last executing test programs:

14.131091558s ago: executing program 1 (id=949):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_SET_SREGS2(r2, 0x4140aecd, &(0x7f0000000140)={{0xe566c797b7515b9, 0xffff1000, 0x10, 0x9, 0x7f, 0x7, 0x81, 0xff, 0x0, 0x84, 0x0, 0xb}, {0xd000, 0xd000, 0x10, 0x3, 0x3, 0x7, 0x6, 0x6, 0x1, 0x4, 0xfa, 0x5}, {0xf000, 0x8000000, 0x4, 0x4, 0x10, 0x81, 0x4, 0x13, 0x5, 0x4, 0x92, 0x80}, {0x10000, 0xeeef0000, 0xe, 0x7, 0x1, 0x40, 0x2, 0x0, 0xfd, 0x29, 0x9, 0x9}, {0xeeee8000, 0xdddd0000, 0xf, 0x9, 0x5, 0x2, 0x7, 0xf1, 0x2, 0x6e, 0x2, 0x8}, {0x4000, 0xdddd1000, 0xe, 0x2, 0xad, 0x2, 0x5, 0x5, 0x1, 0xe, 0x6, 0xa}, {0x10000, 0x10000, 0xb, 0x0, 0xcd, 0x5, 0x5, 0x26, 0x8, 0x6, 0xff, 0x6}, {0x1, 0xf000, 0xd, 0xe, 0x13, 0x40, 0x3, 0x0, 0x7f, 0x1, 0x0, 0x8}, {0x100000, 0x5}, {0x80a0000, 0xff81}, 0x80000003, 0x0, 0x6000, 0x21, 0x5, 0xa800, 0x8000900, 0x1, [0x6, 0x2, 0x3, 0x3]})
r3 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000080)=ANY=[], 0x0)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f00000002c0)=0x1)
syz_usb_control_io$hid(r3, 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000005c0)={0x48, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0x4}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}]}, 0x48}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
syz_usb_control_io$hid(r3, &(0x7f00000001c0)={0x14, 0x0, 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0022e1e540e91f050d0b76f61b6790b7b069000200000000004e20c3054780e3eaeae367a04e98de"], 0x0}, 0x0)
r6 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
r7 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r7, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[<r8=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r7, 0xc06864a1, &(0x7f00000003c0)={0x0, 0x0, r8, <r9=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r7, 0xc06864ce, &(0x7f0000000440)={r9, 0x0, 0x0, 0x0, 0x1, [<r10=>0x0], [], [], [0x0, 0x100000000]})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r6, 0xc02064b2, &(0x7f0000000140)={0x3ff, 0x2, 0xb5})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r6, 0xc00c642d, &(0x7f0000000080)={r10})
read(r6, &(0x7f0000000640)=""/164, 0xa4)
r11 = openat$mice(0xffffff9c, &(0x7f0000000500), 0x400)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000540)={@map=r11, 0xffffffffffffffff, 0x13, 0x2001}, 0x20)
r12 = syz_usb_connect$lan78xx(0x6, 0x3f, &(0x7f0000000040)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0x424, 0x7850, 0x0, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d}}]}}, 0x0)
syz_usb_control_io$lan78xx(r12, &(0x7f0000000240)={0xc, &(0x7f00000000c0)={0x20, 0x30, 0xbb, {0xbb, 0x5, "4de62072ef8bde56d02b340531021acbe03d59a8f6cf6e8ef0159d6be5a52cabc98884986784420abeb01805189170ea421c120fca20855f160e3e4083b2bd50d164fe3fbfda539e515eaf50ae4811f0a8ca4e17d4e53a158495cf4f2420dc97a500e20e88b6cdcd1bf95394732b1d411ddf94ea9d422f9868e18cc4eae1fe7181a5a9ab9f698210bad42aa1a820369c35007ef685d947b115d2f702501d66e3bc9a5d6a0fd5f7aa25ec33f40a44f8936dc9b275588c6b1fb3"}}, &(0x7f0000000200)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0xc04}}}, &(0x7f00000004c0)={0x1c, &(0x7f0000000300)={0x0, 0x16, 0x65, "ea80d38f5531641311c65a9a5615a2c234c92c4cac6576e01fcf31d777798a384cc7235dc15fc97eae1007d09b5731aba0061d4ae772e28892641c637b3e847d040faf1d4198e09352071daab114cf69c22b4ff495274af3d0f3cb7e62406cbe66ad528240"}, &(0x7f0000000280)={0x0, 0xa, 0x1, 0x1}, &(0x7f00000003c0)={0x0, 0x8, 0x1, 0xb}, &(0x7f0000000400)={0xc0, 0xa1, 0x4, 0x3}, &(0x7f0000000440)={0x40, 0xa0, 0x4, 0x80000001}, &(0x7f0000000480)={0xc0, 0xa2, 0x2f, "7fe2b692dc9a9144f1b8e9b152a33aab202793c3ac3772bb4c530aad8bd4a3f5b7e667c643e88f117eefeaf6dc8bd3"}})
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
pipe(&(0x7f0000000080)={<r13=>0xffffffffffffffff, <r14=>0xffffffffffffffff})
read$FUSE(r13, &(0x7f0000000740)={0x2020}, 0x2020)
ppoll(&(0x7f00000001c0)=[{r13, 0x110}], 0x1, 0x0, 0x0, 0x0)
write(r14, &(0x7f0000000340), 0x11000)
socket$kcm(0x29, 0x0, 0x0)

12.656543321s ago: executing program 2 (id=952):
syz_usb_connect(0x6, 0x24, &(0x7f0000000040)=ANY=[], 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/fs/cgroup', 0x100, 0x80)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x800000000, 0xf, &(0x7f0000006680))
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000200)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
r2 = socket(0x10, 0x803, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000340), 0x302, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000640)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffff, 0xf}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x4, 0x6}}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001300)=@newtfilter={0xd4, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {0xe, 0x7}, {}, {0x7}}, [@filter_kind_options=@f_u32={{0x8}, {0xa8, 0x2, [@TCA_U32_SEL={0x35, 0x5, {0x7, 0xef, 0x8, 0x8, 0x5, 0x9, 0x7, 0x0, [{0xffd, 0x4, 0x401, 0x4}, {0x8, 0x7, 0x1008, 0x5}, {0xfffffff9, 0x43, 0x7ffd, 0x5}, {0x7fde, 0x40, 0x51, 0x3ff}, {0x5, 0xb, 0x2, 0xec}, {0x6, 0x4, 0x8, 0x8}, {0x8001, 0x0, 0x0, 0x8001}, {0x1, 0x1800000, 0x10001}]}}, @TCA_U32_POLICE={0x10, 0x6, [@TCA_POLICE_PEAKRATE64={0xc, 0x9, 0xfffffffffffffffb}]}]}}]}, 0xd4}, 0x1, 0x0, 0x0, 0x80}, 0x40)
socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0)
syz_usb_connect$uac1(0x0, 0xac, 0x0, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000680), r7)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r7, &(0x7f0000000000)={0x0, 0xa7, &(0x7f0000000640)={&(0x7f0000000580)={0x44, r8, 0x917, 0x0, 0xffffffe4, {}, [@L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x4}, @L2TP_ATTR_IP_DADDR={0x8, 0x19, @private=0x7fffffff}, @L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @multicast2}, @L2TP_ATTR_PROTO_VERSION={0x5}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x2}]}, 0x44}}, 0x4000)
r9 = syz_open_dev$video(&(0x7f0000000b40), 0x7, 0x28000)
preadv(r9, &(0x7f0000001200)=[{&(0x7f0000000c00)=""/113, 0x71}], 0x1, 0x4, 0xb)
ioctl$VIDIOC_LOG_STATUS(r9, 0x5646, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)

10.967158157s ago: executing program 1 (id=958):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x48000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_CAP_HYPERV_ENLIGHTENED_VMCS(r2, 0x4068aea3, &(0x7f0000000000)={0xa3, 0x0, 0x0})
ioctl$KVM_GET_SUPPORTED_HV_CPUID_cpu(r2, 0xc008aec1, &(0x7f0000001280))

10.763898326s ago: executing program 1 (id=960):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x81, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_EXIT_HYPERCALL(r1, 0x4068aea3, &(0x7f0000000040)={0x79, 0x0, 0xc})
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x100000, 0x0)
unshare(0x26020480)
syz_mount_image$fuse(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x8942a, &(0x7f00000001c0)=ANY=[], 0x0, 0x0, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x89901)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000000)={0x1, 0x0, [{0x0, 0x4, 0x0, 0x0, @adapter={0x0, 0x8000000000000000, 0x1, 0x2}}]})
setsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x39, &(0x7f00000000c0)=@dstopts={0x62, 0x1a, '\x00', [@ra={0x5, 0x2, 0x4a}, @jumbo={0xc2, 0x4, 0x10000}, @hao={0xc9, 0x10, @local}, @padn={0x1, 0x8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @enc_lim={0x4, 0x1, 0x5}, @hao={0xc9, 0x10, @dev={0xfe, 0x80, '\x00', 0x15}}, @generic={0xf, 0x97, "567b98df4a803cb4bf2cf88c8bd2ca894d4b2c362f6d3fecd702ab40617763a4ffe13dc37f599194d014461056a17507eebdcd37800c698d98e500142baf0b9a5ac15759876bec11070032b1b833fa0d2d7cf26488057c0de0c83acb364824fe724cf085d0d7e50e16e2db16ca8235d0261315b6dab913829d187cd9ed50598194d267cb140b8e0eaabec34b73d2e3b734207e9dc10bef"}]}, 0xe0)

10.106994181s ago: executing program 1 (id=961):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@setlink={0x3b, 0x13, 0x1, 0x0, 0x80, {0x0, 0x0, 0x0, 0x0, 0x200, 0x21a2}, [@IFLA_TARGET_NETNSID={0x8, 0x2e, 0x4}, @IFLA_NET_NS_PID={0x8, 0x13, 0xffffffffffffffff}]}, 0x30}}, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x218, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/freeze_filesystems', 0x20202, 0xa4)
sendfile(r3, r3, 0x0, 0x68)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f00000001c0)='1', &(0x7f0000000200)='PCI:', 0x0)
syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b36"], 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000240), 0xc2882, 0x0)
setsockopt$SO_RDS_TRANSPORT(0xffffffffffffffff, 0x114, 0x8, 0x0, 0x0)
setsockopt$SO_RDS_MSG_RXPATH_LATENCY(0xffffffffffffffff, 0x114, 0xa, 0x0, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x8, &(0x7f00006dbffc), 0x4)
r4 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x1c0002, 0x0)
write$vga_arbiter(r4, &(0x7f0000000240)=@target={'target ', {'PCI:', '0', ':', '8', ':', '1f', '.', '1'}}, 0x14)
r5 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f00020000000905050200de"], 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0xffffffffffffffff)
syz_usb_disconnect(r5)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000029c0)={0x20, 0x3e, 0x107, 0x0, 0x0, {0x4, 0x7c}, [@nested={0xc, 0x11a, 0x0, 0x1, [@nested={0x6, 0xa, 0x0, 0x1, [@generic="ef07"]}]}]}, 0x20}}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r6 = signalfd4(0xffffffffffffffff, &(0x7f00000000c0)={[0x1]}, 0x8, 0x0)
faccessat2(r6, &(0x7f0000001400)='\x00', 0x0, 0x1100)

9.28124831s ago: executing program 0 (id=965):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r4, &(0x7f0000000380)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r5, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x800)
sendmsg$nl_route_sched(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000000c0)=@newqdisc={0x44, 0x24, 0xe0b, 0x70bd26, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}, {0xfff3, 0xd064db0e491fa98f}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x14, 0x2, [@TCA_CAKE_NAT={0x8, 0xb, 0x1}, @TCA_CAKE_INGRESS={0x8, 0xf, 0x1}]}}]}, 0x44}}, 0x4044080)
bind$packet(r2, &(0x7f0000000040)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @remote}, 0x14)
sendto$inet6(r2, &(0x7f0000000800)="4103082c1116480401020200c52cf7c25975e005b02f000006892f000300897c6b118777faffffff3066090cb600c5471d130a66321a54e7df305fbe258161b6fd8f2428652265d94c6fdbaefc57376a57c2feffff188be9427c323ef024a37016d2a7f9ab6e7941a6fc4f95aa73c1dfff4941f6503b5bd8c91db22cd33795481c94085fa12cdc679ac2a5d7b5d99b93fb07acb0da680e78b74c74aae8d7690d5986a9af81622a0ac210bc7b5ca5fed11cb54d046642670041e846bb184ff5d39fe8516d2d2a8d84e6e7dfcb2b8a8023444db513a3d7a124b59f0a5cd36489dbbb75cce3145d0ea3c3aa21af7cbcbc7a7575db782e757ca543109f5ddcec4930aa91f4119ea3d1f56140cb86cfe0724b23904ef5d05c725ee23918a502b1afe09fb0757d", 0xfc13, 0x880, 0x0, 0xfffffffffffffef0)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
syz_open_dev$vbi(&(0x7f0000000000), 0x2, 0x2)
r6 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
r7 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r6, &(0x7f0000000040))
close(0x3)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
getsockopt$CAN_RAW_LOOPBACK(0xffffffffffffffff, 0x65, 0x20, 0x0, 0x0)
r8 = socket$inet_udp(0x2, 0x2, 0x0)
r9 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r9, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="fc0000001900010000000000fcdbdf2500000000000000000000000000000000fe8000000000000000000000000000bb00000000", @ANYRES32=0x0, @ANYRES32=0x0], 0xfc}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
bind$inet(r8, &(0x7f0000000100)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x17}}, 0x10)
setsockopt$sock_int(r8, 0x1, 0x6, &(0x7f0000000000)=0x4, 0x4)
connect$inet(r8, &(0x7f0000000280)={0x2, 0x0, @broadcast}, 0x10)
ioctl$UFFDIO_ZEROPAGE(0xffffffffffffffff, 0xc020aa04, 0x0)
sendmmsg$inet(r8, &(0x7f0000004d00), 0x7fffffffffffd33, 0x20000890)
socket$nl_rdma(0x10, 0x3, 0x14)

8.944801267s ago: executing program 2 (id=966):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000100)={0x6, 0x1f, 0x6})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f00000000c0)={0xdb, 0x1ff, 0xb})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000000)={0x7fff, 0x8, 0x100})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000080)={0x2, 0x5, 0x3})
r3 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
r4 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r4, 0xc02064b2, &(0x7f0000000340)={0x8, 0x8169, 0x6, 0x0, <r5=>0x0})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000280)={0x40, 0x403, 0xc})
r6 = syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r4, 0xc02064b2, &(0x7f0000000200)={0x1000008, 0x1, 0x7})
ioctl$DRM_IOCTL_MODE_DESTROY_DUMB(r3, 0xc00464b4, &(0x7f0000000380)={r5})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000040)={0x49, 0x7fff, 0x4})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r6, 0xc02064b2, &(0x7f0000000140)={0x6, 0x1000, 0x800})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000240)={0x103, 0x9, 0xd83d})
dup(r2)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f00000002c0)={0x8, 0xd7, 0x8})
close_range(r0, 0xffffffffffffffff, 0x0)

8.827319767s ago: executing program 0 (id=967):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={0x14, r1, 0x301, 0x70bd29, 0x25dfdbfc, {0x24}}, 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
r2 = gettid()
prctl$PR_SCHED_CORE(0x3e, 0x5, r2, 0x2, 0x0)
r3 = openat$tun(0xffffff9c, &(0x7f0000000080), 0x4000, 0x0)
write$tun(r3, &(0x7f00000003c0)={@void, @val={0x1, 0x0, 0x7f, 0x24d, 0x9, 0x50f}, @x25={0x1, 0x1, 0x1, "23c3033d4cbd8d3fd5438631518af9b866e86bf905be04dc0ac9e82a4107808c908ee27b2d62be7417c13dc3fa6b6506917c27004e56206d4a6b04527f1f5103bd70e98b056c104e62fe731770ba463c5ce6bee42fc0312fbe81220249d7c5ad36351a7ed3dd89c40a607e49a9675117c94823a5cf0650a2661baae5bb6720a56390631610e3116bc16bd40cb3cc0df3e8f000d55a8552fdd8022768e76d60b3a4d595dbed988fd64d95108c5f7ad98c1e04d5f0f698b484f7c3342d70ee3c0e0560faac20d9ee548ef9bf633dcf466e1a25"}}, 0xdf)
landlock_create_ruleset(&(0x7f0000000000)={0x4100, 0x1, 0x1}, 0xfffffffffffffea5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000240), 0x2, 0x40102)
writev(r4, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0x1}], 0x1)
mknodat$loop(0xffffffffffffff9c, 0x0, 0x1000, 0x1)
open(0x0, 0x0, 0x0)
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0)
r6 = openat$sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
sendfile(r6, r5, &(0x7f0000002080)=0x64, 0x21c)

8.215099965s ago: executing program 2 (id=968):
r0 = socket$packet(0x11, 0xfffffffffffffffd, 0x300)
setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000100)=0x40049, 0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$igmp(0x2, 0x3, 0x2)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, 0x0, &(0x7f0000000140))
r2 = syz_io_uring_setup(0x497, &(0x7f0000000180)={0x0, 0x7079, 0x0, 0x3, 0x1e5}, &(0x7f00000000c0)=<r3=>0x0, &(0x7f0000000040)=<r4=>0x0)
rseq(&(0x7f00000006c0)={0x0, 0x0, 0x0, 0x1}, 0x20, 0x0, 0x0)
r5 = gettid()
rt_sigtimedwait(&(0x7f0000000080)={[0x3ff]}, 0xffffffffffffffff, 0x0, 0x8)
tkill(r5, 0x7)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r7 = openat$cgroup_procs(r6, &(0x7f0000000240)='tasks\x00', 0x2, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r7, 0x0, 0x0})
io_uring_enter(r2, 0x3516, 0x0, 0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r8 = syz_io_uring_setup(0x497, &(0x7f0000000400)={0x0, 0x3f73, 0x100, 0x0, 0x1a}, &(0x7f0000000340)=<r9=>0x0, &(0x7f0000000600)=<r10=>0x0)
io_uring_register$IORING_REGISTER_PBUF_RING(r8, 0x16, &(0x7f00000000c0)={&(0x7f0000002000)={[{0x0, 0x0, 0x2}]}, 0x1, 0x1}, 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r9, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r11 = socket$inet_mptcp(0x2, 0x1, 0x106)
syz_io_uring_submit(r9, r10, &(0x7f00000002c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x20, 0x10, r11, 0x0, 0x0, 0x0, 0x262, 0x1, {0x1}})
io_uring_enter(r8, 0x3516, 0xf400, 0x0, 0x0, 0x0)
r12 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r12, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000)
sendmsg$NFT_BATCH(r12, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a88000000060a010400000000000000000a0000010900010073797a31000000005c000480580001800b000100747872676574000048030900000003c420000461afb9fdd672bad09dfb78c7699c74e891a0c7fffffffffffffff5000000000200000008000240000000000e00010049444c4554494d45520000000900020073797a3200000000140000001100010000000000000000000100000a"], 0xb0}, 0x1, 0x0, 0x0, 0x4000851}, 0x20040040)

7.801426099s ago: executing program 0 (id=969):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000000)=0xffff0018)
r1 = syz_io_uring_setup(0x22ea, &(0x7f0000000140)={0x0, 0xfecf, 0x4, 0x0, 0x20000000}, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
unshare(0x2c020400)
r4 = socket$l2tp(0x2, 0x2, 0x73)
connect$l2tp(r4, &(0x7f0000000000)={0x2, 0x0, @multicast1, 0x3}, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
r5 = syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f00000000c0)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xcc}}]}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r5, 0x82, 0x344, &(0x7f0000000200)=ANY=[@ANYBLOB="d700004e474da80cd35a548252f12fde36777dd581b1a4de07a37768c269ceccc2748ff3b8818e184241f0580be66b6c449f95b15819621ae31f6755816ff3f4c966efb4cb781e2057bda0e683d9aa4152e354eb822dfd8b32a1300496b073f894a8dc069855f9aa73da8f4562bbef58173c9a7be8890981b78f42786258357332231bdab38cf9b50132fe7f624d7977efb0b41e9f3b4ce84fdd248a6cb6a4f1e5e8f6e1d38dbaf2187ade748844806e7d01dc043a8c644d43fbb356634937139b9df9f70998be275a6df990d65bc42fe38d903d3a582e3e5f306000f800004e2d63"])
io_uring_enter(r1, 0xdb4, 0x0, 0x0, 0x0, 0x0)

7.563186246s ago: executing program 3 (id=970):
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
eventfd2(0x4, 0x801)
socket$kcm(0x2, 0x922000000001, 0x106)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000e40), 0x0, 0x0)
shutdown(0xffffffffffffffff, 0x1)
r0 = socket(0x10, 0x803, 0x40000008)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$VIDIOC_S_PARM(0xffffffffffffffff, 0xc0cc5616, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x3, 0x0, 0x0, 0xfffffffffffffffe}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_inet_tcp_SIOCOUTQ(r0, 0x5411, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240"], 0x7c}}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000340)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
getrusage(0xffffffffffffffff, &(0x7f00000011c0))
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x800)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000240)={'ipvlan0\x00'})
r4 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
r5 = fsmount(r4, 0x0, 0x0)
openat(r5, &(0x7f0000000000)='./file1\x00', 0x240, 0x4)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
socket$nl_route(0x10, 0x3, 0x0)

6.956468827s ago: executing program 4 (id=971):
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'macvlan1\x00', <r1=>0x0})
sendto$packet(r0, 0x0, 0x0, 0x10000018, &(0x7f0000000200)={0x11, 0x8808, r1, 0x1, 0xfa, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x14)

6.667626775s ago: executing program 4 (id=972):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
semctl$IPC_STAT(0x0, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x40ead000)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x8fff, 0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(camellia)\x00'}, 0x58)
r4 = openat$sysfs(0xffffffffffffff9c, 0x0, 0x149a82, 0x0)
write$cgroup_int(r4, &(0x7f0000000040)=0x1c9, 0x12)
ioctl$SNDCTL_SEQ_SYNC(r4, 0x5101)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef91", 0x12)
r5 = accept4(r3, 0x0, 0x0, 0x800)
sendmmsg$alg(r5, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=[@op={0x10, 0x117, 0x3, 0x1}], 0x10}], 0x1, 0x40800)
recvmsg(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)}, 0x0)
execve(&(0x7f0000000180)='./file0\x00', 0x0, &(0x7f0000000340)={[&(0x7f0000000940)='\x7f\xb7\xc3\x7f\xa5a\xd6A*c\x9b\xd8R\xf02b\xefA|uiWb\x8f\xee\x1c\xc5\xdb^\x11\x16h\x83\x94y<yN\xfbXh[\xe9\xa9\x1702\x7f\x9e\xf0\x99\xad\xdc;p\x98R\a\xb1\x9d^\x0f\x121\xb3\xab7P\xd6\xcb\x06\xfe2~W\xd9\xad\x80\xd9!\x89%\xb80\xa3l;\x1eK\x90\x15\xc6\x11A\xfc\x7f\xc6\xed\xe7\xa3\x9f\xb4\xce\"\xef\xa8\x86F\x15\xb9\rj\f\xafa\xb0}\xde\'E\x84\xb2bO\xd2\xd4\x85F\xde1e\xe0\xf2\xa0/\xd3<\xda\xfe\x04,\xfa\x97\xb6\xf4\xcf\x0el\xf2\xbd\x18\x88\xd7\x02\xce\x99\x1f\xadj\x89\xd9\xb7\xae9\xb0\xb0{n.\xd7\x87C\x0eh|KZG\x108l\n\xcd\xe9\x04\xafM\xbf\x83#>\x89\xf1Y{\x87\xd5\xf3\xccMr\xc5\xbdT\x9e\xc4\x84\x06\xcd\x8b\xcd\t\x01', &(0x7f0000000300)='/#\x00']})
preadv(0xffffffffffffffff, 0x0, 0x0, 0x2b, 0x0)
r6 = signalfd(r3, &(0x7f0000000000)={[0x0, 0x4]}, 0x8)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
madvise(&(0x7f0000130000/0xd000)=nil, 0xd000, 0x66)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60005f, 0x19)
getrandom(&(0x7f0000000040)=""/133, 0xfffffffffffffdde, 0x2)
ptrace(0x10, r0)
ptrace$getregset(0x4205, r0, 0x200, &(0x7f0000000080)={&(0x7f00000000c0)=""/97, 0x61})

5.651416024s ago: executing program 3 (id=973):
r0 = syz_open_dev$radio(&(0x7f00000003c0), 0x3, 0x2)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r3, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
getsockopt$bt_hci(0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket(0x10, 0x3, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r7 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x6, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r7, 0xc0cc5605, &(0x7f00000005c0)={0x1, @pix={0x3, 0x0, 0x38415262, 0x0, 0x1, 0x0, 0x3, 0x13}})
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETPERSIST(r1, 0x400454cb, 0xfffffffc)
ioctl$KVM_REGISTER_COALESCED_MMIO(r5, 0x4010ae67, &(0x7f0000000080)={0x1, 0x12000, 0x1})
r8 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
r9 = syz_open_dev$vbi(&(0x7f0000000080), 0x1, 0x2)
r10 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/config', 0x0, 0x0)
fchown(r10, 0x0, 0x0)
ioctl$VIDIOC_S_DV_TIMINGS(r9, 0xc0845657, &(0x7f0000000580)={0x0, @bt={0x6, 0xffffffff, 0x1, 0x1, 0x8, 0x4, 0xfff, 0xfffffffe, 0x4, 0x8000, 0x2, 0x6, 0x4, 0x48, 0x4, 0x20, {0x9b7f, 0x5}, 0xfd, 0x7f}})
ioctl$VIDIOC_LOG_STATUS(r0, 0x5646, 0x0)
ioctl$VIDIOC_G_EXT_CTRLS(r0, 0xc0185647, &(0x7f00000000c0)={0x980000, 0x7, 0x3ff, 0xffffffffffffffff, 0x0, &(0x7f0000000080)={0xa30903, 0x8, '\x00', @ptr=0x1}})

5.310967002s ago: executing program 1 (id=974):
syz_emit_ethernet(0x82, &(0x7f0000001bc0)={@local, @random="1704b45adbde", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x74, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xe0, 0x0, 0xe000, {0x16, 0x4, 0x0, 0x3d, 0x0, 0x0, 0xfffc, 0x0, 0x11, 0x0, @multicast1, @rand_addr, {[@lsrr={0x83, 0x3}, @rr={0x7, 0x3, 0xfc}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x0, [{@private=0xa010111, 0x10000}, {@empty}, {@local}, {@remote}, {@local}, {@dev}, {@private}]}]}}}}}}}, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x2, 0x200, @loopback, 0x7}, 0x1c)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(0xffffffffffffffff, &(0x7f00000000c0)='?', 0x1, 0x20040845, &(0x7f00000001c0)={0xa, 0x2, 0xffff, @loopback, 0x3}, 0x1c)
r0 = syz_usb_connect(0x3, 0x2d, &(0x7f0000000040)={{0x12, 0x1, 0x310, 0x11, 0x39, 0x5b, 0x40, 0x5d8, 0x810c, 0x185f, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x6, 0x1, 0xf0, 0x8, [{{0x9, 0x4, 0xc8, 0x8, 0x1, 0x7f, 0xf8, 0xae, 0x4c, [], [{{0x9, 0x5, 0x1, 0x3, 0x200, 0x7, 0x5, 0x6}}]}}]}}]}}, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0})
syz_usb_ep_read(r0, 0x1, 0x0, 0x0)
syz_usb_ep_read(r0, 0x1, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000000)='scalable\x00', 0x9)
shutdown(0xffffffffffffffff, 0x1)

4.979343027s ago: executing program 0 (id=975):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
recvmmsg(r0, &(0x7f0000000500)=[{{0x0, 0x0, &(0x7f0000000d40)=[{&(0x7f0000000580)=""/104, 0x68}], 0x1}, 0x3}, {{0x0, 0x0, 0x0}, 0x9}], 0x2, 0x0, 0x0)
syz_usb_connect(0x3, 0x2d, &(0x7f0000000480)={{0x12, 0x1, 0x200, 0x1d, 0x6, 0x27, 0x40, 0x1df7, 0x2500, 0x5e, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x2, 0x0, 0x0, 0x20, 0x1, [{{0x9, 0x4, 0x1, 0xcf, 0x0, 0x38, 0x36, 0x7c, 0x1}}, {{0x9, 0x4, 0x8e, 0x0, 0x0, 0x83, 0xb5, 0x75, 0xb}}]}}]}}, 0x0)

4.002439986s ago: executing program 2 (id=976):
r0 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$inet_int(r0, 0x0, 0xf, &(0x7f0000000340)=0xfffffffffffffff9, 0x4)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f00000000c0)=[@in6={0xa, 0x4e21, 0x3ef, @private2={0xfc, 0x2, '\x00', 0x45}, 0x8}], 0x1c)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000100)=[@in={0x2, 0x0, @loopback}], 0x10) (fail_nth: 1)

3.95922745s ago: executing program 3 (id=977):
bind$alg(0xffffffffffffffff, &(0x7f0000000180)={0x26, 'hash\x00', 0x0, 0x0, 'hmac(md5)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
r0 = accept4$alg(0xffffffffffffffff, 0x0, 0x0, 0x80800)
read$alg(r0, &(0x7f0000000000)=""/52, 0x34)

3.778518675s ago: executing program 4 (id=978):
r0 = syz_open_dev$vim2m(&(0x7f0000000500), 0xb53d, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000540)={0xffffeffe, 0x1, 0x2})
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000000)={0x1f, 0x1, 0x4})
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000000), 0xc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)
epoll_pwait(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x8)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=@ipv6_newrule={0x4c, 0x20, 0x1, 0x0, 0x0, {0xa, 0x80, 0x14, 0x0, 0x7, 0x0, 0x0, 0x3}, [@FRA_SRC={0x14, 0x2, @private2={0xfc, 0x2, '\x00', 0x1}}, @FIB_RULE_POLICY=@FRA_DPORT_RANGE={0x8, 0x18, {0x4e1f, 0x4e23}}, @FRA_DST={0x14, 0x1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}]}, 0x4c}}, 0x40000)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000002c0)=@newlink={0x5c, 0x10, 0x439, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x3c, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x2c, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x14, 0x3, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, @IFLA_IPTUN_LOCAL={0x14, 0x2, @private2}]}}}]}, 0x5c}}, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r1, 0x8916, &(0x7f0000000040)={'veth0_vlan\x00', {0x2, 0x4e23, @initdev={0xac, 0x1e, 0x0, 0x0}}})
sendmsg$NFT_MSG_GETRULE(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="20000000070a01020000000000000000020000060900010073797a0100000000"], 0x20}, 0x1, 0x0, 0x0, 0x800}, 0x4000)

3.723287171s ago: executing program 3 (id=979):
socket$inet6_udplite(0xa, 0x2, 0x88)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$userfaultfd(0xffffff9c, &(0x7f0000002640), 0x80800, 0x0)
ioctl$USERFAULTFD_IOC_NEW(r0, 0xaa00)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x101121)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
r3 = syz_io_uring_setup(0x1c57, &(0x7f0000000300)={0x0, 0x40ac, 0x10000, 0x2, 0x3f, 0x0, r2}, &(0x7f0000000180)=<r4=>0x0, &(0x7f00000001c0)=<r5=>0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r4, r5, &(0x7f0000000200)=@IORING_OP_POLL_ADD={0x6, 0x21, 0x0, @fd=r1})
io_uring_enter(r3, 0x2def, 0x4000, 0x0, 0x0, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0xa6c3, 0x0)
fcntl$setlease(r6, 0x400, 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000000)='./file1\x00', &(0x7f0000000340)='system.posix_acl_default\x00', 0x0, 0x0, 0x0)
getsockopt$IP_VS_SO_GET_TIMEOUT(r2, 0x0, 0x486, &(0x7f0000000040), &(0x7f00000000c0)=0xc)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

3.723058048s ago: executing program 2 (id=980):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
pipe2(&(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80000)
write$RDMA_USER_CM_CMD_MIGRATE_ID(r0, &(0x7f00000001c0)={0x12, 0x10, 0xfa00, {0x0, 0xffffffffffffffff, r1}}, 0x18)
unshare(0x6a040000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
pipe2$watch_queue(0x0, 0x80)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="cda85a82c2741c0000002000010000000000000009000000000000000001000000002990177816678a0fb69f402a749f0271ea3c8ee93cf4ab012dfc97bc60b15d9e5a0eb325113f9f0b9c762cb618800dee7b21d6f28e66d28b0c6143cbf8b61544802533e36f7f7e2627296b84203b1cea810940a5bf5cd4b541a8c3d1ceefe36ce0056828c41e279f960952346eb9c7c9e2212e4dfa36ce1fcb55bfc2384b42a3d4fced127370555bb73874bb5c9c6071e087e477c131c1f2bc819229da33760ed4126babaa9eb2686a0a08b8b7430d6ea18166a43cb0222d0b5a7c3e616b8d483b02d995b48f6ab03ed2f4"], 0x1c}}, 0x48850)

3.548761138s ago: executing program 4 (id=981):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt(r0, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r0, 0x84, 0x17, &(0x7f0000000600)=ANY=[@ANYBLOB="44d60000001b8d1681ae5dbf8796684dfc231bc0373ac721e242fa700c92a065e0b9edda207f8051d07fd3645a29ee37e5bfeaa6fe2a0add84a5f9c13f86edc5f293ec3ed4fb8fc45af2492f1680cdbf"], 0x9)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r0, 0x84, 0x17, 0x0, 0x0)
socket$kcm(0x10, 0x2, 0x0)
r1 = memfd_create(&(0x7f0000000480)='\xff\x00l\x1e\xa0</\x00\x8eO4._\x14zC\x8a\xe8\xe0u\xe0\xff\xf1\xb2\xfd\xf6nz\x05-]\xc2Vk\xaeky\xd3\x83\xe2\xc7\xd3\xe6M^\x98ox\x14\t\xe9Q1\x1dK\x9a\x045\xd37\xb22\xfdD(\xd2\xdd\xa0\xff\x0f\x00\x00\x00\x00\x00\x00v\n\xd8?]k\x14N\x18\xf4\xc2j\xed6g\xfd\xd2\xd4\xe3\x1f\xa6 \xa0\x8d\xb5\x9aE<2`]<\x8cR\xd69\x0fO\xbf\xc3\xbd\xb0\x96\x90\x91k\x86\x1a\x10\xd2\xf5\x8b\xfc\xf4\xd0[\x12\xf5+\x1aS\x02/Yx\xf2jJb\x97\x9c/\x1f5i\xc6\x861\x9a\xff\xc3\xe7\xbfU\xd5\xac\xccB=\x8f\xfd\x84\xeepQ\x93nn\x0f\xc6\xa9?\xad\x8b~\x96@i=G\x9ft\x1d\xcc\xc6Ys7\x7f\x8ehv\xd3$\x13s\xa0\xbfi\xfaFS\xa9=Xe\xf8tI\x15\x882\x8b\x8e-X\xb8\xf2\x9du\x15S^\xec\xce\xfaf$S\x9f\xe7Ed\n\x84\\ u\xd2\x16\xc1\xa5\xa0\xaa\xe8.i\xc8\x0e\vt\xe2\xf1lA\x93\xdd\xce\x8f$\x06v\xbe\xe7\x95nN\xc5\xaa\x1ev\xc6P\x9c\\G&y\x8bYA\xc3}\xd9\x86[\xb2\xf3\x0f\x90%\xcb\x81\xe8\xea\xbcs\x95\xe9\x8eXH\x19m\xdfOY\xf1E9-\xc8\xe7\x13^+(\x034\x82\xafiOO\x14\x8f^\x8c', 0x7)
r2 = openat$udambuf(0xffffff9c, &(0x7f0000000000), 0x2)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000540), 0x0, 0x0)
io_setup(0x8, &(0x7f00000001c0)=<r4=>0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/disk', 0x1, 0x0)
io_submit(r4, 0x1, &(0x7f0000000400)=[0x0])
io_setup(0x26, &(0x7f0000000240)=<r5=>0x0)
syz_usb_connect(0x3, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0xb3, 0x7a, 0xf0, 0x20, 0xbfd, 0x5, 0xd265, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x4, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x76, 0x5, 0x2, 0xf6, 0x38, 0x78, 0x0, [], [{{0x9, 0x5, 0x4, 0x2, 0x40, 0x8, 0x4, 0xe}}, {{0x9, 0x5, 0x6, 0x10, 0x10, 0xff, 0x8, 0x1}}]}}]}}]}}, 0x0)
r6 = socket(0x10, 0x803, 0x0)
io_submit(r5, 0x1, &(0x7f00000006c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x8, r6, 0x0, 0x0, 0x10000}])
r7 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000080)={0x4})
ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f00000000c0)={0x4})
ioctl$UDMABUF_CREATE(r2, 0x40187542, &(0x7f0000000040)={r1, 0x1, 0x0, 0x10000})

2.966590882s ago: executing program 0 (id=982):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000340)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r2, @ANYBLOB="0000000000004a641c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@newlink={0x44, 0x10, 0x403, 0x70bd25, 0x0, {0x0, 0x0, 0x0, 0x0, 0x400}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0x8, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}]}}}, @IFLA_MASTER={0x8, 0xa, r5}]}, 0x44}, 0x1, 0x0, 0x0, 0x24000804}, 0x8000) (fail_nth: 1)

2.646465879s ago: executing program 3 (id=983):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000080900010073797a300000000020000000120a03000000000000000000030000020c000640000000000000000434000000160a0500000b000000000000010000000c00054000000000000000030900010073797a300000000008000380040003801000010000000000000000000a00000a00000000"], 0x9c}}, 0x0)
r0 = socket(0x1e, 0x5, 0xfffffffc)
syz_io_uring_setup(0x88f, &(0x7f0000000440)={0x0, 0xaee2, 0x0, 0x2, 0xbfdffffc}, &(0x7f0000000000)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = signalfd(0xffffffffffffffff, &(0x7f0000006540), 0x8)
fcntl$lock(r3, 0x26, &(0x7f0000000680)={0x0, 0x2, 0x1ff, 0x7fffffff, 0xffffffffffffffff})
ioctl$sock_SIOCDELDLCI(0xffffffffffffffff, 0x8981, &(0x7f0000000200)={'veth0_to_batadv\x00', 0x8})
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x77, 0x4)
setsockopt$inet_tcp_TCP_MD5SIG(r4, 0x6, 0xe, &(0x7f00000000c0)={@in={{0x2, 0x4e22, @empty}}, 0x0, 0x0, 0x4, 0x0, "de2170420b42866d263a524b8f533db671e3fb462f6e152472578c7e9359d81409d1a02b9c2248e87414c4cfec9913387fd71cf21f357c8ca38ffddab5d147e98ea2b1cdfaf4e9530630c66996c4905b"}, 0xd8)
bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e23, @broadcast}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f0000000000)='yeah\x00', 0x5)
sendto$inet(r4, &(0x7f00000002c0)="17e9479ef013fdc7c6652631ffffffffffffffe6f64f441045aa7b7142d35eaf0a5bacb0117d6acd78505400818770e31e5047f238b13e6eaa50f4591b3b95233115000954a3800597243bb2307400", 0xfffffffffffffd41, 0x800, 0x0, 0xfffffffffffffe75)
syz_io_uring_submit(r1, r2, &(0x7f0000000600)=@IORING_OP_STATX={0x15, 0x60, 0x0, r3, &(0x7f0000000500), &(0x7f0000000240)='./file0\x00', 0x200, 0x400, 0x1})
socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f00000001c0)={0xa, 0x2, 0x16, @empty, 0x6}, 0xffffffffffffff9b)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x20802, 0x0)
rt_sigprocmask(0x0, 0x0, 0x0, 0x0)
r5 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r5)
ptrace$peekuser(0x3, r5, 0x3ff)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f0000000300)=@abs, 0x6e)
socket$nl_audit(0x10, 0x3, 0x9)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
openat$uinput(0xffffffffffffff9c, &(0x7f00000010c0), 0x2, 0x0)

2.552377894s ago: executing program 3 (id=984):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@setlink={0x3b, 0x13, 0x1, 0x0, 0x80, {0x0, 0x0, 0x0, 0x0, 0x200, 0x21a2}, [@IFLA_TARGET_NETNSID={0x8, 0x2e, 0x4}, @IFLA_NET_NS_PID={0x8, 0x13, 0xffffffffffffffff}]}, 0x30}}, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x218, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/freeze_filesystems', 0x20202, 0xa4)
sendfile(r3, r3, 0x0, 0x68)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f00000001c0)='1', &(0x7f0000000200)='PCI:', 0x0)
syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b36"], 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000240), 0xc2882, 0x0)
setsockopt$SO_RDS_TRANSPORT(0xffffffffffffffff, 0x114, 0x8, 0x0, 0x0)
setsockopt$SO_RDS_MSG_RXPATH_LATENCY(0xffffffffffffffff, 0x114, 0xa, 0x0, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x8, 0x0, 0x0)
r4 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x1c0002, 0x0)
write$vga_arbiter(r4, &(0x7f0000000240)=@target={'target ', {'PCI:', '0', ':', '8', ':', '1f', '.', '1'}}, 0x14)
r5 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f00020000000905050200de"], 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0xffffffffffffffff)
syz_usb_disconnect(r5)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000029c0)={0x20, 0x3e, 0x107, 0x0, 0x0, {0x4, 0x7c}, [@nested={0xc, 0x11a, 0x0, 0x1, [@nested={0x6, 0xa, 0x0, 0x1, [@generic="ef07"]}]}]}, 0x20}}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r6 = signalfd4(0xffffffffffffffff, &(0x7f00000000c0)={[0x1]}, 0x8, 0x0)
faccessat2(r6, &(0x7f0000001400)='\x00', 0x0, 0x1100)

1.921600914s ago: executing program 1 (id=985):
syz_usb_connect(0x6, 0x24, &(0x7f0000000040)=ANY=[], 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/fs/cgroup', 0x100, 0x80)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x800000000, 0xf, &(0x7f0000006680))
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000200)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
r2 = socket(0x10, 0x803, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000340), 0x302, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000640)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffff, 0xf}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x4, 0x6}}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001300)=@newtfilter={0xd4, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {0xe, 0x7}, {}, {0x7}}, [@filter_kind_options=@f_u32={{0x8}, {0xa8, 0x2, [@TCA_U32_SEL={0x35, 0x5, {0x7, 0xef, 0x8, 0x8, 0x5, 0x9, 0x7, 0x0, [{0xffd, 0x4, 0x401, 0x4}, {0x8, 0x7, 0x1008, 0x5}, {0xfffffff9, 0x43, 0x7ffd, 0x5}, {0x7fde, 0x40, 0x51, 0x3ff}, {0x5, 0xb, 0x2, 0xec}, {0x6, 0x4, 0x8, 0x8}, {0x8001, 0x0, 0x0, 0x8001}, {0x1, 0x1800000, 0x10001}]}}, @TCA_U32_POLICE={0x10, 0x6, [@TCA_POLICE_PEAKRATE64={0xc, 0x9, 0xfffffffffffffffb}]}]}}]}, 0xd4}, 0x1, 0x0, 0x0, 0x80}, 0x40)
socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0)
syz_usb_connect$uac1(0x0, 0xac, 0x0, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000680), r7)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r7, &(0x7f0000000000)={0x0, 0xa7, &(0x7f0000000640)={&(0x7f0000000580)={0x44, r8, 0x917, 0x0, 0xffffffe4, {}, [@L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x4}, @L2TP_ATTR_IP_DADDR={0x8, 0x19, @private=0x7fffffff}, @L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @multicast2}, @L2TP_ATTR_PROTO_VERSION={0x5}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x2}]}, 0x44}}, 0x4000)
r9 = syz_open_dev$video(&(0x7f0000000b40), 0x7, 0x28000)
preadv(r9, &(0x7f0000001200)=[{&(0x7f0000000c00)=""/113, 0x71}], 0x1, 0x4, 0xb)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)

1.83038813s ago: executing program 0 (id=986):
syz_usb_connect(0x6, 0x24, &(0x7f0000000040)=ANY=[], 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/fs/cgroup', 0x100, 0x80)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x800000000, 0xf, &(0x7f0000006680))
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000200)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
r2 = socket(0x10, 0x803, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000340), 0x302, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000640)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffff, 0xf}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x4, 0x6}}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001300)=@newtfilter={0xd4, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {0xe, 0x7}, {}, {0x7}}, [@filter_kind_options=@f_u32={{0x8}, {0xa8, 0x2, [@TCA_U32_SEL={0x35, 0x5, {0x7, 0xef, 0x8, 0x8, 0x5, 0x9, 0x7, 0x0, [{0xffd, 0x4, 0x401, 0x4}, {0x8, 0x7, 0x1008, 0x5}, {0xfffffff9, 0x43, 0x7ffd, 0x5}, {0x7fde, 0x40, 0x51, 0x3ff}, {0x5, 0xb, 0x2, 0xec}, {0x6, 0x4, 0x8, 0x8}, {0x8001, 0x0, 0x0, 0x8001}, {0x1, 0x1800000, 0x10001}]}}, @TCA_U32_POLICE={0x10, 0x6, [@TCA_POLICE_PEAKRATE64={0xc, 0x9, 0xfffffffffffffffb}]}]}}]}, 0xd4}, 0x1, 0x0, 0x0, 0x80}, 0x40)
socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0)
syz_usb_connect$uac1(0x0, 0xac, 0x0, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000680), r7)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r7, &(0x7f0000000000)={0x0, 0xa7, &(0x7f0000000640)={&(0x7f0000000580)={0x44, r8, 0x917, 0x0, 0xffffffe4, {}, [@L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x4}, @L2TP_ATTR_IP_DADDR={0x8, 0x19, @private=0x7fffffff}, @L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @multicast2}, @L2TP_ATTR_PROTO_VERSION={0x5}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x2}]}, 0x44}}, 0x4000)
syz_open_dev$video(&(0x7f0000000b40), 0x7, 0x28000)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)

1.131232396s ago: executing program 2 (id=987):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
write$tun(r0, &(0x7f0000000ec0)={@val={0x8, 0x800}, @val={0x3, 0x0, 0x0, 0x0, 0x14}, @ipv4=@generic={{0x6, 0x4, 0x1, 0x2b, 0x44, 0x68, 0x0, 0x60, 0x6, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast, {[@noop]}}, "11f3305280f125e6e11a9314b296b53b5d25867c0a8c27b6478984da4eb57d56be4ee0efb45c215a64d718cb"}}, 0x52)

316.836284ms ago: executing program 4 (id=988):
r0 = socket(0x10, 0x803, 0x0)
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000640)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffff, 0xf}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x4, 0x6}}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001300)=@newtfilter={0xd4, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0xe, 0x7}, {}, {0x7}}, [@filter_kind_options=@f_u32={{0x8}, {0xa8, 0x2, [@TCA_U32_SEL={0x35, 0x5, {0x7, 0xef, 0x8, 0x8, 0x5, 0x9, 0x7, 0x0, [{0xffd, 0x4, 0x401, 0x4}, {0x8, 0x7, 0x1008, 0x5}, {0xfffffff9, 0x43, 0x7ffd, 0x5}, {0x7fde, 0x40, 0x51, 0x3ff}, {0x5, 0xb, 0x2, 0xec}, {0x6, 0x4, 0x8, 0x8}, {0x8001, 0x0, 0x0, 0x8001}, {0x1, 0x1800000, 0x10001}]}}, @TCA_U32_POLICE={0x10, 0x6, [@TCA_POLICE_PEAKRATE64={0xc, 0x9, 0xfffffffffffffffb}]}]}}]}, 0xd4}, 0x1, 0x0, 0x0, 0x80}, 0x40)

0s ago: executing program 4 (id=989):
r0 = openat$vnet(0xffffff9c, &(0x7f0000000080), 0x2, 0x0)
write$vhost_msg(r0, &(0x7f0000000240)={0x1, {&(0x7f00000000c0)=""/224, 0xe0, &(0x7f0000000f40)=""/4096, 0x3, 0x3}}, 0x44)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0a0000000100a80cc97bcf8e9c36000000000000434a4bb8a6916468be14aec83e3b400115ed60e3e9d0d91ce663ef1ec7bf9afbd78a4de0c76a8a9a023a2a5669936d9cf54fdb225afe484ea654868ce1245bde14c1b2a46bea14c4accdcf7ea9"], 0x50)
r2 = syz_open_procfs(0x0, &(0x7f0000000040)='maps\x00')
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x282, 0x0)
mmap(&(0x7f0000463000/0x3000)=nil, 0x3000, 0x2000007, 0x38011, r3, 0x3000)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0xc0686611, &(0x7f0000000180)={0x67, 0x0, 0x3f, 0x2000, &(0x7f0000ffe000/0x2000)=nil})
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r4 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
write$tun(r1, &(0x7f0000000ec0)={@void, @val={0x3, 0x0, 0x4, 0x0, 0x14}, @ipv4=@generic={{0x6, 0x4, 0x1, 0x2b, 0x44, 0x68, 0x0, 0x60, 0x6, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast, {[@noop]}}, "11f3305280f125e6e11a9314b296b53b5d25867c0a8c27b6478984da4eb57d56be4ee0efb45c215a64d718cb"}}, 0x4e)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'vlan0\x00'})
ioctl$VHOST_RESET_OWNER(r0, 0xaf02, 0x0)
faccessat(r2, &(0x7f00000002c0)='./file0\x00', 0x48)

kernel console output (not intermixed with test programs):

 ip=0xf7fe6539 code=0x7ffc0000
[  319.329311][   T24] usb 3-1: config 0 descriptor??
[  319.367707][   T24] snd_usb_toneport 3-1:0.0: Line 6 TonePort UX2 found
[  319.595289][   T24] snd_usb_toneport 3-1:0.0: cannot get proper max packet size
[  319.603305][   T24] snd_usb_toneport 3-1:0.0: Line 6 TonePort UX2 now disconnected
[  319.606206][   T30] audit: type=1326 audit(1757560929.624:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8702 comm="syz.1.741" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe6539 code=0x7ffc0000
[  319.634221][   T24] snd_usb_toneport 3-1:0.0: probe with driver snd_usb_toneport failed with error -22
[  320.355020][ T8742] blktrace: Concurrent blktraces are not allowed on sg0
[  320.692691][ T5950] usb 2-1: USB disconnect, device number 22
[  320.784290][ T8747] FAULT_INJECTION: forcing a failure.
[  320.784290][ T8747] name failslab, interval 1, probability 0, space 0, times 0
[  320.822014][ T8747] CPU: 0 UID: 0 PID: 8747 Comm: syz.3.751 Not tainted syzkaller #0 PREEMPT(full) 
[  320.822037][ T8747] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  320.822046][ T8747] Call Trace:
[  320.822052][ T8747]  <TASK>
[  320.822059][ T8747]  dump_stack_lvl+0x189/0x250
[  320.822083][ T8747]  ? __pfx____ratelimit+0x10/0x10
[  320.822100][ T8747]  ? __pfx_dump_stack_lvl+0x10/0x10
[  320.822116][ T8747]  ? __pfx__printk+0x10/0x10
[  320.822140][ T8747]  ? __pfx___might_resched+0x10/0x10
[  320.822155][ T8747]  ? fs_reclaim_acquire+0x7d/0x100
[  320.822183][ T8747]  should_fail_ex+0x414/0x560
[  320.822210][ T8747]  should_failslab+0xa8/0x100
[  320.822233][ T8747]  __kmalloc_noprof+0xcb/0x4f0
[  320.822253][ T8747]  ? tomoyo_encode+0x28b/0x550
[  320.822270][ T8747]  tomoyo_encode+0x28b/0x550
[  320.822291][ T8747]  tomoyo_realpath_from_path+0x58d/0x5d0
[  320.822318][ T8747]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  320.822339][ T8747]  tomoyo_path_number_perm+0x1e8/0x5a0
[  320.822364][ T8747]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  320.822404][ T8747]  ? __lock_acquire+0xab9/0xd20
[  320.822442][ T8747]  ? __fget_files+0x2a/0x420
[  320.822461][ T8747]  ? __fget_files+0x3a0/0x420
[  320.822474][ T8747]  ? __fget_files+0x2a/0x420
[  320.822493][ T8747]  security_file_ioctl_compat+0xcb/0x2d0
[  320.822515][ T8747]  __ia32_compat_sys_ioctl+0x128/0x840
[  320.822536][ T8747]  ? __pfx___ia32_compat_sys_ioctl+0x10/0x10
[  320.822555][ T8747]  ? __fget_files+0x3a0/0x420
[  320.822574][ T8747]  ? fput+0xa0/0xd0
[  320.822589][ T8747]  ? ksys_write+0x22a/0x250
[  320.822618][ T8747]  ? lockdep_hardirqs_on+0x9c/0x150
[  320.822636][ T8747]  __do_fast_syscall_32+0xb6/0x2b0
[  320.822652][ T8747]  ? lockdep_hardirqs_on+0x9c/0x150
[  320.822672][ T8747]  do_fast_syscall_32+0x34/0x80
[  320.822689][ T8747]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  320.822706][ T8747] RIP: 0023:0xf703e539
[  320.822720][ T8747] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  320.822733][ T8747] RSP: 002b:00000000f542e55c EFLAGS: 00000206 ORIG_RAX: 0000000000000036
[  320.822749][ T8747] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0845657
[  320.822761][ T8747] RDX: 0000000080000200 RSI: 0000000000000000 RDI: 0000000000000000
[  320.822782][ T8747] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  320.822790][ T8747] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  320.822799][ T8747] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  320.822824][ T8747]  </TASK>
[  320.822844][ T8747] ERROR: Out of memory at tomoyo_realpath_from_path.
[  321.775304][ T8769] netlink: 'syz.3.757': attribute type 12 has an invalid length.
[  321.928707][ T5955] usb 3-1: USB disconnect, device number 29
[  322.148189][ T8776] input: syz1 as /devices/virtual/input/input31
[  323.124717][ T8792] vivid-000: =================  START STATUS  =================
[  323.132662][ T8792] vivid-000: RDS Tx I/O Mode: Controls
[  323.138416][ T8792] vivid-000: RDS Program ID: 32904
[  323.166252][ T8792] vivid-000: RDS Program Type: 3
[  323.171430][ T8792] vivid-000: RDS PS Name: VIVID-TX
[  323.253001][ T5955] usb 1-1: new high-speed USB device number 28 using dummy_hcd
[  323.260964][ T8792] vivid-000: RDS Radio Text: This is a VIVID default Radio Text template text, change at will
[  323.371330][ T8792] vivid-000: RDS Stereo: true
[  323.465236][   T30] audit: type=1326 audit(1757560933.824:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8791 comm="syz.3.763" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e539 code=0x7ffc0000
[  323.542559][ T8792] vivid-000: RDS Artificial Head: false
[  323.548481][ T8792] vivid-000: RDS Compressed: false
[  323.553889][ T8792] vivid-000: RDS Dynamic PTY: false
[  323.560149][ T8792] vivid-000: RDS Traffic Announcement: false
[  323.567052][ T8792] vivid-000: RDS Traffic Program: true
[  323.572839][ T8792] vivid-000: RDS Music: true
[  323.581767][ T8792] vivid-000: ==================  END STATUS  ==================
[  323.590753][   T30] audit: type=1326 audit(1757560933.824:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8791 comm="syz.3.763" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e539 code=0x7ffc0000
[  323.596317][ T5955] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  323.638159][   T30] audit: type=1326 audit(1757560933.824:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8791 comm="syz.3.763" exe="/root/syz-executor" sig=0 arch=40000003 syscall=77 compat=1 ip=0xf703e539 code=0x7ffc0000
[  323.669714][ T8802] input: syz1 as /devices/virtual/input/input32
[  324.006086][ T5955] usb 1-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  324.196004][   T30] audit: type=1326 audit(1757560933.824:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8791 comm="syz.3.763" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e539 code=0x7ffc0000
[  324.225345][ T5955] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  324.234947][ T5955] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  324.243388][   T30] audit: type=1326 audit(1757560933.824:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8791 comm="syz.3.763" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e539 code=0x7ffc0000
[  324.267559][   T30] audit: type=1326 audit(1757560933.834:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8791 comm="syz.3.763" exe="/root/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf703e539 code=0x7ffc0000
[  324.307734][ T5955] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[  324.317010][ T5955] usb 1-1: invalid MIDI out EP 0
[  324.336129][   T30] audit: type=1326 audit(1757560933.834:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8791 comm="syz.3.763" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e539 code=0x7ffc0000
[  324.450819][   T30] audit: type=1326 audit(1757560933.834:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8791 comm="syz.3.763" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e539 code=0x7ffc0000
[  324.501949][ T7950] udevd[7950]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  324.529485][ T8789] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  324.538650][ T5935] usb 5-1: new full-speed USB device number 29 using dummy_hcd
[  324.562800][ T8789] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  324.620969][ T5955] snd-usb-audio 1-1:27.0: probe with driver snd-usb-audio failed with error -22
[  324.810266][ T5935] usb 5-1: device descriptor read/64, error -71
[  324.835212][   T30] audit: type=1326 audit(1757560933.834:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8791 comm="syz.3.763" exe="/root/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf703e539 code=0x7ffc0000
[  324.900946][   T30] audit: type=1326 audit(1757560933.834:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8791 comm="syz.3.763" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e539 code=0x7ffc0000
[  324.975437][   T30] audit: type=1326 audit(1757560933.834:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8791 comm="syz.3.763" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e539 code=0x7ffc0000
[  325.134634][ T8817] FAULT_INJECTION: forcing a failure.
[  325.134634][ T8817] name failslab, interval 1, probability 0, space 0, times 0
[  325.158956][ T8817] CPU: 1 UID: 0 PID: 8817 Comm: syz.3.771 Not tainted syzkaller #0 PREEMPT(full) 
[  325.158973][ T8817] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  325.158980][ T8817] Call Trace:
[  325.158984][ T8817]  <TASK>
[  325.158989][ T8817]  dump_stack_lvl+0x189/0x250
[  325.159005][ T8817]  ? __pfx____ratelimit+0x10/0x10
[  325.159016][ T8817]  ? __pfx_dump_stack_lvl+0x10/0x10
[  325.159027][ T8817]  ? __pfx__printk+0x10/0x10
[  325.159042][ T8817]  ? __pfx___might_resched+0x10/0x10
[  325.159051][ T8817]  ? fs_reclaim_acquire+0x7d/0x100
[  325.159069][ T8817]  should_fail_ex+0x414/0x560
[  325.159086][ T8817]  should_failslab+0xa8/0x100
[  325.159101][ T8817]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  325.159115][ T8817]  ? __alloc_skb+0x112/0x2d0
[  325.159128][ T8817]  __alloc_skb+0x112/0x2d0
[  325.159140][ T8817]  alloc_skb_with_frags+0xca/0x890
[  325.159155][ T8817]  ? __lock_acquire+0xab9/0xd20
[  325.159171][ T8817]  sock_alloc_send_pskb+0x857/0x990
[  325.159193][ T8817]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  325.159208][ T8817]  ? dev_get_by_index+0x22/0x2e0
[  325.159222][ T8817]  ? dev_get_by_index+0x22/0x2e0
[  325.159238][ T8817]  packet_sendmsg+0x33a0/0x5080
[  325.159259][ T8817]  ? aa_compat_map_xmatch+0x498/0x9d0
[  325.159285][ T8817]  ? __pfx___might_resched+0x10/0x10
[  325.159293][ T8817]  ? __lock_acquire+0xab9/0xd20
[  325.159313][ T8817]  ? __pfx_packet_sendmsg+0x10/0x10
[  325.159325][ T8817]  ? aa_sk_perm+0x81e/0x950
[  325.159342][ T8817]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x300
[  325.159356][ T8817]  ? aa_sock_msg_perm+0xf1/0x1d0
[  325.159366][ T8817]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  325.159376][ T8817]  ? __pfx_packet_sendmsg+0x10/0x10
[  325.159389][ T8817]  __sock_sendmsg+0x21c/0x270
[  325.159405][ T8817]  __sys_sendto+0x3bd/0x520
[  325.159417][ T8817]  ? __pfx___sys_sendto+0x10/0x10
[  325.159427][ T8817]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  325.159444][ T8817]  ? __fget_files+0x3a0/0x420
[  325.159458][ T8817]  ? ksys_write+0x22a/0x250
[  325.159475][ T8817]  __ia32_sys_sendto+0xdd/0x100
[  325.159488][ T8817]  __do_fast_syscall_32+0xb6/0x2b0
[  325.159499][ T8817]  ? lockdep_hardirqs_on+0x9c/0x150
[  325.159518][ T8817]  do_fast_syscall_32+0x34/0x80
[  325.159529][ T8817]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  325.159541][ T8817] RIP: 0023:0xf703e539
[  325.159550][ T8817] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  325.159559][ T8817] RSP: 002b:00000000f542e55c EFLAGS: 00000206 ORIG_RAX: 0000000000000171
[  325.159569][ T8817] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000000000
[  325.159576][ T8817] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000800001c0
[  325.159581][ T8817] RBP: 0000000000000014 R08: 0000000000000000 R09: 0000000000000000
[  325.159586][ T8817] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  325.159592][ T8817] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  325.159605][ T8817]  </TASK>
[  325.165746][ T8816] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  325.203937][ T5935] usb 5-1: new full-speed USB device number 30 using dummy_hcd
[  325.446217][   T30] audit: type=1326 audit(1757560933.834:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8791 comm="syz.3.763" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf703e539 code=0x7ffc0000
[  325.504220][   T30] audit: type=1326 audit(1757560933.834:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8791 comm="syz.3.763" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e539 code=0x7ffc0000
[  325.532208][   T30] audit: type=1326 audit(1757560933.834:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8791 comm="syz.3.763" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e539 code=0x7ffc0000
[  325.558416][   T30] audit: type=1326 audit(1757560933.834:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8791 comm="syz.3.763" exe="/root/syz-executor" sig=0 arch=40000003 syscall=430 compat=1 ip=0xf703e539 code=0x7ffc0000
[  325.586536][   T30] audit: type=1326 audit(1757560933.834:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8791 comm="syz.3.763" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e539 code=0x7ffc0000
[  325.600872][ T5935] usb 5-1: device descriptor read/64, error -71
[  325.642050][ T8822] blktrace: Concurrent blktraces are not allowed on sg0
[  326.017174][ T5935] usb usb5-port1: attempt power cycle
[  326.566165][ T5935] usb 5-1: new full-speed USB device number 31 using dummy_hcd
[  326.589638][ T5935] usb 5-1: device descriptor read/8, error -71
[  327.506094][ T5950] usb 3-1: new high-speed USB device number 30 using dummy_hcd
[  327.534940][ T5954] usb 1-1: USB disconnect, device number 28
[  327.579275][ T5935] usb 5-1: new full-speed USB device number 32 using dummy_hcd
[  327.583013][ T8839] input: syz1 as /devices/virtual/input/input33
[  327.676187][ T5950] usb 3-1: Using ep0 maxpacket: 8
[  327.689836][ T5950] usb 3-1: config 172 has an invalid interface number: 154 but max is 0
[  327.717448][ T5950] usb 3-1: config 172 has no interface number 0
[  327.760918][ T5950] usb 3-1: config 172 interface 154 has no altsetting 0
[  327.790568][ T5950] usb 3-1: New USB device found, idVendor=046d, idProduct=0850, bcdDevice=f1.93
[  327.806373][ T5935] usb 5-1: device not accepting address 32, error -71
[  327.809917][ T5950] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  327.813574][ T5935] usb usb5-port1: unable to enumerate USB device
[  327.863658][ T5950] usb 3-1: Product: syz
[  327.883934][ T5950] usb 3-1: Manufacturer: syz
[  327.901137][ T5950] usb 3-1: SerialNumber: syz
[  328.057411][ T8848] FAULT_INJECTION: forcing a failure.
[  328.057411][ T8848] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  328.072751][ T8848] CPU: 1 UID: 0 PID: 8848 Comm: syz.0.780 Not tainted syzkaller #0 PREEMPT(full) 
[  328.072774][ T8848] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  328.072784][ T8848] Call Trace:
[  328.072791][ T8848]  <TASK>
[  328.072798][ T8848]  dump_stack_lvl+0x189/0x250
[  328.072821][ T8848]  ? __pfx____ratelimit+0x10/0x10
[  328.072844][ T8848]  ? __pfx_dump_stack_lvl+0x10/0x10
[  328.072863][ T8848]  ? __pfx__printk+0x10/0x10
[  328.072897][ T8848]  should_fail_ex+0x414/0x560
[  328.072924][ T8848]  _copy_to_user+0x31/0xb0
[  328.072971][ T8848]  simple_read_from_buffer+0xe1/0x170
[  328.072997][ T8848]  proc_fail_nth_read+0x1b3/0x220
[  328.073018][ T8848]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  328.073037][ T8848]  ? rw_verify_area+0x2a6/0x4d0
[  328.073054][ T8848]  ? __lock_acquire+0xab9/0xd20
[  328.073075][ T8848]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  328.073095][ T8848]  vfs_read+0x200/0xa30
[  328.073115][ T8848]  ? fdget_pos+0x247/0x320
[  328.073135][ T8848]  ? __pfx___mutex_lock+0x10/0x10
[  328.073153][ T8848]  ? __pfx_vfs_read+0x10/0x10
[  328.073176][ T8848]  ? __fget_files+0x2a/0x420
[  328.073195][ T8848]  ? __fget_files+0x3a0/0x420
[  328.073208][ T8848]  ? __fget_files+0x2a/0x420
[  328.073231][ T8848]  ksys_read+0x145/0x250
[  328.073255][ T8848]  ? __pfx_ksys_read+0x10/0x10
[  328.073279][ T8848]  ? lockdep_hardirqs_on+0x9c/0x150
[  328.073301][ T8848]  __do_fast_syscall_32+0xb6/0x2b0
[  328.073320][ T8848]  ? lockdep_hardirqs_on+0x9c/0x150
[  328.073342][ T8848]  do_fast_syscall_32+0x34/0x80
[  328.073360][ T8848]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  328.073381][ T8848] RIP: 0023:0xf705e539
[  328.073396][ T8848] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  328.073411][ T8848] RSP: 002b:00000000f544e590 EFLAGS: 00000206 ORIG_RAX: 0000000000000003
[  328.073430][ T8848] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000f544e620
[  328.073442][ T8848] RDX: 000000000000000f RSI: 00000000f73e4ff4 RDI: 0000000000000000
[  328.073453][ T8848] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  328.073463][ T8848] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  328.073473][ T8848] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  328.073501][ T8848]  </TASK>
[  329.322341][   T24] usb 4-1: new high-speed USB device number 33 using dummy_hcd
[  330.287806][   T24] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  330.300675][   T24] usb 4-1: config 27 interface 0 altsetting 0 has a duplicate endpoint with address 0xB, skipping
[  330.311491][   T24] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  330.347265][   T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  330.428501][   T24] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[  330.456912][   T24] usb 4-1: invalid MIDI out EP 0
[  330.733925][ T8873] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  330.745167][ T8873] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  330.801975][ T5950] gspca_main: STV06xx-2.14.0 probing 046d:0850
[  330.997265][   T30] kauditd_printk_skb: 25 callbacks suppressed
[  330.997281][   T30] audit: type=1326 audit(1757560941.404:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8865 comm="syz.3.787" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e539 code=0x7ffc0000
[  331.109708][   T24] snd-usb-audio 4-1:27.0: probe with driver snd-usb-audio failed with error -22
[  331.121545][   T30] audit: type=1326 audit(1757560941.404:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8865 comm="syz.3.787" exe="/root/syz-executor" sig=0 arch=40000003 syscall=327 compat=1 ip=0xf703e539 code=0x7ffc0000
[  331.138746][ T5950] usb 3-1: unknown interface protocol 0xfa, assuming v1
[  331.204770][   T30] audit: type=1326 audit(1757560941.404:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8865 comm="syz.3.787" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e539 code=0x7ffc0000
[  331.226862][ T5950] usb 3-1: cannot find UAC_HEADER
[  331.232784][   T30] audit: type=1326 audit(1757560941.404:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8865 comm="syz.3.787" exe="/root/syz-executor" sig=0 arch=40000003 syscall=439 compat=1 ip=0xf703e539 code=0x7ffc0000
[  331.320755][ T8890] netlink: 'syz.1.791': attribute type 21 has an invalid length.
[  331.423313][ T8890] block nbd0: Attempted send on invalid socket
[  331.429712][ T8890] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2
[  331.452667][   T30] audit: type=1326 audit(1757560941.404:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8865 comm="syz.3.787" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e539 code=0x7ffc0000
[  331.623701][ T5950] snd-usb-audio 3-1:172.154: probe with driver snd-usb-audio failed with error -22
[  331.735467][ T5950] usb 3-1: USB disconnect, device number 30
[  331.969515][   T30] audit: type=1326 audit(1757560941.404:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8865 comm="syz.3.787" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e539 code=0x7ffc0000
[  332.085711][ T8009] udevd[8009]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:172.154/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  332.616676][ T5928] usb 4-1: USB disconnect, device number 33
[  332.993984][ T8904] FAULT_INJECTION: forcing a failure.
[  332.993984][ T8904] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  333.044233][ T8904] CPU: 0 UID: 0 PID: 8904 Comm: syz.1.794 Not tainted syzkaller #0 PREEMPT(full) 
[  333.044257][ T8904] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  333.044268][ T8904] Call Trace:
[  333.044275][ T8904]  <TASK>
[  333.044282][ T8904]  dump_stack_lvl+0x189/0x250
[  333.044306][ T8904]  ? __pfx____ratelimit+0x10/0x10
[  333.044324][ T8904]  ? __pfx_dump_stack_lvl+0x10/0x10
[  333.044343][ T8904]  ? __pfx__printk+0x10/0x10
[  333.044364][ T8904]  ? __might_fault+0xb0/0x130
[  333.044394][ T8904]  should_fail_ex+0x414/0x560
[  333.044423][ T8904]  _copy_from_user+0x2d/0xb0
[  333.044444][ T8904]  get_compat_msghdr+0xad/0x4a0
[  333.044469][ T8904]  ? __pfx_get_compat_msghdr+0x10/0x10
[  333.044500][ T8904]  ___sys_sendmsg+0x193/0x2a0
[  333.044531][ T8904]  ? __pfx____sys_sendmsg+0x10/0x10
[  333.044585][ T8904]  ? __fget_files+0x2a/0x420
[  333.044600][ T8904]  ? __fget_files+0x3a0/0x420
[  333.044624][ T8904]  __sys_sendmsg+0x164/0x220
[  333.044647][ T8904]  ? __pfx___sys_sendmsg+0x10/0x10
[  333.044680][ T8904]  ? lockdep_hardirqs_on+0x9c/0x150
[  333.044701][ T8904]  __do_fast_syscall_32+0xb6/0x2b0
[  333.044720][ T8904]  ? lockdep_hardirqs_on+0x9c/0x150
[  333.044740][ T8904]  do_fast_syscall_32+0x34/0x80
[  333.044758][ T8904]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  333.044778][ T8904] RIP: 0023:0xf7fe6539
[  333.044793][ T8904] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  333.044809][ T8904] RSP: 002b:00000000f54e655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  333.044826][ T8904] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000280
[  333.044836][ T8904] RDX: 0000000020000010 RSI: 0000000000000000 RDI: 0000000000000000
[  333.044846][ T8904] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  333.044855][ T8904] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  333.044866][ T8904] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  333.044891][ T8904]  </TASK>
[  334.588199][ T5935] usb 1-1: new high-speed USB device number 29 using dummy_hcd
[  334.822592][ T5935] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  334.835474][ T5935] usb 1-1: config 27 interface 0 altsetting 0 has a duplicate endpoint with address 0xB, skipping
[  334.886515][ T5935] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  334.948355][ T5935] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  335.206909][ T5935] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[  335.236906][ T5935] usb 1-1: invalid MIDI out EP 0
[  335.519156][ T8934] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  335.529420][ T8934] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  335.556286][   T43] usb 4-1: new high-speed USB device number 34 using dummy_hcd
[  335.628731][ T5935] snd-usb-audio 1-1:27.0: probe with driver snd-usb-audio failed with error -22
[  335.703985][ T8720] udevd[8720]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  335.741406][   T43] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  335.774072][   T30] audit: type=1326 audit(1757560946.194:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8930 comm="syz.0.803" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e539 code=0x7ffc0000
[  335.811186][   T43] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  335.826230][   T43] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  335.835229][   T30] audit: type=1326 audit(1757560946.194:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8930 comm="syz.0.803" exe="/root/syz-executor" sig=0 arch=40000003 syscall=327 compat=1 ip=0xf705e539 code=0x7ffc0000
[  335.860910][   T43] usb 4-1: SerialNumber: syz
[  335.870764][   T30] audit: type=1326 audit(1757560946.194:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8930 comm="syz.0.803" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e539 code=0x7ffc0000
[  335.894470][   T30] audit: type=1326 audit(1757560946.194:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8930 comm="syz.0.803" exe="/root/syz-executor" sig=0 arch=40000003 syscall=439 compat=1 ip=0xf705e539 code=0x7ffc0000
[  335.901217][   T43] usb 4-1: bad CDC descriptors
[  336.008313][ T8965] netlink: 40 bytes leftover after parsing attributes in process `syz.2.815'.
[  336.025841][ T8964] FAULT_INJECTION: forcing a failure.
[  336.025841][ T8964] name failslab, interval 1, probability 0, space 0, times 0
[  336.065627][ T8964] CPU: 1 UID: 0 PID: 8964 Comm: syz.1.814 Not tainted syzkaller #0 PREEMPT(full) 
[  336.065651][ T8964] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  336.065661][ T8964] Call Trace:
[  336.065669][ T8964]  <TASK>
[  336.065677][ T8964]  dump_stack_lvl+0x189/0x250
[  336.065702][ T8964]  ? __pfx____ratelimit+0x10/0x10
[  336.065720][ T8964]  ? __pfx_dump_stack_lvl+0x10/0x10
[  336.065739][ T8964]  ? __pfx__printk+0x10/0x10
[  336.065770][ T8964]  ? __pfx___might_resched+0x10/0x10
[  336.065789][ T8964]  should_fail_ex+0x414/0x560
[  336.065815][ T8964]  should_failslab+0xa8/0x100
[  336.065840][ T8964]  __kmalloc_cache_noprof+0x70/0x3d0
[  336.065862][ T8964]  ? binder_get_thread+0x1c8/0x6d0
[  336.065886][ T8964]  binder_get_thread+0x1c8/0x6d0
[  336.065904][ T8964]  ? __fget_files+0x3a0/0x420
[  336.065923][ T8964]  binder_poll+0x46/0x380
[  336.065941][ T8964]  ? do_select+0x104a/0x17e0
[  336.065964][ T8964]  ? __pfx_binder_poll+0x10/0x10
[  336.065983][ T8964]  do_select+0x105b/0x17e0
[  336.066010][ T8964]  ? do_select+0x8a1/0x17e0
[  336.066049][ T8964]  ? __pfx_do_select+0x10/0x10
[  336.066077][ T8964]  ? __pfx___pollwait+0x10/0x10
[  336.066102][ T8964]  ? __pfx_pollwake+0x10/0x10
[  336.066127][ T8964]  ? __pfx_pollwake+0x10/0x10
[  336.066151][ T8964]  ? __pfx_pollwake+0x10/0x10
[  336.066176][ T8964]  ? __pfx_pollwake+0x10/0x10
[  336.066250][ T8964]  compat_core_sys_select+0x69c/0x970
[  336.066273][ T8964]  ? get_pid_task+0x20/0x1f0
[  336.066307][ T8964]  ? __pfx_compat_core_sys_select+0x10/0x10
[  336.066328][ T8964]  ? rcu_read_lock_any_held+0xb3/0x120
[  336.066369][ T8964]  ? __pfx_set_compat_user_sigmask+0x10/0x10
[  336.066392][ T8964]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  336.066409][ T8964]  ? __pfx_vfs_write+0x10/0x10
[  336.066435][ T8964]  do_compat_pselect+0x269/0x2d0
[  336.066458][ T8964]  ? __fget_files+0x3a0/0x420
[  336.066477][ T8964]  ? __pfx_do_compat_pselect+0x10/0x10
[  336.066501][ T8964]  ? fput+0xa0/0xd0
[  336.066518][ T8964]  ? ksys_write+0x22a/0x250
[  336.066545][ T8964]  __ia32_compat_sys_pselect6_time32+0x149/0x190
[  336.066571][ T8964]  ? lockdep_hardirqs_on+0x9c/0x150
[  336.066592][ T8964]  __do_fast_syscall_32+0xb6/0x2b0
[  336.066611][ T8964]  ? lockdep_hardirqs_on+0x9c/0x150
[  336.066632][ T8964]  do_fast_syscall_32+0x34/0x80
[  336.066650][ T8964]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  336.066670][ T8964] RIP: 0023:0xf7fe6539
[  336.066685][ T8964] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  336.066700][ T8964] RSP: 002b:00000000f54e655c EFLAGS: 00000206 ORIG_RAX: 0000000000000134
[  336.066718][ T8964] RAX: ffffffffffffffda RBX: 0000000000000040 RCX: 00000000800001c0
[  336.066729][ T8964] RDX: 0000000000000000 RSI: 00000000800002c0 RDI: 0000000000000000
[  336.066740][ T8964] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  336.066750][ T8964] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  336.066759][ T8964] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  336.066786][ T8964]  </TASK>
[  336.372204][ T8965] bridge1: trying to set multicast startup query interval above maximum, setting to 8640000 (86400000ms)
[  336.385492][ T8965] bridge1: entered promiscuous mode
[  336.414032][   T43] usb 4-1: USB disconnect, device number 34
[  336.517082][ T8969] netlink: 'syz.2.816': attribute type 17 has an invalid length.
[  336.525048][ T8969] netlink: 148 bytes leftover after parsing attributes in process `syz.2.816'.
[  336.821455][ T8979] netlink: 4 bytes leftover after parsing attributes in process `syz.4.819'.
[  337.468881][   T43] usb 1-1: USB disconnect, device number 29
[  338.490283][ T5935] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[  338.584258][ T8998] IPv6: NLM_F_CREATE should be specified when creating new route
[  338.680733][ T8992] netlink: 4 bytes leftover after parsing attributes in process `syz.2.821'.
[  338.938135][ T5935] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  338.948932][ T5935] usb 2-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  338.960115][ T5935] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  339.004259][ T5935] usb 2-1: config 0 descriptor??
[  339.051173][ T5935] pwc: Askey VC010 type 2 USB webcam detected.
[  339.450351][ T5935] pwc: recv_control_msg error -32 req 02 val 2b00
[  339.458525][ T5935] pwc: recv_control_msg error -32 req 02 val 2700
[  339.466459][ T5935] pwc: recv_control_msg error -32 req 02 val 2c00
[  339.473740][ T5935] pwc: recv_control_msg error -32 req 04 val 1000
[  339.482897][ T5935] pwc: recv_control_msg error -32 req 04 val 1300
[  339.490891][ T5935] pwc: recv_control_msg error -32 req 04 val 1400
[  339.512913][ T5935] pwc: recv_control_msg error -32 req 02 val 2000
[  339.554022][ T5935] pwc: recv_control_msg error -32 req 02 val 2100
[  339.587488][ T5935] pwc: recv_control_msg error -32 req 04 val 1500
[  339.595088][ T5935] pwc: recv_control_msg error -32 req 02 val 2500
[  339.614209][ T9011] syz_tun: entered allmulticast mode
[  339.740804][ T5935] pwc: recv_control_msg error -32 req 02 val 2400
[  339.756996][ T5935] pwc: recv_control_msg error -32 req 02 val 2600
[  339.822270][ T5935] pwc: recv_control_msg error -32 req 02 val 2900
[  339.853967][ T5935] pwc: recv_control_msg error -32 req 02 val 2800
[  339.976115][   T24] usb 1-1: new high-speed USB device number 30 using dummy_hcd
[  340.073252][ T5935] pwc: recv_control_msg error -71 req 04 val 1200
[  340.103527][ T5935] pwc: Registered as video103.
[  340.119013][ T5935] input: PWC snapshot button as /devices/platform/dummy_hcd.1/usb2/2-1/input/input35
[  340.166572][ T5935] usb 2-1: USB disconnect, device number 23
[  340.186331][   T24] usb 1-1: Using ep0 maxpacket: 16
[  340.217415][   T24] usb 1-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  340.254780][   T24] usb 1-1: config 0 interface 0 has no altsetting 0
[  340.285200][   T24] usb 1-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[  340.306640][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  340.332523][   T24] usb 1-1: config 0 descriptor??
[  340.687052][ T5950] usb 3-1: new high-speed USB device number 31 using dummy_hcd
[  340.726610][   T43] usb 5-1: new low-speed USB device number 33 using dummy_hcd
[  340.846355][ T5950] usb 3-1: Using ep0 maxpacket: 32
[  340.979024][ T9037] netlink: 196 bytes leftover after parsing attributes in process `syz.0.827'.
[  341.151147][ T5935] usb 4-1: new high-speed USB device number 35 using dummy_hcd
[  341.177201][ T9037] netlink: 'syz.0.827': attribute type 8 has an invalid length.
[  341.208404][   T43] usb 5-1: unable to get BOS descriptor or descriptor too short
[  341.237534][ T5950] usb 3-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  341.291436][   T43] usb 5-1: config 9 has an invalid interface number: 198 but max is 0
[  341.316038][ T5950] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  341.324105][ T5935] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  341.351173][ T5935] usb 4-1: config 27 interface 0 altsetting 0 has a duplicate endpoint with address 0xB, skipping
[  341.379207][   T43] usb 5-1: config 9 has no interface number 0
[  341.389145][   T43] usb 5-1: config 9 interface 198 has no altsetting 0
[  341.391324][ T5935] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  341.407646][ T5950] usb 3-1: config 0 descriptor??
[  341.415268][   T43] usb 5-1: string descriptor 0 read error: -22
[  341.438095][   T43] usb 5-1: New USB device found, idVendor=15f4, idProduct=0015, bcdDevice=6f.2b
[  341.472759][   T43] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  341.499144][ T5935] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  341.504190][   T43] dvb-usb: found a 'Hanftek UMT-010 DVB-T USB2.0' in warm state.
[  341.550908][   T43] dvb-usb: bulk message failed: -22 (3/0)
[  341.649047][ T5950] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  341.658574][   T43] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  341.673932][   T43] dvbdev: DVB: registering new adapter (Hanftek UMT-010 DVB-T USB2.0)
[  341.693343][ T5935] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[  341.693516][ T5950] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  341.727029][ T5935] usb 4-1: invalid MIDI out EP 0
[  341.734140][ T9025] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  341.757961][   T43] usb 5-1: media controller created
[  341.781213][ T5950] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  341.825069][ T9025] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  341.849747][ T9023] FAULT_INJECTION: forcing a failure.
[  341.849747][ T9023] name failslab, interval 1, probability 0, space 0, times 0
[  341.874061][ T5950] usb 3-1: media controller created
[  341.910539][ T9023] CPU: 0 UID: 0 PID: 9023 Comm: syz.2.830 Not tainted syzkaller #0 PREEMPT(full) 
[  341.910564][ T9023] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  341.910575][ T9023] Call Trace:
[  341.910582][ T9023]  <TASK>
[  341.910589][ T9023]  dump_stack_lvl+0x189/0x250
[  341.910613][ T9023]  ? __pfx____ratelimit+0x10/0x10
[  341.910632][ T9023]  ? __pfx_dump_stack_lvl+0x10/0x10
[  341.910650][ T9023]  ? __pfx__printk+0x10/0x10
[  341.910678][ T9023]  ? __pfx___might_resched+0x10/0x10
[  341.910689][ T9023]  ? fs_reclaim_acquire+0x7d/0x100
[  341.910707][ T9023]  should_fail_ex+0x414/0x560
[  341.910724][ T9023]  should_failslab+0xa8/0x100
[  341.910742][ T9023]  __kmalloc_noprof+0xcb/0x4f0
[  341.910761][ T9023]  ? kfree+0x4d/0x440
[  341.910778][ T9023]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  341.910802][ T9023]  tomoyo_realpath_from_path+0xe3/0x5d0
[  341.910821][ T9023]  ? tomoyo_domain+0xd9/0x130
[  341.910837][ T9023]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  341.910851][ T9023]  tomoyo_path_number_perm+0x1e8/0x5a0
[  341.910866][ T9023]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  341.910890][ T9023]  ? __lock_acquire+0xab9/0xd20
[  341.910932][ T9023]  ? __fget_files+0x2a/0x420
[  341.910952][ T9023]  ? __fget_files+0x3a0/0x420
[  341.910965][ T9023]  ? __fget_files+0x2a/0x420
[  341.910979][ T9023]  security_file_ioctl_compat+0xcb/0x2d0
[  341.911000][ T9023]  __ia32_compat_sys_ioctl+0x128/0x840
[  341.911023][ T9023]  ? __pfx___ia32_compat_sys_ioctl+0x10/0x10
[  341.911044][ T9023]  ? __fget_files+0x3a0/0x420
[  341.911064][ T9023]  ? fput+0xa0/0xd0
[  341.911081][ T9023]  ? ksys_write+0x22a/0x250
[  341.911111][ T9023]  ? lockdep_hardirqs_on+0x9c/0x150
[  341.911132][ T9023]  __do_fast_syscall_32+0xb6/0x2b0
[  341.911152][ T9023]  ? lockdep_hardirqs_on+0x9c/0x150
[  341.911173][ T9023]  do_fast_syscall_32+0x34/0x80
[  341.911191][ T9023]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  341.911210][ T9023] RIP: 0023:0xf70ce539
[  341.911225][ T9023] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  341.911239][ T9023] RSP: 002b:00000000f54be55c EFLAGS: 00000206 ORIG_RAX: 0000000000000036
[  341.911256][ T9023] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000000720
[  341.911267][ T9023] RDX: 0000000080000040 RSI: 0000000000000000 RDI: 0000000000000000
[  341.911277][ T9023] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  341.911286][ T9023] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  341.911296][ T9023] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  341.911322][ T9023]  </TASK>
[  341.912392][ T9023] ERROR: Out of memory at tomoyo_realpath_from_path.
[  342.202925][ T9031] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  342.211957][ T9023] dvb-usb: bulk message failed: -22 (5/0)
[  342.231394][ T9031] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  342.249524][   T43] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  342.294476][ T5950] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  342.336184][ T5950] az6027: usb out operation failed. (-71)
[  342.351343][ T5950] az6027: usb out operation failed. (-71)
[  342.360706][   T43] DVB: Unable to find symbol mt352_attach()
[  342.367264][   T43] dvb-usb: no frontend was attached by 'Hanftek UMT-010 DVB-T USB2.0'
[  342.375797][ T5935] snd-usb-audio 4-1:27.0: probe with driver snd-usb-audio failed with error -22
[  342.375817][ T5950] stb0899_attach: Driver disabled by Kconfig
[  342.421593][   T43] dvb-usb: bulk message failed: -22 (3/0)
[  342.460809][ T5950] az6027: no front-end attached
[  342.460809][ T5950] 
[  342.482776][   T43] dvb-usb: Hanftek UMT-010 DVB-T USB2.0 successfully initialized and connected.
[  342.501848][ T5950] az6027: usb out operation failed. (-71)
[  342.518934][ T5950] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[  342.538395][ T5950] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.2/usb3/3-1/input/input36
[  342.563909][ T5950] dvb-usb: schedule remote query interval to 400 msecs.
[  342.620242][ T5950] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[  342.712114][ T5950] usb 3-1: USB disconnect, device number 31
[  342.837089][   T24] usbhid 1-1:0.0: can't add hid device: -71
[  342.843246][   T24] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  342.861212][   T30] kauditd_printk_skb: 2 callbacks suppressed
[  342.861227][   T30] audit: type=1326 audit(1757560953.284:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9026 comm="syz.3.832" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e539 code=0x7ffc0000
[  342.927759][   T24] usb 1-1: USB disconnect, device number 30
[  342.975642][   T30] audit: type=1326 audit(1757560953.284:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9026 comm="syz.3.832" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e539 code=0x7ffc0000
[  343.042482][ T5950] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[  343.113437][ T9054] blktrace: Concurrent blktraces are not allowed on sg0
[  344.415122][ T5935] usb 5-1: USB disconnect, device number 33
[  344.493501][ T5935] dvb-usb: Hanftek UMT-010 DVB-T USB2.0 successfully deinitialized and disconnected.
[  344.717965][ T9064] vivid-003: =================  START STATUS  =================
[  344.726086][ T9064] vivid-003: RDS Tx I/O Mode: Controls
[  344.731721][ T9064] vivid-003: RDS Program ID: 32904
[  344.738095][ T9064] vivid-003: RDS Program Type: 3
[  344.750262][ T9064] vivid-003: RDS PS Name: VIVID-TX
[  344.759589][ T9064] vivid-003: RDS Radio Text: This is a VIVID default Radio Text template text, change at will
[  344.810169][ T9064] vivid-003: RDS Stereo: true
[  344.816878][ T9064] vivid-003: RDS Artificial Head: false
[  344.833005][ T9064] vivid-003: RDS Compressed: false
[  344.844360][ T9064] vivid-003: RDS Dynamic PTY: false
[  344.850130][ T9064] vivid-003: RDS Traffic Announcement: false
[  344.863010][ T9064] vivid-003: RDS Traffic Program: true
[  345.501851][ T9064] vivid-003: RDS Music: true
[  345.513902][ T5955] usb 4-1: USB disconnect, device number 35
[  345.595098][ T9064] vivid-003: ==================  END STATUS  ==================
[  347.287351][   T24] usb 1-1: new full-speed USB device number 31 using dummy_hcd
[  347.486740][ T9101] FAULT_INJECTION: forcing a failure.
[  347.486740][ T9101] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  347.563755][ T9101] CPU: 0 UID: 0 PID: 9101 Comm: syz.1.848 Not tainted syzkaller #0 PREEMPT(full) 
[  347.563779][ T9101] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  347.563788][ T9101] Call Trace:
[  347.563795][ T9101]  <TASK>
[  347.563803][ T9101]  dump_stack_lvl+0x189/0x250
[  347.563827][ T9101]  ? __pfx____ratelimit+0x10/0x10
[  347.563842][ T9101]  ? __pfx_dump_stack_lvl+0x10/0x10
[  347.563860][ T9101]  ? __pfx__printk+0x10/0x10
[  347.563880][ T9101]  ? __might_fault+0xb0/0x130
[  347.563911][ T9101]  should_fail_ex+0x414/0x560
[  347.563943][ T9101]  _copy_from_user+0x2d/0xb0
[  347.563965][ T9101]  get_compat_msghdr+0xad/0x4a0
[  347.563989][ T9101]  ? __pfx_get_compat_msghdr+0x10/0x10
[  347.564018][ T9101]  ___sys_sendmsg+0x193/0x2a0
[  347.564041][ T9101]  ? __pfx____sys_sendmsg+0x10/0x10
[  347.564096][ T9101]  ? __fget_files+0x2a/0x420
[  347.564111][ T9101]  ? __fget_files+0x3a0/0x420
[  347.564136][ T9101]  __sys_sendmsg+0x164/0x220
[  347.564158][ T9101]  ? __pfx___sys_sendmsg+0x10/0x10
[  347.564193][ T9101]  ? lockdep_hardirqs_on+0x9c/0x150
[  347.564220][ T9101]  __do_fast_syscall_32+0xb6/0x2b0
[  347.564239][ T9101]  ? lockdep_hardirqs_on+0x9c/0x150
[  347.564260][ T9101]  do_fast_syscall_32+0x34/0x80
[  347.564279][ T9101]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  347.564298][ T9101] RIP: 0023:0xf7fe6539
[  347.564313][ T9101] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  347.564328][ T9101] RSP: 002b:00000000f54e655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  347.564346][ T9101] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000180
[  347.564359][ T9101] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  347.564369][ T9101] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  347.564379][ T9101] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  347.564389][ T9101] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  347.564415][ T9101]  </TASK>
[  348.171357][   T24] usb 1-1: unable to get BOS descriptor or descriptor too short
[  348.282008][ T9111] block nbd0: Attempted send on invalid socket
[  348.288386][ T9111] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2
[  348.376198][   T24] usb 1-1: not running at top speed; connect to a high speed hub
[  348.416099][   T24] usb 1-1: config 219 has an invalid interface number: 147 but max is 1
[  348.431154][   T24] usb 1-1: config 219 has an invalid interface number: 147 but max is 1
[  348.739862][ T9118] netlink: 108 bytes leftover after parsing attributes in process `syz.2.852'.
[  349.099615][   T24] usb 1-1: config 219 has 1 interface, different from the descriptor's value: 2
[  349.108884][ T9120] vivid-000: =================  START STATUS  =================
[  349.126179][ T9120] vivid-000: Test Pattern: 75% Colorbar
[  349.131799][   T24] usb 1-1: config 219 has no interface number 0
[  349.138143][ T9120] vivid-000: Fill Percentage of Frame: 100
[  349.144087][   T24] usb 1-1: config 219 interface 147 has no altsetting 0
[  349.157571][   T24] usb 1-1: config 219 interface 147 has no altsetting 1
[  349.165361][ T9120] vivid-000: Horizontal Movement: No Movement
[  349.182966][ T9120] vivid-000: Vertical Movement: Move Down Slow
[  349.306609][ T9120] vivid-000: OSD Text Mode: All
[  349.320415][   T24] usb 1-1: New USB device found, idVendor=07b0, idProduct=0006, bcdDevice=9e.d4
[  349.351215][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  349.386802][   T24] usb 1-1: Product: syz
[  349.391000][   T24] usb 1-1: Manufacturer: syz
[  349.538121][ T9120] vivid-000: Show Border: false
[  349.543056][ T9120] vivid-000: Show Square: false
[  349.594799][ T9120] vivid-000: Sensor Flipped Horizontally: false
[  349.617471][   T24] usb 1-1: SerialNumber: syz
[  349.708667][ T9120] vivid-000: Sensor Flipped Vertically: false
[  349.746142][ T9120] vivid-000: Insert SAV Code in Image: false
[  349.757890][ T9120] vivid-000: Insert EAV Code in Image: false
[  349.769567][ T9120] vivid-000: Insert Video Guard Band: false
[  349.806758][ T9120] vivid-000: Reduced Framerate: false
[  349.812268][ T9120] vivid-000: HDMI 000-0 Is Connected To: Test Pattern Generator
[  349.823417][ T9120] vivid-000: S-Video 000-0 Is Connected To: Test Pattern Generator
[  349.832005][ T9120] vivid-000: Enable Capture Cropping: true grabbed
[  349.847765][ T9120] vivid-000: Enable Capture Composing: true grabbed
[  349.861070][ T9120] vivid-000: Enable Capture Scaler: true grabbed
[  349.891080][ T9120] vivid-000: Timestamp Source: End of Frame
[  349.897431][ T9120] vivid-000: Colorspace: sRGB
[  349.927964][ T9120] vivid-000: Transfer Function: Default
[  349.936103][ T9120] vivid-000: Y'CbCr Encoding: Default
[  349.943506][ T9120] vivid-000: HSV Encoding: Hue 0-179
[  349.949079][ T9120] vivid-000: Quantization: Default
[  349.954284][ T9120] vivid-000: Apply Alpha To Red Only: false
[  349.963860][ T9120] vivid-000: Standard Aspect Ratio: 4x3
[  349.973997][ T9120] vivid-000: DV Timings Signal Mode: Current DV Timings inactive
[  350.150007][ T9133] bridge1: entered promiscuous mode
[  350.216691][ T9120] vivid-000: DV Timings: 640x480p59 inactive
[  350.222855][ T9120] vivid-000: DV Timings Aspect Ratio: Source Width x Height
[  350.230349][ T9120] vivid-000: Maximum EDID Blocks: 2
[  350.235672][ T9120] vivid-000: Limited RGB Range (16-235): false
[  350.242009][ T9120] vivid-000: Rx RGB Quantization Range: Automatic
[  350.248568][ T9120] vivid-000: Power Present: 0x00000001
[  350.254153][ T9120] tpg source WxH: 1280x960 (Y'CbCr)
[  350.259491][ T9120] tpg field: 1
[  350.262954][ T9120] tpg crop: (0,0)/1280x960
[  350.267503][ T9120] tpg compose: (0,0)/1280x960
[  350.272270][ T9120] tpg colorspace: 8
[  350.276206][ T9120] tpg transfer function: 0/2
[  350.280883][ T9120] tpg Y'CbCr encoding: 0/1
[  350.286258][ T9120] tpg quantization: 0/2
[  350.291425][ T9120] tpg RGB range: 0/2
[  350.295416][ T9120] vivid-000: ==================  END STATUS  ==================
[  350.810550][ T9110] netlink: 4 bytes leftover after parsing attributes in process `syz.3.850'.
[  350.905268][   T24] usb 1-1: can't set config #219, error -71
[  350.915840][   T24] usb 1-1: USB disconnect, device number 31
[  351.202250][ T9143] FAULT_INJECTION: forcing a failure.
[  351.202250][ T9143] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  351.221074][ T9143] CPU: 1 UID: 0 PID: 9143 Comm: syz.3.858 Not tainted syzkaller #0 PREEMPT(full) 
[  351.221096][ T9143] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  351.221103][ T9143] Call Trace:
[  351.221108][ T9143]  <TASK>
[  351.221113][ T9143]  dump_stack_lvl+0x189/0x250
[  351.221129][ T9143]  ? __pfx____ratelimit+0x10/0x10
[  351.221140][ T9143]  ? __pfx_dump_stack_lvl+0x10/0x10
[  351.221151][ T9143]  ? __pfx__printk+0x10/0x10
[  351.221165][ T9143]  ? __might_fault+0xb0/0x130
[  351.221184][ T9143]  should_fail_ex+0x414/0x560
[  351.221201][ T9143]  _copy_from_user+0x2d/0xb0
[  351.221214][ T9143]  get_compat_msghdr+0xad/0x4a0
[  351.221229][ T9143]  ? __pfx_get_compat_msghdr+0x10/0x10
[  351.221246][ T9143]  ___sys_sendmsg+0x193/0x2a0
[  351.221260][ T9143]  ? __pfx____sys_sendmsg+0x10/0x10
[  351.221289][ T9143]  ? __fget_files+0x2a/0x420
[  351.221298][ T9143]  ? __fget_files+0x3a0/0x420
[  351.221311][ T9143]  __sys_sendmsg+0x164/0x220
[  351.221323][ T9143]  ? __pfx___sys_sendmsg+0x10/0x10
[  351.221343][ T9143]  ? lockdep_hardirqs_on+0x9c/0x150
[  351.221354][ T9143]  __do_fast_syscall_32+0xb6/0x2b0
[  351.221366][ T9143]  ? lockdep_hardirqs_on+0x9c/0x150
[  351.221377][ T9143]  do_fast_syscall_32+0x34/0x80
[  351.221387][ T9143]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  351.221399][ T9143] RIP: 0023:0xf703e539
[  351.221408][ T9143] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  351.221416][ T9143] RSP: 002b:00000000f542e55c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  351.221428][ T9143] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000100
[  351.221434][ T9143] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  351.221439][ T9143] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  351.221445][ T9143] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  351.221450][ T9143] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  351.221463][ T9143]  </TASK>
[  351.616133][   T24] usb 1-1: new high-speed USB device number 32 using dummy_hcd
[  351.788574][   T24] usb 1-1: unable to get BOS descriptor or descriptor too short
[  351.799015][   T24] usb 1-1: config 6 has an invalid interface number: 200 but max is 0
[  351.807905][   T24] usb 1-1: config 6 has no interface number 0
[  351.814027][   T24] usb 1-1: config 6 interface 200 has no altsetting 0
[  351.824853][   T24] usb 1-1: New USB device found, idVendor=05d8, idProduct=810c, bcdDevice=18.5f
[  351.834592][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  351.843156][   T24] usb 1-1: Product: syz
[  351.847798][   T24] usb 1-1: Manufacturer: syz
[  351.852592][   T24] usb 1-1: SerialNumber: syz
[  351.980251][ T9153] CIFS: VFS: Malformed UNC in devname
[  352.692540][ T9158] netlink: 'syz.3.861': attribute type 25 has an invalid length.
[  353.236414][ T9169] block nbd0: Attempted send on invalid socket
[  353.266212][ T9169] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2
[  354.084745][ T9180] netlink: 4 bytes leftover after parsing attributes in process `syz.4.864'.
[  354.119791][ T9181] netlink: 108 bytes leftover after parsing attributes in process `syz.3.865'.
[  354.324219][ T9183] vivid-000: =================  START STATUS  =================
[  354.332131][ T9183] vivid-000: Test Pattern: 75% Colorbar
[  354.339448][ T9183] vivid-000: Fill Percentage of Frame: 100
[  354.383296][ T9183] vivid-000: Horizontal Movement: No Movement
[  354.393016][ T9183] vivid-000: Vertical Movement: Move Down Slow
[  354.401962][ T9183] vivid-000: OSD Text Mode: All
[  354.419366][ T9183] vivid-000: Show Border: false
[  354.443816][   T24] dvb-usb: found a 'Artec T14 - USB2.0 DVB-T' in warm state.
[  354.476142][ T9183] vivid-000: Show Square: false
[  354.494461][   T24] dvb-usb: bulk message failed: -71 (3/0)
[  354.519145][ T9183] vivid-000: Sensor Flipped Horizontally: false
[  354.531946][   T24] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  354.573908][ T9183] vivid-000: Sensor Flipped Vertically: 
[  354.582854][   T24] dvbdev: DVB: registering new adapter (Artec T14 - USB2.0 DVB-T)
[  354.602659][ T9183] false
[  354.608457][ T9183] vivid-000: Insert SAV Code in Image: false
[  354.664217][   T24] usb 1-1: media controller created
[  354.678799][ T9183] vivid-000: Insert EAV Code in Image: false
[  354.721732][ T9183] vivid-000: Insert Video Guard Band: false
[  354.812309][ T9183] vivid-000: Reduced Framerate: false
[  354.820407][ T9183] vivid-000: HDMI 000-0 Is Connected To: Test Pattern Generator
[  354.830294][ T9183] vivid-000: S-Video 000-0 Is Connected To: Test Pattern Generator
[  354.838330][ T9183] vivid-000: Enable Capture Cropping: true grabbed
[  354.845251][ T9183] vivid-000: Enable Capture Composing: true grabbed
[  354.852116][ T9183] vivid-000: Enable Capture Scaler: true grabbed
[  354.858848][ T9183] vivid-000: Timestamp Source: End of Frame
[  354.865085][ T9183] vivid-000: Colorspace: sRGB
[  354.869882][ T9183] vivid-000: Transfer Function: Default
[  354.875622][ T9183] vivid-000: Y'CbCr Encoding: Default
[  354.881204][ T9183] vivid-000: HSV Encoding: Hue 0-179
[  354.886591][ T9183] vivid-000: Quantization: Default
[  354.892588][ T9183] vivid-000: Apply Alpha To Red Only: false
[  354.899264][ T9183] vivid-000: Standard Aspect Ratio: 4x3
[  354.905046][ T9183] vivid-000: DV Timings Signal Mode: Current DV Timings inactive
[  354.913083][ T9183] vivid-000: DV Timings: 640x480p59 inactive
[  354.919205][ T9183] vivid-000: DV Timings Aspect Ratio: Source Width x Height
[  354.927503][ T9183] vivid-000: Maximum EDID Blocks: 2
[  354.933272][ T9183] vivid-000: Limited RGB Range (16-235): false
[  354.939580][ T9183] vivid-000: Rx RGB Quantization Range: Automatic
[  354.946141][ T9183] vivid-000: Power Present: 0x00000001
[  354.951663][ T9183] tpg source WxH: 1280x960 (Y'CbCr)
[  354.956946][ T9183] tpg field: 1
[  354.960433][ T9183] tpg crop: (0,0)/1280x960
[  354.964892][ T9183] tpg compose: (0,0)/1280x960
[  354.969657][ T9183] tpg colorspace: 8
[  354.973507][ T9183] tpg transfer function: 0/2
[  354.978190][ T9183] tpg Y'CbCr encoding: 0/1
[  354.982715][ T9183] tpg quantization: 0/2
[  354.986969][ T9183] tpg RGB range: 0/2
[  354.990904][ T9183] vivid-000: ==================  END STATUS  ==================
[  355.235125][ T5935] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[  355.666580][   T24] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  355.739885][ T5935] usb 2-1: Using ep0 maxpacket: 16
[  355.755864][ T5935] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  355.780085][ T5935] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  355.796952][ T5935] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  355.820310][ T5935] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  355.829831][ T5935] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  355.863726][ T5935] usb 2-1: config 0 descriptor??
[  355.955768][   T24] dvb-usb: bulk message failed: -71 (6/0)
[  356.080460][   T24] dvb-usb: bulk message failed: -71 (6/0)
[  356.096851][   T24] dvb-usb: no frontend was attached by 'Artec T14 - USB2.0 DVB-T'
[  356.141192][   T24] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.0/usb1/1-1/input/input37
[  356.198271][   T24] dvb-usb: schedule remote query interval to 150 msecs.
[  356.215401][   T24] dvb-usb: Artec T14 - USB2.0 DVB-T successfully initialized and connected.
[  356.338684][   T24] usb 1-1: USB disconnect, device number 32
[  356.380993][ T5921] dvb-usb: bulk message failed: -19 (1/0)
[  356.386862][ T5921] dvb-usb: error while querying for an remote control event.
[  356.399930][ T5935] input: HID 045e:07da as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:045E:07DA.000E/input/input38
[  356.421436][ T9204] netlink: 4 bytes leftover after parsing attributes in process `syz.0.872'.
[  356.527648][ T9205] netlink: 104 bytes leftover after parsing attributes in process `syz.0.872'.
[  356.541228][ T9205] netlink: 104 bytes leftover after parsing attributes in process `syz.0.872'.
[  356.558651][ T5935] microsoft 0003:045E:07DA.000E: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0
[  356.770036][ T9208] FAULT_INJECTION: forcing a failure.
[  356.770036][ T9208] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  356.782425][   T24] dvb-usb: Artec T14 - USB2.0 DVB-T successfully deinitialized and disconnected.
[  356.787899][ T9208] CPU: 0 UID: 0 PID: 9208 Comm: syz.4.874 Not tainted syzkaller #0 PREEMPT(full) 
[  356.787923][ T9208] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  356.787934][ T9208] Call Trace:
[  356.787941][ T9208]  <TASK>
[  356.787949][ T9208]  dump_stack_lvl+0x189/0x250
[  356.787974][ T9208]  ? __pfx____ratelimit+0x10/0x10
[  356.787991][ T9208]  ? __pfx_dump_stack_lvl+0x10/0x10
[  356.788010][ T9208]  ? __pfx__printk+0x10/0x10
[  356.788051][ T9208]  should_fail_ex+0x414/0x560
[  356.788080][ T9208]  _copy_to_user+0x31/0xb0
[  356.788103][ T9208]  simple_read_from_buffer+0xe1/0x170
[  356.788131][ T9208]  proc_fail_nth_read+0x1b3/0x220
[  356.788154][ T9208]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  356.788176][ T9208]  ? rw_verify_area+0x2a6/0x4d0
[  356.788195][ T9208]  ? __lock_acquire+0xab9/0xd20
[  356.788216][ T9208]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  356.788236][ T9208]  vfs_read+0x200/0xa30
[  356.788256][ T9208]  ? fdget_pos+0x247/0x320
[  356.788275][ T9208]  ? __pfx___mutex_lock+0x10/0x10
[  356.788294][ T9208]  ? __pfx_vfs_read+0x10/0x10
[  356.788315][ T9208]  ? __fget_files+0x2a/0x420
[  356.788334][ T9208]  ? __fget_files+0x3a0/0x420
[  356.788348][ T9208]  ? __fget_files+0x2a/0x420
[  356.788372][ T9208]  ksys_read+0x145/0x250
[  356.788395][ T9208]  ? __pfx_ksys_read+0x10/0x10
[  356.788419][ T9208]  ? lockdep_hardirqs_on+0x9c/0x150
[  356.788440][ T9208]  __do_fast_syscall_32+0xb6/0x2b0
[  356.788456][ T9208]  ? lockdep_hardirqs_on+0x9c/0x150
[  356.788473][ T9208]  do_fast_syscall_32+0x34/0x80
[  356.788491][ T9208]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  356.788511][ T9208] RIP: 0023:0xf7f67539
[  356.788527][ T9208] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  356.788541][ T9208] RSP: 002b:00000000f5466590 EFLAGS: 00000206 ORIG_RAX: 0000000000000003
[  356.788558][ T9208] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5466620
[  356.788570][ T9208] RDX: 000000000000000f RSI: 00000000f73f4ff4 RDI: 0000000000000000
[  356.788580][ T9208] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  356.788589][ T9208] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  356.788599][ T9208] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  356.788625][ T9208]  </TASK>
[  357.312397][ T9216] netlink: 8 bytes leftover after parsing attributes in process `syz.4.876'.
[  357.333877][ T9211] netlink: 168 bytes leftover after parsing attributes in process `syz.0.873'.
[  357.503434][ T9220] pim6reg: entered allmulticast mode
[  357.646181][ T5955] usb 1-1: new high-speed USB device number 33 using dummy_hcd
[  357.776092][ T5955] usb 1-1: device descriptor read/64, error -71
[  358.026661][ T5955] usb 1-1: new high-speed USB device number 34 using dummy_hcd
[  358.086333][ T5935] usb 3-1: new full-speed USB device number 32 using dummy_hcd
[  358.109194][ T9214] pim6reg: left allmulticast mode
[  358.151116][ T5954] usb 2-1: USB disconnect, device number 24
[  358.168338][ T5955] usb 1-1: device descriptor read/64, error -71
[  358.207512][ T5921] usb 4-1: new high-speed USB device number 36 using dummy_hcd
[  358.259390][ T5935] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  358.277814][ T5935] usb 3-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[  358.285791][ T9236] netlink: 8 bytes leftover after parsing attributes in process `syz.4.882'.
[  358.287243][ T5935] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  358.297520][ T5935] usb 3-1: config 0 descriptor??
[  358.298281][ T9230] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22
[  358.319693][ T5955] usb usb1-port1: attempt power cycle
[  358.327057][ T9236] netlink: 1072 bytes leftover after parsing attributes in process `syz.4.882'.
[  358.396318][ T5921] usb 4-1: Using ep0 maxpacket: 8
[  358.412046][ T5921] usb 4-1: config index 0 descriptor too short (expected 30, got 18)
[  358.430192][ T5921] usb 4-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[  358.441990][ T5921] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  358.450181][ T5921] usb 4-1: Product: syz
[  358.454350][ T5921] usb 4-1: Manufacturer: syz
[  358.459256][ T5921] usb 4-1: SerialNumber: syz
[  358.467986][ T5921] usb 4-1: config 0 descriptor??
[  358.487430][ T5921] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state.
[  358.495507][ T5921] usb 4-1: setting power ON
[  358.502674][ T5921] dvb-usb: bulk message failed: -22 (2/0)
[  358.513304][ T5921] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  358.523546][ T5921] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID))
[  358.536152][ T5921] usb 4-1: media controller created
[  358.563190][ T5921] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  358.586073][ T5921] usb 4-1: selecting invalid altsetting 6
[  358.592111][ T5921] usb 4-1: digital interface selection failed (-22)
[  358.600133][ T5921] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)'
[  358.611141][ T5921] usb 4-1: setting power OFF
[  358.619335][ T5921] dvb-usb: bulk message failed: -22 (2/0)
[  358.626361][ T5921] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected.
[  358.635789][ T5921] (NULL device *): no alternate interface
[  358.669676][ T5921] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected.
[  358.676445][ T5955] usb 1-1: new high-speed USB device number 35 using dummy_hcd
[  358.720995][ T5955] usb 1-1: device descriptor read/8, error -71
[  358.767869][ T9240] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  358.784282][ T9240] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  358.954815][ T5935] usbhid 3-1:0.0: can't add hid device: -71
[  358.965620][ T5935] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  358.976155][ T5955] usb 1-1: new high-speed USB device number 36 using dummy_hcd
[  358.984778][ T5935] usb 3-1: USB disconnect, device number 32
[  359.008154][ T5955] usb 1-1: device descriptor read/8, error -71
[  359.079032][ T9242] FAULT_INJECTION: forcing a failure.
[  359.079032][ T9242] name failslab, interval 1, probability 0, space 0, times 0
[  359.095225][ T9242] CPU: 0 UID: 0 PID: 9242 Comm: syz.1.884 Not tainted syzkaller #0 PREEMPT(full) 
[  359.095241][ T9242] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  359.095247][ T9242] Call Trace:
[  359.095252][ T9242]  <TASK>
[  359.095256][ T9242]  dump_stack_lvl+0x189/0x250
[  359.095272][ T9242]  ? __pfx____ratelimit+0x10/0x10
[  359.095284][ T9242]  ? __pfx_dump_stack_lvl+0x10/0x10
[  359.095295][ T9242]  ? __pfx__printk+0x10/0x10
[  359.095311][ T9242]  ? __pfx___might_resched+0x10/0x10
[  359.095323][ T9242]  should_fail_ex+0x414/0x560
[  359.095341][ T9242]  should_failslab+0xa8/0x100
[  359.095363][ T9242]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  359.095381][ T9242]  ? __alloc_skb+0x112/0x2d0
[  359.095394][ T9242]  __alloc_skb+0x112/0x2d0
[  359.095406][ T9242]  netlink_sendmsg+0x5c6/0xb30
[  359.095422][ T9242]  ? __pfx_netlink_sendmsg+0x10/0x10
[  359.095434][ T9242]  ? aa_sock_msg_perm+0xf1/0x1d0
[  359.095445][ T9242]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  359.095455][ T9242]  ? __pfx_netlink_sendmsg+0x10/0x10
[  359.095466][ T9242]  __sock_sendmsg+0x21c/0x270
[  359.095483][ T9242]  sock_write_iter+0x258/0x330
[  359.095499][ T9242]  ? __pfx_sock_write_iter+0x10/0x10
[  359.095539][ T9242]  do_iter_readv_writev+0x619/0x8b0
[  359.095568][ T9242]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  359.095588][ T9242]  ? common_file_perm+0x1b5/0x230
[  359.095608][ T9242]  ? bpf_lsm_file_permission+0x9/0x20
[  359.095622][ T9242]  ? security_file_permission+0x75/0x290
[  359.095636][ T9242]  ? rw_verify_area+0x255/0x4d0
[  359.095650][ T9242]  vfs_writev+0x31a/0x960
[  359.095662][ T9242]  ? __lock_acquire+0xab9/0xd20
[  359.095677][ T9242]  ? __pfx_vfs_writev+0x10/0x10
[  359.095694][ T9242]  ? __fget_files+0x2a/0x420
[  359.095711][ T9242]  ? __fget_files+0x3a0/0x420
[  359.095719][ T9242]  ? __fget_files+0x2a/0x420
[  359.095731][ T9242]  do_writev+0x14d/0x2d0
[  359.095742][ T9242]  ? __pfx_do_writev+0x10/0x10
[  359.095753][ T9242]  ? lockdep_hardirqs_on+0x9c/0x150
[  359.095765][ T9242]  __do_fast_syscall_32+0xb6/0x2b0
[  359.095777][ T9242]  ? lockdep_hardirqs_on+0x9c/0x150
[  359.095788][ T9242]  do_fast_syscall_32+0x34/0x80
[  359.095799][ T9242]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  359.095816][ T9242] RIP: 0023:0xf7fe6539
[  359.095826][ T9242] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  359.095834][ T9242] RSP: 002b:00000000f54e655c EFLAGS: 00000206 ORIG_RAX: 0000000000000092
[  359.095846][ T9242] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 0000000080000040
[  359.095853][ T9242] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[  359.095859][ T9242] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  359.095864][ T9242] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  359.095870][ T9242] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  359.095884][ T9242]  </TASK>
[  359.414926][ T5955] usb usb1-port1: unable to enumerate USB device
[  359.586080][ T5955] usb 1-1: new high-speed USB device number 37 using dummy_hcd
[  359.601965][ T9253] FAULT_INJECTION: forcing a failure.
[  359.601965][ T9253] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  359.617926][ T9253] CPU: 1 UID: 0 PID: 9253 Comm: syz.1.887 Not tainted syzkaller #0 PREEMPT(full) 
[  359.617953][ T9253] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  359.617963][ T9253] Call Trace:
[  359.617971][ T9253]  <TASK>
[  359.617979][ T9253]  dump_stack_lvl+0x189/0x250
[  359.618003][ T9253]  ? __pfx____ratelimit+0x10/0x10
[  359.618021][ T9253]  ? __pfx_dump_stack_lvl+0x10/0x10
[  359.618041][ T9253]  ? __pfx__printk+0x10/0x10
[  359.618064][ T9253]  ? __might_fault+0xb0/0x130
[  359.618098][ T9253]  should_fail_ex+0x414/0x560
[  359.618128][ T9253]  _copy_from_user+0x2d/0xb0
[  359.618151][ T9253]  get_compat_msghdr+0xad/0x4a0
[  359.618177][ T9253]  ? __pfx_get_compat_msghdr+0x10/0x10
[  359.618210][ T9253]  ___sys_sendmsg+0x193/0x2a0
[  359.618234][ T9253]  ? __pfx____sys_sendmsg+0x10/0x10
[  359.618289][ T9253]  ? __fget_files+0x2a/0x420
[  359.618304][ T9253]  ? __fget_files+0x3a0/0x420
[  359.618330][ T9253]  __sys_sendmsg+0x164/0x220
[  359.618353][ T9253]  ? __pfx___sys_sendmsg+0x10/0x10
[  359.618390][ T9253]  ? lockdep_hardirqs_on+0x9c/0x150
[  359.618411][ T9253]  __do_fast_syscall_32+0xb6/0x2b0
[  359.618431][ T9253]  ? lockdep_hardirqs_on+0x9c/0x150
[  359.618455][ T9253]  do_fast_syscall_32+0x34/0x80
[  359.618475][ T9253]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  359.618495][ T9253] RIP: 0023:0xf7fe6539
[  359.618510][ T9253] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  359.618524][ T9253] RSP: 002b:00000000f54e655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  359.618542][ T9253] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000c00
[  359.618555][ T9253] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  359.618566][ T9253] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  359.618576][ T9253] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  359.618586][ T9253] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  359.618612][ T9253]  </TASK>
[  359.886258][ T5955] usb 1-1: device descriptor read/64, error -71
[  359.966797][   T30] audit: type=1326 audit(1757560970.394:247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9243 comm="syz.4.885" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f67539 code=0x7ffc0000
[  360.165799][   T30] audit: type=1326 audit(1757560970.414:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9243 comm="syz.4.885" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f67539 code=0x7ffc0000
[  360.207821][   T30] audit: type=1326 audit(1757560970.414:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9243 comm="syz.4.885" exe="/root/syz-executor" sig=0 arch=40000003 syscall=77 compat=1 ip=0xf7f67539 code=0x7ffc0000
[  360.235133][   T30] audit: type=1326 audit(1757560970.414:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9243 comm="syz.4.885" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f67539 code=0x7ffc0000
[  360.261395][   T30] audit: type=1326 audit(1757560970.414:251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9243 comm="syz.4.885" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f67539 code=0x7ffc0000
[  360.293837][   T30] audit: type=1326 audit(1757560970.424:252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9243 comm="syz.4.885" exe="/root/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7f67539 code=0x7ffc0000
[  360.382862][   T30] audit: type=1326 audit(1757560970.424:253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9243 comm="syz.4.885" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f67539 code=0x7ffc0000
[  360.414842][ T9261] netlink: 'syz.0.891': attribute type 12 has an invalid length.
[  360.418271][   T30] audit: type=1326 audit(1757560970.424:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9243 comm="syz.4.885" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f67539 code=0x7ffc0000
[  360.454418][   T30] audit: type=1326 audit(1757560970.464:255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9243 comm="syz.4.885" exe="/root/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f67539 code=0x7ffc0000
[  360.488375][   T30] audit: type=1326 audit(1757560970.464:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9243 comm="syz.4.885" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f67539 code=0x7ffc0000
[  360.820923][ T9272] netlink: 'syz.2.893': attribute type 21 has an invalid length.
[  361.044951][ T9276] FAULT_INJECTION: forcing a failure.
[  361.044951][ T9276] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  361.062289][    T9] usb 4-1: USB disconnect, device number 36
[  361.090271][ T9276] CPU: 0 UID: 0 PID: 9276 Comm: syz.2.894 Not tainted syzkaller #0 PREEMPT(full) 
[  361.090296][ T9276] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  361.090308][ T9276] Call Trace:
[  361.090316][ T9276]  <TASK>
[  361.090325][ T9276]  dump_stack_lvl+0x189/0x250
[  361.090350][ T9276]  ? __pfx____ratelimit+0x10/0x10
[  361.090370][ T9276]  ? __pfx_dump_stack_lvl+0x10/0x10
[  361.090390][ T9276]  ? __pfx__printk+0x10/0x10
[  361.090414][ T9276]  ? __might_fault+0xb0/0x130
[  361.090447][ T9276]  should_fail_ex+0x414/0x560
[  361.090476][ T9276]  _copy_from_user+0x2d/0xb0
[  361.090505][ T9276]  get_compat_msghdr+0xad/0x4a0
[  361.090531][ T9276]  ? __pfx_get_compat_msghdr+0x10/0x10
[  361.090564][ T9276]  ___sys_sendmsg+0x193/0x2a0
[  361.090588][ T9276]  ? __pfx____sys_sendmsg+0x10/0x10
[  361.090643][ T9276]  ? __fget_files+0x2a/0x420
[  361.090659][ T9276]  ? __fget_files+0x3a0/0x420
[  361.090684][ T9276]  __sys_sendmsg+0x164/0x220
[  361.090707][ T9276]  ? __pfx___sys_sendmsg+0x10/0x10
[  361.090744][ T9276]  ? lockdep_hardirqs_on+0x9c/0x150
[  361.090765][ T9276]  __do_fast_syscall_32+0xb6/0x2b0
[  361.090785][ T9276]  ? lockdep_hardirqs_on+0x9c/0x150
[  361.090806][ T9276]  do_fast_syscall_32+0x34/0x80
[  361.090825][ T9276]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  361.090846][ T9276] RIP: 0023:0xf70ce539
[  361.090861][ T9276] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  361.090882][ T9276] RSP: 002b:00000000f54be55c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  361.090901][ T9276] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080002640
[  361.090913][ T9276] RDX: 000000002404c014 RSI: 0000000000000000 RDI: 0000000000000000
[  361.090925][ T9276] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  361.090935][ T9276] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  361.090946][ T9276] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  361.090972][ T9276]  </TASK>
[  361.614449][ T9287] FAULT_INJECTION: forcing a failure.
[  361.614449][ T9287] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  361.746486][ T9287] CPU: 0 UID: 0 PID: 9287 Comm: syz.0.898 Not tainted syzkaller #0 PREEMPT(full) 
[  361.746512][ T9287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  361.746524][ T9287] Call Trace:
[  361.746540][ T9287]  <TASK>
[  361.746549][ T9287]  dump_stack_lvl+0x189/0x250
[  361.746574][ T9287]  ? __pfx____ratelimit+0x10/0x10
[  361.746593][ T9287]  ? __pfx_dump_stack_lvl+0x10/0x10
[  361.746613][ T9287]  ? __pfx__printk+0x10/0x10
[  361.746636][ T9287]  ? __might_fault+0xb0/0x130
[  361.746670][ T9287]  should_fail_ex+0x414/0x560
[  361.746699][ T9287]  _copy_from_user+0x2d/0xb0
[  361.746723][ T9287]  __ia32_compat_sys_socketcall+0x14f/0x9c0
[  361.746745][ T9287]  ? __fget_files+0x3a0/0x420
[  361.746765][ T9287]  ? __pfx___ia32_compat_sys_socketcall+0x10/0x10
[  361.746785][ T9287]  ? fput+0xa0/0xd0
[  361.746804][ T9287]  ? ksys_write+0x22a/0x250
[  361.746835][ T9287]  ? lockdep_hardirqs_on+0x9c/0x150
[  361.746856][ T9287]  __do_fast_syscall_32+0xb6/0x2b0
[  361.746876][ T9287]  ? lockdep_hardirqs_on+0x9c/0x150
[  361.746896][ T9287]  do_fast_syscall_32+0x34/0x80
[  361.746915][ T9287]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  361.746936][ T9287] RIP: 0023:0xf705e539
[  361.746950][ T9287] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  361.746966][ T9287] RSP: 002b:00000000f542c430 EFLAGS: 00000206 ORIG_RAX: 0000000000000066
[  361.746985][ T9287] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 00000000f542c444
[  361.746997][ T9287] RDX: 0000000000000000 RSI: 00000000f542c560 RDI: 00000000f73e4ff4
[  361.747007][ T9287] RBP: 00000000f542c560 R08: 0000000000000000 R09: 0000000000000000
[  361.747018][ T9287] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  361.747028][ T9287] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  361.747054][ T9287]  </TASK>
[  362.005841][ T9291] block nbd0: Attempted send on invalid socket
[  362.012182][ T9291] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2
[  362.214122][ T9292] vivid-002: =================  START STATUS  =================
[  362.223383][ T9292] vivid-002: RDS Tx I/O Mode: Controls
[  362.231762][ T9292] vivid-002: RDS Program ID: 32904
[  362.251459][ T9292] vivid-002: RDS Program Type: 3
[  362.478064][ T9292] vivid-002: RDS PS Name: VIVID-TX
[  362.505246][ T9292] vivid-002: RDS Radio Text: This is a VIVID default Radio Text template text, change at will
[  362.533870][ T9292] vivid-002: RDS Stereo: true
[  362.542136][ T9292] vivid-002: RDS Artificial Head: false
[  362.552217][ T9292] vivid-002: RDS Compressed: false
[  362.580868][ T9292] vivid-002: RDS Dynamic PTY: false
[  362.613129][ T9292] vivid-002: RDS Traffic Announcement: false
[  362.619929][ T9292] vivid-002: RDS Traffic Program: true
[  362.625752][ T9292] vivid-002: RDS Music: true
[  362.630537][ T9292] vivid-002: ==================  END STATUS  ==================
[  362.797324][ T9303] netlink: 'syz.0.900': attribute type 1 has an invalid length.
[  363.200885][ T9305] netlink: 79 bytes leftover after parsing attributes in process `syz.2.901'.
[  363.543932][ T9312] block nbd0: Attempted send on invalid socket
[  363.550215][ T9312] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2
[  364.062586][ T9306] vlan0: entered allmulticast mode
[  364.069692][ T9306] batadv0: entered allmulticast mode
[  364.111215][ T9303] 8021q: adding VLAN 0 to HW filter on device bond6
[  364.906486][ T5935] usb 1-1: new high-speed USB device number 39 using dummy_hcd
[  365.215938][ T5935] usb 1-1: unable to get BOS descriptor or descriptor too short
[  365.238642][ T5935] usb 1-1: config 6 has an invalid interface number: 200 but max is 0
[  365.252337][ T5935] usb 1-1: config 6 has no interface number 0
[  365.281780][ T5935] usb 1-1: config 6 interface 200 has no altsetting 0
[  365.391416][   T43] usb 4-1: new high-speed USB device number 37 using dummy_hcd
[  365.411611][ T5935] usb 1-1: New USB device found, idVendor=05d8, idProduct=810c, bcdDevice=18.5f
[  365.446495][ T5935] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  365.706064][ T5935] usb 1-1: Product: syz
[  365.712621][ T5935] usb 1-1: Manufacturer: syz
[  365.726199][   T43] usb 4-1: Using ep0 maxpacket: 32
[  365.733540][ T5935] usb 1-1: SerialNumber: syz
[  365.742705][   T43] usb 4-1: config 4 has an invalid interface number: 118 but max is 0
[  365.758952][   T43] usb 4-1: config 4 has no interface number 0
[  365.779949][   T43] usb 4-1: config 4 interface 118 altsetting 5 bulk endpoint 0x4 has invalid maxpacket 64
[  365.882396][   T43] usb 4-1: config 4 interface 118 has no altsetting 0
[  365.921222][   T43] usb 4-1: New USB device found, idVendor=0bfd, idProduct=0005, bcdDevice=d2.65
[  365.931725][   T43] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  365.948239][   T43] usb 4-1: Product: syz
[  365.976061][   T43] usb 4-1: Manufacturer: syz
[  365.994309][   T43] usb 4-1: SerialNumber: syz
[  366.016551][ T9342] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  366.034285][   T43] kvaser_usb 4-1:4.118: error -ENODEV: Cannot get usb endpoint(s)
[  366.136094][    T9] usb 5-1: new high-speed USB device number 34 using dummy_hcd
[  366.287454][    T9] usb 5-1: Using ep0 maxpacket: 8
[  366.303830][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  366.320140][    T9] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  366.335865][ T5955] usb 4-1: USB disconnect, device number 37
[  366.360898][    T9] usb 5-1: New USB device found, idVendor=06cb, idProduct=81a7, bcdDevice= 0.00
[  366.377075][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  366.408862][    T9] usb 5-1: config 0 descriptor??
[  366.679268][ T9365] usb usb7: usbfs: process 9365 (syz.2.916) did not claim interface 0 before use
[  366.764485][ T9364] fuse: Unknown parameter '0x0000000000000009'
[  366.778306][ T9364] fuse: Unknown parameter '0x0000000000000008‡ëò	àgçÙ%wAÝÕ˘Év…¾û'
[  366.911355][    T9] hid_parser_main: 66 callbacks suppressed
[  366.911371][    T9] hid-rmi 0003:06CB:81A7.000F: unknown main item tag 0x4
[  366.937316][    T9] hid-rmi 0003:06CB:81A7.000F: unknown main item tag 0x0
[  366.971444][    T9] hid-rmi 0003:06CB:81A7.000F: unknown main item tag 0x0
[  367.018775][ T9368] FAULT_INJECTION: forcing a failure.
[  367.018775][ T9368] name failslab, interval 1, probability 0, space 0, times 0
[  367.031725][ T9368] CPU: 1 UID: 0 PID: 9368 Comm: syz.3.919 Not tainted syzkaller #0 PREEMPT(full) 
[  367.031750][ T9368] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  367.031762][ T9368] Call Trace:
[  367.031769][ T9368]  <TASK>
[  367.031774][ T9368]  dump_stack_lvl+0x189/0x250
[  367.031794][ T9368]  ? __pfx____ratelimit+0x10/0x10
[  367.031805][ T9368]  ? __pfx_dump_stack_lvl+0x10/0x10
[  367.031819][ T9368]  ? __pfx__printk+0x10/0x10
[  367.031843][ T9368]  ? __pfx___might_resched+0x10/0x10
[  367.031860][ T9368]  ? fs_reclaim_acquire+0x7d/0x100
[  367.031888][ T9368]  should_fail_ex+0x414/0x560
[  367.031913][ T9368]  should_failslab+0xa8/0x100
[  367.031929][ T9368]  __kmalloc_cache_noprof+0x70/0x3d0
[  367.031943][ T9368]  ? alloc_pipe_info+0xe9/0x4d0
[  367.032053][ T9368]  alloc_pipe_info+0xe9/0x4d0
[  367.032070][ T9368]  splice_direct_to_actor+0xa5d/0xcc0
[  367.032092][ T9368]  ? __pfx_aa_file_perm+0x10/0x10
[  367.032103][ T9368]  ? __lock_acquire+0xab9/0xd20
[  367.032119][ T9368]  ? __pfx_direct_splice_actor+0x10/0x10
[  367.032140][ T9368]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  367.032173][ T9368]  do_splice_direct+0x181/0x270
[  367.032199][ T9368]  ? __pfx_do_splice_direct+0x10/0x10
[  367.032215][ T9368]  ? common_file_perm+0x1b5/0x230
[  367.032227][ T9368]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  367.032243][ T9368]  ? bpf_lsm_file_permission+0x9/0x20
[  367.032261][ T9368]  ? security_file_permission+0x75/0x290
[  367.032281][ T9368]  ? rw_verify_area+0x255/0x4d0
[  367.032306][ T9368]  do_sendfile+0x4da/0x7e0
[  367.032332][ T9368]  ? __pfx_do_sendfile+0x10/0x10
[  367.032356][ T9368]  ? __might_fault+0xb0/0x130
[  367.032373][ T9368]  __ia32_compat_sys_sendfile+0x120/0x1d0
[  367.032385][ T9368]  __do_fast_syscall_32+0xb6/0x2b0
[  367.032398][ T9368]  ? lockdep_hardirqs_on+0x9c/0x150
[  367.032409][ T9368]  do_fast_syscall_32+0x34/0x80
[  367.032422][ T9368]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  367.032448][ T9368] RIP: 0023:0xf703e539
[  367.032463][ T9368] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  367.032478][ T9368] RSP: 002b:00000000f542e55c EFLAGS: 00000206 ORIG_RAX: 00000000000000bb
[  367.032496][ T9368] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000004
[  367.032506][ T9368] RDX: 0000000080000200 RSI: 0000000000000002 RDI: 0000000000000000
[  367.032513][ T9368] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  367.032520][ T9368] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  367.032525][ T9368] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  367.032539][ T9368]  </TASK>
[  367.299977][    T9] hid-rmi 0003:06CB:81A7.000F: unknown main item tag 0x0
[  367.307404][    T9] hid-rmi 0003:06CB:81A7.000F: unbalanced collection at end of report description
[  367.318195][    T9] hid-rmi 0003:06CB:81A7.000F: parse failed
[  367.324428][    T9] hid-rmi 0003:06CB:81A7.000F: probe with driver hid-rmi failed with error -22
[  367.598676][   T43] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[  367.624266][ T5935] dvb-usb: found a 'Artec T14 - USB2.0 DVB-T' in warm state.
[  367.701830][ T5935] dvb-usb: bulk message failed: -71 (3/0)
[  367.702029][ T9374] FAULT_INJECTION: forcing a failure.
[  367.702029][ T9374] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  367.753119][ T9374] CPU: 1 UID: 0 PID: 9374 Comm: syz.0.921 Not tainted syzkaller #0 PREEMPT(full) 
[  367.753150][ T9374] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  367.753160][ T9374] Call Trace:
[  367.753168][ T9374]  <TASK>
[  367.753176][ T9374]  dump_stack_lvl+0x189/0x250
[  367.753200][ T9374]  ? __pfx____ratelimit+0x10/0x10
[  367.753219][ T9374]  ? __pfx_dump_stack_lvl+0x10/0x10
[  367.753240][ T9374]  ? __pfx__printk+0x10/0x10
[  367.753260][ T9374]  ? __might_fault+0xb0/0x130
[  367.753286][ T9374]  should_fail_ex+0x414/0x560
[  367.753311][ T9374]  _copy_from_user+0x2d/0xb0
[  367.753332][ T9374]  get_compat_msghdr+0xad/0x4a0
[  367.753354][ T9374]  ? __pfx_get_compat_msghdr+0x10/0x10
[  367.753385][ T9374]  ___sys_sendmsg+0x193/0x2a0
[  367.753409][ T9374]  ? __pfx____sys_sendmsg+0x10/0x10
[  367.753457][ T9374]  ? __fget_files+0x2a/0x420
[  367.753472][ T9374]  ? __fget_files+0x3a0/0x420
[  367.753497][ T9374]  __sys_sendmsg+0x164/0x220
[  367.753518][ T9374]  ? __pfx___sys_sendmsg+0x10/0x10
[  367.753552][ T9374]  ? lockdep_hardirqs_on+0x9c/0x150
[  367.753569][ T9374]  __do_fast_syscall_32+0xb6/0x2b0
[  367.753591][ T9374]  ? lockdep_hardirqs_on+0x9c/0x150
[  367.753607][ T9374]  do_fast_syscall_32+0x34/0x80
[  367.753622][ T9374]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  367.753638][ T9374] RIP: 0023:0xf705e539
[  367.753651][ T9374] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  367.753663][ T9374] RSP: 002b:00000000f544e55c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  367.753678][ T9374] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000
[  367.753689][ T9374] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  367.753696][ T9374] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  367.753704][ T9374] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  367.753712][ T9374] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  367.753732][ T9374]  </TASK>
[  368.196184][   T43] usb 2-1: Using ep0 maxpacket: 16
[  368.215759][ T5935] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  368.230500][ T5935] dvbdev: DVB: registering new adapter (Artec T14 - USB2.0 DVB-T)
[  368.243924][ T9375] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2
[  368.254354][ T5935] usb 1-1: media controller created
[  368.297563][   T43] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  368.436055][   T43] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  368.461023][   T43] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  368.479413][ T5935] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  368.491285][   T43] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 576
[  368.511713][   T43] usb 2-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22
[  368.529104][   T43] usb 2-1: New USB device found, idVendor=0505, idProduct=a4a1, bcdDevice= 0.40
[  368.635937][ T5954] usb 5-1: USB disconnect, device number 34
[  368.636226][   T43] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  368.727592][   T43] usb 2-1: SerialNumber: syz
[  368.756842][ T9382] netlink: 12 bytes leftover after parsing attributes in process `syz.0.922'.
[  368.936311][ T9383] ipvlan2: entered promiscuous mode
[  368.956938][ T9383] bridge0: port 3(ipvlan2) entered blocking state
[  368.966937][ T9383] bridge0: port 3(ipvlan2) entered disabled state
[  368.981640][ T9383] ipvlan2: entered allmulticast mode
[  368.989347][ T9383] bridge0: entered allmulticast mode
[  369.026059][ T9383] ipvlan2: left allmulticast mode
[  369.032350][ T9383] bridge0: left allmulticast mode
[  369.151369][ T5935] dvb-usb: bulk message failed: -71 (6/0)
[  369.215417][ T5935] dvb-usb: bulk message failed: -71 (6/0)
[  369.234003][ T5935] dvb-usb: no frontend was attached by 'Artec T14 - USB2.0 DVB-T'
[  369.263372][ T5935] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.0/usb1/1-1/input/input39
[  369.408875][ T5935] dvb-usb: schedule remote query interval to 150 msecs.
[  369.417586][ T5935] dvb-usb: Artec T14 - USB2.0 DVB-T successfully initialized and connected.
[  369.509289][ T5935] usb 1-1: USB disconnect, device number 39
[  369.725238][   T43] usb 2-1: can't set config #1, error -71
[  369.749477][ T5935] dvb-usb: Artec T14 - USB2.0 DVB-T successfully deinitialized and disconnected.
[  370.154408][   T43] usb 2-1: USB disconnect, device number 25
[  370.640287][ T4625] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  370.649705][ T4625] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  370.924175][ T5955] usb 1-1: new high-speed USB device number 40 using dummy_hcd
[  370.962470][ T9409] block nbd0: Attempted send on invalid socket
[  370.969776][ T9409] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2
[  371.156290][ T5955] usb 1-1: Using ep0 maxpacket: 16
[  371.165088][ T5955] usb 1-1: config 0 interface 0 altsetting 16 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  371.180353][ T5955] usb 1-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0
[  371.198279][ T5955] usb 1-1: config 0 interface 0 altsetting 16 has 1 endpoint descriptor, different from the interface descriptor's value: 28
[  371.306101][ T5935] usb 2-1: new high-speed USB device number 26 using dummy_hcd
[  371.400761][ T5955] usb 1-1: config 0 interface 0 has no altsetting 0
[  371.408011][ T5955] usb 1-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  371.433837][ T5955] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  371.517150][ T5955] usb 1-1: config 0 descriptor??
[  371.546384][ T5935] usb 2-1: Using ep0 maxpacket: 32
[  371.564646][ T5935] usb 2-1: config 4 has an invalid interface number: 118 but max is 0
[  371.577316][ T5935] usb 2-1: config 4 has no interface number 0
[  371.637229][ T5935] usb 2-1: config 4 interface 118 altsetting 5 bulk endpoint 0x4 has invalid maxpacket 64
[  371.650811][ T5935] usb 2-1: config 4 interface 118 has no altsetting 0
[  371.675524][ T5935] usb 2-1: New USB device found, idVendor=0bfd, idProduct=0005, bcdDevice=d2.65
[  371.691235][ T5935] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  371.705805][ T5935] usb 2-1: Product: syz
[  371.719356][ T5935] usb 2-1: Manufacturer: syz
[  371.727916][ T5935] usb 2-1: SerialNumber: syz
[  371.744082][ T9410] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  371.777126][ T5935] kvaser_usb 2-1:4.118: error -ENODEV: Cannot get usb endpoint(s)
[  371.886112][ T5954] usb 5-1: new high-speed USB device number 35 using dummy_hcd
[  372.058999][ T5954] usb 5-1: unable to get BOS descriptor or descriptor too short
[  372.107297][ T5954] usb 5-1: config 6 has an invalid interface number: 200 but max is 0
[  372.131106][ T5954] usb 5-1: config 6 has no interface number 0
[  372.139440][ T5935] usb 2-1: USB disconnect, device number 26
[  372.158618][ T5955] usbhid 1-1:0.0: can't add hid device: -71
[  372.167313][ T5955] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  372.180573][ T5954] usb 5-1: config 6 interface 200 has no altsetting 0
[  372.204075][ T5955] usb 1-1: USB disconnect, device number 40
[  372.214582][ T5954] usb 5-1: New USB device found, idVendor=05d8, idProduct=810c, bcdDevice=18.5f
[  372.225620][ T5954] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  372.250434][ T5954] usb 5-1: Product: syz
[  372.264494][ T5954] usb 5-1: Manufacturer: syz
[  372.269846][ T5954] usb 5-1: SerialNumber: syz
[  372.378002][ T4625] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  372.387016][ T4625] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  372.395775][ T4625] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  372.486328][ T5921] usb 3-1: new high-speed USB device number 33 using dummy_hcd
[  372.636245][ T5921] usb 3-1: Using ep0 maxpacket: 8
[  372.643178][ T5921] usb 3-1: config index 0 descriptor too short (expected 301, got 45)
[  372.651830][ T5921] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  372.661690][ T5921] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  372.671720][ T5921] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  372.695354][ T5921] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  372.716372][ T5955] usb 4-1: new low-speed USB device number 38 using dummy_hcd
[  372.726222][ T5921] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  372.756080][ T5921] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  372.878408][ T5955] usb 4-1: Invalid ep0 maxpacket: 64
[  372.997484][ T5921] usb 3-1: usb_control_msg returned -32
[  373.004119][ T5921] usbtmc 3-1:16.0: can't read capabilities
[  373.016832][ T5955] usb 4-1: new low-speed USB device number 39 using dummy_hcd
[  373.356170][ T5955] usb 4-1: Invalid ep0 maxpacket: 64
[  373.361946][ T5955] usb usb4-port1: attempt power cycle
[  373.372957][ T5921] usb 3-1: USB disconnect, device number 33
[  373.956066][ T5955] usb 4-1: new low-speed USB device number 40 using dummy_hcd
[  373.977171][ T5955] usb 4-1: Invalid ep0 maxpacket: 64
[  374.057845][ T5935] usb 3-1: new high-speed USB device number 34 using dummy_hcd
[  374.106659][ T5955] usb 4-1: new low-speed USB device number 41 using dummy_hcd
[  374.147079][ T5955] usb 4-1: Invalid ep0 maxpacket: 64
[  374.157480][ T5955] usb usb4-port1: unable to enumerate USB device
[  374.218132][ T5935] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  374.231854][ T5935] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  374.242455][ T5935] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  374.252522][ T5935] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  374.260628][ T5935] usb 3-1: SerialNumber: syz
[  374.407664][ T9457] netlink: 108 bytes leftover after parsing attributes in process `syz.0.941'.
[  374.500936][ T5935] usb 3-1: 0:2 : does not exist
[  374.520179][ T5935] usb 3-1: USB disconnect, device number 34
[  374.673225][ T5954] dvb-usb: found a 'Artec T14 - USB2.0 DVB-T' in warm state.
[  374.692978][ T5954] dvb-usb: bulk message failed: -71 (3/0)
[  374.714948][ T5954] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  374.745659][ T5954] dvbdev: DVB: registering new adapter (Artec T14 - USB2.0 DVB-T)
[  374.763787][ T5954] usb 5-1: media controller created
[  374.792524][ T5954] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  374.814148][ T5954] dvb-usb: bulk message failed: -71 (6/0)
[  374.820595][ T5954] dvb-usb: bulk message failed: -71 (6/0)
[  374.827583][ T5954] dvb-usb: no frontend was attached by 'Artec T14 - USB2.0 DVB-T'
[  374.840101][ T5954] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.4/usb5/5-1/input/input40
[  374.866670][ T5954] dvb-usb: schedule remote query interval to 150 msecs.
[  374.875553][ T5954] dvb-usb: Artec T14 - USB2.0 DVB-T successfully initialized and connected.
[  374.915070][ T5954] usb 5-1: USB disconnect, device number 35
[  374.971711][ T9463] FAULT_INJECTION: forcing a failure.
[  374.971711][ T9463] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  375.023786][ T9463] CPU: 0 UID: 0 PID: 9463 Comm: syz.4.944 Not tainted syzkaller #0 PREEMPT(full) 
[  375.023812][ T9463] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  375.023819][ T9463] Call Trace:
[  375.023824][ T9463]  <TASK>
[  375.023830][ T9463]  dump_stack_lvl+0x189/0x250
[  375.023847][ T9463]  ? __pfx____ratelimit+0x10/0x10
[  375.023859][ T9463]  ? __pfx_dump_stack_lvl+0x10/0x10
[  375.023870][ T9463]  ? __pfx__printk+0x10/0x10
[  375.023890][ T9463]  should_fail_ex+0x414/0x560
[  375.023908][ T9463]  _copy_to_user+0x31/0xb0
[  375.023923][ T9463]  simple_read_from_buffer+0xe1/0x170
[  375.023941][ T9463]  proc_fail_nth_read+0x1b3/0x220
[  375.023954][ T9463]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  375.023966][ T9463]  ? rw_verify_area+0x2a6/0x4d0
[  375.023978][ T9463]  ? __lock_acquire+0xab9/0xd20
[  375.023992][ T9463]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  375.024003][ T9463]  vfs_read+0x200/0xa30
[  375.024015][ T9463]  ? fdget_pos+0x247/0x320
[  375.024027][ T9463]  ? __pfx___mutex_lock+0x10/0x10
[  375.024038][ T9463]  ? __pfx_vfs_read+0x10/0x10
[  375.024052][ T9463]  ? __fget_files+0x2a/0x420
[  375.024062][ T9463]  ? __fget_files+0x3a0/0x420
[  375.024070][ T9463]  ? __fget_files+0x2a/0x420
[  375.024083][ T9463]  ksys_read+0x145/0x250
[  375.024097][ T9463]  ? __pfx_ksys_read+0x10/0x10
[  375.024111][ T9463]  ? lockdep_hardirqs_on+0x9c/0x150
[  375.024123][ T9463]  __do_fast_syscall_32+0xb6/0x2b0
[  375.024135][ T9463]  ? lockdep_hardirqs_on+0x9c/0x150
[  375.024149][ T9463]  do_fast_syscall_32+0x34/0x80
[  375.024160][ T9463]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  375.024172][ T9463] RIP: 0023:0xf7f67539
[  375.024181][ T9463] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  375.024189][ T9463] RSP: 002b:00000000f5466590 EFLAGS: 00000206 ORIG_RAX: 0000000000000003
[  375.024201][ T9463] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00000000f5466620
[  375.024207][ T9463] RDX: 000000000000000f RSI: 00000000f73f4ff4 RDI: 0000000000000000
[  375.024213][ T9463] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  375.024218][ T9463] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  375.024224][ T9463] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  375.024238][ T9463]  </TASK>
[  375.295174][ T9465] netlink: 8 bytes leftover after parsing attributes in process `syz.2.945'.
[  375.323750][ T9465] netlink: 8 bytes leftover after parsing attributes in process `syz.2.945'.
[  375.608903][ T9470] netlink: 108 bytes leftover after parsing attributes in process `syz.4.946'.
[  376.313708][ T5954] dvb-usb: Artec T14 - USB2.0 DVB-T successfully deinitialized and disconnected.
[  376.336418][ T5950] usb 4-1: new high-speed USB device number 42 using dummy_hcd
[  376.501247][ T5950] usb 4-1: Using ep0 maxpacket: 32
[  376.539757][ T5950] usb 4-1: config 4 has an invalid interface number: 118 but max is 0
[  376.559304][ T5950] usb 4-1: config 4 has no interface number 0
[  376.567624][ T9480] loop2: detected capacity change from 0 to 7
[  376.568375][ T5950] usb 4-1: config 4 interface 118 altsetting 5 bulk endpoint 0x4 has invalid maxpacket 64
[  376.609988][ T8009] Dev loop2: unable to read RDB block 7
[  376.620774][ T5950] usb 4-1: config 4 interface 118 has no altsetting 0
[  376.635686][ T8009]  loop2: unable to read partition table
[  376.657592][ T5950] usb 4-1: New USB device found, idVendor=0bfd, idProduct=0005, bcdDevice=d2.65
[  376.746146][ T5950] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  376.756286][ T5935] usb 2-1: new high-speed USB device number 27 using dummy_hcd
[  376.778986][ T8009] loop2: partition table beyond EOD, truncated
[  376.788713][ T9480] Dev loop2: unable to read RDB block 7
[  376.794340][ T9480]  loop2: unable to read partition table
[  376.800803][ T9480] loop2: partition table beyond EOD, truncated
[  376.810750][ T9480] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  376.881896][ T5950] usb 4-1: Product: syz
[  376.893938][ T5950] usb 4-1: Manufacturer: syz
[  376.916041][ T5950] usb 4-1: SerialNumber: syz
[  376.928421][ T9474] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  376.929689][ T5935] usb 2-1: device descriptor read/64, error -71
[  376.938076][ T5950] kvaser_usb 4-1:4.118: error -ENODEV: Cannot get usb endpoint(s)
[  377.256325][ T5950] usb 4-1: USB disconnect, device number 42
[  377.276128][ T5935] usb 2-1: new high-speed USB device number 28 using dummy_hcd
[  377.516146][ T5935] usb 2-1: device descriptor read/64, error -71
[  377.592158][ T9483] FAULT_INJECTION: forcing a failure.
[  377.592158][ T9483] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  377.605297][ T9483] CPU: 0 UID: 0 PID: 9483 Comm: syz.2.950 Not tainted syzkaller #0 PREEMPT(full) 
[  377.605312][ T9483] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  377.605319][ T9483] Call Trace:
[  377.605324][ T9483]  <TASK>
[  377.605329][ T9483]  dump_stack_lvl+0x189/0x250
[  377.605345][ T9483]  ? __pfx____ratelimit+0x10/0x10
[  377.605356][ T9483]  ? __pfx_dump_stack_lvl+0x10/0x10
[  377.605368][ T9483]  ? __pfx__printk+0x10/0x10
[  377.605381][ T9483]  ? __might_fault+0xb0/0x130
[  377.605400][ T9483]  should_fail_ex+0x414/0x560
[  377.605418][ T9483]  _copy_from_user+0x2d/0xb0
[  377.605432][ T9483]  get_compat_msghdr+0xad/0x4a0
[  377.605448][ T9483]  ? __pfx_get_compat_msghdr+0x10/0x10
[  377.605465][ T9483]  ___sys_sendmsg+0x193/0x2a0
[  377.605480][ T9483]  ? __pfx____sys_sendmsg+0x10/0x10
[  377.605509][ T9483]  ? __fget_files+0x2a/0x420
[  377.605517][ T9483]  ? __fget_files+0x3a0/0x420
[  377.605530][ T9483]  __sys_sendmsg+0x164/0x220
[  377.605543][ T9483]  ? __pfx___sys_sendmsg+0x10/0x10
[  377.605563][ T9483]  ? lockdep_hardirqs_on+0x9c/0x150
[  377.605574][ T9483]  __do_fast_syscall_32+0xb6/0x2b0
[  377.605586][ T9483]  ? lockdep_hardirqs_on+0x9c/0x150
[  377.605597][ T9483]  do_fast_syscall_32+0x34/0x80
[  377.605607][ T9483]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  377.605620][ T9483] RIP: 0023:0xf70ce539
[  377.605629][ T9483] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  377.605637][ T9483] RSP: 002b:00000000f54be55c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  377.605648][ T9483] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000
[  377.605655][ T9483] RDX: 00000000240008c4 RSI: 0000000000000000 RDI: 0000000000000000
[  377.605661][ T9483] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  377.605666][ T9483] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  377.605671][ T9483] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  377.605685][ T9483]  </TASK>
[  377.806300][ T5935] usb usb2-port1: attempt power cycle
[  378.226616][ T5935] usb 2-1: new high-speed USB device number 29 using dummy_hcd
[  378.427902][   T43] usb 4-1: new high-speed USB device number 43 using dummy_hcd
[  378.447810][ T5935] usb 2-1: device descriptor read/8, error -71
[  378.540903][ T1305] ieee802154 phy0 wpan0: encryption failed: -22
[  378.549147][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[  378.600700][ T9498] vivid-000: =================  START STATUS  =================
[  378.608793][ T9498] vivid-000: Test Pattern: 75% Colorbar
[  378.614710][ T9498] vivid-000: Fill Percentage of Frame: 100
[  378.623066][   T43] usb 4-1: unable to get BOS descriptor or descriptor too short
[  378.623829][ T9498] vivid-000: Horizontal Movement: No Movement
[  378.665702][ T9498] vivid-000: Vertical Movement: Move Down Slow
[  378.672587][ T9498] vivid-000: OSD Text Mode: All
[  378.689038][   T43] usb 4-1: config 6 has an invalid interface number: 200 but max is 0
[  378.698570][   T43] usb 4-1: config 6 has no interface number 0
[  378.704687][   T43] usb 4-1: config 6 interface 200 has no altsetting 0
[  378.712845][ T5935] usb 2-1: new high-speed USB device number 30 using dummy_hcd
[  378.724980][ T9498] vivid-000: Show Border: false
[  378.733566][   T43] usb 4-1: New USB device found, idVendor=05d8, idProduct=810c, bcdDevice=18.5f
[  378.743096][   T43] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  378.752741][   T43] usb 4-1: Product: syz
[  378.757342][   T43] usb 4-1: Manufacturer: syz
[  378.761948][   T43] usb 4-1: SerialNumber: syz
[  378.768952][ T5935] usb 2-1: device descriptor read/8, error -71
[  378.784567][ T9498] vivid-000: Show Square: false
[  378.790312][ T9498] vivid-000: Sensor Flipped Horizontally: false
[  378.796976][ T9498] vivid-000: Sensor Flipped Vertically: false
[  378.803169][ T9498] vivid-000: Insert SAV Code in Image: false
[  378.809294][ T9498] vivid-000: Insert EAV Code in Image: false
[  378.815374][ T9498] vivid-000: Insert Video Guard Band: false
[  378.821422][ T9498] vivid-000: Reduced Framerate: false
[  378.826958][ T9498] vivid-000: HDMI 000-0 Is Connected To: Test Pattern Generator
[  378.834697][ T9498] vivid-000: S-Video 000-0 Is Connected To: Test Pattern Generator
[  378.842720][ T9498] vivid-000: Enable Capture Cropping: true grabbed
[  378.853883][ T9498] vivid-000: Enable Capture Composing: true grabbed
[  379.008325][ T9498] vivid-000: Enable Capture Scaler: true grabbed
[  379.015219][ T9498] vivid-000: Timestamp Source: End of Frame
[  379.021661][ T9498] vivid-000: Colorspace: sRGB
[  379.026952][ T9498] vivid-000: Transfer Function: Default
[  379.032816][ T9498] vivid-000: Y'CbCr Encoding: Default
[  379.038311][ T9498] vivid-000: HSV Encoding: Hue 0-179
[  379.043689][ T9498] vivid-000: Quantization: Default
[  379.048933][ T9498] vivid-000: Apply Alpha To Red Only: false
[  379.054924][ T9498] vivid-000: Standard Aspect Ratio: 4x3
[  379.061187][ T9498] vivid-000: DV Timings Signal Mode: Current DV Timings inactive
[  379.071593][ T9498] vivid-000: DV Timings: 640x480p59 inactive
[  379.077789][ T9498] vivid-000: DV Timings Aspect Ratio: Source Width x Height
[  379.085251][ T9498] vivid-000: Maximum EDID Blocks: 2
[  379.090646][ T9498] vivid-000: Limited RGB Range (16-235): false
[  379.096958][ T9498] vivid-000: Rx RGB Quantization Range: Automatic
[  379.103525][ T9498] vivid-000: Power Present: 0x00000001
[  379.109303][ T9498] tpg source WxH: 1280x960 (Y'CbCr)
[  379.118828][ T9498] tpg field: 1
[  379.122304][ T9498] tpg crop: (0,0)/1280x960
[  379.126872][ T9498] tpg compose: (0,0)/1280x960
[  379.131684][ T9498] tpg colorspace: 8
[  379.135593][ T9498] tpg transfer function: 0/2
[  379.140322][ T9498] tpg Y'CbCr encoding: 0/1
[  379.144872][ T9498] tpg quantization: 0/2
[  379.149357][ T9498] tpg RGB range: 0/2
[  379.153328][ T9498] vivid-000: ==================  END STATUS  ==================
[  379.193348][ T5935] usb usb2-port1: unable to enumerate USB device
[  380.025652][ T9516] FAULT_INJECTION: forcing a failure.
[  380.025652][ T9516] name failslab, interval 1, probability 0, space 0, times 0
[  380.041740][ T9516] CPU: 0 UID: 0 PID: 9516 Comm: syz.4.959 Not tainted syzkaller #0 PREEMPT(full) 
[  380.041764][ T9516] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  380.041775][ T9516] Call Trace:
[  380.041783][ T9516]  <TASK>
[  380.041792][ T9516]  dump_stack_lvl+0x189/0x250
[  380.041818][ T9516]  ? __pfx____ratelimit+0x10/0x10
[  380.041836][ T9516]  ? __pfx_dump_stack_lvl+0x10/0x10
[  380.041856][ T9516]  ? __pfx__printk+0x10/0x10
[  380.041889][ T9516]  ? __pfx___might_resched+0x10/0x10
[  380.041904][ T9516]  ? fs_reclaim_acquire+0x7d/0x100
[  380.041934][ T9516]  should_fail_ex+0x414/0x560
[  380.041963][ T9516]  should_failslab+0xa8/0x100
[  380.041989][ T9516]  __kmalloc_noprof+0xcb/0x4f0
[  380.042009][ T9516]  ? kfree+0x4d/0x440
[  380.042027][ T9516]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  380.042051][ T9516]  tomoyo_realpath_from_path+0xe3/0x5d0
[  380.042071][ T9516]  ? tomoyo_domain+0xd9/0x130
[  380.042095][ T9516]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  380.042119][ T9516]  tomoyo_path_number_perm+0x1e8/0x5a0
[  380.042146][ T9516]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  380.042188][ T9516]  ? __lock_acquire+0xab9/0xd20
[  380.042231][ T9516]  ? __fget_files+0x2a/0x420
[  380.042252][ T9516]  ? __fget_files+0x3a0/0x420
[  380.042267][ T9516]  ? __fget_files+0x2a/0x420
[  380.042286][ T9516]  security_file_ioctl_compat+0xcb/0x2d0
[  380.042313][ T9516]  __ia32_compat_sys_ioctl+0x128/0x840
[  380.042338][ T9516]  ? __pfx___ia32_compat_sys_ioctl+0x10/0x10
[  380.042360][ T9516]  ? __fget_files+0x3a0/0x420
[  380.042382][ T9516]  ? fput+0xa0/0xd0
[  380.042400][ T9516]  ? ksys_write+0x22a/0x250
[  380.042435][ T9516]  ? lockdep_hardirqs_on+0x9c/0x150
[  380.042457][ T9516]  __do_fast_syscall_32+0xb6/0x2b0
[  380.042475][ T9516]  ? lockdep_hardirqs_on+0x9c/0x150
[  380.042496][ T9516]  do_fast_syscall_32+0x34/0x80
[  380.042515][ T9516]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  380.042535][ T9516] RIP: 0023:0xf7f67539
[  380.042549][ T9516] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  380.042565][ T9516] RSP: 002b:00000000f546655c EFLAGS: 00000206 ORIG_RAX: 0000000000000036
[  380.042583][ T9516] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000c008aec1
[  380.042596][ T9516] RDX: 0000000080001280 RSI: 0000000000000000 RDI: 0000000000000000
[  380.042607][ T9516] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  380.042618][ T9516] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  380.042629][ T9516] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  380.042654][ T9516]  </TASK>
[  380.042846][ T9516] ERROR: Out of memory at tomoyo_realpath_from_path.
[  380.936365][ T5935] usb 2-1: new high-speed USB device number 31 using dummy_hcd
[  380.977049][   T43] dvb-usb: found a 'Artec T14 - USB2.0 DVB-T' in warm state.
[  381.007940][   T43] dvb-usb: bulk message failed: -71 (3/0)
[  381.050385][   T43] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  381.316189][ T5954] usb 5-1: new high-speed USB device number 36 using dummy_hcd
[  381.423161][ T9532] netlink: 12 bytes leftover after parsing attributes in process `syz.0.965'.
[  381.467590][ T5935] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  381.481046][ T5954] usb 5-1: Using ep0 maxpacket: 32
[  381.487959][ T5954] usb 5-1: config 4 has an invalid interface number: 118 but max is 0
[  381.499419][ T5954] usb 5-1: config 4 has no interface number 0
[  381.512927][ T5935] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  381.525220][   T43] dvbdev: DVB: registering new adapter (Artec T14 - USB2.0 DVB-T)
[  381.530693][ T5954] usb 5-1: config 4 interface 118 altsetting 5 bulk endpoint 0x4 has invalid maxpacket 64
[  381.534531][   T43] usb 4-1: media controller created
[  381.557643][ T5935] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0
[  381.568509][ T5954] usb 5-1: config 4 interface 118 has no altsetting 0
[  381.579438][ T9532] netlink: 72 bytes leftover after parsing attributes in process `syz.0.965'.
[  381.600791][ T5935] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  381.629842][ T5954] usb 5-1: New USB device found, idVendor=0bfd, idProduct=0005, bcdDevice=d2.65
[  381.643858][ T5954] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  381.662161][ T5954] usb 5-1: Product: syz
[  381.680165][ T5954] usb 5-1: Manufacturer: syz
[  381.724651][ T5935] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  381.759235][ T5954] usb 5-1: SerialNumber: syz
[  381.784007][   T43] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  381.828704][   T43] dvb-usb: bulk message failed: -71 (6/0)
[  381.835029][   T43] dvb-usb: bulk message failed: -71 (6/0)
[  381.841292][   T43] dvb-usb: no frontend was attached by 'Artec T14 - USB2.0 DVB-T'
[  381.995390][ T9529] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  382.004460][   T43] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb4/4-1/input/input41
[  382.007590][ T5954] kvaser_usb 5-1:4.118: error -ENODEV: Cannot get usb endpoint(s)
[  382.063440][ T5935] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  382.107749][   T43] dvb-usb: schedule remote query interval to 150 msecs.
[  382.182409][   T43] dvb-usb: Artec T14 - USB2.0 DVB-T successfully initialized and connected.
[  382.315240][ T5935] snd-usb-audio 2-1:27.0: probe with driver snd-usb-audio failed with error -12
[  382.329166][ T8142] udevd[8142]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  382.531703][   T43] usb 4-1: USB disconnect, device number 43
[  382.593529][   T24] dvb-usb: bulk message failed: -19 (1/0)
[  382.626105][   T24] dvb-usb: error while querying for an remote control event.
[  382.745687][ T9525] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  382.756888][ T9525] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  382.868890][ T5935] usb 5-1: USB disconnect, device number 36
[  382.990411][   T30] kauditd_printk_skb: 55 callbacks suppressed
[  382.990426][   T30] audit: type=1326 audit(1757560993.404:312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9518 comm="syz.1.961" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe6539 code=0x7ffc0000
[  383.029136][   T43] dvb-usb: Artec T14 - USB2.0 DVB-T successfully deinitialized and disconnected.
[  383.061054][ T9546] netlink: 72 bytes leftover after parsing attributes in process `syz.2.968'.
[  383.070162][   T30] audit: type=1326 audit(1757560993.414:313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9518 comm="syz.1.961" exe="/root/syz-executor" sig=0 arch=40000003 syscall=327 compat=1 ip=0xf7fe6539 code=0x7ffc0000
[  383.142427][   T30] audit: type=1326 audit(1757560993.414:314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9518 comm="syz.1.961" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe6539 code=0x7ffc0000
[  383.150400][ T9546] netlink: 12 bytes leftover after parsing attributes in process `syz.2.968'.
[  383.236171][ T5950] usb 1-1: new high-speed USB device number 41 using dummy_hcd
[  383.264470][   T30] audit: type=1326 audit(1757560993.414:315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9518 comm="syz.1.961" exe="/root/syz-executor" sig=0 arch=40000003 syscall=439 compat=1 ip=0xf7fe6539 code=0x7ffc0000
[  383.286327][    C0] vkms_vblank_simulate: vblank timer overrun
[  383.451018][ T5950] usb 1-1: config index 0 descriptor too short (expected 204, got 72)
[  383.469244][ T5950] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  383.481858][ T5950] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  383.500989][ T5950] usb 1-1: Product: syz
[  383.501006][   T30] audit: type=1326 audit(1757560993.414:316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9518 comm="syz.1.961" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe6539 code=0x7ffc0000
[  383.529352][ T5950] usb 1-1: Manufacturer: syz
[  383.534930][ T5950] usb 1-1: SerialNumber: syz
[  383.586859][ T5950] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  383.641059][   T30] audit: type=1326 audit(1757560993.414:317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9518 comm="syz.1.961" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe6539 code=0x7ffc0000
[  383.718515][   T43] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  384.327186][   T30] audit: type=1326 audit(1757560993.784:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9547 comm="syz.3.970" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e539 code=0x7ffc0000
[  384.806383][   T43] ath9k_htc 1-1:1.0: ath9k_htc: Target is unresponsive
[  384.813553][   T43] ath9k_htc: Failed to initialize the device
[  384.877724][   T43] usb 1-1: ath9k_htc: USB layer deinitialized
[  385.005536][   T30] audit: type=1326 audit(1757560993.784:319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9547 comm="syz.3.970" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e539 code=0x7ffc0000
[  385.027862][   T30] audit: type=1326 audit(1757560993.784:320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9547 comm="syz.3.970" exe="/root/syz-executor" sig=0 arch=40000003 syscall=77 compat=1 ip=0xf703e539 code=0x7ffc0000
[  385.049853][   T30] audit: type=1326 audit(1757560993.784:321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9547 comm="syz.3.970" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e539 code=0x7ffc0000
[  385.071656][    C0] vkms_vblank_simulate: vblank timer overrun
[  385.140511][ T5954] usb 2-1: USB disconnect, device number 31
[  385.316515][ T9564] vivid-002: =================  START STATUS  =================
[  385.324393][ T9564] vivid-002: RDS Tx I/O Mode: Controls
[  385.330642][ T9564] vivid-002: RDS Program ID: 32904
[  385.356113][ T9564] vivid-002: RDS Program Type: 3
[  385.361200][ T9564] vivid-002: RDS PS Name: VIVID-TX
[  385.368863][ T5928] usb 1-1: USB disconnect, device number 41
[  385.418597][ T9564] vivid-002: RDS Radio Text: This is a VIVID default Radio Text template text, change at will
[  385.429271][ T9564] vivid-002: RDS Stereo: true
[  385.433998][ T9564] vivid-002: RDS Artificial Head: false
[  385.439646][ T9564] vivid-002: RDS Compressed: false
[  385.444790][ T9564] vivid-002: RDS Dynamic PTY: false
[  385.450115][ T9564] vivid-002: RDS Traffic Announcement: false
[  385.456197][ T9564] vivid-002: RDS Traffic Program: true
[  385.461689][ T9564] vivid-002: RDS Music: true
[  385.466376][ T9564] vivid-002: ==================  END STATUS  ==================
[  385.746105][ T5921] usb 2-1: new high-speed USB device number 32 using dummy_hcd
[  386.196318][ T5928] usb 1-1: new high-speed USB device number 42 using dummy_hcd
[  386.337866][ T5921] usb 2-1: unable to get BOS descriptor or descriptor too short
[  386.349357][ T5921] usb 2-1: config 6 has an invalid interface number: 200 but max is 0
[  386.372679][ T5921] usb 2-1: config 6 has no interface number 0
[  386.377533][ T5928] usb 1-1: config 0 has an invalid interface number: 142 but max is 1
[  386.406605][ T5921] usb 2-1: config 6 interface 200 has no altsetting 0
[  386.411515][ T5928] usb 1-1: config 0 has no interface number 0
[  386.472706][ T5928] usb 1-1: config 0 interface 1 has no altsetting 0
[  386.475096][ T5921] usb 2-1: New USB device found, idVendor=05d8, idProduct=810c, bcdDevice=18.5f
[  386.559241][ T5928] usb 1-1: New USB device found, idVendor=1df7, idProduct=2500, bcdDevice= 0.5e
[  386.571404][ T5921] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  386.599429][ T5928] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  386.632919][ T5921] usb 2-1: Product: syz
[  386.658579][ T5928] usb 1-1: Product: syz
[  386.661466][ T5921] usb 2-1: Manufacturer: syz
[  386.679480][ T5928] usb 1-1: Manufacturer: syz
[  386.700609][ T5928] usb 1-1: SerialNumber: syz
[  386.706433][ T5921] usb 2-1: SerialNumber: syz
[  386.787119][ T5928] usb 1-1: config 0 descriptor??
[  387.258920][ T5928] msi2500 1-1:0.1: Registered as swradio24
[  387.284755][ T5928] msi2500 1-1:0.1: SDR API is still slightly experimental and functionality changes may follow
[  387.336390][ T5955] usb 5-1: new high-speed USB device number 37 using dummy_hcd
[  387.468015][ T5928] videodev: could not get a free minor
[  387.497548][ T5955] usb 5-1: Using ep0 maxpacket: 32
[  387.513831][ T5955] usb 5-1: config 4 has an invalid interface number: 118 but max is 0
[  387.526274][ T5955] usb 5-1: config 4 has no interface number 0
[  387.557222][ T5928] msi2500 1-1:0.142: Failed to register as video device (-23)
[  387.565208][ T5955] usb 5-1: config 4 interface 118 altsetting 5 bulk endpoint 0x4 has invalid maxpacket 64
[  387.606048][ T5928] msi2500 1-1:0.142: probe with driver msi2500 failed with error -23
[  387.632399][ T5955] usb 5-1: config 4 interface 118 has no altsetting 0
[  387.681956][ T5955] usb 5-1: New USB device found, idVendor=0bfd, idProduct=0005, bcdDevice=d2.65
[  387.844110][ T5928] usb 1-1: USB disconnect, device number 42
[  387.898335][ T9594] netlink: 'syz.0.982': attribute type 1 has an invalid length.
[  387.917338][ T5955] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  387.964376][ T5955] usb 5-1: Product: syz
[  387.996258][ T5955] usb 5-1: Manufacturer: syz
[  388.002013][ T9598] FAULT_INJECTION: forcing a failure.
[  388.002013][ T9598] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  388.025361][ T5955] usb 5-1: SerialNumber: syz
[  388.086843][ T9598] CPU: 0 UID: 0 PID: 9598 Comm: syz.0.982 Not tainted syzkaller #0 PREEMPT(full) 
[  388.086869][ T9598] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  388.086879][ T9598] Call Trace:
[  388.086888][ T9598]  <TASK>
[  388.086896][ T9598]  dump_stack_lvl+0x189/0x250
[  388.086920][ T9598]  ? __pfx____ratelimit+0x10/0x10
[  388.086939][ T9598]  ? __pfx_dump_stack_lvl+0x10/0x10
[  388.086958][ T9598]  ? __pfx__printk+0x10/0x10
[  388.086980][ T9598]  ? __might_fault+0xb0/0x130
[  388.087012][ T9598]  should_fail_ex+0x414/0x560
[  388.087041][ T9598]  _copy_from_user+0x2d/0xb0
[  388.087064][ T9598]  get_compat_msghdr+0xad/0x4a0
[  388.087089][ T9598]  ? __pfx_get_compat_msghdr+0x10/0x10
[  388.087121][ T9598]  ___sys_sendmsg+0x193/0x2a0
[  388.087145][ T9598]  ? __pfx____sys_sendmsg+0x10/0x10
[  388.087201][ T9598]  ? __fget_files+0x2a/0x420
[  388.087216][ T9598]  ? __fget_files+0x3a0/0x420
[  388.087241][ T9598]  __sys_sendmsg+0x164/0x220
[  388.087264][ T9598]  ? __pfx___sys_sendmsg+0x10/0x10
[  388.087300][ T9598]  ? lockdep_hardirqs_on+0x9c/0x150
[  388.087322][ T9598]  __do_fast_syscall_32+0xb6/0x2b0
[  388.087342][ T9598]  ? lockdep_hardirqs_on+0x9c/0x150
[  388.087362][ T9598]  do_fast_syscall_32+0x34/0x80
[  388.087381][ T9598]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  388.087400][ T9598] RIP: 0023:0xf705e539
[  388.087415][ T9598] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  388.087430][ T9598] RSP: 002b:00000000f542d55c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  388.087448][ T9598] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000280
[  388.087459][ T9598] RDX: 0000000000008000 RSI: 0000000000000000 RDI: 0000000000000000
[  388.087468][ T9598] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  388.087478][ T9598] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  388.087488][ T9598] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  388.087514][ T9598]  </TASK>
[  388.511359][ T9586] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  388.561887][ T5921] dvb-usb: found a 'Artec T14 - USB2.0 DVB-T' in warm state.
[  388.570662][ T5921] dvb-usb: bulk message failed: -71 (3/0)
[  388.588416][ T5921] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  388.590727][ T5955] kvaser_usb 5-1:4.118: error -ENODEV: Cannot get usb endpoint(s)
[  388.701253][ T5921] dvbdev: DVB: registering new adapter (Artec T14 - USB2.0 DVB-T)
[  388.736353][ T5950] usb 4-1: new high-speed USB device number 44 using dummy_hcd
[  388.760197][ T5921] usb 2-1: media controller created
[  388.793392][ T5921] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  388.900146][ T5950] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  388.954092][ T5950] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  388.969661][ T5950] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0
[  388.979768][ T5950] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  389.035347][ T5950] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  389.206987][ T5921] dvb-usb: bulk message failed: -71 (6/0)
[  389.219859][ T5921] dvb-usb: bulk message failed: -71 (6/0)
[  389.225930][ T5921] dvb-usb: no frontend was attached by 'Artec T14 - USB2.0 DVB-T'
[  389.315830][ T5950] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[  389.429752][ T5921] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.1/usb2/2-1/input/input42
[  389.614929][ T9604] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  389.625860][ T9604] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  389.661737][ T5955] usb 5-1: USB disconnect, device number 37
[  389.711862][ T5921] dvb-usb: schedule remote query interval to 150 msecs.
[  389.741425][ T5921] dvb-usb: Artec T14 - USB2.0 DVB-T successfully initialized and connected.
[  389.875744][   T30] kauditd_printk_skb: 22 callbacks suppressed
[  389.875763][   T30] audit: type=1326 audit(1757561000.274:344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9599 comm="syz.3.984" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e539 code=0x7ffc0000
[  389.908310][   T24] dvb-usb: bulk message failed: -71 (1/0)
[  389.919796][   T24] dvb-usb: error while querying for an remote control event.
[  389.930564][ T5921] usb 2-1: USB disconnect, device number 32
[  389.985693][   T30] audit: type=1326 audit(1757561000.274:345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9599 comm="syz.3.984" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e539 code=0x7ffc0000
[  390.053816][ T8142] udevd[8142]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  390.060185][   T30] audit: type=1326 audit(1757561000.274:346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9599 comm="syz.3.984" exe="/root/syz-executor" sig=0 arch=40000003 syscall=327 compat=1 ip=0xf703e539 code=0x7ffc0000
[  390.115931][ T5950] snd-usb-audio 4-1:27.0: probe with driver snd-usb-audio failed with error -12
[  390.177322][   T30] audit: type=1326 audit(1757561000.274:347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9599 comm="syz.3.984" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e539 code=0x7ffc0000
[  390.242214][ T5921] dvb-usb: Artec T14 - USB2.0 DVB-T successfully deinitialized and disconnected.
[  390.319522][   T30] audit: type=1326 audit(1757561000.274:348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9599 comm="syz.3.984" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e539 code=0x7ffc0000
[  390.409657][   T30] audit: type=1326 audit(1757561000.274:349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9599 comm="syz.3.984" exe="/root/syz-executor" sig=0 arch=40000003 syscall=439 compat=1 ip=0xf703e539 code=0x7ffc0000
[  390.474242][ T9625] syzkaller1: entered promiscuous mode
[  390.480155][ T9625] syzkaller1: entered allmulticast mode
[  390.565690][   T30] audit: type=1326 audit(1757561000.274:350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9599 comm="syz.3.984" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e539 code=0x7ffc0000
[  390.679669][ T9631] BUG: kernel NULL pointer dereference, address: 0000000000000000
[  390.687487][ T9631] #PF: supervisor instruction fetch in kernel mode
[  390.693970][ T9631] #PF: error_code(0x0010) - not-present page
[  390.699930][ T9631] PGD 800000007f36e067 P4D 800000007f36e067 PUD 6457b067 PMD 0 
[  390.707684][ T9631] Oops: Oops: 0010 [#1] SMP KASAN PTI
[  390.713048][ T9631] CPU: 0 UID: 0 PID: 9631 Comm: syz.4.989 Not tainted syzkaller #0 PREEMPT(full) 
[  390.722226][ T9631] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  390.732268][ T9631] RIP: 0010:0x0
[  390.735759][ T9631] Code: Unable to access opcode bytes at 0xffffffffffffffd6.
[  390.743150][ T9631] RSP: 0018:ffffc9000e80f818 EFLAGS: 00010283
[  390.749208][ T9631] RAX: ffffffff81f75d74 RBX: 1ffffd40003960b0 RCX: 0000000000080000
[  390.757171][ T9631] RDX: ffffc9000c131000 RSI: ffffea0001cb0580 RDI: ffff8880245028c0
[  390.765129][ T9631] RBP: ffffc9000e80f8d0 R08: ffffea0001cb0587 R09: 1ffffd40003960b0
[  390.773087][ T9631] R10: dffffc0000000000 R11: 0000000000000000 R12: 0000000000000000
[  390.781045][ T9631] R13: ffffea0001cb0588 R14: ffffea0001cb0580 R15: 1ffffd40003960b1
[  390.789021][ T9631] FS:  0000000000000000(0000) GS:ffff888125c15000(0063) knlGS:00000000f5466b40
[  390.797963][ T9631] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  390.804533][ T9631] CR2: ffffffffffffffd6 CR3: 00000000245dc000 CR4: 00000000003526f0
[  390.812507][ T9631] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  390.820480][ T9631] DR3: 000000000000000e DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  390.828477][ T9631] Call Trace:
[  390.831742][ T9631]  <TASK>
[  390.834680][ T9631]  filemap_read_folio+0x117/0x380
[  390.839713][ T9631]  ? __pfx_filemap_read_folio+0x10/0x10
[  390.845272][ T9631]  ? filemap_add_folio+0x1af/0x270
[  390.850385][ T9631]  do_read_cache_folio+0x350/0x590
[  390.855563][ T9631]  freader_get_folio+0x3c4/0x830
[  390.860493][ T9631]  freader_fetch+0xa3/0x5d0
[  390.864990][ T9631]  __build_id_parse+0x133/0x7d0
[  390.869835][ T9631]  ? __pfx___build_id_parse+0x10/0x10
[  390.875196][ T9631]  ? find_vma+0xe7/0x160
[  390.879432][ T9631]  ? __pfx_find_vma+0x10/0x10
[  390.884115][ T9631]  ? query_matching_vma+0x1b2/0x1d0
[  390.889308][ T9631]  procfs_procmap_ioctl+0x7f0/0xce0
[  390.894497][ T9631]  ? __lock_acquire+0xab9/0xd20
[  390.899344][ T9631]  ? __pfx_procfs_procmap_ioctl+0x10/0x10
[  390.905057][ T9631]  ? __fget_files+0x2a/0x420
[  390.909680][ T9631]  ? __fget_files+0x2a/0x420
[  390.914263][ T9631]  ? bpf_lsm_file_ioctl_compat+0x9/0x20
[  390.919802][ T9631]  __ia32_compat_sys_ioctl+0x540/0x840
[  390.925265][ T9631]  ? __pfx___ia32_compat_sys_ioctl+0x10/0x10
[  390.931238][ T9631]  ? __se_sys_futex_time32+0x360/0x3e0
[  390.936696][ T9631]  ? lockdep_hardirqs_on+0x9c/0x150
[  390.941888][ T9631]  __do_fast_syscall_32+0xb6/0x2b0
[  390.946988][ T9631]  ? lockdep_hardirqs_on+0x9c/0x150
[  390.952169][ T9631]  do_fast_syscall_32+0x34/0x80
[  390.957002][ T9631]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  390.963401][ T9631] RIP: 0023:0xf7f67539
[  390.967453][ T9631] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  390.987056][ T9631] RSP: 002b:00000000f546655c EFLAGS: 00000206 ORIG_RAX: 0000000000000036
[  390.995464][ T9631] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000c0686611
[  391.003426][ T9631] RDX: 0000000080000180 RSI: 0000000000000000 RDI: 0000000000000000
[  391.011382][ T9631] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  391.019337][ T9631] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  391.027301][ T9631] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  391.035261][ T9631]  </TASK>
[  391.038271][ T9631] Modules linked in:
[  391.042162][ T9631] CR2: 0000000000000000
[  391.046305][ T9631] ---[ end trace 0000000000000000 ]---
[  391.051754][ T9631] RIP: 0010:0x0
[  391.055201][ T9631] Code: Unable to access opcode bytes at 0xffffffffffffffd6.
[  391.062599][ T9631] RSP: 0018:ffffc9000e80f818 EFLAGS: 00010283
[  391.068657][ T9631] RAX: ffffffff81f75d74 RBX: 1ffffd40003960b0 RCX: 0000000000080000
[  391.076614][ T9631] RDX: ffffc9000c131000 RSI: ffffea0001cb0580 RDI: ffff8880245028c0
[  391.084591][ T9631] RBP: ffffc9000e80f8d0 R08: ffffea0001cb0587 R09: 1ffffd40003960b0
[  391.092560][ T9631] R10: dffffc0000000000 R11: 0000000000000000 R12: 0000000000000000
[  391.100520][ T9631] R13: ffffea0001cb0588 R14: ffffea0001cb0580 R15: 1ffffd40003960b1
[  391.108480][ T9631] FS:  0000000000000000(0000) GS:ffff888125c15000(0063) knlGS:00000000f5466b40
[  391.117399][ T9631] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  391.123969][ T9631] CR2: ffffffffffffffd6 CR3: 00000000245dc000 CR4: 00000000003526f0
[  391.131928][ T9631] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  391.139922][ T9631] DR3: 000000000000000e DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  391.148056][ T9631] Kernel panic - not syncing: Fatal exception
[  391.154548][ T9631] Kernel Offset: disabled
[  391.158861][ T9631] Rebooting in 86400 seconds..