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000004c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021100011800c000100636f756e74657200"], 0x130}, 0x1, 0x0, 0x0, 0x8000}, 0x8880)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0xdf63, 0x3, 0xfffffffffffffffd, 0x9323, 0xfffffffffffffffe, 0x0, 0x2}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0xfffffffffffffffc, 0xffffffffffffffff, 0x7fffffff, 0x2}, 0x0, 0x0) (fail_nth: 2)

177.057637ms ago: executing program 1 (id=2183):
r0 = syz_usb_connect$cdc_ecm(0x0, 0x4d, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000020000402505a1a440000010010109023b000101000000090400001202060000052406000005240000000d240f01000000000000000000090582020002000000090503020002000000"], &(0x7f0000001400)={0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000300)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', r5}, 0x9)
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
epoll_create1(0x0)
ioctl$BINDER_THREAD_EXIT(r6, 0x40046208, 0x0)
syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)

0s ago: executing program 3 (id=2184):
r0 = syz_init_net_socket$ax25(0x3, 0x2, 0x6)
bind$ax25(r0, &(0x7f0000000480)={{0x3, @default, 0x21}, [@null, @default, @default, @default, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}]}, 0x48)
connect$ax25(r0, 0x0, 0x0)

kernel console output (not intermixed with test programs):

sb 4-1: USB disconnect, device number 41
[  739.562769][ T9335] cdc_ether 3-1:1.0: probe with driver cdc_ether failed with error -71
[  739.687719][T11211] FAULT_INJECTION: forcing a failure.
[  739.687719][T11211] name failslab, interval 1, probability 0, space 0, times 0
[  739.687753][T11211] CPU: 0 UID: 0 PID: 11211 Comm: syz.3.1428 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  739.687774][T11211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  739.687818][T11211] Call Trace:
[  739.687826][T11211]  <TASK>
[  739.687835][T11211]  dump_stack_lvl+0x189/0x250
[  739.687863][T11211]  ? __pfx____ratelimit+0x10/0x10
[  739.687887][T11211]  ? __pfx_dump_stack_lvl+0x10/0x10
[  739.687910][T11211]  ? __pfx__printk+0x10/0x10
[  739.687935][T11211]  ? __pfx___might_resched+0x10/0x10
[  739.687952][T11211]  ? fs_reclaim_acquire+0x7d/0x100
[  739.687974][T11211]  should_fail_ex+0x46c/0x600
[  739.688000][T11211]  ? __alloc_skb+0x112/0x2d0
[  739.688022][T11211]  should_failslab+0xa8/0x100
[  739.688042][T11211]  ? __alloc_skb+0x112/0x2d0
[  739.688059][T11211]  kmem_cache_alloc_node_noprof+0x77/0x330
[  739.688089][T11211]  __alloc_skb+0x112/0x2d0
[  739.688116][T11211]  netlink_sendmsg+0x5c6/0xb30
[  739.688150][T11211]  ? __pfx_netlink_sendmsg+0x10/0x10
[  739.688181][T11211]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  739.688198][T11211]  ? __pfx_netlink_sendmsg+0x10/0x10
[  739.688222][T11211]  __sock_sendmsg+0x219/0x270
[  739.688247][T11211]  ____sys_sendmsg+0x508/0x820
[  739.688271][T11211]  ? __pfx_____sys_sendmsg+0x10/0x10
[  739.688299][T11211]  ? import_iovec+0x74/0xa0
[  739.688323][T11211]  ___sys_sendmsg+0x21f/0x2a0
[  739.688345][T11211]  ? __pfx____sys_sendmsg+0x10/0x10
[  739.688438][T11211]  ? __fget_files+0x2a/0x420
[  739.688459][T11211]  ? __fget_files+0x3a6/0x420
[  739.688492][T11211]  __x64_sys_sendmsg+0x1a1/0x260
[  739.688513][T11211]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  739.688541][T11211]  ? __pfx_ksys_write+0x10/0x10
[  739.688560][T11211]  ? rcu_is_watching+0x15/0xb0
[  739.688589][T11211]  ? do_syscall_64+0xbe/0x3b0
[  739.688610][T11211]  do_syscall_64+0xfa/0x3b0
[  739.688624][T11211]  ? lockdep_hardirqs_on+0x9c/0x150
[  739.688646][T11211]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  739.688663][T11211]  ? clear_bhb_loop+0x60/0xb0
[  739.688684][T11211]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  739.688701][T11211] RIP: 0033:0x7f26c1a1eba9
[  739.688717][T11211] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  739.688732][T11211] RSP: 002b:00007f26bfc86038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  739.688751][T11211] RAX: ffffffffffffffda RBX: 00007f26c1c65fa0 RCX: 00007f26c1a1eba9
[  739.688764][T11211] RDX: 0000000000040000 RSI: 0000200000000100 RDI: 0000000000000003
[  739.688776][T11211] RBP: 00007f26bfc86090 R08: 0000000000000000 R09: 0000000000000000
[  739.688794][T11211] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  739.688805][T11211] R13: 00007f26c1c66038 R14: 00007f26c1c65fa0 R15: 00007fff9f6aa2f8
[  739.688845][T11211]  </TASK>
[  739.753896][ T9335] usb 3-1: USB disconnect, device number 25
[  740.667239][T11225] overlayfs: missing 'lowerdir'
[  742.298712][T11237] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1435'.
[  742.741065][ T6353] usb 4-1: new high-speed USB device number 42 using dummy_hcd
[  742.741066][ T6809] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  742.908527][ T6353] usb 4-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  742.914264][ T6353] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  742.914292][ T6353] usb 4-1: New USB device strings: Mfr=0, Product=16, SerialNumber=1
[  742.914311][ T6353] usb 4-1: Product: syz
[  742.914324][ T6353] usb 4-1: SerialNumber: syz
[  742.981110][ T5952] usb 2-1: new high-speed USB device number 44 using dummy_hcd
[  743.137146][ T5952] usb 2-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  743.140294][ T5952] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  743.140394][ T5952] usb 2-1: New USB device strings: Mfr=0, Product=16, SerialNumber=1
[  743.140414][ T5952] usb 2-1: Product: syz
[  743.140427][ T5952] usb 2-1: SerialNumber: syz
[  743.191019][ T9335] usb 3-1: new full-speed USB device number 26 using dummy_hcd
[  743.377001][ T9335] usb 3-1: New USB device found, idVendor=0b48, idProduct=3007, bcdDevice=4f.64
[  743.377030][ T9335] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  743.377048][ T9335] usb 3-1: Product: syz
[  743.377061][ T9335] usb 3-1: Manufacturer: syz
[  743.377074][ T9335] usb 3-1: SerialNumber: syz
[  743.390759][ T9335] usb 3-1: config 0 descriptor??
[  743.973676][ T9335] dvb-usb: found a 'Technotrend TT Connect S2-3600' in warm state.
[  743.973729][ T9335] pctv452e: pctv452e_power_ctrl: 1
[  743.973729][ T9335] 
[  743.973779][ T9335] usb 3-1: selecting invalid altsetting 3
[  743.973792][ T9335] pctv452e: pctv452e_power_ctrl: Warning set interface returned: -22
[  743.973792][ T9335] 
[  743.973807][ T9335] dvb-usb: bulk message failed: -22 (5/0)
[  743.990562][ T9335] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  743.999279][ T9335] dvb-usb: Technotrend TT Connect S2-3600 error while loading driver (-19)
[  746.544573][ T7827] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  746.566458][ T7197] usb 3-1: USB disconnect, device number 26
[  747.826343][ T6353] cdc_ether 4-1:1.0: probe with driver cdc_ether failed with error -71
[  747.830172][ T5952] cdc_ether 2-1:1.0: probe with driver cdc_ether failed with error -71
[  747.861660][ T6353] usb 4-1: USB disconnect, device number 42
[  747.865119][ T5952] usb 2-1: USB disconnect, device number 44
[  748.094595][T11280] FAULT_INJECTION: forcing a failure.
[  748.094595][T11280] name failslab, interval 1, probability 0, space 0, times 0
[  748.094628][T11280] CPU: 0 UID: 0 PID: 11280 Comm: syz.3.1450 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  748.094649][T11280] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  748.094660][T11280] Call Trace:
[  748.094667][T11280]  <TASK>
[  748.094675][T11280]  dump_stack_lvl+0x189/0x250
[  748.094707][T11280]  ? __pfx____ratelimit+0x10/0x10
[  748.094733][T11280]  ? __pfx_dump_stack_lvl+0x10/0x10
[  748.094755][T11280]  ? __pfx__printk+0x10/0x10
[  748.094781][T11280]  ? __pfx___might_resched+0x10/0x10
[  748.094804][T11280]  should_fail_ex+0x46c/0x600
[  748.094834][T11280]  should_failslab+0xa8/0x100
[  748.094859][T11280]  __kmalloc_noprof+0xcb/0x430
[  748.094878][T11280]  ? tomoyo_encode+0x28b/0x550
[  748.094910][T11280]  tomoyo_encode+0x28b/0x550
[  748.094939][T11280]  tomoyo_realpath_from_path+0x58d/0x5d0
[  748.094973][T11280]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  748.094993][T11280]  tomoyo_path_number_perm+0x1e8/0x5a0
[  748.095017][T11280]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  748.095041][T11280]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  748.095065][T11280]  ? lockdep_hardirqs_on+0x9c/0x150
[  748.095096][T11280]  ? __lock_acquire+0xab9/0xd20
[  748.095139][T11280]  ? __fget_files+0x2a/0x420
[  748.095164][T11280]  ? __fget_files+0x2a/0x420
[  748.095184][T11280]  ? __fget_files+0x3a6/0x420
[  748.095205][T11280]  ? __fget_files+0x2a/0x420
[  748.095230][T11280]  security_file_ioctl+0xcb/0x2d0
[  748.095250][T11280]  __se_sys_ioctl+0x47/0x170
[  748.095271][T11280]  do_syscall_64+0xfa/0x3b0
[  748.095286][T11280]  ? lockdep_hardirqs_on+0x9c/0x150
[  748.095308][T11280]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  748.095324][T11280]  ? clear_bhb_loop+0x60/0xb0
[  748.095345][T11280]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  748.095361][T11280] RIP: 0033:0x7f26c1a1eba9
[  748.095377][T11280] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  748.095392][T11280] RSP: 002b:00007f26bfc86038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  748.095411][T11280] RAX: ffffffffffffffda RBX: 00007f26c1c65fa0 RCX: 00007f26c1a1eba9
[  748.095425][T11280] RDX: 0000200000000340 RSI: 00000000c1205531 RDI: 0000000000000003
[  748.095437][T11280] RBP: 00007f26bfc86090 R08: 0000000000000000 R09: 0000000000000000
[  748.095448][T11280] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  748.095459][T11280] R13: 00007f26c1c66038 R14: 00007f26c1c65fa0 R15: 00007fff9f6aa2f8
[  748.095500][T11280]  </TASK>
[  748.095710][T11280] ERROR: Out of memory at tomoyo_realpath_from_path.
[  749.074401][    C0] vkms_vblank_simulate: vblank timer overrun
[  749.370532][    C0] vkms_vblank_simulate: vblank timer overrun
[  750.602719][    C0] vkms_vblank_simulate: vblank timer overrun
[  751.545882][    C0] vkms_vblank_simulate: vblank timer overrun
[  751.639276][    C0] vkms_vblank_simulate: vblank timer overrun
[  751.704587][    C0] vkms_vblank_simulate: vblank timer overrun
[  751.783229][    C0] vkms_vblank_simulate: vblank timer overrun
[  751.796318][ T6889] usb 4-1: new high-speed USB device number 43 using dummy_hcd
[  751.848799][    C0] vkms_vblank_simulate: vblank timer overrun
[  751.930141][    C0] vkms_vblank_simulate: vblank timer overrun
[  752.110959][ T6889] usb 4-1: Using ep0 maxpacket: 32
[  752.141813][ T6889] usb 4-1: unable to read config index 0 descriptor/start: -61
[  752.141851][ T6889] usb 4-1: can't read configurations, error -61
[  752.491076][ T6889] usb 4-1: new high-speed USB device number 44 using dummy_hcd
[  752.711370][ T6889] usb 4-1: Using ep0 maxpacket: 32
[  753.177960][    C0] vkms_vblank_simulate: vblank timer overrun
[  753.271739][ T1325] ieee802154 phy0 wpan0: encryption failed: -22
[  753.287865][    C0] vkms_vblank_simulate: vblank timer overrun
[  753.329668][ T6889] usb 4-1: unable to read config index 0 descriptor/start: -61
[  753.329704][ T6889] usb 4-1: can't read configurations, error -61
[  753.330145][ T6889] usb usb4-port1: attempt power cycle
[  753.671581][ T5952] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[  753.865787][ T5952] usb 3-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  753.868157][ T5952] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  753.868182][ T5952] usb 3-1: New USB device strings: Mfr=0, Product=16, SerialNumber=1
[  753.868201][ T5952] usb 3-1: Product: syz
[  753.868214][ T5952] usb 3-1: SerialNumber: syz
[  753.902585][ T6889] usb 4-1: new high-speed USB device number 45 using dummy_hcd
[  753.921893][ T6889] usb 4-1: Using ep0 maxpacket: 32
[  753.926328][ T6889] usb 4-1: unable to read config index 0 descriptor/start: -61
[  753.926363][ T6889] usb 4-1: can't read configurations, error -61
[  754.051077][ T6889] usb 4-1: new high-speed USB device number 46 using dummy_hcd
[  754.073877][ T6889] usb 4-1: Using ep0 maxpacket: 32
[  754.090517][ T6889] usb 4-1: unable to read config index 0 descriptor/start: -61
[  754.090555][ T6889] usb 4-1: can't read configurations, error -61
[  754.092596][ T6889] usb usb4-port1: unable to enumerate USB device
[  754.975159][T11334] fuse: Unknown parameter '00000000000000000000'
[  755.130076][ T6889] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  755.163905][ T6889] hid-generic 0000:0000:0000.000B: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  755.574275][T11341] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  756.457069][ T5952] cdc_ether 3-1:1.0: probe with driver cdc_ether failed with error -71
[  756.495912][ T5952] usb 3-1: USB disconnect, device number 27
[  759.158289][    C0] vkms_vblank_simulate: vblank timer overrun
[  759.349033][    C0] vkms_vblank_simulate: vblank timer overrun
[  759.467210][T11375] fuse: Unknown parameter '00000000000000000000'
[  759.642764][T10358] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  759.942809][    C0] vkms_vblank_simulate: vblank timer overrun
[  759.943798][T10358] hid-generic 0000:0000:0000.000C: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  760.306461][    C0] vkms_vblank_simulate: vblank timer overrun
[  760.690179][    C0] vkms_vblank_simulate: vblank timer overrun
[  760.743568][ T5926] usb 3-1: new high-speed USB device number 28 using dummy_hcd
[  760.913564][ T5926] usb 3-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  760.915856][ T5926] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  760.915882][ T5926] usb 3-1: New USB device strings: Mfr=0, Product=16, SerialNumber=1
[  760.915901][ T5926] usb 3-1: Product: syz
[  760.915914][ T5926] usb 3-1: SerialNumber: syz
[  761.078255][    C0] vkms_vblank_simulate: vblank timer overrun
[  761.461056][ T5952] usb 2-1: new high-speed USB device number 45 using dummy_hcd
[  761.640965][ T5952] usb 2-1: Using ep0 maxpacket: 16
[  761.643599][ T5952] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  761.643623][ T5952] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  761.647171][ T5952] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  761.647196][ T5952] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  761.647215][ T5952] usb 2-1: Product: syz
[  761.647228][ T5952] usb 2-1: Manufacturer: syz
[  761.647240][ T5952] usb 2-1: SerialNumber: syz
[  762.385968][ T5952] usb 2-1: cannot find UAC_HEADER
[  762.527564][ T5952] snd-usb-audio 2-1:1.0: probe with driver snd-usb-audio failed with error -22
[  762.546042][ T5952] usb 2-1: USB disconnect, device number 45
[  762.639074][T11406] fuse: Unknown parameter '00000000000000000000'
[  762.860426][    C0] vkms_vblank_simulate: vblank timer overrun
[  763.176391][    C0] vkms_vblank_simulate: vblank timer overrun
[  763.256088][    C0] vkms_vblank_simulate: vblank timer overrun
[  763.465532][ T5926] cdc_ether 3-1:1.0: probe with driver cdc_ether failed with error -71
[  763.482939][ T5926] usb 3-1: USB disconnect, device number 28
[  764.604412][    C1] vkms_vblank_simulate: vblank timer overrun
[  764.952252][T10358] usb 2-1: new high-speed USB device number 46 using dummy_hcd
[  765.401527][    C1] vkms_vblank_simulate: vblank timer overrun
[  765.604648][T10358] usb 2-1: Using ep0 maxpacket: 16
[  765.611550][T10358] usb 2-1: config 0 has an invalid interface number: 214 but max is 0
[  765.611576][T10358] usb 2-1: config 0 has no interface number 0
[  765.611624][T10358] usb 2-1: config 0 interface 214 altsetting 0 endpoint 0x83 has invalid maxpacket 1023, setting to 64
[  765.655167][T10358] usb 2-1: New USB device found, idVendor=0596, idProduct=0001, bcdDevice= 5.f5
[  765.655195][T10358] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  765.655214][T10358] usb 2-1: Product: syz
[  765.655227][T10358] usb 2-1: Manufacturer: syz
[  765.655240][T10358] usb 2-1: SerialNumber: syz
[  765.938864][    C1] vkms_vblank_simulate: vblank timer overrun
[  766.080379][T10358] usb 2-1: config 0 descriptor??
[  766.256204][    C1] vkms_vblank_simulate: vblank timer overrun
[  767.006788][    C1] vkms_vblank_simulate: vblank timer overrun
[  767.091034][ T5926] usb 3-1: new high-speed USB device number 29 using dummy_hcd
[  767.291039][T10358] usbtouchscreen 2-1:0.214: Failed to read FW rev: -71
[  767.291309][T10358] usbtouchscreen 2-1:0.214: probe with driver usbtouchscreen failed with error -71
[  767.336849][T10358] usb 2-1: USB disconnect, device number 46
[  767.357092][ T5926] usb 3-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  767.360032][ T5926] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  767.360059][ T5926] usb 3-1: New USB device strings: Mfr=0, Product=16, SerialNumber=1
[  767.360077][ T5926] usb 3-1: Product: syz
[  767.360090][ T5926] usb 3-1: SerialNumber: syz
[  768.865454][    C1] vkms_vblank_simulate: vblank timer overrun
[  768.887873][    C1] vkms_vblank_simulate: vblank timer overrun
[  770.523806][T11477] libceph: resolve '.
[  770.523806][T11477] #)|.��f��ǝ�a���2s�o�w���?�'�%ЏKAq�f��C���z�e�Sb3L)Hy�o����������Ǥ�Y�M�����h�E$
[  770.523806][T11477] ' (ret=-3): failed
[  772.483364][ T5926] cdc_ether 3-1:1.0: probe with driver cdc_ether failed with error -71
[  772.812039][ T5926] usb 3-1: USB disconnect, device number 29
[  775.725742][ T6889] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  775.751137][ T6889] hid-generic 0000:0000:0000.000D: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  776.095869][T11532] libceph: resolve '.
[  776.095869][T11532] #)|.��f��ǝ�a���2s�o�w���?�'�%ЏKAq�f��C���z�e�Sb3L)Hy�o����������Ǥ�Y�M�����h�E$
[  776.095869][T11532] ' (ret=-3): failed
[  778.600976][T10359] usb 3-1: new high-speed USB device number 30 using dummy_hcd
[  778.921372][T10359] usb 3-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  778.923946][T10359] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  778.923973][T10359] usb 3-1: New USB device strings: Mfr=0, Product=16, SerialNumber=1
[  778.923991][T10359] usb 3-1: Product: syz
[  778.924005][T10359] usb 3-1: SerialNumber: syz
[  779.030907][T11564] libceph: resolve '.
[  779.030907][T11564] #)|.��f��ǝ�a���2s�o�w���?�'�%ЏKAq�f��C���z�e�Sb3L)Hy�o����������Ǥ�Y�M�����h�E$
[  779.030907][T11564] ' (ret=-3): failed
[  779.298728][ T7682] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  784.341369][T10359] cdc_ether 3-1:1.0: probe with driver cdc_ether failed with error -71
[  784.374399][T10359] usb 3-1: USB disconnect, device number 30
[  785.901106][T10359] usb 3-1: new high-speed USB device number 31 using dummy_hcd
[  785.925231][   T37] audit: type=1326 audit(1758126013.945:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11611 comm="syz.0.1557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67225ceba9 code=0x7ffc0000
[  785.925888][   T37] audit: type=1326 audit(1758126013.945:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11611 comm="syz.0.1557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f67225ceba9 code=0x7ffc0000
[  785.928055][   T37] audit: type=1326 audit(1758126013.945:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11611 comm="syz.0.1557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67225ceba9 code=0x7ffc0000
[  785.928601][   T37] audit: type=1326 audit(1758126013.945:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11611 comm="syz.0.1557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67225ceba9 code=0x7ffc0000
[  785.928852][   T37] audit: type=1326 audit(1758126013.945:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11611 comm="syz.0.1557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f67225ceba9 code=0x7ffc0000
[  785.945585][   T37] audit: type=1326 audit(1758126013.955:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11611 comm="syz.0.1557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f67225cebe3 code=0x7ffc0000
[  785.945634][   T37] audit: type=1326 audit(1758126013.965:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11611 comm="syz.0.1557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f67225cebe3 code=0x7ffc0000
[  785.945672][   T37] audit: type=1326 audit(1758126013.965:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11611 comm="syz.0.1557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67225ceba9 code=0x7ffc0000
[  785.953470][   T37] audit: type=1326 audit(1758126013.975:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11611 comm="syz.0.1557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67225ceba9 code=0x7ffc0000
[  785.954005][   T37] audit: type=1326 audit(1758126013.975:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11611 comm="syz.0.1557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67225ceba9 code=0x7ffc0000
[  786.300532][T10359] usb 3-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  786.318039][T10359] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  786.318088][T10359] usb 3-1: New USB device strings: Mfr=0, Product=16, SerialNumber=1
[  786.318106][T10359] usb 3-1: Product: syz
[  786.318117][T10359] usb 3-1: SerialNumber: syz
[  787.276581][    C0] vkms_vblank_simulate: vblank timer overrun
[  787.457892][    C0] vkms_vblank_simulate: vblank timer overrun
[  787.531989][    C0] vkms_vblank_simulate: vblank timer overrun
[  789.148126][    C0] vkms_vblank_simulate: vblank timer overrun
[  789.779124][T10359] cdc_ether 3-1:1.0: probe with driver cdc_ether failed with error -71
[  789.819478][T10359] usb 3-1: USB disconnect, device number 31
[  790.161155][ T5909] usb 4-1: new high-speed USB device number 47 using dummy_hcd
[  790.276709][    C0] vkms_vblank_simulate: vblank timer overrun
[  790.332981][ T5909] usb 4-1: device descriptor read/64, error -71
[  790.470081][    C0] vkms_vblank_simulate: vblank timer overrun
[  790.623205][    C0] vkms_vblank_simulate: vblank timer overrun
[  791.546769][    C0] vkms_vblank_simulate: vblank timer overrun
[  791.643491][ T5909] usb 4-1: new high-speed USB device number 48 using dummy_hcd
[  791.680459][    C0] vkms_vblank_simulate: vblank timer overrun
[  791.831642][ T5909] usb 4-1: device descriptor read/64, error -71
[  791.969035][ T5909] usb usb4-port1: attempt power cycle
[  792.104099][T11682] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  792.541088][ T5909] usb 4-1: new high-speed USB device number 49 using dummy_hcd
[  792.561710][ T5909] usb 4-1: device descriptor read/8, error -71
[  792.573138][T11682] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  792.899551][    C0] vkms_vblank_simulate: vblank timer overrun
[  793.512567][    C0] vkms_vblank_simulate: vblank timer overrun
[  793.661046][T10359] usb 3-1: new high-speed USB device number 32 using dummy_hcd
[  793.702093][ T5909] usb 4-1: new high-speed USB device number 50 using dummy_hcd
[  793.851746][    C0] vkms_vblank_simulate: vblank timer overrun
[  794.045107][    C0] vkms_vblank_simulate: vblank timer overrun
[  794.178419][T10359] usb 3-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  794.238613][T10359] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  794.238763][T10359] usb 3-1: New USB device strings: Mfr=0, Product=16, SerialNumber=1
[  794.238906][T10359] usb 3-1: Product: syz
[  794.239026][T10359] usb 3-1: SerialNumber: syz
[  794.655124][    C0] vkms_vblank_simulate: vblank timer overrun
[  794.668872][ T5909] usb 4-1: device not accepting address 50, error -71
[  794.669280][ T5909] usb usb4-port1: unable to enumerate USB device
[  794.705244][T11682] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  794.874796][T11715] FAULT_INJECTION: forcing a failure.
[  794.874796][T11715] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  794.874829][T11715] CPU: 1 UID: 0 PID: 11715 Comm: syz.1.1588 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  794.874850][T11715] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  794.874861][T11715] Call Trace:
[  794.874868][T11715]  <TASK>
[  794.874875][T11715]  dump_stack_lvl+0x189/0x250
[  794.874904][T11715]  ? __pfx____ratelimit+0x10/0x10
[  794.874927][T11715]  ? __pfx_dump_stack_lvl+0x10/0x10
[  794.874950][T11715]  ? __pfx__printk+0x10/0x10
[  794.874968][T11715]  ? __might_fault+0xb0/0x130
[  794.875003][T11715]  should_fail_ex+0x46c/0x600
[  794.875027][T11715]  _copy_from_user+0x2d/0xb0
[  794.875044][T11715]  ___sys_sendmsg+0x158/0x2a0
[  794.875061][T11715]  ? __pfx____sys_sendmsg+0x10/0x10
[  794.875101][T11715]  ? __fget_files+0x2a/0x420
[  794.875118][T11715]  ? __fget_files+0x3a6/0x420
[  794.875143][T11715]  __sys_sendmmsg+0x22d/0x430
[  794.875161][T11715]  ? __pfx___sys_sendmmsg+0x10/0x10
[  794.875182][T11715]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  794.875208][T11715]  ? ksys_write+0x230/0x260
[  794.875226][T11715]  ? __pfx_ksys_write+0x10/0x10
[  794.875239][T11715]  ? rcu_is_watching+0x15/0xb0
[  794.875263][T11715]  __x64_sys_sendmmsg+0xa0/0xc0
[  794.875278][T11715]  do_syscall_64+0xfa/0x3b0
[  794.875289][T11715]  ? lockdep_hardirqs_on+0x9c/0x150
[  794.875307][T11715]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  794.875320][T11715]  ? clear_bhb_loop+0x60/0xb0
[  794.875335][T11715]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  794.875348][T11715] RIP: 0033:0x7f68a494eba9
[  794.875360][T11715] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  794.875371][T11715] RSP: 002b:00007f68a2b6c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  794.875386][T11715] RAX: ffffffffffffffda RBX: 00007f68a4b96180 RCX: 00007f68a494eba9
[  794.875396][T11715] RDX: 07fffffffffffd33 RSI: 0000200000004d00 RDI: 0000000000000007
[  794.875405][T11715] RBP: 00007f68a2b6c090 R08: 0000000000000000 R09: 0000000000000000
[  794.875413][T11715] R10: 0000000020000890 R11: 0000000000000246 R12: 0000000000000001
[  794.875421][T11715] R13: 00007f68a4b96218 R14: 00007f68a4b96180 R15: 00007ffc443915b8
[  794.875443][T11715]  </TASK>
[  795.521338][ T5909] usb 4-1: new high-speed USB device number 51 using dummy_hcd
[  795.730955][ T5909] usb 4-1: Using ep0 maxpacket: 16
[  795.782636][T11682] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  795.806088][ T5909] usb 4-1: config 0 has an invalid interface number: 214 but max is 0
[  795.806113][ T5909] usb 4-1: config 0 has no interface number 0
[  795.806145][ T5909] usb 4-1: config 0 interface 214 altsetting 0 endpoint 0x83 has invalid maxpacket 1023, setting to 64
[  795.810981][ T5909] usb 4-1: New USB device found, idVendor=0596, idProduct=0001, bcdDevice= 5.f5
[  795.811006][ T5909] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  795.811021][ T5909] usb 4-1: Product: syz
[  795.811033][ T5909] usb 4-1: Manufacturer: syz
[  795.811046][ T5909] usb 4-1: SerialNumber: syz
[  795.829463][ T5909] usb 4-1: config 0 descriptor??
[  796.928283][ T2154] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  796.943131][ T6299] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  796.947055][ T6299] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  796.947097][ T6299] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  797.107995][ T5909] usbtouchscreen 4-1:0.214: Failed to read FW rev: -71
[  797.108434][ T5909] usbtouchscreen 4-1:0.214: probe with driver usbtouchscreen failed with error -71
[  797.121080][ T5909] usb 4-1: USB disconnect, device number 51
[  798.314356][T10359] cdc_ether 3-1:1.0: probe with driver cdc_ether failed with error -71
[  798.341074][T10359] usb 3-1: USB disconnect, device number 32
[  798.969295][   T37] kauditd_printk_skb: 40 callbacks suppressed
[  798.969338][   T37] audit: type=1326 audit(1758126026.965:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11735 comm="syz.3.1597" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f26c1a1eba9 code=0x0
[  803.173752][ T9335] usb 4-1: new high-speed USB device number 52 using dummy_hcd
[  803.276673][    C0] vkms_vblank_simulate: vblank timer overrun
[  803.580877][ T9335] usb 4-1: Using ep0 maxpacket: 16
[  803.630345][ T9335] usb 4-1: config 0 has an invalid interface number: 214 but max is 0
[  803.630374][ T9335] usb 4-1: config 0 has no interface number 0
[  803.630425][ T9335] usb 4-1: config 0 interface 214 altsetting 0 endpoint 0x83 has invalid maxpacket 1023, setting to 64
[  803.675920][ T9335] usb 4-1: New USB device found, idVendor=0596, idProduct=0001, bcdDevice= 5.f5
[  803.675938][ T9335] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  803.675947][ T9335] usb 4-1: Product: syz
[  803.675957][ T9335] usb 4-1: Manufacturer: syz
[  803.675964][ T9335] usb 4-1: SerialNumber: syz
[  803.679026][ T9335] usb 4-1: config 0 descriptor??
[  803.783907][    C0] vkms_vblank_simulate: vblank timer overrun
[  804.024861][ T9335] usbtouchscreen 4-1:0.214: Failed to read FW rev: -71
[  804.025159][ T9335] usbtouchscreen 4-1:0.214: probe with driver usbtouchscreen failed with error -71
[  804.054583][T11782] snd_virmidi snd_virmidi.0: control 5:9:32769:syz0:3106 is already present
[  804.096086][ T9335] usb 4-1: USB disconnect, device number 52
[  804.450500][T11789] FAULT_INJECTION: forcing a failure.
[  804.450500][T11789] name failslab, interval 1, probability 0, space 0, times 0
[  804.450532][T11789] CPU: 0 UID: 0 PID: 11789 Comm: syz.2.1613 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  804.450553][T11789] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  804.450564][T11789] Call Trace:
[  804.450571][T11789]  <TASK>
[  804.450579][T11789]  dump_stack_lvl+0x189/0x250
[  804.450607][T11789]  ? __pfx____ratelimit+0x10/0x10
[  804.450636][T11789]  ? __pfx_dump_stack_lvl+0x10/0x10
[  804.450658][T11789]  ? __pfx__printk+0x10/0x10
[  804.450684][T11789]  ? __pfx___might_resched+0x10/0x10
[  804.450707][T11789]  should_fail_ex+0x46c/0x600
[  804.450737][T11789]  should_failslab+0xa8/0x100
[  804.450760][T11789]  __kmalloc_noprof+0xcb/0x430
[  804.450780][T11789]  ? tomoyo_encode+0x28b/0x550
[  804.450803][T11789]  tomoyo_encode+0x28b/0x550
[  804.450829][T11789]  tomoyo_realpath_from_path+0x58d/0x5d0
[  804.450860][T11789]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  804.450878][T11789]  tomoyo_path_number_perm+0x1e8/0x5a0
[  804.450899][T11789]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  804.450922][T11789]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  804.450945][T11789]  ? lockdep_hardirqs_on+0x9c/0x150
[  804.450973][T11789]  ? __lock_acquire+0xab9/0xd20
[  804.451009][T11789]  ? __fget_files+0x2a/0x420
[  804.451032][T11789]  ? __fget_files+0x2a/0x420
[  804.451051][T11789]  ? __fget_files+0x3a6/0x420
[  804.451070][T11789]  ? __fget_files+0x2a/0x420
[  804.451096][T11789]  security_file_ioctl+0xcb/0x2d0
[  804.451118][T11789]  __se_sys_ioctl+0x47/0x170
[  804.451141][T11789]  do_syscall_64+0xfa/0x3b0
[  804.451155][T11789]  ? lockdep_hardirqs_on+0x9c/0x150
[  804.451177][T11789]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  804.451194][T11789]  ? clear_bhb_loop+0x60/0xb0
[  804.451215][T11789]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  804.451238][T11789] RIP: 0033:0x7f37decfeba9
[  804.451255][T11789] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  804.451270][T11789] RSP: 002b:00007f37dcf3d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  804.451290][T11789] RAX: ffffffffffffffda RBX: 00007f37def46090 RCX: 00007f37decfeba9
[  804.451303][T11789] RDX: 0000200000000080 RSI: 00000000c0045627 RDI: 0000000000000003
[  804.451314][T11789] RBP: 00007f37dcf3d090 R08: 0000000000000000 R09: 0000000000000000
[  804.451326][T11789] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  804.451336][T11789] R13: 00007f37def46128 R14: 00007f37def46090 R15: 00007ffdf1f03678
[  804.451366][T11789]  </TASK>
[  804.539548][T11789] ERROR: Out of memory at tomoyo_realpath_from_path.
[  805.651084][  T991] usb 4-1: new high-speed USB device number 53 using dummy_hcd
[  805.903317][  T991] usb 4-1: config 0 has an invalid interface number: 217 but max is 0
[  805.903344][  T991] usb 4-1: config 0 has no interface number 0
[  805.907125][  T991] usb 4-1: New USB device found, idVendor=2304, idProduct=023e, bcdDevice=d7.69
[  805.907152][  T991] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  805.907170][  T991] usb 4-1: Product: syz
[  805.907184][  T991] usb 4-1: Manufacturer: syz
[  805.907198][  T991] usb 4-1: SerialNumber: syz
[  805.974939][  T991] usb 4-1: config 0 descriptor??
[  805.980673][  T991] hub 4-1:0.217: bad descriptor, ignoring hub
[  805.980710][  T991] hub 4-1:0.217: probe with driver hub failed with error -5
[  806.191563][  T991] dvb-usb: found a 'Pinnacle PCTV Hybrid Stick Solo' in warm state.
[  806.216162][  T991] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  806.217952][  T991] dvbdev: DVB: registering new adapter (Pinnacle PCTV Hybrid Stick Solo)
[  806.218011][  T991] usb 4-1: media controller created
[  806.288420][  T991] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  806.597852][    C0] vkms_vblank_simulate: vblank timer overrun
[  806.927782][  T991] DVB: Unable to find symbol dib7000p_attach()
[  806.928014][  T991] dvb-usb: no frontend was attached by 'Pinnacle PCTV Hybrid Stick Solo'
[  807.362898][  T991] rc_core: IR keymap rc-dib0700-rc5 not found
[  807.362920][  T991] Registered IR keymap rc-empty
[  807.363265][  T991] dvb-usb: could not initialize remote control.
[  807.363274][  T991] dvb-usb: Pinnacle PCTV Hybrid Stick Solo successfully initialized and connected.
[  807.613661][T11815] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1619'.
[  807.861611][T10359] usb 4-1: USB disconnect, device number 53
[  808.764520][T10359] dvb-usb: Pinnacle PCTV Hybrid Stick Solo successfully deinitialized and disconnected.
[  809.122237][    C1] vkms_vblank_simulate: vblank timer overrun
[  809.202118][    C1] vkms_vblank_simulate: vblank timer overrun
[  809.328479][    C1] vkms_vblank_simulate: vblank timer overrun
[  810.193968][    C1] vkms_vblank_simulate: vblank timer overrun
[  810.293943][T11815] bond0: (slave bond_slave_1): Releasing backup interface
[  810.447431][    C1] vkms_vblank_simulate: vblank timer overrun
[  810.609497][T11833] random: crng reseeded on system resumption
[  810.813621][T11834] FAULT_INJECTION: forcing a failure.
[  810.813621][T11834] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  810.813652][T11834] CPU: 1 UID: 0 PID: 11834 Comm: syz.1.1625 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  810.813672][T11834] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  810.813682][T11834] Call Trace:
[  810.813689][T11834]  <TASK>
[  810.813696][T11834]  dump_stack_lvl+0x189/0x250
[  810.813723][T11834]  ? __pfx____ratelimit+0x10/0x10
[  810.813751][T11834]  ? __pfx_dump_stack_lvl+0x10/0x10
[  810.813772][T11834]  ? __pfx__printk+0x10/0x10
[  810.813790][T11834]  ? __might_fault+0xb0/0x130
[  810.813825][T11834]  should_fail_ex+0x46c/0x600
[  810.813854][T11834]  _copy_from_user+0x2d/0xb0
[  810.813876][T11834]  kstrtouint_from_user+0xc4/0x170
[  810.813897][T11834]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  810.813930][T11834]  proc_fail_nth_write+0x88/0x200
[  810.813948][T11834]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  810.813970][T11834]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  810.813990][T11834]  vfs_write+0x287/0xb40
[  810.814018][T11834]  ? __pfx_vfs_write+0x10/0x10
[  810.814034][T11834]  ? try_to_take_rt_mutex+0x7fd/0xac0
[  810.814063][T11834]  ? mutex_lock_nested+0x154/0x1d0
[  810.814079][T11834]  ? fdget_pos+0x253/0x320
[  810.814109][T11834]  ksys_write+0x14b/0x260
[  810.814128][T11834]  ? __fget_files+0x3a6/0x420
[  810.814149][T11834]  ? __pfx_ksys_write+0x10/0x10
[  810.814174][T11834]  ? do_syscall_64+0xbe/0x3b0
[  810.814194][T11834]  do_syscall_64+0xfa/0x3b0
[  810.814208][T11834]  ? lockdep_hardirqs_on+0x9c/0x150
[  810.814229][T11834]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  810.814246][T11834]  ? clear_bhb_loop+0x60/0xb0
[  810.814267][T11834]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  810.814282][T11834] RIP: 0033:0x7f68a494d65f
[  810.814297][T11834] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  810.814311][T11834] RSP: 002b:00007f68a2b8d030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  810.814328][T11834] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f68a494d65f
[  810.814340][T11834] RDX: 0000000000000001 RSI: 00007f68a2b8d0a0 RDI: 0000000000000004
[  810.814352][T11834] RBP: 00007f68a2b8d090 R08: 0000000000000000 R09: 0000000000000000
[  810.814361][T11834] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  810.814372][T11834] R13: 00007f68a4b96128 R14: 00007f68a4b96090 R15: 00007ffc443915b8
[  810.814401][T11834]  </TASK>
[  811.304400][T10359] usb 3-1: new high-speed USB device number 33 using dummy_hcd
[  811.360992][ T7197] usb 2-1: new high-speed USB device number 47 using dummy_hcd
[  811.581029][ T5926] usb 4-1: new high-speed USB device number 54 using dummy_hcd
[  811.671018][T10359] usb 3-1: Using ep0 maxpacket: 32
[  811.674994][T10359] usb 3-1: config index 0 descriptor too short (expected 29220, got 36)
[  811.675021][T10359] usb 3-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  811.675040][T10359] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 81
[  811.675078][T10359] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  811.675089][T10359] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  811.675101][T10359] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  811.675125][T10359] usb 3-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  811.675137][T10359] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  811.678413][T10359] usb 3-1: config 0 descriptor??
[  811.801278][    C1] vkms_vblank_simulate: vblank timer overrun
[  811.998271][ T5926] usb 4-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  812.108495][ T5926] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  812.108609][ T5926] usb 4-1: New USB device strings: Mfr=0, Product=16, SerialNumber=1
[  812.108908][ T5926] usb 4-1: Product: syz
[  812.109122][ T5926] usb 4-1: SerialNumber: syz
[  812.282160][ T7197] usb 2-1: Using ep0 maxpacket: 32
[  812.373323][    C1] vkms_vblank_simulate: vblank timer overrun
[  812.567000][T10359] usblp 3-1:0.0: usblp0: USB Bidirectional printer dev 33 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  812.637982][T10359] usb 3-1: USB disconnect, device number 33
[  812.682177][    C1] vkms_vblank_simulate: vblank timer overrun
[  813.075352][    C1] vkms_vblank_simulate: vblank timer overrun
[  813.672920][T10359] usblp0: removed
[  814.001045][T10359] usb 3-1: new high-speed USB device number 34 using dummy_hcd
[  814.005179][    C1] vkms_vblank_simulate: vblank timer overrun
[  814.033443][ T5926] cdc_ether 4-1:1.0: probe with driver cdc_ether failed with error -71
[  814.061179][ T5926] usb 4-1: USB disconnect, device number 54
[  814.151908][T10359] usb 3-1: Using ep0 maxpacket: 32
[  814.154535][T10359] usb 3-1: device descriptor read/all, error -71
[  814.191402][ T1325] ieee802154 phy0 wpan0: encryption failed: -22
[  814.446678][ T6353] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  814.466480][ T6353] hid-generic 0000:0000:0000.000E: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  814.696185][    C1] vkms_vblank_simulate: vblank timer overrun
[  814.898877][    C1] vkms_vblank_simulate: vblank timer overrun
[  815.337420][    C1] vkms_vblank_simulate: vblank timer overrun
[  815.431554][    C1] vkms_vblank_simulate: vblank timer overrun
[  815.473980][ T2154] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  815.563678][ T7197] usb 2-1: unable to get BOS descriptor or descriptor too short
[  815.570889][ T7197] usb 2-1: unable to read config index 0 descriptor/start: -71
[  815.570928][ T7197] usb 2-1: can't read configurations, error -71
[  815.777730][T11881] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1641'.
[  815.882795][    C1] vkms_vblank_simulate: vblank timer overrun
[  817.541165][T11903] ubi: mtd0 is already attached to ubi31
[  817.840942][ T5847] Bluetooth: hci0: unexpected event for opcode 0x0c14
[  821.188431][    C0] vkms_vblank_simulate: vblank timer overrun
[  821.200828][T11911] Bluetooth: hci4: command 0x0406 tx timeout
[  822.185316][    C0] vkms_vblank_simulate: vblank timer overrun
[  822.323604][T11927] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1655'.
[  822.323627][T11927] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1655'.
[  822.408005][T11927] bridge0: port 3(macsec1) entered blocking state
[  822.408219][T11927] bridge0: port 3(macsec1) entered disabled state
[  822.408434][T11927] macsec1: entered allmulticast mode
[  822.549395][    C0] vkms_vblank_simulate: vblank timer overrun
[  822.647444][    C0] vkms_vblank_simulate: vblank timer overrun
[  822.678225][T11933] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1340
[  822.680237][T11927] macsec1: left allmulticast mode
[  822.826468][T11942] libceph: resolve '.
[  822.826468][T11942] #)|.��f��ǝ�a���2s�o�w���?�'�%ЏKAq�f��C���z�e�Sb3L)Hy�o����������Ǥ�Y�M�����h�E$
[  822.826468][T11942] ' (ret=-3): failed
[  823.527005][    C0] vkms_vblank_simulate: vblank timer overrun
[  823.781557][ T9335] usb 2-1: new high-speed USB device number 49 using dummy_hcd
[  824.141027][ T9335] usb 2-1: Using ep0 maxpacket: 8
[  824.147275][ T9335] usb 2-1: unable to get BOS descriptor or descriptor too short
[  824.188408][ T9335] usb 2-1: config 4 has an invalid interface number: 30 but max is 0
[  824.188434][ T9335] usb 2-1: config 4 has no interface number 0
[  824.188470][ T9335] usb 2-1: config 4 interface 30 has no altsetting 0
[  824.199948][ T9335] usb 2-1: string descriptor 0 read error: -22
[  824.200099][ T9335] usb 2-1: New USB device found, idVendor=9022, idProduct=d484, bcdDevice=ff.88
[  824.200120][ T9335] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  824.247548][ T9335] dvb-usb: found a 'TeVii S482 (tuner 2)' in warm state.
[  824.247603][ T9335] dw2102: su3000_power_ctrl: 1, initialized 0
[  824.255025][ T9335] dvb-usb: bulk message failed: -22 (2/0)
[  824.276286][ T9335] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  824.285114][ T9335] dvbdev: DVB: registering new adapter (TeVii S482 (tuner 2))
[  824.285172][ T9335] usb 2-1: media controller created
[  824.295774][ T9335] dvb-usb: bulk message failed: -22 (6/0)
[  824.295797][ T9335] dw2102: i2c transfer failed.
[  824.295820][ T9335] dvb-usb: bulk message failed: -22 (6/0)
[  824.295832][ T9335] dw2102: i2c transfer failed.
[  824.295848][ T9335] dvb-usb: bulk message failed: -22 (6/0)
[  824.295860][ T9335] dw2102: i2c transfer failed.
[  824.295876][ T9335] dvb-usb: bulk message failed: -22 (6/0)
[  824.295887][ T9335] dw2102: i2c transfer failed.
[  824.295902][ T9335] dvb-usb: bulk message failed: -22 (6/0)
[  824.295914][ T9335] dw2102: i2c transfer failed.
[  824.295930][ T9335] dvb-usb: bulk message failed: -22 (6/0)
[  824.295941][ T9335] dw2102: i2c transfer failed.
[  824.295950][ T9335] dvb-usb: MAC address: 02:02:02:02:02:02
[  824.486172][T11933] dw2102: i2c rd: len=65 is too big!
[  824.486172][T11933] 
[  824.503234][ T9335] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  824.627967][ T9335] dvb-usb: bulk message failed: -22 (3/0)
[  824.627987][ T9335] dw2102: command 0x0e transfer failed.
[  824.627995][ T9335] dvb-usb: bulk message failed: -22 (3/0)
[  824.628007][ T9335] dw2102: command 0x0e transfer failed.
[  824.931035][ T9335] dvb-usb: bulk message failed: -22 (3/0)
[  824.931118][ T9335] dw2102: command 0x0e transfer failed.
[  824.931128][ T9335] dvb-usb: bulk message failed: -22 (3/0)
[  824.931141][ T9335] dw2102: command 0x0e transfer failed.
[  824.931150][ T9335] dvb-usb: bulk message failed: -22 (1/0)
[  824.931163][ T9335] dw2102: command 0x51 transfer failed.
[  824.931171][ T9335] dvb-usb: bulk message failed: -22 (5/0)
[  824.931184][ T9335] dw2102: i2c probe for address 0x68 failed.
[  824.931195][ T9335] dvb-usb: bulk message failed: -22 (5/0)
[  824.931207][ T9335] dw2102: i2c probe for address 0x69 failed.
[  824.931217][ T9335] dvb-usb: bulk message failed: -22 (5/0)
[  824.931243][ T9335] dw2102: i2c probe for address 0x6a failed.
[  824.931254][ T9335] dw2102: probing for demodulator failed. Is the external power switched on?
[  824.931264][ T9335] dvb-usb: no frontend was attached by 'TeVii S482 (tuner 2)'
[  825.122107][    C0] vkms_vblank_simulate: vblank timer overrun
[  825.222805][ T9335] rc_core: IR keymap rc-tt-1500 not found
[  825.222827][ T9335] Registered IR keymap rc-empty
[  825.247903][ T9335] rc rc0: TeVii S482 (tuner 2) as /devices/platform/dummy_hcd.1/usb2/2-1/rc/rc0
[  825.261310][ T9335] input: TeVii S482 (tuner 2) as /devices/platform/dummy_hcd.1/usb2/2-1/rc/rc0/input22
[  825.302787][ T9335] dvb-usb: schedule remote query interval to 250 msecs.
[  825.302809][ T9335] dw2102: su3000_power_ctrl: 0, initialized 1
[  825.302822][ T9335] dvb-usb: TeVii S482 (tuner 2) successfully initialized and connected.
[  825.566954][ T9335] dvb-usb: bulk message failed: -22 (1/0)
[  825.566978][ T9335] dw2102: i2c transfer failed.
[  825.578327][T11933] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  825.741893][ T9335] usb 2-1: USB disconnect, device number 49
[  826.599157][    C0] vkms_vblank_simulate: vblank timer overrun
[  826.631436][ T9335] dvb-usb: TeVii S482 (tuner 2) successfully deinitialized and disconnected.
[  826.735168][    C0] vkms_vblank_simulate: vblank timer overrun
[  826.775602][    C0] vkms_vblank_simulate: vblank timer overrun
[  826.841329][    C0] vkms_vblank_simulate: vblank timer overrun
[  826.901965][    C0] vkms_vblank_simulate: vblank timer overrun
[  827.017704][    C0] vkms_vblank_simulate: vblank timer overrun
[  830.400292][ T7197] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[  830.418998][ T7197] hid-generic 0000:0000:0000.000F: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  830.797820][T12004] netlink: 'syz.4.1676': attribute type 29 has an invalid length.
[  830.871259][T12005] netlink: 'syz.4.1676': attribute type 29 has an invalid length.
[  831.535248][T12007] cgroup: fork rejected by pids controller in /syz3
[  834.660983][ T6028] usb 4-1: new high-speed USB device number 55 using dummy_hcd
[  834.815413][ T6028] usb 4-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[  834.815442][ T6028] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  834.852268][ T6028] usb 4-1: config 0 descriptor??
[  836.070497][ T6028] usb 4-1: Cannot read MAC address
[  836.076235][ T6028] MOSCHIP usb-ethernet driver 4-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71
[  836.108498][ T6028] usb 4-1: USB disconnect, device number 55
[  836.700899][ T5909] usb 2-1: new high-speed USB device number 50 using dummy_hcd
[  836.853507][ T5909] usb 2-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config
[  836.853567][ T5909] usb 2-1: config 2 interface 0 altsetting 178 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  836.853593][ T5909] usb 2-1: config 2 interface 0 has no altsetting 0
[  836.858683][ T5909] usb 2-1: New USB device found, idVendor=04d8, idProduct=0083, bcdDevice=da.47
[  836.858710][ T5909] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  836.858728][ T5909] usb 2-1: Product: syz
[  836.858740][ T5909] usb 2-1: Manufacturer: syz
[  836.858753][ T5909] usb 2-1: SerialNumber: syz
[  842.982513][ T5952] usb 2-1: USB disconnect, device number 50
[  843.101078][ T5909] usb 4-1: new high-speed USB device number 56 using dummy_hcd
[  843.853270][ T5909] usb 4-1: config 0 has no interfaces?
[  844.329407][ T5909] usb 4-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  844.329435][ T5909] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  844.329454][ T5909] usb 4-1: Product: syz
[  844.329467][ T5909] usb 4-1: Manufacturer: syz
[  844.329479][ T5909] usb 4-1: SerialNumber: syz
[  844.398816][ T5909] usb 4-1: config 0 descriptor??
[  844.587607][ T5909] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  844.633520][ T5952] usb 4-1: USB disconnect, device number 56
[  844.650556][ T5909] hid-generic 0000:0000:0000.0010: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  846.482318][T12174] FAULT_INJECTION: forcing a failure.
[  846.482318][T12174] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  846.482467][T12174] CPU: 1 UID: 0 PID: 12174 Comm: syz.3.1716 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  846.482489][T12174] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  846.482500][T12174] Call Trace:
[  846.482507][T12174]  <TASK>
[  846.482515][T12174]  dump_stack_lvl+0x189/0x250
[  846.482542][T12174]  ? __pfx____ratelimit+0x10/0x10
[  846.482567][T12174]  ? __pfx_dump_stack_lvl+0x10/0x10
[  846.482589][T12174]  ? __pfx__printk+0x10/0x10
[  846.482621][T12174]  should_fail_ex+0x46c/0x600
[  846.482649][T12174]  _copy_to_user+0x31/0xb0
[  846.482672][T12174]  __x64_sys_clock_adjtime+0x21b/0x2b0
[  846.482698][T12174]  ? __pfx___x64_sys_clock_adjtime+0x10/0x10
[  846.482762][T12174]  do_syscall_64+0xfa/0x3b0
[  846.482780][T12174]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  846.482796][T12174]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  846.482812][T12174]  ? clear_bhb_loop+0x60/0xb0
[  846.482833][T12174]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  846.482849][T12174] RIP: 0033:0x7f26c1a1eba9
[  846.482865][T12174] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  846.482879][T12174] RSP: 002b:00007f26bfc44038 EFLAGS: 00000246 ORIG_RAX: 0000000000000131
[  846.482899][T12174] RAX: ffffffffffffffda RBX: 00007f26c1c66180 RCX: 00007f26c1a1eba9
[  846.482912][T12174] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000000
[  846.482924][T12174] RBP: 00007f26bfc44090 R08: 0000000000000000 R09: 0000000000000000
[  846.482935][T12174] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  846.482945][T12174] R13: 00007f26c1c66218 R14: 00007f26c1c66180 R15: 00007fff9f6aa2f8
[  846.482974][T12174]  </TASK>
[  847.032839][ T6608] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  850.274543][T12215] FAULT_INJECTION: forcing a failure.
[  850.274543][T12215] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  850.274576][T12215] CPU: 0 UID: 0 PID: 12215 Comm: syz.1.1729 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  850.274597][T12215] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  850.274609][T12215] Call Trace:
[  850.274616][T12215]  <TASK>
[  850.274624][T12215]  dump_stack_lvl+0x189/0x250
[  850.274651][T12215]  ? __pfx____ratelimit+0x10/0x10
[  850.274676][T12215]  ? __pfx_dump_stack_lvl+0x10/0x10
[  850.274772][T12215]  ? __pfx__printk+0x10/0x10
[  850.274796][T12215]  ? __might_fault+0xb0/0x130
[  850.274833][T12215]  should_fail_ex+0x46c/0x600
[  850.274864][T12215]  _copy_from_iter+0x1de/0x1790
[  850.274900][T12215]  ? __pfx__copy_from_iter+0x10/0x10
[  850.274918][T12215]  ? file_tty_write+0x2e8/0xa30
[  850.274943][T12215]  ? file_tty_write+0x329/0xa30
[  850.274966][T12215]  ? rcu_is_watching+0x15/0xb0
[  850.274988][T12215]  ? file_tty_write+0x329/0xa30
[  850.275010][T12215]  ? kfree+0x4d/0x550
[  850.275036][T12215]  file_tty_write+0x4c5/0xa30
[  850.275070][T12215]  vfs_write+0x5d2/0xb40
[  850.275097][T12215]  ? __pfx_tty_write+0x10/0x10
[  850.275121][T12215]  ? __pfx_vfs_write+0x10/0x10
[  850.275153][T12215]  ? __fget_files+0x2a/0x420
[  850.275186][T12215]  ksys_write+0x14b/0x260
[  850.275209][T12215]  ? __pfx_ksys_write+0x10/0x10
[  850.275227][T12215]  ? rcu_is_watching+0x15/0xb0
[  850.275255][T12215]  ? do_syscall_64+0xbe/0x3b0
[  850.275277][T12215]  do_syscall_64+0xfa/0x3b0
[  850.275295][T12215]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  850.275312][T12215]  ? asm_sysvec_irq_work+0x1a/0x20
[  850.275328][T12215]  ? clear_bhb_loop+0x60/0xb0
[  850.275350][T12215]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  850.275368][T12215] RIP: 0033:0x7f68a494eba9
[  850.275385][T12215] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  850.275400][T12215] RSP: 002b:00007f68a2b6c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  850.275419][T12215] RAX: ffffffffffffffda RBX: 00007f68a4b96180 RCX: 00007f68a494eba9
[  850.275432][T12215] RDX: 0000000000001006 RSI: 00002000000030c0 RDI: 0000000000000006
[  850.275443][T12215] RBP: 00007f68a2b6c090 R08: 0000000000000000 R09: 0000000000000000
[  850.275477][T12215] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  850.275488][T12215] R13: 00007f68a4b96218 R14: 00007f68a4b96180 R15: 00007ffc443915b8
[  850.275520][T12215]  </TASK>
[  852.733738][T12232] FAULT_INJECTION: forcing a failure.
[  852.733738][T12232] name failslab, interval 1, probability 0, space 0, times 0
[  852.733771][T12232] CPU: 1 UID: 0 PID: 12232 Comm: syz.3.1734 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  852.733791][T12232] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  852.733802][T12232] Call Trace:
[  852.733809][T12232]  <TASK>
[  852.733817][T12232]  dump_stack_lvl+0x189/0x250
[  852.733845][T12232]  ? __pfx____ratelimit+0x10/0x10
[  852.733870][T12232]  ? __pfx_dump_stack_lvl+0x10/0x10
[  852.733893][T12232]  ? __pfx__printk+0x10/0x10
[  852.733908][T12232]  ? reacquire_held_locks+0x127/0x1d0
[  852.733936][T12232]  ? __pfx_migrate_enable+0x10/0x10
[  852.733965][T12232]  should_fail_ex+0x46c/0x600
[  852.733992][T12232]  ? __alloc_skb+0x112/0x2d0
[  852.734014][T12232]  should_failslab+0xa8/0x100
[  852.734037][T12232]  ? __alloc_skb+0x112/0x2d0
[  852.734055][T12232]  kmem_cache_alloc_node_noprof+0x77/0x330
[  852.734086][T12232]  __alloc_skb+0x112/0x2d0
[  852.734112][T12232]  rose_write_internal+0x100/0x1ac0
[  852.734134][T12232]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  852.734155][T12232]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  852.734184][T12232]  ? __pfx_rose_write_internal+0x10/0x10
[  852.734204][T12232]  ? rose_route_free_lci+0x140/0x170
[  852.734224][T12232]  ? rose_connect+0x69c/0x10a0
[  852.734253][T12232]  rose_connect+0x909/0x10a0
[  852.734289][T12232]  ? __pfx_rose_connect+0x10/0x10
[  852.734315][T12232]  ? tomoyo_socket_connect_permission+0x164/0x290
[  852.734356][T12232]  ? bpf_lsm_socket_connect+0x9/0x20
[  852.734378][T12232]  __sys_connect+0x323/0x450
[  852.734404][T12232]  ? __pfx___sys_connect+0x10/0x10
[  852.734440][T12232]  ? __pfx_ksys_write+0x10/0x10
[  852.734458][T12232]  ? rcu_is_watching+0x15/0xb0
[  852.734490][T12232]  __x64_sys_connect+0x7a/0x90
[  852.734513][T12232]  do_syscall_64+0xfa/0x3b0
[  852.734529][T12232]  ? lockdep_hardirqs_on+0x9c/0x150
[  852.734551][T12232]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  852.734569][T12232]  ? clear_bhb_loop+0x60/0xb0
[  852.734589][T12232]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  852.734605][T12232] RIP: 0033:0x7f26c1a1eba9
[  852.734621][T12232] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  852.734636][T12232] RSP: 002b:00007f26bfc86038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  852.734655][T12232] RAX: ffffffffffffffda RBX: 00007f26c1c65fa0 RCX: 00007f26c1a1eba9
[  852.734668][T12232] RDX: 0000000000000040 RSI: 0000200000000100 RDI: 000000000000000a
[  852.734679][T12232] RBP: 00007f26bfc86090 R08: 0000000000000000 R09: 0000000000000000
[  852.734690][T12232] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  852.734705][T12232] R13: 00007f26c1c66038 R14: 00007f26c1c65fa0 R15: 00007fff9f6aa2f8
[  852.734736][T12232]  </TASK>
[  853.750844][ T9335] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0
[  853.756417][ T9335] hid-generic 0000:0000:0000.0011: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  853.892970][T12243] netlink: 755 bytes leftover after parsing attributes in process `syz.4.1738'.
[  854.271233][ T9335] usb 4-1: new high-speed USB device number 57 using dummy_hcd
[  854.294444][T12257] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1743'.
[  854.623763][ T9335] usb 4-1: Using ep0 maxpacket: 32
[  854.626204][ T9335] usb 4-1: config 0 has an invalid interface number: 123 but max is 0
[  854.626230][ T9335] usb 4-1: config 0 has an invalid descriptor of length 48, skipping remainder of the config
[  854.626247][ T9335] usb 4-1: config 0 has no interface number 0
[  854.628614][ T9335] usb 4-1: New USB device found, idVendor=20df, idProduct=0001, bcdDevice=97.6d
[  854.628640][ T9335] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  854.628659][ T9335] usb 4-1: Product: syz
[  854.628671][ T9335] usb 4-1: Manufacturer: syz
[  854.628684][ T9335] usb 4-1: SerialNumber: syz
[  854.649664][ T9335] usb 4-1: config 0 descriptor??
[  855.225370][ T9335] cdc_acm 4-1:0.123: More than one union descriptor, skipping ...
[  855.225705][ T9335] cdc_acm 4-1:0.123: skipping garbage
[  855.400938][ T9335] usb 4-1: USB disconnect, device number 57
[  855.476038][T12267] program syz.1.1747 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  861.909506][T12324] FAULT_INJECTION: forcing a failure.
[  861.909506][T12324] name failslab, interval 1, probability 0, space 0, times 0
[  861.909538][T12324] CPU: 0 UID: 0 PID: 12324 Comm: syz.2.1765 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  861.909558][T12324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  861.909569][T12324] Call Trace:
[  861.909577][T12324]  <TASK>
[  861.909585][T12324]  dump_stack_lvl+0x189/0x250
[  861.909613][T12324]  ? __pfx____ratelimit+0x10/0x10
[  861.909667][T12324]  ? __pfx_dump_stack_lvl+0x10/0x10
[  861.909690][T12324]  ? __pfx__printk+0x10/0x10
[  861.909716][T12324]  ? __pfx___might_resched+0x10/0x10
[  861.909735][T12324]  ? fs_reclaim_acquire+0x7d/0x100
[  861.909757][T12324]  should_fail_ex+0x46c/0x600
[  861.909787][T12324]  should_failslab+0xa8/0x100
[  861.909812][T12324]  __kmalloc_cache_noprof+0x6e/0x320
[  861.909831][T12324]  ? rolling_buffer_init+0x59/0x240
[  861.909853][T12324]  rolling_buffer_init+0x59/0x240
[  861.909875][T12324]  netfs_create_write_req+0x292/0x6c0
[  861.909897][T12324]  netfs_unbuffered_write_iter_locked+0x128/0x6f0
[  861.909931][T12324]  netfs_unbuffered_write_iter+0x4c7/0x660
[  861.909963][T12324]  vfs_write+0x5d2/0xb40
[  861.909989][T12324]  ? __pfx_v9fs_file_write_iter+0x10/0x10
[  861.910011][T12324]  ? __pfx_vfs_write+0x10/0x10
[  861.910028][T12324]  ? try_to_take_rt_mutex+0x7fd/0xac0
[  861.910060][T12324]  ? mutex_lock_nested+0x154/0x1d0
[  861.910078][T12324]  ? fdget_pos+0x253/0x320
[  861.910109][T12324]  ksys_write+0x14b/0x260
[  861.910132][T12324]  ? __pfx_ksys_write+0x10/0x10
[  861.910149][T12324]  ? rcu_is_watching+0x15/0xb0
[  861.910179][T12324]  ? do_syscall_64+0xbe/0x3b0
[  861.910200][T12324]  do_syscall_64+0xfa/0x3b0
[  861.910214][T12324]  ? lockdep_hardirqs_on+0x9c/0x150
[  861.910237][T12324]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  861.910254][T12324]  ? clear_bhb_loop+0x60/0xb0
[  861.910275][T12324]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  861.910292][T12324] RIP: 0033:0x7f37decfeba9
[  861.910307][T12324] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  861.910322][T12324] RSP: 002b:00007f37dcf5e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  861.910342][T12324] RAX: ffffffffffffffda RBX: 00007f37def45fa0 RCX: 00007f37decfeba9
[  861.910355][T12324] RDX: 0000000000020000 RSI: 0000200000000100 RDI: 0000000000000006
[  861.910367][T12324] RBP: 00007f37dcf5e090 R08: 0000000000000000 R09: 0000000000000000
[  861.910378][T12324] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  861.910389][T12324] R13: 00007f37def46038 R14: 00007f37def45fa0 R15: 00007ffdf1f03678
[  861.910421][T12324]  </TASK>
[  862.329554][T12329] netlink: 240 bytes leftover after parsing attributes in process `syz.4.1766'.
[  863.660993][ T7197] usb 4-1: new high-speed USB device number 58 using dummy_hcd
[  863.855662][ T7197] usb 4-1: New USB device found, idVendor=0c45, idProduct=60a8, bcdDevice=b5.55
[  863.855692][ T7197] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  863.855710][ T7197] usb 4-1: Product: syz
[  863.855722][ T7197] usb 4-1: Manufacturer: syz
[  863.855735][ T7197] usb 4-1: SerialNumber: syz
[  863.913501][ T7197] usb 4-1: config 0 descriptor??
[  863.919157][ T7197] gspca_main: sonixb-2.14.0 probing 0c45:60a8
[  864.156018][T12337] FAULT_INJECTION: forcing a failure.
[  864.156018][T12337] name failslab, interval 1, probability 0, space 0, times 0
[  864.156040][T12337] CPU: 0 UID: 0 PID: 12337 Comm: syz.3.1769 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  864.156052][T12337] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  864.156059][T12337] Call Trace:
[  864.156066][T12337]  <TASK>
[  864.156070][T12337]  dump_stack_lvl+0x189/0x250
[  864.156089][T12337]  ? __pfx____ratelimit+0x10/0x10
[  864.156104][T12337]  ? __pfx_dump_stack_lvl+0x10/0x10
[  864.156118][T12337]  ? __pfx__printk+0x10/0x10
[  864.156132][T12337]  ? __pfx___might_resched+0x10/0x10
[  864.156146][T12337]  should_fail_ex+0x46c/0x600
[  864.156163][T12337]  should_failslab+0xa8/0x100
[  864.156177][T12337]  __kmalloc_noprof+0xcb/0x430
[  864.156190][T12337]  ? tomoyo_encode+0x28b/0x550
[  864.156206][T12337]  tomoyo_encode+0x28b/0x550
[  864.156222][T12337]  tomoyo_realpath_from_path+0x58d/0x5d0
[  864.156241][T12337]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  864.156252][T12337]  tomoyo_path_number_perm+0x1e8/0x5a0
[  864.156265][T12337]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  864.156278][T12337]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  864.156294][T12337]  ? lockdep_hardirqs_on+0x9c/0x150
[  864.156311][T12337]  ? __lock_acquire+0xab9/0xd20
[  864.156335][T12337]  ? __fget_files+0x2a/0x420
[  864.156351][T12337]  ? __fget_files+0x2a/0x420
[  864.156363][T12337]  ? __fget_files+0x3a6/0x420
[  864.156375][T12337]  ? __fget_files+0x2a/0x420
[  864.156390][T12337]  security_file_ioctl+0xcb/0x2d0
[  864.156404][T12337]  __se_sys_ioctl+0x47/0x170
[  864.156416][T12337]  do_syscall_64+0xfa/0x3b0
[  864.156425][T12337]  ? lockdep_hardirqs_on+0x9c/0x150
[  864.156438][T12337]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  864.156448][T12337]  ? clear_bhb_loop+0x60/0xb0
[  864.156460][T12337]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  864.156469][T12337] RIP: 0033:0x7f26c1a1eba9
[  864.156479][T12337] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  864.156487][T12337] RSP: 002b:00007f26bfc86038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  864.156499][T12337] RAX: ffffffffffffffda RBX: 00007f26c1c65fa0 RCX: 00007f26c1a1eba9
[  864.156506][T12337] RDX: 0000000000000000 RSI: 0000000000005001 RDI: 0000000000000004
[  864.156512][T12337] RBP: 00007f26bfc86090 R08: 0000000000000000 R09: 0000000000000000
[  864.156518][T12337] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  864.156524][T12337] R13: 00007f26c1c66038 R14: 00007f26c1c65fa0 R15: 00007fff9f6aa2f8
[  864.156540][T12337]  </TASK>
[  864.159259][T12337] ERROR: Out of memory at tomoyo_realpath_from_path.
[  864.432418][ T7197] sonixb 4-1:0.0: Error reading register 00: -110
[  864.465558][ T9335] usb 4-1: USB disconnect, device number 58
[  864.509210][T12349] 9pnet_fd: Insufficient options for proto=fd
[  869.954708][T12392] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1786'.
[  870.896655][ T7197] IPVS: starting estimator thread 0...
[  871.032810][T12408] IPVS: using max 13 ests per chain, 31200 per kthread
[  872.540899][T12443] ceph: No mds server is up or the cluster is laggy
[  872.696274][T12451] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  872.696292][T12451] IPv6: NLM_F_CREATE should be set when creating new route
[  872.696351][T12451] IPv6: NLM_F_CREATE should be set when creating new route
[  872.696384][T12451] IPv6: NLM_F_CREATE should be set when creating new route
[  873.548975][T12473] netlink: 684 bytes leftover after parsing attributes in process `syz.0.1816'.
[  873.548997][T12473] openvswitch: netlink: Flow key attr not present in new flow.
[  873.822384][T12481] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  874.273712][T12495] veth0_to_team: mtu less than device minimum
[  875.803901][ T1325] ieee802154 phy0 wpan0: encryption failed: -22
[  876.027814][    C1] IPv4: Oversized IP packet from 172.20.20.24
[  878.074121][ T9335] usb 4-1: new high-speed USB device number 59 using dummy_hcd
[  878.774624][ T9335] usb 4-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  878.776920][ T9335] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  878.776946][ T9335] usb 4-1: New USB device strings: Mfr=0, Product=16, SerialNumber=1
[  878.776964][ T9335] usb 4-1: Product: syz
[  878.776978][ T9335] usb 4-1: SerialNumber: syz
[  880.015079][ T1304] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  881.977626][ T9335] cdc_ether 4-1:1.0: probe with driver cdc_ether failed with error -71
[  882.030185][ T9335] usb 4-1: USB disconnect, device number 59
[  883.373711][T11911] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  883.404801][T11911] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  883.407325][T11911] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  883.408826][T11911] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  883.410290][T11911] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  885.285519][T12590] FAULT_INJECTION: forcing a failure.
[  885.285519][T12590] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  885.285543][T12590] CPU: 1 UID: 0 PID: 12590 Comm: syz.1.1857 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  885.285555][T12590] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  885.285561][T12590] Call Trace:
[  885.285566][T12590]  <TASK>
[  885.285570][T12590]  dump_stack_lvl+0x189/0x250
[  885.285589][T12590]  ? __pfx____ratelimit+0x10/0x10
[  885.285604][T12590]  ? __pfx_dump_stack_lvl+0x10/0x10
[  885.285617][T12590]  ? __pfx__printk+0x10/0x10
[  885.285636][T12590]  should_fail_ex+0x46c/0x600
[  885.285656][T12590]  _copy_to_user+0x31/0xb0
[  885.285670][T12590]  simple_read_from_buffer+0xe1/0x170
[  885.285686][T12590]  proc_fail_nth_read+0x1b6/0x220
[  885.285699][T12590]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  885.285710][T12590]  ? rw_verify_area+0x2ac/0x4e0
[  885.285722][T12590]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  885.285732][T12590]  vfs_read+0x203/0xa30
[  885.285749][T12590]  ? __pfx_vfs_read+0x10/0x10
[  885.285758][T12590]  ? try_to_take_rt_mutex+0x7fd/0xac0
[  885.285775][T12590]  ? mutex_lock_nested+0x154/0x1d0
[  885.285785][T12590]  ? fdget_pos+0x253/0x320
[  885.285803][T12590]  ksys_read+0x14b/0x260
[  885.285816][T12590]  ? __pfx_ksys_read+0x10/0x10
[  885.285830][T12590]  ? do_syscall_64+0xbe/0x3b0
[  885.285841][T12590]  do_syscall_64+0xfa/0x3b0
[  885.285849][T12590]  ? lockdep_hardirqs_on+0x9c/0x150
[  885.285863][T12590]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  885.285872][T12590]  ? clear_bhb_loop+0x60/0xb0
[  885.285933][T12590]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  885.285942][T12590] RIP: 0033:0x7f68a494d5bc
[  885.285952][T12590] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  885.285960][T12590] RSP: 002b:00007f68a2bae030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  885.285971][T12590] RAX: ffffffffffffffda RBX: 00007f68a4b95fa0 RCX: 00007f68a494d5bc
[  885.285979][T12590] RDX: 000000000000000f RSI: 00007f68a2bae0a0 RDI: 0000000000000004
[  885.285985][T12590] RBP: 00007f68a2bae090 R08: 0000000000000000 R09: 0000000000000000
[  885.285992][T12590] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  885.285997][T12590] R13: 00007f68a4b96038 R14: 00007f68a4b95fa0 R15: 00007ffc443915b8
[  885.286014][T12590]  </TASK>
[  885.540908][ T5847] Bluetooth: hci5: command tx timeout
[  886.851259][T12575] chnl_net:caif_netlink_parms(): no params data found
[  886.860984][ T9335] usb 2-1: new high-speed USB device number 51 using dummy_hcd
[  887.014825][ T9335] usb 2-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  887.038843][ T9335] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  887.038871][ T9335] usb 2-1: New USB device strings: Mfr=0, Product=16, SerialNumber=1
[  887.038889][ T9335] usb 2-1: Product: syz
[  887.038901][ T9335] usb 2-1: SerialNumber: syz
[  887.190927][ T7197] usb 4-1: new high-speed USB device number 60 using dummy_hcd
[  887.374715][ T7197] usb 4-1: New USB device found, idVendor=0547, idProduct=0201, bcdDevice=11.64
[  887.374744][ T7197] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  887.374761][ T7197] usb 4-1: Product: syz
[  887.374773][ T7197] usb 4-1: Manufacturer: syz
[  887.374784][ T7197] usb 4-1: SerialNumber: syz
[  887.387145][ T7197] usb 4-1: config 0 descriptor??
[  887.436662][ T7197] dvb-usb: found a 'Nebula Electronics uDigiTV DVB-T USB2.0)' in warm state.
[  887.447092][ T7197] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  887.449194][ T7197] dvbdev: DVB: registering new adapter (Nebula Electronics uDigiTV DVB-T USB2.0))
[  887.449252][ T7197] usb 4-1: media controller created
[  887.514905][ T7197] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  887.630943][ T5847] Bluetooth: hci5: command tx timeout
[  887.660363][T12575] bridge0: port 1(bridge_slave_0) entered blocking state
[  887.662114][T12575] bridge0: port 1(bridge_slave_0) entered disabled state
[  887.663477][T12575] bridge_slave_0: entered allmulticast mode
[  888.743729][T12575] bridge_slave_0: entered promiscuous mode
[  888.842547][T12610] digitv: more than 2 i2c messages at a time is not handled yet. TODO.
[  888.871522][ T7197] DVB: Unable to find symbol mt352_attach()
[  888.899001][T12575] bridge0: port 2(bridge_slave_1) entered blocking state
[  888.899137][T12575] bridge0: port 2(bridge_slave_1) entered disabled state
[  888.899402][T12575] bridge_slave_1: entered allmulticast mode
[  888.937039][T12575] bridge_slave_1: entered promiscuous mode
[  889.289168][T12624] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1866'.
[  889.289193][T12624] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1866'.
[  889.290201][ T7197] DVB: Unable to find symbol nxt6000_attach()
[  889.290212][ T7197] dvb-usb: no frontend was attached by 'Nebula Electronics uDigiTV DVB-T USB2.0)'
[  889.332047][ T7197] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb4/4-1/input/input23
[  889.467892][ T7197] dvb-usb: schedule remote query interval to 1000 msecs.
[  889.467914][ T7197] dvb-usb: Nebula Electronics uDigiTV DVB-T USB2.0) successfully initialized and connected.
[  889.467931][ T7197] dvb-usb: bulk message failed: -22 (7/0)
[  889.467947][ T7197] dvb-usb: bulk message failed: -22 (7/0)
[  889.504373][ T7197] usb 4-1: USB disconnect, device number 60
[  890.388578][ T5847] Bluetooth: hci5: command tx timeout
[  890.423971][ T9335] cdc_ether 2-1:1.0: probe with driver cdc_ether failed with error -71
[  890.442537][ T9335] usb 2-1: USB disconnect, device number 51
[  891.298956][T12575] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  891.336034][T12575] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  891.420115][ T7197] dvb-usb: Nebula Electronics uDigiTV DVB-T USB2.0 successfully deinitialized and disconnected.
[  892.436831][ T5847] Bluetooth: hci5: command tx timeout
[  893.089879][T12575] team0: Port device team_slave_0 added
[  893.103841][T12575] team0: Port device team_slave_1 added
[  894.360199][ T9335] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  895.323192][ T9335] hid-generic 0000:0000:0000.0012: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  896.902366][T12575] batman_adv: batadv0: Adding interface: batadv_slave_0
[  896.902383][T12575] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  896.902407][T12575] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  897.152571][T12575] batman_adv: batadv0: Adding interface: batadv_slave_1
[  897.152619][T12575] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  897.152673][T12575] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  898.403566][T12693] ceph: No mds server is up or the cluster is laggy
[  899.536508][T12575] hsr_slave_0: entered promiscuous mode
[  899.537829][T12575] hsr_slave_1: entered promiscuous mode
[  899.538706][T12575] debugfs: 'hsr0' already exists in 'hsr'
[  899.538728][T12575] Cannot create hsr debugfs directory
[  902.241357][T12722] overlayfs: failed to clone upperpath
[  902.459215][T12734] bridge_slave_0: vlans aren't supported yet for dev_uc|mc_add()
[  902.510924][ T5926] usb 4-1: new full-speed USB device number 61 using dummy_hcd
[  902.667078][ T5926] usb 4-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  902.667105][ T5926] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  902.730113][T12575] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  902.753023][ T5926] usb 4-1: config 0 descriptor??
[  902.787304][T12575] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  902.818714][T12575] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  902.853904][T12575] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  902.974689][ T5926] udl 4-1:0.0: [drm] Unrecognized vendor firmware descriptor
[  903.410774][ T5926] [drm:udl_init] *ERROR* Selecting channel failed
[  903.518638][ T5926] [drm] Initialized udl 0.0.1 for 4-1:0.0 on minor 2
[  903.518661][ T5926] [drm] Initialized udl on minor 2
[  903.582600][ T5926] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  903.648064][ T5926] udl 4-1:0.0: [drm] Cannot find any crtc or sizes
[  903.677960][ T5926] usb 4-1: USB disconnect, device number 61
[  903.696234][T12575] 8021q: adding VLAN 0 to HW filter on device bond0
[  903.711220][ T6889] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  903.724037][ T6889] udl 4-1:0.0: [drm] Cannot find any crtc or sizes
[  903.856918][T12744] netlink: 'syz.4.1901': attribute type 11 has an invalid length.
[  903.914426][T12575] 8021q: adding VLAN 0 to HW filter on device team0
[  903.991379][ T7668] bridge0: port 1(bridge_slave_0) entered blocking state
[  903.991653][ T7668] bridge0: port 1(bridge_slave_0) entered forwarding state
[  904.066857][ T4588] bridge0: port 2(bridge_slave_1) entered blocking state
[  904.075678][ T4588] bridge0: port 2(bridge_slave_1) entered forwarding state
[  906.323964][T12575] 8021q: adding VLAN 0 to HW filter on device batadv0
[  907.322739][   T37] audit: type=1326 audit(1758126136.330:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12771 comm="syz.3.1908" exe="/root/syz-executor" sig=31 arch=c000003e syscall=317 compat=0 ip=0x7f26c1a1eba9 code=0x0
[  907.332461][T12777] netlink: 'syz.0.1909': attribute type 2 has an invalid length.
[  907.332487][T12777] netlink: 52 bytes leftover after parsing attributes in process `syz.0.1909'.
[  907.442888][   T37] audit: type=1800 audit(1758126136.390:146): pid=12772 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.3.1908" name="regulatory.db" dev="sda1" ino=448 res=0 errno=0
[  907.466728][T12772] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -12
[  907.466786][T12772] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -12
[  907.466803][T12772] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  907.616232][T12772] syz.3.1908 (12772) used greatest stack depth: 17944 bytes left
[  907.952708][T12575] veth0_vlan: entered promiscuous mode
[  907.990248][T12575] veth1_vlan: entered promiscuous mode
[  908.151477][T12575] veth0_macvtap: entered promiscuous mode
[  908.157511][T12575] veth1_macvtap: entered promiscuous mode
[  908.198135][T12575] batman_adv: batadv0: Interface activated: batadv_slave_0
[  908.253601][T12575] batman_adv: batadv0: Interface activated: batadv_slave_1
[  908.292729][ T6607] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  908.301969][ T6607] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  908.343085][ T6607] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  908.379512][ T6607] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  909.230152][ T6608] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  909.230172][ T6608] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  909.368443][ T6608] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  909.368464][ T6608] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  911.071036][ T6889] usb 2-1: new high-speed USB device number 52 using dummy_hcd
[  911.250773][ T6889] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  911.250889][ T6889] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  911.250982][ T6889] usb 2-1: New USB device found, idVendor=04b4, idProduct=de61, bcdDevice= 0.00
[  911.251005][ T6889] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  911.759595][ T6299] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  911.777906][ T6889] usb 2-1: config 0 descriptor??
[  912.910220][ T6889] cypress 0003:04B4:DE61.0013: unknown main item tag 0x0
[  912.910656][ T6889] cypress 0003:04B4:DE61.0013: unknown main item tag 0x0
[  912.965180][ T6889] cypress 0003:04B4:DE61.0013: unknown main item tag 0x0
[  913.503405][T12821] FAULT_INJECTION: forcing a failure.
[  913.503405][T12821] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  913.503438][T12821] CPU: 0 UID: 0 PID: 12821 Comm: syz.3.1919 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  913.503459][T12821] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  913.503471][T12821] Call Trace:
[  913.503480][T12821]  <TASK>
[  913.503490][T12821]  dump_stack_lvl+0x189/0x250
[  913.503519][T12821]  ? __pfx____ratelimit+0x10/0x10
[  913.503544][T12821]  ? __pfx_dump_stack_lvl+0x10/0x10
[  913.503568][T12821]  ? __pfx__printk+0x10/0x10
[  913.503603][T12821]  should_fail_ex+0x46c/0x600
[  913.503633][T12821]  _copy_to_user+0x31/0xb0
[  913.503657][T12821]  simple_read_from_buffer+0xe1/0x170
[  913.503685][T12821]  proc_fail_nth_read+0x1b6/0x220
[  913.503706][T12821]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  913.503729][T12821]  ? rw_verify_area+0x2ac/0x4e0
[  913.503749][T12821]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  913.503768][T12821]  vfs_read+0x203/0xa30
[  913.503799][T12821]  ? __pfx_vfs_read+0x10/0x10
[  913.503815][T12821]  ? try_to_take_rt_mutex+0x7fd/0xac0
[  913.503846][T12821]  ? mutex_lock_nested+0x154/0x1d0
[  913.503864][T12821]  ? fdget_pos+0x253/0x320
[  913.503895][T12821]  ksys_read+0x14b/0x260
[  913.503918][T12821]  ? __pfx_ksys_read+0x10/0x10
[  913.503945][T12821]  ? do_syscall_64+0xbe/0x3b0
[  913.503974][T12821]  do_syscall_64+0xfa/0x3b0
[  913.503989][T12821]  ? lockdep_hardirqs_on+0x9c/0x150
[  913.504012][T12821]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  913.504030][T12821]  ? clear_bhb_loop+0x60/0xb0
[  913.504052][T12821]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  913.504070][T12821] RIP: 0033:0x7f26c1a1d5bc
[  913.504086][T12821] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  913.504100][T12821] RSP: 002b:00007f26bfc44030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  913.504120][T12821] RAX: ffffffffffffffda RBX: 00007f26c1c66180 RCX: 00007f26c1a1d5bc
[  913.504133][T12821] RDX: 000000000000000f RSI: 00007f26bfc440a0 RDI: 0000000000000007
[  913.504145][T12821] RBP: 00007f26bfc44090 R08: 0000000000000000 R09: 0000000000000000
[  913.504156][T12821] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  913.504167][T12821] R13: 00007f26c1c66218 R14: 00007f26c1c66180 R15: 00007fff9f6aa2f8
[  913.504199][T12821]  </TASK>
[  913.912173][ T6889] cypress 0003:04B4:DE61.0013: hidraw0: USB HID v0.00 Device [HID 04b4:de61] on usb-dummy_hcd.1-1/input0
[  915.459359][ T5926] usb 2-1: USB disconnect, device number 52
[  919.292047][   T37] audit: type=1326 audit(1758126148.310:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12873 comm="syz.5.1936" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83459eeba9 code=0x7ffc0000
[  919.292433][   T37] audit: type=1326 audit(1758126148.310:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12873 comm="syz.5.1936" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83459eeba9 code=0x7ffc0000
[  919.352931][   T37] audit: type=1326 audit(1758126148.360:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12873 comm="syz.5.1936" exe="/root/syz-executor" sig=0 arch=c000003e syscall=116 compat=0 ip=0x7f83459eeba9 code=0x7ffc0000
[  919.352985][   T37] audit: type=1326 audit(1758126148.370:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12873 comm="syz.5.1936" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83459eeba9 code=0x7ffc0000
[  919.353024][   T37] audit: type=1326 audit(1758126148.370:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12873 comm="syz.5.1936" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83459eeba9 code=0x7ffc0000
[  919.511843][   T37] audit: type=1326 audit(1758126148.530:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12873 comm="syz.5.1936" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f83459eeba9 code=0x7ffc0000
[  919.513075][   T37] audit: type=1326 audit(1758126148.530:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12873 comm="syz.5.1936" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83459eeba9 code=0x7ffc0000
[  919.902483][T12883] gfs2: not a GFS2 filesystem
[  919.949406][T12883] FAULT_INJECTION: forcing a failure.
[  919.949406][T12883] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  919.949463][T12883] CPU: 0 UID: 0 PID: 12883 Comm: syz.3.1937 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  919.949484][T12883] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  919.949495][T12883] Call Trace:
[  919.949502][T12883]  <TASK>
[  919.949511][T12883]  dump_stack_lvl+0x189/0x250
[  919.949538][T12883]  ? __pfx____ratelimit+0x10/0x10
[  919.949563][T12883]  ? __pfx_dump_stack_lvl+0x10/0x10
[  919.949586][T12883]  ? __pfx__printk+0x10/0x10
[  919.949619][T12883]  should_fail_ex+0x46c/0x600
[  919.949647][T12883]  _copy_from_iter+0x1de/0x1790
[  919.949673][T12883]  ? __pfx___schedule+0x10/0x10
[  919.949701][T12883]  ? __pfx__copy_from_iter+0x10/0x10
[  919.949720][T12883]  ? smack_socket_sendmsg+0x1a7/0x520
[  919.949746][T12883]  ? __pfx_smack_socket_sendmsg+0x10/0x10
[  919.949774][T12883]  bcm_sendmsg+0x15b/0x6a0
[  919.949800][T12883]  ? __pfx_bcm_sendmsg+0x10/0x10
[  919.949829][T12883]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  919.949847][T12883]  ? __pfx_bcm_sendmsg+0x10/0x10
[  919.949865][T12883]  __sock_sendmsg+0x219/0x270
[  919.949890][T12883]  ____sys_sendmsg+0x508/0x820
[  919.949914][T12883]  ? __pfx_____sys_sendmsg+0x10/0x10
[  919.949941][T12883]  ? import_iovec+0x74/0xa0
[  919.949965][T12883]  ___sys_sendmsg+0x21f/0x2a0
[  919.949986][T12883]  ? __pfx____sys_sendmsg+0x10/0x10
[  919.950041][T12883]  ? __fget_files+0x2a/0x420
[  919.950061][T12883]  ? __fget_files+0x3a6/0x420
[  919.950094][T12883]  __x64_sys_sendmsg+0x1a1/0x260
[  919.950115][T12883]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  919.950158][T12883]  do_syscall_64+0xfa/0x3b0
[  919.950176][T12883]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  919.950198][T12883]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  919.950214][T12883]  ? clear_bhb_loop+0x60/0xb0
[  919.950235][T12883]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  919.950251][T12883] RIP: 0033:0x7f26c1a1eba9
[  919.950267][T12883] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  919.950282][T12883] RSP: 002b:00007f26bfc44038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  919.950302][T12883] RAX: ffffffffffffffda RBX: 00007f26c1c66180 RCX: 00007f26c1a1eba9
[  919.950315][T12883] RDX: 0000000000000044 RSI: 0000200000000440 RDI: 000000000000000b
[  919.950326][T12883] RBP: 00007f26bfc44090 R08: 0000000000000000 R09: 0000000000000000
[  919.950337][T12883] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  919.950348][T12883] R13: 00007f26c1c66218 R14: 00007f26c1c66180 R15: 00007fff9f6aa2f8
[  919.950378][T12883]  </TASK>
[  920.631950][   T37] audit: type=1326 audit(1758126149.650:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12873 comm="syz.5.1936" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83459eeba9 code=0x7ffc0000
[  921.191339][T12885] loop8: detected capacity change from 0 to 8
[  921.218793][T12885] Dev loop8: unable to read RDB block 8
[  921.218845][T12885]  loop8: unable to read partition table
[  921.219097][T12885] loop8: partition table beyond EOD, truncated
[  921.219116][T12885] loop_reread_partitions: partition scan of loop8 (�被x�^>�� �) failed (rc=-5)
[  921.310062][T12888] binder: BINDER_SET_CONTEXT_MGR already set
[  921.310078][T12888] binder: 12884:12888 ioctl 4018620d 200000004a80 returned -16
[  922.714390][T12904] 9pnet_fd: Insufficient options for proto=fd
[  922.978265][T12910] FAULT_INJECTION: forcing a failure.
[  922.978265][T12910] name failslab, interval 1, probability 0, space 0, times 0
[  922.978359][T12910] CPU: 0 UID: 0 PID: 12910 Comm: syz.5.1947 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  922.978382][T12910] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  922.978394][T12910] Call Trace:
[  922.978402][T12910]  <TASK>
[  922.978412][T12910]  dump_stack_lvl+0x189/0x250
[  922.978440][T12910]  ? __pfx____ratelimit+0x10/0x10
[  922.978465][T12910]  ? __pfx_dump_stack_lvl+0x10/0x10
[  922.978488][T12910]  ? __pfx__printk+0x10/0x10
[  922.978513][T12910]  ? __pfx___might_resched+0x10/0x10
[  922.978537][T12910]  should_fail_ex+0x46c/0x600
[  922.978566][T12910]  should_failslab+0xa8/0x100
[  922.978591][T12910]  __kmalloc_noprof+0xcb/0x430
[  922.978612][T12910]  ? tomoyo_encode+0x28b/0x550
[  922.978639][T12910]  tomoyo_encode+0x28b/0x550
[  922.978668][T12910]  tomoyo_realpath_from_path+0x58d/0x5d0
[  922.978703][T12910]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  922.978723][T12910]  tomoyo_path_number_perm+0x1e8/0x5a0
[  922.978747][T12910]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  922.978766][T12910]  ? lockdep_hardirqs_on+0x9c/0x150
[  922.978807][T12910]  ? trace_irq_disable+0x37/0x110
[  922.978886][T12910]  ? security_file_ioctl+0xa7/0x2d0
[  922.978913][T12910]  security_file_ioctl+0xcb/0x2d0
[  922.978937][T12910]  __se_sys_ioctl+0x47/0x170
[  922.978959][T12910]  do_syscall_64+0xfa/0x3b0
[  922.978978][T12910]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  922.978994][T12910]  ? asm_sysvec_call_function_single+0x1a/0x20
[  922.979018][T12910]  ? clear_bhb_loop+0x60/0xb0
[  922.979039][T12910]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  922.979057][T12910] RIP: 0033:0x7f83459eeba9
[  922.979074][T12910] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  922.979089][T12910] RSP: 002b:00007f8343c35038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  922.979109][T12910] RAX: ffffffffffffffda RBX: 00007f8345c36090 RCX: 00007f83459eeba9
[  922.979123][T12910] RDX: 0000200000000340 RSI: 0000000000003ba0 RDI: 0000000000000006
[  922.979135][T12910] RBP: 00007f8343c35090 R08: 0000000000000000 R09: 0000000000000000
[  922.979147][T12910] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  922.979158][T12910] R13: 00007f8345c36128 R14: 00007f8345c36090 R15: 00007ffcb37b2ff8
[  922.979189][T12910]  </TASK>
[  922.980234][T12910] ERROR: Out of memory at tomoyo_realpath_from_path.
[  928.425155][T12948] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  934.931272][T13004] netlink: 64 bytes leftover after parsing attributes in process `syz.5.1976'.
[  937.625512][ T1325] ieee802154 phy0 wpan0: encryption failed: -22
[  937.701108][ T6353] usb 2-1: new high-speed USB device number 53 using dummy_hcd
[  937.877696][ T6353] usb 2-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  937.895415][ T6353] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  937.895443][ T6353] usb 2-1: New USB device strings: Mfr=0, Product=16, SerialNumber=1
[  937.895462][ T6353] usb 2-1: Product: syz
[  937.895476][ T6353] usb 2-1: SerialNumber: syz
[  941.697213][ T6353] cdc_ether 2-1:1.0: probe with driver cdc_ether failed with error -71
[  941.724083][ T6353] usb 2-1: USB disconnect, device number 53
[  943.826738][ T6608] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  945.799795][T13074] FAULT_INJECTION: forcing a failure.
[  945.799795][T13074] name failslab, interval 1, probability 0, space 0, times 0
[  945.799828][T13074] CPU: 0 UID: 0 PID: 13074 Comm: syz.3.1996 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  945.799849][T13074] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  945.799860][T13074] Call Trace:
[  945.799868][T13074]  <TASK>
[  945.799877][T13074]  dump_stack_lvl+0x189/0x250
[  945.799906][T13074]  ? __pfx____ratelimit+0x10/0x10
[  945.799931][T13074]  ? __pfx_dump_stack_lvl+0x10/0x10
[  945.799954][T13074]  ? __pfx__printk+0x10/0x10
[  945.799979][T13074]  ? __pfx___might_resched+0x10/0x10
[  945.799997][T13074]  ? fs_reclaim_acquire+0x7d/0x100
[  945.800019][T13074]  should_fail_ex+0x46c/0x600
[  945.800049][T13074]  should_failslab+0xa8/0x100
[  945.800073][T13074]  __kmalloc_cache_node_noprof+0x78/0x340
[  945.800096][T13074]  ? __get_vm_area_node+0x172/0x350
[  945.800123][T13074]  __get_vm_area_node+0x172/0x350
[  945.800150][T13074]  __vmalloc_node_range_noprof+0x301/0x12f0
[  945.800174][T13074]  ? bpf_prog_alloc_no_stats+0x4a/0x510
[  945.800198][T13074]  ? is_bpf_text_address+0x26/0x2b0
[  945.800244][T13074]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  945.800266][T13074]  ? __might_fault+0xb0/0x130
[  945.800291][T13074]  ? _parse_integer_limit+0x1ae/0x1f0
[  945.800321][T13074]  ? bpf_prog_alloc_no_stats+0x4a/0x510
[  945.800348][T13074]  __vmalloc_noprof+0xb1/0xf0
[  945.800370][T13074]  ? bpf_prog_alloc_no_stats+0x4a/0x510
[  945.800394][T13074]  bpf_prog_alloc_no_stats+0x4a/0x510
[  945.800421][T13074]  bpf_prog_alloc+0x3c/0x1a0
[  945.800445][T13074]  bpf_prog_load+0x735/0x1930
[  945.800478][T13074]  ? __pfx_bpf_prog_load+0x10/0x10
[  945.800523][T13074]  ? bpf_lsm_bpf+0x9/0x20
[  945.800541][T13074]  ? security_bpf+0x7e/0x300
[  945.800565][T13074]  __sys_bpf+0x528/0x870
[  945.800588][T13074]  ? __pfx___sys_bpf+0x10/0x10
[  945.800621][T13074]  ? ksys_write+0x230/0x260
[  945.800645][T13074]  ? __pfx_ksys_write+0x10/0x10
[  945.800665][T13074]  ? rcu_is_watching+0x15/0xb0
[  945.800693][T13074]  __x64_sys_bpf+0x7c/0x90
[  945.800711][T13074]  do_syscall_64+0xfa/0x3b0
[  945.800726][T13074]  ? lockdep_hardirqs_on+0x9c/0x150
[  945.800747][T13074]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  945.800763][T13074]  ? clear_bhb_loop+0x60/0xb0
[  945.800783][T13074]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  945.800799][T13074] RIP: 0033:0x7f26c1a1eba9
[  945.800814][T13074] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  945.800829][T13074] RSP: 002b:00007f26bfc86038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  945.800848][T13074] RAX: ffffffffffffffda RBX: 00007f26c1c65fa0 RCX: 00007f26c1a1eba9
[  945.800862][T13074] RDX: 0000000000000094 RSI: 0000200000000200 RDI: 0000000000000005
[  945.800874][T13074] RBP: 00007f26bfc86090 R08: 0000000000000000 R09: 0000000000000000
[  945.800886][T13074] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  945.800898][T13074] R13: 00007f26c1c66038 R14: 00007f26c1c65fa0 R15: 00007fff9f6aa2f8
[  945.800925][T13074]  </TASK>
[  945.802796][T13074] syz.3.1996: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1
[  945.802943][T13074] CPU: 0 UID: 0 PID: 13074 Comm: syz.3.1996 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  945.802964][T13074] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  945.802975][T13074] Call Trace:
[  945.802983][T13074]  <TASK>
[  945.802991][T13074]  dump_stack_lvl+0x189/0x250
[  945.803022][T13074]  ? __pfx_dump_stack_lvl+0x10/0x10
[  945.803045][T13074]  ? __pfx__printk+0x10/0x10
[  945.803065][T13074]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  945.803086][T13074]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  945.803106][T13074]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[  945.803128][T13074]  warn_alloc+0x22e/0x3b0
[  945.803153][T13074]  ? should_fail_ex+0x344/0x600
[  945.803182][T13074]  ? __pfx_warn_alloc+0x10/0x10
[  945.803207][T13074]  ? __get_vm_area_node+0x172/0x350
[  945.803235][T13074]  ? __get_vm_area_node+0x2e2/0x350
[  945.803265][T13074]  __vmalloc_node_range_noprof+0x326/0x12f0
[  945.803290][T13074]  ? is_bpf_text_address+0x26/0x2b0
[  945.803346][T13074]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  945.803368][T13074]  ? __might_fault+0xb0/0x130
[  945.803394][T13074]  ? _parse_integer_limit+0x1ae/0x1f0
[  945.803425][T13074]  ? bpf_prog_alloc_no_stats+0x4a/0x510
[  945.803444][T13074]  __vmalloc_noprof+0xb1/0xf0
[  945.803467][T13074]  ? bpf_prog_alloc_no_stats+0x4a/0x510
[  945.803491][T13074]  bpf_prog_alloc_no_stats+0x4a/0x510
[  945.803517][T13074]  bpf_prog_alloc+0x3c/0x1a0
[  945.803542][T13074]  bpf_prog_load+0x735/0x1930
[  945.803575][T13074]  ? __pfx_bpf_prog_load+0x10/0x10
[  945.803619][T13074]  ? bpf_lsm_bpf+0x9/0x20
[  945.803638][T13074]  ? security_bpf+0x7e/0x300
[  945.803662][T13074]  __sys_bpf+0x528/0x870
[  945.803685][T13074]  ? __pfx___sys_bpf+0x10/0x10
[  945.803719][T13074]  ? ksys_write+0x230/0x260
[  945.803742][T13074]  ? __pfx_ksys_write+0x10/0x10
[  945.803760][T13074]  ? rcu_is_watching+0x15/0xb0
[  945.803792][T13074]  __x64_sys_bpf+0x7c/0x90
[  945.803812][T13074]  do_syscall_64+0xfa/0x3b0
[  945.803829][T13074]  ? lockdep_hardirqs_on+0x9c/0x150
[  945.803850][T13074]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  945.803868][T13074]  ? clear_bhb_loop+0x60/0xb0
[  945.803890][T13074]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  945.803907][T13074] RIP: 0033:0x7f26c1a1eba9
[  945.803924][T13074] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  945.803939][T13074] RSP: 002b:00007f26bfc86038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  945.803958][T13074] RAX: ffffffffffffffda RBX: 00007f26c1c65fa0 RCX: 00007f26c1a1eba9
[  945.803971][T13074] RDX: 0000000000000094 RSI: 0000200000000200 RDI: 0000000000000005
[  945.803984][T13074] RBP: 00007f26bfc86090 R08: 0000000000000000 R09: 0000000000000000
[  945.803996][T13074] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  945.804007][T13074] R13: 00007f26c1c66038 R14: 00007f26c1c65fa0 R15: 00007fff9f6aa2f8
[  945.804037][T13074]  </TASK>
[  945.804051][T13074] Mem-Info:
[  945.804063][T13074] active_anon:582 inactive_anon:8548 isolated_anon:0
[  945.804063][T13074]  active_file:17909 inactive_file:41693 isolated_file:0
[  945.804063][T13074]  unevictable:17149 dirty:207 writeback:0
[  945.804063][T13074]  slab_reclaimable:12506 slab_unreclaimable:104997
[  945.804063][T13074]  mapped:38608 shmem:5644 pagetables:1199
[  945.804063][T13074]  sec_pagetables:0 bounce:0
[  945.804063][T13074]  kernel_misc_reclaimable:0
[  945.804063][T13074]  free:1282373 free_pcp:4196 free_cma:0
[  945.804112][T13074] Node 0 active_anon:2328kB inactive_anon:34192kB active_file:71432kB inactive_file:166772kB unevictable:67060kB isolated(anon):0kB isolated(file):0kB mapped:154432kB dirty:820kB writeback:0kB shmem:21040kB kernel_stack:13228kB pagetables:4648kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  945.804154][T13074] Node 1 active_anon:0kB inactive_anon:0kB active_file:204kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:8kB writeback:0kB shmem:1536kB kernel_stack:48kB pagetables:148kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  945.804194][T13074] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  945.804251][T13074] lowmem_reserve[]: 0 2512 2513 2513 2513
[  945.804283][T13074] Node 0 DMA32 free:1217020kB boost:0kB min:3940kB low:6484kB high:9028kB reserved_highatomic:0KB free_highatomic:0KB active_anon:2524kB inactive_anon:33948kB active_file:70424kB inactive_file:166704kB unevictable:67060kB writepending:820kB present:3129332kB managed:2572296kB mlocked:0kB bounce:0kB free_pcp:16524kB local_pcp:12220kB free_cma:0kB
[  945.804345][T13074] lowmem_reserve[]: 0 0 1 1 1
[  945.804375][T13074] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB free_highatomic:0KB active_anon:4kB inactive_anon:44kB active_file:1008kB inactive_file:68kB unevictable:0kB writepending:0kB present:1048580kB managed:1132kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB
[  945.804426][T13074] lowmem_reserve[]: 0 0 0 0 0
[  945.804457][T13074] Node 1 Normal free:3897112kB boost:0kB min:6364kB low:10472kB high:14580kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:204kB inactive_file:0kB unevictable:1536kB writepending:8kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:252kB local_pcp:252kB free_cma:0kB
[  945.804510][T13074] lowmem_reserve[]: 0 0 0 0 0
[  945.804541][T13074] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  945.804645][T13074] Node 0 DMA32: 369*4kB (UME) 440*8kB (UME) 270*16kB (UME) 293*32kB (UME) 58*64kB (ME) 97*128kB (ME) 50*256kB (UME) 18*512kB (M) 3*1024kB (M) 5*2048kB (UME) 280*4096kB (UM) = 1217028kB
[  945.804788][T13074] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  945.804879][T13074] Node 1 Normal: 164*4kB (UME) 37*8kB (UME) 34*16kB (UME) 202*32kB (UME) 108*64kB (UME) 30*128kB (UME) 12*256kB (UM) 5*512kB (UM) 4*1024kB (UME) 1*2048kB (E) 944*4096kB (M) = 3897112kB
[  945.805022][T13074] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  945.805038][T13074] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  945.805054][T13074] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  945.805070][T13074] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  945.805085][T13074] 81623 total pagecache pages
[  945.805097][T13074] 0 pages in swap cache
[  945.805104][T13074] Free swap  = 124996kB
[  945.805111][T13074] Total swap = 124996kB
[  945.805119][T13074] 2097051 pages RAM
[  945.805126][T13074] 0 pages HighMem/MovableOnly
[  945.805134][T13074] 422079 pages reserved
[  945.805141][T13074] 0 pages cma reserved
[  946.250872][ T9335] usb 2-1: new high-speed USB device number 54 using dummy_hcd
[  947.434439][ T9335] usb 2-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  947.436829][ T9335] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  947.436855][ T9335] usb 2-1: New USB device strings: Mfr=0, Product=16, SerialNumber=1
[  947.436875][ T9335] usb 2-1: Product: syz
[  947.436889][ T9335] usb 2-1: SerialNumber: syz
[  951.020543][ T9335] cdc_ether 2-1:1.0: probe with driver cdc_ether failed with error -71
[  951.053616][ T9335] usb 2-1: USB disconnect, device number 54
[  951.251959][T13112] FAULT_INJECTION: forcing a failure.
[  951.251959][T13112] name failslab, interval 1, probability 0, space 0, times 0
[  951.251994][T13112] CPU: 0 UID: 0 PID: 13112 Comm: syz.3.2008 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  951.252015][T13112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  951.252027][T13112] Call Trace:
[  951.252035][T13112]  <TASK>
[  951.252044][T13112]  dump_stack_lvl+0x189/0x250
[  951.252073][T13112]  ? __pfx____ratelimit+0x10/0x10
[  951.252098][T13112]  ? __pfx_dump_stack_lvl+0x10/0x10
[  951.252243][T13112]  ? __pfx__printk+0x10/0x10
[  951.252270][T13112]  ? __pfx___might_resched+0x10/0x10
[  951.252295][T13112]  should_fail_ex+0x46c/0x600
[  951.252327][T13112]  should_failslab+0xa8/0x100
[  951.252352][T13112]  __kmalloc_noprof+0xcb/0x430
[  951.252373][T13112]  ? tomoyo_encode+0x28b/0x550
[  951.252401][T13112]  tomoyo_encode+0x28b/0x550
[  951.252430][T13112]  tomoyo_realpath_from_path+0x58d/0x5d0
[  951.252456][T13112]  ? tomoyo_domain+0xda/0x130
[  951.252485][T13112]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  951.252506][T13112]  tomoyo_path_number_perm+0x1e8/0x5a0
[  951.252530][T13112]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  951.252555][T13112]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  951.252581][T13112]  ? lockdep_hardirqs_on+0x9c/0x150
[  951.252614][T13112]  ? __lock_acquire+0xab9/0xd20
[  951.252658][T13112]  ? __fget_files+0x2a/0x420
[  951.252685][T13112]  ? __fget_files+0x2a/0x420
[  951.252706][T13112]  ? __fget_files+0x3a6/0x420
[  951.252728][T13112]  ? __fget_files+0x2a/0x420
[  951.252755][T13112]  security_file_ioctl+0xcb/0x2d0
[  951.252781][T13112]  __se_sys_ioctl+0x47/0x170
[  951.252805][T13112]  do_syscall_64+0xfa/0x3b0
[  951.252821][T13112]  ? lockdep_hardirqs_on+0x9c/0x150
[  951.252844][T13112]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  951.252862][T13112]  ? clear_bhb_loop+0x60/0xb0
[  951.252884][T13112]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  951.252900][T13112] RIP: 0033:0x7f26c1a1eba9
[  951.252918][T13112] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  951.252933][T13112] RSP: 002b:00007f26bfc86038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  951.252955][T13112] RAX: ffffffffffffffda RBX: 00007f26c1c65fa0 RCX: 00007f26c1a1eba9
[  951.252970][T13112] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  951.252982][T13112] RBP: 00007f26bfc86090 R08: 0000000000000000 R09: 0000000000000000
[  951.252995][T13112] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  951.253006][T13112] R13: 00007f26c1c66038 R14: 00007f26c1c65fa0 R15: 00007fff9f6aa2f8
[  951.253040][T13112]  </TASK>
[  951.253066][T13112] ERROR: Out of memory at tomoyo_realpath_from_path.
[  951.745563][T13121] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2012'.
[  951.747862][T13121] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2012'.
[  951.964631][T13126] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  953.337035][ T9335] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  954.327493][ T9335] usb 6-1: Using ep0 maxpacket: 16
[  954.336378][ T9335] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  954.338958][ T9335] usb 6-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3
[  954.338985][ T9335] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  954.339004][ T9335] usb 6-1: Product: syz
[  954.339017][ T9335] usb 6-1: Manufacturer: syz
[  954.339030][ T9335] usb 6-1: SerialNumber: syz
[  954.344783][ T9335] usb 6-1: config 0 descriptor??
[  954.621081][    C0] vkms_vblank_simulate: vblank timer overrun
[  954.832907][T13146] FAULT_INJECTION: forcing a failure.
[  954.832907][T13146] name failslab, interval 1, probability 0, space 0, times 0
[  954.832953][T13146] CPU: 0 UID: 0 PID: 13146 Comm: syz.3.2020 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  954.832975][T13146] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  954.832986][T13146] Call Trace:
[  954.832994][T13146]  <TASK>
[  954.833002][T13146]  dump_stack_lvl+0x189/0x250
[  954.833028][T13146]  ? __pfx____ratelimit+0x10/0x10
[  954.833053][T13146]  ? __pfx_dump_stack_lvl+0x10/0x10
[  954.833076][T13146]  ? __pfx__printk+0x10/0x10
[  954.833100][T13146]  ? __pfx___might_resched+0x10/0x10
[  954.833116][T13146]  ? fs_reclaim_acquire+0x7d/0x100
[  954.833138][T13146]  should_fail_ex+0x46c/0x600
[  954.833165][T13146]  ? __alloc_skb+0x112/0x2d0
[  954.833188][T13146]  should_failslab+0xa8/0x100
[  954.833210][T13146]  ? __alloc_skb+0x112/0x2d0
[  954.833228][T13146]  kmem_cache_alloc_node_noprof+0x77/0x330
[  954.833257][T13146]  __alloc_skb+0x112/0x2d0
[  954.833284][T13146]  netlink_sendmsg+0x5c6/0xb30
[  954.833318][T13146]  ? __pfx_netlink_sendmsg+0x10/0x10
[  954.833353][T13146]  ? tomoyo_socket_sendmsg_permission+0x9/0x300
[  954.833379][T13146]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  954.833394][T13146]  ? __pfx_netlink_sendmsg+0x10/0x10
[  954.833416][T13146]  __sock_sendmsg+0x219/0x270
[  954.833441][T13146]  ____sys_sendmsg+0x508/0x820
[  954.833462][T13146]  ? __pfx_____sys_sendmsg+0x10/0x10
[  954.833487][T13146]  ? import_iovec+0x74/0xa0
[  954.833508][T13146]  ___sys_sendmsg+0x21f/0x2a0
[  954.833528][T13146]  ? __pfx____sys_sendmsg+0x10/0x10
[  954.833549][T13146]  ? rcu_is_watching+0x15/0xb0
[  954.833596][T13146]  ? __fget_files+0x2a/0x420
[  954.833618][T13146]  ? __fget_files+0x3a6/0x420
[  954.833649][T13146]  __x64_sys_sendmsg+0x1a1/0x260
[  954.833669][T13146]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  954.833708][T13146]  do_syscall_64+0xfa/0x3b0
[  954.833727][T13146]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  954.833743][T13146]  ? asm_sysvec_call_function_single+0x1a/0x20
[  954.833760][T13146]  ? clear_bhb_loop+0x60/0xb0
[  954.833780][T13146]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  954.833797][T13146] RIP: 0033:0x7f26c1a1eba9
[  954.833813][T13146] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  954.833836][T13146] RSP: 002b:00007f26bfc65038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  954.833856][T13146] RAX: ffffffffffffffda RBX: 00007f26c1c66090 RCX: 00007f26c1a1eba9
[  954.833870][T13146] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000007
[  954.833881][T13146] RBP: 00007f26bfc65090 R08: 0000000000000000 R09: 0000000000000000
[  954.833894][T13146] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  954.833905][T13146] R13: 00007f26c1c66128 R14: 00007f26c1c66090 R15: 00007fff9f6aa2f8
[  954.833935][T13146]  </TASK>
[  955.251416][ T9335] usb 2-1: new high-speed USB device number 55 using dummy_hcd
[  955.486546][   T37] audit: type=1326 audit(1758126184.510:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13152 comm="syz.4.2023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f458dc2eba9 code=0x7ffc0000
[  955.487063][   T37] audit: type=1326 audit(1758126184.510:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13152 comm="syz.4.2023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f458dc2eba9 code=0x7ffc0000
[  955.487321][   T37] audit: type=1326 audit(1758126184.510:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13152 comm="syz.4.2023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f458dc2eba9 code=0x7ffc0000
[  955.487805][   T37] audit: type=1326 audit(1758126184.510:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13152 comm="syz.4.2023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f458dc2eba9 code=0x7ffc0000
[  955.488117][   T37] audit: type=1326 audit(1758126184.510:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13152 comm="syz.4.2023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f458dc2eba9 code=0x7ffc0000
[  955.488346][   T37] audit: type=1326 audit(1758126184.510:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13152 comm="syz.4.2023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=154 compat=0 ip=0x7f458dc2eba9 code=0x7ffc0000
[  955.488642][   T37] audit: type=1326 audit(1758126184.510:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13152 comm="syz.4.2023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f458dc2eba9 code=0x7ffc0000
[  955.489594][   T37] audit: type=1326 audit(1758126184.510:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13152 comm="syz.4.2023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f458dc2eba9 code=0x7ffc0000
[  955.489899][   T37] audit: type=1326 audit(1758126184.510:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13152 comm="syz.4.2023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f458dc2eba9 code=0x7ffc0000
[  955.490205][   T37] audit: type=1326 audit(1758126184.510:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13152 comm="syz.4.2023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7f458dc2eba9 code=0x7ffc0000
[  955.625204][T13156] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  955.625660][T13156] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  955.658348][ T9335] usb 2-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  955.682443][ T9335] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  955.682463][ T9335] usb 2-1: New USB device strings: Mfr=0, Product=16, SerialNumber=1
[  955.682473][ T9335] usb 2-1: Product: syz
[  955.682481][ T9335] usb 2-1: SerialNumber: syz
[  956.078814][T13160] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  957.488773][    C0] vkms_vblank_simulate: vblank timer overrun
[  957.637520][ T6353] usb 6-1: USB disconnect, device number 2
[  957.667282][    C0] vkms_vblank_simulate: vblank timer overrun
[  957.900020][T13174] tipc: Started in network mode
[  957.900056][T13174] tipc: Node identity 62550fcbbc5b, cluster identity 4711
[  957.927135][T13174] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  957.939882][T13174] syzkaller0: entered promiscuous mode
[  957.941122][T13174] syzkaller0: entered allmulticast mode
[  958.117673][    C0] vkms_vblank_simulate: vblank timer overrun
[  958.282875][    C0] vkms_vblank_simulate: vblank timer overrun
[  958.893978][T13178] VFS: Mount too revealing
[  958.954124][ T6889] tipc: Node number set to 3725463499
[  959.009135][    C0] vkms_vblank_simulate: vblank timer overrun
[  959.095281][T13176] tipc: Resetting bearer <eth:syzkaller0>
[  959.170528][T13173] tipc: Resetting bearer <eth:syzkaller0>
[  959.921567][T13173] tipc: Disabling bearer <eth:syzkaller0>
[  961.468679][ T9335] cdc_ether 2-1:1.0: probe with driver cdc_ether failed with error -32
[  963.801648][ T9335] usb 2-1: USB disconnect, device number 55
[  966.476772][T13263] FAULT_INJECTION: forcing a failure.
[  966.476772][T13263] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  966.476806][T13263] CPU: 1 UID: 0 PID: 13263 Comm: syz.3.2051 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  966.476827][T13263] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  966.476838][T13263] Call Trace:
[  966.476846][T13263]  <TASK>
[  966.476855][T13263]  dump_stack_lvl+0x189/0x250
[  966.476884][T13263]  ? __pfx____ratelimit+0x10/0x10
[  966.476909][T13263]  ? __pfx_dump_stack_lvl+0x10/0x10
[  966.476932][T13263]  ? __pfx__printk+0x10/0x10
[  966.476951][T13263]  ? rt_spin_unlock+0x65/0x80
[  966.476984][T13263]  should_fail_ex+0x46c/0x600
[  966.477015][T13263]  copy_folio_from_iter_atomic+0x325/0x1910
[  966.477084][T13263]  ? __pfx_copy_folio_from_iter_atomic+0x10/0x10
[  966.477102][T13263]  ? seqcount_lockdep_reader_access+0x175/0x1c0
[  966.477122][T13263]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  966.477149][T13263]  ? shmem_write_begin+0x157/0x2a0
[  966.477181][T13263]  generic_perform_write+0x5c2/0x8c0
[  966.477216][T13263]  ? __pfx_generic_perform_write+0x10/0x10
[  966.477243][T13263]  ? file_update_time+0x2e0/0x490
[  966.477268][T13263]  shmem_file_write_iter+0xfb/0x120
[  966.477292][T13263]  vfs_write+0x5d2/0xb40
[  966.477318][T13263]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  966.477340][T13263]  ? __pfx_vfs_write+0x10/0x10
[  966.477358][T13263]  ? try_to_take_rt_mutex+0x7fd/0xac0
[  966.477389][T13263]  ? mutex_lock_nested+0x154/0x1d0
[  966.477408][T13263]  ? fdget_pos+0x253/0x320
[  966.477440][T13263]  ksys_write+0x14b/0x260
[  966.477463][T13263]  ? __pfx_ksys_write+0x10/0x10
[  966.477481][T13263]  ? rcu_is_watching+0x15/0xb0
[  966.477510][T13263]  ? do_syscall_64+0xbe/0x3b0
[  966.477531][T13263]  do_syscall_64+0xfa/0x3b0
[  966.477546][T13263]  ? lockdep_hardirqs_on+0x9c/0x150
[  966.477568][T13263]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  966.477585][T13263]  ? clear_bhb_loop+0x60/0xb0
[  966.477607][T13263]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  966.477625][T13263] RIP: 0033:0x7f26c1a1eba9
[  966.477641][T13263] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  966.477656][T13263] RSP: 002b:00007f26bfc86038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  966.477677][T13263] RAX: ffffffffffffffda RBX: 00007f26c1c65fa0 RCX: 00007f26c1a1eba9
[  966.477691][T13263] RDX: 000000000208e24b RSI: 00002000000004c0 RDI: 0000000000000004
[  966.477703][T13263] RBP: 00007f26bfc86090 R08: 0000000000000000 R09: 0000000000000000
[  966.477715][T13263] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  966.477726][T13263] R13: 00007f26c1c66038 R14: 00007f26c1c65fa0 R15: 00007fff9f6aa2f8
[  966.477756][T13263]  </TASK>
[  967.840890][ T6353] usb 4-1: new high-speed USB device number 62 using dummy_hcd
[  968.780869][ T6353] usb 4-1: Using ep0 maxpacket: 16
[  968.805511][ T6353] usb 4-1: config 4 has an invalid interface number: 69 but max is 1
[  968.805538][ T6353] usb 4-1: config 4 has an invalid interface descriptor of length 4, skipping
[  968.805556][ T6353] usb 4-1: config 4 has an invalid descriptor of length 124, skipping remainder of the config
[  968.805573][ T6353] usb 4-1: config 4 has 1 interface, different from the descriptor's value: 2
[  968.805592][ T6353] usb 4-1: config 4 has no interface number 0
[  968.805621][ T6353] usb 4-1: config 4 interface 69 has no altsetting 0
[  968.808751][ T6353] usb 4-1: New USB device found, idVendor=1da5, idProduct=4523, bcdDevice=eb.7f
[  968.808776][ T6353] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  968.808793][ T6353] usb 4-1: Product: syz
[  968.808806][ T6353] usb 4-1: Manufacturer: syz
[  968.808819][ T6353] usb 4-1: SerialNumber: syz
[  969.139793][ T6353] option 4-1:4.69: GSM modem (1-port) converter detected
[  969.163390][ T6353] usb 4-1: USB disconnect, device number 62
[  969.165714][ T6353] option 4-1:4.69: device disconnected
[  970.970950][T10359] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  971.021886][T13288] FAULT_INJECTION: forcing a failure.
[  971.021886][T13288] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  971.021915][T13288] CPU: 1 UID: 0 PID: 13288 Comm: syz.3.2059 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  971.021931][T13288] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  971.021940][T13288] Call Trace:
[  971.021946][T13288]  <TASK>
[  971.021953][T13288]  dump_stack_lvl+0x189/0x250
[  971.021977][T13288]  ? __pfx____ratelimit+0x10/0x10
[  971.021997][T13288]  ? __pfx_dump_stack_lvl+0x10/0x10
[  971.022015][T13288]  ? __pfx__printk+0x10/0x10
[  971.022030][T13288]  ? __might_fault+0xb0/0x130
[  971.022058][T13288]  should_fail_ex+0x46c/0x600
[  971.022082][T13288]  _copy_from_user+0x2d/0xb0
[  971.022101][T13288]  do_tcp_getsockopt+0x1dd/0x2660
[  971.022123][T13288]  ? count_memcg_event_mm+0x21/0x260
[  971.022148][T13288]  ? __pfx_do_tcp_getsockopt+0x10/0x10
[  971.022166][T13288]  ? handle_mm_fault+0x30eb/0x3400
[  971.022185][T13288]  ? sock_recv_errqueue+0x510/0x510
[  971.022203][T13288]  ? mt_find+0x15c/0x5f0
[  971.022223][T13288]  ? handle_mm_fault+0xdb/0x3400
[  971.022246][T13288]  ? __pfx_handle_mm_fault+0x10/0x10
[  971.022276][T13288]  ? do_user_addr_fault+0xbc1/0x1390
[  971.022296][T13288]  ? up_read+0x23/0x40
[  971.022308][T13288]  ? do_user_addr_fault+0xc8a/0x1390
[  971.022330][T13288]  ? irqentry_exit+0x74/0x90
[  971.022349][T13288]  ? lockdep_hardirqs_on+0x9c/0x150
[  971.022368][T13288]  ? irqentry_exit+0x74/0x90
[  971.022385][T13288]  ? exc_page_fault+0x9f/0xf0
[  971.022415][T13288]  tcp_getsockopt+0x83/0x130
[  971.022447][T13288]  ? sock_recv_errqueue+0x510/0x510
[  971.022463][T13288]  ? rep_movs_alternative+0xf/0x90
[  971.022480][T13288]  ? sock_recv_errqueue+0x510/0x510
[  971.022496][T13288]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  971.022516][T13288]  do_sock_getsockopt+0x372/0x450
[  971.022540][T13288]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  971.022561][T13288]  ? do_syscall_64+0x40/0x3b0
[  971.022578][T13288]  ? ksys_write+0x1e7/0x260
[  971.022601][T13288]  __x64_sys_getsockopt+0x1ab/0x250
[  971.022616][T13288]  ? do_syscall_64+0x40/0x3b0
[  971.022632][T13288]  ? do_syscall_64+0x40/0x3b0
[  971.022651][T13288]  do_syscall_64+0xfa/0x3b0
[  971.022664][T13288]  ? lockdep_hardirqs_on+0x9c/0x150
[  971.022682][T13288]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  971.022699][T13288]  ? clear_bhb_loop+0x60/0xb0
[  971.022717][T13288]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  971.022731][T13288] RIP: 0033:0x7f26c1a1eba9
[  971.022747][T13288] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  971.022760][T13288] RSP: 002b:00007f26bfc86038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  971.022776][T13288] RAX: ffffffffffffffda RBX: 00007f26c1c65fa0 RCX: 00007f26c1a1eba9
[  971.022787][T13288] RDX: 0000000000000023 RSI: 0000000000000006 RDI: 0000000000000004
[  971.022796][T13288] RBP: 00007f26bfc86090 R08: 0000200000000040 R09: 0000000000000000
[  971.022805][T13288] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  971.022814][T13288] R13: 00007f26c1c66038 R14: 00007f26c1c65fa0 R15: 00007fff9f6aa2f8
[  971.022841][T13288]  </TASK>
[  971.123279][T10359] usb 6-1: device descriptor read/64, error -71
[  971.420811][T10359] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  971.570824][T10359] usb 6-1: device descriptor read/64, error -71
[  971.687246][T10359] usb usb6-port1: attempt power cycle
[  972.781046][T10359] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  972.813417][T10359] usb 6-1: device descriptor read/8, error -71
[  974.804755][T10359] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  975.010765][T10359] usb 6-1: device not accepting address 6, error -71
[  975.012004][T10359] usb usb6-port1: unable to enumerate USB device
[  976.408909][ T6608] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  976.421235][ T5926] usb 4-1: new high-speed USB device number 63 using dummy_hcd
[  976.615335][ T5926] usb 4-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  976.615363][ T5926] usb 4-1: config 220 has 1 interface, different from the descriptor's value: 3
[  976.615399][ T5926] usb 4-1: config 220 interface 0 has no altsetting 0
[  976.619274][ T5926] usb 4-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  976.619303][ T5926] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  976.619322][ T5926] usb 4-1: Product: syz
[  976.619335][ T5926] usb 4-1: Manufacturer: syz
[  976.619350][ T5926] usb 4-1: SerialNumber: syz
[  976.811152][T13338] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2074'.
[  977.057647][T13338] _�Z`Ԁ@: entered promiscuous mode
[  977.247622][ T5926] usb 4-1: Found UVC 0.00 device syz (8086:0b07)
[  977.247660][ T5926] usb 4-1: No valid video chain found.
[  977.254139][ T5926] usb 4-1: USB disconnect, device number 63
[  982.897282][T13393] netlink: 212376 bytes leftover after parsing attributes in process `syz.0.2092'.
[  983.717768][T13403] overlay: ./file0 is not a directory
[  983.748545][T13403] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2095'.
[  983.849027][T13405] overlayfs: missing 'lowerdir'
[  985.677504][    C0] vkms_vblank_simulate: vblank timer overrun
[  986.186622][    C0] vkms_vblank_simulate: vblank timer overrun
[  986.877008][    C0] vkms_vblank_simulate: vblank timer overrun
[  986.919723][T13419] netlink: 830 bytes leftover after parsing attributes in process `syz.5.2100'.
[  987.143572][    C0] vkms_vblank_simulate: vblank timer overrun
[  987.456586][    C0] vkms_vblank_simulate: vblank timer overrun
[  987.507317][ T5926] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0
[  988.120997][    C0] vkms_vblank_simulate: vblank timer overrun
[  988.189058][ T5926] hid-generic 0000:0000:0000.0014: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  991.262640][T13464] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  995.735492][ T6889] usb 4-1: new high-speed USB device number 64 using dummy_hcd
[  996.387402][T13514] snd_virmidi snd_virmidi.0: control 5:9:32769:syz0:3106 is already present
[  997.367036][ T6889] usb 4-1: New USB device found, idVendor=0471, idProduct=0302, bcdDevice=4d.67
[  997.367067][ T6889] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  997.367087][ T6889] usb 4-1: Product: syz
[  997.367100][ T6889] usb 4-1: Manufacturer: syz
[  997.367114][ T6889] usb 4-1: SerialNumber: syz
[  997.412312][ T6889] usb 4-1: config 0 descriptor??
[  997.776720][ T6889] usb 4-1: can't set config #0, error -71
[  997.829305][ T6889] usb 4-1: USB disconnect, device number 64
[  998.766083][ T1325] ieee802154 phy0 wpan0: encryption failed: -22
[  999.022502][T13535] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition
[  999.022533][T13535] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0)
[  999.485209][T13547] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.2143'.
[ 1003.411026][T13585] netlink: 76 bytes leftover after parsing attributes in process `syz.3.2153'.
[ 1005.707593][T11911] Bluetooth: hci5: command 0x0406 tx timeout
[ 1008.531259][ T7682] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1008.993075][T13667] FAULT_INJECTION: forcing a failure.
[ 1008.993075][T13667] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1008.993111][T13667] CPU: 0 UID: 0 PID: 13667 Comm: syz.5.2182 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1008.993132][T13667] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1008.993144][T13667] Call Trace:
[ 1008.993152][T13667]  <TASK>
[ 1008.993161][T13667]  dump_stack_lvl+0x189/0x250
[ 1008.993189][T13667]  ? __pfx____ratelimit+0x10/0x10
[ 1008.993214][T13667]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1008.993237][T13667]  ? __pfx__printk+0x10/0x10
[ 1008.993256][T13667]  ? __might_fault+0xb0/0x130
[ 1008.993292][T13667]  should_fail_ex+0x46c/0x600
[ 1008.993320][T13667]  _copy_from_user+0x2d/0xb0
[ 1008.993343][T13667]  core_sys_select+0x606/0xa20
[ 1008.993378][T13667]  ? __pfx_core_sys_select+0x10/0x10
[ 1008.993425][T13667]  ? __pfx_set_user_sigmask+0x10/0x10
[ 1008.993445][T13667]  ? rt_mutex_slowunlock+0x1be/0x2e0
[ 1008.993465][T13667]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[ 1008.993493][T13667]  __se_sys_pselect6+0x27a/0x300
[ 1008.993521][T13667]  ? __pfx___se_sys_pselect6+0x10/0x10
[ 1008.993544][T13667]  ? __pfx_ksys_write+0x10/0x10
[ 1008.993562][T13667]  ? rcu_is_watching+0x15/0xb0
[ 1008.993592][T13667]  ? __x64_sys_pselect6+0x21/0xf0
[ 1008.993615][T13667]  do_syscall_64+0xfa/0x3b0
[ 1008.993630][T13667]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1008.993652][T13667]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1008.993668][T13667]  ? clear_bhb_loop+0x60/0xb0
[ 1008.993689][T13667]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1008.993705][T13667] RIP: 0033:0x7f83459eeba9
[ 1008.993721][T13667] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1008.993736][T13667] RSP: 002b:00007f8343c14038 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
[ 1008.993756][T13667] RAX: ffffffffffffffda RBX: 00007f8345c36180 RCX: 00007f83459eeba9
[ 1008.993770][T13667] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000040
[ 1008.993782][T13667] RBP: 00007f8343c14090 R08: 0000000000000000 R09: 0000000000000000
[ 1008.993794][T13667] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000000000000001
[ 1008.993807][T13667] R13: 00007f8345c36218 R14: 00007f8345c36180 R15: 00007ffcb37b2ff8
[ 1008.993844][T13667]  </TASK>
[ 1009.250907][ T7197] usb 2-1: new high-speed USB device number 56 using dummy_hcd
[ 1009.397377][   T38] INFO: task syz-executor:5837 blocked for more than 143 seconds.
[ 1009.397401][   T38]       Not tainted syzkaller #0
[ 1009.397412][   T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1009.397421][   T38] task:syz-executor    state:D stack:21608 pid:5837  tgid:5837  ppid:1      task_flags:0x400140 flags:0x00004006
[ 1009.397465][   T38] Call Trace:
[ 1009.397472][   T38]  <TASK>
[ 1009.397487][   T38]  __schedule+0x16f3/0x4c20
[ 1009.397533][   T38]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1009.397692][   T38]  ? __lock_acquire+0xab9/0xd20
[ 1009.397717][   T38]  ? __pfx___schedule+0x10/0x10
[ 1009.397762][   T38]  ? schedule+0x91/0x360
[ 1009.397789][   T38]  schedule+0x165/0x360
[ 1009.397815][   T38]  v9fs_evict_inode+0x170/0x320
[ 1009.397844][   T38]  ? __pfx_v9fs_evict_inode+0x10/0x10
[ 1009.397865][   T38]  ? reacquire_held_locks+0x127/0x1d0
[ 1009.397892][   T38]  ? __pfx_var_wake_function+0x10/0x10
[ 1009.397944][   T38]  ? __pfx_v9fs_evict_inode+0x10/0x10
[ 1009.397967][   T38]  evict+0x504/0x9c0
[ 1009.397997][   T38]  ? __pfx_evict+0x10/0x10
[ 1009.398017][   T38]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[ 1009.398054][   T38]  evict_inodes+0x64c/0x6d0
[ 1009.398081][   T38]  ? __pfx_evict_inodes+0x10/0x10
[ 1009.398115][   T38]  generic_shutdown_super+0x9a/0x2c0
[ 1009.398140][   T38]  kill_anon_super+0x3b/0x70
[ 1009.398160][   T38]  v9fs_kill_super+0x4c/0x90
[ 1009.398186][   T38]  deactivate_locked_super+0xbc/0x130
[ 1009.398209][   T38]  cleanup_mnt+0x425/0x4c0
[ 1009.398229][   T38]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1009.398257][   T38]  task_work_run+0x1d4/0x260
[ 1009.398279][   T38]  ? __pfx_task_work_run+0x10/0x10
[ 1009.398295][   T38]  ? __x64_sys_umount+0x122/0x160
[ 1009.398322][   T38]  ? exit_to_user_mode_loop+0x40/0x110
[ 1009.398348][   T38]  exit_to_user_mode_loop+0xec/0x110
[ 1009.398371][   T38]  do_syscall_64+0x2bd/0x3b0
[ 1009.398387][   T38]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1009.398411][   T38]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1009.398429][   T38]  ? clear_bhb_loop+0x60/0xb0
[ 1009.398451][   T38]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1009.398469][   T38] RIP: 0033:0x7f37decffed7
[ 1009.398486][   T38] RSP: 002b:00007ffdf1f02908 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 1009.398506][   T38] RAX: 0000000000000000 RBX: 00007f37ded81c05 RCX: 00007f37decffed7
[ 1009.398526][   T38] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdf1f029c0
[ 1009.398539][   T38] RBP: 00007ffdf1f029c0 R08: 0000000000000000 R09: 0000000000000000
[ 1009.398551][   T38] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffdf1f03a50
[ 1009.398564][   T38] R13: 00007f37ded81c05 R14: 00000000000d2672 R15: 00007ffdf1f03a90
[ 1009.398596][   T38]  </TASK>
[ 1009.398659][   T38] 
[ 1009.398659][   T38] Showing all locks held in the system:
[ 1009.398671][   T38] 1 lock held by khungtaskd/38:
[ 1009.398682][   T38]  #0: ffffffff8d9a8d80 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[ 1009.398835][   T38] 6 locks held by kworker/u8:4/67:
[ 1009.398854][   T38] 3 locks held by kworker/u8:9/1304:
[ 1009.398878][   T38] 2 locks held by getty/5596:
[ 1009.398889][   T38]  #0: ffff88803401b0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[ 1009.398937][   T38]  #1: ffffc90003e832e0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x444/0x1410
[ 1009.398982][   T38] 1 lock held by syz-executor/5837:
[ 1009.398993][   T38]  #0: ffff88801cf080d0 (&type->s_umount_key#65){+.+.}-{4:4}, at: deactivate_super+0xa9/0xe0
[ 1009.399043][   T38] 2 locks held by kworker/u8:13/6299:
[ 1009.399054][   T38] 5 locks held by kworker/0:10/7197:
[ 1009.399065][   T38]  #0: ffff8880199c8938 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 1009.399111][   T38]  #1: ffffc90005d07bc0 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 1009.399156][   T38]  #2: ffff888145363188 (&dev->mutex){....}-{4:4}, at: hub_event+0x184/0x4a20
[ 1009.399199][   T38]  #3: ffff8881453675b8 (&port_dev->status_lock){+.+.}-{4:4}, at: hub_event+0x21b8/0x4a20
[ 1009.399241][   T38]  #4: ffff888144f47058 (hcd->address0_mutex){+.+.}-{4:4}, at: hub_event+0x21e5/0x4a20
[ 1009.399286][   T38] 2 locks held by kworker/1:1/13465:
[ 1009.399297][   T38] 1 lock held by syz.4.2176/13643:
[ 1009.399308][   T38] 4 locks held by syz.0.2179/13652:
[ 1009.399320][   T38] 4 locks held by syz.3.2184/13668:
[ 1009.399332][   T38] 
[ 1009.399338][   T38] =============================================
[ 1009.399338][   T38] 
[ 1009.399354][   T38] NMI backtrace for cpu 1
[ 1009.399368][   T38] CPU: 1 UID: 0 PID: 38 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1009.399388][   T38] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1009.399398][   T38] Call Trace:
[ 1009.399406][   T38]  <TASK>
[ 1009.399414][   T38]  dump_stack_lvl+0x189/0x250
[ 1009.399442][   T38]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1009.399465][   T38]  ? __pfx__printk+0x10/0x10
[ 1009.399512][   T38]  nmi_cpu_backtrace+0x39e/0x3d0
[ 1009.399551][   T38]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[ 1009.399578][   T38]  ? __pfx__printk+0x10/0x10
[ 1009.399601][   T38]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 1009.399632][   T38]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[ 1009.399670][   T38]  watchdog+0xf93/0xfe0
[ 1009.399716][   T38]  ? watchdog+0x1de/0xfe0
[ 1009.399756][   T38]  kthread+0x70e/0x8a0
[ 1009.399786][   T38]  ? __pfx_watchdog+0x10/0x10
[ 1009.399805][   T38]  ? __pfx_kthread+0x10/0x10
[ 1009.399837][   T38]  ? __pfx_kthread+0x10/0x10
[ 1009.399861][   T38]  ret_from_fork+0x439/0x7d0
[ 1009.399886][   T38]  ? __pfx_ret_from_fork+0x10/0x10
[ 1009.399913][   T38]  ? __switch_to_asm+0x39/0x70
[ 1009.399929][   T38]  ? __switch_to_asm+0x33/0x70
[ 1009.399944][   T38]  ? __pfx_kthread+0x10/0x10
[ 1009.399969][   T38]  ret_from_fork_asm+0x1a/0x30
[ 1009.400001][   T38]  </TASK>
[ 1009.400022][   T38] Sending NMI from CPU 1 to CPUs 0:
[ 1009.400050][    C0] NMI backtrace for cpu 0
[ 1009.400065][    C0] CPU: 0 UID: 0 PID: 1304 Comm: kworker/u8:9 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1009.400085][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1009.400097][    C0] Workqueue: iou_exit io_ring_exit_work
[ 1009.400115][    C0] RIP: 0010:__lock_acquire+0x332/0xd20
[ 1009.400137][    C0] Code: e5 15 09 d5 09 cd 44 09 f5 41 89 6c c7 20 45 89 44 c7 24 4c 89 7c 24 10 4d 8d 34 c7 81 e5 ff 1f 00 00 48 0f a3 2d be e9 61 11 <73> 10 48 69 c5 c8 00 00 00 48 8d 80 f0 f2 9e 92 eb 40 83 3d 65 79
[ 1009.400153][    C0] RSP: 0018:ffffc900053e7108 EFLAGS: 00000003
[ 1009.400167][    C0] RAX: 000000000000000f RBX: ffffffff8d9a8d80 RCX: 000000000000000b
[ 1009.400180][    C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff8880273d3b80
[ 1009.400192][    C0] RBP: 000000000000000b R08: 0000000000000000 R09: ffffffff8172c165
[ 1009.400203][    C0] R10: ffffc900053e7368 R11: fffff52000a7ce79 R12: 0000000000020000
[ 1009.400217][    C0] R13: 0000000000000000 R14: ffff8880273d4718 R15: ffff8880273d46a0
[ 1009.400230][    C0] FS:  0000000000000000(0000) GS:ffff8881268bc000(0000) knlGS:0000000000000000
[ 1009.400245][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1009.400258][    C0] CR2: 00007fd1b908ffb4 CR3: 0000000038daa000 CR4: 00000000003526f0
[ 1009.400274][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1009.400285][    C0] DR3: 000000000000000e DR6: 00000000ffff0ff0 DR7: 0000000000000400
[ 1009.400297][    C0] Call Trace:
[ 1009.400303][    C0]  <TASK>
[ 1009.400314][    C0]  ? unwind_next_frame+0xa5/0x2390
[ 1009.400336][    C0]  lock_acquire+0x120/0x360
[ 1009.400356][    C0]  ? unwind_next_frame+0xa5/0x2390
[ 1009.400381][    C0]  ? __lock_acquire+0xab9/0xd20
[ 1009.400400][    C0]  ? __unwind_start+0xf8/0x760
[ 1009.400422][    C0]  ? unwind_next_frame+0xa5/0x2390
[ 1009.400443][    C0]  unwind_next_frame+0xc2/0x2390
[ 1009.400464][    C0]  ? unwind_next_frame+0xa5/0x2390
[ 1009.400485][    C0]  ? __lock_acquire+0xab9/0xd20
[ 1009.400508][    C0]  ? get_stack_info_noinstr+0x1b/0x130
[ 1009.400530][    C0]  __unwind_start+0x5b9/0x760
[ 1009.400554][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1009.400572][    C0]  arch_stack_walk+0xe4/0x150
[ 1009.400599][    C0]  ? __unwind_start+0xf8/0x760
[ 1009.400623][    C0]  stack_trace_save+0x9c/0xe0
[ 1009.400640][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[ 1009.400659][    C0]  ? ret_from_fork_asm+0x1a/0x30
[ 1009.400679][    C0]  kasan_save_stack+0x3e/0x60
[ 1009.400720][    C0]  kasan_record_aux_stack+0xbd/0xd0
[ 1009.400736][    C0]  ? __pfx_slab_free_after_rcu_debug+0x10/0x10
[ 1009.400754][    C0]  call_rcu+0x157/0x9c0
[ 1009.400781][    C0]  ? __pfx_call_rcu+0x10/0x10
[ 1009.400800][    C0]  ? __io_req_caches_free+0x8f/0x140
[ 1009.400816][    C0]  kmem_cache_free+0x402/0x510
[ 1009.400840][    C0]  __io_req_caches_free+0x8f/0x140
[ 1009.400857][    C0]  io_req_caches_free+0x21/0x60
[ 1009.400873][    C0]  io_ring_exit_work+0x40d/0x930
[ 1009.400894][    C0]  ? __pfx_io_ring_exit_work+0x10/0x10
[ 1009.400917][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1009.400939][    C0]  ? process_scheduled_works+0x9ef/0x17b0
[ 1009.400959][    C0]  ? process_scheduled_works+0x9ef/0x17b0
[ 1009.400979][    C0]  process_scheduled_works+0xade/0x17b0
[ 1009.401011][    C0]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1009.401038][    C0]  worker_thread+0x8a0/0xda0
[ 1009.401070][    C0]  kthread+0x70e/0x8a0
[ 1009.401093][    C0]  ? __pfx_worker_thread+0x10/0x10
[ 1009.401113][    C0]  ? __pfx_kthread+0x10/0x10
[ 1009.401138][    C0]  ? __pfx_kthread+0x10/0x10
[ 1009.401161][    C0]  ret_from_fork+0x439/0x7d0
[ 1009.401182][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[ 1009.401204][    C0]  ? __switch_to_asm+0x39/0x70
[ 1009.401219][    C0]  ? __switch_to_asm+0x33/0x70
[ 1009.401234][    C0]  ? __pfx_kthread+0x10/0x10
[ 1009.401257][    C0]  ret_from_fork_asm+0x1a/0x30
[ 1009.401279][    C0]  </TASK>
[ 1009.408938][   T38] Kernel panic - not syncing: hung_task: blocked tasks
[ 1009.408959][   T38] CPU: 1 UID: 0 PID: 38 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1009.408980][   T38] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1009.408991][   T38] Call Trace:
[ 1009.408999][   T38]  <TASK>
[ 1009.409007][   T38]  dump_stack_lvl+0x99/0x250
[ 1009.409035][   T38]  ? __asan_memcpy+0x40/0x70
[ 1009.409054][   T38]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1009.409077][   T38]  ? __pfx__printk+0x10/0x10
[ 1009.409108][   T38]  vpanic+0x281/0x750
[ 1009.409133][   T38]  ? __pfx_vpanic+0x10/0x10
[ 1009.409155][   T38]  ? preempt_schedule+0xae/0xc0
[ 1009.409179][   T38]  ? preempt_schedule_common+0x83/0xd0
[ 1009.409207][   T38]  panic+0xb9/0xc0
[ 1009.409228][   T38]  ? __pfx_panic+0x10/0x10
[ 1009.409252][   T38]  ? preempt_schedule_thunk+0x16/0x30
[ 1009.409277][   T38]  ? nmi_trigger_cpumask_backtrace+0x2bb/0x300
[ 1009.409301][   T38]  watchdog+0xfd2/0xfe0
[ 1009.409325][   T38]  ? watchdog+0x1de/0xfe0
[ 1009.409349][   T38]  kthread+0x70e/0x8a0
[ 1009.409374][   T38]  ? __pfx_watchdog+0x10/0x10
[ 1009.409393][   T38]  ? __pfx_kthread+0x10/0x10
[ 1009.409419][   T38]  ? __pfx_kthread+0x10/0x10
[ 1009.409442][   T38]  ret_from_fork+0x439/0x7d0
[ 1009.409465][   T38]  ? __pfx_ret_from_fork+0x10/0x10
[ 1009.409491][   T38]  ? __switch_to_asm+0x39/0x70
[ 1009.409506][   T38]  ? __switch_to_asm+0x33/0x70
[ 1009.409530][   T38]  ? __pfx_kthread+0x10/0x10
[ 1009.409554][   T38]  ret_from_fork_asm+0x1a/0x30
[ 1009.409587][   T38]  </TASK>
[ 1009.409856][   T38] Kernel Offset: disabled