last executing test programs:

29.518588123s ago: executing program 2 (id=890):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x401, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)=0x19)
writev(r0, &(0x7f0000000240)=[{&(0x7f0000002400)='u', 0x1}, {0x0}, {&(0x7f0000000280)}], 0x3)

29.50984985s ago: executing program 2 (id=891):
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="03c900804f68bf2edcb495a098770769edee0f5143b0448577553c5f4826349ba6c1aa4d5cca79350a47924966cf62421e005f73ca6d3c1cee968bba75b03f7b69502345355eb2b091ca65703f737fccc0bbe15018981198d5561638876a65c37085"], 0x84)
r0 = socket$alg(0x26, 0x5, 0x0)
syz_open_dev$usbfs(&(0x7f0000000000), 0x1ff, 0x402)
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e24, @loopback}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='\'\x00\x00\x00\a'], 0x50)
pwrite64(r1, &(0x7f0000000000)='2', 0x1, 0x7)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x4e21, 0x679, @dev={0xfe, 0x80, '\x00', 0x3a}, 0x1}, 0x1c)
r4 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'batadv_slave_0\x00', <r5=>0x0})
socket$nl_route(0x10, 0x3, 0x0)
sendmmsg$inet6(r3, &(0x7f0000003a00)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000001f40)=[@pktinfo={{0x24, 0x29, 0x32, {@dev={0xfe, 0x80, '\x00', 0xe}, r5}}}], 0x28}}], 0x2, 0x20004840)
write$binfmt_misc(r2, &(0x7f0000000000), 0xd)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(twofish)\x00'}, 0x58)
r6 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r4, 0x0, 0x0, 0x8801)
recvmsg(r6, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000700)=""/88, 0x58}, {&(0x7f0000000200)=""/86, 0x56}], 0x2}, 0x0)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000d80), 0xffffffffffffffff)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, 0x0)
sendmsg$NL80211_CMD_SET_KEY(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001180)={&(0x7f0000000400)={0x28, r7, 0x1, 0x70bd24, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_KEY_DEFAULT_MGMT={0x4}, @NL80211_ATTR_KEY_DEFAULT_TYPES={0x8, 0x6e, 0x0, 0x1, [@NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x4002011}, 0x8000)
getsockopt$inet_sctp6_SCTP_RTOINFO(r6, 0x84, 0x0, &(0x7f0000000480)={0x0, 0x80, 0x5, 0x4}, &(0x7f00000004c0)=0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@gettfilter={0x3c, 0x2e, 0x100, 0x70bc25, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0x10, 0xfff1}, {0xa, 0xf}, {0x1, 0xffff}}, [{0x8, 0xb, 0x5}, {0x8, 0xb, 0x9}, {0x8, 0xb, 0xc0e}]}, 0x3c}}, 0x0)
socket$kcm(0x10, 0x2, 0x10)

29.430794148s ago: executing program 2 (id=892):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$FOU_CMD_ADD(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, 0x0, 0x4, 0x70bd29, 0x25dfdbfe, {}, [@FOU_ATTR_PEER_PORT={0x6, 0xa, 0x4e23}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000840}, 0x0)
syz_usb_connect(0x0, 0x371, &(0x7f0000000280)=ANY=[@ANYBLOB="1201000057ec0020c215dcff30bd0102030109025f03019b000000090400000b403b4e000905e2379c"], 0x0)

29.317978862s ago: executing program 2 (id=893):
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
pipe(&(0x7f0000000100)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
mount$fuse(0x0, 0x0, 0x0, 0x100000, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x2, &(0x7f0000000400))
chdir(&(0x7f0000000180)='./file1\x00')
r1 = syz_clone(0x904000, 0x0, 0x5f, 0x0, 0x0, 0x0)
setpgid(r1, 0x0)
r2 = getpgid(r1)
setpgid(0x0, r2)
open(&(0x7f0000000140)='./file0\x00', 0x80, 0x9)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
rename(&(0x7f0000000440)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0x0) (fail_nth: 5)

28.768664614s ago: executing program 2 (id=898):
r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000001018610f4205ae06d6c011703010902240001010000000904690202ff5aa30009050402100000fa000905820240"], 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, 0x0, 0x4008800)
bpf$MAP_LOOKUP_ELEM(0x1, 0x0, 0x0)
syz_usb_control_io$uac2(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000a80)={0x84, &(0x7f0000000600)=ANY=[@ANYBLOB='@\n\r\x00'], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000880)={0x40, 0xf, 0x2, 0x9}, 0x0, 0x0, &(0x7f0000000940)={0x40, 0x19, 0x2, "d900"}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$uac1(r0, &(0x7f0000000480)={0x14, &(0x7f0000000200)={0x40, 0xb, 0x91, {0x91, 0xb, "e1588796c7ea4b106347bfbe15652e0a126518542ad27ca320631537d9eb1aff77f8e226da07127e1c7526dd9f2740fc78b8e62a04ab955de1d8c7950d05f0c0db0ae1e70a7ad82b6782ac20c45b0b47968abc25093721c2027dbd30538787e2d5eadb56ff3952d2e1fe75df7950efac672c3f124293f79f6cc8f2cff59a87ab9667a38f92ae7e8b063cfc6af292e0"}}, &(0x7f0000000380)={0x0, 0x3, 0xf4, @string={0xf4, 0x3, "8e63d4c5b8a51c4693a14868b2f7f2d1907eeb3e1834b7686abee4c81415037a304964ae54d628b5d10f6ec355a564a09c7985c609a9ad0d548f2beb3f7f1972f1117d90ca12b16f1ad3c2c94d8a382c95f161cd1d0c6cdf50403c53883e91123afb8ed944af054bea031faea617c5fad389614ffd068cd6c73254afa99bbe965fd4ddc4fdca262d3a029fa58b4dd84d784fcc5a24ae5a2cacdfd8819b99ec0a447dbec167788153711e5593a5c080c36c855c1c1f924484a8f5c5aa21ba8a02b978a08e04181a7f81a19123ffdd02ef0eec48e0aba54e122940b60ed67d9b3c6cc075b4d59a7f6be882fd4e344575b071bb"}}}, &(0x7f0000000980)={0x44, &(0x7f00000004c0)={0x20, 0x30, 0x30, "c692d4ebd06418f273c59300cd7f47f43df9f64672233b78c50430dc2977daaade68bc9c7b40d75f2d1d9566527614ff"}, &(0x7f0000000500)={0x0, 0xa, 0x1, 0x9}, &(0x7f0000000540)={0x0, 0x8, 0x1, 0x19}, &(0x7f0000000580)={0x20, 0x81, 0x2, "d3d1"}, &(0x7f0000000640)={0x20, 0x82, 0x1, 'c'}, &(0x7f0000000740)={0x20, 0x83, 0x1, 'k'}, &(0x7f0000000780)={0x20, 0x84, 0x2, "98d8"}, &(0x7f00000008c0)={0x20, 0x85, 0x3, "799de5"}})

27.836312584s ago: executing program 2 (id=908):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000040)=<r0=>0x0)
prlimit64(r0, 0xc, &(0x7f0000000140)={0xb, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000007c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_procfs(0x0, 0x0)
r2 = openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
ioctl$IMADDTIMER(r2, 0x80044940, &(0x7f0000000000)=0xf4240)

27.357372154s ago: executing program 32 (id=908):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000040)=<r0=>0x0)
prlimit64(r0, 0xc, &(0x7f0000000140)={0xb, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000007c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_procfs(0x0, 0x0)
r2 = openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
ioctl$IMADDTIMER(r2, 0x80044940, &(0x7f0000000000)=0xf4240)

8.015483724s ago: executing program 4 (id=1029):
r0 = socket(0x200000000000011, 0x2, 0xd)
r1 = openat$kvm(0xffffffffffffff9c, 0x0, 0x80102, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'syz_tun\x00', <r2=>0x0})
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000005"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x25)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000008c0)={{r3}, &(0x7f0000000840), &(0x7f0000000880)=r4}, 0x20)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), r0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000280)={r4, r2, 0x25, 0x0, @val=@tcx={@void, @value=r4}}, 0x1c)
syz_emit_ethernet(0x117, &(0x7f0000000480)=ANY=[], 0x0)
r5 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x9)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000000)={0x9})

7.093856611s ago: executing program 4 (id=1039):
r0 = socket$rds(0x15, 0x5, 0x0)
setsockopt$RDS_CONG_MONITOR(r0, 0x114, 0x6, &(0x7f00000001c0), 0x4)

6.819473119s ago: executing program 4 (id=1040):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000002c0)=0x1, 0x4)
setsockopt(r0, 0x1, 0x10000000000009, &(0x7f0000000100)="0100ddff", 0x507b420f2d51f971)
ioctl$EVIOCSMASK(0xffffffffffffffff, 0x40104593, &(0x7f0000000140)={0x0, 0x1f00, 0x0})
r1 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x9, 0x101000)
ioctl$MON_IOCX_GETX(0xffffffffffffffff, 0x4018920a, &(0x7f00000002c0)={0x0, 0x0})
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty, 0x204}, 0x1c)
setsockopt(r0, 0x1, 0x9, &(0x7f0000000040), 0x29)
r2 = openat$binfmt_register(0xffffff9c, &(0x7f00000001c0), 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x1, 0x4, &(0x7f0000000900)=ANY=[@ANYRES8=r1], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x94)
r3 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x0, 0x7d, 0x1ff, 0x1, 0x1}, 0x1c)
recvmmsg$unix(r3, &(0x7f0000003300)=[{{0x0, 0x0, &(0x7f0000002700)=[{&(0x7f00000001c0)=""/57, 0x39}], 0x1}}], 0x1, 0x400000a0, 0x0)
sendmsg$TIPC_CMD_GET_NODES(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x801}, 0x4010)
syz_emit_ethernet(0x52, &(0x7f0000000400)=ANY=[@ANYBLOB="aaaaaaaaaaaadf000040000008004c0000440000000000069078ac1e0001ac1414118903cf4410050300000000000000050000000086060000000100000000000000", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5020010090780000c4ef4610c77be380bd0d5eedfc81f2d7b6da7e250239cdb6bd3df12c8eb749d4e226f49448dcc03c610d58d4a4631a5510714f3dc0ae05e395bdf1c347411e48b3237da86e8f23412b79d6b944d2133acec17cabdfe9dec702f31af42176d8bef4606cdbd600f56292ffae33c8e0cc56860ce727024f"], 0x0)
r4 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000100), 0x6ad01, 0x0)
writev(r4, &(0x7f0000000040), 0x1)
sendmmsg(r3, &(0x7f0000002140)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000500)=@nfc_llcp={0x27, 0x0, 0x1, 0x0, 0x96, 0x81, "2cc45ca30151ed9fe8c74876680a06d87a3bde4c8f0d9a02de75d223f9c41fdaa894c28fbf00f43be70e78122dbb46696b11dd8408ed16f8ce75c1c11a3a69", 0x3d}, 0x80, &(0x7f00000007c0)=[{&(0x7f0000000580)="fb1fdcda8bc8ac286a18ba7ce0e5a98d36f90255708bfd92bc2683ea11c3a71a79e54ede80c267bc977d4b550eb52646e4bff1503d0938d16d46a2779e757ac55d3a04e3d533ce0e53ea2d438acdf39145c2f305e6b0c73f624b087ba8bf", 0x5e}, {&(0x7f0000000600)="f4578279487fb0e957ca18fa4f175b6101aae7e3a9c885053a55a622df67c40408e5cf2192b410216e61b6fb6ce7ce724294cc0a87466557b5371c7343f226d4cb7928a5565098376371a9fbc9fae0f0e9a1520d9b98c864acbcc73417", 0x5d}, {&(0x7f0000000680)="1f524015eefc82413e01bd20b44288644190eb17580e79a0804f5ad1a0ec8d3a84c844deac730fa5ad0a9244c2", 0x2d}, {&(0x7f00000006c0)="b516887a83390ea6dc34164c4baec9b113497fe768f2b2a83910af494df7aa3e968b10fd1ed24e8c88012dbd08ce1bcd87f76acc00112870b8a2255eb753f6a90fee1f07c4b6836e3c162f25d1286d291e29ae99cdf277becf3c932e54e6f1b8503f723849a5ac73f324f232d0debb0c2942b113449ec3c05422be5627e46a862baa15bf6a740d68332bac3eefe36038213d0cf53b7d6de820906517721d28720aec7a8d1355fb523fb714d97814555d9584c045e0418a376aef05ddf0eed10fb2927c1cc04a710f1021650a67a4d1e1e64b3352bbce61a8310242d41c3ea3d76b51f4f27c76bf4da3779cef2534dcb45389", 0xf2}], 0x4, &(0x7f0000000940)=ANY=[@ANYBLOB="38000000000000001801000006000000d6538620deac9b152041a7d296f66dda6ecb7b4f648602375c3fbdd018e352411b00000000000000b8000000000000000201000008000000902cc7e0ed619ffe8f90d12864f38934d7c981b2ef795930e549be708535e5a4e69243a892d3b505dded76fe13573b76fab2e210952aca3be57110c42d6f05d8dc5d14b50f7eb23d10d75aea443e3482fe415e50d4092ad727270b8bb3883a626536c72029727b152e0debb38b972edb91377a6276edc1ae5b21a8e5808341e2cd0a5a17519b6a700d1fa4d540e698c5463d4cc667340cc49b7134c8d9291bb422c300000000000010100000000000000101000007000000fdd724223be043acbc3a7387a68d972eae5a7308d6f3a61f491f932676179d8ece3f88da5db2dfec507b2c762e44d37891eba29c91d65ec3101e88eafd4e67e31806f2e7ba6a7f606ec9826440c64d320553f9adba0b29a24531865f5a540be2ab815b808f15674ba832404c729e357e33f6384c1ecabc36c878f4dd6af4f09aa59b813053b04356f112bb1df78f96af0fc3a0896ea5f1789ca527e80e34fe98c65b2d0da6f82b9cac794bb34e3847128d6a9debd6f4ea6d3ef411ef8daa9548a1e2ad0b8bd260e649d80c4808a6cbbaef1fc582c183f0cba1e9260a5407959b0972b612c08817835902aeaf0ed1e0f8f8ff3dbfaab1c477717df37739a8d967f486680b9883fb271097c36a5a8829f32b63ef973f63524d9837c886dca1dfd7e5c333ec1d2c513ca309657368004f077ed41d79c92fc2927fcd98ecc1a054e499f7f60a4162b7450f447044b85ef799e55bda0e265d42ebb163bcffdb0013f0aaa1431ee296bf7c2be46038a533ec2ef742ece78cb0ecbbd2c910ede787bf7626068c2eb9f93887b117dc7ae0a1502f5875b4648294cbcdc36856fe29eb942c88073b234dcf5a36e7a2f2035370902522a6febe3a6dd818fe4c78da432061ab06169e74b557a7dae79825f7384c1b1a7d8687949ece7af3bafedde9357ea4df122b95c035a49485f56c240c7c64ccc30b0f4a9270d43e26010c40bf8668bb25372c823b01080299819c551a9e45348df02fe8cd4160a3249a8badf278453bb58a593e81cebac6c93b5ae624a885875f5a27a501f67743a2d80e7972930cd690ee169a63b716f52ac78c91335df6692d0db5ac18cd473443133e218b858cfaf5710a7d16ef690aff2624ea628c722ec24b1daa1a1189b6099bbe0bd75042c2bb6d801d499a6c9d3d37fe3f3f32bbff5162c8a21e0518bd48a63a02dac9488569364a5d6ecf02f5399646cd96c5761e9a8081b5f52f7671a0676d014c575f523ba77e268ed3a1b8814a3e98ea78789f94a23f63bd3e718e6f52db7690eb28e6c0b6ffb7db44e2246c05751cd578cb2eb4a2b2b40465271c302b1d5532407bfd931f391cf18b9b70eba04cbf8ef8cd7b488fd4185930eb75418e928be3c5338dd5709d3b73a0a146ecfca6d3b59843002bd450dc0005be8568b262643a2c3e2191d2103966890dfb9da587bd88437405cf8f2cd644157b8d67a7ba03cbdc365d5eb375c0449cc86f44dad6a97b13ae7f265860a1bc7a42b7a336eeabc6046b4914857e09c74662c55a12003273d79f49408f8bf9e7785cfe1d0acfea01df869f994858d2e480bc5dcc8c167eba39c1e16ac4115983cc11eda79c5245a897d967c83bc39f978ceff29d84c8a6a67e9365b23fc05c8b4a5b2c807138efc59a2f6d1cb677f93f872f5656323b573e366a63396f0fafe8d55b7446c00df8b7bcded601d4c05d04d31d21a9a3d1a120391ef7575e64b46e37182702af5979825f2e49ceb0d7c65ddab38ac42fe04e0b5cf731d9421b9401ebda8f09343d2212566a1012a599447bd4d76ee19ff8012ca01da3a93ac833fdaae54643f1ff993cfb1167d74c17140e03fcd5a11010c44d8d9c4202a43fec09d087c821c14f630a8087e27076400bf2fd1c12534c8bcba43b2b7fff3f8a059e688c73c680ae30385729eeb0fd6e86c5a99c0248f749b3ac4ef471a02cb5ff700bada2034733b65275412748edd71013cc87b5d11ac59bb2e6e6ddb12043f88e5c909ff6e943fffcca9cdd001fdcfd93898a9b5e3c7189518e3d4d733574bf9f7a89091f9eb7a58d8994d9333c6549462ea2f239bddfa7783871d405784560c571d56a7908f50d489e60accaf817e5ffadd0029f7b4eee1bc1c2eb88403f471938504475ed16a1040b13d275bb66889a7708af08d563f1c5c50b6e7639c1c970992a0aae5d9c8b2165bc0e2e45abb3d34a69743e116c482811146a98c2c258a2a18fdf9bd59ee634ebc80fe3a3eb2ce9b0a33d6064c27a385b5d98e72ffca8be5462573e916d1c9db57491090d3a27ab252614b73a857dbf642d6e042c8bd52e80ad67df7f55a767220f380d689cfada47b529b5b2c65a0fb317fea18aa47a4701784eba3d64da2131efad2314e69e0a8f8f04779632838e87c384565c1dfa0763748c7ae4db0ad1aa6122ce3092414cb6f84442e18022699fe217a545290de699744a891324a7e33cd80860f46be3e58e187cebbd963f8cdc0413eb8b55a2305bda5174d76b14884b2fdfa2ff397fce498ea776b14455d86f6f4d42856a4e5df5eb4e7015cd1aada39c0d423697c59d8ebad3ad80febcc53f5c136d92fa1aeaec716c23988aefa7575be21b70891f32562b530f7b23aa422c1da252fe38ec18c33fad719e87d4d1a26b6f3d8073777d96c343f637939abdbb581eccd14038d1916c6a06b6d3c279d1cc04ba1b419ad82b564e78ef43a334036411dc4c55a6ca620fd7ea0516d1daa7958775e29697786314cb9a450908154db1efedad1a84069602558426c66bdab8757482c4e3e3a4a365bc83c4988858c51b014f842f024cfa58fc8b7697d297aac62b057c553dd96d4e46654faed78dc9198a28a4ecf940752e0e652ebc930928b90432c888e92bbaf6388de561bda2c698a21416bfd9f95852ae462d56d2de6c48a28aa8cfb17dffe8250b4fbc46521f77a18588975d3772f833dba38d465b25ec270c8478f9c8bbef11e87286a6b06a42e3225bb7a258839aa140251d28b556ff935db886d26320724782d48f4c9add11e2a9ff4ae410a7a172a093c3b4ff7ac98664788514823b05ab7b73fefcd38d3c64c77d74e43b680af12316d6778efd1347b5c7793e566e9f703cad804e2c373f7db7718b54ecdabb535d0762a6bd8adebbfd28d5c5aa2dabb98f0aa486cf08277aa10d991163510b453bd96bffaa68fe2969eb7e0a4902230eae52d0a785afa968b5a9f79c3e51bb0883ca29d0097d773d9e0e42f788cf79a6a598b24b1acdad0f614fc3904ca046711d69f0326704e867d2a6570c8ff19c958fc64fbf71c184eee7b3b5b54af14a723830f7a0822b27d896f06c7ceb50eee4f072e319225f38d8b26227a855a20c63e953860ff2e04ae5e35cda86ebe72a1153857af69724a44218c807e3c84f6fe25d50ee3df036ea541840c5e772ca7a4ef29f4f88f45c8e36195e927000f4a829430662a6532f7058d5509da73b67bc1a6d47c118a4ab9f6546eeb49102961b100ec38152f098a77dfd2be808ebaf1eb18af1a1206116a8aa8d3e60a7561697b16f63cc1d579c0ce296e2a7723cb9a083347e7c9f030f79db75bf92496c59d90e13c424ab4e1b371e4a4b416f00531d554e8cd33e1dba6d64ebb893498e8b24fecc6c038d0490422fd444326834b25cca35b5f148f8830537eb02a9a406e7ee280c2799e76a38ec896b3df08f229937b0c1e70884699cb5507c83eaacf11a5e5412ad05ed42dc646aa03b4b53634bda99494a1028d58b825ffca335d3de3e96703ea9585863e0c62eeae77985e3b1757b321996415c68d870ddaf9dfd5a6bfe56f27fe5abb2e0849abb91585b2bf005909bc9ac1211961293b38df3f62bd509fd3f8a6f766fa33efd1eccc017b174dd9ee59e101c2f017a507c480ff9b08c21bf444da5a19a2b9d0d221252e3e35cc112246e5fa0ab9401d35f0bc6e3db47aac49a0bf60b9d16572fa2effde8b80bca15bb931250e28d98ee8fd5a02d49bba67b5db13391c9fb766a8cc07d3d763944b40871f2d3952b0ae33c6d5696ba3ff797a3a0b59cb1f7ac6f236a0cf2a62af69c7bddce1e9613a0a13362da2fe1dea2bb7aebb81102e0d9535fbe7a727b6bc004ecc5f81fbaefebc5ba64cb97f3aabcf802397c782cbdf2550653afc5c57bd426378d69ca1ae7cfaee2a09cc4762e23adab29ba196d84406e60492b894d484feec9d599080be6b836fce23aadfd3853eee422d89ff35b7bf6ef8d13dfdd55e65c83ba81079a14e557c626b0896621573aeed4db005219569290412f81c32bdb145e94d59afe2862b76bb58253d78b8504188715b3d01becd623fdb2014b9761170b5b249ab73d7c9d1d5780ff7fd41cd8d93de503e8890b961978de8bdd676d316cffd195a772a604a8ec68d4530debb417d58e4a6fa10da0c6e4e093505ac32c162040b8ab2ad2222eb5b4794c803909619f881c3acd32eaed74d2db83ff34f0484d29d5cc7045c40cf30808fe9f698d70f052fcaffd1fc00aedccff494f74f1adf48275fb32f5de58aff8b6acb3a3e14dd075d40306713aebd230bf5daedee495b3ae23b522d5bdf24af51da4ac9d629ccfc2dbe46f50597148369df8d8d29d39f54bae2a75ba78992560f11e73c62506db13e4e86142cf3f3fab943adb9c8954851538682a8933422e3e89edc282cd944340837b82c31d48c410ae43dc1c21cec5992649e2ae9f6317f3ded75494a1a27bd1933df63a9a6ade6e32745c720177e959150562da87de28718f17ff27b17e12a06bc1447fc916fbcf4b301520102376763ade70756dab8cc7bbdbfa1f5d370c2bddcf035a75112c9e6c851696f59d74ef6aaad2bcc1c08ea21b96297a91a27cdff3d142dad1858a307e42435472fe63c3e728bae15b2d6183863f40e718916390336ca7a2184865a19fe1a3501ebe1cef0ce8a3a8a49dc602119eff6a59cf4dc5b0048f76357c6cbd718965b0892794ef7dcbd0350abd3ddf2948b5d0d5d7b66d786c1ccbc0cb49ea266df39afdb36fa62dcbb70f2470dc0322c25d8948b20e9f82bda999ea7c6eb88bd23cb14ba32d4c4b6934b8c00083720ee697cb0043a7648c81c5d99e2d76f6d134beb1175b23836ca7234d00c01b68d553cb9761d553eaac2e5bf56bc90eaa35bbf213854654ac9e9423fbeb7f994fa6d6b619399738294656ca47986a5e8e12523d122bb95ba7e21b4ca177cc912b1d41a1ee6f328377d8f4b569d53a9f197f83045ae69074118665784683bdee5e848c2df86b488dad3389355aa7400ef4d3e1026cfd39d11c3c5e3ec9d0cefddeed1f1aacb1bd463929d91a8e96196fa18511d2f0b2a7f9239120495482288475bc11f2f2217979919f7bea9040f78a3d2979bda67ec95a2b68aa61fa2370c40097d910d4e7ce2844a9333df2fbf7a09b60d1a1421ffb603254a592678b35728c5d376f9e4d1b660931bbba8e2a0837216ae6b93504f58f558f023c3d72c38d681445fae3b7f36e086bceeaf38c406cb0a2b1f055ece7eb8b53d6b88e389a089797f73dc0a7c986d82820574144af90479283f2d8e8ff315e7329056aaab05e3c6667e7deb5a78aefe5d856e60b563bc3a07ab4a366598c987d3bce3d47feab2e317eaab6d9f831dfd2cbe5425d7e8d398f99ac3d1b4bbfc88ba4fea3063407cacfce0060a40a65afec3fb8b4dafc6c6a6304b60f4a26adb1e4fc96dc4f24bb8b38af8b63922e86ecf4d4fb1bda0d5903b7ff6565f1843d61ba595c46bea17b107c6a60d638e15a8e98104c7a43881163e13a292f9204bd342c4ddce18fc1f9b239603bfb116dc11137e41bc8e3f7f2e315c2e8f9c5e10ae3d401f1c44b67e761691fb78e0dbb6207c1abcefd09bcaeb3d508dff896279a9bd422dd0e6368448e73003b3807fb866e49fc6fa20ba652946ad4a88963d415d1425cd91742c8229e2e2a4ff31c8f64bee03803a39721a62f702418fe3ad92af797082657a727be10176c121679b94338c7d9303a0755a9e1e9239130fc2ea5d074f5c7d0c1f7cd341046b3e6d5540b061e550000000030000000000000000a010000f7ffffffffb248ca38e030806c288aab05f32542cd9e85a699656b16ee0000000000000020000000000000000100000007000000526d1b7ed8c86cdd8fe5f7d0ae000000a8000000000000000e010000040000004ef17fd65e0f0afd97ecd7d91d494167ff83fce7dbedd93de70e46dc72fbfe627fc30c50eea20b90523181389ef0686daff408b409733f73a95fbe9231bcd6a411da27c6355767e6cbb123a6f16dcdbc458de6dcc7c7bf6b44cf1114d9050304a55f14425a34682edb13db64fbd77d33b0ccd973f6a4c9dd468dfcea031f79ea8c85e76054e8abe5f3c01d757567258abb746b08cf000000"], 0x11f8}}, {{&(0x7f0000001b40)=@phonet={0x23, 0x74, 0x4, 0xfa}, 0x80, &(0x7f0000001dc0)=[{&(0x7f0000001bc0)="10ed41d927e439f98306cdf1cb370c80523f60b8031e9be606b37e3024c096476ba1288104eb96d3a4ee9720211eec86bb30c90460a9597fcf651bc075d7ad6ac21c6fb8b9f2e46b26e613d837af78fc6601fb763c2312b26d46bd16e993ba388d97651df2df7a6974b9e9d6a58bb419b6abca04390b31019a8a21e3a4232b96b68a9a2e4f6fe31d29f885262d9c12ac4a6b24ae5a6da58eb0a02e03bb0551d238e6217b3bfdfe17b2f57edbfe9dea7a7f319d7fb7166fcb84f49891abf3a49bffb63e059b1054c8f57965c02fa448f2ca614872", 0xd4}, {&(0x7f0000001cc0)="d8afadb2487ec1366b07da53ac3c766d0f4bb2a69f8f1a7f3215d960c353649ef78c44b5b8a38f5f1bdba24a61fd3fc9fa84d38e937f2273", 0x38}, {&(0x7f0000001d00)="571582b0470e0f55492acae379d5a2f06d8b08f63a2b4ac493b733c857b8ee9b124d9903256ffd9b85a04778c61445cc473516762212c2072df4f1afde0213a406934ae9ef1210f65a09a008716fca9b11412a22f867be7465130281a01ffba7b571fe1ef97a1bbc8422b7d60b21424056d0f75f4efe9f2031bb49103a1ad4f199d739c164ea5d364bf341ab75da1827fb0aa52a1c24bf228b1eb7c08b1e6886d8a05299", 0xa4}], 0x3, &(0x7f0000002740)=[{0xd8, 0x102, 0xc89a, "680000da44ff2b1c6cfddc6a924e42afc25c6316cdfeb0581f2ff8245e820c5266589a3d31425316b89686a6943b4a7bb87306c1af1af8d7355fe853905978560700000064bea5beb3e6888a99c27694f31a06a304679cc7785a5e237e8d1439ca2a7fb4c937901de70baf67ba177a5438dd3efa241518fc35cd1a35bb8d33625ace9e8de935195cdb4fac77f7829980a1e7d30ddd9983f4324b1f490d0a13f3ac231a5c74df408bf552260d5180b7e6e7cc79ac8d2476062889ade21e3bcb519f24400b68"}, {0x90, 0x0, 0x9, "794a5689b25f5847abe6f8cd95b06079565027be46784b580d71dbb07e0c1019b57b7372ced4f61764c94580874dee5b66469f1a2b5e62d014c7cd7c95622081015fa3587431285fe76af77af9f143d6713188785511ec56e24514ce02f2bf2f7655eb5cdfe5103e85b02da92f7c42a90f7e5569f5cd509360079bfa0fd9eb"}, {0x28, 0x108, 0x6, "ac5c5b83eff0547d2d7783e37219dee72640ad89c3ae2a"}, {0xa8, 0x10f, 0x3ff, "c80cc12429b95c94f29d69b2dda540a4f05f54b3e4acd83fde1d64bbe1a693f67afc3743a953c91d2c8ad0710f82a2baa7dbdc149e372db8dd8a6b7c3875b172f819b6cea4ca80cd0381c2ff2088e06a359dd6ac83eea598949ed32b4fa7029ab4a52d99adc8ba39a6dc58dc6ed8830b7adf1c8427b0becd4cf719795bc9762c83b6f33194f078718980ca74f2626730fb067e8cdb1d5d0f"}, {0xd0, 0x20f, 0x9, "9e9e61074a390acd13dcb3cb586c2a98b7dd14cbacdb4555a26d63e2f4608112064b0497fa16eb7b36078b8fbf10f85ce6ec96ced06baa93486900debf92f2c76208b209b9822cb41cb65b0b9af153c2adf4d7512a50b6a7d471c2bc8203ef39ee53241d06b8a29398405c2d9c63a12591afd35672f98da13dd6f43db92f3c802b7aaf8b132a7276ed56c85a251f9bfed0903af75291f3c16b3fa2e97a471e3d4721d85eec8b78dd2d7c7a4df49633be04e799b83cb48996c670e78a1e2304"}, {0xe0, 0x102, 0x8000, "dadaf10c19a5981289014bec3dcbd2e78a847a9fc9adcaa87e4e5bdc86332642b06157f01c55d9d0dda915161493a9dd26225879b1567518e4a3f0cd3ea8dc70e44b3a9c5ccc0f7a1185574923828e4f25992d6242fc80239553f9c9a0bce90d7d0e52c35126cd18802c5d366c7d96aae303f138584350e410c8c1ae81047af27833d17e48aaa81c800cac415b2a72a1b8ea800291475e218081a79360b752c62cb24f54829af6ee1f2de0a44821e83772a124bbfa3c3e0c2ed961e9e21e6b4d78202b491a6852ba5c14d7d89c"}], 0x3e8}}], 0x3, 0x9200000000000000)
sendmmsg$unix(r3, &(0x7f00000056c0)=[{{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000200)="d6a81c610bc0", 0x6}], 0x1, 0x0, 0x0, 0x44811}}], 0x1, 0x48000)
write$binfmt_register(r2, &(0x7f0000000080)={0x3a, 'syz0', 0x3a, 'E', 0x3a, 0x1, 0x3a, '{', 0x3a, '', 0x3a, './file0', 0x3a, [0x46, 0x4f]}, 0x2a)
r5 = openat$sw_sync_info(0xffffffffffffff9c, &(0x7f0000000340), 0x111844, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000020303000000000000000000000100000800010001"], 0x1c}}, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_inet_SIOCSIFPFLAGS(r7, 0x8934, &(0x7f0000000040)={'wlan0\x00', 0x8})
ioctl(r7, 0x8b21, &(0x7f0000000040))
sendmsg$NFQNL_MSG_VERDICT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB="1c0000000300034000009000"], 0x1c}}, 0x4040)
ioctl$SNDCTL_TMR_SELECT(r5, 0x40045408)

5.461000816s ago: executing program 0 (id=1045):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
connect$packet(r0, &(0x7f0000000200)={0x1f, 0xf8, 0x0, 0x1, 0x7f, 0x6, @random="1f4c1347fef1"}, 0x14)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$wireguard(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000007c0)={0x158, r2, 0x1, 0x0, 0x25dfdbfe, {}, [@WGDEVICE_A_PEERS={0x10c, 0x8, 0x0, 0x1, [{0x28, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24, 0x1, @a_g}]}, {0xe0, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24, 0x1, @c_g}, @WGPEER_A_ALLOWEDIPS={0xb8, 0x9, 0x0, 0x1, [{0x1c, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @empty}, {0x5, 0x3, 0x2}}]}, {0x1c, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5, 0x3, 0x3}}]}, {0x28, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5}}]}, {0x28, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, {0x5, 0x3, 0x3}}]}, {0x28, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @mcast1}, {0x5, 0x3, 0x2}}]}, {0x4}]}]}]}, @WGDEVICE_A_PRIVATE_KEY={0x24, 0x3, @b}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg0\x00'}]}, 0x158}, 0x1, 0x0, 0x0, 0x4004840}, 0x40000)
syz_open_dev$sndctrl(&(0x7f0000000000), 0x84, 0x0)
r3 = landlock_create_ruleset(&(0x7f0000000040)={0x0, 0x3}, 0x10, 0x0)
landlock_restrict_self(r3, 0x8)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x20c03, 0x0)
sendmsg$nl_xfrm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000800)=ANY=[@ANYBLOB="b8000000190001000000000000000000e00000020000000000000000000000000000000000000000000000000000000000000000000000000a0000008700", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000d9f6000000000000000000000000000000000200000000000000000000000000000000000000000000000500000000000000fbffffffffffffff000000000000000000000000000040000000000000000002000000000000000002"], 0xb8}, 0x1, 0x0, 0x0, 0x4000015}, 0x2c000010)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="c4000000190001000000000000004000e00000020000000000000000000000000000000000000000000000000000000000000000000000000a00000087000000", @ANYRES32=0x0, @ANYRES8], 0xc4}, 0x1, 0x0, 0x0, 0x40101}, 0x28048890)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$RTC_IRQP_SET(0xffffffffffffffff, 0x4008700c, 0x1039)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x5, 0x60, 0x43, 0x1}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0x15, &(0x7f0000000340)={r6, 0xe0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x13, 0x8, 0x0, 0x0}}, 0x10)

4.902616651s ago: executing program 3 (id=1048):
socket$nl_route(0x10, 0x3, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
r1 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r1, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0x2}}, 0x10)
r2 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r2, &(0x7f00000000c0)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
bind$tipc(r1, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42, 0x20000003}}}, 0x10)
bind$tipc(r2, &(0x7f0000000440)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x2, 0x3}}, 0x10)
bind$tipc(r1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
openat$fuse(0xffffff9c, &(0x7f0000000180), 0x2, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
shutdown(0xffffffffffffffff, 0x1)
r5 = fsopen(0x0, 0x0)
fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0)
r6 = gettid()
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000800)=@can_newroute={0x14, 0x18, 0x1, 0x70bd29, 0x25dfdbfd, {0x1d, 0x1, 0x4}}, 0x14}}, 0x4c0c8)
tkill(r6, 0xb)
r7 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_RESIZEX(r7, 0x560a, &(0x7f00000006c0)={0x4, 0x0, 0x0, 0x0, 0x132, 0x3})

4.544915315s ago: executing program 4 (id=1049):
syz_open_dev$tty1(0xc, 0x4, 0x1)
r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040), 0x403, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000000080)={{0x8, 0x5}, 'port0\x00', 0x41, 0x100000, 0x10, 0x0, 0x3, 0x8f, 0x4, 0x0, 0x1, 0x81})
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xf, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {}, [], {{0x7, 0x1, 0xb, 0x8}, {0x5, 0x0, 0xb, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000680)={r2, 0x71, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000001200)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9f, 0x0, 0x16, 0x0, 0x0, 0x0, 0x0, 0x13, 0x8, 0x10, 0x0}}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
unshare(0x20040600)
pselect6(0x40, &(0x7f0000000100)={0x0, 0x0, 0x2, 0x0, 0x800, 0x4000000000000000, 0x100000}, 0x0, &(0x7f0000000240)={0x1f, 0x2, 0xfdff, 0x3, 0x4, 0x80000000000000, 0x6a9}, &(0x7f00000000c0)={0x0, 0x3938700}, 0x0)

4.454516956s ago: executing program 1 (id=1050):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x13, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="b40200000005000061114c0000000000850000001c0000009500000000000000"], &(0x7f0000000380)='GPL\x00', 0x9, 0xc3, &(0x7f00000003c0)=""/195, 0x41000, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000100), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x13, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="b40200000005000061114c0000000000850000001c0000009500000000000000"], &(0x7f0000000380)='GPL\x00', 0x9, 0xc3, &(0x7f00000003c0)=""/195, 0x41000, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000100), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94) (async)

4.454208784s ago: executing program 0 (id=1051):
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f00000000c0)={'8255\x00', [0x4f2a, 0x80002002, 0x10003, 0x8, 0x102f, 0xcc7, 0x0, 0x569b, 0x8, 0x406, 0x5, 0xfffffffd, 0x45, 0x800004f, 0x206, 0xfe, 0x0, 0x1a449, 0x9, 0x40000003, 0x8b, 0xcae4, 0x0, 0x20001e58, 0x8, 0xc69, 0x40, 0x6, 0x4088, 0x0, 0x9]})

3.774432125s ago: executing program 1 (id=1052):
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000040)="e1b1f2eebfdfc0ea87789d76c4caddf3", 0x10}], 0x1}, 0x44000)

3.740295642s ago: executing program 0 (id=1053):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = syz_clone(0x8810900, &(0x7f0000000180)="04c69cb485edd82173364d958b3740cdfa7500a49dea79819f581268929e072121af95d021dbeaba67a296a07edf56bb396f393d461d52c8efc6bb4e79f370c6c8c5ec527b92f511b0adc1da34f87c", 0x4f, &(0x7f0000000240), 0x0, &(0x7f0000000300)="64440c627fd9cee561bd620d88ee5b489639f0696c171cd79cdf64ec8a3565dade6e830428a42410fedcf0dc651714b5638646dafc193b6f147290ac325dbf616294f1c9be18f6801e86c8140654f1fb5073d0648b")
r2 = getpgrp(0x0)
syz_pidfd_open(r2, 0x0)
rt_tgsigqueueinfo(r1, r2, 0x2f, &(0x7f00000003c0)={0x3e, 0x80, 0x6})
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x29, 0x6, 0x0, 0x0)
r6 = memfd_create(&(0x7f0000000b40)='Y\xff\xff\x00\x00\x00\x00\x00K\xb2\x02\x80B\xe9\xe8\xcc\xde\x06\x00l\xa8\x1aJ\xaf\xb2M\xba\xb8_\x05U\xcd<|>\x9e\xec^\x0e\xbe\x18+-\x9b\x893\x02\x00\xa6\x1f+\xb3\xc5\x90z5\xe0\xdfi\xb7\x9f\xb4QW\xc9\xc9\x92\x03\t\x00\x00\x00\x00\x00\xb2\x0f\xee\xbe\f8\xcc\x7f\x00\x00\x00Z\x81\x00\x00\x00\x00\x18I\x13\xf1\xa2x\x04\x81R\xd45R\xae\x84\xcdN\xf7\xf6\b~\xed_M^dQ:\xbc\xafq\x88\x19nSF|;]\xe1A\x8c\x8a\x98\xd7|\xadNaC\xa6\xf9\xa7>c\x84\xd8\xfa\xf1\r\xb1\xfd\xbf!\xc7u\xccP\xdd\x13~\x89\xcf\x85\xca\xa0%\xc6\xc7\x11\x00\x00\x00\x00\x00\x00\x00?M9\\\av~\'\xd9\xb0\xacdya]8\x9d\xb7\v\xf39\xc5{\x9c!\x0f/\xb8g8\xb9\x8d\x19\xe2\xca\x01y\x83\xe7\ng\x87\xd93<u\xbe\xeag\xd2\x04e\xf2s\xde}o#\x90\xda\x9cs,r\xfd:\xcb\xc7\vTmPZH\xac\x8b\xd0\xc0\xbcRK\xcb\x1e8\xce\xbd[N\xb0\xb4<\xeb\x86[\xec\x8f\x14\xea\x82\x9e&\\\xb7!\xed\xa0\xc3,\x90m\x0f\x00\x00\x00\x00\x00\x00\xff\xd0\xb3\x94\x00\x00\x00\x00\x00\x00\x00\x9dH\xf8\xffRo\xa3W\xe1\x0f\x8eS\xaeX\x93\x7f\xd3\xb9a\xe4\xe0\xbd\xd9\xf5\xe4e\xf9\xcam\xe3\x03\xe4\xad\xd5&A\x02\xc8\xa9\xfe\xcb\x87\xd9\xd3\x84\f\xc08T~\xc4\xbd\x90?\x1f\x9c\x9b0\x19 \x9f\xd1p`\xc0/\x00u\x19\x1d\xac\xe8%\xb7\t\x9f4\xbb\x89\xe9\xc1\x81\xb0\xd6\xf7\x05\x16\xb9\xe9\xdc~\xd3-s\xe6;\x94\x1c^\x06\xdav;\xccD\x95sj\xe0\xd5\xbeS\xac\xe5N\xea\x9eyl[[\xce5\xee\x05\x9c\x96\x87\x9dp\xea?/\xcb\x9a\xaa5\'Q\fuG\x81\x8a@\x97M=v\xfe\a\xabp\xf3\x93\x9d\x7f@9\xc0\xd2\xf1#\xe7N\x89\xf8\xe8+\xa1\x82\x13\xb2\xa9\xef\xa5\xf8\x8b \x00\x9ev\x92\x0e\xd1\x1f\x17Dx[\xad\xb0\x9d/\x96\xe42mO\x9fh\xea\xf3\x14\xcd\x96\x89_)2\xe2\xd6\x81\x00b\xaf;\x92T\xafz\x94\x9fG\xfb\xfd|&k\x03\xd7;\x9ay\xee\xf9W?\xb3\xf9\xf8I.E4\xc3eWq\xfa\":$\xd0\x17Q\x94\xf5\xe5mk\x8e&\xf1;#z\xef*\xce\x99\x04\xb9\x90\xbc\xc9#-\x8di\xae\xc5\xdf\x13\xd2K\x8b\xf5\f\xb2x\xdd\xd5\xb4\xa9^~O<\x12\xe3\xc2Ru2Ht\re\xa1\xf6\xbd\xaa\xb0\x83}i\xc3P|7\xc4\xc8\xb1r0Z\x98\x87^\xc8C\x1b\x96\xb4lsyF\xc5\xbc\xffOE\xe9\xd70\xe7\xfep\x83\xa7\xa1\xd9\xe4\xba\x92\x17\xbf\xe0\xe1\x01\xb7\x8b\x18j\x19n\xc8\xff\xe9\xf4\xf4\xcf a\xd7_w\x0f\x9dF\xae\xccA-/\x83\xabU\xd5\xbf\xa4O\xb4\xed\xc8\xccH\xd1=\x81\x00\x00\x00\xc7;Lb\xce\x1a\xcc\x98\xe8\xe9e\xe0\xc2N\xe7\xd7\x1d\x92\x87F8\x9e\xd6\xdd\xdaW\xf5X\x80\xa0f\xceo\xd8\x7f\xc0\x96\bSB\xce&\x04$\xc3\xe31U\x84\x82\xf0{i\x1d\x02\x10\x86C\x01^\xcf\x93?w\x01\x84\xa0\xd6\xa2\x10\xa4\xfcG\xabD\xd6dGZ\xb2Cx\x1b\xfdD9\x17U\xf0\x16K\xf9&@\xb1[\xe2j$F1n@\xde\n%t.[\xad\xb5\f<o\xdb\xa4\x90\xc4\xd0I\xa6\x96\xa1\x00\xbb\xdd\x94\x00t/1YekG\x7f\xbdrI\x1e\x8a4=\xa2\xe9\x82<\x9e|\xf5#\x7f\xa8\x1f\x14\x82ih\xf9?\x03Q\xf5\xc4\x95\x99 \xa7v~:$\x02O\xe3\xaa\x1f\x00\xebk\'\xd2q\x10\x1e\x94n\xd7w\xb1\xc8G\x89\xf4\x8ct\xf9R\x850\b,r\xc6r\xf7=\xfe\xc1\x16\xe6\xee\xbb:-h\x03;\xe5\x04\xd8\xa9\x9a\xd3\x05(\x7f|\xadU\xafe\x87V.i4$6U,R\x9b\n{\'\xfe1\xc4\xb09\x96\x87\xc0e\xab\xe7\xa9\xb4\x1a\n\xf5\xd7zuvz\x972\xd4\xfb\x13u2\xab\x18\x01~r\xbbcW!\xec\xf7$\xc2\xbaU \x98\xb2\xe3I\xbd\x16T\xb75\xa6\a\xb7\xa1\x8d\xc9\x12\xb1\xbd\xbc\xd9c\xe9\"k\xee\x06\x83\xf4\xab\x18\x038\x8f\xc9^\x0f\xab\xea&P\b\xef#\xf6\xc3\xfc\xd4\xa0\xfd\x15N\xd3\xa0\x80\x9f\bU\xa63\xf6\xc9\xec\x01\'\t\x89(\xf9\x98B\xaf\xde*\x91\xd5k\xa1`d\xf0\x97\xc9e\xc1\"EC\x9a?x\x89\x8d\xb3\xfaF}\x82D\xf8\f\xf1`\x90D\xd1|%(\xd8\t\xea\xdfC\xce\x7fo+?v\xee\xc6bL\x1d\xbe\x84\x0e\xa7U\xc7}\xea.U`\x1b*\xcep\x8d\xa3\xec\xf7\xe0\xfe\x8c=<\xf2\x1f@\xc9\xcfw\xf3\x02\x1b\xde\xc3\x86\xe66E\xa7\x9c\xd3\xb6\xf5\xe0\x14\xb8\xd4`\x85\xe3;\x8c\xf8\xf2\xd9)\x0e\xd0\xff\xa5K\xf3\xf1\xc4\x18\xf4Z\xdci\x91\x84\xe8\xb7\x10\x90\xbc\xect\x13\xdfR\xe2\x80\xf8a\x92\xb2R\xdf0\xcdQ\xdf\x83\xbdjp,\xe8\xbb\xe6\xc6Db\xb8\xd6\xcd\x1ch3h\xcf<\x82\x97\xa5s/m\xb2\x1dd\xf7\xfc\xf5\xa9\x1d\xd34{\xcc\x1f\t,i\x16\x82\xad\x8e\xb6\x17\x0f\xaa\x85^/w\xbb~\xff\xce\x92\x90\x83\n\xe5\x14\x95\x92|\xfe-S%\x91i\xafh\x97z\x00@K\xbb\xc2\fcD\xff\xdcl\xa1\xfaR\xbc\xd4k7L\x8a\xa3Z\xf9%{\xfax\x9a\x04\'/\x90\xe6\xe2\xe9\xf1@o\x0ez\xb8\xce\xbeF\x0fkE\xf4ry\x92n\xff\xcb\xf8e\xf3j\xc5[wK\x91\xdb\xf7-r\xd3\x1bx\x9b$\x91\x03q~@\xd8R\x11\x05|\x8f\xb4\xc9\x16\x87C\xab\x96\xc4\xef\xea\xb9\r\xf5\xf3\xbe\x8a\t\xc7\x88\xc0sL;.\xcf\x1d\xc4^\xb0l\xbb\x97\xc5\xf6n\xca\x18M\xb8\x81\xff\xa9~\xf7\xa3\xa6\xd3\x15I\xecXG\x89\xa8\b\x8b\xcc\xe8\x88\xa07Z\x03\xff14\x87I\xc7\\vK<m2\x16\x03\xcd\xc1\xa8.\x7f\x16qlk\xf1\xf1y\x8c\xde\xd6|\xa1(\xf4\x12O\xca3\xf8%1\x8d\xd7\a\xfeJ\xe6\x8bc\xb3\x1bKC.\xafB\x8d\xdd\xf9\x1e\x9d\xa7\x13\x00\x14\xc7\xa1\xf3\x1e\xcb\x19\x13z`\xac\xf3\xd1x\x1b#}\xfaYR\xc5#Zoag@\x18\xfa*\xb4\xc4\x04\x03V\x87\xc5\xe7\xb5\x9bJ\x85-\x7f\xfe\xc0\xb7g\xe8\'`\x96q\x88[\xf8\xe8L\x12\x85\xf5t\x99\x0e}\xd3H\xed\xda\xf3>\xd8\x12\x8cXc5%\x03\x8d`\xdayC\x9b\x9a\xd9c\xe9\xb4\v\x99\x87\xe4\x00\x8a\x8eS\x8e\f\x05ZH\xa2\x0e\xbc\x9c\x95\b2Cf6\x9a\xe7\xb9\x86\xbe\xd0\xda\x91\xc1sl\x11PA\x93\xa5\x93\xc8\xf1w\x7fp6z\xbf\xe8[\'u\xb8\xd2$K\x12\rt\x87\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00r\xe2`\xdf\xd2\xb3\xaf\xe9\xc4!Z\xb4&\xa2\x12\xe2i\x91kC$A\xafR\xb3\xff\x1d=Z\x0e\xde\x99\xec\x10\xb4+\x13\'\x92>\x14\x00\a\xb6R\x8b\xdcz\xc3\xd1Y\xd6\xd9;s \xb0\x938\xb7D9\xdcN\xbd\xdbn\xe35\xa7\x02\x9c\xc1\xd9\x13?\xc9\xd7\xab\x9c\xf3\x82\xd1\xee^kk\xce\xdbn\x02\x1f\x80\t\xdbr\xa9\xcc\xf1\xcb\x9f@\x8c\xfc\x02W/p\x97\xb0\xbd\x8f\xdb|n2a\xee\x95u\x83\xca\x8a>}\xd3\xd0\xff6.pa\x17\xe3e\xd2\x7f\xf6\xbc\x9d\x112\x1b\x14<B\x91\xc0{{\x9d@\xb3a\xad\x14\xe9\xcc|\xd7\xa1\xc6\xb9F\x04\xce]\xb9Y\xbd\xbd\f\xa4F;q\xec\x83\x9bM\x93\xa4\x9c\xdd\x93\xa0\x82E\x02d\xd4RAI\xd9O\x17\xa6P#\xa35\a\xf6\xbb\t>p\xa1\xd6u\xefn\xb4\xa3\x05D\x8c\xc5l\xcc\b\xeb\xf42\xe9\xf15\xf3\xf2\xee\xd6\xed\t\xb3\xf7\x1a\x7f\xe6\xb4z\x19\xe1\xb4w\xf7\xa6\xd7\\\xfa\x96\xe2\xf9\xb1\x81\xba\xdfg\xadI\x1c\xde*_\xd5\xdf\xeeA\xcd \x91\xc9\xd4\xd1\xcd*.t\x80]\xd5~\xfb\xfb>\x9d\x91Kq]N\x87\x0f\x04L\xd4(\xf2G \xfdr~:\xc4\xc3\xfe\x14G\xadG~^l\xe0:(Y`\x0e\x90\xfa\x1c\xb6\f6\x92B\x92\xd3\xa9BG\xd2*AB\x1e\x01\xf0m+\x02\x87\x81aj;\xb6y.g\xeb\xc4\x0f\xd3\x85\xa5\x00\xa1\xa6iP\x0f\x02\x14\x90q\x94\xab\xb3\x0f\x01=\x06\x98\xa8\x87\xd9=\xce\xbef<\x1d\v\xba[\xd8]\x9e\xf30\xb8\xf1\b\x06M\x18w\xdc\x0e\x98?\x04G\xf9\x99\xab\xc1\xc0z\xe9Fu\x03\x9aj\xc0]\xb47\xd5\xb8]\x98y@\x8c\x8fM\x8c],\x1b\x03\xaa\'gv\xeb\xbf\xa8d\"\x94e3Q\xfci\xdf\xad\x819\xd1\xf3\xaa\xc8i\xf2\x8a\xc4CU3\x87Ns\x9f\x9f\xcd\x05\x06g\x9aRBg\x98\x10Ch\x1c\x96\xd3\xce', 0x7)
read(r6, &(0x7f0000000000)=""/269, 0xfffffdef)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x7, @ipv4={'\x00', '\xff\xff', @local}, 0x1}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000000)=@gcm_128={{0x303}, "2d9421fe8a4c9563", "cf6ff9ff337ed301000100c747fbbfc1", "dbdc27ff", "16de86d67a8426bd"}, 0x28)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000080)=@gcm_128={{0x303}, "b7a41f2300", "d21b0e8a0e000000000000000600", "1d1cbe23", "ecba06893bcdc493"}, 0x28)
sendto$inet6(r0, &(0x7f0000000140), 0x0, 0x8000, 0x0, 0x0)
close(0x3)

3.46170328s ago: executing program 3 (id=1054):
r0 = openat$vicodec0(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_S_CROP(r0, 0x4014563c, &(0x7f0000000180)={0x7, {0x8, 0x63b6, 0x7, 0x5ec}})
mq_timedsend(0xffffffffffffffff, 0x0, 0xff7f, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
listen(0xffffffffffffffff, 0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = openat$cgroup_int(r2, &(0x7f0000000040)='hugetlb.2MB.rsvd.max_usage_in_bytes\x00', 0x2, 0x0)
sendfile(r3, r3, 0x0, 0x100000000)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='rdma.current\x00', 0x275a, 0x0)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, 0x0)
r4 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0)
read(r4, &(0x7f0000000040)=""/154, 0x9a)
syz_open_dev$vbi(0x0, 0x1, 0x2)
openat$urandom(0xffffffffffffff9c, &(0x7f0000000080), 0x2000, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x94)
r6 = syz_open_dev$vcsn(&(0x7f0000000500), 0x6b, 0x0)
ioctl$VIDIOC_S_FREQUENCY(r6, 0x402c5639, &(0x7f0000000540)={0x5, 0x1, 0x200})
bpf$BPF_PROG_DETACH(0x1c, &(0x7f00000003c0)=ANY=[@ANYRES32=r5, @ANYRES32=r5, @ANYBLOB='/\x00'/12, @ANYRES32, @ANYBLOB="8e2ce5abc3ce55dd0698a3f1c66718ae06a4c769ea9d84991c1649d48df45fb620e3185f4644ff79208ec7dbbc000402e07dc6a70256d72b3ab2d06cfde5c881c809a08a9590873f1f929229fb177ed8dac909e597fd075bdb846d116153009f3b8b3da7e8f2abb5dd8efe8f2fa1fbdb43f92ecc946dd0b6a5d81f18ca699a19267fd074d3b52a9d5b3635e33c9fb090bc033d3b807be4a766afcad821b9467de849c6ae16258f781655423257a7a5b02d1327fc653fb427465c1a4fb611", @ANYRES64=0x0], 0x20)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000240)={@ifindex, 0x5, 0x0, 0x0, &(0x7f0000000140)=[0x0], 0x1, 0x0, 0x0, 0x0, &(0x7f0000000580)=[0x0]}, 0x40)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={0xffffffffffffffff, 0xfeffff, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x80000000}, 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000000840)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000703000000feffff7a0af0fff8fff0ff79a4f0ff00000000b7060000ffffffff6d6405000000000065040400010000000404000001000000b7050000400000006a0a80fe000000008500000053000000b70000000000000095000010000000004e62011c3034fdb117168bd07ba08af339d1a1ee35fe163a255c33282044b32495ef8ab9adc67ccc945ff15d802f5132143c0a9fc7a84452569957c1002ed7d458e17f791f4798c8eb484de03312c69b3edff5be26765ba5f8f2879021c2ea53ac547a654bbd2db5356b971d83dd12742be9087a3e7b7c0efd3e38c794eb06b0b8c392904ae7dd5e4dee88518ddf12dddd4bfc6a4dd3b6beba51074229b0d4b504516c4c3e5d1aa044d8d00728141cd67bcd68f253288e655c6b34e02e90637ef2912ba7de26ff2357ef17f95a25780c3a057826ef4e912f01a201e694e3049b8c8fe8b65d8d66bb766f7f3f918c86a702522368d9f81897133af94a5a4cff7f4d8b9d8eaf302f0b2e0c252b0000000000000000ee917bca4885bbf597a14ab6458e6272d88e0c8088f404f011289ebc5623faa1182632161e073af1d69a2e36be115be3b325ecd201d2ffb0a7fa4f5d1106560cdcf071defd0a8be3b69ce3e4f361aca75827426dde87fdf4617222674280f55e98107450c19b861299fcd9ed9d8679406419406bf0c5329bd5b4697336112b0b8756ce3574046bf611a108f8df4d1a88597840b702b6fa8edfff8faf8b8ec039bab385cac0535373bb8fab90539b1a65ddff841eb671f7faf39a43a66c5540b8762b42007c9ec43193ccf617dbf8a12b4a189edbf9fb7c42b1f435ccd4b19b53b60322af0aa66e8f448e1bd96822e6b70b62912c926dbe417cccd4f696d528fa8a3ea847f10e9b1106f3bb506f1d7fbdf801000000000000006c028eb5b5a073d0de5538ab42e171b3baae34c35987b0dda497ac3f5e97e60eaeea15c6d55badf9b86b1c000100006e60cd06c9ed24313ce607d403bb6030f800000000690db0221b1705c501f802ff59b4e683efa4b6e77e042072ec9eb8166f6e28b49a7705a1befc4d315878f88a8fb1dd679fb4c5557abae6849917dc51a89d47b728502f7e621fc0e3ba04020000c149ee6601728c750930519339b44197c22da865059b475afd96187d881e93b42a5fdfd686d8900c44c67133eeb0109dcb60dddad58037fda65885a15a42560ee3027a5ebf95254744f10fd607bc3100b94932b8d9447c42f6e21ee0e54f8be386bdc09decece910a481e648e0cb074536a25ff581d92af08a06f857311a2f14326b0b290205e91a682e00c8762cbc6b904c980eef6e6ae00f0000000000006a8194479700a02b92bec8d05eae1f24fdd7b80d3dde04c22f689594de2ebb9687219de8d73ac83823feb402a2415a9850d5f0183ec67be96dc0e4acd7acf1dfe79d6771903b76e2ae47d972651390c22d641030e1ddac018dc3116e1803af10a5f2b5f7ba58aca5bcabbbab24414a3810788e5503e4be66d683daac5f00000000000000001000ba96edb95ede0e1957c2a2754258d9fd028096cc15a8b912b494d4bbe609031ea1ca65a548941d5d16297757310d9daebd5a3dabbced3b051129cd60a37d397643324e6f0aadf978d639650000000000000000570b0acbcaa196e6b46e213a34c1a550e7c2d8cee7a278cee591f360e345d37dc9f8991a16c08d72317e42d2ac9126acd76130ef1086016697e4d51c4b42b2efc8edab88d46bc3d5d6e5a634c912bc40513643bf44cb416b3149040220aa39035ae46d16d879fc815a5cb84b0d5c8ad970128adf8dec1171e860ca54ce5d6a5aa0327bca4f49a710bf8a8399071237fe5d764e2034873c94a4f21287f3bce3eeb69e94df2e14e4ab10cc7834b304bc879b80255991dd7aac2e92c9e7c411c019d229c1f1e563152f1c5ae9cda3e808000000a0c779d624c5a2b7491b8f73e767389ecd1dee951353bb22b7caf89468871520823715cfebd04189c6c6b34bd8a6541f6bc0630000000000f94e85f5111add3a3cb5bcace95f38465402c39df835754ef33056b0e1134187822c001a25304f3e00b44675d0a25a21dc4023c642cc6f5a75c45a29ab933600acf9a2d471b73a73178cdf309e5d53311996215b44295dfddc1dd6b81132e999366e460d15d366e84da02b8afc40c47e733f804460ed8300ec34eab2ed80097bd32ff1a6143ab1476037e474ca876187c85bed4391215cd77e6a1fd6399a498b96b9b0cca93255acb08c67e50004c5af6fd5b4ce7c1ebc9202bd7b329a4d2530486d5999dd7f90ebecca37f2869135438f05407b1fd7481daf9ec94b799c12e714d573e2a6331f496254f254a60c52b2026ed6a72c82cd191490fabe7b151f92e5d700f21830d613fbe490f305b3845a78817e59bf7ed36471dbca01d39e50ae2535460e1d2f2614940647233a02d5000000000000000000f70e52f0d56f6a4dcf7e57c03d4b4add0500000000000000320304d0d2b308c5ed3956eae263035d703f862224e9818a3d7ac270793a7bf2af87585293960a80ac63c54e55063bf8d24639e561253ef0caf6c58118120d8acecc0528f0d81d291009fc46401baf9c22d1c452a5b61b7a1b9adfcc17f5ad99dcdf935923185db7b14a7fa7babc1f53df70618bb73aa810b756696f26653b84cf842ae433fda59fbe312be11bb7dfecdc38c1c1f688d2724568cc396fca7c74984b7f7bd000000000000003ff3e5857fc6598c933610be374909dc8622b0722259e922f40d7862f7ea72f1754f07711de7600000000000000000000000000c4cb643e73ad8a45f0c7164484540e66e29943aa72297d831ce6c978866a55ed53130c6747f569c9c9abe724b4fc647b17401d2201e8c201e7d6ffa1fa122677f7393ed4fe8a93306f048b6703b04544e42a9cd937ef8d98ee8d878a12a627791c5c2d9fc6de65356be92fd98fdbe819686c7bd3be5bd0ce627c8357675f752c73a502d25c31c831078f098c34295bfe90e882843003841f4c0c65dc1810a50000000000000015911cb03e743c482199757d35df5b59fe0a0c5240c85498d818578e2d65c4ff4acbee037498222b1f81f3726a244da1fd6b8c195f1303bedb744045f31e1547d7bc3c3eae68b8da059a59c8c37e3639c2c4eb3d8229ac24d2ce12bc0e5db4a8202d72e64d5c5eacd0d0c0cd7a879ed967f5a2bd39ae4cf7daf7c9fa1777d54fb5920c8434163f75062c62455bf6e23817a85d"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r7, 0xfeffff, 0x113, 0x3f00f000, &(0x7f0000000700)="c45c573d395de5b2891a7d637a223920f181c2e57d71483cfb2d075a3fa67258e080a194805cdb0c26d3f7ffb1e0d9cf4fa36dcb2168b72de48ac8f93e6804f1c4d70898d0810e044d7e1778eaac5dfdcc9f1208905522025bcfdf1b6f969b094d5c022c2b7ffefde71e0627b9a2069cc1e0175c4b8860aad4b0a103c589f676b6c4e85eb3950c533b6e62c39ccf9ae9bfe54ee5887358d44f46337fbe090d7c7e55847edee8130ffd3d1e719e01a68b0e691c0d35b0b56e0b514036342fd56f08ac0083f3c2fe41a1295a3d23cf3d160d4fd90f66beba68860456ed41272e1e68d16c2564c85f5556e18784113c493d13253e14d6eb891707fba3c30d07d5ee8619e4426cafec4cf6a3723c455d09b586b248", 0x0, 0xf0, 0x0, 0x4a, 0xffffff0c}, 0x40)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000080)={0x60, 0x0, &(0x7f0000000000)=[@reply_sg={0x40486312, {0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x18, 0x0, &(0x7f00000002c0)={0x30, 0x30, 0x30}}}, @increfs_done={0x40106308, 0x1}], 0x0, 0x0, 0x0})

3.408995968s ago: executing program 1 (id=1055):
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000040)={0x26, 'skcipher\x00', 0x0, 0x0, 'cts(cbc(aes))\x00'}, 0x58)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000240)={0x1, &(0x7f0000000200)=[{0x6, 0x5, 0x7, 0x50000}]})
syz_clone(0xb44040, 0x0, 0x0, 0x0, 0x0, 0x0)
setitimer(0x1, &(0x7f0000000080)={{}, {0x0, 0x2710}}, 0x0)
prlimit64(0x0, 0x0, &(0x7f00000001c0)={0x2000000000000000, 0xfffdfffffffffffb}, 0x0)
r2 = accept4$alg(r1, 0x0, 0x0, 0x0)
io_setup(0x1, &(0x7f0000000280)=<r3=>0x0)
ioprio_set$uid(0x3, 0x0, 0x0)
io_submit(r3, 0x1, &(0x7f0000000580)=[&(0x7f0000000200)={0x1000000, 0x0, 0x700000000000000, 0x2, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x2}])
getsockopt$WPAN_SECURITY(r0, 0x0, 0x1, 0x0, &(0x7f0000000000))

2.4471837s ago: executing program 0 (id=1056):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2d}}, 0x10)
sendmmsg$inet(r1, &(0x7f0000003540)=[{{&(0x7f0000000100)={0x2, 0x4e20, @multicast1}, 0x10, &(0x7f00000009c0)=[{&(0x7f0000000140)="2b3dcb037cf6eefdd865abf4cb8b1d17613cba0add0fc611e8e8edeb824ba694c30ed1d75eafde7ef357f25d275ad90b0ad65c4e3181039007d9096ab1a098bbd39415dc16914bbe91674f0deb1055864e2dc88798e3b3bf82e866c36f30af92cf204c04b58ef42e2744042bb5d5af77aff174539bd796f35aedbcaef63cce67d65f3321eb7700beef47308d9fc2b6d1a18e0484c097d27c0b2fc3b708c2897b9f55dd06c88b6db07b64431bff78a7eea64b1300bd6de2393e21f640e8b377e934245cd31a70d7f4823df271b235bd3d0b356a6bf5e7bd476d4ab8dd640f746dc0b90e080a494f", 0xe7}, {&(0x7f0000000700)="fd3f12b11bb32a8a76e016794ce0643bb98d1c07715d51090783781fefb0a7b2b3e618c882ed4d2251b83d733eb420ce93c78f2f93f899e2bf36f1c58b9703d0ba118ad0b3f2cb5b3e51b06e5925d81e6e4fd80f16431e01f64990254de92d67902dd61b93f3006dfe188282923bb8aa3c7af13dec03b0521221868f11d0301d273e3f6726d107520e8b6aed0a1b", 0x8e}, {&(0x7f0000000600)="862581263117a595cc8b4d91c81820960c318c8396349d812700e75e525fa32b7544ceb489026264e882e6b071a12ffdb5e7ff35e2e1002046d831da9a75680854fe172d076b8dc3803ff9d26d49bf4b103373dff834806016adcd95ad25f436a81a0bd5d8cdc59c4ade543b23b68110ccfd37ccc3c778d40629a5e61b0e8cd6af005f30363c40c4bca955232d75b1609cd8da8771356513bf156c823aed462a5773220cfff599bc209f5f2d7baf2ac7cb7a896eb9708cef3b8c24cb243997889d197ee8bc4ab9a5c69628751008577fcf4074fbdee3591a3a2641", 0xdb}, {&(0x7f0000000040)="1da91706353d671ffb11e4f447350c1aae5cc28f91a212a31f3550b813a7c81cf5d7fa00"/58, 0x3a}, {&(0x7f0000000b40)="853d812375877866806fdff43051b4023fa2334c45b8d31dff2233f12c7ffec14b58976722a067ecd394dcf55ad8bc6adf88e0dd053d47e5ddc3b08ac01e128339844430d1033bc401927fd38018f2b0e9b713aa160d7b265e90ca90a88cbb0b1493ccdd35f17ed434451c742e3d9c7607fb338490fb578a48c1853a42bbd171367e33a75c9cde0160143ad61ffad513ae1059f9e31087c6448fae895aa68e70fa53628160525c97bf79f68247bf691e8e46c94c3c0fa018fd9d10c19d7bf717ef1da47e10b55a09cb5e411146c03b26abef74a1b955c2202b9a4838f5b2495c6728602328820e2df2acfb22138f1d86c29f73641d1a55e8deadd320d9e951b33370ccebbd05a4d4358c514b5c7b695a9ec90b36ac77e9dd4e03569065d281b1b727a1692e26b8f363d7540e8ca2e806164a6fc46f8e2d2a6c128daf63a398077a13fbc0d539bda7fb8b904638e612482b548f1a089ec8d80fe0e6baf6379a037ce7efdf6ede864f2c8736b1abb71991ba15f2fd1372314390de9a3fa1a4eefc12dfd5bbf5c6606a4a5d2e08742f02fbc8aaa140a652369a2200736851cf259dde2999c8b2539d7702d0b37aae943e160e14d24b3eaa0b025d55a16c924f16e9eecebbc52b2069ba5223df0e252c78372aa13958a89a2b3a2044aa2275817ac942b261d2f2c25c45984b8af9dfa7652f7530aa4e714ad4c66b65ebaf42e223e415f1326bfd00d98bdaa4396a23aaa3623d0324beb61843f685a4e577247ae9b833aee04e55ae6d336d73513fbdcc62af87d2ba946a9c25d175e66990c636df62f853377274c1a04fb1fb235ee080cad746e239cdc728474812e995ac0c670f9885ad7704a281044948efd5170cab39daa5b034349741fb857260796231aa7864e9517c159e7a5e05d86dd4f4185d0ece85f3bcdaf83dab3e2dfbe8ee2786b23b7f0dda7243e217382da2d3f481447f0f54f2d4b0d52e7afb07cc615c06699f53aadaf1073cbc7e40477acad0a92ec51ee421524bc082abb17cd85d21caf69dafb65e4896f5879c8c4e5a1ac91d4b9529da9cab44e27a88a1d446d5e59f6e186083d7b10ba0cee1933f62e8326fac01b12bdf3e6f7b9e18d729eb65d6e61bc29380e282347311220f54c7b52c3760a194a7a74f9aa418ce", 0x337}], 0x5}}], 0x1, 0x40080a0)
setsockopt$inet_mtu(r1, 0x0, 0xa, &(0x7f0000000080)=0x3, 0x4)
sendmmsg$inet(r1, &(0x7f0000001a40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40012)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x67)
mount(0x0, 0x0, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), 0xffffffffffffffff)
write$USERIO_CMD_SET_PORT_TYPE(0xffffffffffffffff, &(0x7f00000003c0)={0x1, 0x8}, 0x2)
r5 = userfaultfd(0x80001)
r6 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800e80010000d0428bd7000fcdbff2500008000", @ANYRES32=r6, @ANYBLOB="1000000000000000280012800b00010062726964676500001800028005001900840000"], 0x48}}, 0x4084)
sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES8=r4, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c05}, 0x4008840)
openat$autofs(0xffffffffffffff9c, 0x0, 0x2000, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000380)={{0x1, 0x1, 0x18, r2, {0x40065b8}}, './file0/file0\x00'})
getsockopt$netrom_NETROM_T2(r6, 0x103, 0x2, &(0x7f0000000100)=0x1, &(0x7f0000000180)=0x4)
ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f0000000080)={0xaa, 0x79})
ioctl$UFFDIO_REGISTER(r5, 0xc020aa00, &(0x7f0000000040)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})

2.433323655s ago: executing program 4 (id=1057):
socket(0x10, 0x3, 0x0) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) (async)
mount(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='nfsd\x00', 0x0, 0x0)

2.328341038s ago: executing program 1 (id=1058):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000003c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setattr(0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r3 = signalfd4(r2, &(0x7f0000000100)={[0x3ff]}, 0x8, 0x80800)
ioctl$KVM_SMI(r3, 0xaeb7)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x15, 0x1c, &(0x7f00000002c0)=ANY=[@ANYBLOB="1808000000000000000000000200000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7060000000000008500000005000000bf0900000000000035090100000000009500000000000000b7020000000000007b9af8ff00000000b5090000000000007baaf0ff00000000ae8900000000000007080000f8ffffffbf8400000000000007040000f0ffffffc70200000800000018260000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7050000080000004608f0ff76000000bf980000000000005608f8ffffff00008500000007000000b70000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0xd, '\x00', 0x0, @sk_reuseport=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

2.064262092s ago: executing program 3 (id=1059):
r0 = eventfd2(0x43, 0x1)
writev(r0, &(0x7f0000002800)=[{&(0x7f0000000500)}, {&(0x7f0000001780)="2123cbc46f94a2970b75fb9928838dc5762ea1a4a7c9df1f098affb71497d0026a", 0x21}], 0x2)

2.006300087s ago: executing program 1 (id=1060):
r0 = syz_open_dev$loop(&(0x7f0000000100), 0x8, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cpuset.effective_mems\x00', 0x275a, 0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000240)={0x1, &(0x7f0000000200)=[{0x6, 0xff, 0x7, 0x7fc00002}]})
getpid()
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f0000000280)={<r3=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r2, 0x80082102, &(0x7f0000000100)={r3, 0x0, r2, 0x0, 0x80000})
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0xb, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd000000801900", [0x0, 0x2000000000001]}})
ioctl$LOOP_CHANGE_FD(r0, 0x4c06, r1)

1.790455492s ago: executing program 3 (id=1061):
syz_emit_ethernet(0x3e, &(0x7f0000001180)={@local, @link_local, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "6410a6", 0x8, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @broadcast}, @mcast2, {[@routing={0x84, 0x0, 0x1, 0x0, 0x3a}]}}}}}, 0x0)

1.753527585s ago: executing program 3 (id=1062):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0600000004000000ff0f00000700000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x0, r0}, 0x38)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="08000000040000000400000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0x14, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000fcffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000025000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)

1.654329177s ago: executing program 4 (id=1063):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x50)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000019400)=@newtaction={0x78, 0x30, 0x1, 0x0, 0x0, {}, [{0x64, 0x1, [@m_tunnel_key={0x60, 0x1, 0x0, 0x0, {{0xf}, {0x30, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_ENC_IPV4_DST={0x8, 0x4, @initdev={0xac, 0x1e, 0x0, 0x0}}, @TCA_TUNNEL_KEY_ENC_IPV4_SRC={0x8, 0x3, @initdev={0xac, 0x1e, 0x0, 0x0}}, @TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{0x0, 0x0, 0x5}, 0x1}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x78}}, 0x8000)
listen(r0, 0x90004)
socket$nl_route(0x10, 0x3, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfs\x00', 0x0, &(0x7f0000000180)='\x03')
getsockopt$bt_l2cap_L2CAP_LM(r0, 0x6, 0x3, &(0x7f0000000040), &(0x7f0000000080)=0x4)
socket$inet6_sctp(0xa, 0x1, 0x84)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="043e130100c90001"], 0x16)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
r6 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000640)={&(0x7f00000004c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x6, [@volatile={0x0, 0x0, 0x0, 0x9, 0x2}, @fwd={0x4}]}, {0x0, [0x0, 0x0, 0x0, 0x5f]}}, 0x0, 0x36, 0x0, 0x1}, 0x28)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000440)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, r6, 0x0, 0x2}, 0x50)
bind$inet(r5, &(0x7f0000000200)={0x2, 0x4e20, @multicast2}, 0x10)
connect$inet(r5, &(0x7f0000000080)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x1d}}, 0x10)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000001600)=[{&(0x7f00000001c0)='\x00', 0x1}], 0x1}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000000000000000803700000000ffffff95"], &(0x7f00000000c0)='syzkaller\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)

405.586329ms ago: executing program 1 (id=1064):
r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x42, 0x141)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)={{0x14}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x160b, 0x0, 0x0, {0x2, 0x0, 0x8}, [@NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @fib={{0x8}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_FIB_DREG={0x8, 0x1, 0x1, 0x0, 0x12}, @NFTA_FIB_RESULT={0x8, 0x2, 0x1, 0x0, 0x1}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x78}, 0x1, 0x0, 0x0, 0x850}, 0x4040080)
pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000200)="df", 0xff00}], 0x1, 0x7ffffe, 0x0, 0xa1)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000000)={0x4, [0x0, 0x0, <r2=>0x0, 0x0]}, &(0x7f0000000040)=0x14)
ioctl$COMEDI_DEVCONFIG(0xffffffffffffffff, 0x40946400, &(0x7f00000000c0)={'pcl711\x00', [0x4f2a, 0x80002000, 0x3, 0x8, 0x1200, 0xcc7, 0xfffffffc, 0xd, 0x8, 0x406, 0x5, 0xfffffffd, 0x45, 0x800004f, 0x206, 0xd, 0x0, 0x1a449, 0x9, 0x40000003, 0x8b, 0xcae4, 0x0, 0x20001e58, 0x8, 0xc69, 0x40, 0x6, 0x9, 0x0, 0x9]})
r3 = socket(0x10, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r3, 0x89f1, &(0x7f00000000c0)={'ip6tnl0\x00', &(0x7f0000000000)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev, @empty, 0x0, 0x8}})
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r3, 0x89f3, &(0x7f0000000080)={'syztnl1\x00', &(0x7f0000000180)={'ip6tnl0\x00', 0x0, 0x29, 0x0, 0x0, 0x0, 0x0, @dev, @private0={0xfc, 0x0, '\x00', 0x1}, 0x20, 0x0, 0x10}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), r0)
sendmsg$NL80211_CMD_SET_MULTICAST_TO_UNICAST(r3, &(0x7f0000000380)={&(0x7f00000001c0), 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x14, r4, 0x100, 0x70bd2a, 0x25dfdbfb, {{}, {@void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x4040}, 0x4000800)
r5 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_MAXSEG(r5, 0x84, 0xd, &(0x7f0000000080)=@assoc_value={r2, 0x5}, &(0x7f0000000180)=0x8)

405.210347ms ago: executing program 3 (id=1065):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = syz_clone(0x8810900, &(0x7f0000000180)="04c69cb485edd82173364d958b3740cdfa7500a49dea79819f581268929e072121af95d021dbeaba67a296a07edf56bb396f393d461d52c8efc6bb4e79f370c6c8c5ec527b92f511b0adc1da34f87c", 0x4f, &(0x7f0000000240), 0x0, &(0x7f0000000300)="64440c627fd9cee561bd620d88ee5b489639f0696c171cd79cdf64ec8a3565dade6e830428a42410fedcf0dc651714b5638646dafc193b6f147290ac325dbf616294f1c9be18f6801e86c8140654f1fb5073d0648b")
r2 = getpgrp(0x0)
syz_pidfd_open(r2, 0x0)
rt_tgsigqueueinfo(r1, r2, 0x2f, &(0x7f00000003c0)={0x3e, 0x80, 0x6})
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x29, 0x6, 0x0, 0x0)
r6 = memfd_create(&(0x7f0000000b40)='Y\xff\xff\x00\x00\x00\x00\x00K\xb2\x02\x80B\xe9\xe8\xcc\xde\x06\x00l\xa8\x1aJ\xaf\xb2M\xba\xb8_\x05U\xcd<|>\x9e\xec^\x0e\xbe\x18+-\x9b\x893\x02\x00\xa6\x1f+\xb3\xc5\x90z5\xe0\xdfi\xb7\x9f\xb4QW\xc9\xc9\x92\x03\t\x00\x00\x00\x00\x00\xb2\x0f\xee\xbe\f8\xcc\x7f\x00\x00\x00Z\x81\x00\x00\x00\x00\x18I\x13\xf1\xa2x\x04\x81R\xd45R\xae\x84\xcdN\xf7\xf6\b~\xed_M^dQ:\xbc\xafq\x88\x19nSF|;]\xe1A\x8c\x8a\x98\xd7|\xadNaC\xa6\xf9\xa7>c\x84\xd8\xfa\xf1\r\xb1\xfd\xbf!\xc7u\xccP\xdd\x13~\x89\xcf\x85\xca\xa0%\xc6\xc7\x11\x00\x00\x00\x00\x00\x00\x00?M9\\\av~\'\xd9\xb0\xacdya]8\x9d\xb7\v\xf39\xc5{\x9c!\x0f/\xb8g8\xb9\x8d\x19\xe2\xca\x01y\x83\xe7\ng\x87\xd93<u\xbe\xeag\xd2\x04e\xf2s\xde}o#\x90\xda\x9cs,r\xfd:\xcb\xc7\vTmPZH\xac\x8b\xd0\xc0\xbcRK\xcb\x1e8\xce\xbd[N\xb0\xb4<\xeb\x86[\xec\x8f\x14\xea\x82\x9e&\\\xb7!\xed\xa0\xc3,\x90m\x0f\x00\x00\x00\x00\x00\x00\xff\xd0\xb3\x94\x00\x00\x00\x00\x00\x00\x00\x9dH\xf8\xffRo\xa3W\xe1\x0f\x8eS\xaeX\x93\x7f\xd3\xb9a\xe4\xe0\xbd\xd9\xf5\xe4e\xf9\xcam\xe3\x03\xe4\xad\xd5&A\x02\xc8\xa9\xfe\xcb\x87\xd9\xd3\x84\f\xc08T~\xc4\xbd\x90?\x1f\x9c\x9b0\x19 \x9f\xd1p`\xc0/\x00u\x19\x1d\xac\xe8%\xb7\t\x9f4\xbb\x89\xe9\xc1\x81\xb0\xd6\xf7\x05\x16\xb9\xe9\xdc~\xd3-s\xe6;\x94\x1c^\x06\xdav;\xccD\x95sj\xe0\xd5\xbeS\xac\xe5N\xea\x9eyl[[\xce5\xee\x05\x9c\x96\x87\x9dp\xea?/\xcb\x9a\xaa5\'Q\fuG\x81\x8a@\x97M=v\xfe\a\xabp\xf3\x93\x9d\x7f@9\xc0\xd2\xf1#\xe7N\x89\xf8\xe8+\xa1\x82\x13\xb2\xa9\xef\xa5\xf8\x8b \x00\x9ev\x92\x0e\xd1\x1f\x17Dx[\xad\xb0\x9d/\x96\xe42mO\x9fh\xea\xf3\x14\xcd\x96\x89_)2\xe2\xd6\x81\x00b\xaf;\x92T\xafz\x94\x9fG\xfb\xfd|&k\x03\xd7;\x9ay\xee\xf9W?\xb3\xf9\xf8I.E4\xc3eWq\xfa\":$\xd0\x17Q\x94\xf5\xe5mk\x8e&\xf1;#z\xef*\xce\x99\x04\xb9\x90\xbc\xc9#-\x8di\xae\xc5\xdf\x13\xd2K\x8b\xf5\f\xb2x\xdd\xd5\xb4\xa9^~O<\x12\xe3\xc2Ru2Ht\re\xa1\xf6\xbd\xaa\xb0\x83}i\xc3P|7\xc4\xc8\xb1r0Z\x98\x87^\xc8C\x1b\x96\xb4lsyF\xc5\xbc\xffOE\xe9\xd70\xe7\xfep\x83\xa7\xa1\xd9\xe4\xba\x92\x17\xbf\xe0\xe1\x01\xb7\x8b\x18j\x19n\xc8\xff\xe9\xf4\xf4\xcf a\xd7_w\x0f\x9dF\xae\xccA-/\x83\xabU\xd5\xbf\xa4O\xb4\xed\xc8\xccH\xd1=\x81\x00\x00\x00\xc7;Lb\xce\x1a\xcc\x98\xe8\xe9e\xe0\xc2N\xe7\xd7\x1d\x92\x87F8\x9e\xd6\xdd\xdaW\xf5X\x80\xa0f\xceo\xd8\x7f\xc0\x96\bSB\xce&\x04$\xc3\xe31U\x84\x82\xf0{i\x1d\x02\x10\x86C\x01^\xcf\x93?w\x01\x84\xa0\xd6\xa2\x10\xa4\xfcG\xabD\xd6dGZ\xb2Cx\x1b\xfdD9\x17U\xf0\x16K\xf9&@\xb1[\xe2j$F1n@\xde\n%t.[\xad\xb5\f<o\xdb\xa4\x90\xc4\xd0I\xa6\x96\xa1\x00\xbb\xdd\x94\x00t/1YekG\x7f\xbdrI\x1e\x8a4=\xa2\xe9\x82<\x9e|\xf5#\x7f\xa8\x1f\x14\x82ih\xf9?\x03Q\xf5\xc4\x95\x99 \xa7v~:$\x02O\xe3\xaa\x1f\x00\xebk\'\xd2q\x10\x1e\x94n\xd7w\xb1\xc8G\x89\xf4\x8ct\xf9R\x850\b,r\xc6r\xf7=\xfe\xc1\x16\xe6\xee\xbb:-h\x03;\xe5\x04\xd8\xa9\x9a\xd3\x05(\x7f|\xadU\xafe\x87V.i4$6U,R\x9b\n{\'\xfe1\xc4\xb09\x96\x87\xc0e\xab\xe7\xa9\xb4\x1a\n\xf5\xd7zuvz\x972\xd4\xfb\x13u2\xab\x18\x01~r\xbbcW!\xec\xf7$\xc2\xbaU \x98\xb2\xe3I\xbd\x16T\xb75\xa6\a\xb7\xa1\x8d\xc9\x12\xb1\xbd\xbc\xd9c\xe9\"k\xee\x06\x83\xf4\xab\x18\x038\x8f\xc9^\x0f\xab\xea&P\b\xef#\xf6\xc3\xfc\xd4\xa0\xfd\x15N\xd3\xa0\x80\x9f\bU\xa63\xf6\xc9\xec\x01\'\t\x89(\xf9\x98B\xaf\xde*\x91\xd5k\xa1`d\xf0\x97\xc9e\xc1\"EC\x9a?x\x89\x8d\xb3\xfaF}\x82D\xf8\f\xf1`\x90D\xd1|%(\xd8\t\xea\xdfC\xce\x7fo+?v\xee\xc6bL\x1d\xbe\x84\x0e\xa7U\xc7}\xea.U`\x1b*\xcep\x8d\xa3\xec\xf7\xe0\xfe\x8c=<\xf2\x1f@\xc9\xcfw\xf3\x02\x1b\xde\xc3\x86\xe66E\xa7\x9c\xd3\xb6\xf5\xe0\x14\xb8\xd4`\x85\xe3;\x8c\xf8\xf2\xd9)\x0e\xd0\xff\xa5K\xf3\xf1\xc4\x18\xf4Z\xdci\x91\x84\xe8\xb7\x10\x90\xbc\xect\x13\xdfR\xe2\x80\xf8a\x92\xb2R\xdf0\xcdQ\xdf\x83\xbdjp,\xe8\xbb\xe6\xc6Db\xb8\xd6\xcd\x1ch3h\xcf<\x82\x97\xa5s/m\xb2\x1dd\xf7\xfc\xf5\xa9\x1d\xd34{\xcc\x1f\t,i\x16\x82\xad\x8e\xb6\x17\x0f\xaa\x85^/w\xbb~\xff\xce\x92\x90\x83\n\xe5\x14\x95\x92|\xfe-S%\x91i\xafh\x97z\x00@K\xbb\xc2\fcD\xff\xdcl\xa1\xfaR\xbc\xd4k7L\x8a\xa3Z\xf9%{\xfax\x9a\x04\'/\x90\xe6\xe2\xe9\xf1@o\x0ez\xb8\xce\xbeF\x0fkE\xf4ry\x92n\xff\xcb\xf8e\xf3j\xc5[wK\x91\xdb\xf7-r\xd3\x1bx\x9b$\x91\x03q~@\xd8R\x11\x05|\x8f\xb4\xc9\x16\x87C\xab\x96\xc4\xef\xea\xb9\r\xf5\xf3\xbe\x8a\t\xc7\x88\xc0sL;.\xcf\x1d\xc4^\xb0l\xbb\x97\xc5\xf6n\xca\x18M\xb8\x81\xff\xa9~\xf7\xa3\xa6\xd3\x15I\xecXG\x89\xa8\b\x8b\xcc\xe8\x88\xa07Z\x03\xff14\x87I\xc7\\vK<m2\x16\x03\xcd\xc1\xa8.\x7f\x16qlk\xf1\xf1y\x8c\xde\xd6|\xa1(\xf4\x12O\xca3\xf8%1\x8d\xd7\a\xfeJ\xe6\x8bc\xb3\x1bKC.\xafB\x8d\xdd\xf9\x1e\x9d\xa7\x13\x00\x14\xc7\xa1\xf3\x1e\xcb\x19\x13z`\xac\xf3\xd1x\x1b#}\xfaYR\xc5#Zoag@\x18\xfa*\xb4\xc4\x04\x03V\x87\xc5\xe7\xb5\x9bJ\x85-\x7f\xfe\xc0\xb7g\xe8\'`\x96q\x88[\xf8\xe8L\x12\x85\xf5t\x99\x0e}\xd3H\xed\xda\xf3>\xd8\x12\x8cXc5%\x03\x8d`\xdayC\x9b\x9a\xd9c\xe9\xb4\v\x99\x87\xe4\x00\x8a\x8eS\x8e\f\x05ZH\xa2\x0e\xbc\x9c\x95\b2Cf6\x9a\xe7\xb9\x86\xbe\xd0\xda\x91\xc1sl\x11PA\x93\xa5\x93\xc8\xf1w\x7fp6z\xbf\xe8[\'u\xb8\xd2$K\x12\rt\x87\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00r\xe2`\xdf\xd2\xb3\xaf\xe9\xc4!Z\xb4&\xa2\x12\xe2i\x91kC$A\xafR\xb3\xff\x1d=Z\x0e\xde\x99\xec\x10\xb4+\x13\'\x92>\x14\x00\a\xb6R\x8b\xdcz\xc3\xd1Y\xd6\xd9;s \xb0\x938\xb7D9\xdcN\xbd\xdbn\xe35\xa7\x02\x9c\xc1\xd9\x13?\xc9\xd7\xab\x9c\xf3\x82\xd1\xee^kk\xce\xdbn\x02\x1f\x80\t\xdbr\xa9\xcc\xf1\xcb\x9f@\x8c\xfc\x02W/p\x97\xb0\xbd\x8f\xdb|n2a\xee\x95u\x83\xca\x8a>}\xd3\xd0\xff6.pa\x17\xe3e\xd2\x7f\xf6\xbc\x9d\x112\x1b\x14<B\x91\xc0{{\x9d@\xb3a\xad\x14\xe9\xcc|\xd7\xa1\xc6\xb9F\x04\xce]\xb9Y\xbd\xbd\f\xa4F;q\xec\x83\x9bM\x93\xa4\x9c\xdd\x93\xa0\x82E\x02d\xd4RAI\xd9O\x17\xa6P#\xa35\a\xf6\xbb\t>p\xa1\xd6u\xefn\xb4\xa3\x05D\x8c\xc5l\xcc\b\xeb\xf42\xe9\xf15\xf3\xf2\xee\xd6\xed\t\xb3\xf7\x1a\x7f\xe6\xb4z\x19\xe1\xb4w\xf7\xa6\xd7\\\xfa\x96\xe2\xf9\xb1\x81\xba\xdfg\xadI\x1c\xde*_\xd5\xdf\xeeA\xcd \x91\xc9\xd4\xd1\xcd*.t\x80]\xd5~\xfb\xfb>\x9d\x91Kq]N\x87\x0f\x04L\xd4(\xf2G \xfdr~:\xc4\xc3\xfe\x14G\xadG~^l\xe0:(Y`\x0e\x90\xfa\x1c\xb6\f6\x92B\x92\xd3\xa9BG\xd2*AB\x1e\x01\xf0m+\x02\x87\x81aj;\xb6y.g\xeb\xc4\x0f\xd3\x85\xa5\x00\xa1\xa6iP\x0f\x02\x14\x90q\x94\xab\xb3\x0f\x01=\x06\x98\xa8\x87\xd9=\xce\xbef<\x1d\v\xba[\xd8]\x9e\xf30\xb8\xf1\b\x06M\x18w\xdc\x0e\x98?\x04G\xf9\x99\xab\xc1\xc0z\xe9Fu\x03\x9aj\xc0]\xb47\xd5\xb8]\x98y@\x8c\x8fM\x8c],\x1b\x03\xaa\'gv\xeb\xbf\xa8d\"\x94e3Q\xfci\xdf\xad\x819\xd1\xf3\xaa\xc8i\xf2\x8a\xc4CU3\x87Ns\x9f\x9f\xcd\x05\x06g\x9aRBg\x98\x10Ch\x1c\x96\xd3\xce', 0x7)
read(r6, &(0x7f0000000000)=""/269, 0xfffffdef)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x7, @ipv4={'\x00', '\xff\xff', @local}, 0x1}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000000)=@gcm_128={{0x303}, "2d9421fe8a4c9563", "cf6ff9ff337ed301000100c747fbbfc1", "dbdc27ff", "16de86d67a8426bd"}, 0x28)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000080)=@gcm_128={{0x303}, "b7a41f2300", "d21b0e8a0e000000000000000600", "1d1cbe23", "ecba06893bcdc493"}, 0x28)
sendto$inet6(r0, &(0x7f0000000140), 0x0, 0x8000, 0x0, 0x0)
close(0x3)

360.847878ms ago: executing program 0 (id=1066):
syz_open_dev$tty1(0xc, 0x4, 0x1)
r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040), 0x403, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000000080)={{0x8, 0x5}, 'port0\x00', 0x41, 0x100000, 0x10, 0x0, 0x3, 0x8f, 0x4, 0x0, 0x1, 0x81})
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xf, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {}, [], {{0x7, 0x1, 0xb, 0x8}, {0x5, 0x0, 0xb, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000680)={r2, 0x71, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000001200)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9f, 0x0, 0x16, 0x0, 0x0, 0x0, 0x0, 0x13, 0x8, 0x10, 0x0}}, 0x10)
unshare(0x20040600)
pselect6(0x40, &(0x7f0000000100)={0x0, 0x0, 0x2, 0x0, 0x800, 0x4000000000000000, 0x100000}, 0x0, &(0x7f0000000240)={0x1f, 0x2, 0xfdff, 0x3, 0x4, 0x80000000000000, 0x6a9}, &(0x7f00000000c0)={0x0, 0x3938700}, 0x0)

0s ago: executing program 0 (id=1067):
syz_usb_connect$midi(0x5, 0x68, &(0x7f0000000140)=ANY=[@ANYBLOB="1201000300000020fa0401424000010203010902560001010f500409040000050103000309050703000407fd04052501"], &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0}) (async)
syz_usb_connect$cdc_ecm(0x6, 0x5a, &(0x7f0000000040)={{0x12, 0x1, 0x300, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48, 0x1, 0x1, 0x3d, 0xc0, 0x3, "", [{{0x9, 0x4, 0x0, 0x6, 0x2, 0x2, 0x6, 0x0, 0x0, {{0xb, 0x24, 0x6, 0x0, 0x0, "212425910045"}, {0x5, 0x24, 0x0, 0x6}, {0xd, 0x24, 0xf, 0x1, 0xc70, 0xb, 0x3, 0x3}, [@network_terminal={0x7, 0x24, 0xa, 0x4, 0x15, 0x6, 0x2}]}, {[], {{0x9, 0x5, 0x82, 0x2, 0x40, 0x7, 0x4, 0xff}}, {{0x9, 0x5, 0x3, 0x2, 0x60, 0xb, 0x4, 0xfd}}}}}]}}]}}, &(0x7f00000004c0)={0xa, &(0x7f00000000c0)={0xa, 0x6, 0x110, 0xf3, 0x8, 0xb, 0x10, 0xf9}, 0x16, &(0x7f0000000100)={0x5, 0xf, 0x16, 0x2, [@ss_cap={0xa, 0x10, 0x3, 0x0, 0x2, 0x7, 0x7f, 0x8}, @ext_cap={0x7, 0x10, 0x2, 0x1a, 0x6, 0x8, 0x900}]}, 0xa, [{0xb, &(0x7f0000000180)=@string={0xb, 0x3, "c7310aabd29f7d6364"}}, {0x4, &(0x7f00000001c0)=@lang_id={0x4, 0x3, 0x459}}, {0x4, &(0x7f0000000200)=@lang_id={0x4, 0x3, 0x414}}, {0x4, &(0x7f0000000240)=@lang_id={0x4, 0x3, 0x500a}}, {0x4, &(0x7f0000000280)=@lang_id={0x4, 0x3, 0x42d}}, {0xe5, &(0x7f00000002c0)=@string={0xe5, 0x3, "195e4436f941ec3a6f315c607ad92acca061cada11bcbd1ebded5774b39eb1c10ccc128c4c8e14f179ae15550143048a20d4d1d0516c4bc839d949800b72d0c254e9f0f5c83a0432b82fae3e91026f6888deacb8e0ac99686a3a887e4721620cec7a609e299fe511a0b6b7dae38becf4f6a00ac23a755f29d7b937b5214794777940b4f01cea5e796ea810cc732ec0fd0d992604b25da10b4e6c4e7644ea8f8b6a76b9993780e28ab27e537dcec8c86885265d260a01d4ffc71dbf6234dc6776f329b20a3fde21cff08711f68d81f1573265741252181d59d98270f740178bbd1dc072"}}, {0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x337dbbc5e58eb3a3}}, {0x4, &(0x7f0000000400)=@lang_id={0x4, 0x3, 0x412}}, {0x1c, &(0x7f0000000440)=@string={0x1c, 0x3, "3427645a0bd689aa96f06ef186323aeca266bff564c02183ae0f"}}, {0x4, &(0x7f0000000480)=@lang_id={0x4, 0x3, 0x40d}}]})

kernel console output (not intermixed with test programs):

40/0x90
[  206.507202][ T7466]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  206.507223][ T7466] RIP: 0033:0x7fc65c4ec819
[  206.507244][ T7466] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  206.507261][ T7466] RSP: 002b:00007fc65a71d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000120
[  206.507285][ T7466] RAX: ffffffffffffffda RBX: 00007fc65c766090 RCX: 00007fc65c4ec819
[  206.507300][ T7466] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[  206.507312][ T7466] RBP: 00007fc65a71d090 R08: 0000000000000000 R09: 0000000000000000
[  206.507326][ T7466] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  206.507344][ T7466] R13: 00007fc65c766128 R14: 00007fc65c766090 R15: 00007fff68c8be58
[  206.507378][ T7466]  </TASK>
[  206.530822][ T7465] netlink: 4 bytes leftover after parsing attributes in process `syz.2.570'.
[  206.554361][ T5933] usb 5-1: new full-speed USB device number 20 using dummy_hcd
[  206.708264][ T5933] usb 5-1: config 253 has an invalid descriptor of length 0, skipping remainder of the config
[  206.708308][ T5933] usb 5-1: too many endpoints for config 253 interface 0 altsetting 0: 255, using maximum allowed: 30
[  206.708345][ T5933] usb 5-1: config 253 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[  206.712114][ T5933] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  206.712142][ T5933] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  206.712160][ T5933] usb 5-1: SerialNumber: syz
[  207.174565][ T5985] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  207.260074][ T7448] Bluetooth: hci1: command 0x0406 tx timeout
[  207.260116][ T7448] Bluetooth: hci3: command 0x0406 tx timeout
[  207.269815][ T7448] Bluetooth: hci2: command 0x0406 tx timeout
[  207.282585][   T60] Bluetooth: hci0: command 0x0406 tx timeout
[  207.570283][ T5985] usb 1-1: config 1 interface 0 altsetting 4 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  207.570322][ T5985] usb 1-1: config 1 interface 0 has no altsetting 0
[  207.602241][ T5985] usb 1-1: New USB device found, idVendor=054c, idProduct=09cc, bcdDevice= 0.40
[  207.602275][ T5985] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  207.602296][ T5985] usb 1-1: Product: င
[  207.602310][ T5985] usb 1-1: Manufacturer: Х
[  207.602386][ T5985] usb 1-1: SerialNumber: syz
[  207.955263][ T5933] rndis_host 5-1:253.0: probe with driver rndis_host failed with error -22
[  207.995515][ T5933] usb 5-1: USB disconnect, device number 20
[  208.140074][ T5985] usbhid 1-1:1.0: can't add hid device: -71
[  208.140206][ T5985] usbhid 1-1:1.0: probe with driver usbhid failed with error -71
[  208.162495][ T5985] usb 1-1: USB disconnect, device number 20
[  208.904331][ T5985] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  209.005520][ T7514] FAULT_INJECTION: forcing a failure.
[  209.005520][ T7514] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  209.005560][ T7514] CPU: 0 UID: 0 PID: 7514 Comm: syz.2.589 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  209.005585][ T7514] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  209.005597][ T7514] Call Trace:
[  209.005606][ T7514]  <TASK>
[  209.005615][ T7514]  dump_stack_lvl+0xe8/0x150
[  209.005653][ T7514]  should_fail_ex+0x46b/0x600
[  209.005689][ T7514]  _copy_from_user+0x2d/0xb0
[  209.005712][ T7514]  input_event_from_user+0xb1/0x290
[  209.005737][ T7514]  ? __pfx_input_event_from_user+0x10/0x10
[  209.005767][ T7514]  ? rt_spin_unlock+0x160/0x200
[  209.005802][ T7514]  evdev_write+0x2ca/0x4c0
[  209.005830][ T7514]  ? __pfx_evdev_write+0x10/0x10
[  209.005859][ T7514]  ? rw_verify_area+0x25b/0x4e0
[  209.005890][ T7514]  ? __pfx_evdev_write+0x10/0x10
[  209.005913][ T7514]  vfs_write+0x2a3/0xba0
[  209.005956][ T7514]  ? __pfx_vfs_write+0x10/0x10
[  209.005989][ T7514]  ? __fget_files+0x2a/0x420
[  209.006020][ T7514]  ? __fget_files+0x2a/0x420
[  209.006046][ T7514]  ? __fget_files+0x3a6/0x420
[  209.006072][ T7514]  ? __fget_files+0x2a/0x420
[  209.006109][ T7514]  ksys_write+0x156/0x270
[  209.006144][ T7514]  ? __pfx_ksys_write+0x10/0x10
[  209.006199][ T7514]  do_syscall_64+0x14d/0xf80
[  209.006222][ T7514]  ? trace_irq_disable+0x3b/0x150
[  209.006247][ T7514]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  209.006269][ T7514]  ? clear_bhb_loop+0x40/0x90
[  209.006296][ T7514]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  209.006317][ T7514] RIP: 0033:0x7f204f68c819
[  209.006338][ T7514] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  209.006357][ T7514] RSP: 002b:00007f204d8de028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  209.006380][ T7514] RAX: ffffffffffffffda RBX: 00007f204f905fa0 RCX: 00007f204f68c819
[  209.006396][ T7514] RDX: 0000000000000918 RSI: 0000200000000040 RDI: 0000000000000004
[  209.006410][ T7514] RBP: 00007f204d8de090 R08: 0000000000000000 R09: 0000000000000000
[  209.006423][ T7514] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  209.006435][ T7514] R13: 00007f204f906038 R14: 00007f204f905fa0 R15: 00007ffcbec39b88
[  209.006469][ T7514]  </TASK>
[  209.434307][ T5985] usb 5-1: Using ep0 maxpacket: 16
[  209.440384][ T5985] usb 5-1: config 1 has an invalid interface number: 105 but max is 0
[  209.440414][ T5985] usb 5-1: config 1 has no interface number 0
[  209.440464][ T5985] usb 5-1: config 1 interface 105 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  209.440491][ T5985] usb 5-1: config 1 interface 105 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  209.440516][ T5985] usb 5-1: config 1 interface 105 has no altsetting 0
[  209.446350][ T5985] usb 5-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d
[  209.446378][ T5985] usb 5-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[  209.446397][ T5985] usb 5-1: Product: syz
[  209.446410][ T5985] usb 5-1: Manufacturer: syz
[  209.446422][ T5985] usb 5-1: SerialNumber: syz
[  209.495996][ T7503] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  209.496227][ T7503] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  209.875374][ T7519] orangefs_mount: mount request failed with -4
[  210.933164][ T7503] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  210.933373][ T7503] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  211.390599][ T7550] FAULT_INJECTION: forcing a failure.
[  211.390599][ T7550] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  211.391035][ T7550] CPU: 1 UID: 0 PID: 7550 Comm: syz.3.598 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  211.391061][ T7550] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  211.391074][ T7550] Call Trace:
[  211.391082][ T7550]  <TASK>
[  211.391100][ T7550]  dump_stack_lvl+0xe8/0x150
[  211.391141][ T7550]  should_fail_ex+0x46b/0x600
[  211.391176][ T7550]  _copy_from_user+0x2d/0xb0
[  211.391198][ T7550]  iommufd_fops_ioctl+0x461/0x5d0
[  211.391232][ T7550]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[  211.391275][ T7550]  ? __fget_files+0x2a/0x420
[  211.391307][ T7550]  ? bpf_lsm_file_ioctl+0x9/0x20
[  211.391330][ T7550]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[  211.391359][ T7550]  __se_sys_ioctl+0xff/0x170
[  211.391384][ T7550]  do_syscall_64+0x14d/0xf80
[  211.391407][ T7550]  ? trace_irq_disable+0x3b/0x150
[  211.391431][ T7550]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  211.391454][ T7550]  ? clear_bhb_loop+0x40/0x90
[  211.391480][ T7550]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  211.391501][ T7550] RIP: 0033:0x7f39cd49c819
[  211.391522][ T7550] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  211.391540][ T7550] RSP: 002b:00007f39cb6d5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  211.391563][ T7550] RAX: ffffffffffffffda RBX: 00007f39cd716090 RCX: 00007f39cd49c819
[  211.391578][ T7550] RDX: 0000200000000640 RSI: 0000000000003ba0 RDI: 0000000000000003
[  211.391591][ T7550] RBP: 00007f39cb6d5090 R08: 0000000000000000 R09: 0000000000000000
[  211.391603][ T7550] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  211.391615][ T7550] R13: 00007f39cd716128 R14: 00007f39cd716090 R15: 00007fff64da7ac8
[  211.391650][ T7550]  </TASK>
[  211.546062][ T5985] aqc111 5-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71
[  211.546591][ T5985] aqc111 5-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71
[  211.597268][ T5985] aqc111 5-1:1.105 eth1: register 'aqc111' at usb-dummy_hcd.4-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter, 28:f3:ae:65:00:00
[  211.606138][ T5985] usb 5-1: USB disconnect, device number 21
[  211.613297][ T5985] aqc111 5-1:1.105 eth1: unregister 'aqc111' usb-dummy_hcd.4-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter
[  211.634299][    T9] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  211.786673][    T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  211.786727][    T9] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  211.786750][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  211.792942][    T9] usb 1-1: config 0 descriptor??
[  211.879767][ T5985] aqc111 5-1:1.105 eth1 (unregistered): Failed to write(0x1) reg index 0x0002: -19
[  211.879923][ T5985] aqc111 5-1:1.105 eth1 (unregistered): Failed to write(0x1) reg index 0x0002: -19
[  211.880082][ T5985] aqc111 5-1:1.105 eth1 (unregistered): Failed to write(0x61) reg index 0x0000: -19
[  212.230430][ T7548] netlink: 388 bytes leftover after parsing attributes in process `syz.0.602'.
[  213.097017][ T7585] FAULT_INJECTION: forcing a failure.
[  213.097017][ T7585] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  213.097086][ T7585] CPU: 0 UID: 0 PID: 7585 Comm: syz.1.616 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  213.097103][ T7585] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  213.097110][ T7585] Call Trace:
[  213.097115][ T7585]  <TASK>
[  213.097121][ T7585]  dump_stack_lvl+0xe8/0x150
[  213.097144][ T7585]  should_fail_ex+0x46b/0x600
[  213.097163][ T7585]  _copy_from_iter+0x1d3/0x1670
[  213.097185][ T7585]  ? trace_kmem_cache_alloc+0x29/0xf0
[  213.097208][ T7585]  ? __alloc_skb+0x27d/0x7d0
[  213.097219][ T7585]  ? __pfx__copy_from_iter+0x10/0x10
[  213.097235][ T7585]  ? kmem_cache_alloc_node_noprof+0x27c/0x6e0
[  213.097261][ T7585]  ? __alloc_skb+0x27d/0x7d0
[  213.097286][ T7585]  ? netlink_sendmsg+0x650/0xb40
[  213.097315][ T7585]  ? skb_put+0x11b/0x210
[  213.097346][ T7585]  netlink_sendmsg+0x6c0/0xb40
[  213.097382][ T7585]  ? __pfx_netlink_sendmsg+0x10/0x10
[  213.097401][ T7585]  ? unwind_get_return_address+0x4d/0x90
[  213.097416][ T7585]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  213.097435][ T7585]  ____sys_sendmsg+0x94c/0x9c0
[  213.097453][ T7585]  ? __pfx_____sys_sendmsg+0x10/0x10
[  213.097472][ T7585]  ? import_iovec+0x73/0xa0
[  213.097485][ T7585]  ___sys_sendmsg+0x2a5/0x360
[  213.097502][ T7585]  ? __pfx____sys_sendmsg+0x10/0x10
[  213.097540][ T7585]  ? __fget_files+0x2a/0x420
[  213.097564][ T7585]  ? __fget_files+0x3a6/0x420
[  213.097601][ T7585]  __x64_sys_sendmsg+0x1c3/0x2a0
[  213.097626][ T7585]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  213.097661][ T7585]  ? __pfx_ksys_write+0x10/0x10
[  213.097689][ T7585]  do_syscall_64+0x14d/0xf80
[  213.097703][ T7585]  ? trace_irq_disable+0x3b/0x150
[  213.097717][ T7585]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  213.097729][ T7585]  ? clear_bhb_loop+0x40/0x90
[  213.097743][ T7585]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  213.097755][ T7585] RIP: 0033:0x7fc65c4ec819
[  213.097768][ T7585] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  213.097779][ T7585] RSP: 002b:00007fc65a73e028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  213.097799][ T7585] RAX: ffffffffffffffda RBX: 00007fc65c765fa0 RCX: 00007fc65c4ec819
[  213.097813][ T7585] RDX: 0000000000000000 RSI: 0000200000000540 RDI: 0000000000000003
[  213.097826][ T7585] RBP: 00007fc65a73e090 R08: 0000000000000000 R09: 0000000000000000
[  213.097839][ T7585] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  213.097850][ T7585] R13: 00007fc65c766038 R14: 00007fc65c765fa0 R15: 00007fff68c8be58
[  213.097883][ T7585]  </TASK>
[  213.292201][ T7589] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  213.292812][ T7589] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  213.918320][ T7602] FAULT_INJECTION: forcing a failure.
[  213.918320][ T7602] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  213.918363][ T7602] CPU: 0 UID: 0 PID: 7602 Comm: syz.2.622 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  213.918386][ T7602] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  213.918398][ T7602] Call Trace:
[  213.918406][ T7602]  <TASK>
[  213.918415][ T7602]  dump_stack_lvl+0xe8/0x150
[  213.918451][ T7602]  should_fail_ex+0x46b/0x600
[  213.918487][ T7602]  _copy_to_user+0x31/0xb0
[  213.918510][ T7602]  simple_read_from_buffer+0xe1/0x170
[  213.918543][ T7602]  proc_fail_nth_read+0x1be/0x230
[  213.918573][ T7602]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  213.918602][ T7602]  ? rw_verify_area+0x2ac/0x4e0
[  213.918631][ T7602]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  213.918658][ T7602]  vfs_read+0x212/0xa80
[  213.918698][ T7602]  ? __pfx_vfs_read+0x10/0x10
[  213.918730][ T7602]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  213.918756][ T7602]  ? lockdep_hardirqs_on+0x7a/0x110
[  213.918780][ T7602]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  213.918804][ T7602]  ? mutex_lock_nested+0x152/0x1d0
[  213.918833][ T7602]  ? fdget_pos+0x252/0x320
[  213.918870][ T7602]  ksys_read+0x156/0x270
[  213.918904][ T7602]  ? __pfx_ksys_read+0x10/0x10
[  213.918947][ T7602]  do_syscall_64+0x14d/0xf80
[  213.918970][ T7602]  ? trace_irq_disable+0x3b/0x150
[  213.918995][ T7602]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  213.919015][ T7602]  ? clear_bhb_loop+0x40/0x90
[  213.919041][ T7602]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  213.919072][ T7602] RIP: 0033:0x7f204f64d04e
[  213.919091][ T7602] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  213.919108][ T7602] RSP: 002b:00007f204d8ddfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  213.919133][ T7602] RAX: ffffffffffffffda RBX: 00007f204d8de6c0 RCX: 00007f204f64d04e
[  213.919149][ T7602] RDX: 000000000000000f RSI: 00007f204d8de0a0 RDI: 0000000000000004
[  213.919161][ T7602] RBP: 00007f204d8de090 R08: 0000000000000000 R09: 0000000000000000
[  213.919174][ T7602] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  213.919186][ T7602] R13: 00007f204f906038 R14: 00007f204f905fa0 R15: 00007ffcbec39b88
[  213.919222][ T7602]  </TASK>
[  214.082221][ T5985] usb 5-1: new full-speed USB device number 22 using dummy_hcd
[  214.248276][ T5985] usb 5-1: config 253 has an invalid descriptor of length 0, skipping remainder of the config
[  214.248327][ T5985] usb 5-1: too many endpoints for config 253 interface 0 altsetting 0: 255, using maximum allowed: 30
[  214.248368][ T5985] usb 5-1: config 253 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[  214.250085][ T5985] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  214.250124][ T5985] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  214.250145][ T5985] usb 5-1: SerialNumber: syz
[  215.131776][    T9] usbhid 1-1:0.0: can't add hid device: -71
[  215.131906][    T9] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  215.153467][    T9] usb 1-1: USB disconnect, device number 21
[  216.848039][ T5985] rndis_host 5-1:253.0: probe with driver rndis_host failed with error -22
[  216.882254][ T7643] FAULT_INJECTION: forcing a failure.
[  216.882254][ T7643] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  216.882456][ T7643] CPU: 0 UID: 0 PID: 7643 Comm: syz.0.637 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  216.882481][ T7643] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  216.882493][ T7643] Call Trace:
[  216.882502][ T7643]  <TASK>
[  216.882511][ T7643]  dump_stack_lvl+0xe8/0x150
[  216.882548][ T7643]  should_fail_ex+0x46b/0x600
[  216.882583][ T7643]  _copy_from_user+0x2d/0xb0
[  216.882604][ T7643]  __ia32_sys_rt_sigreturn+0x379/0x8e0
[  216.882636][ T7643]  ? __lock_acquire+0x6b5/0x2cf0
[  216.882661][ T7643]  ? __pfx___ia32_sys_rt_sigreturn+0x10/0x10
[  216.882719][ T7643]  ? __task_pid_nr_ns+0x28/0x470
[  216.882755][ T7643]  do_syscall_64+0x14d/0xf80
[  216.882780][ T7643]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  216.882802][ T7643]  ? clear_bhb_loop+0x40/0x90
[  216.882828][ T7643]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  216.882849][ T7643] RIP: 0033:0x7fa104c6db99
[  216.882870][ T7643] Code: 11 06 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 0c 25
[  216.882888][ T7643] RSP: 002b:00007fa102f1da80 EFLAGS: 00000202 ORIG_RAX: 000000000000000f
[  216.882911][ T7643] RAX: ffffffffffffffda RBX: 00007fa104f45fa0 RCX: 00007fa104c6db99
[  216.882927][ T7643] RDX: 00007fa102f1da80 RSI: 00007fa102f1dbb0 RDI: 0000000000000021
[  216.882940][ T7643] RBP: 00007fa102f1e090 R08: 0000000000000000 R09: 0000000000000000
[  216.882954][ T7643] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000001
[  216.882966][ T7643] R13: 00007fa104f46038 R14: 00007fa104f45fa0 R15: 00007ffe2cc13538
[  216.883001][ T7643]  </TASK>
[  216.994937][ T7649] netlink: 'syz.4.640': attribute type 16 has an invalid length.
[  216.994962][ T7649] netlink: 156 bytes leftover after parsing attributes in process `syz.4.640'.
[  217.123060][ T5985] usb 5-1: USB disconnect, device number 22
[  217.754262][ T5856] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  217.833818][ T7671] FAULT_INJECTION: forcing a failure.
[  217.833818][ T7671] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  217.833855][ T7671] CPU: 0 UID: 0 PID: 7671 Comm: syz.2.647 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  217.833880][ T7671] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  217.833892][ T7671] Call Trace:
[  217.833899][ T7671]  <TASK>
[  217.833909][ T7671]  dump_stack_lvl+0xe8/0x150
[  217.833944][ T7671]  should_fail_ex+0x46b/0x600
[  217.833978][ T7671]  _copy_from_user+0x2d/0xb0
[  217.833999][ T7671]  ? __pfx_drm_mode_getplane_res+0x10/0x10
[  217.834031][ T7671]  drm_ioctl+0x5d0/0xb80
[  217.834059][ T7671]  ? smk_tskacc+0x311/0x3a0
[  217.834088][ T7671]  ? __pfx_drm_mode_getplane_res+0x10/0x10
[  217.834139][ T7671]  ? __pfx_drm_ioctl+0x10/0x10
[  217.834180][ T7671]  ? __fget_files+0x2a/0x420
[  217.834210][ T7671]  ? bpf_lsm_file_ioctl+0x9/0x20
[  217.834232][ T7671]  ? __pfx_drm_ioctl+0x10/0x10
[  217.834261][ T7671]  __se_sys_ioctl+0xff/0x170
[  217.834284][ T7671]  do_syscall_64+0x14d/0xf80
[  217.834308][ T7671]  ? trace_irq_disable+0x3b/0x150
[  217.834333][ T7671]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  217.834354][ T7671]  ? clear_bhb_loop+0x40/0x90
[  217.834379][ T7671]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  217.834400][ T7671] RIP: 0033:0x7f204f68c819
[  217.834420][ T7671] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  217.834436][ T7671] RSP: 002b:00007f204d8de028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  217.834460][ T7671] RAX: ffffffffffffffda RBX: 00007f204f905fa0 RCX: 00007f204f68c819
[  217.834476][ T7671] RDX: 0000200000000080 RSI: 00000000c01064b5 RDI: 0000000000000003
[  217.834490][ T7671] RBP: 00007f204d8de090 R08: 0000000000000000 R09: 0000000000000000
[  217.834501][ T7671] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  217.834513][ T7671] R13: 00007f204f906038 R14: 00007f204f905fa0 R15: 00007ffcbec39b88
[  217.834547][ T7671]  </TASK>
[  217.915920][ T5856] usb 5-1: Using ep0 maxpacket: 32
[  217.918373][ T5856] usb 5-1: config 0 has an invalid interface number: 184 but max is 0
[  217.918396][ T5856] usb 5-1: config 0 has no interface number 0
[  217.918440][ T5856] usb 5-1: config 0 interface 184 has no altsetting 0
[  217.922568][ T5856] usb 5-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  217.922593][ T5856] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  217.922611][ T5856] usb 5-1: Product: syz
[  217.922624][ T5856] usb 5-1: Manufacturer: syz
[  217.922637][ T5856] usb 5-1: SerialNumber: syz
[  218.010844][ T5856] usb 5-1: config 0 descriptor??
[  218.490930][ T7684] FAULT_INJECTION: forcing a failure.
[  218.490930][ T7684] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  218.490969][ T7684] CPU: 1 UID: 0 PID: 7684 Comm: syz.2.653 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  218.490992][ T7684] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  218.491004][ T7684] Call Trace:
[  218.491014][ T7684]  <TASK>
[  218.491023][ T7684]  dump_stack_lvl+0xe8/0x150
[  218.491079][ T7684]  should_fail_ex+0x46b/0x600
[  218.491113][ T7684]  _copy_from_user+0x2d/0xb0
[  218.491135][ T7684]  ___sys_sendmsg+0x1c6/0x360
[  218.491165][ T7684]  ? __pfx____sys_sendmsg+0x10/0x10
[  218.491228][ T7684]  ? __fget_files+0x2a/0x420
[  218.491252][ T7684]  ? __fget_files+0x3a6/0x420
[  218.491286][ T7684]  __x64_sys_sendmsg+0x1c3/0x2a0
[  218.491309][ T7684]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  218.491342][ T7684]  ? __pfx_ksys_write+0x10/0x10
[  218.491384][ T7684]  do_syscall_64+0x14d/0xf80
[  218.491407][ T7684]  ? trace_irq_disable+0x3b/0x150
[  218.491430][ T7684]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  218.491449][ T7684]  ? clear_bhb_loop+0x40/0x90
[  218.491465][ T7684]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  218.491477][ T7684] RIP: 0033:0x7f204f68c819
[  218.491492][ T7684] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  218.491507][ T7684] RSP: 002b:00007f204d8de028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  218.491530][ T7684] RAX: ffffffffffffffda RBX: 00007f204f905fa0 RCX: 00007f204f68c819
[  218.491546][ T7684] RDX: 0000000000004080 RSI: 0000200000002380 RDI: 0000000000000004
[  218.491559][ T7684] RBP: 00007f204d8de090 R08: 0000000000000000 R09: 0000000000000000
[  218.491571][ T7684] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  218.491583][ T7684] R13: 00007f204f906038 R14: 00007f204f905fa0 R15: 00007ffcbec39b88
[  218.491615][ T7684]  </TASK>
[  219.131316][ T5856] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000040: -71
[  219.131362][ T5856] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Error writing E2P_CMD
[  219.131929][ T5856] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  219.131956][ T5856] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[  219.131976][ T5856] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[  219.131994][ T5856] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[  219.132323][ T5856] smsc75xx 5-1:0.184: probe with driver smsc75xx failed with error -71
[  219.164617][ T5856] usb 5-1: USB disconnect, device number 23
[  220.066425][ T7706] tmpfs: Bad value for 'usrquota_block_hardlimit'
[  220.335739][ T7716] FAULT_INJECTION: forcing a failure.
[  220.335739][ T7716] name failslab, interval 1, probability 0, space 0, times 0
[  220.335777][ T7716] CPU: 0 UID: 0 PID: 7716 Comm: syz.2.667 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  220.335801][ T7716] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  220.335814][ T7716] Call Trace:
[  220.335822][ T7716]  <TASK>
[  220.335832][ T7716]  dump_stack_lvl+0xe8/0x150
[  220.335871][ T7716]  should_fail_ex+0x46b/0x600
[  220.335906][ T7716]  should_failslab+0xa8/0x100
[  220.335932][ T7716]  kmem_cache_alloc_noprof+0x87/0x680
[  220.335965][ T7716]  ? skb_clone+0x212/0x3a0
[  220.335997][ T7716]  skb_clone+0x212/0x3a0
[  220.336027][ T7716]  __netlink_deliver_tap+0x404/0x850
[  220.336072][ T7716]  ? netlink_deliver_tap+0x2e/0x1b0
[  220.336105][ T7716]  netlink_deliver_tap+0x19c/0x1b0
[  220.336138][ T7716]  netlink_unicast+0x805/0x9f0
[  220.336178][ T7716]  ? __pfx_netlink_unicast+0x10/0x10
[  220.336210][ T7716]  ? netlink_sendmsg+0x650/0xb40
[  220.336239][ T7716]  ? skb_put+0x11b/0x210
[  220.336266][ T7716]  netlink_sendmsg+0x813/0xb40
[  220.336317][ T7716]  ? __pfx_netlink_sendmsg+0x10/0x10
[  220.336351][ T7716]  ? unwind_get_return_address+0x4d/0x90
[  220.336379][ T7716]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  220.336415][ T7716]  ____sys_sendmsg+0x94c/0x9c0
[  220.336447][ T7716]  ? __pfx_____sys_sendmsg+0x10/0x10
[  220.336483][ T7716]  ? import_iovec+0x73/0xa0
[  220.336509][ T7716]  ___sys_sendmsg+0x2a5/0x360
[  220.336541][ T7716]  ? __pfx____sys_sendmsg+0x10/0x10
[  220.336607][ T7716]  ? __fget_files+0x2a/0x420
[  220.336635][ T7716]  ? __fget_files+0x3a6/0x420
[  220.336674][ T7716]  __x64_sys_sendmsg+0x1c3/0x2a0
[  220.336703][ T7716]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  220.336739][ T7716]  ? __pfx_ksys_write+0x10/0x10
[  220.336785][ T7716]  do_syscall_64+0x14d/0xf80
[  220.336809][ T7716]  ? trace_irq_disable+0x3b/0x150
[  220.336834][ T7716]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  220.336855][ T7716]  ? clear_bhb_loop+0x40/0x90
[  220.336883][ T7716]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  220.336904][ T7716] RIP: 0033:0x7f204f68c819
[  220.336925][ T7716] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  220.336943][ T7716] RSP: 002b:00007f204d8de028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  220.336966][ T7716] RAX: ffffffffffffffda RBX: 00007f204f905fa0 RCX: 00007f204f68c819
[  220.336982][ T7716] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000010
[  220.336994][ T7716] RBP: 00007f204d8de090 R08: 0000000000000000 R09: 0000000000000000
[  220.337007][ T7716] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  220.337020][ T7716] R13: 00007f204f906038 R14: 00007f204f905fa0 R15: 00007ffcbec39b88
[  220.337054][ T7716]  </TASK>
[  220.337093][ T7716] netlink: 28 bytes leftover after parsing attributes in process `syz.2.667'.
[  220.337121][ T7716] netlink: 28 bytes leftover after parsing attributes in process `syz.2.667'.
[  220.358307][ T7716] dummy0: entered promiscuous mode
[  220.360131][ T7716] team0: entered promiscuous mode
[  220.360150][ T7716] team_slave_0: entered promiscuous mode
[  220.360397][ T7716] team_slave_1: entered promiscuous mode
[  220.362488][ T7716] debugfs: 'hsr1' already exists in 'hsr'
[  220.362515][ T7716] Cannot create hsr debugfs directory
[  222.596785][ T7743] IPVS: set_ctl: invalid protocol: 12078 108.101.48.0:0
[  222.876958][ T5804] Bluetooth: hci4: command 0x0406 tx timeout
[  223.329812][ T7761] FAULT_INJECTION: forcing a failure.
[  223.329812][ T7761] name failslab, interval 1, probability 0, space 0, times 0
[  223.329852][ T7761] CPU: 1 UID: 0 PID: 7761 Comm: syz.0.685 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  223.329877][ T7761] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  223.329889][ T7761] Call Trace:
[  223.329898][ T7761]  <TASK>
[  223.329907][ T7761]  dump_stack_lvl+0xe8/0x150
[  223.329944][ T7761]  should_fail_ex+0x46b/0x600
[  223.329980][ T7761]  should_failslab+0xa8/0x100
[  223.330005][ T7761]  __kmalloc_noprof+0xdf/0x7b0
[  223.330035][ T7761]  ? kfree+0x4d/0x6c0
[  223.330063][ T7761]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  223.330098][ T7761]  tomoyo_realpath_from_path+0xe3/0x5d0
[  223.330142][ T7761]  ? tomoyo_path_number_perm+0x219/0x630
[  223.330166][ T7761]  tomoyo_path_number_perm+0x246/0x630
[  223.330193][ T7761]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  223.330220][ T7761]  ? __lock_acquire+0x6b5/0x2cf0
[  223.330279][ T7761]  ? __fget_files+0x2a/0x420
[  223.330311][ T7761]  ? __fget_files+0x2a/0x420
[  223.330336][ T7761]  ? __fget_files+0x3a6/0x420
[  223.330361][ T7761]  ? __fget_files+0x2a/0x420
[  223.330392][ T7761]  security_file_ioctl+0xc3/0x2a0
[  223.330419][ T7761]  __se_sys_ioctl+0x47/0x170
[  223.330445][ T7761]  do_syscall_64+0x14d/0xf80
[  223.330468][ T7761]  ? trace_irq_disable+0x3b/0x150
[  223.330493][ T7761]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  223.330514][ T7761]  ? clear_bhb_loop+0x40/0x90
[  223.330541][ T7761]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  223.330563][ T7761] RIP: 0033:0x7fa104ccc819
[  223.330583][ T7761] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  223.330601][ T7761] RSP: 002b:00007fa102f1e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  223.330624][ T7761] RAX: ffffffffffffffda RBX: 00007fa104f45fa0 RCX: 00007fa104ccc819
[  223.330639][ T7761] RDX: 0000200000000440 RSI: 00000000c0405602 RDI: 0000000000000003
[  223.330653][ T7761] RBP: 00007fa102f1e090 R08: 0000000000000000 R09: 0000000000000000
[  223.330667][ T7761] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  223.330679][ T7761] R13: 00007fa104f46038 R14: 00007fa104f45fa0 R15: 00007ffe2cc13538
[  223.330715][ T7761]  </TASK>
[  223.335667][ T7761] ERROR: Out of memory at tomoyo_realpath_from_path.
[  224.764313][ T5871] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  224.916387][ T5871] usb 4-1: Using ep0 maxpacket: 32
[  224.918510][ T5871] usb 4-1: config index 0 descriptor too short (expected 45, got 36)
[  224.918571][ T5871] usb 4-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  225.005712][ T5871] usb 4-1: New USB device found, idVendor=8086, idProduct=8150, bcdDevice= 0.00
[  225.005749][ T5871] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  225.005769][ T5871] usb 4-1: Product: syz
[  225.005784][ T5871] usb 4-1: Manufacturer: syz
[  225.005799][ T5871] usb 4-1: SerialNumber: syz
[  225.076325][ T7800] FAULT_INJECTION: forcing a failure.
[  225.076325][ T7800] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  225.076366][ T7800] CPU: 1 UID: 0 PID: 7800 Comm: syz.1.703 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  225.076391][ T7800] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  225.076404][ T7800] Call Trace:
[  225.076412][ T7800]  <TASK>
[  225.076422][ T7800]  dump_stack_lvl+0xe8/0x150
[  225.076462][ T7800]  should_fail_ex+0x46b/0x600
[  225.076499][ T7800]  prepare_alloc_pages+0x22a/0x6b0
[  225.076533][ T7800]  __alloc_frozen_pages_noprof+0x12f/0x380
[  225.076564][ T7800]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  225.076594][ T7800]  ? __pfx_policy_nodemask+0x10/0x10
[  225.076618][ T7800]  ? filemap_get_entry+0x2ac/0x320
[  225.076649][ T7800]  ? __pfx_filemap_get_entry+0x10/0x10
[  225.076685][ T7800]  alloc_pages_mpol+0xd1/0x380
[  225.076714][ T7800]  folio_alloc_mpol_noprof+0x39/0xe0
[  225.076740][ T7800]  shmem_get_folio_gfp+0x644/0x1a80
[  225.076803][ T7800]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  225.076834][ T7800]  ? unwind_next_frame+0xa5/0x23c0
[  225.076855][ T7800]  ? rcu_is_watching+0x15/0xb0
[  225.076879][ T7800]  ? lock_release+0x4b/0x3d0
[  225.076898][ T7800]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  225.076927][ T7800]  shmem_fault+0x170/0x380
[  225.076973][ T7800]  __do_fault+0x138/0x390
[  225.077001][ T7800]  do_pte_missing+0x623/0x29e0
[  225.077035][ T7800]  ? handle_mm_fault+0xe7/0x13c0
[  225.077072][ T7800]  handle_mm_fault+0xd0a/0x13c0
[  225.077111][ T7800]  ? handle_mm_fault+0xe7/0x13c0
[  225.077147][ T7800]  ? __pfx_handle_mm_fault+0x10/0x10
[  225.077200][ T7800]  ? lock_mm_and_find_vma+0xa7/0x340
[  225.077228][ T7800]  do_user_addr_fault+0x75b/0x1340
[  225.077279][ T7800]  exc_page_fault+0x6a/0xc0
[  225.077306][ T7800]  asm_exc_page_fault+0x26/0x30
[  225.077327][ T7800] RIP: 0010:rep_movs_alternative+0x33/0x90
[  225.077359][ T7800] Code: 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 <48> 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb
[  225.077376][ T7800] RSP: 0018:ffffc90004277b28 EFLAGS: 00050216
[  225.077397][ T7800] RAX: 0000000000000001 RBX: 0000000000000014 RCX: 0000000000000014
[  225.077411][ T7800] RDX: 0000000000000000 RSI: ffffc90004277be0 RDI: 000020000000a2c0
[  225.077425][ T7800] RBP: ffffc90004277cd0 R08: 0000000000000003 R09: 0000000000000004
[  225.077439][ T7800] R10: dffffc0000000000 R11: fffff5200084ef7e R12: 000020000000a2d4
[  225.077454][ T7800] R13: 00007ffffffff000 R14: ffffc90004277be0 R15: 000020000000a2c0
[  225.077491][ T7800]  _copy_to_user+0x8a/0xb0
[  225.077517][ T7800]  media_device_enum_links+0x345/0x890
[  225.077552][ T7800]  ? __pfx_media_device_enum_links+0x10/0x10
[  225.077586][ T7800]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  225.077612][ T7800]  ? lockdep_hardirqs_on+0x7a/0x110
[  225.077636][ T7800]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  225.077662][ T7800]  ? mutex_lock_nested+0x152/0x1d0
[  225.077691][ T7800]  ? media_device_ioctl+0x2e6/0x4c0
[  225.077717][ T7800]  media_device_ioctl+0x315/0x4c0
[  225.077744][ T7800]  ? __pfx_media_device_ioctl+0x10/0x10
[  225.077796][ T7800]  ? __fget_files+0x3a6/0x420
[  225.077824][ T7800]  ? __fget_files+0x2a/0x420
[  225.077850][ T7800]  ? __pfx_media_device_ioctl+0x10/0x10
[  225.077874][ T7800]  ? media_ioctl+0x101/0x120
[  225.077896][ T7800]  ? __pfx_media_ioctl+0x10/0x10
[  225.077920][ T7800]  __se_sys_ioctl+0xff/0x170
[  225.077945][ T7800]  do_syscall_64+0x14d/0xf80
[  225.077978][ T7800]  ? trace_irq_disable+0x3b/0x150
[  225.078003][ T7800]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  225.078025][ T7800]  ? clear_bhb_loop+0x40/0x90
[  225.078052][ T7800]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  225.078073][ T7800] RIP: 0033:0x7fc65c4ec819
[  225.078094][ T7800] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  225.078111][ T7800] RSP: 002b:00007fc65a73e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  225.078131][ T7800] RAX: ffffffffffffffda RBX: 00007fc65c765fa0 RCX: 00007fc65c4ec819
[  225.078145][ T7800] RDX: 0000200000000300 RSI: 00000000c0287c02 RDI: 0000000000000003
[  225.078159][ T7800] RBP: 00007fc65a73e090 R08: 0000000000000000 R09: 0000000000000000
[  225.078172][ T7800] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  225.078184][ T7800] R13: 00007fc65c766038 R14: 00007fc65c765fa0 R15: 00007fff68c8be58
[  225.078220][ T7800]  </TASK>
[  225.709911][ T5871] usb 4-1: USB disconnect, device number 19
[  225.872527][ T7804] tipc: Started in network mode
[  225.872562][ T7804] tipc: Node identity bab7720a2746, cluster identity 4711
[  225.873342][ T7804] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  225.879561][ T7804] syzkaller0: entered promiscuous mode
[  225.879584][ T7804] syzkaller0: entered allmulticast mode
[  226.084618][ T7803] tipc: Resetting bearer <eth:syzkaller0>
[  226.245591][ T7803] tipc: Disabling bearer <eth:syzkaller0>
[  226.665372][ T5933] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  226.676244][ T7840] FAULT_INJECTION: forcing a failure.
[  226.676244][ T7840] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  226.676282][ T7840] CPU: 1 UID: 0 PID: 7840 Comm: syz.2.720 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  226.676306][ T7840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  226.676318][ T7840] Call Trace:
[  226.676326][ T7840]  <TASK>
[  226.676335][ T7840]  dump_stack_lvl+0xe8/0x150
[  226.676372][ T7840]  should_fail_ex+0x46b/0x600
[  226.676401][ T7840]  _copy_from_user+0x2d/0xb0
[  226.676418][ T7840]  do_sock_getsockopt+0x165/0x3f0
[  226.676439][ T7840]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  226.676468][ T7840]  __x64_sys_getsockopt+0x1aa/0x250
[  226.676493][ T7840]  do_syscall_64+0x14d/0xf80
[  226.676511][ T7840]  ? trace_irq_disable+0x3b/0x150
[  226.676529][ T7840]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  226.676545][ T7840]  ? clear_bhb_loop+0x40/0x90
[  226.676565][ T7840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  226.676580][ T7840] RIP: 0033:0x7f204f68c819
[  226.676595][ T7840] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  226.676608][ T7840] RSP: 002b:00007f204d8de028 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  226.676626][ T7840] RAX: ffffffffffffffda RBX: 00007f204f905fa0 RCX: 00007f204f68c819
[  226.676638][ T7840] RDX: 000000000000271b RSI: 0000200000000114 RDI: 0000000000000003
[  226.676648][ T7840] RBP: 00007f204d8de090 R08: 0000200000000040 R09: 0000000000000000
[  226.676658][ T7840] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  226.676668][ T7840] R13: 00007f204f906038 R14: 00007f204f905fa0 R15: 00007ffcbec39b88
[  226.676693][ T7840]  </TASK>
[  226.816305][ T5933] usb 4-1: config 1 interface 0 altsetting 4 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  226.816341][ T5933] usb 4-1: config 1 interface 0 has no altsetting 0
[  226.819703][ T5933] usb 4-1: New USB device found, idVendor=054c, idProduct=09cc, bcdDevice= 0.40
[  226.819729][ T5933] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  226.819747][ T5933] usb 4-1: Product: င
[  226.819760][ T5933] usb 4-1: Manufacturer: Х
[  226.819772][ T5933] usb 4-1: SerialNumber: syz
[  227.139979][ T7847] lo: entered allmulticast mode
[  227.356678][ T5933] usbhid 4-1:1.0: can't add hid device: -71
[  227.356823][ T5933] usbhid 4-1:1.0: probe with driver usbhid failed with error -71
[  227.360883][ T5933] usb 4-1: USB disconnect, device number 20
[  228.304477][ T5872] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  228.465441][ T5872] usb 4-1: Using ep0 maxpacket: 32
[  228.471223][ T5872] usb 4-1: config 0 has an invalid interface number: 12 but max is 0
[  228.471255][ T5872] usb 4-1: config 0 has no interface number 0
[  228.471306][ T5872] usb 4-1: config 0 interface 12 has no altsetting 0
[  228.473845][ T5872] usb 4-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  228.473875][ T5872] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  228.473892][ T5872] usb 4-1: Product: syz
[  228.473900][ T5872] usb 4-1: Manufacturer: syz
[  228.473908][ T5872] usb 4-1: SerialNumber: syz
[  228.498192][ T5872] usb 4-1: config 0 descriptor??
[  228.923705][ T7892] FAULT_INJECTION: forcing a failure.
[  228.923705][ T7892] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  228.923740][ T7892] CPU: 1 UID: 0 PID: 7892 Comm: syz.2.741 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  228.923759][ T7892] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  228.923768][ T7892] Call Trace:
[  228.923775][ T7892]  <TASK>
[  228.923782][ T7892]  dump_stack_lvl+0xe8/0x150
[  228.923813][ T7892]  should_fail_ex+0x46b/0x600
[  228.923842][ T7892]  _copy_from_user+0x2d/0xb0
[  228.923860][ T7892]  kstrtouint_from_user+0xd6/0x180
[  228.923884][ T7892]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  228.923907][ T7892]  ? btrfs_qgroup_rescan_worker+0x1650/0x24f0
[  228.923934][ T7892]  ? simple_read_from_buffer+0x107/0x170
[  228.923962][ T7892]  proc_fail_nth_write+0x8e/0x210
[  228.923983][ T7892]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  228.924009][ T7892]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  228.924031][ T7892]  vfs_write+0x2a3/0xba0
[  228.924064][ T7892]  ? __pfx_vfs_write+0x10/0x10
[  228.924091][ T7892]  ? smack_file_ioctl+0x2c2/0x360
[  228.924119][ T7892]  ? __pfx_smack_file_ioctl+0x10/0x10
[  228.924167][ T7892]  ksys_write+0x156/0x270
[  228.924193][ T7892]  ? __pfx_ksys_write+0x10/0x10
[  228.924229][ T7892]  do_syscall_64+0x14d/0xf80
[  228.924248][ T7892]  ? trace_irq_disable+0x3b/0x150
[  228.924267][ T7892]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  228.924284][ T7892]  ? clear_bhb_loop+0x40/0x90
[  228.924305][ T7892]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  228.924322][ T7892] RIP: 0033:0x7f204f64d04e
[  228.924339][ T7892] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  228.924354][ T7892] RSP: 002b:00007f204d8ddfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  228.924374][ T7892] RAX: ffffffffffffffda RBX: 00007f204d8de6c0 RCX: 00007f204f64d04e
[  228.924388][ T7892] RDX: 0000000000000001 RSI: 00007f204d8de0a0 RDI: 0000000000000004
[  228.924399][ T7892] RBP: 00007f204d8de090 R08: 0000000000000000 R09: 0000000000000000
[  228.924410][ T7892] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  228.924420][ T7892] R13: 00007f204f906038 R14: 00007f204f905fa0 R15: 00007ffcbec39b88
[  228.924450][ T7892]  </TASK>
[  229.357924][ T7867] netlink: 20 bytes leftover after parsing attributes in process `syz.3.731'.
[  229.977686][ T5872] f81534 4-1:0.12: f81534_set_register: reg: 1002 data: 2f failed: -71
[  229.977753][ T5872] f81534 4-1:0.12: f81534_find_config_idx: read failed: -71
[  229.977772][ T5872] f81534 4-1:0.12: f81534_calc_num_ports: find idx failed: -71
[  229.977876][ T5872] f81534 4-1:0.12: probe with driver f81534 failed with error -71
[  230.075413][ T5872] usb 4-1: USB disconnect, device number 21
[  230.610608][ T5933] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  230.764346][ T5933] usb 1-1: Using ep0 maxpacket: 32
[  230.767073][ T5933] usb 1-1: config index 0 descriptor too short (expected 45, got 36)
[  230.767137][ T5933] usb 1-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  230.770227][ T5933] usb 1-1: New USB device found, idVendor=8086, idProduct=0b63, bcdDevice= 0.00
[  230.770258][ T5933] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  230.770279][ T5933] usb 1-1: Product: syz
[  230.770294][ T5933] usb 1-1: Manufacturer: syz
[  230.770309][ T5933] usb 1-1: SerialNumber: syz
[  230.801816][ T7937] netlink: 8752 bytes leftover after parsing attributes in process `syz.4.759'.
[  230.884264][ T7939] netlink: 4 bytes leftover after parsing attributes in process `syz.4.759'.
[  230.933469][ T7927] netlink: 12 bytes leftover after parsing attributes in process `syz.3.756'.
[  231.066802][ T5933] ljca 1-1:1.0: probe with driver ljca failed with error -110
[  231.204401][ T6120] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[  231.221780][ T5872] usb 1-1: USB disconnect, device number 22
[  231.356731][ T6120] usb 4-1: New USB device found, idVendor=050d, idProduct=0121, bcdDevice=6f.3b
[  231.356766][ T6120] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  231.394062][ T6120] pegasus 4-1:254.0: Missing or invalid endpoints
[  232.008445][ T7972] FAULT_INJECTION: forcing a failure.
[  232.008445][ T7972] name failslab, interval 1, probability 0, space 0, times 0
[  232.008482][ T7972] CPU: 1 UID: 0 PID: 7972 Comm: syz.1.767 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  232.008506][ T7972] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  232.008517][ T7972] Call Trace:
[  232.008525][ T7972]  <TASK>
[  232.008533][ T7972]  dump_stack_lvl+0xe8/0x150
[  232.008568][ T7972]  should_fail_ex+0x46b/0x600
[  232.008601][ T7972]  should_failslab+0xa8/0x100
[  232.008624][ T7972]  __kmalloc_cache_noprof+0x84/0x690
[  232.008646][ T7972]  ? rtnl_newlink+0x136/0x1bb0
[  232.008682][ T7972]  rtnl_newlink+0x136/0x1bb0
[  232.008709][ T7972]  ? kasan_save_track+0x3e/0x80
[  232.008738][ T7972]  ? kasan_save_free_info+0x46/0x50
[  232.008762][ T7972]  ? __kasan_slab_free+0x5c/0x80
[  232.008790][ T7972]  ? nlmon_xmit+0xb0/0x100
[  232.008809][ T7972]  ? dev_hard_start_xmit+0x2f2/0x8b0
[  232.008832][ T7972]  ? __dev_queue_xmit+0x171a/0x39b0
[  232.008858][ T7972]  ? netlink_unicast+0x805/0x9f0
[  232.008882][ T7972]  ? netlink_sendmsg+0x813/0xb40
[  232.008910][ T7972]  ? ____sys_sendmsg+0x94c/0x9c0
[  232.008932][ T7972]  ? ___sys_sendmsg+0x2a5/0x360
[  232.008953][ T7972]  ? __x64_sys_sendmsg+0x1c3/0x2a0
[  232.008975][ T7972]  ? do_syscall_64+0x14d/0xf80
[  232.009001][ T7972]  ? __pfx_rtnl_newlink+0x10/0x10
[  232.009057][ T7972]  ? __lock_acquire+0x6b5/0x2cf0
[  232.009089][ T7972]  ? kasan_quarantine_put+0xbb/0x1f0
[  232.009117][ T7972]  ? lockdep_hardirqs_on+0x7a/0x110
[  232.009156][ T7972]  ? kmem_cache_free+0x185/0x6b0
[  232.009175][ T7972]  ? nlmon_xmit+0xb0/0x100
[  232.009209][ T7972]  ? __local_bh_enable+0x1e1/0x2f0
[  232.009242][ T7972]  ? __lock_acquire+0x6b5/0x2cf0
[  232.009268][ T7972]  ? __dev_queue_xmit+0x27d/0x39b0
[  232.009297][ T7972]  ? __dev_queue_xmit+0x1ebb/0x39b0
[  232.009320][ T7972]  ? netlink_unicast+0x805/0x9f0
[  232.009346][ T7972]  ? netlink_sendmsg+0x813/0xb40
[  232.009374][ T7972]  ? ____sys_sendmsg+0x94c/0x9c0
[  232.009399][ T7972]  ? rcu_is_watching+0x15/0xb0
[  232.009443][ T7972]  ? __pfx_rtnl_newlink+0x10/0x10
[  232.009474][ T7972]  rtnetlink_rcv_msg+0x7d5/0xbe0
[  232.009509][ T7972]  ? rtnetlink_rcv_msg+0x1b9/0xbe0
[  232.009539][ T7972]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  232.009568][ T7972]  ? ref_tracker_free+0x673/0x820
[  232.009595][ T7972]  ? __copy_skb_header+0xa3/0x4a0
[  232.009621][ T7972]  ? __pfx_ref_tracker_free+0x10/0x10
[  232.009648][ T7972]  ? __skb_clone+0x63/0x7a0
[  232.009682][ T7972]  netlink_rcv_skb+0x232/0x4b0
[  232.009715][ T7972]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  232.009748][ T7972]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  232.009792][ T7972]  ? netlink_deliver_tap+0x2e/0x1b0
[  232.009832][ T7972]  netlink_unicast+0x831/0x9f0
[  232.009869][ T7972]  ? __pfx_netlink_unicast+0x10/0x10
[  232.009895][ T7972]  ? netlink_sendmsg+0x650/0xb40
[  232.009918][ T7972]  ? skb_put+0x11b/0x210
[  232.009939][ T7972]  netlink_sendmsg+0x813/0xb40
[  232.009972][ T7972]  ? __pfx_netlink_sendmsg+0x10/0x10
[  232.010005][ T7972]  ? unwind_get_return_address+0x4d/0x90
[  232.010032][ T7972]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  232.010068][ T7972]  ____sys_sendmsg+0x94c/0x9c0
[  232.010099][ T7972]  ? __pfx_____sys_sendmsg+0x10/0x10
[  232.010163][ T7972]  ? import_iovec+0x73/0xa0
[  232.010188][ T7972]  ___sys_sendmsg+0x2a5/0x360
[  232.010220][ T7972]  ? __pfx____sys_sendmsg+0x10/0x10
[  232.010285][ T7972]  ? __fget_files+0x2a/0x420
[  232.010310][ T7972]  ? __fget_files+0x3a6/0x420
[  232.010349][ T7972]  __x64_sys_sendmsg+0x1c3/0x2a0
[  232.010377][ T7972]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  232.010413][ T7972]  ? __pfx_ksys_write+0x10/0x10
[  232.010458][ T7972]  do_syscall_64+0x14d/0xf80
[  232.010481][ T7972]  ? trace_irq_disable+0x3b/0x150
[  232.010505][ T7972]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  232.010527][ T7972]  ? clear_bhb_loop+0x40/0x90
[  232.010554][ T7972]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  232.010575][ T7972] RIP: 0033:0x7fc65c4ec819
[  232.010595][ T7972] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  232.010613][ T7972] RSP: 002b:00007fc65a71d028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  232.010636][ T7972] RAX: ffffffffffffffda RBX: 00007fc65c766090 RCX: 00007fc65c4ec819
[  232.010651][ T7972] RDX: 0000000020004090 RSI: 0000200000000280 RDI: 0000000000000004
[  232.010665][ T7972] RBP: 00007fc65a71d090 R08: 0000000000000000 R09: 0000000000000000
[  232.010678][ T7972] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  232.010691][ T7972] R13: 00007fc65c766128 R14: 00007fc65c766090 R15: 00007fff68c8be58
[  232.010725][ T7972]  </TASK>
[  232.144375][ T5985] usb 4-1: USB disconnect, device number 22
[  232.694419][ T5804] Bluetooth: hci4: command 0x0406 tx timeout
[  233.042897][ T7997] netlink: zone id is out of range
[  233.042915][ T7997] netlink: zone id is out of range
[  233.042924][ T7997] netlink: zone id is out of range
[  233.042932][ T7997] netlink: zone id is out of range
[  233.042940][ T7997] netlink: zone id is out of range
[  233.112367][ T8000] FAULT_INJECTION: forcing a failure.
[  233.112367][ T8000] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  233.112432][ T8000] CPU: 1 UID: 0 PID: 8000 Comm: syz.1.775 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  233.112456][ T8000] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  233.112468][ T8000] Call Trace:
[  233.112476][ T8000]  <TASK>
[  233.112485][ T8000]  dump_stack_lvl+0xe8/0x150
[  233.112523][ T8000]  should_fail_ex+0x46b/0x600
[  233.112558][ T8000]  _copy_from_iter+0x1d3/0x1670
[  233.112586][ T8000]  ? irqentry_exit+0x59e/0x620
[  233.112610][ T8000]  ? rcu_is_watching+0x15/0xb0
[  233.112645][ T8000]  ? __pfx__copy_from_iter+0x10/0x10
[  233.112676][ T8000]  ? skb_put+0x111/0x210
[  233.112701][ T8000]  ? __sanitizer_cov_trace_cmp4+0x44/0xa0
[  233.112728][ T8000]  ? skb_put+0x11b/0x210
[  233.112754][ T8000]  netlink_sendmsg+0x6c0/0xb40
[  233.112787][ T8000]  ? irqentry_exit+0x59e/0x620
[  233.112818][ T8000]  ? __pfx_netlink_sendmsg+0x10/0x10
[  233.112858][ T8000]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  233.112902][ T8000]  ____sys_sendmsg+0x94c/0x9c0
[  233.112934][ T8000]  ? __pfx_____sys_sendmsg+0x10/0x10
[  233.112969][ T8000]  ? import_iovec+0x73/0xa0
[  233.112995][ T8000]  ___sys_sendmsg+0x2a5/0x360
[  233.113026][ T8000]  ? __pfx____sys_sendmsg+0x10/0x10
[  233.113090][ T8000]  ? __fget_files+0x2a/0x420
[  233.113117][ T8000]  ? __fget_files+0x3a6/0x420
[  233.113153][ T8000]  __x64_sys_sendmsg+0x1c3/0x2a0
[  233.113182][ T8000]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  233.113218][ T8000]  ? rcu_is_watching+0x15/0xb0
[  233.113254][ T8000]  do_syscall_64+0x14d/0xf80
[  233.113279][ T8000]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  233.113301][ T8000]  ? clear_bhb_loop+0x40/0x90
[  233.113327][ T8000]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  233.113348][ T8000] RIP: 0033:0x7fc65c4ec819
[  233.113369][ T8000] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  233.113388][ T8000] RSP: 002b:00007fc65a6fc028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  233.113412][ T8000] RAX: ffffffffffffffda RBX: 00007fc65c766180 RCX: 00007fc65c4ec819
[  233.113427][ T8000] RDX: 0000000008000002 RSI: 0000200000000000 RDI: 0000000000000005
[  233.113441][ T8000] RBP: 00007fc65a6fc090 R08: 0000000000000000 R09: 0000000000000000
[  233.113454][ T8000] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  233.113467][ T8000] R13: 00007fc65c766218 R14: 00007fc65c766180 R15: 00007fff68c8be58
[  233.113501][ T8000]  </TASK>
[  233.696163][ T7990] delete_channel: no stack
[  234.398354][ T8019] binder: BINDER_SET_CONTEXT_MGR already set
[  234.398373][ T8019] binder: 8018:8019 ioctl 4018620d 200000004a80 returned -16
[  234.628964][ T8032] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_rx_wq": -EINTR
[  234.701000][ T8041] FAULT_INJECTION: forcing a failure.
[  234.701000][ T8041] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  234.701040][ T8041] CPU: 1 UID: 0 PID: 8041 Comm: syz.1.792 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  234.701064][ T8041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  234.701076][ T8041] Call Trace:
[  234.701085][ T8041]  <TASK>
[  234.701094][ T8041]  dump_stack_lvl+0xe8/0x150
[  234.701131][ T8041]  should_fail_ex+0x46b/0x600
[  234.701176][ T8041]  prepare_alloc_pages+0x22a/0x6b0
[  234.701210][ T8041]  __alloc_frozen_pages_noprof+0x12f/0x380
[  234.701240][ T8041]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  234.701270][ T8041]  ? __pfx_policy_nodemask+0x10/0x10
[  234.701307][ T8041]  alloc_pages_mpol+0xd1/0x380
[  234.701335][ T8041]  alloc_pages_noprof+0xce/0x1e0
[  234.701362][ T8041]  pte_alloc_one+0x22/0x380
[  234.701387][ T8041]  do_pte_missing+0x1304/0x29e0
[  234.701430][ T8041]  handle_mm_fault+0xd0a/0x13c0
[  234.701469][ T8041]  ? handle_mm_fault+0xe7/0x13c0
[  234.701505][ T8041]  ? __pfx_handle_mm_fault+0x10/0x10
[  234.701561][ T8041]  ? lock_mm_and_find_vma+0xa7/0x340
[  234.701589][ T8041]  do_user_addr_fault+0x75b/0x1340
[  234.701637][ T8041]  exc_page_fault+0x6a/0xc0
[  234.701663][ T8041]  asm_exc_page_fault+0x26/0x30
[  234.701684][ T8041] RIP: 0010:rep_movs_alternative+0xf/0x90
[  234.701715][ T8041] Code: c4 10 e9 14 21 05 00 cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 f9 40 73 44 83 f9 08 73 25 85 c9 74 0f <8a> 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 2e
[  234.701733][ T8041] RSP: 0018:ffffc900041e7d78 EFLAGS: 00050202
[  234.701753][ T8041] RAX: 00007ffffffff001 RBX: 0000000000000004 RCX: 0000000000000004
[  234.701768][ T8041] RDX: 0000000000000001 RSI: 0000200000000080 RDI: ffffc900041e7e00
[  234.701782][ T8041] RBP: ffffc900041e7e68 R08: 0000000000000003 R09: 0000000000000004
[  234.701795][ T8041] R10: dffffc0000000000 R11: fffff5200083cfc0 R12: ffff88803c9b6800
[  234.701810][ T8041] R13: ffffc900041e7de0 R14: ffffc900041e7e00 R15: 0000200000000080
[  234.701847][ T8041]  _copy_from_user+0x7a/0xb0
[  234.701870][ T8041]  do_sock_getsockopt+0x165/0x3f0
[  234.701898][ T8041]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  234.701927][ T8041]  ? ksys_write+0x202/0x270
[  234.701975][ T8041]  __x64_sys_getsockopt+0x1aa/0x250
[  234.702011][ T8041]  do_syscall_64+0x14d/0xf80
[  234.702035][ T8041]  ? trace_irq_disable+0x3b/0x150
[  234.702060][ T8041]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  234.702081][ T8041]  ? clear_bhb_loop+0x40/0x90
[  234.702108][ T8041]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  234.702129][ T8041] RIP: 0033:0x7fc65c4ec819
[  234.702157][ T8041] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  234.702174][ T8041] RSP: 002b:00007fc65a73e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  234.702194][ T8041] RAX: ffffffffffffffda RBX: 00007fc65c765fa0 RCX: 00007fc65c4ec819
[  234.702209][ T8041] RDX: 0000000000000001 RSI: 0000000000000111 RDI: 0000000000000004
[  234.702222][ T8041] RBP: 00007fc65a73e090 R08: 0000200000000080 R09: 0000000000000000
[  234.702236][ T8041] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  234.702248][ T8041] R13: 00007fc65c766038 R14: 00007fc65c765fa0 R15: 00007fff68c8be58
[  234.702284][ T8041]  </TASK>
[  235.651353][    C1] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  237.476262][ T6120] usb 1-1: new full-speed USB device number 23 using dummy_hcd
[  237.587251][ T8073] FAULT_INJECTION: forcing a failure.
[  237.587251][ T8073] name failslab, interval 1, probability 0, space 0, times 0
[  237.587289][ T8073] CPU: 0 UID: 0 PID: 8073 Comm: syz.4.801 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  237.587312][ T8073] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  237.587325][ T8073] Call Trace:
[  237.587333][ T8073]  <TASK>
[  237.587341][ T8073]  dump_stack_lvl+0xe8/0x150
[  237.587379][ T8073]  should_fail_ex+0x46b/0x600
[  237.587413][ T8073]  should_failslab+0xa8/0x100
[  237.587438][ T8073]  __kmalloc_node_noprof+0xe7/0x7f0
[  237.587458][ T8073]  ? alloc_slab_obj_exts+0xbf/0x240
[  237.587491][ T8073]  alloc_slab_obj_exts+0xbf/0x240
[  237.587523][ T8073]  __memcg_slab_post_alloc_hook+0x525/0xa20
[  237.587567][ T8073]  ? __alloc_skb+0x1d0/0x7d0
[  237.587590][ T8073]  kmem_cache_alloc_node_noprof+0x4b7/0x6e0
[  237.587620][ T8073]  ? __alloc_skb+0x1d0/0x7d0
[  237.587647][ T8073]  __alloc_skb+0x1d0/0x7d0
[  237.587674][ T8073]  alloc_skb_with_frags+0xca/0x890
[  237.587706][ T8073]  ? rtlock_slowlock_locked+0xfb/0x3c80
[  237.587731][ T8073]  sock_alloc_send_pskb+0x884/0x9a0
[  237.587755][ T8073]  ? __lock_acquire+0x6b5/0x2cf0
[  237.587795][ T8073]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  237.587822][ T8073]  ? do_raw_spin_lock+0x12b/0x2f0
[  237.587862][ T8073]  ? smack_socket_getpeersec_dgram+0x320/0x430
[  237.587897][ T8073]  unix_dgram_sendmsg+0x460/0x18e0
[  237.587928][ T8073]  ? __pfx_smack_socket_sendmsg+0x10/0x10
[  237.587963][ T8073]  ? __lock_acquire+0x6b5/0x2cf0
[  237.587985][ T8073]  ? __pfx_unix_dgram_sendmsg+0x10/0x10
[  237.588004][ T8073]  ? tomoyo_socket_sendmsg_permission+0x1e0/0x300
[  237.588041][ T8073]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  237.588074][ T8073]  ____sys_sendmsg+0x94c/0x9c0
[  237.588101][ T8073]  ? __pfx_____sys_sendmsg+0x10/0x10
[  237.588133][ T8073]  ? import_iovec+0x73/0xa0
[  237.588158][ T8073]  ___sys_sendmsg+0x2a5/0x360
[  237.588188][ T8073]  ? __pfx____sys_sendmsg+0x10/0x10
[  237.588217][ T8073]  ? kstrtouint+0x6e/0xe0
[  237.588271][ T8073]  ? __fget_files+0x2a/0x420
[  237.588297][ T8073]  ? __fget_files+0x3a6/0x420
[  237.588334][ T8073]  __sys_sendmmsg+0x282/0x4e0
[  237.588364][ T8073]  ? __pfx___sys_sendmmsg+0x10/0x10
[  237.588399][ T8073]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  237.588444][ T8073]  ? ksys_write+0x248/0x270
[  237.588477][ T8073]  ? __pfx_ksys_write+0x10/0x10
[  237.588512][ T8073]  __x64_sys_sendmmsg+0xa0/0xc0
[  237.588539][ T8073]  do_syscall_64+0x14d/0xf80
[  237.588561][ T8073]  ? trace_irq_disable+0x3b/0x150
[  237.588585][ T8073]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  237.588605][ T8073]  ? clear_bhb_loop+0x40/0x90
[  237.588629][ T8073]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  237.588649][ T8073] RIP: 0033:0x7f4bb691c819
[  237.588669][ T8073] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  237.588687][ T8073] RSP: 002b:00007f4bb4b6e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  237.588718][ T8073] RAX: ffffffffffffffda RBX: 00007f4bb6b95fa0 RCX: 00007f4bb691c819
[  237.588732][ T8073] RDX: 0400000000000041 RSI: 0000200000000000 RDI: 0000000000000006
[  237.588745][ T8073] RBP: 00007f4bb4b6e090 R08: 0000000000000000 R09: 0000000000000000
[  237.588757][ T8073] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  237.588769][ T8073] R13: 00007f4bb6b96038 R14: 00007f4bb6b95fa0 R15: 00007ffdd3fc2d88
[  237.588803][ T8073]  </TASK>
[  237.771260][ T8056] loop5: detected capacity change from 0 to 7
[  237.880994][ T8056] Dev loop5: unable to read RDB block 7
[  237.881034][ T8056]  loop5: AHDI p1 p2
[  237.881067][ T8056] loop5: partition table partially beyond EOD, truncated
[  237.882111][ T8056] loop5: p1 size 150995456 extends beyond EOD, truncated
[  237.919239][ T8079] Bluetooth: MGMT ver 1.23
[  238.019199][ T6120] usb 1-1: unable to get BOS descriptor or descriptor too short
[  238.021322][ T6120] usb 1-1: unable to read config index 0 descriptor/start: -71
[  238.021363][ T6120] usb 1-1: can't read configurations, error -71
[  238.268740][ T6084] udevd[6084]: inotify_add_watch(7, /dev/loop5p1, 10) failed: No such file or directory
[  239.918664][ T8106] FAULT_INJECTION: forcing a failure.
[  239.918664][ T8106] name failslab, interval 1, probability 0, space 0, times 0
[  239.918702][ T8106] CPU: 0 UID: 0 PID: 8106 Comm: syz.3.810 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  239.918726][ T8106] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  239.918738][ T8106] Call Trace:
[  239.918746][ T8106]  <TASK>
[  239.918755][ T8106]  dump_stack_lvl+0xe8/0x150
[  239.918792][ T8106]  should_fail_ex+0x46b/0x600
[  239.918826][ T8106]  should_failslab+0xa8/0x100
[  239.918850][ T8106]  kmem_cache_alloc_node_noprof+0x8f/0x6e0
[  239.918880][ T8106]  ? __alloc_skb+0x1d0/0x7d0
[  239.918900][ T8106]  ? lockdep_hardirqs_on+0x7a/0x110
[  239.918939][ T8106]  __alloc_skb+0x1d0/0x7d0
[  239.918963][ T8106]  ppp_write+0xb4/0x400
[  239.918981][ T8106]  ? vfs_writev+0x49d/0x9a0
[  239.919007][ T8106]  vfs_writev+0x4c6/0x9a0
[  239.919031][ T8106]  ? __pfx_ppp_write+0x10/0x10
[  239.919055][ T8106]  ? __pfx_vfs_writev+0x10/0x10
[  239.919093][ T8106]  ? __fget_files+0x2a/0x420
[  239.919123][ T8106]  ? __fget_files+0x3a6/0x420
[  239.919146][ T8106]  ? __fget_files+0x2a/0x420
[  239.919179][ T8106]  do_writev+0x15a/0x2e0
[  239.919206][ T8106]  ? __pfx_do_writev+0x10/0x10
[  239.919244][ T8106]  do_syscall_64+0x14d/0xf80
[  239.919267][ T8106]  ? trace_irq_disable+0x3b/0x150
[  239.919291][ T8106]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  239.919311][ T8106]  ? clear_bhb_loop+0x40/0x90
[  239.919337][ T8106]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  239.919358][ T8106] RIP: 0033:0x7f39cd49c819
[  239.919377][ T8106] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  239.919395][ T8106] RSP: 002b:00007f39cb6f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  239.919419][ T8106] RAX: ffffffffffffffda RBX: 00007f39cd715fa0 RCX: 00007f39cd49c819
[  239.919433][ T8106] RDX: 0000000000000001 RSI: 0000200000000000 RDI: 000000000000000b
[  239.919446][ T8106] RBP: 00007f39cb6f6090 R08: 0000000000000000 R09: 0000000000000000
[  239.919459][ T8106] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  239.919472][ T8106] R13: 00007f39cd716038 R14: 00007f39cd715fa0 R15: 00007fff64da7ac8
[  239.919504][ T8106]  </TASK>
[  242.015932][ T8163] netlink: 48 bytes leftover after parsing attributes in process `syz.0.836'.
[  242.139538][ T8165] netlink: 52 bytes leftover after parsing attributes in process `syz.0.837'.
[  242.139572][ T8165] netlink: 52 bytes leftover after parsing attributes in process `syz.0.837'.
[  242.139589][ T8165] netlink: 20 bytes leftover after parsing attributes in process `syz.0.837'.
[  244.423598][ T8209] FAULT_INJECTION: forcing a failure.
[  244.423598][ T8209] name failslab, interval 1, probability 0, space 0, times 0
[  244.423627][ T8209] CPU: 0 UID: 0 PID: 8209 Comm: syz.2.856 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  244.423645][ T8209] Tainted: [L]=SOFTLOCKUP
[  244.423649][ T8209] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  244.423656][ T8209] Call Trace:
[  244.423661][ T8209]  <TASK>
[  244.423666][ T8209]  dump_stack_lvl+0xe8/0x150
[  244.423689][ T8209]  should_fail_ex+0x46b/0x600
[  244.423710][ T8209]  should_failslab+0xa8/0x100
[  244.423723][ T8209]  __kmalloc_noprof+0xdf/0x7b0
[  244.423735][ T8209]  ? security_sk_alloc+0x52/0x360
[  244.423750][ T8209]  security_sk_alloc+0x52/0x360
[  244.423765][ T8209]  sk_prot_alloc+0x101/0x210
[  244.423780][ T8209]  ? sk_alloc+0x27/0x390
[  244.423793][ T8209]  sk_alloc+0x3a/0x390
[  244.423807][ T8209]  bpf_prog_test_run_skb+0x3ed/0x1c90
[  244.423825][ T8209]  ? bpf_prog_test_run_skb+0x1f1/0x1c90
[  244.423845][ T8209]  ? __rcu_read_unlock+0x83/0xe0
[  244.423862][ T8209]  ? __fget_files+0x2a/0x420
[  244.423877][ T8209]  ? __fget_files+0x3a6/0x420
[  244.423906][ T8209]  ? __fget_files+0x2a/0x420
[  244.423924][ T8209]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  244.423941][ T8209]  bpf_prog_test_run+0x2cd/0x340
[  244.423959][ T8209]  __sys_bpf+0x643/0x950
[  244.423975][ T8209]  ? __pfx___sys_bpf+0x10/0x10
[  244.423996][ T8209]  ? rt_mutex_slowunlock+0x1cb/0x300
[  244.424052][ T8209]  ? ksys_write+0x248/0x270
[  244.424083][ T8209]  ? __pfx_ksys_write+0x10/0x10
[  244.424120][ T8209]  __x64_sys_bpf+0x7c/0x90
[  244.424143][ T8209]  do_syscall_64+0x14d/0xf80
[  244.424166][ T8209]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  244.424185][ T8209]  ? clear_bhb_loop+0x40/0x90
[  244.424212][ T8209]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  244.424231][ T8209] RIP: 0033:0x7f204f68c819
[  244.424251][ T8209] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  244.424268][ T8209] RSP: 002b:00007f204d8de028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  244.424291][ T8209] RAX: ffffffffffffffda RBX: 00007f204f905fa0 RCX: 00007f204f68c819
[  244.424305][ T8209] RDX: 0000000000000028 RSI: 0000200000000080 RDI: 000000000000000a
[  244.424319][ T8209] RBP: 00007f204d8de090 R08: 0000000000000000 R09: 0000000000000000
[  244.424331][ T8209] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  244.424344][ T8209] R13: 00007f204f906038 R14: 00007f204f905fa0 R15: 00007ffcbec39b88
[  244.424376][ T8209]  </TASK>
[  244.505796][ T8211] FAULT_INJECTION: forcing a failure.
[  244.505796][ T8211] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  244.505839][ T8211] CPU: 0 UID: 0 PID: 8211 Comm: syz.1.855 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  244.505864][ T8211] Tainted: [L]=SOFTLOCKUP
[  244.505870][ T8211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  244.505880][ T8211] Call Trace:
[  244.505887][ T8211]  <TASK>
[  244.505895][ T8211]  dump_stack_lvl+0xe8/0x150
[  244.505927][ T8211]  should_fail_ex+0x46b/0x600
[  244.505958][ T8211]  _copy_from_user+0x2d/0xb0
[  244.505983][ T8211]  iommufd_test+0x4331/0x5d10
[  244.506023][ T8211]  ? __pfx_iommufd_test+0x10/0x10
[  244.506043][ T8211]  ? __lock_acquire+0x6b5/0x2cf0
[  244.506069][ T8211]  ? tomoyo_path_number_perm+0x219/0x630
[  244.506090][ T8211]  ? tomoyo_path_number_perm+0x219/0x630
[  244.506113][ T8211]  ? do_vfs_ioctl+0x117b/0x1540
[  244.506160][ T8211]  iommufd_fops_ioctl+0x4b8/0x5d0
[  244.506189][ T8211]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[  244.506227][ T8211]  ? __fget_files+0x2a/0x420
[  244.506253][ T8211]  ? bpf_lsm_file_ioctl+0x9/0x20
[  244.506272][ T8211]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[  244.506298][ T8211]  __se_sys_ioctl+0xff/0x170
[  244.506318][ T8211]  do_syscall_64+0x14d/0xf80
[  244.506347][ T8211]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  244.506366][ T8211]  ? clear_bhb_loop+0x40/0x90
[  244.506388][ T8211]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  244.506406][ T8211] RIP: 0033:0x7fc65c4ec819
[  244.506425][ T8211] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  244.506440][ T8211] RSP: 002b:00007fc65a71d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  244.506461][ T8211] RAX: ffffffffffffffda RBX: 00007fc65c766090 RCX: 00007fc65c4ec819
[  244.506474][ T8211] RDX: 0000200000001200 RSI: 0000000000003ba0 RDI: 0000000000000004
[  244.506486][ T8211] RBP: 00007fc65a71d090 R08: 0000000000000000 R09: 0000000000000000
[  244.506497][ T8211] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  244.506508][ T8211] R13: 00007fc65c766128 R14: 00007fc65c766090 R15: 00007fff68c8be58
[  244.506538][ T8211]  </TASK>
[  246.034386][    T9] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[  246.070166][ T8268] FAULT_INJECTION: forcing a failure.
[  246.070166][ T8268] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  246.070192][ T8268] CPU: 0 UID: 0 PID: 8268 Comm: syz.1.881 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  246.070209][ T8268] Tainted: [L]=SOFTLOCKUP
[  246.070214][ T8268] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  246.070221][ T8268] Call Trace:
[  246.070225][ T8268]  <TASK>
[  246.070231][ T8268]  dump_stack_lvl+0xe8/0x150
[  246.070253][ T8268]  should_fail_ex+0x46b/0x600
[  246.070273][ T8268]  _copy_from_user+0x2d/0xb0
[  246.070285][ T8268]  ___sys_sendmsg+0x1c6/0x360
[  246.070303][ T8268]  ? __pfx____sys_sendmsg+0x10/0x10
[  246.070337][ T8268]  ? __fget_files+0x2a/0x420
[  246.070351][ T8268]  ? __fget_files+0x3a6/0x420
[  246.070371][ T8268]  __x64_sys_sendmsg+0x1c3/0x2a0
[  246.070386][ T8268]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  246.070405][ T8268]  ? __pfx_ksys_write+0x10/0x10
[  246.070429][ T8268]  do_syscall_64+0x14d/0xf80
[  246.070442][ T8268]  ? trace_irq_disable+0x3b/0x150
[  246.070456][ T8268]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  246.070468][ T8268]  ? clear_bhb_loop+0x40/0x90
[  246.070482][ T8268]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  246.070494][ T8268] RIP: 0033:0x7fc65c4ec819
[  246.070506][ T8268] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  246.070517][ T8268] RSP: 002b:00007fc65a73e028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  246.070531][ T8268] RAX: ffffffffffffffda RBX: 00007fc65c765fa0 RCX: 00007fc65c4ec819
[  246.070540][ T8268] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000003
[  246.070547][ T8268] RBP: 00007fc65a73e090 R08: 0000000000000000 R09: 0000000000000000
[  246.070554][ T8268] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  246.070561][ T8268] R13: 00007fc65c766038 R14: 00007fc65c765fa0 R15: 00007fff68c8be58
[  246.070580][ T8268]  </TASK>
[  246.196398][    T9] usb 4-1: config 1 interface 0 altsetting 4 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  246.196432][    T9] usb 4-1: config 1 interface 0 has no altsetting 0
[  246.199212][    T9] usb 4-1: New USB device found, idVendor=054c, idProduct=09cc, bcdDevice= 0.40
[  246.199237][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  246.199255][    T9] usb 4-1: Product: င
[  246.199268][    T9] usb 4-1: Manufacturer: Х
[  246.199281][    T9] usb 4-1: SerialNumber: syz
[  246.374794][ T5856] usb 1-1: new high-speed USB device number 25 using dummy_hcd
[  246.524251][ T5856] usb 1-1: Using ep0 maxpacket: 32
[  246.527924][ T5856] usb 1-1: config 0 has an invalid interface number: 184 but max is 0
[  246.527954][ T5856] usb 1-1: config 0 has no interface number 0
[  246.528007][ T5856] usb 1-1: config 0 interface 184 has no altsetting 0
[  246.536678][ T5856] usb 1-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  246.536758][ T5856] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  246.536777][ T5856] usb 1-1: Product: syz
[  246.536799][ T5856] usb 1-1: Manufacturer: syz
[  246.536812][ T5856] usb 1-1: SerialNumber: syz
[  246.584951][ T5856] usb 1-1: config 0 descriptor??
[  246.718995][ T8285] 
@�: renamed from bond_slave_0 (while UP)
[  246.736406][    T9] usbhid 4-1:1.0: can't add hid device: -71
[  246.738851][    T9] usbhid 4-1:1.0: probe with driver usbhid failed with error -71
[  246.790595][    T9] usb 4-1: USB disconnect, device number 23
[  247.131133][ T8301] FAULT_INJECTION: forcing a failure.
[  247.131133][ T8301] name failslab, interval 1, probability 0, space 0, times 0
[  247.131173][ T8301] CPU: 1 UID: 0 PID: 8301 Comm: syz.2.893 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  247.131202][ T8301] Tainted: [L]=SOFTLOCKUP
[  247.131209][ T8301] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  247.131222][ T8301] Call Trace:
[  247.131229][ T8301]  <TASK>
[  247.131239][ T8301]  dump_stack_lvl+0xe8/0x150
[  247.131274][ T8301]  should_fail_ex+0x46b/0x600
[  247.131308][ T8301]  should_failslab+0xa8/0x100
[  247.131332][ T8301]  kmem_cache_alloc_noprof+0x87/0x680
[  247.131363][ T8301]  ? do_getname+0x2e/0x250
[  247.131392][ T8301]  do_getname+0x2e/0x250
[  247.131419][ T8301]  __se_sys_rename+0x3a/0x2c0
[  247.131446][ T8301]  do_syscall_64+0x14d/0xf80
[  247.131470][ T8301]  ? trace_irq_disable+0x3b/0x150
[  247.131493][ T8301]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  247.131513][ T8301]  ? clear_bhb_loop+0x40/0x90
[  247.131538][ T8301]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  247.131559][ T8301] RIP: 0033:0x7f204f68c819
[  247.131578][ T8301] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  247.131596][ T8301] RSP: 002b:00007f204d89c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000052
[  247.131618][ T8301] RAX: ffffffffffffffda RBX: 00007f204f906180 RCX: 00007f204f68c819
[  247.131633][ T8301] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000440
[  247.131646][ T8301] RBP: 00007f204d89c090 R08: 0000000000000000 R09: 0000000000000000
[  247.131659][ T8301] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  247.131672][ T8301] R13: 00007f204f906218 R14: 00007f204f906180 R15: 00007ffcbec39b88
[  247.131703][ T8301]  </TASK>
[  247.354363][ T6120] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  247.504356][ T6120] usb 5-1: Using ep0 maxpacket: 32
[  247.508053][ T5856] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -71
[  247.508085][ T5856] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  247.508593][ T5856] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  247.508619][ T5856] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[  247.508637][ T5856] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[  247.508654][ T5856] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[  247.508953][ T5856] smsc75xx 1-1:0.184: probe with driver smsc75xx failed with error -71
[  247.522411][ T6120] usb 5-1: config 0 has an invalid interface number: 184 but max is 0
[  247.522442][ T6120] usb 5-1: config 0 has no interface number 0
[  247.522496][ T6120] usb 5-1: config 0 interface 184 has no altsetting 0
[  247.523568][ T5856] usb 1-1: USB disconnect, device number 25
[  247.627342][ T6120] usb 5-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  247.627377][ T6120] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  247.627399][ T6120] usb 5-1: Product: syz
[  247.627414][ T6120] usb 5-1: Manufacturer: syz
[  247.627428][ T6120] usb 5-1: SerialNumber: syz
[  247.682689][ T6120] usb 5-1: config 0 descriptor??
[  247.728389][ T5872] usb 4-1: new full-speed USB device number 24 using dummy_hcd
[  247.910544][ T5872] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  247.910583][ T5872] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  247.910622][ T5872] usb 4-1: New USB device found, idVendor=056a, idProduct=5000, bcdDevice= 0.00
[  247.910640][ T5872] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  247.917165][ T5872] usb 4-1: config 0 descriptor??
[  248.378836][ T5872] hid (null): unknown global tag 0xc
[  248.426056][ T5872] wacom 0003:056A:5000.0007: unknown main item tag 0x0
[  248.428125][ T5872] wacom 0003:056A:5000.0007: unknown main item tag 0x0
[  248.428158][ T5872] wacom 0003:056A:5000.0007: unknown main item tag 0x0
[  248.428184][ T5872] wacom 0003:056A:5000.0007: unknown main item tag 0x0
[  248.428209][ T5872] wacom 0003:056A:5000.0007: unknown main item tag 0x0
[  248.428234][ T5872] wacom 0003:056A:5000.0007: unknown main item tag 0x0
[  248.428258][ T5872] wacom 0003:056A:5000.0007: unknown main item tag 0x0
[  248.428283][ T5872] wacom 0003:056A:5000.0007: unknown main item tag 0x0
[  248.428307][ T5872] wacom 0003:056A:5000.0007: unknown main item tag 0x0
[  248.428333][ T5872] wacom 0003:056A:5000.0007: unknown main item tag 0x0
[  248.442622][ T5872] wacom 0003:056A:5000.0007: unknown global tag 0xc
[  248.442644][ T5872] wacom 0003:056A:5000.0007: item 0 1 1 12 parsing failed
[  248.443433][ T5872] wacom 0003:056A:5000.0007: parse failed
[  248.443541][ T5872] wacom 0003:056A:5000.0007: probe with driver wacom failed with error -22
[  248.580130][ T5856] usb 4-1: USB disconnect, device number 24
[  248.795383][ T6120] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000040: -71
[  248.795419][ T6120] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Error writing E2P_CMD
[  248.799317][ T6120] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  248.799348][ T6120] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[  248.799368][ T6120] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[  248.799387][ T6120] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[  248.799738][ T6120] smsc75xx 5-1:0.184: probe with driver smsc75xx failed with error -71
[  248.879882][ T6120] usb 5-1: USB disconnect, device number 24
[  248.986317][ T8335] random: crng reseeded on system resumption
[  249.156518][ T5804] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  249.177537][ T5804] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  249.178967][ T5804] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  249.205373][ T5804] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  249.262592][ T5804] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  249.396609][ T6117] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  249.624552][ T5856] usb 4-1: new high-speed USB device number 25 using dummy_hcd
[  249.714391][ T5985] usb 1-1: new high-speed USB device number 26 using dummy_hcd
[  249.724312][    T9] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  249.794848][ T5856] usb 4-1: Using ep0 maxpacket: 32
[  249.800275][ T5856] usb 4-1: config 0 has an invalid interface number: 184 but max is 0
[  249.800295][ T5856] usb 4-1: config 0 has no interface number 0
[  249.800324][ T5856] usb 4-1: config 0 interface 184 has no altsetting 0
[  249.849936][ T5856] usb 4-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  249.849971][ T5856] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  249.849993][ T5856] usb 4-1: Product: syz
[  249.850008][ T5856] usb 4-1: Manufacturer: syz
[  249.850021][ T5856] usb 4-1: SerialNumber: syz
[  249.860757][ T5856] usb 4-1: config 0 descriptor??
[  249.864279][ T5985] usb 1-1: Using ep0 maxpacket: 16
[  249.874325][ T5985] usb 1-1: config 1 has an invalid interface number: 105 but max is 0
[  249.874354][ T5985] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  249.874373][ T5985] usb 1-1: config 1 has no interface number 0
[  249.874420][ T5985] usb 1-1: config 1 interface 105 altsetting 2 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  249.874448][ T5985] usb 1-1: config 1 interface 105 has no altsetting 0
[  249.880823][    T9] usb 5-1: config 1 interface 0 altsetting 4 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  249.880909][    T9] usb 5-1: config 1 interface 0 has no altsetting 0
[  249.888520][    T9] usb 5-1: New USB device found, idVendor=054c, idProduct=09cc, bcdDevice= 0.40
[  249.888547][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  249.888618][    T9] usb 5-1: Product: င
[  249.888631][    T9] usb 5-1: Manufacturer: Х
[  249.888643][    T9] usb 5-1: SerialNumber: syz
[  249.954457][ T5985] usb 1-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d
[  249.954489][ T5985] usb 1-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[  249.954509][ T5985] usb 1-1: Product: syz
[  249.954524][ T5985] usb 1-1: Manufacturer: syz
[  249.954537][ T5985] usb 1-1: SerialNumber: syz
[  250.143048][ T6117] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  250.453304][    T9] usbhid 5-1:1.0: can't add hid device: -71
[  250.453483][    T9] usbhid 5-1:1.0: probe with driver usbhid failed with error -71
[  250.541196][    T9] usb 5-1: USB disconnect, device number 25
[  251.089049][ T5985] aqc111 1-1:1.105: probe with driver aqc111 failed with error -22
[  251.118693][ T6117] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  251.425586][ T5804] Bluetooth: hci2: command tx timeout
[  251.911194][ T5856] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -71
[  251.911230][ T5856] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  251.911943][ T5856] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  251.911970][ T5856] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[  251.911990][ T5856] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[  251.912008][ T5856] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[  251.912356][ T5856] smsc75xx 4-1:0.184: probe with driver smsc75xx failed with error -71
[  251.952316][ T5856] usb 4-1: USB disconnect, device number 25
[  252.237752][ T6117] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  252.925154][ T8339] chnl_net:caif_netlink_parms(): no params data found
[  253.049610][ T5856] usb 1-1: USB disconnect, device number 26
[  253.064352][ T5872] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[  253.117692][ T6117] bridge_slave_1: left allmulticast mode
[  253.117819][ T6117] bridge_slave_1: left promiscuous mode
[  253.118578][ T6117] bridge0: port 2(bridge_slave_1) entered disabled state
[  253.217491][ T6117] bridge_slave_0: left allmulticast mode
[  253.217526][ T6117] bridge_slave_0: left promiscuous mode
[  253.220385][ T6117] bridge0: port 1(bridge_slave_0) entered disabled state
[  253.228745][ T8415] FAULT_INJECTION: forcing a failure.
[  253.228745][ T8415] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  253.228770][ T8415] CPU: 0 UID: 0 PID: 8415 Comm: syz.0.941 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  253.228787][ T8415] Tainted: [L]=SOFTLOCKUP
[  253.228792][ T8415] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  253.228799][ T8415] Call Trace:
[  253.228804][ T8415]  <TASK>
[  253.228809][ T8415]  dump_stack_lvl+0xe8/0x150
[  253.228832][ T8415]  should_fail_ex+0x46b/0x600
[  253.228853][ T8415]  _copy_to_user+0x31/0xb0
[  253.228866][ T8415]  __htab_map_lookup_and_delete_batch+0x1545/0x1a20
[  253.228881][ T8415]  ? __lock_acquire+0x6b5/0x2cf0
[  253.228915][ T8415]  ? __pfx___htab_map_lookup_and_delete_batch+0x10/0x10
[  253.228933][ T8415]  ? __pfx_htab_map_lookup_and_delete_batch+0x10/0x10
[  253.228962][ T8415]  bpf_map_do_batch+0x45b/0x630
[  253.228981][ T8415]  __sys_bpf+0x594/0x950
[  253.228997][ T8415]  ? __pfx___sys_bpf+0x10/0x10
[  253.229010][ T8415]  ? rt_mutex_slowunlock+0x1cb/0x300
[  253.229037][ T8415]  ? ksys_write+0x248/0x270
[  253.229056][ T8415]  ? __pfx_ksys_write+0x10/0x10
[  253.229078][ T8415]  __x64_sys_bpf+0x7c/0x90
[  253.229092][ T8415]  do_syscall_64+0x14d/0xf80
[  253.229104][ T8415]  ? trace_irq_disable+0x3b/0x150
[  253.229118][ T8415]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  253.229129][ T8415]  ? clear_bhb_loop+0x40/0x90
[  253.229143][ T8415]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  253.229155][ T8415] RIP: 0033:0x7fa104ccc819
[  253.229167][ T8415] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  253.229178][ T8415] RSP: 002b:00007fa102f1e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  253.229192][ T8415] RAX: ffffffffffffffda RBX: 00007fa104f45fa0 RCX: 00007fa104ccc819
[  253.229200][ T8415] RDX: 0000000000000038 RSI: 0000200000000800 RDI: 0000000000000019
[  253.229208][ T8415] RBP: 00007fa102f1e090 R08: 0000000000000000 R09: 0000000000000000
[  253.229216][ T8415] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  253.229223][ T8415] R13: 00007fa104f46038 R14: 00007fa104f45fa0 R15: 00007ffe2cc13538
[  253.229241][ T8415]  </TASK>
[  253.242648][ T5872] usb 4-1: Using ep0 maxpacket: 32
[  253.270294][ T5872] usb 4-1: config 0 has an invalid interface number: 184 but max is 0
[  253.270322][ T5872] usb 4-1: config 0 has no interface number 0
[  253.270369][ T5872] usb 4-1: config 0 interface 184 has no altsetting 0
[  253.278172][ T5872] usb 4-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  253.278204][ T5872] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  253.278223][ T5872] usb 4-1: Product: syz
[  253.278237][ T5872] usb 4-1: Manufacturer: syz
[  253.278250][ T5872] usb 4-1: SerialNumber: syz
[  253.307380][ T5872] usb 4-1: config 0 descriptor??
[  253.494328][ T5804] Bluetooth: hci2: command tx timeout
[  255.445389][ T8441] FAULT_INJECTION: forcing a failure.
[  255.445389][ T8441] name failslab, interval 1, probability 0, space 0, times 0
[  255.445430][ T8441] CPU: 1 UID: 0 PID: 8441 Comm: syz.1.952 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  255.445459][ T8441] Tainted: [L]=SOFTLOCKUP
[  255.445467][ T8441] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  255.445479][ T8441] Call Trace:
[  255.445487][ T8441]  <TASK>
[  255.445496][ T8441]  dump_stack_lvl+0xe8/0x150
[  255.445533][ T8441]  should_fail_ex+0x46b/0x600
[  255.445567][ T8441]  should_failslab+0xa8/0x100
[  255.445593][ T8441]  kmem_cache_alloc_noprof+0x87/0x680
[  255.445625][ T8441]  ? alloc_empty_file+0x55/0x1d0
[  255.445657][ T8441]  alloc_empty_file+0x55/0x1d0
[  255.445684][ T8441]  path_openat+0x11b/0x38a0
[  255.445736][ T8441]  ? try_to_take_rt_mutex+0x840/0xb00
[  255.445757][ T8441]  ? arch_stack_walk+0xfb/0x150
[  255.445789][ T8441]  ? rtlock_slowlock_locked+0xfb/0x3c80
[  255.445819][ T8441]  ? __pfx_path_openat+0x10/0x10
[  255.445852][ T8441]  ? __lock_acquire+0x6b5/0x2cf0
[  255.445883][ T8441]  ? kmem_cache_alloc_noprof+0x33b/0x680
[  255.445921][ T8441]  ? do_raw_spin_lock+0x12b/0x2f0
[  255.445960][ T8441]  do_file_open+0x23e/0x4a0
[  255.445989][ T8441]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  255.446018][ T8441]  ? __pfx_do_file_open+0x10/0x10
[  255.446047][ T8441]  ? rt_mutex_slowunlock+0x4a7/0x8b0
[  255.446103][ T8441]  ? alloc_fd+0x64e/0x6c0
[  255.446142][ T8441]  do_sys_openat2+0x113/0x200
[  255.446172][ T8441]  ? __pfx_do_sys_openat2+0x10/0x10
[  255.446200][ T8441]  ? ksys_write+0x248/0x270
[  255.446234][ T8441]  ? __pfx_ksys_write+0x10/0x10
[  255.446269][ T8441]  __x64_sys_openat+0x138/0x170
[  255.446302][ T8441]  do_syscall_64+0x14d/0xf80
[  255.446325][ T8441]  ? trace_irq_disable+0x3b/0x150
[  255.446350][ T8441]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  255.446372][ T8441]  ? clear_bhb_loop+0x40/0x90
[  255.446398][ T8441]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  255.446419][ T8441] RIP: 0033:0x7fc65c4ec819
[  255.446440][ T8441] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  255.446459][ T8441] RSP: 002b:00007fc65a73e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  255.446483][ T8441] RAX: ffffffffffffffda RBX: 00007fc65c765fa0 RCX: 00007fc65c4ec819
[  255.446499][ T8441] RDX: 0000000000006100 RSI: 0000200000000200 RDI: ffffffffffffff9c
[  255.446514][ T8441] RBP: 00007fc65a73e090 R08: 0000000000000000 R09: 0000000000000000
[  255.446527][ T8441] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  255.446540][ T8441] R13: 00007fc65c766038 R14: 00007fc65c765fa0 R15: 00007fff68c8be58
[  255.446575][ T8441]  </TASK>
[  255.574342][ T5804] Bluetooth: hci2: command tx timeout
[  255.767134][ T5872] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000040: -71
[  255.767169][ T5872] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Error writing E2P_CMD
[  255.768932][ T5872] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  255.768960][ T5872] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[  255.768980][ T5872] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[  255.768998][ T5872] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[  255.769337][ T5872] smsc75xx 4-1:0.184: probe with driver smsc75xx failed with error -71
[  255.804856][ T5872] usb 4-1: USB disconnect, device number 26
[  256.075449][ T1323] ieee802154 phy0 wpan0: encryption failed: -22
[  256.075497][ T1323] ieee802154 phy1 wpan1: encryption failed: -22
[  256.366759][ T8458] netlink: 'syz.3.959': attribute type 5 has an invalid length.
[  256.392622][ T8459] FAULT_INJECTION: forcing a failure.
[  256.392622][ T8459] name failslab, interval 1, probability 0, space 0, times 0
[  256.392663][ T8459] CPU: 1 UID: 0 PID: 8459 Comm: syz.4.958 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  256.392691][ T8459] Tainted: [L]=SOFTLOCKUP
[  256.392699][ T8459] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  256.392711][ T8459] Call Trace:
[  256.392720][ T8459]  <TASK>
[  256.392729][ T8459]  dump_stack_lvl+0xe8/0x150
[  256.392767][ T8459]  should_fail_ex+0x46b/0x600
[  256.392802][ T8459]  should_failslab+0xa8/0x100
[  256.392828][ T8459]  kmem_cache_alloc_noprof+0x87/0x680
[  256.392861][ T8459]  ? skb_clone+0x212/0x3a0
[  256.392892][ T8459]  skb_clone+0x212/0x3a0
[  256.392923][ T8459]  __netlink_deliver_tap+0x404/0x850
[  256.392978][ T8459]  ? netlink_deliver_tap+0x2e/0x1b0
[  256.393010][ T8459]  netlink_deliver_tap+0x19c/0x1b0
[  256.393042][ T8459]  netlink_unicast+0x805/0x9f0
[  256.393080][ T8459]  ? __pfx_netlink_unicast+0x10/0x10
[  256.393109][ T8459]  ? netlink_sendmsg+0x650/0xb40
[  256.393138][ T8459]  ? skb_put+0x11b/0x210
[  256.393163][ T8459]  netlink_sendmsg+0x813/0xb40
[  256.393204][ T8459]  ? __pfx_netlink_sendmsg+0x10/0x10
[  256.393238][ T8459]  ? unwind_get_return_address+0x4d/0x90
[  256.393264][ T8459]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  256.393307][ T8459]  ____sys_sendmsg+0x94c/0x9c0
[  256.393338][ T8459]  ? __pfx_____sys_sendmsg+0x10/0x10
[  256.393374][ T8459]  ? import_iovec+0x73/0xa0
[  256.393399][ T8459]  ___sys_sendmsg+0x2a5/0x360
[  256.393428][ T8459]  ? __pfx____sys_sendmsg+0x10/0x10
[  256.393496][ T8459]  ? __fget_files+0x2a/0x420
[  256.393522][ T8459]  ? __fget_files+0x3a6/0x420
[  256.393561][ T8459]  __x64_sys_sendmsg+0x1c3/0x2a0
[  256.393589][ T8459]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  256.393625][ T8459]  ? __pfx_ksys_write+0x10/0x10
[  256.393672][ T8459]  do_syscall_64+0x14d/0xf80
[  256.393695][ T8459]  ? trace_irq_disable+0x3b/0x150
[  256.393719][ T8459]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  256.393740][ T8459]  ? clear_bhb_loop+0x40/0x90
[  256.393767][ T8459]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  256.393788][ T8459] RIP: 0033:0x7f4bb691c819
[  256.393809][ T8459] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  256.393827][ T8459] RSP: 002b:00007f4bb4b6e028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  256.393851][ T8459] RAX: ffffffffffffffda RBX: 00007f4bb6b95fa0 RCX: 00007f4bb691c819
[  256.393866][ T8459] RDX: 000000000400c000 RSI: 0000200000000000 RDI: 0000000000000003
[  256.393880][ T8459] RBP: 00007f4bb4b6e090 R08: 0000000000000000 R09: 0000000000000000
[  256.393893][ T8459] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  256.393904][ T8459] R13: 00007f4bb6b96038 R14: 00007f4bb6b95fa0 R15: 00007ffdd3fc2d88
[  256.393947][ T8459]  </TASK>
[  256.393989][ T8459] netlink: 'syz.4.958': attribute type 2 has an invalid length.
[  256.806347][ T6117] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  256.885969][ T6117] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  256.906511][ T6117] bond0 (unregistering): Released all slaves
[  257.131074][ T8452] netlink: 136 bytes leftover after parsing attributes in process `syz.1.957'.
[  257.131092][ T8452] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  257.167461][ T8459] l2: entered promiscuous mode
[  257.170686][ T8460] netlink: 13 bytes leftover after parsing attributes in process `syz.3.959'.
[  257.246275][ T8464] netlink: 28 bytes leftover after parsing attributes in process `syz.0.960'.
[  257.398012][ T8339] bridge0: port 1(bridge_slave_0) entered blocking state
[  257.398245][ T8339] bridge0: port 1(bridge_slave_0) entered disabled state
[  257.398452][ T8339] bridge_slave_0: entered allmulticast mode
[  257.401548][ T8339] bridge_slave_0: entered promiscuous mode
[  257.408407][ T8339] bridge0: port 2(bridge_slave_1) entered blocking state
[  257.408632][ T8339] bridge0: port 2(bridge_slave_1) entered disabled state
[  257.408851][ T8339] bridge_slave_1: entered allmulticast mode
[  257.411768][ T8339] bridge_slave_1: entered promiscuous mode
[  257.463862][ T8339] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  257.468427][ T8339] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  257.510136][ T8339] team0: Port device team_slave_0 added
[  257.513531][ T8339] team0: Port device team_slave_1 added
[  257.561932][ T8339] batman_adv: batadv0: Adding interface: batadv_slave_0
[  257.561951][ T8339] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  257.561981][ T8339] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  257.585990][ T8339] batman_adv: batadv0: Adding interface: batadv_slave_1
[  257.586011][ T8339] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  257.586042][ T8339] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  257.658774][ T5804] Bluetooth: hci2: command tx timeout
[  257.714686][ T8475] random: crng reseeded on system resumption
[  258.244363][ T5870] usb 4-1: new high-speed USB device number 27 using dummy_hcd
[  258.394257][ T5870] usb 4-1: Using ep0 maxpacket: 16
[  258.397174][ T5870] usb 4-1: config 1 has an invalid interface number: 105 but max is 0
[  258.397204][ T5870] usb 4-1: config 1 has no interface number 0
[  258.397253][ T5870] usb 4-1: config 1 interface 105 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  258.397280][ T5870] usb 4-1: config 1 interface 105 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  258.397305][ T5870] usb 4-1: config 1 interface 105 has no altsetting 0
[  258.411834][ T5870] usb 4-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d
[  258.411863][ T5870] usb 4-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[  258.411882][ T5870] usb 4-1: Product: syz
[  258.411895][ T5870] usb 4-1: Manufacturer: syz
[  258.411909][ T5870] usb 4-1: SerialNumber: syz
[  258.432712][ T8489] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  258.432974][ T8489] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  258.717378][ T5985] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  258.865889][ T5985] usb 5-1: Using ep0 maxpacket: 8
[  258.886354][ T5985] usb 5-1: New USB device found, idVendor=110a, idProduct=1450, bcdDevice=62.cb
[  258.886376][ T5985] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  258.886389][ T5985] usb 5-1: Product: syz
[  258.886397][ T5985] usb 5-1: Manufacturer: syz
[  258.886452][ T5985] usb 5-1: SerialNumber: syz
[  258.970198][ T8489] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  258.970428][ T8489] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  258.998327][ T8339] hsr_slave_0: entered promiscuous mode
[  259.002512][ T8339] hsr_slave_1: entered promiscuous mode
[  259.003545][ T8339] debugfs: 'hsr0' already exists in 'hsr'
[  259.003573][ T8339] Cannot create hsr debugfs directory
[  259.369440][ T8495] mkiss: ax0: crc mode is auto.
[  259.592965][ T5870] aqc111 4-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71
[  259.596273][ T5870] aqc111 4-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71
[  259.961235][ T5870] aqc111 4-1:1.105 eth5: register 'aqc111' at usb-dummy_hcd.3-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter, 32:dc:c1:b2:c4:e5
[  259.992832][ T5870] usb 4-1: USB disconnect, device number 27
[  260.022616][ T5870] aqc111 4-1:1.105 eth5: unregister 'aqc111' usb-dummy_hcd.3-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter
[  260.135680][ T8534] random: crng reseeded on system resumption
[  260.488276][ T5870] aqc111 4-1:1.105 eth5 (unregistered): Failed to write(0x1) reg index 0x0002: -19
[  260.489208][ T5870] aqc111 4-1:1.105 eth5 (unregistered): Failed to write(0x1) reg index 0x0002: -19
[  260.489921][ T5870] aqc111 4-1:1.105 eth5 (unregistered): Failed to write(0x61) reg index 0x0000: -19
[  260.677333][ T6117] dummy0: left promiscuous mode
[  260.725198][ T6117] team0: left promiscuous mode
[  260.725223][ T6117] team_slave_0: left promiscuous mode
[  260.725857][ T6117] team_slave_1: left promiscuous mode
[  261.020160][ T6117] hsr_slave_0: left promiscuous mode
[  261.052460][ T8553] FAULT_INJECTION: forcing a failure.
[  261.052460][ T8553] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  261.052494][ T8553] CPU: 0 UID: 0 PID: 8553 Comm: syz.1.990 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  261.052522][ T8553] Tainted: [L]=SOFTLOCKUP
[  261.052529][ T8553] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  261.052541][ T8553] Call Trace:
[  261.052550][ T8553]  <TASK>
[  261.052559][ T8553]  dump_stack_lvl+0xe8/0x150
[  261.052596][ T8553]  should_fail_ex+0x46b/0x600
[  261.052631][ T8553]  _copy_from_user+0x2d/0xb0
[  261.052649][ T8553]  ___sys_sendmsg+0x1c6/0x360
[  261.052675][ T8553]  ? __pfx____sys_sendmsg+0x10/0x10
[  261.052734][ T8553]  ? __fget_files+0x2a/0x420
[  261.052761][ T8553]  ? __fget_files+0x3a6/0x420
[  261.052798][ T8553]  __x64_sys_sendmsg+0x1c3/0x2a0
[  261.052827][ T8553]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  261.052861][ T8553]  ? __pfx_ksys_write+0x10/0x10
[  261.052913][ T8553]  do_syscall_64+0x14d/0xf80
[  261.052938][ T8553]  ? trace_irq_disable+0x3b/0x150
[  261.052962][ T8553]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  261.052983][ T8553]  ? clear_bhb_loop+0x40/0x90
[  261.053016][ T8553]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  261.053034][ T8553] RIP: 0033:0x7fc65c4ec819
[  261.053055][ T8553] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  261.053072][ T8553] RSP: 002b:00007fc65a73e028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  261.053095][ T8553] RAX: ffffffffffffffda RBX: 00007fc65c765fa0 RCX: 00007fc65c4ec819
[  261.053111][ T8553] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000003
[  261.053124][ T8553] RBP: 00007fc65a73e090 R08: 0000000000000000 R09: 0000000000000000
[  261.053138][ T8553] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  261.053150][ T8553] R13: 00007fc65c766038 R14: 00007fc65c765fa0 R15: 00007fff68c8be58
[  261.053185][ T8553]  </TASK>
[  261.095993][ T6117] hsr_slave_1: left promiscuous mode
[  261.297265][ T6117] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  261.299749][ T8550] FAULT_INJECTION: forcing a failure.
[  261.299749][ T8550] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  261.299775][ T8550] CPU: 1 UID: 0 PID: 8550 Comm: syz.3.988 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  261.299791][ T8550] Tainted: [L]=SOFTLOCKUP
[  261.299796][ T8550] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  261.299803][ T8550] Call Trace:
[  261.299808][ T8550]  <TASK>
[  261.299814][ T8550]  dump_stack_lvl+0xe8/0x150
[  261.299841][ T8550]  should_fail_ex+0x46b/0x600
[  261.299863][ T8550]  _copy_to_user+0x31/0xb0
[  261.299880][ T8550]  simple_read_from_buffer+0xe1/0x170
[  261.299898][ T8550]  proc_fail_nth_read+0x1be/0x230
[  261.299916][ T8550]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  261.299932][ T8550]  ? rw_verify_area+0x2ac/0x4e0
[  261.299949][ T8550]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  261.299964][ T8550]  vfs_read+0x212/0xa80
[  261.299987][ T8550]  ? __pfx_vfs_read+0x10/0x10
[  261.300005][ T8550]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  261.300019][ T8550]  ? lockdep_hardirqs_on+0x7a/0x110
[  261.300033][ T8550]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  261.300047][ T8550]  ? mutex_lock_nested+0x152/0x1d0
[  261.300063][ T8550]  ? fdget_pos+0x252/0x320
[  261.300083][ T8550]  ksys_read+0x156/0x270
[  261.300102][ T8550]  ? __pfx_ksys_read+0x10/0x10
[  261.300126][ T8550]  do_syscall_64+0x14d/0xf80
[  261.300139][ T8550]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  261.300151][ T8550]  ? clear_bhb_loop+0x40/0x90
[  261.300165][ T8550]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  261.300177][ T8550] RIP: 0033:0x7f39cd45d04e
[  261.300189][ T8550] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  261.300200][ T8550] RSP: 002b:00007f39cb6f5fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  261.300219][ T8550] RAX: ffffffffffffffda RBX: 00007f39cb6f66c0 RCX: 00007f39cd45d04e
[  261.300234][ T8550] RDX: 000000000000000f RSI: 00007f39cb6f60a0 RDI: 0000000000000009
[  261.300247][ T8550] RBP: 00007f39cb6f6090 R08: 0000000000000000 R09: 0000000000000000
[  261.300260][ T8550] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  261.300273][ T8550] R13: 00007f39cd716038 R14: 00007f39cd715fa0 R15: 00007fff64da7ac8
[  261.300308][ T8550]  </TASK>
[  261.406243][ T6117] batman_adv: batadv0: Removing interface: batadv_slave_0
[  261.631879][ T6117] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  261.631902][ T6117] batman_adv: batadv0: Removing interface: batadv_slave_1
[  261.682740][ T5985] mxuport 5-1:254.0: mxuport_send_ctrl_data_urb - usb_control_msg failed (-71)
[  261.685540][ T5985] mxuport 5-1:254.0: mxuport_send_ctrl_data_urb - usb_control_msg failed (-71)
[  261.685614][ T5985] mxuport 5-1:254.0: probe with driver mxuport failed with error -71
[  261.725010][ T5985] usb 5-1: USB disconnect, device number 26
[  261.800038][ T6117] veth1_macvtap: left promiscuous mode
[  261.810032][ T6117] veth0_macvtap: left promiscuous mode
[  261.810512][ T6117] veth1_vlan: left promiscuous mode
[  261.836887][ T6117] veth0_vlan: left promiscuous mode
[  262.185351][ T5870] usb 1-1: new high-speed USB device number 27 using dummy_hcd
[  262.514485][ T5870] usb 1-1: Using ep0 maxpacket: 8
[  262.517023][ T5870] usb 1-1: config index 0 descriptor too short (expected 74, got 45)
[  262.517085][ T5870] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[  262.517114][ T5870] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  262.517138][ T5870] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 30768, setting to 1024
[  262.517164][ T5870] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  262.517189][ T5870] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  262.517234][ T5870] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  262.517257][ T5870] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  263.458078][ T5870] usb 1-1: usb_control_msg returned -32
[  263.458135][ T5870] usbtmc 1-1:16.0: can't read capabilities
[  263.553288][ T8587] FAULT_INJECTION: forcing a failure.
[  263.553288][ T8587] name failslab, interval 1, probability 0, space 0, times 0
[  263.553315][ T8587] CPU: 0 UID: 0 PID: 8587 Comm: syz.1.1003 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  263.553333][ T8587] Tainted: [L]=SOFTLOCKUP
[  263.553337][ T8587] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  263.553344][ T8587] Call Trace:
[  263.553349][ T8587]  <TASK>
[  263.553354][ T8587]  dump_stack_lvl+0xe8/0x150
[  263.553377][ T8587]  should_fail_ex+0x46b/0x600
[  263.553398][ T8587]  should_failslab+0xa8/0x100
[  263.553413][ T8587]  __kmalloc_cache_noprof+0x84/0x690
[  263.553426][ T8587]  ? sctp_auth_asoc_copy_shkeys+0x14e/0x5a0
[  263.553445][ T8587]  sctp_auth_asoc_copy_shkeys+0x14e/0x5a0
[  263.553466][ T8587]  sctp_association_new+0x15d3/0x25e0
[  263.553488][ T8587]  sctp_connect_new_asoc+0x2e4/0x6b0
[  263.553503][ T8587]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  263.553516][ T8587]  ? sctp_endpoint_lookup_assoc+0x7b/0x260
[  263.553527][ T8587]  ? sctp_endpoint_lookup_assoc+0x7b/0x260
[  263.553538][ T8587]  ? sctp_endpoint_lookup_assoc+0x7b/0x260
[  263.553550][ T8587]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[  263.553562][ T8587]  ? security_sctp_bind_connect+0x7e/0x2c0
[  263.553577][ T8587]  sctp_sendmsg+0x14c0/0x2990
[  263.553604][ T8587]  ? __pfx_sctp_sendmsg+0x10/0x10
[  263.553624][ T8587]  ? __lock_acquire+0x6b5/0x2cf0
[  263.553644][ T8587]  ? __kernel_text_address+0xd/0x30
[  263.553658][ T8587]  ? sock_rps_record_flow+0x19/0x400
[  263.553672][ T8587]  ? inet_sendmsg+0x2f4/0x370
[  263.553684][ T8587]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  263.553711][ T8587]  ____sys_sendmsg+0x7da/0x9c0
[  263.553728][ T8587]  ? __pfx_____sys_sendmsg+0x10/0x10
[  263.553747][ T8587]  ? import_iovec+0x73/0xa0
[  263.553761][ T8587]  ___sys_sendmsg+0x2a5/0x360
[  263.553777][ T8587]  ? __pfx____sys_sendmsg+0x10/0x10
[  263.553811][ T8587]  ? __fget_files+0x2a/0x420
[  263.553826][ T8587]  ? __fget_files+0x3a6/0x420
[  263.553847][ T8587]  __x64_sys_sendmsg+0x1c3/0x2a0
[  263.553862][ T8587]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  263.553881][ T8587]  ? __pfx_ksys_write+0x10/0x10
[  263.553906][ T8587]  do_syscall_64+0x14d/0xf80
[  263.553919][ T8587]  ? trace_irq_disable+0x3b/0x150
[  263.553932][ T8587]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  263.553947][ T8587]  ? clear_bhb_loop+0x40/0x90
[  263.553961][ T8587]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  263.553973][ T8587] RIP: 0033:0x7fc65c4ec819
[  263.553985][ T8587] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  263.553996][ T8587] RSP: 002b:00007fc65a73e028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  263.554010][ T8587] RAX: ffffffffffffffda RBX: 00007fc65c765fa0 RCX: 00007fc65c4ec819
[  263.554018][ T8587] RDX: 00000000000080d1 RSI: 0000200000000140 RDI: 0000000000000003
[  263.554026][ T8587] RBP: 00007fc65a73e090 R08: 0000000000000000 R09: 0000000000000000
[  263.554033][ T8587] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  263.554040][ T8587] R13: 00007fc65c766038 R14: 00007fc65c765fa0 R15: 00007fff68c8be58
[  263.554059][ T8587]  </TASK>
[  263.836826][ T8597] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  263.837365][ T8597] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  264.044812][ T6117] team0 (unregistering): Port device team_slave_1 removed
[  264.074832][ T6117] team0 (unregistering): Port device team_slave_0 removed
[  264.676025][ T8609] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1012'.
[  264.701347][ T5804] Bluetooth: hci3: unexpected event for opcode 0x0c58
[  264.701606][ T5804] Bluetooth: hci3: unexpected event for opcode 0x0c58
[  264.963010][ T8618] netlink: 'syz.3.1015': attribute type 16 has an invalid length.
[  264.963035][ T8618] netlink: 'syz.3.1015': attribute type 17 has an invalid length.
[  264.984245][ T5856] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  265.011538][ T8618] bridge0: port 1(bridge_slave_0) entered disabled state
[  265.078855][ T8618] bridge0: port 2(bridge_slave_1) entered disabled state
[  265.097913][ T5872] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  265.154332][ T5856] usb 2-1: Using ep0 maxpacket: 16
[  265.156789][ T5856] usb 2-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  265.156832][ T5856] usb 2-1: config 0 interface 0 altsetting 9 endpoint 0x81 has invalid wMaxPacketSize 0
[  265.156856][ T5856] usb 2-1: config 0 interface 0 has no altsetting 0
[  265.156890][ T5856] usb 2-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[  265.156913][ T5856] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  265.163505][ T5856] usb 2-1: config 0 descriptor??
[  265.292981][ T5872] usb 5-1: config 1 interface 0 altsetting 4 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  265.293085][ T5872] usb 5-1: config 1 interface 0 has no altsetting 0
[  265.301579][ T5872] usb 5-1: New USB device found, idVendor=054c, idProduct=09cc, bcdDevice= 0.40
[  265.301663][ T5872] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  265.301683][ T5872] usb 5-1: Product: င
[  265.301696][ T5872] usb 5-1: Manufacturer: Х
[  265.301709][ T5872] usb 5-1: SerialNumber: syz
[  265.496560][ T8339] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  265.556873][ T8339] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  265.571686][ T8612] netlink: 'syz.1.1013': attribute type 2 has an invalid length.
[  265.700420][ T8612] �#{6c: entered promiscuous mode
[  265.704331][ T8339] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  265.717399][ T5870] usb 1-1: USB disconnect, device number 27
[  265.842061][ T5872] usbhid 5-1:1.0: can't add hid device: -71
[  265.842194][ T5872] usbhid 5-1:1.0: probe with driver usbhid failed with error -71
[  265.873269][ T5856] nzxt-smart2 0003:1E71:2009.0008: hidraw0: USB HID v0.05 Device [HID 1e71:2009] on usb-dummy_hcd.1-1/input0
[  265.955456][ T5872] usb 5-1: USB disconnect, device number 27
[  266.124361][ T5856] usb 2-1: USB disconnect, device number 7
[  266.204840][ T8339] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  266.443667][ T8633] FAULT_INJECTION: forcing a failure.
[  266.443667][ T8633] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  266.443708][ T8633] CPU: 1 UID: 0 PID: 8633 Comm: syz.1.1017 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  266.443737][ T8633] Tainted: [L]=SOFTLOCKUP
[  266.443744][ T8633] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  266.443756][ T8633] Call Trace:
[  266.443764][ T8633]  <TASK>
[  266.443773][ T8633]  dump_stack_lvl+0xe8/0x150
[  266.443809][ T8633]  should_fail_ex+0x46b/0x600
[  266.443841][ T8633]  _copy_from_user+0x2d/0xb0
[  266.443861][ T8633]  do_insn_ioctl+0x23e/0x5a0
[  266.443894][ T8633]  comedi_unlocked_ioctl+0xe0a/0x1b00
[  266.443936][ T8633]  ? kasan_quarantine_put+0xbb/0x1f0
[  266.443965][ T8633]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  266.444000][ T8633]  ? tomoyo_path_number_perm+0x219/0x630
[  266.444035][ T8633]  ? tomoyo_path_number_perm+0x219/0x630
[  266.444062][ T8633]  ? do_vfs_ioctl+0x117b/0x1540
[  266.444087][ T8633]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  266.444109][ T8633]  ? __pfx_smack_log+0x10/0x10
[  266.444141][ T8633]  ? smk_access+0x14c/0x4e0
[  266.444175][ T8633]  ? smk_tskacc+0x311/0x3a0
[  266.444209][ T8633]  ? smack_file_ioctl+0x2c2/0x360
[  266.444245][ T8633]  ? __pfx_smack_file_ioctl+0x10/0x10
[  266.444291][ T8633]  ? __fget_files+0x3a6/0x420
[  266.444318][ T8633]  ? __fget_files+0x2a/0x420
[  266.444348][ T8633]  ? bpf_lsm_file_ioctl+0x9/0x20
[  266.444371][ T8633]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  266.444398][ T8633]  __se_sys_ioctl+0xff/0x170
[  266.444423][ T8633]  do_syscall_64+0x14d/0xf80
[  266.444447][ T8633]  ? trace_irq_disable+0x3b/0x150
[  266.444478][ T8633]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  266.444501][ T8633]  ? clear_bhb_loop+0x40/0x90
[  266.444525][ T8633]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  266.444546][ T8633] RIP: 0033:0x7fc65c4ec819
[  266.444567][ T8633] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  266.444596][ T8633] RSP: 002b:00007fc65a73e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  266.444620][ T8633] RAX: ffffffffffffffda RBX: 00007fc65c765fa0 RCX: 00007fc65c4ec819
[  266.444636][ T8633] RDX: 0000200000000000 RSI: 000000008028640c RDI: 0000000000000004
[  266.444649][ T8633] RBP: 00007fc65a73e090 R08: 0000000000000000 R09: 0000000000000000
[  266.444662][ T8633] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  266.444675][ T8633] R13: 00007fc65c766038 R14: 00007fc65c765fa0 R15: 00007fff68c8be58
[  266.444711][ T8633]  </TASK>
[  266.724312][ T5933] usb 1-1: new high-speed USB device number 28 using dummy_hcd
[  266.874690][ T5933] usb 1-1: Using ep0 maxpacket: 16
[  266.897085][ T5933] usb 1-1: config 1 has an invalid interface number: 105 but max is 0
[  266.897118][ T5933] usb 1-1: config 1 has no interface number 0
[  266.897168][ T5933] usb 1-1: config 1 interface 105 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  266.897194][ T5933] usb 1-1: config 1 interface 105 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  266.897219][ T5933] usb 1-1: config 1 interface 105 has no altsetting 0
[  266.954739][ T5933] usb 1-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d
[  266.954773][ T5933] usb 1-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[  266.954794][ T5933] usb 1-1: Product: syz
[  266.954807][ T5933] usb 1-1: Manufacturer: syz
[  266.954822][ T5933] usb 1-1: SerialNumber: syz
[  267.014767][ T8635] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  267.014912][ T8635] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  267.464557][ T8635] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  267.464710][ T8635] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  268.044337][ T5870] usb 4-1: new high-speed USB device number 28 using dummy_hcd
[  268.079993][ T5933] aqc111 1-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71
[  268.080545][ T5933] aqc111 1-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71
[  268.137335][ T5933] aqc111 1-1:1.105 eth5: register 'aqc111' at usb-dummy_hcd.0-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter, ae:ad:d1:cb:b7:08
[  268.141898][ T5933] usb 1-1: USB disconnect, device number 28
[  268.157049][ T8339] 8021q: adding VLAN 0 to HW filter on device bond0
[  268.171475][ T5933] aqc111 1-1:1.105 eth5: unregister 'aqc111' usb-dummy_hcd.0-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter
[  268.194250][ T5870] usb 4-1: Using ep0 maxpacket: 8
[  268.198665][ T5870] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 64
[  268.198700][ T5870] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 16
[  268.201236][ T5870] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  268.201266][ T5870] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  268.201286][ T5870] usb 4-1: Product: ⇷袌쎴醐阷㠠む뢚ꘈ㎌珿ὓ钴틋ꈹ틩撚暎醯緱챑궥䠧‘錃餇퉶轵૜뙳뼭睗ᾳ䃧䴎섦涺Ｖ⌿땗▰赒蕧䴧ꪚ➻獖鋓騧玳삗佽஘晀䡡歪₷ꠝ縩
[  268.201312][ T5870] usb 4-1: Manufacturer: 䆪뢏⡆つȋ䯃쭙
[  268.201329][ T5870] usb 4-1: SerialNumber: ׃滹腷➅᭡룼颎郂丵뗎䯣읙䓣晃횐辷㷼鼜ꫯ，⻕嗡❅禆彘띰輠嗎媜瞁肭脁ꣂ홨쪽Ἁ譞ꑌֳ袱뱆瘏ᘳ힩䅼ទ壡洇稘帬ኸࡁ쀩㜣넱擒㮦ጢ㲃澏㒮ῗ㐱த㐕괣㭅ӭ뜀贀皫롲쑷Ϥ䐿㜂ㅏ볜摫ằꆎ쁳쬇
[  268.442579][ T5933] aqc111 1-1:1.105 eth5 (unregistered): Failed to write(0x1) reg index 0x0002: -19
[  268.442878][ T5933] aqc111 1-1:1.105 eth5 (unregistered): Failed to write(0x1) reg index 0x0002: -19
[  268.443089][ T5933] aqc111 1-1:1.105 eth5 (unregistered): Failed to write(0x61) reg index 0x0000: -19
[  268.566903][ T5870] cdc_ncm 4-1:1.0: bind() failure
[  268.620601][ T5870] cdc_ncm 4-1:1.1: CDC Union missing and no IAD found
[  268.620656][ T5870] cdc_ncm 4-1:1.1: bind() failure
[  268.660293][ T5870] usb 4-1: USB disconnect, device number 28
[  269.003817][ T8695] FAULT_INJECTION: forcing a failure.
[  269.003817][ T8695] name failslab, interval 1, probability 0, space 0, times 0
[  269.003857][ T8695] CPU: 0 UID: 0 PID: 8695 Comm: syz.1.1038 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  269.003886][ T8695] Tainted: [L]=SOFTLOCKUP
[  269.003893][ T8695] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  269.003905][ T8695] Call Trace:
[  269.003913][ T8695]  <TASK>
[  269.003921][ T8695]  dump_stack_lvl+0xe8/0x150
[  269.003958][ T8695]  should_fail_ex+0x46b/0x600
[  269.003991][ T8695]  should_failslab+0xa8/0x100
[  269.004016][ T8695]  kmem_cache_alloc_noprof+0x87/0x680
[  269.004046][ T8695]  ? skb_clone+0x212/0x3a0
[  269.004075][ T8695]  skb_clone+0x212/0x3a0
[  269.004104][ T8695]  __netlink_deliver_tap+0x404/0x850
[  269.004150][ T8695]  ? netlink_deliver_tap+0x2e/0x1b0
[  269.004180][ T8695]  netlink_deliver_tap+0x19c/0x1b0
[  269.004209][ T8695]  netlink_unicast+0x805/0x9f0
[  269.004246][ T8695]  ? __pfx_netlink_unicast+0x10/0x10
[  269.004277][ T8695]  ? netlink_sendmsg+0x650/0xb40
[  269.004305][ T8695]  ? skb_put+0x11b/0x210
[  269.004330][ T8695]  netlink_sendmsg+0x813/0xb40
[  269.004371][ T8695]  ? __pfx_netlink_sendmsg+0x10/0x10
[  269.004402][ T8695]  ? unwind_get_return_address+0x4d/0x90
[  269.004429][ T8695]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  269.004474][ T8695]  ____sys_sendmsg+0x94c/0x9c0
[  269.004506][ T8695]  ? __pfx_____sys_sendmsg+0x10/0x10
[  269.004541][ T8695]  ? import_iovec+0x73/0xa0
[  269.004567][ T8695]  ___sys_sendmsg+0x2a5/0x360
[  269.004607][ T8695]  ? __pfx____sys_sendmsg+0x10/0x10
[  269.004672][ T8695]  ? __fget_files+0x2a/0x420
[  269.004699][ T8695]  ? __fget_files+0x3a6/0x420
[  269.004738][ T8695]  __x64_sys_sendmsg+0x1c3/0x2a0
[  269.004766][ T8695]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  269.004801][ T8695]  ? __pfx_ksys_write+0x10/0x10
[  269.004844][ T8695]  do_syscall_64+0x14d/0xf80
[  269.004868][ T8695]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  269.004889][ T8695]  ? clear_bhb_loop+0x40/0x90
[  269.004912][ T8695]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  269.004934][ T8695] RIP: 0033:0x7fc65c4ec819
[  269.004954][ T8695] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  269.004973][ T8695] RSP: 002b:00007fc65a73e028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  269.004997][ T8695] RAX: ffffffffffffffda RBX: 00007fc65c765fa0 RCX: 00007fc65c4ec819
[  269.005012][ T8695] RDX: 0000000000000040 RSI: 0000200000009b40 RDI: 0000000000000004
[  269.005026][ T8695] RBP: 00007fc65a73e090 R08: 0000000000000000 R09: 0000000000000000
[  269.005039][ T8695] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  269.005051][ T8695] R13: 00007fc65c766038 R14: 00007fc65c765fa0 R15: 00007fff68c8be58
[  269.005086][ T8695]  </TASK>
[  269.031433][ T8339] 8021q: adding VLAN 0 to HW filter on device team0
[  269.047230][ T1017] bridge0: port 1(bridge_slave_0) entered blocking state
[  269.050117][ T1017] bridge0: port 1(bridge_slave_0) entered forwarding state
[  269.055491][ T8689] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1035'.
[  269.076122][ T7583] bridge0: port 2(bridge_slave_1) entered blocking state
[  269.088424][ T7583] bridge0: port 2(bridge_slave_1) entered forwarding state
[  269.596744][ T8709] FAULT_INJECTION: forcing a failure.
[  269.596744][ T8709] name failslab, interval 1, probability 0, space 0, times 0
[  269.596786][ T8709] CPU: 0 UID: 0 PID: 8709 Comm: syz.3.1043 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  269.596814][ T8709] Tainted: [L]=SOFTLOCKUP
[  269.596821][ T8709] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  269.596832][ T8709] Call Trace:
[  269.596840][ T8709]  <TASK>
[  269.596850][ T8709]  dump_stack_lvl+0xe8/0x150
[  269.596887][ T8709]  should_fail_ex+0x46b/0x600
[  269.596922][ T8709]  should_failslab+0xa8/0x100
[  269.596947][ T8709]  kmem_cache_alloc_noprof+0x87/0x680
[  269.596979][ T8709]  ? skb_clone+0x212/0x3a0
[  269.597008][ T8709]  skb_clone+0x212/0x3a0
[  269.597037][ T8709]  __netlink_deliver_tap+0x404/0x850
[  269.597084][ T8709]  ? netlink_deliver_tap+0x2e/0x1b0
[  269.597117][ T8709]  netlink_deliver_tap+0x19c/0x1b0
[  269.597149][ T8709]  netlink_unicast+0x805/0x9f0
[  269.597186][ T8709]  ? __pfx_netlink_unicast+0x10/0x10
[  269.597218][ T8709]  ? netlink_sendmsg+0x650/0xb40
[  269.597247][ T8709]  ? skb_put+0x11b/0x210
[  269.597272][ T8709]  netlink_sendmsg+0x813/0xb40
[  269.597313][ T8709]  ? __pfx_netlink_sendmsg+0x10/0x10
[  269.597344][ T8709]  ? unwind_get_return_address+0x4d/0x90
[  269.597369][ T8709]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  269.597403][ T8709]  ____sys_sendmsg+0x94c/0x9c0
[  269.597436][ T8709]  ? __pfx_____sys_sendmsg+0x10/0x10
[  269.597472][ T8709]  ? import_iovec+0x73/0xa0
[  269.597497][ T8709]  ___sys_sendmsg+0x2a5/0x360
[  269.597528][ T8709]  ? __pfx____sys_sendmsg+0x10/0x10
[  269.597594][ T8709]  ? __fget_files+0x2a/0x420
[  269.597621][ T8709]  ? __fget_files+0x3a6/0x420
[  269.597670][ T8709]  __x64_sys_sendmsg+0x1c3/0x2a0
[  269.597696][ T8709]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  269.597733][ T8709]  ? __pfx_ksys_write+0x10/0x10
[  269.597779][ T8709]  do_syscall_64+0x14d/0xf80
[  269.597804][ T8709]  ? trace_irq_disable+0x3b/0x150
[  269.597827][ T8709]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  269.597847][ T8709]  ? clear_bhb_loop+0x40/0x90
[  269.597875][ T8709]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  269.597894][ T8709] RIP: 0033:0x7f39cd49c819
[  269.597915][ T8709] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  269.597934][ T8709] RSP: 002b:00007f39cb6f6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  269.597958][ T8709] RAX: ffffffffffffffda RBX: 00007f39cd715fa0 RCX: 00007f39cd49c819
[  269.597974][ T8709] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  269.597986][ T8709] RBP: 00007f39cb6f6090 R08: 0000000000000000 R09: 0000000000000000
[  269.597999][ T8709] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  269.598010][ T8709] R13: 00007f39cd716038 R14: 00007f39cd715fa0 R15: 00007fff64da7ac8
[  269.598045][ T8709]  </TASK>
[  271.165600][ T8700] binfmt_misc: register: failed to install interpreter file ./file0
[  271.478308][ T8715] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1045'.
[  272.344727][ T8744] comedi comedi3: 8255: I/O port conflict (0xffffffff80002002,4)
[  273.229569][ T5804] Bluetooth: hci2: command 0x0405 tx timeout
[  274.277991][ T8339] 8021q: adding VLAN 0 to HW filter on device batadv0
[  274.814231][ T8779] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1056'.
[  276.247393][ T8339] veth0_vlan: entered promiscuous mode
[  276.522437][ T5804] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:201'
[  276.522730][ T5804] CPU: 1 UID: 0 PID: 5804 Comm: kworker/u9:4 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  276.522765][ T5804] Tainted: [L]=SOFTLOCKUP
[  276.522773][ T5804] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  276.522789][ T5804] Workqueue: hci4 hci_rx_work
[  276.522821][ T5804] Call Trace:
[  276.522830][ T5804]  <TASK>
[  276.522841][ T5804]  dump_stack_lvl+0xe8/0x150
[  276.522878][ T5804]  sysfs_create_dir_ns+0x271/0x2a0
[  276.522906][ T5804]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  276.522941][ T5804]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  276.522973][ T5804]  ? rt_spin_unlock+0x160/0x200
[  276.523010][ T5804]  kobject_add_internal+0x631/0xd10
[  276.523052][ T5804]  kobject_add+0x163/0x240
[  276.523088][ T5804]  ? __pfx_kobject_add+0x10/0x10
[  276.523127][ T5804]  ? get_device_parent+0x370/0x3a0
[  276.523162][ T5804]  device_add+0x408/0xb80
[  276.523195][ T5804]  hci_conn_add_sysfs+0xd5/0x210
[  276.523235][ T5804]  le_conn_complete_evt+0x10e6/0x16b0
[  276.523265][ T5804]  ? lockdep_hardirqs_on+0x7a/0x110
[  276.523300][ T5804]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  276.523336][ T5804]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  276.523364][ T5804]  ? skb_pull_data+0xfb/0x200
[  276.523400][ T5804]  hci_le_conn_complete_evt+0x187/0x470
[  276.523438][ T5804]  hci_event_packet+0x659/0xef0
[  276.523479][ T5804]  ? __pfx____migrate_enable+0x10/0x10
[  276.523511][ T5804]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  276.523538][ T5804]  ? __pfx_hci_event_packet+0x10/0x10
[  276.523561][ T5804]  ? preempt_schedule_common+0x82/0xd0
[  276.523587][ T5804]  ? preempt_schedule_thunk+0x16/0x30
[  276.523620][ T5804]  ? hci_send_to_monitor+0xe2/0x590
[  276.523656][ T5804]  hci_rx_work+0x3ee/0x1030
[  276.523681][ T5804]  ? preempt_schedule_thunk+0x16/0x30
[  276.523710][ T5804]  ? process_scheduled_works+0xa8d/0x18c0
[  276.523743][ T5804]  process_scheduled_works+0xb6e/0x18c0
[  276.523812][ T5804]  ? __pfx_process_scheduled_works+0x10/0x10
[  276.523852][ T5804]  ? assign_work+0x3d5/0x5e0
[  276.523889][ T5804]  worker_thread+0xa53/0xfc0
[  276.523955][ T5804]  kthread+0x388/0x470
[  276.523979][ T5804]  ? __pfx_worker_thread+0x10/0x10
[  276.524009][ T5804]  ? __pfx_kthread+0x10/0x10
[  276.524034][ T5804]  ret_from_fork+0x51e/0xb90
[  276.524070][ T5804]  ? __pfx_ret_from_fork+0x10/0x10
[  276.524100][ T5804]  ? __switch_to+0xc7d/0x1450
[  276.524136][ T5804]  ? __pfx_kthread+0x10/0x10
[  276.524160][ T5804]  ret_from_fork_asm+0x1a/0x30
[  276.524203][ T5804]  </TASK>
[  276.525663][ T5804] kobject: kobject_add_internal failed for hci4:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  276.526184][ T5804] Bluetooth: hci4: failed to register connection device
[  276.638260][ T5804] ==================================================================
[  276.638283][ T5804] BUG: KASAN: slab-use-after-free in l2cap_sock_new_connection_cb+0x1f9/0x2e0
[  276.638335][ T5804] Read of size 8 at addr ffff88802fe2c7b0 by task kworker/u9:4/5804
[  276.638356][ T5804] 
[  276.638373][ T5804] CPU: 1 UID: 0 PID: 5804 Comm: kworker/u9:4 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  276.638404][ T5804] Tainted: [L]=SOFTLOCKUP
[  276.638413][ T5804] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  276.638429][ T5804] Workqueue: hci4 hci_rx_work
[  276.638465][ T5804] Call Trace:
[  276.638475][ T5804]  <TASK>
[  276.638486][ T5804]  dump_stack_lvl+0xe8/0x150
[  276.638519][ T5804]  print_report+0xba/0x230
[  276.638549][ T5804]  ? l2cap_sock_new_connection_cb+0x1f9/0x2e0
[  276.638583][ T5804]  kasan_report+0x117/0x150
[  276.638608][ T5804]  ? l2cap_sock_new_connection_cb+0x1f9/0x2e0
[  276.638648][ T5804]  l2cap_sock_new_connection_cb+0x1f9/0x2e0
[  276.638685][ T5804]  l2cap_connect_cfm+0x368/0x1560
[  276.638720][ T5804]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[  276.638749][ T5804]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  276.638777][ T5804]  ? lockdep_hardirqs_on+0x7a/0x110
[  276.638801][ T5804]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  276.638826][ T5804]  ? mutex_lock_nested+0x152/0x1d0
[  276.638856][ T5804]  ? hci_connect_cfm+0x2c/0x140
[  276.638881][ T5804]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[  276.638912][ T5804]  hci_connect_cfm+0x95/0x140
[  276.638940][ T5804]  le_conn_complete_evt+0x1134/0x16b0
[  276.638968][ T5804]  ? lockdep_hardirqs_on+0x7a/0x110
[  276.638997][ T5804]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  276.639029][ T5804]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  276.639054][ T5804]  ? skb_pull_data+0xfb/0x200
[  276.639085][ T5804]  hci_le_conn_complete_evt+0x187/0x470
[  276.639118][ T5804]  hci_event_packet+0x659/0xef0
[  276.639145][ T5804]  ? __pfx____migrate_enable+0x10/0x10
[  276.639177][ T5804]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  276.639202][ T5804]  ? __pfx_hci_event_packet+0x10/0x10
[  276.639224][ T5804]  ? preempt_schedule_common+0x82/0xd0
[  276.639247][ T5804]  ? preempt_schedule_thunk+0x16/0x30
[  276.639276][ T5804]  ? hci_send_to_monitor+0xe2/0x590
[  276.639307][ T5804]  hci_rx_work+0x3ee/0x1030
[  276.639348][ T5804]  ? preempt_schedule_thunk+0x16/0x30
[  276.639375][ T5804]  ? process_scheduled_works+0xa8d/0x18c0
[  276.639406][ T5804]  process_scheduled_works+0xb6e/0x18c0
[  276.639465][ T5804]  ? __pfx_process_scheduled_works+0x10/0x10
[  276.639499][ T5804]  ? assign_work+0x3d5/0x5e0
[  276.639532][ T5804]  worker_thread+0xa53/0xfc0
[  276.639580][ T5804]  kthread+0x388/0x470
[  276.639603][ T5804]  ? __pfx_worker_thread+0x10/0x10
[  276.639632][ T5804]  ? __pfx_kthread+0x10/0x10
[  276.639655][ T5804]  ret_from_fork+0x51e/0xb90
[  276.639688][ T5804]  ? __pfx_ret_from_fork+0x10/0x10
[  276.639714][ T5804]  ? __switch_to+0xc7d/0x1450
[  276.639744][ T5804]  ? __pfx_kthread+0x10/0x10
[  276.639767][ T5804]  ret_from_fork_asm+0x1a/0x30
[  276.639800][ T5804]  </TASK>
[  276.639808][ T5804] 
[  276.639813][ T5804] Allocated by task 5804:
[  276.639824][ T5804]  kasan_save_track+0x3e/0x80
[  276.639852][ T5804]  __kasan_kmalloc+0x93/0xb0
[  276.639881][ T5804]  __kmalloc_noprof+0x3e7/0x7b0
[  276.639899][ T5804]  sk_prot_alloc+0xe7/0x210
[  276.639919][ T5804]  sk_alloc+0x3a/0x390
[  276.639937][ T5804]  bt_sock_alloc+0x3b/0x310
[  276.639959][ T5804]  l2cap_sock_new_connection_cb+0xe2/0x2e0
[  276.639989][ T5804]  l2cap_connect_cfm+0x368/0x1560
[  276.640016][ T5804]  hci_connect_cfm+0x95/0x140
[  276.640037][ T5804]  le_conn_complete_evt+0x1134/0x16b0
[  276.640063][ T5804]  hci_le_conn_complete_evt+0x187/0x470
[  276.640086][ T5804]  hci_event_packet+0x659/0xef0
[  276.640103][ T5804]  hci_rx_work+0x3ee/0x1030
[  276.640121][ T5804]  process_scheduled_works+0xb6e/0x18c0
[  276.640147][ T5804]  worker_thread+0xa53/0xfc0
[  276.640174][ T5804]  kthread+0x388/0x470
[  276.640192][ T5804]  ret_from_fork+0x51e/0xb90
[  276.640218][ T5804]  ret_from_fork_asm+0x1a/0x30
[  276.640236][ T5804] 
[  276.640241][ T5804] Freed by task 8780:
[  276.640250][ T5804]  kasan_save_track+0x3e/0x80
[  276.640277][ T5804]  kasan_save_free_info+0x46/0x50
[  276.640301][ T5804]  __kasan_slab_free+0x5c/0x80
[  276.640329][ T5804]  kfree+0x1c1/0x6c0
[  276.640355][ T5804]  __sk_destruct+0x626/0x880
[  276.640375][ T5804]  l2cap_sock_cleanup_listen+0xe0/0x440
[  276.640404][ T5804]  l2cap_sock_release+0x6e/0x270
[  276.640431][ T5804]  sock_close+0xc3/0x240
[  276.640463][ T5804]  __fput+0x461/0xa90
[  276.640486][ T5804]  task_work_run+0x1d9/0x270
[  276.640507][ T5804]  exit_to_user_mode_loop+0xed/0x480
[  276.640537][ T5804]  do_syscall_64+0x32d/0xf80
[  276.640559][ T5804]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  276.640579][ T5804] 
[  276.640585][ T5804] The buggy address belongs to the object at ffff88802fe2c000
[  276.640585][ T5804]  which belongs to the cache kmalloc-2k of size 2048
[  276.640603][ T5804] The buggy address is located 1968 bytes inside of
[  276.640603][ T5804]  freed 2048-byte region [ffff88802fe2c000, ffff88802fe2c800)
[  276.640625][ T5804] 
[  276.640631][ T5804] The buggy address belongs to the physical page:
[  276.640643][ T5804] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2fe28
[  276.640664][ T5804] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  276.640682][ T5804] flags: 0x80000000000040(head|node=0|zone=1)
[  276.640700][ T5804] page_type: f5(slab)
[  276.640719][ T5804] raw: 0080000000000040 ffff88813fe1b000 dead000000000100 dead000000000122
[  276.640738][ T5804] raw: 0000000000000000 0000000800080008 00000000f5000000 0000000000000000
[  276.640757][ T5804] head: 0080000000000040 ffff88813fe1b000 dead000000000100 dead000000000122
[  276.640775][ T5804] head: 0000000000000000 0000000800080008 00000000f5000000 0000000000000000
[  276.640794][ T5804] head: 0080000000000003 ffffea0000bf8a01 00000000ffffffff 00000000ffffffff
[  276.640812][ T5804] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000008
[  276.640823][ T5804] page dumped because: kasan: bad access detected
[  276.640834][ T5804] page_owner tracks the page as allocated
[  276.640843][ T5804] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5799, tgid 5799 (syz-executor), ts 92048344607, free_ts 92030298990
[  276.640881][ T5804]  post_alloc_hook+0x231/0x280
[  276.640912][ T5804]  get_page_from_freelist+0x28bb/0x2950
[  276.640934][ T5804]  __alloc_frozen_pages_noprof+0x18d/0x380
[  276.640955][ T5804]  allocate_slab+0x77/0x660
[  276.640978][ T5804]  refill_objects+0x334/0x3c0
[  276.641000][ T5804]  __pcs_replace_empty_main+0x35c/0x710
[  276.641026][ T5804]  __kmalloc_cache_noprof+0x44e/0x690
[  276.641043][ T5804]  rtnl_newlink+0x136/0x1bb0
[  276.641072][ T5804]  rtnetlink_rcv_msg+0x7d5/0xbe0
[  276.641101][ T5804]  netlink_rcv_skb+0x232/0x4b0
[  276.641129][ T5804]  netlink_unicast+0x831/0x9f0
[  276.641154][ T5804]  netlink_sendmsg+0x813/0xb40
[  276.641183][ T5804]  __sys_sendto+0x67f/0x710
[  276.641201][ T5804]  __x64_sys_sendto+0xde/0x100
[  276.641220][ T5804]  do_syscall_64+0x14d/0xf80
[  276.641241][ T5804]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  276.641261][ T5804] page last free pid 5870 tgid 5870 stack trace:
[  276.641273][ T5804]  __free_frozen_pages+0xfe3/0x1170
[  276.641291][ T5804]  __slab_free+0x24f/0x2a0
[  276.641308][ T5804]  qlist_free_all+0x97/0x100
[  276.641334][ T5804]  kasan_quarantine_reduce+0x148/0x160
[  276.641361][ T5804]  __kasan_slab_alloc+0x22/0x80
[  276.641390][ T5804]  kmem_cache_alloc_node_noprof+0x22a/0x6e0
[  276.641420][ T5804]  __alloc_skb+0x1d0/0x7d0
[  276.641438][ T5804]  mld_newpack+0x14c/0xc90
[  276.641468][ T5804]  add_grhead+0x5a/0x2a0
[  276.641491][ T5804]  add_grec+0x1452/0x1740
[  276.641512][ T5804]  mld_ifc_work+0x6e6/0xe70
[  276.641533][ T5804]  process_scheduled_works+0xb6e/0x18c0
[  276.641559][ T5804]  worker_thread+0xa53/0xfc0
[  276.641587][ T5804]  kthread+0x388/0x470
[  276.641605][ T5804]  ret_from_fork+0x51e/0xb90
[  276.641631][ T5804]  ret_from_fork_asm+0x1a/0x30
[  276.641650][ T5804] 
[  276.641655][ T5804] Memory state around the buggy address:
[  276.641666][ T5804]  ffff88802fe2c680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  276.641681][ T5804]  ffff88802fe2c700: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  276.641695][ T5804] >ffff88802fe2c780: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  276.641705][ T5804]                                      ^
[  276.641716][ T5804]  ffff88802fe2c800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  276.641740][ T5804]  ffff88802fe2c880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  276.641751][ T5804] ==================================================================
[  276.641772][ T5804] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  276.641791][ T5804] CPU: 1 UID: 0 PID: 5804 Comm: kworker/u9:4 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  276.641821][ T5804] Tainted: [L]=SOFTLOCKUP
[  276.641829][ T5804] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  276.641843][ T5804] Workqueue: hci4 hci_rx_work
[  276.641866][ T5804] Call Trace:
[  276.641875][ T5804]  <TASK>
[  276.641884][ T5804]  vpanic+0x56c/0xa60
[  276.641918][ T5804]  ? __pfx_vpanic+0x10/0x10
[  276.641950][ T5804]  ? __pfx___schedule+0x10/0x10
[  276.641975][ T5804]  panic+0xc5/0xd0
[  276.642004][ T5804]  ? __pfx_panic+0x10/0x10
[  276.642036][ T5804]  ? preempt_schedule_common+0x82/0xd0
[  276.642062][ T5804]  ? l2cap_sock_new_connection_cb+0x1f9/0x2e0
[  276.642096][ T5804]  check_panic_on_warn+0x89/0xb0
[  276.642121][ T5804]  ? l2cap_sock_new_connection_cb+0x1f9/0x2e0
[  276.642154][ T5804]  end_report+0x73/0x180
[  276.642174][ T5804]  ? l2cap_sock_new_connection_cb+0x1f9/0x2e0
[  276.642207][ T5804]  kasan_report+0x128/0x150
[  276.642229][ T5804]  ? l2cap_sock_new_connection_cb+0x1f9/0x2e0
[  276.642266][ T5804]  l2cap_sock_new_connection_cb+0x1f9/0x2e0
[  276.642300][ T5804]  l2cap_connect_cfm+0x368/0x1560
[  276.642335][ T5804]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[  276.642364][ T5804]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  276.642389][ T5804]  ? lockdep_hardirqs_on+0x7a/0x110
[  276.642412][ T5804]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  276.642436][ T5804]  ? mutex_lock_nested+0x152/0x1d0
[  276.642475][ T5804]  ? hci_connect_cfm+0x2c/0x140
[  276.642500][ T5804]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[  276.642530][ T5804]  hci_connect_cfm+0x95/0x140
[  276.642557][ T5804]  le_conn_complete_evt+0x1134/0x16b0
[  276.642585][ T5804]  ? lockdep_hardirqs_on+0x7a/0x110
[  276.642612][ T5804]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  276.642642][ T5804]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  276.642667][ T5804]  ? skb_pull_data+0xfb/0x200
[  276.642696][ T5804]  hci_le_conn_complete_evt+0x187/0x470
[  276.642725][ T5804]  hci_event_packet+0x659/0xef0
[  276.642749][ T5804]  ? __pfx____migrate_enable+0x10/0x10
[  276.642780][ T5804]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  276.642804][ T5804]  ? __pfx_hci_event_packet+0x10/0x10
[  276.642826][ T5804]  ? preempt_schedule_common+0x82/0xd0
[  276.642848][ T5804]  ? preempt_schedule_thunk+0x16/0x30
[  276.642875][ T5804]  ? hci_send_to_monitor+0xe2/0x590
[  276.642906][ T5804]  hci_rx_work+0x3ee/0x1030
[  276.642929][ T5804]  ? preempt_schedule_thunk+0x16/0x30
[  276.642954][ T5804]  ? process_scheduled_works+0xa8d/0x18c0
[  276.642984][ T5804]  process_scheduled_works+0xb6e/0x18c0
[  276.643028][ T5804]  ? __pfx_process_scheduled_works+0x10/0x10
[  276.643060][ T5804]  ? assign_work+0x3d5/0x5e0
[  276.643091][ T5804]  worker_thread+0xa53/0xfc0
[  276.643133][ T5804]  kthread+0x388/0x470
[  276.643155][ T5804]  ? __pfx_worker_thread+0x10/0x10
[  276.643184][ T5804]  ? __pfx_kthread+0x10/0x10
[  276.643207][ T5804]  ret_from_fork+0x51e/0xb90
[  276.643238][ T5804]  ? __pfx_ret_from_fork+0x10/0x10
[  276.643267][ T5804]  ? __switch_to+0xc7d/0x1450
[  276.643294][ T5804]  ? __pfx_kthread+0x10/0x10
[  276.643317][ T5804]  ret_from_fork_asm+0x1a/0x30
[  276.643345][ T5804]  </TASK>
[  276.643818][ T5804] Kernel Offset: disabled