last executing test programs:

2m50.259072582s ago: executing program 3 (id=952):
socket$nl_route(0x10, 0x3, 0x0)
readv(0xffffffffffffffff, &(0x7f0000000700)=[{&(0x7f0000000000)=""/53, 0x35}, {&(0x7f0000000140)=""/213, 0xd5}, {&(0x7f00000002c0)=""/154, 0x9a}, {&(0x7f0000000380)=""/81, 0x51}, {&(0x7f0000000040)=""/19, 0x13}, {&(0x7f0000000400)=""/158, 0x9e}, {&(0x7f00000004c0)=""/130, 0x82}, {&(0x7f0000000580)=""/163, 0xa3}, {&(0x7f0000000640)=""/144, 0x90}], 0x9)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
ioctl$sock_inet_SIOCGIFNETMASK(0xffffffffffffffff, 0x891b, &(0x7f0000000880)={'bond_slave_0\x00', {0x2, 0x0, @dev}})
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$qrtr(0x2a, 0x2, 0x0)
sendto(r3, 0x0, 0x0, 0x0, &(0x7f0000000000)=@qipcrtr, 0x1)

2m49.723643742s ago: executing program 3 (id=954):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f00000000c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x7}}, './file0\x00'})
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000cf7b6c4ba9bec153d6834bfef080df374703a8ff56a63ec1fe5f2e05a79e3cace7283dd68d41e94420c325fe4dae144fde5ec25a87d625cab20753a77b323fa3783c8b675859b9012647885a242adfee2fe812ecbe5191e0a15142f7349e7627cc39d724e2e34e7a24154f26ae3125b36d0504965295d0453902ac7079b11a3a1e655e482331e3dc35b2e7e4e3ea99064fe5b9c8ae0ca3e5fd653f3286a99d81ce4eba765c38d097391ad4babac38ce5b4344e24a361cd54e5"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x2a, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r0}, 0x18)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6(0xa, 0x2, 0x0)
openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f00000001c0), 0x301440, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)

2m47.739914447s ago: executing program 3 (id=960):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a3000000000090003007379"], 0x7c}}, 0x0)
r1 = socket$kcm(0x29, 0x2, 0x0)
r2 = syz_open_dev$usbfs(&(0x7f0000000080), 0x76, 0x109301)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r2, 0x8108551b, &(0x7f0000002600)={0x0, 0x0, "5a77bd318786aeb879ca62cdab2a02fa560186d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f68530c2b21a100efb76cba37ff3111d6847e0c7f719e169a596e5fc008daefba68f6222103472bc55704cdb72b4b996ed82ccb1eaae27969d008ba7d34171113d806726615380fe65a6a0a72e19c2b60bd6276fd8bb6363d10f70da60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13e4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe3635b2ee97c143f28def4b73905ca14d90d1f6"})
sendmsg$kcm(r1, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x40)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={0xffffffffffffffff, 0x20e, 0x126, 0x0, &(0x7f00000004c0)="b9180bb7600a070c009e40f086dd1fff310005e03300ff010010ac14142ee0080001c699da153f0ae0e6e380f60115f683317585d7473be0ab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b333c20c9ec0c222d644bdcb178c1cc53d6960fbb842d6a33dfcde3a1e1848135214baf139753866cadcbe3ce52505e992818cc452bee339d9ab076f484020eaa348a21d7911e4c44905256ec2cc54cca47a198b00c10aff62a4bed43a2ebcad92743fb22c593f28fd4bb7c703cde9cae0569d4c8d9a823f2c12863f7a6c0cf88ed22aae4f6f084508833b61429a25773eedf63dd9f33d430f2a0a30a7761db16fe0f743b95ded898c28aac1256ce2751b3d738899b8b19d9052b7f13ff94", 0x0, 0x31, 0x6000000000000000, 0x8d, 0x0, &(0x7f00000003c0)="10b8ea71af8d3600eb1bbd4112e8e85d16222b5c75017982b805300bcdabf4a617faf3dd64d49b9e1bf697a77dea39a6a30e4957f7a0c13f8c04fcbb32f0b4385fa187af901ae5bba07c2d01037c6040de87ccd75a624fe6b7dfaa7c841eccc596740ca4642e12618b4dbc3fa87f5490bc8bbab4d0ec318128b5871533efbbc743c61cb53521ea3b2db9fd40a9"}, 0x50)
r4 = syz_genetlink_get_family_id$nl802154(&(0x7f00000017c0), 0xffffffffffffffff)
r5 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000000c0), r3)
sendmsg$NLBL_MGMT_C_REMOVE(r3, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x40, r5, 0x100, 0x70bd25, 0x25dfdbfb, {}, [@NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x21}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x1a}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @empty}]}, 0x40}, 0x1, 0x0, 0x0, 0x10}, 0x40080)
sendmsg$NL802154_CMD_GET_SEC_KEY(r3, &(0x7f00000018c0)={0x0, 0x0, &(0x7f0000001880)={&(0x7f0000001840)={0x1c, r4, 0x1382445e2e1cd3af, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8}]}, 0x1c}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket$netlink(0x10, 0x3, 0x10)
sendmsg$rds(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000540)}, 0x0)
bind$netlink(r6, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r6, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r6, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
recvmmsg(r7, &(0x7f0000000080)=[{{0x0, 0x0, 0x0}}], 0x40000000000012d, 0x2, 0x0)
bind$inet(r7, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
setsockopt$sock_int(r7, 0x1, 0x1d, &(0x7f00000001c0)=0x8001, 0x4)
syz_emit_ethernet(0x32, &(0x7f00000002c0)={@broadcast, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x10, 0x0, @gue={{0x2}}}}}}}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), r6)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f0000000cc0)={'wlan0\x00'})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_NEW_INTERFACE(r9, 0x0, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)

2m47.058929393s ago: executing program 3 (id=964):
socket$nl_route(0x10, 0x3, 0x0)
readv(0xffffffffffffffff, &(0x7f0000000700)=[{&(0x7f0000000000)=""/53, 0x35}, {&(0x7f0000000140)=""/213, 0xd5}, {&(0x7f00000002c0)=""/154, 0x9a}, {&(0x7f0000000380)=""/81, 0x51}, {&(0x7f0000000040)=""/19, 0x13}, {&(0x7f0000000400)=""/158, 0x9e}, {&(0x7f00000004c0)=""/130, 0x82}, {&(0x7f0000000580)=""/163, 0xa3}, {&(0x7f0000000640)=""/144, 0x90}], 0x9)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
ioctl$sock_inet_SIOCGIFNETMASK(0xffffffffffffffff, 0x891b, &(0x7f0000000880)={'bond_slave_0\x00', {0x2, 0x0, @dev}})
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$qrtr(0x2a, 0x2, 0x0)
sendto(r2, 0x0, 0x0, 0x0, &(0x7f0000000000)=@qipcrtr, 0x1)

2m45.210628787s ago: executing program 3 (id=970):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f00000000c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x7}}, './file0\x00'})
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000cf7b6c4ba9bec153d6834bfef080df374703a8ff56a63ec1fe5f2e05a79e3cace7283dd68d41e94420c325fe4dae144fde5ec25a87d625cab20753a77b323fa3783c8b675859b9012647885a242adfee2fe812ecbe5191e0a15142f7349e7627cc39d724e2e34e7a24154f26ae3125b36d0504965295d0453902ac7079b11a3a1e655e482331e3dc35b2e7e4e3ea99064fe5b9c8ae0ca3e5fd653f3286a99d81ce4eba765c38d097391ad4babac38ce5b4344e24a361cd54e5"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x2a, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r0}, 0x18)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6(0xa, 0x2, 0x0)
openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f00000001c0), 0x301440, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)

2m44.111574943s ago: executing program 3 (id=975):
r0 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0)
ioctl$NBD_SET_SIZE_BLOCKS(r0, 0xab07, 0xb)
r1 = syz_open_dev$ndb(&(0x7f00000001c0), 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff})
ioctl$NBD_SET_SOCK(r1, 0xab00, r2)
ioctl$NBD_DO_IT(r1, 0xab03)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x442, 0x0)
pipe2(&(0x7f0000000000)={0x0, <r4=>0x0}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
splice(r3, &(0x7f0000000200), r4, 0x0, 0x808, 0x0)
r5 = syz_open_dev$radio(&(0x7f00000003c0), 0x2, 0x2)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x0, 0x50071, 0xffffffffffffffff, 0x0)
read(r5, &(0x7f0000001e80)=""/96, 0x60)
pread64(r1, &(0x7f0000000240)=""/70, 0x46, 0x52c)

2m28.806295889s ago: executing program 32 (id=975):
r0 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0)
ioctl$NBD_SET_SIZE_BLOCKS(r0, 0xab07, 0xb)
r1 = syz_open_dev$ndb(&(0x7f00000001c0), 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff})
ioctl$NBD_SET_SOCK(r1, 0xab00, r2)
ioctl$NBD_DO_IT(r1, 0xab03)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x442, 0x0)
pipe2(&(0x7f0000000000)={0x0, <r4=>0x0}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
splice(r3, &(0x7f0000000200), r4, 0x0, 0x808, 0x0)
r5 = syz_open_dev$radio(&(0x7f00000003c0), 0x2, 0x2)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x0, 0x50071, 0xffffffffffffffff, 0x0)
read(r5, &(0x7f0000001e80)=""/96, 0x60)
pread64(r1, &(0x7f0000000240)=""/70, 0x46, 0x52c)

9.031284702s ago: executing program 5 (id=1479):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='devpts\x00', 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r0 = socket(0x28, 0x5, 0x0)
r1 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, 0x0, 0x0, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index, 0x0, 0x0})
syz_open_dev$tty1(0xc, 0x4, 0x1)
r5 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/oss_mixer\x00', 0x2002, 0x0)
write$proc_mixer(r5, &(0x7f0000000100)=ANY=[@ANYBLOB='VOLUME\nSYNTH \'Synth Capture\' 0'], 0x32)
r6 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card0/oss_mixer\x00', 0x280, 0x0)
dup3(r6, r5, 0x0)
ioctl$VHOST_SET_OWNER(r1, 0xaf01, 0x0)
r7 = eventfd(0xfffffff8)
ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000040)={0x1, r7})
ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000080)={0x1, r7})
setsockopt$sock_int(r0, 0x1, 0x2e, &(0x7f0000000040)=0x3, 0x4)
r8 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r8, 0x1, r0, &(0x7f0000000000))

8.782464911s ago: executing program 1 (id=1482):
socket$inet(0x2, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_buf(r0, 0x29, 0x20, &(0x7f00000000c0)="0bbb268dd6ffa80800000000000000000000210d0000aaa8fa017242ba9380d440fe0000000000002900000010000000", 0xfe60)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x7, &(0x7f0000000440)=ANY=[@ANYRES64=r0, @ANYRES32, @ANYBLOB="0000000000000000d2724000100000009500000000000000"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00'}, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
recvmmsg(r1, &(0x7f00000049c0)=[{{&(0x7f0000000800)=@pptp, 0x80, &(0x7f0000000b00)=[{&(0x7f0000000e40)=""/4096, 0x1000}, {&(0x7f0000000880)=""/249, 0xf9}, {&(0x7f00000003c0)=""/31, 0xffffffffffffff46}, {&(0x7f0000000980)=""/69, 0x45}, {&(0x7f0000004280)=""/103, 0x58}, {&(0x7f0000000a80)=""/89, 0x59}], 0x6, &(0x7f0000000b80)=""/98, 0x62}, 0x8000000}, {{&(0x7f0000000c00)=@generic, 0x80, &(0x7f0000004200)=[{&(0x7f0000004300)=""/246, 0xfb}, {&(0x7f0000001e40)=""/248, 0xf8}, {&(0x7f0000001f40)=""/222, 0xde}, {&(0x7f0000002100)=""/4096, 0x1000}, {&(0x7f0000000d80)=""/60, 0x3c}, {&(0x7f0000002040)=""/7, 0x7}, {&(0x7f0000003100)=""/221, 0xdd}, {&(0x7f0000003200)=""/4096, 0x1000}], 0x8}, 0x7}, {{&(0x7f0000000240)=@l2tp={0x2, 0x0, @empty}, 0x0, &(0x7f0000004880)=[{&(0x7f0000004400)=""/65}, {&(0x7f0000004480)=""/140}, {&(0x7f0000004540)=""/196}, {&(0x7f0000004640)=""/217}, {&(0x7f0000004740)=""/103}, {&(0x7f0000000480)=""/57}, {&(0x7f00000047c0)=""/161}], 0x0, &(0x7f0000004a80)=""/196}, 0xd}], 0x2, 0x2, 0x0)
r2 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendmmsg$inet(r2, &(0x7f00000020c0)=[{{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f00000004c0)='\f', 0x1}], 0x1}}], 0xfdef, 0x0)

8.329666137s ago: executing program 1 (id=1486):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
getpid()
mkdirat(0xffffffffffffff9c, 0x0, 0x2)
r0 = socket$alg(0x26, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
syz_open_procfs(0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bind$alg(r0, &(0x7f0000000040)={0x26, 'hash\x00', 0x0, 0x0, 'sha256-generic\x00'}, 0x58)
r4 = socket$phonet_pipe(0x23, 0x5, 0x2)
setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, &(0x7f0000000300)='ipvlan1\x00', 0x10)
connect$phonet_pipe(r4, 0x0, 0x0)
ioctl$SIOCPNENABLEPIPE(r4, 0x89ed, 0x500)
r5 = openat$procfs(0xffffff9c, &(0x7f00000000c0)='/proc/schedstat\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r5, 0x0, 0x360)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bind$netlink(0xffffffffffffffff, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000010000000900010073797a31000000003c000000030a010200000004e8191e00010000000900030073797a3200000000140004800800024000000001080001400000000508000540ffffffff30000000050a01020000000000000000010000000c00024000000000000000010900010073797a31000000000400048014003f1c47ccbad20000110001000000000000000d832083464677c127373706b721374b6e0a0b2f9774c855edbc5204740df7051597918401dc6b5eaa039e903f750c8d911cf9ea97114b63fb755b93df192e0a106a92e3f981a36946a231ab6fd4a5080f8ba29b37ad10ed4b37821b1694f0939d10aab7e2a0c5f8da7059d7007d4a23ea15c625f6"], 0xb4}, 0x1, 0x0, 0x0, 0x4f1813dbda3f5ec0}, 0x0)

8.049358852s ago: executing program 5 (id=1488):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000140), 0x2, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x3d70000000, &(0x7f0000ffe000/0x2000)=nil})
ioctl$KVM_CLEAR_DIRTY_LOG(r1, 0xc018aec0, &(0x7f0000000140)={0x0, 0x1c0, 0x3c0, 0x0}) (fail_nth: 2)

7.171711103s ago: executing program 1 (id=1489):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000140), 0x2, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x3d70000000, &(0x7f0000ffe000/0x2000)=nil})
ioctl$KVM_CLEAR_DIRTY_LOG(r1, 0xc018aec0, &(0x7f0000000140)={0x0, 0x1c0, 0x3c0, 0x0})

6.707921745s ago: executing program 5 (id=1491):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000240)={0x0, <r1=>0x0}, &(0x7f0000000280)=0x5)
setreuid(0x0, r1)
quotactl_fd$Q_SETQUOTA(r0, 0xffffffff80000800, r1, &(0x7f0000000680)={0x7, 0xfff, 0xd, 0x9, 0x6, 0x0, 0xfff, 0x8000})
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)="6bdfd5cac2e634200080458a954dddc8ad0b0c92e535ad114e10284cbec1931a1343c1d7fcfac6e54d42f123c4b3e3a79675919229be1e2e79c536e28ff1b15288a0d1b0d7f95826", &(0x7f0000000180), 0xffffffff, 0x1}, 0x38)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r3, 0x0, 0x20048085)
r4 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r5 = fcntl$dupfd(r4, 0x0, r4)
openat$sw_sync_info(0xffffffffffffff9c, &(0x7f0000000100), 0x20002, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0xe, 0x16, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000f7ffffff00005206a52fc66119890000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000085100000050000001831000002000000000000000000000018250000", @ANYRES32=r5, @ANYBLOB="00000000e85b0000180000000b00000000000000feffffffbf91000000000000b7020000000000008500000085000000b700000000000000950000000000"], &(0x7f0000000480)='GPL\x00', 0x4, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @sk_skb=0x5, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r5, 0x1, &(0x7f0000000540)=[0xffffffffffffffff], &(0x7f0000000580)=[{0x0, 0x1, 0x0, 0x1}], 0x10, 0xeb, @void, @value}, 0x94)
write$sndseq(r5, &(0x7f0000000180)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @quote}], 0x38)
write$sndseq(r5, &(0x7f0000000200)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32={[0x2]}}, {0x0, 0x0, 0x0, 0x0, @tick=0x2fe, {0x8}, {}, @ext={0x0, 0x0}}, {0x0, 0x0, 0x0, 0x0, @time={0x0, 0xffffffff}, {}, {}, @control}, {0x0, 0x0, 0x63, 0x0, @tick, {}, {}, @control}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @quote={{0x0, 0xfc}}}, {0x0, 0x0, 0x0, 0x0, @time, {0x76}, {}, @raw8={"448cc880fe353ca0f2c2e953"}}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @connect}], 0xc4)
r6 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x6, 0x10, &(0x7f0000000140)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r7}}, {}, [@call={0x85, 0x0, 0x0, 0x23}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r8, 0xfca804a0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
dup(r6)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000002fc0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000007c0)=ANY=[], 0x24}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
r9 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x1)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r9, 0xc08c5332, &(0x7f0000000300)={0x0, 0x0, 0x0, 'queue1\x00'})
write$sndseq(r9, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8)

5.977454206s ago: executing program 5 (id=1492):
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000000)=ANY=[@ANYBLOB="1900000000000000010000400100000000000000c700000005000000e00000000300000000000000000000000000000001"]) (fail_nth: 2)

5.871956772s ago: executing program 0 (id=1493):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r0, &(0x7f0000000400)={0xa, 0x4e23, 0x0, @loopback, 0x5}, 0x1c)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000001cc0)={0x26, 'hash\x00', 0x0, 0x0, 'blake2b-384\x00'}, 0x58)
accept4(r2, 0x0, 0x0, 0x0)
ioctl$sock_SIOCINQ(r1, 0x541b, &(0x7f0000000000))
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000016000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, 0x0}], 0x1, 0x0, &(0x7f0000000180)=[@cr4={0x1, 0x40002}], 0x1)
openat$udambuf(0xffffffffffffff9c, 0x0, 0x2)
memfd_create(&(0x7f0000000340)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xd9\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00', 0x0)
ioctl$UDMABUF_CREATE(0xffffffffffffffff, 0x40187542, 0x0)
pipe2(&(0x7f0000000040), 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000e80)={0x44, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_FRAME={0x25, 0x33, @action={{{}, {}, @device_b}, @addba_resp={0x3, 0x1, {0x6, 0x0, {0x1}}}}}]}, 0x44}}, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000008000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000240)="0f0d51f40f01d10fc75800f30fc73600102e0f71e100b800008ec0640f017400aa66b9e408000066b81f6269e766ba000000000f309c0c0cb8d09bbc8966efbafc0cedba4300ba210066ed3626f00fc70d", 0x51}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
sendto$inet6(r0, &(0x7f0000000500)='X', 0x1, 0x8000, &(0x7f000005ffe4)={0xa, 0x4e23, 0x3, @loopback}, 0x1c)

5.808196728s ago: executing program 1 (id=1494):
clock_getres(0x9, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r0 = socket$inet6(0xa, 0x2, 0x3a)
sendmmsg$inet6(r0, &(0x7f0000000800)=[{{&(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x80000006}, 0x1c, &(0x7f0000000b40)=[{&(0x7f0000000100)="8000102e7577d401", 0x8}], 0x1, &(0x7f00000003c0)=ANY=[@ANYRESHEX=r0], 0x30}}], 0x1, 0x0)
setxattr$system_posix_acl(&(0x7f0000000340)='./cgroup\x00', &(0x7f0000000380)='system.posix_acl_access\x00', 0x0, 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r2 = io_uring_setup(0x4bee, &(0x7f0000000040))
close(r2)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000029000)={<r3=>0xffffffffffffffff})
ioctl$int_in(r3, 0x5452, &(0x7f0000b28000)=0x3e)
write$binfmt_misc(r3, &(0x7f0000000140), 0xfffffecc)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500))
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
preadv2(r1, &(0x7f0000000340)=[{&(0x7f0000000100)=""/65, 0x41}], 0x1, 0x0, 0x0, 0x0)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000bdb000/0x3000)=nil, 0x3000, &(0x7f0000000040)='&\x00')
listen(0xffffffffffffffff, 0x0)
syz_usb_connect(0x2, 0x36, &(0x7f0000000100)={{0x12, 0x1, 0x250, 0x18, 0x3b, 0x92, 0x20, 0x13b1, 0x42, 0x5816, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0xfd, 0xa, 0xc0, 0x5, [{{0x9, 0x4, 0xca, 0x0, 0x2, 0x7a, 0x8b, 0xb5, 0x4, [], [{{0x9, 0x5, 0x5, 0x10, 0x20, 0x1, 0xb7, 0x4}}, {{0x9, 0x5, 0xf, 0x10, 0x10, 0x6, 0x7b, 0x8}}]}}]}}]}}, &(0x7f0000001400)={0x0, 0x0, 0x0, 0x0})
syz_clone(0x200000, 0x0, 0x0, 0x0, 0x0, 0x0)
r5 = getpid()
r6 = socket$inet6_udplite(0xa, 0x2, 0x88)
connect$inet6(r6, &(0x7f0000000000)={0xa, 0x14, 0x0, @loopback, 0x8000000}, 0x1c)
write$P9_RGETLOCK(r6, &(0x7f0000000040)={0x21, 0x37, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3, '%+('}}, 0xe6da)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x6)
fcntl$setown(r0, 0x8, r5)
r7 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/seq/clients\x00', 0x0, 0x0)
syz_init_net_socket$ax25(0x3, 0x3, 0xf0)
getsockname$ax25(r7, &(0x7f00000001c0)={{}, [@netrom, @bcast, @netrom, @default, @netrom, @null, @bcast, @null]}, &(0x7f0000000080)=0x48)

5.663406586s ago: executing program 5 (id=1495):
socket$nl_route(0x10, 0x3, 0x0)
getpid()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
ioctl$PPPIOCSFLAGS(0xffffffffffffffff, 0x40047459, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r2}, 0x18)
write$P9_RSTATu(0xffffffffffffffff, &(0x7f0000000c00)=ANY=[@ANYBLOB="0d0500007d00000005f7010000000000000000000000000000000000000000000000000000000000000000000000000000000f01046e6f645a3dbf6460d2c297442c0237fc6225ffffff8005000000000000ff03ff92e91600050000002c93cb3db6c231d119aaa16f75c58fa6889ff3c8f7abc61b59a1d26f0c4af8e293d3f86ccdc66ff57be90000000000000003d5892d8efebb9e05ac0a6bc529607ac68a3813afe79e85636afd6c5d15b2aebbb7ee3b1eae8a7fbe2e85887314cbecf0a1a512347a8c15b320d1e1c010557aaa77165e51603230385e7c270100ac42330044a9083de5bed8e0bd28682294f638c38e25756ab0b07f65dbd624ee955f7da78ee19649373f30e3f7b964f0a266c3ac9e507753a3c403c87bf14a7687259168b45bbd7a1fd8600ea12e00dbfe4c1afeeaaf9d7bb4a75a1c821893f7f47c3c50718cc32b007002007dfa673effeb09b5351f5bde0540000000595fcb14034354b9fd9ef196a51cd5157adc8106b494e13500cf60372d61cceab8c886b22f1dfacb468df9b87bfc012796093f68305c4d2220837e0108e2e748501c51484ba02f109caaf91509a25508f8f669fb716bcf315ecaf385409ac65b9408678c2c3b9e1d52c36cde7ba4a400b4b0b4f174a666a8529a451b3407dbdab2884baf050000000000000047ec21cabff20f9c1cbe36f4fd1a4cdb80e8d407000000370001036f6465762f6eb17b2300f9daa5ee23266ecf85fea65e42d979a3fde5f475daf03b1172d97badc7095afd76fe4f0c41f7f7741eac030000ecff0000dba0c2f7f09ff53c7e4d1ad66e2d070198019f30118447aa75f8246bcc42eaa8c631c0c500959a74f51685f506ae894806878267d5a1298d792c4a37f2e1cbbd2482929a0d8972b5cf732ea5b0d7238593aed3b42ee7cac07de09d1d68a60333a882467d2b31aafb56c57d7dc626e4390796a1eb48274669ab13f8b11d146059f310e2634d593fec65d529f382066664c0fb4e4c90570a70049f399f061f75b7797ce1fe11ea919609d51a41dd3de304bd7c7ed0a456f0ae122e6105c9ce887df5a6e0b6a77d596cf88ba6e5c6397c7d5021d7989528fd1739e1c2d87fc200000030e4ee2bfc7f8050851143e5161acd47150acbaf743822dfe203b108d37e914dc1e53e234c509eca4107a1712caa9da53d051c36884c79182661f3ca36bcdbfbbd267109f8319d8dd5c07099eb1b11030655f562694f61743d19421b4a19ef8b8b4ce9c993c7d6cb300c4e657a4e50a35b5cc16b8c161a8e3df9036bbcf28adcd19a6c4c291709aee5ab3e5bc5ae29f475e4d24408b5167d0faf5fc1566b705c8b60afa8aca42f7e0469188a0ef062ca18e38f9ee10ac77d2b7eb9d60ea79fdb556411485b1b13dbb8a2a6622ebcf84c696fa4da21bad2320d0d68e9bf4346f0686119a39e400395c8f2825ea069ae0e143bd1a44179ed6c54702c5e9a19cc7ffa500fa41b6c8049bde45827d54ec901d27ad125056889b3336b3f06838c5b667ae22efe3bc15b825f7fbce48027281cf9fe8fc21fc77c243de26705310eb81cf74de0293192a13f6ad057de61fd8aba8ef4439bc06a45b2b03162515a23433afeb52aedb5ab6f334653380515f779f35dc8a78c37772492a2284c21d21356d473f00f85137c7bf0636f757d3528869b3f007735cff85c9d978bf55dcc26d62d25e308f08827a91ff47bec92f8e91e7908665400aa4e39b35986239d5c7b9492c5bb26bc55b55b49ed70486e6e7da38c208450f9f79e1b410000000000000000000000000020fba309a6c4f2bb6d44bb8cabfaee45f9bb2262b60a96f1", @ANYRES32, @ANYRES32=0xee01, @ANYRES32=0x0], 0x50d)
quotactl_fd$Q_SYNC(0xffffffffffffffff, 0xffffffff80000102, 0x0, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000040)='maps\x00')
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0xc0686611, &(0x7f0000000180)={0x67, 0x0, 0x3f, 0x2000, &(0x7f0000ffe000/0x2000)=nil})
landlock_restrict_self(r3, 0x0)

5.450459561s ago: executing program 0 (id=1496):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
getpid()
mkdirat(0xffffffffffffff9c, 0x0, 0x2)
r0 = socket$alg(0x26, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
syz_open_procfs(0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bind$alg(r0, &(0x7f0000000040)={0x26, 'hash\x00', 0x0, 0x0, 'sha256-generic\x00'}, 0x58)
r4 = socket$phonet_pipe(0x23, 0x5, 0x2)
setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, &(0x7f0000000300)='ipvlan1\x00', 0x10)
connect$phonet_pipe(r4, 0x0, 0x0)
ioctl$SIOCPNENABLEPIPE(r4, 0x89ed, 0x500)
r5 = openat$procfs(0xffffff9c, &(0x7f00000000c0)='/proc/schedstat\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r5, 0x0, 0x360)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bind$netlink(0xffffffffffffffff, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000010000000900010073797a31000000003c000000030a010200000004e8191e00010000000900030073797a3200000000140004800800024000000001080001400000000508000540ffffffff30000000050a01020000000000000000010000000c00024000000000000000010900010073797a31000000000400048014003f1c47ccbad20000110001000000000000000d832083464677c127373706b721374b6e0a0b2f9774c855edbc5204740df7051597918401dc6b5eaa039e903f750c8d911cf9ea97114b63fb755b93df192e0a106a92e3f981a36946a231ab6fd4a5080f8ba29b37ad10ed4b37821b1694f0939d10aab7e2a0c5f8da7059d7007d4a23ea15c625f6"], 0xb4}, 0x1, 0x0, 0x0, 0x4f1813dbda3f5ec0}, 0x0)

4.974200164s ago: executing program 4 (id=1497):
socket(0x10, 0x3, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$packet(0x11, 0x3, 0x300)
socket(0x11, 0x3, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x20, 0x41, 0x107, 0x0, 0x0, {0x4, 0x7c}, [@nested={0xc, 0x1, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0)
iopl(0x3)
seccomp$SECCOMP_GET_ACTION_AVAIL(0x2, 0x0, &(0x7f0000000000)=0x7fff0000)
io_setup(0x83, &(0x7f0000000000))
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

4.934709038s ago: executing program 2 (id=1498):
socket$nl_generic(0x10, 0x3, 0x10)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
iopl(0x3)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r0, 0x0)

4.847422828s ago: executing program 2 (id=1499):
io_uring_setup(0x7fdb, &(0x7f0000000080))
mknodat$null(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x103)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x18, 0x3, &(0x7f0000000940)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='contention_end\x00', r0}, 0x10)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000180)="5c00000013006bcd9e3fe3dc4e48aa31086b8703340000001f00000000000000040014000d000a00140000009ee517d34460bc08eab556a705251e6182949a3651f60a84c9f5d1938837e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f000801}, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f00000002c0)={{}, 0x2c, {'rootmode', 0x3d, 0x1000}})
fstat(0xffffffffffffffff, 0x0)

4.760641115s ago: executing program 2 (id=1500):
open(0x0, 0x400141042, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000340)={0x8008, 0x20000008a}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
ioctl$BINDER_GET_FROZEN_INFO(0xffffffffffffffff, 0xc00c620f, &(0x7f0000000040))
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$NFNL_MSG_COMPAT_GET(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f00000000c0)})
kexec_load(0x0, 0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = syz_open_dev$vim2m(0x0, 0x8000, 0x2)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f0000000040)='yeah\x00', 0x5)
kexec_load(0xec, 0x6, &(0x7f00000006c0)=[{&(0x7f00000002c0)="c924a34476663f3a8091f48957415b1cf42aa2ea63ed0a456ab46895a7589b645617408a0ee332cbbd9491d5dbea5a391fb204af18952819c3e6efbade2b5756563bb05ddbc1a90d7ce4562c2fcc8422326a7bb3611d8053667b629e0dddf8c468e7a27adae87586a1", 0x69, 0x0, 0x5}, {&(0x7f0000000a00)="3d57a0cbf09d7a01071740834bfda75c6ea2b33f1c71e2640985711c03ed8e4c57d43320997abe195fba263d5e813593831e662001d092817009863dfba3a0d725b5d22f94db01000000f0752dbbb45b28ed6d758ddc473856f227a76969f2f51784f933a760d1da0d8e9f7aa75aaf676899c7804522ba03006f82e3399cdc5a0cf981abd61c454bc8cd695ccb89592a24567ac9136125a0e3bb5bbc12ccfd6effba77e43782c067b353c54f252ed1020cec78b8813e7bac1d51f9c8fd3cfdbb386a679d1ba5b65aa65deaf9e6e4aae94ca3d23bee9294ff8636eecacf43ff29ee90d39b1e819fa14097b255f51e9352aa1fa2cfa23b3f656260b85571ccc65a7587dc052df9aefa27ade02e6df20eacd51394cd802d27435896a21b8db057df8cb8ffd58898f64e4cc1c7fc31d9483989ed61c0087ae266b71a12543e7d19656d49bcad463c926ed480ca2b5b72f8ad641f35152ef630621a6482cdbc2a8ebe2069109471db8b6929517fbb9e25b81b826b1455c426361ad3850c4bf9a2f869e728e302753f53d6ff455e6fa7399dafe7f4f9f37ff9f5a32a281c713398767261c0460268c9306800b2941d5ee945a1f3edcaa845dd3a3fb4e06980188b6e0732bfeefdf5d4f777ce2fe0e49581c7660eea1018", 0x1d4, 0x3, 0x401}, {&(0x7f0000000380)="3e7e41d6b25c1f5fac201ea55b31ab5f36c808a94e10b4ea19d41c30563c1880fac773c35e6477b01f4621b6af29", 0x2e, 0x0, 0x9}, {&(0x7f00000003c0)="d5839dc123684284f318ea1e89db2262f65c0a30e67eafe3bc4e2e91034a877db9094d6d2ebf58231eab784b98f85c49dc97c6816d8d3b4db24e591a91b4f09e8a49ccf4c886e4e9b93131a874c684600e92288d36bf5ac4b6169995580ee7cacbc5e80203dd6a5d72cf55a650319839a91bc1a4f80824f998050191806a8d014bf7955e06785f15210b370164c34a90434e03227dab960b", 0x98, 0xcd9, 0x8}, {&(0x7f0000000480)="1445a4abb28bb2844315f74f088b6d70b983c119c9f693652cf6cc0145d77e73646580b25841507eca5ce2db21d2031926579dfc1b186066bccdabe0a38c388c69f1e71647a8ba3d1373eafab3fa1d5783b58c78fb1467ad722d06edf3a906f2bdc1138cbd224fd47eb7d126561b302692e76a60e5759afc6f13519aeb910561b27d78a5400b815d98bd240c20e8f3e8f9b36886bedf74552e8758295aae93d3c268949a18618ae0e2fda0ba88b50e74d5e451de325d4805a6bf9a867428ad063d97b519e6021c5481e54526d0c6ddcaac9a5021288fee8500ffa9be654207b2779f36b80a6a9000", 0xe8, 0x6, 0xf821}, {&(0x7f0000000640)="906b219f53dea1c0ad730fedae86f7dad03e69a3f92cd1b1392aa5197a037c08b75b22dc56ca445383a4b0d1b83064a30055b793284beeb9320810f4aeee06f4fc00e3cbfff1ee9779d4728faf8fadd39d4165d5fbcaf8fb00a0d86a0905818d492aa2e16498dc4a7f8d01eb575d1872880a43176b7d4bf9763684", 0x7b, 0xff, 0x3}], 0x150000)
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x1)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0)
quotactl_fd$Q_SETQUOTA(r5, 0xffffffff80000800, 0xee01, &(0x7f00000000c0)={0x0, 0x3, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdf})
syz_open_dev$sndctrl(0x0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r6 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000080)='.log\x00', 0x1810c0, 0x0)
fchown(r6, 0xee01, 0x0)
connect$inet6(r4, &(0x7f0000000180)={0xa, 0x4001, 0x8000, @local, 0xf}, 0x1c)
sendmmsg$inet6(r4, &(0x7f0000005700)=[{{0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f00000008c0)='F', 0x1}], 0x1, &(0x7f0000000280)=ANY=[@ANYRES32=r3], 0x18}}], 0x1, 0x0)

4.723455424s ago: executing program 5 (id=1501):
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000206d049cc20000000000010902a400010000000009040000010300000009210000000122050009058103"], 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=ANY=[@ANYBLOB], 0x50}}, 0x0)
close(r1)
open(&(0x7f0000000600)='./file0\x00', 0x8060, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(0xffffffffffffffff, &(0x7f000000c3c0)={0x2020}, 0x2020)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000002180)='/proc/cpuinfo\x00', 0x0, 0x0)
read$FUSE(r2, &(0x7f0000004f00)={0x2020}, 0x2020)
socket(0x10, 0x0, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000001380)={0x0, 0x0, 0x0}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x2d)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$setperm(0x5, r4, 0x1080420)
keyctl$join(0x1, &(0x7f0000000900)={'syz', 0x3})
keyctl$join(0x1, &(0x7f0000000240)={'syz', 0x3})
preadv(r2, &(0x7f0000004ec0)=[{&(0x7f0000004bc0)=""/68, 0x44}], 0x1, 0x0, 0x0)

3.967301406s ago: executing program 0 (id=1502):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
write$qrtrtun(r0, &(0x7f0000000780)="9d8d645e53b6183d874f9e93a18dd009a09560ff682bd07dc3d28385a8f3f9e18418950d4dfe49f13a19e24320444a7d6c121741ba3dc510dba4f980bbd9a315544fa0a1622d949faba79788908354e467989e8458e6f5f76e0e4e781bfca4c928c956321dd514877569805db6605ae665f25620370fd3a094becd642f1584a8bd051f13bad882bea021ffb5ce918a1f87f1d439ec93772d6ecaaf8891f7678f2037ccced78e35ace925427bc70c2c3974c5124cac5e163d9b6f5b998c1c7263fa2331d1241523986dccbd4e1f32b2f521380a2ea473213280df98cbf94b96d900a2dfc5c877db675ebb1d7cbc398ca422ddbadc24ee6f3bf036f62cdb056502a6b657ff95930ea668649ad0003afe9a912179ce616b1b3dab94642d2768f1f22299deb9eddb917fc0076b74406149024514d07417c6007e8cd4dc4e2295be71f412044bcad9c413a8c19528dc1b432fe7f9fda7182a47243af427a76ede78aa5c6ef75ea1f48e2e9e9d203d4760a1ff6a0119b39a2458a050f9519d4bbd821684ef8356985e8f5b8d78346f428788fc374e00000c2a2ef8478a13b4a56d0821201c37a0066fb9f5cc583005b9f71b67daa300311066bacbf43630a8388aff734a568a123a48ba1344a5500e5c6f8cef539617cd3970ffb873579a3b76bd529f1626d1f90543b2a0190df38bb1e8b6fc9bfc5c42693814665679e78ed8adce4d23b8725416101ae411a6c4af4625f28810ec16834a1589063af1bf0b29aa57e06dddc0fddf408fa363c536d5afd9ba", 0x22f)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r2, 0x0, 0x30, 0xe1515f8735398fb, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000002c0)=[0x45c], 0x0, 0x0, 0x1, 0x1}}, 0x3c)

3.931544496s ago: executing program 4 (id=1503):
write$FUSE_NOTIFY_STORE(0xffffffffffffffff, 0x0, 0x28)
sendmsg$NL80211_CMD_NEW_STATION(0xffffffffffffffff, 0x0, 0x0)
sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x11, 0x8100, 0x0, 0x1, 0x0, 0x6, @dev}, 0x14)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x6a)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000480)='cgroup.threads\x00', 0x2, 0x0)
sendfile(r1, r1, 0x0, 0x4)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080))
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
lseek(r1, 0x4, 0x0)
readv(r1, &(0x7f0000000340)=[{&(0x7f0000001740)=""/153, 0x99}], 0x1)

3.897598064s ago: executing program 0 (id=1504):
openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/bus/input/devices\x00', 0x0, 0x0)
write$FUSE_NOTIFY_STORE(0xffffffffffffffff, 0x0, 0x28)
sendmsg$NL80211_CMD_NEW_STATION(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0xffffffffffffffbb, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="00010000", @ANYRES16, @ANYBLOB="c88845e7e05ae52d00009300000008001317"], 0x1c}}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x6a)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000480)='cgroup.threads\x00', 0x2, 0x0)
sendfile(r1, r1, 0x0, 0x4)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]})
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
lseek(r1, 0x4, 0x0)
readv(r1, &(0x7f0000000340)=[{&(0x7f0000001740)=""/153, 0x99}], 0x1)

3.870469296s ago: executing program 4 (id=1505):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x40000)

3.823885333s ago: executing program 2 (id=1506):
socket$netlink(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fe0500000000000000000000950000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$inet(0x2, 0x3, 0x5)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r4, 0x89f1, &(0x7f00000002c0)={'gre0\x00', &(0x7f0000001000)={'syztnl2\x00', 0x0, 0x0, 0xa000, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x2, 0x0, 0x0, 0x2f, 0x0, @empty, @rand_addr=0x3}}}})
open(&(0x7f00000001c0)='./file1/file0\x00', 0x4c4c0, 0x50)
open(&(0x7f0000000000)='./file1\x00', 0x0, 0x0)
truncate(&(0x7f0000000280)='./file1\x00', 0x1)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000300)="d8000000180081054e81f782db4cb904021d080406037c09e8fe55a10a0015400200142603600e122f00160006000600a8000600200005400700027c035c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9a941", 0xd8}], 0x1, 0x0, 0x0, 0x4a0f0000}, 0x0)

3.731136636s ago: executing program 4 (id=1507):
recvmmsg(0xffffffffffffffff, &(0x7f0000001c00), 0x0, 0x40010020, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
shmget$private(0x0, 0x1000, 0x0, &(0x7f0000fff000/0x1000)=nil)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
getsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f00000003c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x2d)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$AUTOFS_IOC_FAIL(0xffffffffffffffff, 0x4c80, 0xffffffffffffffb6)
r5 = socket$inet6(0xa, 0x2, 0x3a)
bind$inet6(r5, &(0x7f0000000000)={0xa, 0x4e21, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, 0x1c)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="580000000206010100e5ff00000000000000000005000100070000000900020073797a30000000000c00078008000840000000d00500050002000000050004000000000012000300686173683a6e6574"], 0x58}}, 0x0)
sendmsg$IPSET_CMD_LIST(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, 0x7, 0x6, 0x301, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="300000001000010000003a194618d96d6d2e8553", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0)

2.226771598s ago: executing program 2 (id=1508):
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x129202, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000000)=0x20)
ioctl$SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f0000000040)=0x3)
mmap$dsp(&(0x7f0000ff9000/0x2000)=nil, 0x2000, 0x200000f, 0x11, r0, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000000)=0x4000)
symlinkat(&(0x7f0000000000)='./file1/file0\x00', 0xffffffffffffff9c, &(0x7f0000000200)='./file6\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.stat\x00', 0x275a, 0x0)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f00000003c0)={'tunl0\x00', &(0x7f0000000540)={'gretap0\x00', 0x0, 0x1, 0x80, 0x3, 0x6, {{0x5, 0x4, 0x1, 0x32, 0x14, 0x68, 0x0, 0x8, 0x4, 0x0, @empty, @empty}}}})

2.024149014s ago: executing program 0 (id=1509):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
iopl(0x3)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r0, 0x0)

1.867352022s ago: executing program 1 (id=1510):
io_uring_setup(0x7fdb, &(0x7f0000000080))
mknodat$null(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x103)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x18, 0x3, &(0x7f0000000940)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='contention_end\x00', r0}, 0x10)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000180)="5c00000013006bcd9e3fe3dc4e48aa31086b8703340000001f00000000000000040014000d000a00140000009ee517d34460bc08eab556a705251e6182949a3651f60a84c9f5d1938837e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f000801}, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f00000002c0)={{}, 0x2c, {'rootmode', 0x3d, 0x1000}})
fstat(0xffffffffffffffff, 0x0)

1.82525611s ago: executing program 4 (id=1511):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r4, 0xc0a85320, &(0x7f0000001400)={{0x80}, 'port1\x00', 0xe3, 0x1b1c07})
readv(r4, &(0x7f0000000080)=[{&(0x7f0000002600)=""/46, 0x2e}], 0x1)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140), 0x8417f, 0x0)
ioctl$TCFLSH(0xffffffffffffffff, 0x540b, 0x1)
r5 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x5885}, &(0x7f0000000340)=<r6=>0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$FOU_CMD_GET(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)={0x20, 0x0, 0x1, 0x70bd2d, 0x0, {0x2}, [@FOU_ATTR_LOCAL_V4={0x8, 0x6, @multicast1}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4}]}, 0x20}}, 0xc8c0)
syz_io_uring_submit(r6, 0x0, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index, 0x0, &(0x7f00000006c0)=[{0x0}, {0x0}], 0x2})
io_uring_enter(r5, 0x3516, 0x0, 0x0, 0x0, 0x0)
r8 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/oss_mixer\x00', 0x2002, 0x0)
write$proc_mixer(r8, &(0x7f0000000100)=ANY=[@ANYBLOB='VOLUME\nSYNTH \'Synth Capt'], 0x32)
r9 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card0/oss_mixer\x00', 0x280, 0x0)
dup3(r9, r8, 0x0)

1.79470915s ago: executing program 0 (id=1512):
ioctl$int_out(0xffffffffffffffff, 0x0, &(0x7f0000000080))
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_open_dev$sndmidi(&(0x7f0000000000), 0x8000000000000001, 0x402)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0xe, 0x4, 0x4, 0x4, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000680)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x50)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000004300)={0x50, 0x0, 0x0, {0x7, 0x26}}, 0x50)
openat(0xffffffffffffff9c, 0x0, 0xc8841, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x6)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
shutdown(0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={0x24, 0x39, 0x107, 0x0, 0x0, {0x1}, [@typed={0x4}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x6, 0x0, 0x0, 0x0, @str='\x06\xdd'}]}]}, 0x24}}, 0x0)
ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000100)={0x2, {0x2, 0x13d, 0xfffe, 0xd6e, 0x10}})

407.75809ms ago: executing program 4 (id=1513):
unshare(0x6020400)
r0 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x10000, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, 0x1, 0x4, 0x5, 0x0, 0x0, {0xa, 0x0, 0x8}, [@NFULA_CFG_CMD={0x5, 0x1, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8804}, 0x20000884)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000040)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, r0, 0x2, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000240)={0x0, <r2=>0x0}, &(0x7f0000000280)=0x5)
setuid(r2)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x8, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="850000004f00000006ebffffffffffff150000000000000095000000000000001aaae442e70c9676e041aed29ffa7b209e457576c17f3b47840d84a5d176d87e7b8af56ac3c3138b73f58f52855ff943e2c050064b"], &(0x7f0000000140)='GPL\x00', 0x8, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xffffff4e, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x64)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="9feb01001800000000000000240000002400000002000000000000000000000d0205000000000000010000"], &(0x7f0000000f40)=""/4089, 0x3e, 0xff9, 0x1, 0x0, 0x0, @void, @value}, 0x28)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r3, 0x84, 0x72, &(0x7f00000000c0)={0x0, 0x20, 0x10}, 0xc)
bind$inet6(r3, &(0x7f0000000280)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r3, &(0x7f00000002c0)="1e", 0x1, 0x0, &(0x7f0000000200)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r3, &(0x7f0000000c80)="7cffa9061b2f8b082b6f69ae50430c8a8b6aa3162ba083c4a52e1ab0ac50ed4a19b1a69988000d5bed4433daaa4932dbb1cb3550dee8b23579d76ce37d574b43fca1eed8ebd38d1303240ed0d84517692128dd5aef5c4d60a6659952a1437c6f0ac3ed75806011ccbaa504f41a7e0abcf8823bc4a71ef8c52c2b297b539eaf752c56ebfe9b0542543069257dafcbf76c958d4cbf4eaaa67c5c2bd9e6518be34b56add7613ab83d389724b664e62c154e1a5aac073a53a0e8cadcf51ef495ebbcc77d5e36ff24c3f282289cc077374b714e08fbfecbdc8f14ef3fd409af4caf6fcb7d663beab335f239a1e93b399c93d7c036e1b39a7c477945f82b6dde53b1c21b590a58ba688ac4fb530d2c5b1195a127d2eaec840ab59f090d7047c278611e080cebe7b28588c11a44be99fe6f88c73441bf625b70565669997f4c3cda5afe1d6429908a69a459d35ba8c2f28076d8711f2667de749a783fac94ebd02680f20fb723c35c287a1f45064846385750665ffa74579083fbb1b1d6b7c90168252b1c5313544569203e7adb8e271a94f7413e5cfd6aa3157c4fc29bddba3683fcd032aecb513b2f27530fbefa0000000000000003c058e812d8db87de5e3eceae268b91f7d59daf77646fa4df99877dd5a9540934c7af91b96486eea62897be6acbe1bae8e46b112f1385e7cea9e4daccc6f1b98ce3b4322af8299a45ddcb5be8d3e469fdde9896ca324a2f3c88c616a7dccde331698ce2d39f96220251011b4dfbec953b5c30e94adb5586cec0af234859805bb7df1101ae80318ff127e913178d79cfa918d54585b6184255e872e2dc33a5c7c30a756bbd63c32a3e6a22863781747d185acb64583976c4289394d642b07d18e2932d0a78bd2ccf92b3e94e82f1e9239fa272402f4c9efcf068709a44d6f652a4f23df89f9a15e6bf0c7e65d8f3e32c35e83d30298074d16cb5ff4ded1df81009bbae888fceb9a8109ba319605e1776e52d2069b5cd7de07cf8dc488ba6a9c7559ff49674a490991f323736f302004007d0ccf2e5eaceac6b56f48f2b00592d7a378f118d8b3e5ecd2035c8252374c91bc79cf26ac11ddffe2c09e1aa032da0713732387f950e3f4e301eb1d26e5a2b19318e50d555c832e279894d8c9b03e8940738c0fe391b29907d0d5f9214d6e697a19247f4e8221aca2ac47debd7c45b8344941cbecbaf44af343b24a4f88caf207d72002fb8b7d156997cb7275f535e6a9d6480046246e60bea0cf6f54abc69ff9418b6cb9301eb6890227215b633a886fb13c89698e51e482c42ca99613b20e22e5ce15272f5bda8b18cf53d49130a94135dd8a9692c", 0x34000, 0xbcff, 0x0, 0x0)
write(r3, &(0x7f0000000340)='\x00\x00', 0x2)

47.242871ms ago: executing program 1 (id=1514):
socket$nl_route(0x10, 0x3, 0x0)
readv(0xffffffffffffffff, &(0x7f0000000700)=[{&(0x7f0000000000)=""/53, 0x35}, {&(0x7f0000000140)=""/213, 0xd5}, {&(0x7f00000002c0)=""/154, 0x9a}, {&(0x7f0000000380)=""/81, 0x51}, {&(0x7f0000000040)=""/19, 0x13}, {&(0x7f0000000400)=""/158, 0x9e}, {&(0x7f00000004c0)=""/130, 0x82}, {&(0x7f0000000580)=""/163, 0xa3}, {&(0x7f0000000640)=""/144, 0x90}], 0x9)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
r5 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$sock_inet_SIOCGIFNETMASK(r5, 0x891b, &(0x7f0000000880)={'bond_slave_0\x00', {0x2, 0x0, @dev}})
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, 0x0)
open(&(0x7f0000000100)='.\x00', 0x0, 0x0)
fstat(r1, &(0x7f00000006c0))

0s ago: executing program 2 (id=1515):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
write$qrtrtun(r0, &(0x7f0000000780)="9d8d645e53b6183d874f9e93a18dd009a09560ff682bd07dc3d28385a8f3f9e18418950d4dfe49f13a19e24320444a7d6c121741ba3dc510dba4f980bbd9a315544fa0a1622d949faba79788908354e467989e8458e6f5f76e0e4e781bfca4c928c956321dd514877569805db6605ae665f25620370fd3a094becd642f1584a8bd051f13bad882bea021ffb5ce918a1f87f1d439ec93772d6ecaaf8891f7678f2037ccced78e35ace925427bc70c2c3974c5124cac5e163d9b6f5b998c1c7263fa2331d1241523986dccbd4e1f32b2f521380a2ea473213280df98cbf94b96d900a2dfc5c877db675ebb1d7cbc398ca422ddbadc24ee6f3bf036f62cdb056502a6b657ff95930ea668649ad0003afe9a912179ce616b1b3dab94642d2768f1f22299deb9eddb917fc0076b74406149024514d07417c6007e8cd4dc4e2295be71f412044bcad9c413a8c19528dc1b432fe7f9fda7182a47243af427a76ede78aa5c6ef75ea1f48e2e9e9d203d4760a1ff6a0119b39a2458a050f9519d4bbd821684ef8356985e8f5b8d78346f428788fc374e00000c2a2ef8478a13b4a56d0821201c37a0066fb9f5cc583005b9f71b67daa300311066bacbf43630a8388aff734a568a123a48ba1344a5500e5c6f8cef539617cd3970ffb873579a3b76bd529f1626d1f90543b2a0190df38bb1e8b6fc9bfc5c42693814665679e78ed8adce4d23b8725416101ae411a6c4af4625f28810ec16834a1589063af1bf0b29aa57e06dddc0fddf408fa363c536d5afd9ba", 0x22f)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r2, 0x0, 0x30, 0xe1515f8735398fb, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000002c0)=[0x45c], 0x0, 0x0, 0x1, 0x1}}, 0x3c)

kernel console output (not intermixed with test programs):

and not use inversions on it
[  372.578455][ T9501] FAULT_INJECTION: forcing a failure.
[  372.578455][ T9501] name failslab, interval 1, probability 0, space 0, times 0
[  372.591219][ T9501] CPU: 1 UID: 0 PID: 9501 Comm: syz.2.1023 Not tainted 6.12.0-rc6-syzkaller-00099-g7758b206117d #0
[  372.601907][ T9501] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  372.611978][ T9501] Call Trace:
[  372.615266][ T9501]  <TASK>
[  372.618203][ T9501]  dump_stack_lvl+0x241/0x360
[  372.622906][ T9501]  ? __pfx_dump_stack_lvl+0x10/0x10
[  372.628121][ T9501]  ? __pfx__printk+0x10/0x10
[  372.632725][ T9501]  ? fs_reclaim_acquire+0x93/0x130
[  372.637850][ T9501]  ? __pfx___might_resched+0x10/0x10
[  372.643163][ T9501]  should_fail_ex+0x3b0/0x4e0
[  372.647856][ T9501]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[  372.653597][ T9501]  should_failslab+0xac/0x100
[  372.658291][ T9501]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[  372.664026][ T9501]  __kmalloc_noprof+0xd8/0x400
[  372.668807][ T9501]  tomoyo_realpath_from_path+0xcf/0x5e0
[  372.674386][ T9501]  tomoyo_path_number_perm+0x23a/0x880
[  372.679872][ T9501]  ? tomoyo_path_number_perm+0x208/0x880
[  372.685519][ T9501]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  372.691549][ T9501]  ? __fget_files+0x29/0x470
[  372.696156][ T9501]  ? __fget_files+0x3f3/0x470
[  372.700871][ T9501]  security_file_ioctl+0xc6/0x2a0
[  372.705912][ T9501]  __se_sys_ioctl+0x47/0x170
[  372.710518][ T9501]  do_syscall_64+0xf3/0x230
[  372.715036][ T9501]  ? clear_bhb_loop+0x35/0x90
[  372.719728][ T9501]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  372.725631][ T9501] RIP: 0033:0x7f10dcb7e719
[  372.730054][ T9501] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  372.749668][ T9501] RSP: 002b:00007f10dafd5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  372.758101][ T9501] RAX: ffffffffffffffda RBX: 00007f10dcd36130 RCX: 00007f10dcb7e719
[  372.766086][ T9501] RDX: 0000000020000580 RSI: 00000000c050561a RDI: 0000000000000006
[  372.774069][ T9501] RBP: 00007f10dafd5090 R08: 0000000000000000 R09: 0000000000000000
[  372.782050][ T9501] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  372.790030][ T9501] R13: 0000000000000000 R14: 00007f10dcd36130 R15: 00007ffe6ab7eaa8
[  372.798030][ T9501]  </TASK>
[  372.806501][ T9501] ERROR: Out of memory at tomoyo_realpath_from_path.
[  372.814241][ T5878] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  373.013405][ T5878] usb 5-1: Using ep0 maxpacket: 32
[  373.030256][ T5878] usb 5-1: config index 0 descriptor too short (expected 164, got 36)
[  373.045611][ T5878] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  373.061957][ T5878] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  373.085529][ T5878] usb 5-1: New USB device found, idVendor=046d, idProduct=c29c, bcdDevice= 0.00
[  373.103089][ T5878] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  373.131904][ T5878] usb 5-1: config 0 descriptor??
[  373.951746][ T5845] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  373.964830][ T5845] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  373.973218][ T5845] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  373.982270][ T5845] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  373.991372][ T5845] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  373.998830][ T5845] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  374.374689][ T9517] FAULT_INJECTION: forcing a failure.
[  374.374689][ T9517] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  374.413264][ T9517] CPU: 1 UID: 0 PID: 9517 Comm: syz.1.1028 Not tainted 6.12.0-rc6-syzkaller-00099-g7758b206117d #0
[  374.424000][ T9517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  374.434082][ T9517] Call Trace:
[  374.437386][ T9517]  <TASK>
[  374.440338][ T9517]  dump_stack_lvl+0x241/0x360
[  374.445048][ T9517]  ? __pfx_dump_stack_lvl+0x10/0x10
[  374.450271][ T9517]  ? __pfx__printk+0x10/0x10
[  374.454891][ T9517]  ? __pfx_lock_release+0x10/0x10
[  374.459997][ T9517]  ? __lock_acquire+0x1384/0x2050
[  374.465054][ T9517]  should_fail_ex+0x3b0/0x4e0
[  374.469754][ T9517]  _copy_from_user+0x2f/0xc0
[  374.474367][ T9517]  io_submit_one+0xc1/0x18a0
[  374.479005][ T9517]  ? __pfx_io_submit_one+0x10/0x10
[  374.484143][ T9517]  ? __might_fault+0xaa/0x120
[  374.488841][ T9517]  ? __pfx_lock_release+0x10/0x10
[  374.493904][ T9517]  ? lookup_ioctx+0x94/0x6a0
[  374.498517][ T9517]  ? __might_fault+0xaa/0x120
[  374.503215][ T9517]  ? __might_fault+0xc6/0x120
[  374.507924][ T9517]  __se_sys_io_submit+0x179/0x2f0
[  374.512973][ T9517]  ? __pfx___se_sys_io_submit+0x10/0x10
[  374.518541][ T9517]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  374.524552][ T9517]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  374.530921][ T9517]  ? do_syscall_64+0x100/0x230
[  374.535721][ T9517]  ? do_syscall_64+0xb6/0x230
[  374.540431][ T9517]  do_syscall_64+0xf3/0x230
[  374.544957][ T9517]  ? clear_bhb_loop+0x35/0x90
[  374.548171][ T9509] chnl_net:caif_netlink_parms(): no params data found
[  374.549636][ T9517]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  374.549662][ T9517] RIP: 0033:0x7f3b0f77e719
[  374.549680][ T9517] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  374.586355][ T9517] RSP: 002b:00007f3b0dbf6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[  374.594799][ T9517] RAX: ffffffffffffffda RBX: 00007f3b0f935f80 RCX: 00007f3b0f77e719
[  374.602798][ T9517] RDX: 00000000200008c0 RSI: 0000000000000002 RDI: 00007f3b10478000
[  374.610798][ T9517] RBP: 00007f3b0dbf6090 R08: 0000000000000000 R09: 0000000000000000
[  374.618889][ T9517] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  374.626857][ T9517] R13: 0000000000000000 R14: 00007f3b0f935f80 R15: 00007fff5c022b58
[  374.634851][ T9517]  </TASK>
[  374.692125][ T5879] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  374.706908][ T9509] bridge0: port 1(bridge_slave_0) entered blocking state
[  374.723195][ T9509] bridge0: port 1(bridge_slave_0) entered disabled state
[  374.730475][ T9509] bridge_slave_0: entered allmulticast mode
[  374.753480][ T9509] bridge_slave_0: entered promiscuous mode
[  374.771081][ T9509] bridge0: port 2(bridge_slave_1) entered blocking state
[  374.781620][ T9509] bridge0: port 2(bridge_slave_1) entered disabled state
[  374.798842][ T9509] bridge_slave_1: entered allmulticast mode
[  374.808632][ T9509] bridge_slave_1: entered promiscuous mode
[  374.936256][ T9531] openvswitch: : Dropping previously announced user features
[  375.001874][ T5879] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  375.543015][ T5879] usb 3-1: New USB device found, idVendor=04d5, idProduct=0001, bcdDevice= 0.00
[  375.554965][ T9533] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1031'.
[  375.564141][ T9533] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1031'.
[  375.578435][ T9533] netdevsim netdevsim1 netdevsim0: set [1, 1] type 2 family 0 port 19968 - 0
[  375.587353][ T9533] netdevsim netdevsim1 netdevsim1: set [1, 1] type 2 family 0 port 19968 - 0
[  375.596226][ T9533] netdevsim netdevsim1 netdevsim2: set [1, 1] type 2 family 0 port 19968 - 0
[  375.605390][ T9533] netdevsim netdevsim1 netdevsim3: set [1, 1] type 2 family 0 port 19968 - 0
[  375.614298][ T9533] geneve2: entered allmulticast mode
[  375.652489][ T5879] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  375.719620][ T5879] usb 3-1: config 0 descriptor??
[  375.733835][ T5879] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[  375.798788][ T9509] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  375.807782][ T5878] usbhid 5-1:0.0: can't add hid device: -71
[  375.814799][ T5878] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  375.828397][ T9509] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  375.833752][ T5878] usb 5-1: USB disconnect, device number 12
[  375.949945][ T9512] FAULT_INJECTION: forcing a failure.
[  375.949945][ T9512] name failslab, interval 1, probability 0, space 0, times 0
[  375.963633][ T9512] CPU: 1 UID: 0 PID: 9512 Comm: syz.2.1027 Not tainted 6.12.0-rc6-syzkaller-00099-g7758b206117d #0
[  375.974335][ T9512] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  375.984391][ T9512] Call Trace:
[  375.987664][ T9512]  <TASK>
[  375.990591][ T9512]  dump_stack_lvl+0x241/0x360
[  375.995281][ T9512]  ? __pfx_dump_stack_lvl+0x10/0x10
[  376.000473][ T9512]  ? __pfx__printk+0x10/0x10
[  376.005063][ T9512]  ? fs_reclaim_acquire+0x93/0x130
[  376.010173][ T9512]  ? __pfx___might_resched+0x10/0x10
[  376.015460][ T9512]  should_fail_ex+0x3b0/0x4e0
[  376.020134][ T9512]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[  376.025854][ T9512]  should_failslab+0xac/0x100
[  376.030534][ T9512]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[  376.036251][ T9512]  __kmalloc_noprof+0xd8/0x400
[  376.041012][ T9512]  tomoyo_realpath_from_path+0xcf/0x5e0
[  376.046575][ T9512]  tomoyo_path_number_perm+0x23a/0x880
[  376.052034][ T9512]  ? tomoyo_path_number_perm+0x208/0x880
[  376.057661][ T9512]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  376.063666][ T9512]  ? __fget_files+0x29/0x470
[  376.068253][ T9512]  ? __fget_files+0x3f3/0x470
[  376.072933][ T9512]  security_file_ioctl+0xc6/0x2a0
[  376.077954][ T9512]  __se_sys_ioctl+0x47/0x170
[  376.082542][ T9512]  do_syscall_64+0xf3/0x230
[  376.087043][ T9512]  ? clear_bhb_loop+0x35/0x90
[  376.091717][ T9512]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  376.097605][ T9512] RIP: 0033:0x7f10dcb7e719
[  376.102016][ T9512] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  376.121615][ T9512] RSP: 002b:00007f10dd8a9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  376.130025][ T9512] RAX: ffffffffffffffda RBX: 00007f10dcd35f80 RCX: 00007f10dcb7e719
[  376.137990][ T9512] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  376.145954][ T9512] RBP: 00007f10dd8a9090 R08: 0000000000000000 R09: 0000000000000000
[  376.153919][ T9512] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  376.161884][ T9512] R13: 0000000000000000 R14: 00007f10dcd35f80 R15: 00007ffe6ab7eaa8
[  376.169867][ T9512]  </TASK>
[  376.192829][ T5830] Bluetooth: hci5: command tx timeout
[  376.208502][ T9512] ERROR: Out of memory at tomoyo_realpath_from_path.
[  376.260816][ T5878] usb 3-1: USB disconnect, device number 18
[  376.260899][ T9509] team0: Port device team_slave_0 added
[  376.325403][ T9509] team0: Port device team_slave_1 added
[  376.397307][ T9509] batman_adv: batadv0: Adding interface: batadv_slave_0
[  376.406241][ T9509] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  376.433539][ T9509] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  376.447024][ T9509] batman_adv: batadv0: Adding interface: batadv_slave_1
[  376.458869][ T9509] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  376.488680][ T9509] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  376.591941][ T9509] hsr_slave_0: entered promiscuous mode
[  376.621298][ T9509] hsr_slave_1: entered promiscuous mode
[  376.641250][ T9509] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  376.655286][ T9509] Cannot create hsr debugfs directory
[  377.434659][   T29] kauditd_printk_skb: 18 callbacks suppressed
[  377.434678][   T29] audit: type=1326 audit(1730945316.950:339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9548 comm="syz.2.1035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10dcb7e719 code=0x7ffc0000
[  377.462494][   T29] audit: type=1326 audit(1730945316.950:340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9548 comm="syz.2.1035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10dcb7e719 code=0x7ffc0000
[  377.484057][   T29] audit: type=1326 audit(1730945316.950:341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9548 comm="syz.2.1035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f10dcb7e719 code=0x7ffc0000
[  377.505630][   T29] audit: type=1326 audit(1730945316.950:342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9548 comm="syz.2.1035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10dcb7e719 code=0x7ffc0000
[  377.527416][   T29] audit: type=1326 audit(1730945316.950:343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9548 comm="syz.2.1035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10dcb7e719 code=0x7ffc0000
[  377.549070][   T29] audit: type=1326 audit(1730945316.950:344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9548 comm="syz.2.1035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f10dcb7e719 code=0x7ffc0000
[  377.570663][   T29] audit: type=1326 audit(1730945316.950:345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9548 comm="syz.2.1035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10dcb7e719 code=0x7ffc0000
[  377.592218][   T29] audit: type=1326 audit(1730945316.950:346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9548 comm="syz.2.1035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10dcb7e719 code=0x7ffc0000
[  377.613790][   T29] audit: type=1326 audit(1730945316.960:347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9548 comm="syz.2.1035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=233 compat=0 ip=0x7f10dcb7e719 code=0x7ffc0000
[  377.635513][   T29] audit: type=1326 audit(1730945316.960:348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9548 comm="syz.2.1035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10dcb7e719 code=0x7ffc0000
[  377.645277][ T9509] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  377.779401][ T9509] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  377.843485][ T9509] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  377.861490][ T9509] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  378.032418][ T9509] 8021q: adding VLAN 0 to HW filter on device bond0
[  378.049512][ T9509] 8021q: adding VLAN 0 to HW filter on device team0
[  378.065463][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  378.072580][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  378.138592][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  378.145803][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  378.252747][ T5845] Bluetooth: hci5: command tx timeout
[  378.417776][ T9556] sctp: [Deprecated]: syz.1.1037 (pid 9556) Use of struct sctp_assoc_value in delayed_ack socket option.
[  378.417776][ T9556] Use struct sctp_sack_info instead
[  379.420131][ T9565] openvswitch: netlink: Missing valid actions attribute.
[  379.427352][ T9565] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  380.275213][ T9509] 8021q: adding VLAN 0 to HW filter on device batadv0
[  380.322021][ T5845] Bluetooth: hci5: command tx timeout
[  380.509734][ T9575] FAULT_INJECTION: forcing a failure.
[  380.509734][ T9575] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  380.552370][ T9575] CPU: 1 UID: 0 PID: 9575 Comm: syz.2.1040 Not tainted 6.12.0-rc6-syzkaller-00099-g7758b206117d #0
[  380.563100][ T9575] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  380.573179][ T9575] Call Trace:
[  380.576477][ T9575]  <TASK>
[  380.579429][ T9575]  dump_stack_lvl+0x241/0x360
[  380.584143][ T9575]  ? __pfx_dump_stack_lvl+0x10/0x10
[  380.589368][ T9575]  ? __pfx__printk+0x10/0x10
[  380.593983][ T9575]  ? __pfx_lock_release+0x10/0x10
[  380.599052][ T9575]  should_fail_ex+0x3b0/0x4e0
[  380.603756][ T9575]  _copy_from_user+0x2f/0xc0
[  380.608365][ T9575]  copy_msghdr_from_user+0xae/0x680
[  380.613594][ T9575]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  380.619431][ T9575]  __sys_sendmsg+0x22d/0x380
[  380.624050][ T9575]  ? __pfx___sys_sendmsg+0x10/0x10
[  380.629193][ T9575]  ? __pfx_vfs_write+0x10/0x10
[  380.634014][ T9575]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  380.640370][ T9575]  ? do_syscall_64+0x100/0x230
[  380.645159][ T9575]  ? do_syscall_64+0xb6/0x230
[  380.649863][ T9575]  do_syscall_64+0xf3/0x230
[  380.654392][ T9575]  ? clear_bhb_loop+0x35/0x90
[  380.659095][ T9575]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  380.665011][ T9575] RIP: 0033:0x7f10dcb7e719
[  380.669449][ T9575] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  380.689088][ T9575] RSP: 002b:00007f10dd8a9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  380.697526][ T9575] RAX: ffffffffffffffda RBX: 00007f10dcd35f80 RCX: 00007f10dcb7e719
[  380.705520][ T9575] RDX: 0000000000000000 RSI: 00000000200002c0 RDI: 0000000000000003
[  380.713552][ T9575] RBP: 00007f10dd8a9090 R08: 0000000000000000 R09: 0000000000000000
[  380.721542][ T9575] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  380.729621][ T9575] R13: 0000000000000000 R14: 00007f10dcd35f80 R15: 00007ffe6ab7eaa8
[  380.737626][ T9575]  </TASK>
[  381.092481][ T9599] openvswitch: netlink: Missing valid actions attribute.
[  381.099708][ T9599] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  382.305450][ T9509] veth0_vlan: entered promiscuous mode
[  382.340291][ T9605] loop2: detected capacity change from 0 to 7
[  382.349328][ T9509] veth1_vlan: entered promiscuous mode
[  382.352071][ T9605] Dev loop2: unable to read RDB block 7
[  382.360404][ T9605]  loop2: unable to read partition table
[  382.366342][ T9605] loop2: partition table beyond EOD, truncated
[  382.372713][ T9605] loop_reread_partitions: partition scan of loop2 (þ被) failed (rc=-5)
[  382.402499][ T5845] Bluetooth: hci5: command tx timeout
[  382.414471][ T9509] veth0_macvtap: entered promiscuous mode
[  382.487637][ T9509] veth1_macvtap: entered promiscuous mode
[  382.547019][ T9509] batman_adv: batadv0: Interface activated: batadv_slave_0
[  382.584355][ T9509] batman_adv: batadv0: Interface activated: batadv_slave_1
[  382.616096][ T9509] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  382.625154][ T9509] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  382.634059][ T9509] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  382.642835][ T9509] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  382.667152][ T9610] FAULT_INJECTION: forcing a failure.
[  382.667152][ T9610] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  382.680380][ T9610] CPU: 0 UID: 0 PID: 9610 Comm: syz.0.1048 Not tainted 6.12.0-rc6-syzkaller-00099-g7758b206117d #0
[  382.691082][ T9610] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  382.701166][ T9610] Call Trace:
[  382.704459][ T9610]  <TASK>
[  382.707405][ T9610]  dump_stack_lvl+0x241/0x360
[  382.712110][ T9610]  ? __pfx_dump_stack_lvl+0x10/0x10
[  382.717340][ T9610]  ? __pfx__printk+0x10/0x10
[  382.721954][ T9610]  ? __pfx_lock_release+0x10/0x10
[  382.727018][ T9610]  should_fail_ex+0x3b0/0x4e0
[  382.731726][ T9610]  _copy_from_user+0x2f/0xc0
[  382.736337][ T9610]  __sys_bpf+0x1a4/0x810
[  382.740603][ T9610]  ? __pfx___sys_bpf+0x10/0x10
[  382.745401][ T9610]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  382.751408][ T9610]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  382.757761][ T9610]  ? do_syscall_64+0x100/0x230
[  382.762550][ T9610]  __x64_sys_bpf+0x7c/0x90
[  382.767420][ T9610]  do_syscall_64+0xf3/0x230
[  382.771944][ T9610]  ? clear_bhb_loop+0x35/0x90
[  382.776642][ T9610]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  382.782551][ T9610] RIP: 0033:0x7fd41ab7e719
[  382.786982][ T9610] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  382.806608][ T9610] RSP: 002b:00007fd41b9f2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  382.815022][ T9610] RAX: ffffffffffffffda RBX: 00007fd41ad36058 RCX: 00007fd41ab7e719
[  382.822988][ T9610] RDX: 0000000000000090 RSI: 00000000200004c0 RDI: 0000000000000005
[  382.830951][ T9610] RBP: 00007fd41b9f2090 R08: 0000000000000000 R09: 0000000000000000
[  382.838923][ T9610] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  382.846891][ T9610] R13: 0000000000000000 R14: 00007fd41ad36058 R15: 00007fff24b2bd68
[  382.854869][ T9610]  </TASK>
[  382.950457][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  382.958679][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  382.990248][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  382.998161][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  383.532807][ T9622] openvswitch: : Dropping previously announced user features
[  383.572966][ T5834] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  383.663774][ T9626] vlan0: entered promiscuous mode
[  383.670593][ T9626] vlan0: entered allmulticast mode
[  383.820022][ T5834] usb 2-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[  383.829225][ T5834] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  383.843073][ T5834] usb 2-1: config 0 descriptor??
[  383.903002][ T5834] gspca_main: STV06xx-2.14.0 probing 046d:0870
[  384.198886][ T9633] fuse: Unknown parameter 'gŒ|’«0ÝW00000000000000000000'
[  385.744113][   T29] kauditd_printk_skb: 3 callbacks suppressed
[  385.744132][   T29] audit: type=1326 audit(1730945325.280:352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9641 comm="syz.0.1060" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd41ab7e719 code=0x0
[  385.785361][   T29] audit: type=1326 audit(1730945325.320:353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9640 comm="syz.2.1059" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f10dcb7e719 code=0x0
[  386.010966][ T9650] netlink: 'syz.5.1061': attribute type 12 has an invalid length.
[  386.366942][ T9652] gtp0: entered promiscuous mode
[  386.372549][ T9652] gtp0: entered allmulticast mode
[  386.475539][ T9654] netlink: 'syz.5.1063': attribute type 11 has an invalid length.
[  386.484377][ T9654] netlink: 156 bytes leftover after parsing attributes in process `syz.5.1063'.
[  387.101967][ T1673] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  387.222949][ T9676] openvswitch: : Dropping previously announced user features
[  387.565243][ T5834] usb 2-1: USB disconnect, device number 20
[  387.871928][ T1673] usb 3-1: Using ep0 maxpacket: 32
[  387.905216][ T1673] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  387.923958][ T1673] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  387.934642][ T9682] netlink: 236 bytes leftover after parsing attributes in process `syz.5.1073'.
[  387.938637][ T1673] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  387.943859][ T9682] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1073'.
[  387.960722][ T9682] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1073'.
[  388.074872][ T1673] usb 3-1: Product: syz
[  388.079262][ T1673] usb 3-1: Manufacturer: syz
[  388.100812][ T1673] usb 3-1: SerialNumber: syz
[  388.119928][ T1673] usb 3-1: bad CDC descriptors
[  388.789531][ T1673] usb 3-1: USB disconnect, device number 19
[  388.832662][   T29] audit: type=1326 audit(1730945328.340:354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9691 comm="syz.1.1076" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3b0f77e719 code=0x0
[  389.045799][   T98] block nbd3: Possible stuck request ffff8880257e8000: control (read@0,11264B). Runtime 30 seconds
[  389.930308][ T9706] FAULT_INJECTION: forcing a failure.
[  389.930308][ T9706] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  390.039198][ T9706] CPU: 0 UID: 0 PID: 9706 Comm: syz.4.1080 Not tainted 6.12.0-rc6-syzkaller-00099-g7758b206117d #0
[  390.049929][ T9706] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  390.059998][ T9706] Call Trace:
[  390.063286][ T9706]  <TASK>
[  390.066228][ T9706]  dump_stack_lvl+0x241/0x360
[  390.070928][ T9706]  ? __pfx_dump_stack_lvl+0x10/0x10
[  390.076138][ T9706]  ? __pfx__printk+0x10/0x10
[  390.080748][ T9706]  ? __pfx_lock_release+0x10/0x10
[  390.085802][ T9706]  should_fail_ex+0x3b0/0x4e0
[  390.090501][ T9706]  _copy_from_user+0x2f/0xc0
[  390.095106][ T9706]  __sys_bpf+0x1a4/0x810
[  390.099366][ T9706]  ? __pfx___sys_bpf+0x10/0x10
[  390.104164][ T9706]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  390.110172][ T9706]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  390.116518][ T9706]  ? do_syscall_64+0x100/0x230
[  390.121302][ T9706]  __x64_sys_bpf+0x7c/0x90
[  390.125736][ T9706]  do_syscall_64+0xf3/0x230
[  390.130252][ T9706]  ? clear_bhb_loop+0x35/0x90
[  390.134948][ T9706]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  390.140855][ T9706] RIP: 0033:0x7f5ebc97e719
[  390.145281][ T9706] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  390.164899][ T9706] RSP: 002b:00007f5ebd740038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  390.173331][ T9706] RAX: ffffffffffffffda RBX: 00007f5ebcb35f80 RCX: 00007f5ebc97e719
[  390.181312][ T9706] RDX: 0000000000000038 RSI: 0000000020000300 RDI: 000000000000001a
[  390.189296][ T9706] RBP: 00007f5ebd740090 R08: 0000000000000000 R09: 0000000000000000
[  390.197278][ T9706] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  390.205258][ T9706] R13: 0000000000000000 R14: 00007f5ebcb35f80 R15: 00007ffd69eca918
[  390.213255][ T9706]  </TASK>
[  390.585700][ T9717] netlink: 236 bytes leftover after parsing attributes in process `syz.0.1084'.
[  390.594874][ T9717] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1084'.
[  390.603872][ T9717] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1084'.
[  390.944562][ T5912] usb 6-1: new full-speed USB device number 2 using dummy_hcd
[  391.152130][ T5912] usb 6-1: device descriptor read/64, error -71
[  391.445831][ T5912] usb 6-1: new full-speed USB device number 3 using dummy_hcd
[  391.531049][ T9714] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1083'.
[  391.892130][ T5912] usb 6-1: device descriptor read/64, error -71
[  392.046485][ T5912] usb usb6-port1: attempt power cycle
[  392.070133][   T29] audit: type=1326 audit(1730945331.600:355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9739 comm="syz.0.1092" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd41ab7e719 code=0x0
[  392.182874][ T9742] nbd2: detected capacity change from 0 to 22
[  392.196994][ T9748] block nbd2: shutting down sockets
[  392.269305][ T9752] FAULT_INJECTION: forcing a failure.
[  392.269305][ T9752] name failslab, interval 1, probability 0, space 0, times 0
[  392.282778][ T9752] CPU: 0 UID: 0 PID: 9752 Comm: syz.2.1095 Not tainted 6.12.0-rc6-syzkaller-00099-g7758b206117d #0
[  392.293480][ T9752] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  392.303535][ T9752] Call Trace:
[  392.306809][ T9752]  <TASK>
[  392.309734][ T9752]  dump_stack_lvl+0x241/0x360
[  392.314413][ T9752]  ? __pfx_dump_stack_lvl+0x10/0x10
[  392.319609][ T9752]  ? __pfx__printk+0x10/0x10
[  392.324718][ T9752]  ? __kmalloc_noprof+0xb0/0x400
[  392.329650][ T9752]  ? __pfx___might_resched+0x10/0x10
[  392.334938][ T9752]  should_fail_ex+0x3b0/0x4e0
[  392.339609][ T9752]  ? bpf_test_init+0xe1/0x180
[  392.344281][ T9752]  should_failslab+0xac/0x100
[  392.348957][ T9752]  ? bpf_test_init+0xe1/0x180
[  392.353626][ T9752]  __kmalloc_noprof+0xd8/0x400
[  392.358384][ T9752]  bpf_test_init+0xe1/0x180
[  392.362883][ T9752]  bpf_prog_test_run_skb+0x2bb/0x1820
[  392.368252][ T9752]  ? __pfx_lock_release+0x10/0x10
[  392.373292][ T9752]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  392.379097][ T9752]  ? fput+0x1a8/0x230
[  392.383073][ T9752]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  392.388896][ T9752]  bpf_prog_test_run+0x2e4/0x360
[  392.393851][ T9752]  __sys_bpf+0x48d/0x810
[  392.398100][ T9752]  ? __pfx___sys_bpf+0x10/0x10
[  392.402872][ T9752]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  392.408857][ T9752]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  392.415191][ T9752]  ? do_syscall_64+0x100/0x230
[  392.419959][ T9752]  __x64_sys_bpf+0x7c/0x90
[  392.424371][ T9752]  do_syscall_64+0xf3/0x230
[  392.428870][ T9752]  ? clear_bhb_loop+0x35/0x90
[  392.433545][ T9752]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  392.439431][ T9752] RIP: 0033:0x7f10dcb7e719
[  392.443843][ T9752] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  392.463444][ T9752] RSP: 002b:00007f10dd8a9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  392.471854][ T9752] RAX: ffffffffffffffda RBX: 00007f10dcd35f80 RCX: 00007f10dcb7e719
[  392.479820][ T9752] RDX: 0000000000000023 RSI: 0000000020000240 RDI: 000000000000000a
[  392.487786][ T9752] RBP: 00007f10dd8a9090 R08: 0000000000000000 R09: 0000000000000000
[  392.495752][ T9752] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  392.503716][ T9752] R13: 0000000000000000 R14: 00007f10dcd35f80 R15: 00007ffe6ab7eaa8
[  392.511692][ T9752]  </TASK>
[  392.530816][ T1205] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  392.592014][ T5912] usb 6-1: new full-speed USB device number 4 using dummy_hcd
[  392.648167][ T5912] usb 6-1: device descriptor read/8, error -71
[  392.694030][ T1205] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  392.714671][ T9754] netlink: 236 bytes leftover after parsing attributes in process `syz.4.1096'.
[  392.723791][ T9754] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1096'.
[  392.726901][ T1205] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  392.732761][ T9754] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1096'.
[  392.862836][ T1205] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  392.872119][ T1205] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  392.880139][ T1205] usb 2-1: SerialNumber: syz
[  394.015090][ T1205] usb 2-1: 0:2 : does not exist
[  394.044287][ T9764] netlink: 'syz.0.1100': attribute type 1 has an invalid length.
[  394.173095][ T1205] usb 2-1: USB disconnect, device number 21
[  394.755240][ T9779] netlink: 'syz.0.1102': attribute type 11 has an invalid length.
[  394.775227][ T9779] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1102'.
[  398.033662][ T9801] netlink: 236 bytes leftover after parsing attributes in process `syz.5.1108'.
[  398.042816][ T9801] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1108'.
[  398.051772][ T9801] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1108'.
[  398.356071][ T9807] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  398.706897][ T9810] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1112'.
[  400.075610][ T9830] hub 9-0:1.0: USB hub found
[  400.081948][ T9830] hub 9-0:1.0: 1 port detected
[  400.537372][ T9839] FAULT_INJECTION: forcing a failure.
[  400.537372][ T9839] name failslab, interval 1, probability 0, space 0, times 0
[  400.550177][ T9839] CPU: 0 UID: 0 PID: 9839 Comm: syz.5.1118 Not tainted 6.12.0-rc6-syzkaller-00099-g7758b206117d #0
[  400.560875][ T9839] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  400.570945][ T9839] Call Trace:
[  400.574233][ T9839]  <TASK>
[  400.577192][ T9839]  dump_stack_lvl+0x241/0x360
[  400.581903][ T9839]  ? __pfx_dump_stack_lvl+0x10/0x10
[  400.587128][ T9839]  ? __pfx__printk+0x10/0x10
[  400.591737][ T9839]  ? fs_reclaim_acquire+0x93/0x130
[  400.596883][ T9839]  ? __pfx___might_resched+0x10/0x10
[  400.602196][ T9839]  ? dynamic_dname+0x141/0x1b0
[  400.606996][ T9839]  should_fail_ex+0x3b0/0x4e0
[  400.611714][ T9839]  ? tomoyo_encode+0x26f/0x540
[  400.616501][ T9839]  should_failslab+0xac/0x100
[  400.621200][ T9839]  ? tomoyo_encode+0x26f/0x540
[  400.625988][ T9839]  __kmalloc_noprof+0xd8/0x400
[  400.630821][ T9839]  tomoyo_encode+0x26f/0x540
[  400.635453][ T9839]  ? __pfx_sockfs_dname+0x10/0x10
[  400.640598][ T9839]  tomoyo_realpath_from_path+0x59e/0x5e0
[  400.646261][ T9839]  ? tomoyo_init_request_info+0x6b/0x350
[  400.651917][ T9839]  tomoyo_path_number_perm+0x23a/0x880
[  400.657401][ T9839]  ? tomoyo_path_number_perm+0x208/0x880
[  400.663056][ T9839]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  400.669102][ T9839]  ? __fget_files+0x29/0x470
[  400.673750][ T9839]  ? __fget_files+0x3f3/0x470
[  400.678462][ T9839]  security_file_ioctl+0xc6/0x2a0
[  400.683510][ T9839]  __se_sys_ioctl+0x47/0x170
[  400.688128][ T9839]  do_syscall_64+0xf3/0x230
[  400.692671][ T9839]  ? clear_bhb_loop+0x35/0x90
[  400.697548][ T9839]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  400.703461][ T9839] RIP: 0033:0x7fd2d5d7e719
[  400.707916][ T9839] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  400.727541][ T9839] RSP: 002b:00007fd2d6ba8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  400.735973][ T9839] RAX: ffffffffffffffda RBX: 00007fd2d5f36130 RCX: 00007fd2d5d7e719
[  400.743956][ T9839] RDX: 0000000020000200 RSI: 0000000040086602 RDI: 0000000000000004
[  400.751935][ T9839] RBP: 00007fd2d6ba8090 R08: 0000000000000000 R09: 0000000000000000
[  400.759918][ T9839] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  400.767897][ T9839] R13: 0000000000000000 R14: 00007fd2d5f36130 R15: 00007ffcf0e42158
[  400.775911][ T9839]  </TASK>
[  400.779813][ T9839] ERROR: Out of memory at tomoyo_realpath_from_path.
[  401.296297][ T9842] netlink: 'syz.0.1119': attribute type 21 has an invalid length.
[  401.304328][ T9842] netlink: 128 bytes leftover after parsing attributes in process `syz.0.1119'.
[  401.313824][ T9842] netlink: 'syz.0.1119': attribute type 5 has an invalid length.
[  401.321611][ T9842] netlink: 3 bytes leftover after parsing attributes in process `syz.0.1119'.
[  402.138383][ T9860] netlink: 236 bytes leftover after parsing attributes in process `syz.2.1123'.
[  402.147549][ T9860] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1123'.
[  402.156547][ T9860] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1123'.
[  402.833194][ T9862] FAULT_INJECTION: forcing a failure.
[  402.833194][ T9862] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  402.877617][ T9862] CPU: 0 UID: 0 PID: 9862 Comm: syz.0.1126 Not tainted 6.12.0-rc6-syzkaller-00099-g7758b206117d #0
[  402.888353][ T9862] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  402.898423][ T9862] Call Trace:
[  402.901690][ T9862]  <TASK>
[  402.904611][ T9862]  dump_stack_lvl+0x241/0x360
[  402.909280][ T9862]  ? __pfx_dump_stack_lvl+0x10/0x10
[  402.914462][ T9862]  ? __pfx__printk+0x10/0x10
[  402.919054][ T9862]  ? snprintf+0xda/0x120
[  402.923315][ T9862]  should_fail_ex+0x3b0/0x4e0
[  402.928003][ T9862]  _copy_to_user+0x31/0xb0
[  402.932421][ T9862]  simple_read_from_buffer+0xca/0x150
[  402.937795][ T9862]  proc_fail_nth_read+0x1e9/0x250
[  402.942843][ T9862]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  402.948388][ T9862]  ? rw_verify_area+0x55e/0x6f0
[  402.953233][ T9862]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  402.958774][ T9862]  vfs_read+0x1fc/0xb70
[  402.962928][ T9862]  ? fdget_pos+0x24e/0x320
[  402.967344][ T9862]  ? __pfx_vfs_read+0x10/0x10
[  402.972023][ T9862]  ? __fget_files+0x3f3/0x470
[  402.976703][ T9862]  ? fdget_pos+0x24e/0x320
[  402.981118][ T9862]  ksys_read+0x183/0x2b0
[  402.985362][ T9862]  ? __pfx_ksys_read+0x10/0x10
[  402.990118][ T9862]  ? do_syscall_64+0x100/0x230
[  402.994883][ T9862]  ? do_syscall_64+0xb6/0x230
[  402.999555][ T9862]  do_syscall_64+0xf3/0x230
[  403.004051][ T9862]  ? clear_bhb_loop+0x35/0x90
[  403.008727][ T9862]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  403.014613][ T9862] RIP: 0033:0x7fd41ab7d15c
[  403.019019][ T9862] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  403.038621][ T9862] RSP: 002b:00007fd41ba13030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  403.047033][ T9862] RAX: ffffffffffffffda RBX: 00007fd41ad35f80 RCX: 00007fd41ab7d15c
[  403.055000][ T9862] RDX: 000000000000000f RSI: 00007fd41ba130a0 RDI: 0000000000000003
[  403.062964][ T9862] RBP: 00007fd41ba13090 R08: 0000000000000000 R09: 0000000000000000
[  403.070926][ T9862] R10: 0000000000000068 R11: 0000000000000246 R12: 0000000000000001
[  403.078895][ T9862] R13: 0000000000000001 R14: 00007fd41ad35f80 R15: 00007fff24b2bd68
[  403.086876][ T9862]  </TASK>
[  403.274668][ T9871] FAULT_INJECTION: forcing a failure.
[  403.274668][ T9871] name failslab, interval 1, probability 0, space 0, times 0
[  403.515878][ T9871] CPU: 1 UID: 0 PID: 9871 Comm: syz.1.1130 Not tainted 6.12.0-rc6-syzkaller-00099-g7758b206117d #0
[  403.526605][ T9871] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  403.536677][ T9871] Call Trace:
[  403.539967][ T9871]  <TASK>
[  403.542912][ T9871]  dump_stack_lvl+0x241/0x360
[  403.547610][ T9871]  ? __pfx_dump_stack_lvl+0x10/0x10
[  403.552828][ T9871]  ? __pfx__printk+0x10/0x10
[  403.557437][ T9871]  ? __kmalloc_cache_node_noprof+0x4c/0x300
[  403.563347][ T9871]  ? __pfx___might_resched+0x10/0x10
[  403.568655][ T9871]  should_fail_ex+0x3b0/0x4e0
[  403.573356][ T9871]  should_failslab+0xac/0x100
[  403.578065][ T9871]  __kmalloc_cache_node_noprof+0x74/0x300
[  403.583810][ T9871]  ? __get_vm_area_node+0x113/0x270
[  403.589038][ T9871]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  403.595397][ T9871]  __get_vm_area_node+0x113/0x270
[  403.600446][ T9871]  __vmalloc_node_range_noprof+0x3a6/0x13f0
[  403.606362][ T9871]  ? copy_process+0x5d1/0x3d50
[  403.611161][ T9871]  ? mod_objcg_state+0x125/0x930
[  403.616131][ T9871]  ? __pfx_mod_objcg_state+0x10/0x10
[  403.621453][ T9871]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  403.627801][ T9871]  ? dup_task_struct+0x57/0x8c0
[  403.632677][ T9871]  ? rcu_is_watching+0x15/0xb0
[  403.637458][ T9871]  ? arch_dup_task_struct+0x44/0xa0
[  403.642684][ T9871]  dup_task_struct+0x444/0x8c0
[  403.647476][ T9871]  ? copy_process+0x5d1/0x3d50
[  403.652259][ T9871]  ? _raw_spin_unlock_irq+0x23/0x50
[  403.657479][ T9871]  copy_process+0x5d1/0x3d50
[  403.662446][ T9871]  ? get_pid_task+0x23/0x1f0
[  403.667053][ T9871]  ? __pfx_lock_release+0x10/0x10
[  403.672094][ T9871]  ? kstrtouint_from_user+0x128/0x190
[  403.677499][ T9871]  ? __pfx_copy_process+0x10/0x10
[  403.682551][ T9871]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  403.688469][ T9871]  kernel_clone+0x223/0x880
[  403.692996][ T9871]  ? vfs_write+0x730/0xd30
[  403.697429][ T9871]  ? __pfx_kernel_clone+0x10/0x10
[  403.702455][ T9871]  __x64_sys_clone+0x258/0x2a0
[  403.707211][ T9871]  ? __pfx___x64_sys_clone+0x10/0x10
[  403.712508][ T9871]  ? do_syscall_64+0x100/0x230
[  403.717303][ T9871]  ? do_syscall_64+0xb6/0x230
[  403.722011][ T9871]  do_syscall_64+0xf3/0x230
[  403.726553][ T9871]  ? clear_bhb_loop+0x35/0x90
[  403.731256][ T9871]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  403.737176][ T9871] RIP: 0033:0x7f3b0f77e719
[  403.741610][ T9871] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  403.761239][ T9871] RSP: 002b:00007f3b0dbf5fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  403.769682][ T9871] RAX: ffffffffffffffda RBX: 00007f3b0f935f80 RCX: 00007f3b0f77e719
[  403.777677][ T9871] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  403.785666][ T9871] RBP: 00007f3b0dbf6090 R08: 0000000000000000 R09: 0000000000000000
[  403.793653][ T9871] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  403.801645][ T9871] R13: 0000000000000000 R14: 00007f3b0f935f80 R15: 00007fff5c022b58
[  403.809655][ T9871]  </TASK>
[  403.861494][ T9871] syz.1.1130: vmalloc error: size 32768, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  403.977913][ T9871] CPU: 1 UID: 0 PID: 9871 Comm: syz.1.1130 Not tainted 6.12.0-rc6-syzkaller-00099-g7758b206117d #0
[  403.988651][ T9871] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  403.998729][ T9871] Call Trace:
[  404.002031][ T9871]  <TASK>
[  404.004975][ T9871]  dump_stack_lvl+0x241/0x360
[  404.009680][ T9871]  ? __pfx_dump_stack_lvl+0x10/0x10
[  404.014901][ T9871]  ? __pfx__printk+0x10/0x10
[  404.019509][ T9871]  ? cpuset_print_current_mems_allowed+0x1f/0x350
[  404.025941][ T9871]  ? cpuset_print_current_mems_allowed+0x31e/0x350
[  404.032477][ T9871]  warn_alloc+0x278/0x410
[  404.036835][ T9871]  ? __pfx_warn_alloc+0x10/0x10
[  404.041708][ T9871]  ? __get_vm_area_node+0x113/0x270
[  404.046930][ T9871]  ? __get_vm_area_node+0x261/0x270
[  404.052165][ T9871]  __vmalloc_node_range_noprof+0x3cb/0x13f0
[  404.058081][ T9871]  ? mod_objcg_state+0x125/0x930
[  404.063051][ T9871]  ? __pfx_mod_objcg_state+0x10/0x10
[  404.068376][ T9871]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  404.074728][ T9871]  ? dup_task_struct+0x57/0x8c0
[  404.079601][ T9871]  ? rcu_is_watching+0x15/0xb0
[  404.084375][ T9871]  ? arch_dup_task_struct+0x44/0xa0
[  404.089602][ T9871]  dup_task_struct+0x444/0x8c0
[  404.094385][ T9871]  ? copy_process+0x5d1/0x3d50
[  404.099167][ T9871]  ? _raw_spin_unlock_irq+0x23/0x50
[  404.104382][ T9871]  copy_process+0x5d1/0x3d50
[  404.108999][ T9871]  ? get_pid_task+0x23/0x1f0
[  404.113603][ T9871]  ? __pfx_lock_release+0x10/0x10
[  404.118644][ T9871]  ? kstrtouint_from_user+0x128/0x190
[  404.124054][ T9871]  ? __pfx_copy_process+0x10/0x10
[  404.129101][ T9871]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  404.135020][ T9871]  kernel_clone+0x223/0x880
[  404.139542][ T9871]  ? vfs_write+0x730/0xd30
[  404.143982][ T9871]  ? __pfx_kernel_clone+0x10/0x10
[  404.149058][ T9871]  __x64_sys_clone+0x258/0x2a0
[  404.153859][ T9871]  ? __pfx___x64_sys_clone+0x10/0x10
[  404.159183][ T9871]  ? do_syscall_64+0x100/0x230
[  404.163977][ T9871]  ? do_syscall_64+0xb6/0x230
[  404.168679][ T9871]  do_syscall_64+0xf3/0x230
[  404.173203][ T9871]  ? clear_bhb_loop+0x35/0x90
[  404.177899][ T9871]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  404.183809][ T9871] RIP: 0033:0x7f3b0f77e719
[  404.188239][ T9871] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  404.207876][ T9871] RSP: 002b:00007f3b0dbf5fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  404.216331][ T9871] RAX: ffffffffffffffda RBX: 00007f3b0f935f80 RCX: 00007f3b0f77e719
[  404.224323][ T9871] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  404.232310][ T9871] RBP: 00007f3b0dbf6090 R08: 0000000000000000 R09: 0000000000000000
[  404.240294][ T9871] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  404.248277][ T9871] R13: 0000000000000000 R14: 00007f3b0f935f80 R15: 00007fff5c022b58
[  404.256285][ T9871]  </TASK>
[  404.279211][ T9871] Mem-Info:
[  404.285871][ T9871] active_anon:3204 inactive_anon:9211 isolated_anon:0
[  404.285871][ T9871]  active_file:5361 inactive_file:35067 isolated_file:0
[  404.285871][ T9871]  unevictable:808 dirty:392 writeback:0
[  404.285871][ T9871]  slab_reclaimable:7104 slab_unreclaimable:101925
[  404.285871][ T9871]  mapped:30700 shmem:10056 pagetables:731
[  404.285871][ T9871]  sec_pagetables:0 bounce:0
[  404.285871][ T9871]  kernel_misc_reclaimable:0
[  404.285871][ T9871]  free:1335176 free_pcp:1390 free_cma:0
[  404.875283][ T9871] Node 0 active_anon:12824kB inactive_anon:36572kB active_file:21380kB inactive_file:140268kB unevictable:1696kB isolated(anon):0kB isolated(file):0kB mapped:122748kB dirty:1576kB writeback:0kB shmem:38768kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10600kB pagetables:2852kB sec_pagetables:0kB all_unreclaimable? no
[  404.912043][ T5839] Bluetooth: hci5: command 0x0405 tx timeout
[  404.992114][ T9871] Node 1 active_anon:0kB inactive_anon:0kB active_file:72kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  405.042135][ T9871] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  405.122058][ T9871] lowmem_reserve[]: 0 2465 2466 0 0
[  405.131877][ T9871] Node 0 DMA32 free:1434600kB boost:0kB min:34200kB low:42748kB high:51296kB reserved_highatomic:0KB active_anon:12820kB inactive_anon:24912kB active_file:20612kB inactive_file:140216kB unevictable:1696kB writepending:1584kB present:3129332kB managed:2552500kB mlocked:0kB bounce:0kB free_pcp:5036kB local_pcp:4600kB free_cma:0kB
[  405.302145][ T9871] lowmem_reserve[]: 0 0 0 0 0
[  405.427562][ T9871] Node 0 Normal free:4kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:4kB inactive_anon:36kB active_file:768kB inactive_file:52kB unevictable:0kB writepending:0kB present:1048580kB managed:880kB mlocked:0kB bounce:0kB free_pcp:16kB local_pcp:8kB free_cma:0kB
[  405.495722][ T9871] lowmem_reserve[]: 0 0 0 0 0
[  405.501048][ T9871] Node 1 Normal free:3904544kB boost:0kB min:55688kB low:69608kB high:83528kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:72kB inactive_file:0kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111168kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  405.539579][ T9871] lowmem_reserve[]: 0 0 0 0 0
[  405.544512][ T9871] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  405.571911][ T9871] Node 0 DMA32: 265*4kB (UME) 154*8kB (UME) 172*16kB (UE) 165*32kB (UE) 64*64kB (UME) 27*128kB (UE) 8*256kB (UE) 13*512kB (UME) 15*1024kB (UME) 2*2048kB (ME) 335*4096kB (M) = 1418196kB
[  405.722559][ T9907] netlink: 236 bytes leftover after parsing attributes in process `syz.0.1137'.
[  405.731633][ T9907] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1137'.
[  405.740692][ T9907] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1137'.
[  405.815037][ T9871] Node 0 Normal: 1*4kB (M) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4kB
[  405.835934][ T9871] Node 1 Normal: 212*4kB (UME) 56*8kB (UME) 43*16kB (UME) 203*32kB (UME) 90*64kB (UME) 31*128kB (UME) 9*256kB (UME) 6*512kB (UM) 4*1024kB (UME) 3*2048kB (UE) 945*4096kB (M) = 3904544kB
[  405.891922][ T9871] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  405.901688][ T9871] Node 0 hugepages_total=6 hugepages_free=6 hugepages_surp=4 hugepages_size=2048kB
[  405.923922][ T9871] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  405.967268][ T9871] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  405.977179][ T9871] 51457 total pagecache pages
[  405.981988][ T9871] 1 pages in swap cache
[  405.986230][ T9871] Free swap  = 124448kB
[  405.990455][ T9871] Total swap = 124996kB
[  405.995267][ T9871] 2097051 pages RAM
[  405.999157][ T9871] 0 pages HighMem/MovableOnly
[  406.005023][ T9871] 427074 pages reserved
[  406.009263][ T9871] 0 pages cma reserved
[  406.219326][ T9917] netlink: 'syz.0.1143': attribute type 10 has an invalid length.
[  406.229393][ T9917] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1143'.
[  406.256155][ T9917] net veth1_virt_wifi virt_wifi0: entered allmulticast mode
[  406.292539][ T9917] net veth1_virt_wifi virt_wifi0: entered promiscuous mode
[  406.328235][ T9917] batman_adv: batadv0: Adding interface: virt_wifi0
[  406.335413][ T9917] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  406.362115][ T9917] batman_adv: batadv0: Interface activated: virt_wifi0
[  406.541990][ T5879] usb 2-1: new full-speed USB device number 22 using dummy_hcd
[  406.592754][ T9931] FAULT_INJECTION: forcing a failure.
[  406.592754][ T9931] name failslab, interval 1, probability 0, space 0, times 0
[  406.598818][ T9926] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  406.619166][ T9931] CPU: 0 UID: 0 PID: 9931 Comm: syz.0.1147 Not tainted 6.12.0-rc6-syzkaller-00099-g7758b206117d #0
[  406.626565][ T9933] iommufd_mock iommufd_mock1: Adding to iommu group 1
[  406.629868][ T9931] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  406.646699][ T9931] Call Trace:
[  406.649992][ T9931]  <TASK>
[  406.652935][ T9931]  dump_stack_lvl+0x241/0x360
[  406.657639][ T9931]  ? __pfx_dump_stack_lvl+0x10/0x10
[  406.662865][ T9931]  ? __pfx__printk+0x10/0x10
[  406.667479][ T9931]  ? fs_reclaim_acquire+0x93/0x130
[  406.672618][ T9931]  ? __pfx___might_resched+0x10/0x10
[  406.677932][ T9931]  should_fail_ex+0x3b0/0x4e0
[  406.682636][ T9931]  ? tomoyo_encode+0x26f/0x540
[  406.687419][ T9931]  should_failslab+0xac/0x100
[  406.692114][ T9931]  ? tomoyo_encode+0x26f/0x540
[  406.696884][ T9931]  __kmalloc_noprof+0xd8/0x400
[  406.701648][ T9931]  tomoyo_encode+0x26f/0x540
[  406.706239][ T9931]  tomoyo_realpath_from_path+0x59e/0x5e0
[  406.711888][ T9931]  tomoyo_path_number_perm+0x23a/0x880
[  406.717362][ T9931]  ? tomoyo_path_number_perm+0x208/0x880
[  406.722991][ T9931]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  406.728998][ T9931]  ? __fget_files+0x29/0x470
[  406.733590][ T9931]  ? __fget_files+0x3f3/0x470
[  406.738271][ T9931]  security_file_ioctl+0xc6/0x2a0
[  406.743295][ T9931]  __se_sys_ioctl+0x47/0x170
[  406.747881][ T9931]  do_syscall_64+0xf3/0x230
[  406.752382][ T9931]  ? clear_bhb_loop+0x35/0x90
[  406.757052][ T9931]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  406.762938][ T9931] RIP: 0033:0x7fd41ab7e719
[  406.767347][ T9931] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  406.786969][ T9931] RSP: 002b:00007fd41ba13038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  406.795379][ T9931] RAX: ffffffffffffffda RBX: 00007fd41ad35f80 RCX: 00007fd41ab7e719
[  406.803343][ T9931] RDX: 0000000020000440 RSI: 0000000000003b72 RDI: 0000000000000003
[  406.811308][ T9931] RBP: 00007fd41ba13090 R08: 0000000000000000 R09: 0000000000000000
[  406.819276][ T9931] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  406.827240][ T9931] R13: 0000000000000000 R14: 00007fd41ad35f80 R15: 00007fff24b2bd68
[  406.835216][ T9931]  </TASK>
[  406.843309][ T9931] ERROR: Out of memory at tomoyo_realpath_from_path.
[  406.853875][ T5879] usb 2-1: unable to get BOS descriptor or descriptor too short
[  406.868274][ T5879] usb 2-1: not running at top speed; connect to a high speed hub
[  406.887486][ T5879] usb 2-1: config 1 interface 0 altsetting 2 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  406.908836][ T5879] usb 2-1: config 1 interface 0 has no altsetting 0
[  406.925166][ T5879] usb 2-1: New USB device found, idVendor=0eef, idProduct=722a, bcdDevice= 0.40
[  406.939774][ T5879] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  406.968282][ T5879] usb 2-1: Product: syz
[  406.990571][ T9939] FAULT_INJECTION: forcing a failure.
[  406.990571][ T9939] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  407.015337][ T5879] usb 2-1: Manufacturer: syz
[  407.024251][ T5879] usb 2-1: SerialNumber: syz
[  407.045494][ T9939] CPU: 1 UID: 0 PID: 9939 Comm: syz.0.1151 Not tainted 6.12.0-rc6-syzkaller-00099-g7758b206117d #0
[  407.056219][ T9939] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  407.066300][ T9939] Call Trace:
[  407.069602][ T9939]  <TASK>
[  407.072555][ T9939]  dump_stack_lvl+0x241/0x360
[  407.077255][ T9939]  ? __pfx_dump_stack_lvl+0x10/0x10
[  407.082478][ T9939]  ? __pfx__printk+0x10/0x10
[  407.087092][ T9939]  ? snprintf+0xda/0x120
[  407.091357][ T9939]  should_fail_ex+0x3b0/0x4e0
[  407.096059][ T9939]  _copy_to_user+0x31/0xb0
[  407.100499][ T9939]  simple_read_from_buffer+0xca/0x150
[  407.105902][ T9939]  proc_fail_nth_read+0x1e9/0x250
[  407.110951][ T9939]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  407.116518][ T9939]  ? rw_verify_area+0x55e/0x6f0
[  407.121389][ T9939]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  407.126962][ T9939]  vfs_read+0x1fc/0xb70
[  407.131151][ T9939]  ? fdget_pos+0x24e/0x320
[  407.135596][ T9939]  ? __pfx_vfs_read+0x10/0x10
[  407.140301][ T9939]  ? __fget_files+0x3f3/0x470
[  407.145017][ T9939]  ? fdget_pos+0x24e/0x320
[  407.149465][ T9939]  ksys_read+0x183/0x2b0
[  407.153748][ T9939]  ? __pfx_ksys_read+0x10/0x10
[  407.158534][ T9939]  ? do_syscall_64+0x100/0x230
[  407.163324][ T9939]  ? do_syscall_64+0xb6/0x230
[  407.168027][ T9939]  do_syscall_64+0xf3/0x230
[  407.172553][ T9939]  ? clear_bhb_loop+0x35/0x90
[  407.177257][ T9939]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  407.183170][ T9939] RIP: 0033:0x7fd41ab7d15c
[  407.187603][ T9939] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  407.207231][ T9939] RSP: 002b:00007fd41ba13030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  407.215678][ T9939] RAX: ffffffffffffffda RBX: 00007fd41ad35f80 RCX: 00007fd41ab7d15c
[  407.223686][ T9939] RDX: 000000000000000f RSI: 00007fd41ba130a0 RDI: 0000000000000004
[  407.231682][ T9939] RBP: 00007fd41ba13090 R08: 0000000000000000 R09: 0000000000000000
[  407.239676][ T9939] R10: 0000000020000240 R11: 0000000000000246 R12: 0000000000000001
[  407.247670][ T9939] R13: 0000000000000000 R14: 00007fd41ad35f80 R15: 00007fff24b2bd68
[  407.255682][ T9939]  </TASK>
[  407.292323][ T9919] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  407.641255][ T5879] usbhid 2-1:1.0: can't add hid device: -71
[  407.651974][ T5879] usbhid 2-1:1.0: probe with driver usbhid failed with error -71
[  407.662255][ T5879] usb 2-1: USB disconnect, device number 22
[  407.840511][ T9954] netlink: 236 bytes leftover after parsing attributes in process `syz.0.1154'.
[  407.850395][ T9954] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1154'.
[  407.859456][ T9954] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1154'.
[  408.037262][ T9957] tmpfs: Bad value for 'mpol'
[  410.719320][   T29] audit: type=1326 audit(1730945350.250:356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9993 comm="syz.4.1166" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5ebc97e719 code=0x0
[  411.092251][ T5878] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  411.283884][ T5878] usb 1-1: Using ep0 maxpacket: 8
[  411.308209][ T5878] usb 1-1: config 6 has an invalid interface number: 120 but max is 1
[  411.317841][ T5878] usb 1-1: config 6 has an invalid interface number: 86 but max is 1
[  411.360616][ T5878] usb 1-1: config 6 has an invalid descriptor of length 0, skipping remainder of the config
[  411.412686][ T5878] usb 1-1: config 6 has no interface number 0
[  411.421954][ T5878] usb 1-1: config 6 has no interface number 1
[  411.441361][ T5878] usb 1-1: config 6 interface 120 altsetting 5 endpoint 0xF has invalid maxpacket 512, setting to 64
[  411.528640][ T5878] usb 1-1: config 6 interface 120 altsetting 5 endpoint 0x6 has invalid maxpacket 1023, setting to 64
[  411.535499][T10004] : entered promiscuous mode
[  411.658057][ T5878] usb 1-1: config 6 interface 120 altsetting 5 bulk endpoint 0x7 has invalid maxpacket 64
[  411.730547][ T5878] usb 1-1: config 6 interface 120 altsetting 5 has a duplicate endpoint with address 0x8, skipping
[  411.808698][ T5878] usb 1-1: config 6 interface 120 altsetting 5 has a duplicate endpoint with address 0x7, skipping
[  411.944248][ T5878] usb 1-1: config 6 interface 120 altsetting 5 has a duplicate endpoint with address 0xF, skipping
[  412.011889][ T5878] usb 1-1: config 6 interface 120 altsetting 5 has a duplicate endpoint with address 0xA, skipping
[  412.046315][ T5878] usb 1-1: config 6 interface 120 altsetting 5 has a duplicate endpoint with address 0x4, skipping
[  412.097427][ T5878] usb 1-1: config 6 interface 120 altsetting 5 has an invalid descriptor for endpoint zero, skipping
[  412.122560][ T5878] usb 1-1: config 6 interface 86 altsetting 224 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  412.151931][ T5878] usb 1-1: config 6 interface 120 has no altsetting 0
[  412.162183][ T5878] usb 1-1: config 6 interface 86 has no altsetting 0
[  412.177779][ T5878] usb 1-1: New USB device found, idVendor=0af0, idProduct=7701, bcdDevice=fc.1b
[  412.187243][ T5878] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  412.210104][ T5878] usb 1-1: Product: Ћ
[  412.218740][ T5878] usb 1-1: Manufacturer: 㷛�傇歷ꕣ蛳轩蛉⺉啯夃�蜧奂㹔̑�俖眠縸ꡧ榧밆ඞ舥ﭟ蘨풴눫蕷�艎䢾붋髅芖�೟펻�㾽�㒟䷪錥��喝›ᕕ峲岺�뉰歂憗뀜걇ﱵ뀺숌栜奷㺞뢹薳�厓唩ꋜྟ톚復鈉䲫इ쑸䅌➤ℼ↜Ƥ补疬哣啕肮�쯳㲩
[  412.338845][ T5878] usb 1-1: SerialNumber: 覶젹ᰲຼ��麡㕩ҭ䫞鼟⡱롭꡷鄻욎※殅㖻㮾�囂�ṙਘ�罚໋�蒔ˑ��뾘ḇ㚭Ჯ䎯锔권㲹䥶
[  412.388053][T10010] netlink: 236 bytes leftover after parsing attributes in process `syz.5.1171'.
[  412.394630][ T9999] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  412.397255][T10010] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1171'.
[  412.413994][T10010] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1171'.
[  412.876208][ T5878] hso 1-1:6.120: Not our interface
[  412.908489][ T5878] hso 1-1:6.86: Not our interface
[  412.933626][ T5878] usb 1-1: USB disconnect, device number 19
[  416.902114][T10060] FAULT_INJECTION: forcing a failure.
[  416.902114][T10060] name failslab, interval 1, probability 0, space 0, times 0
[  416.915206][T10060] CPU: 0 UID: 0 PID: 10060 Comm: syz.1.1185 Not tainted 6.12.0-rc6-syzkaller-00099-g7758b206117d #0
[  416.926004][T10060] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  416.936085][T10060] Call Trace:
[  416.939385][T10060]  <TASK>
[  416.942367][T10060]  dump_stack_lvl+0x241/0x360
[  416.947077][T10060]  ? __pfx_dump_stack_lvl+0x10/0x10
[  416.952304][T10060]  ? __pfx__printk+0x10/0x10
[  416.956922][T10060]  ? kmem_cache_alloc_node_noprof+0x49/0x320
[  416.962928][T10060]  ? __pfx___might_resched+0x10/0x10
[  416.968246][T10060]  should_fail_ex+0x3b0/0x4e0
[  416.972957][T10060]  should_failslab+0xac/0x100
[  416.977664][T10060]  ? __alloc_skb+0x1c3/0x440
[  416.982280][T10060]  kmem_cache_alloc_node_noprof+0x71/0x320
[  416.988113][T10060]  __alloc_skb+0x1c3/0x440
[  416.992561][T10060]  ? __pfx___alloc_skb+0x10/0x10
[  416.997515][T10060]  ? netlink_autobind+0xd6/0x2f0
[  417.002455][T10060]  ? netlink_autobind+0x2b0/0x2f0
[  417.007490][T10060]  netlink_sendmsg+0x638/0xcb0
[  417.012262][T10060]  ? __pfx_netlink_sendmsg+0x10/0x10
[  417.017555][T10060]  ? __pfx_netlink_sendmsg+0x10/0x10
[  417.022844][T10060]  __sock_sendmsg+0x221/0x270
[  417.027523][T10060]  ____sys_sendmsg+0x52a/0x7e0
[  417.032291][T10060]  ? __pfx_____sys_sendmsg+0x10/0x10
[  417.037590][T10060]  __sys_sendmsg+0x292/0x380
[  417.042184][T10060]  ? __pfx___sys_sendmsg+0x10/0x10
[  417.047304][T10060]  ? __pfx_vfs_write+0x10/0x10
[  417.052092][T10060]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  417.058424][T10060]  ? do_syscall_64+0x100/0x230
[  417.063195][T10060]  ? do_syscall_64+0xb6/0x230
[  417.067873][T10060]  do_syscall_64+0xf3/0x230
[  417.072379][T10060]  ? clear_bhb_loop+0x35/0x90
[  417.077057][T10060]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  417.082951][T10060] RIP: 0033:0x7f3b0f77e719
[  417.087365][T10060] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  417.106964][T10060] RSP: 002b:00007f3b0dbf6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  417.115378][T10060] RAX: ffffffffffffffda RBX: 00007f3b0f935f80 RCX: 00007f3b0f77e719
[  417.123346][T10060] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000003
[  417.131313][T10060] RBP: 00007f3b0dbf6090 R08: 0000000000000000 R09: 0000000000000000
[  417.139278][T10060] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  417.147247][T10060] R13: 0000000000000000 R14: 00007f3b0f935f80 R15: 00007fff5c022b58
[  417.155227][T10060]  </TASK>
[  417.471950][ T5878] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  417.484966][T10067] FAULT_INJECTION: forcing a failure.
[  417.484966][T10067] name failslab, interval 1, probability 0, space 0, times 0
[  417.552604][T10067] CPU: 1 UID: 0 PID: 10067 Comm: syz.1.1187 Not tainted 6.12.0-rc6-syzkaller-00099-g7758b206117d #0
[  417.563438][T10067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  417.573511][T10067] Call Trace:
[  417.576805][T10067]  <TASK>
[  417.579752][T10067]  dump_stack_lvl+0x241/0x360
[  417.584458][T10067]  ? __pfx_dump_stack_lvl+0x10/0x10
[  417.589679][T10067]  ? __pfx__printk+0x10/0x10
[  417.594287][T10067]  ? fs_reclaim_acquire+0x93/0x130
[  417.599441][T10067]  ? __pfx___might_resched+0x10/0x10
[  417.604778][T10067]  should_fail_ex+0x3b0/0x4e0
[  417.609494][T10067]  ? tomoyo_encode+0x26f/0x540
[  417.614304][T10067]  should_failslab+0xac/0x100
[  417.619006][T10067]  ? tomoyo_encode+0x26f/0x540
[  417.623792][T10067]  __kmalloc_noprof+0xd8/0x400
[  417.628583][T10067]  tomoyo_encode+0x26f/0x540
[  417.633221][T10067]  tomoyo_realpath_from_path+0x59e/0x5e0
[  417.638913][T10067]  tomoyo_path_number_perm+0x23a/0x880
[  417.644411][T10067]  ? tomoyo_path_number_perm+0x208/0x880
[  417.650071][T10067]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  417.656114][T10067]  ? __fget_files+0x29/0x470
[  417.660735][T10067]  ? __fget_files+0x3f3/0x470
[  417.665454][T10067]  security_file_ioctl+0xc6/0x2a0
[  417.670505][T10067]  __se_sys_ioctl+0x47/0x170
[  417.675126][T10067]  do_syscall_64+0xf3/0x230
[  417.679657][T10067]  ? clear_bhb_loop+0x35/0x90
[  417.684356][T10067]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  417.690266][T10067] RIP: 0033:0x7f3b0f77e719
[  417.694702][T10067] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  417.714334][T10067] RSP: 002b:00007f3b0dbf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  417.722788][T10067] RAX: ffffffffffffffda RBX: 00007f3b0f935f80 RCX: 00007f3b0f77e719
[  417.730785][T10067] RDX: 0000000020000100 RSI: 0000000000003b82 RDI: 0000000000000003
[  417.738776][T10067] RBP: 00007f3b0dbf6090 R08: 0000000000000000 R09: 0000000000000000
[  417.746765][T10067] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  417.754753][T10067] R13: 0000000000000000 R14: 00007f3b0f935f80 R15: 00007fff5c022b58
[  417.762761][T10067]  </TASK>
[  417.794328][T10067] ERROR: Out of memory at tomoyo_realpath_from_path.
[  417.869264][ T5878] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[  417.879852][ T5878] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0
[  417.908340][ T5878] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  417.947361][ T5878] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0
[  418.001879][ T5878] usb 1-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b
[  418.032101][ T5878] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  418.082965][ T5878] usb 1-1: config 0 descriptor??
[  418.175478][T10073] netlink: 236 bytes leftover after parsing attributes in process `syz.4.1188'.
[  418.185093][T10073] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1188'.
[  418.194169][T10073] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1188'.
[  418.306045][ T5878] hdpvr 1-1:0.0: firmware version 0x0 dated 
[  418.318967][ T5878] hdpvr 1-1:0.0: untested firmware, the driver might not work.
[  419.396984][T10059] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1186'.
[  419.495551][   T29] audit: type=1326 audit(1730945359.030:357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10084 comm="syz.4.1192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ebc97e719 code=0x7ffc0000
[  419.530664][ T5878] hdpvr 1-1:0.0: Could not setup controls
[  419.538120][ T5878] hdpvr 1-1:0.0: registering videodev failed
[  419.549660][ T5878] hdpvr 1-1:0.0: probe with driver hdpvr failed with error -71
[  419.559732][ T5878] usb 1-1: USB disconnect, device number 20
[  419.685665][   T98] block nbd3: Possible stuck request ffff8880257e8000: control (read@0,11264B). Runtime 60 seconds
[  419.719444][   T29] audit: type=1326 audit(1730945359.030:358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10084 comm="syz.4.1192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ebc97e719 code=0x7ffc0000
[  420.444674][   T29] audit: type=1326 audit(1730945359.030:359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10084 comm="syz.4.1192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f5ebc97e719 code=0x7ffc0000
[  420.490687][   T29] audit: type=1326 audit(1730945359.030:360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10084 comm="syz.4.1192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ebc97e719 code=0x7ffc0000
[  421.202059][   T29] audit: type=1326 audit(1730945359.030:361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10084 comm="syz.4.1192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ebc97e719 code=0x7ffc0000
[  421.226079][   T29] audit: type=1326 audit(1730945359.030:362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10084 comm="syz.4.1192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f5ebc97e719 code=0x7ffc0000
[  421.247742][   T29] audit: type=1326 audit(1730945359.030:363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10084 comm="syz.4.1192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ebc97e719 code=0x7ffc0000
[  421.269769][   T29] audit: type=1326 audit(1730945359.030:364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10084 comm="syz.4.1192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f5ebc97e719 code=0x7ffc0000
[  421.292290][   T29] audit: type=1326 audit(1730945359.060:365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10084 comm="syz.4.1192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f5ebc9756e7 code=0x7ffc0000
[  421.313969][   T29] audit: type=1326 audit(1730945359.060:366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10084 comm="syz.4.1192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f5ebc91a099 code=0x7ffc0000
[  421.516914][T10110] befs: (nullb0): No write support. Marking filesystem read-only
[  422.361546][T10110] befs: (nullb0): invalid magic header
[  422.669717][T10122] netlink: 236 bytes leftover after parsing attributes in process `syz.1.1203'.
[  422.679000][T10122] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1203'.
[  422.688310][T10122] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1203'.
[  422.785526][T10124] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  423.169402][T10137] openvswitch: : Dropping previously announced user features
[  425.633729][T10172] FAULT_INJECTION: forcing a failure.
[  425.633729][T10172] name failslab, interval 1, probability 0, space 0, times 0
[  425.674919][T10172] CPU: 0 UID: 0 PID: 10172 Comm: syz.5.1218 Not tainted 6.12.0-rc6-syzkaller-00099-g7758b206117d #0
[  425.685737][T10172] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  425.695822][T10172] Call Trace:
[  425.699138][T10172]  <TASK>
[  425.702084][T10172]  dump_stack_lvl+0x241/0x360
[  425.706787][T10172]  ? __pfx_dump_stack_lvl+0x10/0x10
[  425.712012][T10172]  ? __pfx__printk+0x10/0x10
[  425.716620][T10172]  ? kmem_cache_alloc_node_noprof+0x49/0x320
[  425.722617][T10172]  ? __pfx___might_resched+0x10/0x10
[  425.727928][T10172]  should_fail_ex+0x3b0/0x4e0
[  425.732629][T10172]  should_failslab+0xac/0x100
[  425.737329][T10172]  ? __alloc_skb+0x1c3/0x440
[  425.741936][T10172]  kmem_cache_alloc_node_noprof+0x71/0x320
[  425.747761][T10172]  __alloc_skb+0x1c3/0x440
[  425.752205][T10172]  ? __pfx___alloc_skb+0x10/0x10
[  425.757163][T10172]  ? netlink_autobind+0xd6/0x2f0
[  425.762119][T10172]  ? netlink_autobind+0x2b0/0x2f0
[  425.767509][T10172]  netlink_sendmsg+0x638/0xcb0
[  425.772312][T10172]  ? __pfx_netlink_sendmsg+0x10/0x10
[  425.777627][T10172]  ? __pfx_netlink_sendmsg+0x10/0x10
[  425.782930][T10172]  __sock_sendmsg+0x221/0x270
[  425.787634][T10172]  ____sys_sendmsg+0x52a/0x7e0
[  425.792424][T10172]  ? __pfx_____sys_sendmsg+0x10/0x10
[  425.797742][T10172]  __sys_sendmsg+0x292/0x380
[  425.802350][T10172]  ? __pfx___sys_sendmsg+0x10/0x10
[  425.807490][T10172]  ? __pfx_vfs_write+0x10/0x10
[  425.812299][T10172]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  425.818651][T10172]  ? do_syscall_64+0x100/0x230
[  425.823441][T10172]  ? do_syscall_64+0xb6/0x230
[  425.828135][T10172]  do_syscall_64+0xf3/0x230
[  425.832658][T10172]  ? clear_bhb_loop+0x35/0x90
[  425.837358][T10172]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  425.843267][T10172] RIP: 0033:0x7fd2d5d7e719
[  425.847694][T10172] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  425.867320][T10172] RSP: 002b:00007fd2d6bea038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  425.875764][T10172] RAX: ffffffffffffffda RBX: 00007fd2d5f35f80 RCX: 00007fd2d5d7e719
[  425.883758][T10172] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004
[  425.891748][T10172] RBP: 00007fd2d6bea090 R08: 0000000000000000 R09: 0000000000000000
[  425.899737][T10172] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  425.907722][T10172] R13: 0000000000000000 R14: 00007fd2d5f35f80 R15: 00007ffcf0e42158
[  425.915727][T10172]  </TASK>
[  425.977309][T10176] netlink: 236 bytes leftover after parsing attributes in process `syz.1.1219'.
[  425.986511][T10176] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1219'.
[  425.995497][T10176] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1219'.
[  426.049014][T10179] FAULT_INJECTION: forcing a failure.
[  426.049014][T10179] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  426.199834][T10179] CPU: 0 UID: 0 PID: 10179 Comm: syz.5.1221 Not tainted 6.12.0-rc6-syzkaller-00099-g7758b206117d #0
[  426.210650][T10179] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  426.220726][T10179] Call Trace:
[  426.224024][T10179]  <TASK>
[  426.226970][T10179]  dump_stack_lvl+0x241/0x360
[  426.231672][T10179]  ? __pfx_dump_stack_lvl+0x10/0x10
[  426.236973][T10179]  ? __pfx__printk+0x10/0x10
[  426.241588][T10179]  ? snprintf+0xda/0x120
[  426.245853][T10179]  should_fail_ex+0x3b0/0x4e0
[  426.250554][T10179]  _copy_to_user+0x31/0xb0
[  426.254998][T10179]  simple_read_from_buffer+0xca/0x150
[  426.260398][T10179]  proc_fail_nth_read+0x1e9/0x250
[  426.265454][T10179]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  426.271029][T10179]  ? rw_verify_area+0x55e/0x6f0
[  426.275904][T10179]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  426.281475][T10179]  vfs_read+0x1fc/0xb70
[  426.285655][T10179]  ? fdget_pos+0x24e/0x320
[  426.290095][T10179]  ? __pfx_vfs_read+0x10/0x10
[  426.294797][T10179]  ? __fget_files+0x3f3/0x470
[  426.299502][T10179]  ? fdget_pos+0x24e/0x320
[  426.303948][T10179]  ksys_read+0x183/0x2b0
[  426.308214][T10179]  ? __pfx_ksys_read+0x10/0x10
[  426.312997][T10179]  ? do_syscall_64+0x100/0x230
[  426.317791][T10179]  ? do_syscall_64+0xb6/0x230
[  426.322503][T10179]  do_syscall_64+0xf3/0x230
[  426.327037][T10179]  ? clear_bhb_loop+0x35/0x90
[  426.331739][T10179]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  426.337656][T10179] RIP: 0033:0x7fd2d5d7d15c
[  426.342088][T10179] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  426.361714][T10179] RSP: 002b:00007fd2d6bea030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  426.370159][T10179] RAX: ffffffffffffffda RBX: 00007fd2d5f35f80 RCX: 00007fd2d5d7d15c
[  426.378150][T10179] RDX: 000000000000000f RSI: 00007fd2d6bea0a0 RDI: 0000000000000004
[  426.386130][T10179] RBP: 00007fd2d6bea090 R08: 0000000000000000 R09: 0000000000000000
[  426.394103][T10179] R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000001
[  426.402093][T10179] R13: 0000000000000000 R14: 00007fd2d5f35f80 R15: 00007ffcf0e42158
[  426.410100][T10179]  </TASK>
[  426.457251][T10183] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1223'.
[  426.634220][T10185] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1220'.
[  427.451988][T10183] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1223'.
[  428.273658][T10195] openvswitch: : Dropping previously announced user features
[  430.985535][T10213] sctp: [Deprecated]: syz.5.1230 (pid 10213) Use of struct sctp_assoc_value in delayed_ack socket option.
[  430.985535][T10213] Use struct sctp_sack_info instead
[  431.631785][T10224] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1234'.
[  431.687407][T10226] FAULT_INJECTION: forcing a failure.
[  431.687407][T10226] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  431.831923][T10226] CPU: 1 UID: 0 PID: 10226 Comm: syz.4.1236 Not tainted 6.12.0-rc6-syzkaller-00099-g7758b206117d #0
[  431.842747][T10226] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  431.852821][T10226] Call Trace:
[  431.856112][T10226]  <TASK>
[  431.859056][T10226]  dump_stack_lvl+0x241/0x360
[  431.863762][T10226]  ? __pfx_dump_stack_lvl+0x10/0x10
[  431.868980][T10226]  ? __pfx__printk+0x10/0x10
[  431.873602][T10226]  ? snprintf+0xda/0x120
[  431.877870][T10226]  should_fail_ex+0x3b0/0x4e0
[  431.882561][T10226]  _copy_to_user+0x31/0xb0
[  431.886977][T10226]  simple_read_from_buffer+0xca/0x150
[  431.892354][T10226]  proc_fail_nth_read+0x1e9/0x250
[  431.897380][T10226]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  431.902925][T10226]  ? rw_verify_area+0x55e/0x6f0
[  431.907771][T10226]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  431.913314][T10226]  vfs_read+0x1fc/0xb70
[  431.917473][T10226]  ? fdget_pos+0x24e/0x320
[  431.921889][T10226]  ? __pfx_vfs_read+0x10/0x10
[  431.926564][T10226]  ? __fget_files+0x3f3/0x470
[  431.931244][T10226]  ? fdget_pos+0x24e/0x320
[  431.935665][T10226]  ksys_read+0x183/0x2b0
[  431.939906][T10226]  ? __pfx_ksys_read+0x10/0x10
[  431.944665][T10226]  ? do_syscall_64+0x100/0x230
[  431.949426][T10226]  ? do_syscall_64+0xb6/0x230
[  431.954100][T10226]  do_syscall_64+0xf3/0x230
[  431.958600][T10226]  ? clear_bhb_loop+0x35/0x90
[  431.963275][T10226]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  431.969162][T10226] RIP: 0033:0x7f5ebc97d15c
[  431.973572][T10226] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  431.993175][T10226] RSP: 002b:00007f5ebd740030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  432.001589][T10226] RAX: ffffffffffffffda RBX: 00007f5ebcb35f80 RCX: 00007f5ebc97d15c
[  432.009647][T10226] RDX: 000000000000000f RSI: 00007f5ebd7400a0 RDI: 0000000000000006
[  432.017612][T10226] RBP: 00007f5ebd740090 R08: 0000000000000000 R09: 0000000000000000
[  432.025575][T10226] R10: 0000000020000140 R11: 0000000000000246 R12: 0000000000000001
[  432.033540][T10226] R13: 0000000000000000 R14: 00007f5ebcb35f80 R15: 00007ffd69eca918
[  432.041516][T10226]  </TASK>
[  432.044575][    C1] vkms_vblank_simulate: vblank timer overrun
[  432.106081][T10231] netlink: 236 bytes leftover after parsing attributes in process `syz.1.1235'.
[  432.115244][T10231] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1235'.
[  432.124285][T10231] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1235'.
[  432.130512][T10233] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1238'.
[  432.272428][T10230] netlink: 'syz.2.1237': attribute type 3 has an invalid length.
[  432.388938][T10241] FAULT_INJECTION: forcing a failure.
[  432.388938][T10241] name failslab, interval 1, probability 0, space 0, times 0
[  432.392507][ T5878] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  432.413431][T10241] CPU: 1 UID: 0 PID: 10241 Comm: syz.5.1240 Not tainted 6.12.0-rc6-syzkaller-00099-g7758b206117d #0
[  432.424221][T10241] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  432.434307][T10241] Call Trace:
[  432.437600][T10241]  <TASK>
[  432.440547][T10241]  dump_stack_lvl+0x241/0x360
[  432.445260][T10241]  ? __pfx_dump_stack_lvl+0x10/0x10
[  432.450485][T10241]  ? __pfx__printk+0x10/0x10
[  432.455102][T10241]  ? fs_reclaim_acquire+0x93/0x130
[  432.460234][T10241]  ? __pfx___might_resched+0x10/0x10
[  432.465543][T10241]  should_fail_ex+0x3b0/0x4e0
[  432.470235][T10241]  ? tomoyo_encode+0x26f/0x540
[  432.475047][T10241]  should_failslab+0xac/0x100
[  432.479747][T10241]  ? tomoyo_encode+0x26f/0x540
[  432.484532][T10241]  __kmalloc_noprof+0xd8/0x400
[  432.489317][T10241]  tomoyo_encode+0x26f/0x540
[  432.493932][T10241]  tomoyo_realpath_from_path+0x59e/0x5e0
[  432.499597][T10241]  tomoyo_path_number_perm+0x23a/0x880
[  432.505077][T10241]  ? tomoyo_path_number_perm+0x208/0x880
[  432.510724][T10241]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  432.516762][T10241]  ? __fget_files+0x29/0x470
[  432.521374][T10241]  ? __fget_files+0x3f3/0x470
[  432.526075][T10241]  security_file_ioctl+0xc6/0x2a0
[  432.531121][T10241]  __se_sys_ioctl+0x47/0x170
[  432.535733][T10241]  do_syscall_64+0xf3/0x230
[  432.540251][T10241]  ? clear_bhb_loop+0x35/0x90
[  432.545030][T10241]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  432.550936][T10241] RIP: 0033:0x7fd2d5d7e719
[  432.555362][T10241] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  432.574994][T10241] RSP: 002b:00007fd2d6bea038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  432.583443][T10241] RAX: ffffffffffffffda RBX: 00007fd2d5f35f80 RCX: 00007fd2d5d7e719
[  432.591447][T10241] RDX: 0000000020000180 RSI: 00000000c00c642e RDI: 0000000000000003
[  432.599444][T10241] RBP: 00007fd2d6bea090 R08: 0000000000000000 R09: 0000000000000000
[  432.607438][T10241] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  432.615425][T10241] R13: 0000000000000000 R14: 00007fd2d5f35f80 R15: 00007ffcf0e42158
[  432.623430][T10241]  </TASK>
[  432.727501][T10241] ERROR: Out of memory at tomoyo_realpath_from_path.
[  432.842430][ T5878] usb 5-1: device descriptor read/64, error -71
[  433.010630][T10247] openvswitch: : Dropping previously announced user features
[  433.862185][ T5878] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  434.002783][ T5878] usb 5-1: device descriptor read/64, error -71
[  434.123067][ T5878] usb usb5-port1: attempt power cycle
[  434.300904][T10255] overlayfs: failed to resolve './file0': -2
[  434.324180][T10257] syz.0.1246[10257] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  434.324274][T10257] syz.0.1246[10257] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  434.336780][T10254] block nbd5: shutting down sockets
[  434.353983][T10257] syz.0.1246[10257] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  434.482181][ T5878] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  434.512494][ T5878] usb 5-1: device descriptor read/8, error -71
[  434.533073][ T5879] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  434.545009][T10266] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  434.662009][ T5881] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  434.696635][ T5879] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  434.706557][ T5879] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  434.714726][ T5879] usb 3-1: Product: syz
[  434.719080][ T5879] usb 3-1: Manufacturer: syz
[  434.723900][ T5879] usb 3-1: SerialNumber: syz
[  434.733711][ T5879] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  434.750350][ T5882] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  434.772007][ T5878] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  434.813483][ T5878] usb 5-1: device descriptor read/8, error -71
[  434.831993][ T5881] usb 1-1: Using ep0 maxpacket: 8
[  434.839622][ T5881] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  434.849904][ T5881] usb 1-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  434.859032][ T5881] usb 1-1: config 1 has no interface number 1
[  434.868912][ T5881] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  434.878255][ T5881] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  434.888382][ T5881] usb 1-1: Product: syz
[  434.894003][ T5881] usb 1-1: Manufacturer: syz
[  434.898751][ T5881] usb 1-1: SerialNumber: syz
[  434.932515][ T5878] usb usb5-port1: unable to enumerate USB device
[  435.559476][T10274] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1250'.
[  435.904071][ T5882] ath9k_htc 3-1:1.0: ath9k_htc: Target is unresponsive
[  436.144771][ T5882] ath9k_htc: Failed to initialize the device
[  436.738068][T10281] FAULT_INJECTION: forcing a failure.
[  436.738068][T10281] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  436.753495][T10281] CPU: 1 UID: 0 PID: 10281 Comm: syz.4.1252 Not tainted 6.12.0-rc6-syzkaller-00099-g7758b206117d #0
[  436.764296][T10281] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  436.774375][T10281] Call Trace:
[  436.777651][T10281]  <TASK>
[  436.780565][T10281]  dump_stack_lvl+0x241/0x360
[  436.785253][T10281]  ? __pfx_dump_stack_lvl+0x10/0x10
[  436.790481][T10281]  ? __pfx__printk+0x10/0x10
[  436.795111][T10281]  should_fail_ex+0x3b0/0x4e0
[  436.799818][T10281]  _copy_from_user+0x2f/0xc0
[  436.804428][T10281]  sctp_setsockopt+0xcc/0x11c0
[  436.809215][T10281]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  436.814093][T10284] FAULT_INJECTION: forcing a failure.
[  436.814093][T10284] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  436.815107][T10281]  do_sock_setsockopt+0x3af/0x720
[  436.833133][T10281]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  436.838676][T10281]  ? __fget_files+0x29/0x470
[  436.843268][T10281]  ? __fget_files+0x3f3/0x470
[  436.847945][T10281]  ? __fget_files+0x29/0x470
[  436.852543][T10281]  __sys_setsockopt+0x1a2/0x250
[  436.857393][T10281]  __x64_sys_setsockopt+0xb5/0xd0
[  436.862416][T10281]  do_syscall_64+0xf3/0x230
[  436.866919][T10281]  ? clear_bhb_loop+0x35/0x90
[  436.871604][T10281]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  436.877492][T10281] RIP: 0033:0x7f5ebc97e719
[  436.881911][T10281] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  436.901524][T10281] RSP: 002b:00007f5ebd740038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  436.909938][T10281] RAX: ffffffffffffffda RBX: 00007f5ebcb35f80 RCX: 00007f5ebc97e719
[  436.917908][T10281] RDX: 000000000000007c RSI: 0000000000000084 RDI: 0000000000000003
[  436.925875][T10281] RBP: 00007f5ebd740090 R08: 0000000000000008 R09: 0000000000000000
[  436.933842][T10281] R10: 0000000020000080 R11: 0000000000000246 R12: 0000000000000001
[  436.941821][T10281] R13: 0000000000000000 R14: 00007f5ebcb35f80 R15: 00007ffd69eca918
[  436.949808][T10281]  </TASK>
[  436.958241][T10284] CPU: 1 UID: 0 PID: 10284 Comm: syz.1.1254 Not tainted 6.12.0-rc6-syzkaller-00099-g7758b206117d #0
[  436.969045][T10284] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  436.979106][T10284] Call Trace:
[  436.982383][T10284]  <TASK>
[  436.985310][T10284]  dump_stack_lvl+0x241/0x360
[  436.989989][T10284]  ? __pfx_dump_stack_lvl+0x10/0x10
[  436.995186][T10284]  ? __pfx__printk+0x10/0x10
[  436.999774][T10284]  ? snprintf+0xda/0x120
[  437.004017][T10284]  should_fail_ex+0x3b0/0x4e0
[  437.008690][T10284]  _copy_to_user+0x31/0xb0
[  437.013104][T10284]  simple_read_from_buffer+0xca/0x150
[  437.018478][T10284]  proc_fail_nth_read+0x1e9/0x250
[  437.023507][T10284]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  437.029058][T10284]  ? rw_verify_area+0x568/0x6f0
[  437.033902][T10284]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  437.039443][T10284]  vfs_read+0x1fc/0xb70
[  437.043598][T10284]  ? __pfx_rds_setsockopt+0x10/0x10
[  437.048791][T10284]  ? __pfx_vfs_read+0x10/0x10
[  437.053461][T10284]  ? __pfx_rds_setsockopt+0x10/0x10
[  437.058655][T10284]  ? do_sock_setsockopt+0x3e2/0x720
[  437.063853][T10284]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  437.069397][T10284]  ? fdget_pos+0x265/0x320
[  437.073815][T10284]  ksys_read+0x183/0x2b0
[  437.078056][T10284]  ? __pfx_ksys_read+0x10/0x10
[  437.082818][T10284]  ? do_syscall_64+0x100/0x230
[  437.087582][T10284]  ? do_syscall_64+0xb6/0x230
[  437.092256][T10284]  do_syscall_64+0xf3/0x230
[  437.096757][T10284]  ? clear_bhb_loop+0x35/0x90
[  437.101434][T10284]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  437.107321][T10284] RIP: 0033:0x7f3b0f77d15c
[  437.111732][T10284] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  437.131350][T10284] RSP: 002b:00007f3b0dbf6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  437.139771][T10284] RAX: ffffffffffffffda RBX: 00007f3b0f935f80 RCX: 00007f3b0f77d15c
[  437.147741][T10284] RDX: 000000000000000f RSI: 00007f3b0dbf60a0 RDI: 0000000000000004
[  437.155711][T10284] RBP: 00007f3b0dbf6090 R08: 0000000000000000 R09: 0000000000000000
[  437.163679][T10284] R10: 0000000020000080 R11: 0000000000000246 R12: 0000000000000001
[  437.171643][T10284] R13: 0000000000000000 R14: 00007f3b0f935f80 R15: 00007fff5c022b58
[  437.179623][T10284]  </TASK>
[  437.218892][ T1205] usb 3-1: USB disconnect, device number 20
[  437.295502][ T1205] usb 3-1: ath9k_htc: USB layer deinitialized
[  437.473597][T10290] openvswitch: : Dropping previously announced user features
[  437.569520][T10292] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1257'.
[  437.723804][ T5881] usb 1-1: USB disconnect, device number 21
[  437.739410][T10297] overlayfs: failed to resolve './file0': -2
[  438.735267][T10315] netlink: 'syz.2.1264': attribute type 21 has an invalid length.
[  438.743312][T10315] netlink: 128 bytes leftover after parsing attributes in process `syz.2.1264'.
[  438.752543][T10315] netlink: 'syz.2.1264': attribute type 5 has an invalid length.
[  438.760471][T10315] netlink: 3 bytes leftover after parsing attributes in process `syz.2.1264'.
[  439.051326][T10322] befs: (nullb0): No write support. Marking filesystem read-only
[  439.059330][T10322] befs: (nullb0): invalid magic header
[  439.181854][T10328] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1267'.
[  439.859239][   T29] kauditd_printk_skb: 8 callbacks suppressed
[  439.859256][   T29] audit: type=1326 audit(1730945379.390:375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10331 comm="syz.2.1269" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f10dcb7e719 code=0x0
[  440.483031][T10339] netlink: 56 bytes leftover after parsing attributes in process `syz.4.1270'.
[  441.289342][T10346] netlink: 236 bytes leftover after parsing attributes in process `syz.5.1271'.
[  441.299868][T10346] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1271'.
[  441.308895][T10346] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1271'.
[  442.320425][T10353] netlink: 'syz.2.1275': attribute type 10 has an invalid length.
[  442.358151][T10353] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1275'.
[  442.393956][T10353] batman_adv: batadv0: Adding interface: virt_wifi0
[  442.423555][T10353] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  442.449515][    C1] vkms_vblank_simulate: vblank timer overrun
[  442.562588][T10353] batman_adv: batadv0: Interface activated: virt_wifi0
[  442.576846][T10361] nbd0: detected capacity change from 0 to 22
[  442.583341][T10356] block nbd0: shutting down sockets
[  442.677493][T10370] befs: (nullb0): No write support. Marking filesystem read-only
[  442.685475][T10370] befs: (nullb0): invalid magic header
[  444.240626][   T29] audit: type=1326 audit(1730945383.770:376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10390 comm="syz.2.1285" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f10dcb7e719 code=0x0
[  444.618913][T10395] netlink: 56 bytes leftover after parsing attributes in process `syz.5.1283'.
[  445.844263][T10409] netlink: 236 bytes leftover after parsing attributes in process `syz.4.1287'.
[  445.854100][T10409] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1287'.
[  445.863426][T10409] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1287'.
[  446.442178][T10407] nbd2: detected capacity change from 0 to 22
[  446.449380][T10413] block nbd2: shutting down sockets
[  447.046752][T10424] netlink: 'syz.5.1291': attribute type 21 has an invalid length.
[  447.054973][T10424] netlink: 128 bytes leftover after parsing attributes in process `syz.5.1291'.
[  447.064414][T10424] netlink: 'syz.5.1291': attribute type 5 has an invalid length.
[  447.072255][T10424] netlink: 3 bytes leftover after parsing attributes in process `syz.5.1291'.
[  447.941567][T10429] sctp: [Deprecated]: syz.2.1292 (pid 10429) Use of struct sctp_assoc_value in delayed_ack socket option.
[  447.941567][T10429] Use struct sctp_sack_info instead
[  448.047095][T10434] overlayfs: failed to resolve './file1': -2
[  449.210717][   T29] audit: type=1326 audit(1730945388.740:377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10451 comm="syz.2.1299" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f10dcb7e719 code=0x0
[  449.231777][    C1] vkms_vblank_simulate: vblank timer overrun
[  449.308075][T10453] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1298'.
[  449.944741][   T98] block nbd3: Possible stuck request ffff8880257e8000: control (read@0,11264B). Runtime 90 seconds
[  454.402736][T10508] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1313'.
[  456.503285][   T29] audit: type=1326 audit(1730945395.860:378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10511 comm="syz.2.1315" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f10dcb7e719 code=0x0
[  457.933111][T10537] netlink: 'syz.0.1319': attribute type 21 has an invalid length.
[  457.940971][T10537] netlink: 128 bytes leftover after parsing attributes in process `syz.0.1319'.
[  457.950220][T10537] netlink: 'syz.0.1319': attribute type 5 has an invalid length.
[  457.957989][T10537] netlink: 3 bytes leftover after parsing attributes in process `syz.0.1319'.
[  460.540840][T10560] netlink: 56 bytes leftover after parsing attributes in process `syz.4.1325'.
[  461.090535][T10557] netlink: 'syz.2.1326': attribute type 10 has an invalid length.
[  461.212210][T10557] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1326'.
[  461.649294][T10569] trusted_key: syz.4.1329 sent an empty control message without MSG_MORE.
[  461.660475][T10569] sctp: [Deprecated]: syz.4.1329 (pid 10569) Use of struct sctp_assoc_value in delayed_ack socket option.
[  461.660475][T10569] Use struct sctp_sack_info instead
[  463.087628][   T29] audit: type=1326 audit(1730945402.620:379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10575 comm="syz.1.1332" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3b0f77e719 code=0x0
[  463.812096][ T5881] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  464.171952][ T5881] usb 3-1: Using ep0 maxpacket: 32
[  464.179205][ T5881] usb 3-1: config index 0 descriptor too short (expected 164, got 36)
[  464.197217][ T5881] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  464.208366][ T5881] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  464.224702][ T5881] usb 3-1: New USB device found, idVendor=046d, idProduct=c29c, bcdDevice= 0.00
[  464.274114][T10602] netlink: 56 bytes leftover after parsing attributes in process `syz.4.1339'.
[  464.413044][ T5881] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  464.883294][ T5881] usb 3-1: config 0 descriptor??
[  466.399030][T10612] netlink: 'syz.4.1342': attribute type 10 has an invalid length.
[  466.431923][T10612] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1342'.
[  466.446702][T10612] batman_adv: batadv0: Adding interface: virt_wifi0
[  466.453966][T10612] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  466.483113][T10612] batman_adv: batadv0: Interface activated: virt_wifi0
[  467.619338][   T29] audit: type=1326 audit(1730945407.060:380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10622 comm="syz.0.1345" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd41ab7e719 code=0x0
[  468.416629][ T5881] usbhid 3-1:0.0: can't add hid device: -71
[  468.426073][ T5881] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  468.570971][ T5881] usb 3-1: USB disconnect, device number 21
[  469.689271][T10651] netlink: 56 bytes leftover after parsing attributes in process `syz.4.1353'.
[  470.815757][T10658] netlink: 'syz.4.1357': attribute type 10 has an invalid length.
[  470.823758][T10658] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1357'.
[  471.699655][T10662] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  471.753297][T10666] Scaler: =================  START STATUS  =================
[  471.760754][T10666] Scaler: ==================  END STATUS  ==================
[  472.770602][   T29] audit: type=1326 audit(1730945412.300:381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10676 comm="syz.1.1361" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3b0f77e719 code=0x0
[  474.394550][T10701] netlink: 56 bytes leftover after parsing attributes in process `syz.5.1367'.
[  474.885475][T10702] netlink: 'syz.0.1368': attribute type 10 has an invalid length.
[  474.942311][T10702] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1368'.
[  478.174280][T10744] netlink: 236 bytes leftover after parsing attributes in process `syz.4.1379'.
[  478.183783][T10744] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1379'.
[  478.192832][T10744] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1379'.
[  478.530771][   T29] audit: type=1326 audit(1730945418.060:382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10739 comm="syz.1.1380" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3b0f77e719 code=0x0
[  479.137362][T10749] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1381'.
[  480.162346][T10764] netlink: 'syz.2.1384': attribute type 21 has an invalid length.
[  480.170611][T10764] netlink: 128 bytes leftover after parsing attributes in process `syz.2.1384'.
[  480.180094][T10764] netlink: 'syz.2.1384': attribute type 5 has an invalid length.
[  480.187991][T10764] netlink: 3 bytes leftover after parsing attributes in process `syz.2.1384'.
[  480.718874][   T98] block nbd3: Possible stuck request ffff8880257e8000: control (read@0,11264B). Runtime 120 seconds
[  482.337955][   T29] audit: type=1326 audit(1730945421.790:383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10779 comm="syz.4.1389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ebc97e719 code=0x7ffc0000
[  482.359956][   T29] audit: type=1326 audit(1730945421.790:384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10779 comm="syz.4.1389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ebc97e719 code=0x7ffc0000
[  482.382038][   T29] audit: type=1326 audit(1730945421.790:385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10779 comm="syz.4.1389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=246 compat=0 ip=0x7f5ebc97e719 code=0x7ffc0000
[  482.406789][   T29] audit: type=1326 audit(1730945421.790:386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10779 comm="syz.4.1389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ebc97e719 code=0x7ffc0000
[  482.428726][   T29] audit: type=1326 audit(1730945421.790:387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10779 comm="syz.4.1389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ebc97e719 code=0x7ffc0000
[  482.450686][   T29] audit: type=1326 audit(1730945421.790:388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10779 comm="syz.4.1389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f5ebc97e719 code=0x7ffc0000
[  482.472674][   T29] audit: type=1326 audit(1730945421.800:389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10779 comm="syz.4.1389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ebc97e719 code=0x7ffc0000
[  482.494663][   T29] audit: type=1326 audit(1730945421.810:390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10779 comm="syz.4.1389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ebc97e719 code=0x7ffc0000
[  482.516604][   T29] audit: type=1326 audit(1730945421.810:391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10779 comm="syz.4.1389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5ebc97e719 code=0x7ffc0000
[  482.663545][T10790] FAULT_INJECTION: forcing a failure.
[  482.663545][T10790] name failslab, interval 1, probability 0, space 0, times 0
[  482.676518][T10790] CPU: 1 UID: 0 PID: 10790 Comm: syz.2.1390 Not tainted 6.12.0-rc6-syzkaller-00099-g7758b206117d #0
[  482.687305][T10790] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  482.697377][T10790] Call Trace:
[  482.700757][T10790]  <TASK>
[  482.703703][T10790]  dump_stack_lvl+0x241/0x360
[  482.708404][T10790]  ? __pfx_dump_stack_lvl+0x10/0x10
[  482.713620][T10790]  ? __pfx__printk+0x10/0x10
[  482.718233][T10790]  ? fs_reclaim_acquire+0x93/0x130
[  482.723371][T10790]  ? __pfx___might_resched+0x10/0x10
[  482.728685][T10790]  should_fail_ex+0x3b0/0x4e0
[  482.733384][T10790]  ? tomoyo_encode+0x26f/0x540
[  482.738164][T10790]  should_failslab+0xac/0x100
[  482.742855][T10790]  ? tomoyo_encode+0x26f/0x540
[  482.747612][T10790]  __kmalloc_noprof+0xd8/0x400
[  482.752366][T10790]  tomoyo_encode+0x26f/0x540
[  482.756951][T10790]  tomoyo_realpath_from_path+0x59e/0x5e0
[  482.762599][T10790]  tomoyo_path_number_perm+0x23a/0x880
[  482.768089][T10790]  ? tomoyo_path_number_perm+0x208/0x880
[  482.773749][T10790]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  482.779793][T10790]  ? __fget_files+0x29/0x470
[  482.784413][T10790]  ? __fget_files+0x3f3/0x470
[  482.789113][T10790]  security_file_ioctl+0xc6/0x2a0
[  482.794143][T10790]  __se_sys_ioctl+0x47/0x170
[  482.798736][T10790]  do_syscall_64+0xf3/0x230
[  482.803238][T10790]  ? clear_bhb_loop+0x35/0x90
[  482.807919][T10790]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  482.813810][T10790] RIP: 0033:0x7f10dcb7e719
[  482.818217][T10790] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  482.837820][T10790] RSP: 002b:00007f10dd8a9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  482.846231][T10790] RAX: ffffffffffffffda RBX: 00007f10dcd35f80 RCX: 00007f10dcb7e719
[  482.854202][T10790] RDX: 0000000020000040 RSI: 00000000c0d05640 RDI: 0000000000000003
[  482.862167][T10790] RBP: 00007f10dd8a9090 R08: 0000000000000000 R09: 0000000000000000
[  482.870131][T10790] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  482.878094][T10790] R13: 0000000000000000 R14: 00007f10dcd35f80 R15: 00007ffe6ab7eaa8
[  482.886078][T10790]  </TASK>
[  482.901906][T10790] ERROR: Out of memory at tomoyo_realpath_from_path.
[  483.351368][T10801] netlink: 236 bytes leftover after parsing attributes in process `syz.2.1393'.
[  483.360622][T10801] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1393'.
[  483.369679][T10801] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1393'.
[  484.935628][   T29] kauditd_printk_skb: 19 callbacks suppressed
[  484.935648][   T29] audit: type=1326 audit(1730945424.390:411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10809 comm="syz.0.1395" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd41ab7e719 code=0x0
[  485.149258][T10812] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1394'.
[  486.873709][T10818] block nbd0: shutting down sockets
[  488.564784][T10829] netlink: 'syz.0.1401': attribute type 1 has an invalid length.
[  489.009973][T10839] sctp: [Deprecated]: syz.5.1405 (pid 10839) Use of struct sctp_assoc_value in delayed_ack socket option.
[  489.009973][T10839] Use struct sctp_sack_info instead
[  489.821965][   T29] audit: type=1326 audit(1730945429.330:412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10846 comm="syz.4.1407" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5ebc97e719 code=0x0
[  490.181068][T10860] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1408'.
[  491.673477][T10859] netlink: 'syz.2.1410': attribute type 21 has an invalid length.
[  491.681339][T10859] netlink: 128 bytes leftover after parsing attributes in process `syz.2.1410'.
[  491.690464][T10859] netlink: 'syz.2.1410': attribute type 5 has an invalid length.
[  491.698276][T10859] netlink: 3 bytes leftover after parsing attributes in process `syz.2.1410'.
[  491.829966][T10854] vimc link validate: Sensor A:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 0:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  492.812984][T10868] sctp: [Deprecated]: syz.1.1411 (pid 10868) Use of struct sctp_assoc_value in delayed_ack socket option.
[  492.812984][T10868] Use struct sctp_sack_info instead
[  493.297698][T10877] FAULT_INJECTION: forcing a failure.
[  493.297698][T10877] name failslab, interval 1, probability 0, space 0, times 0
[  493.737420][T10877] CPU: 1 UID: 0 PID: 10877 Comm: syz.1.1414 Not tainted 6.12.0-rc6-syzkaller-00099-g7758b206117d #0
[  493.748236][T10877] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  493.758309][T10877] Call Trace:
[  493.761602][T10877]  <TASK>
[  493.764545][T10877]  dump_stack_lvl+0x241/0x360
[  493.769245][T10877]  ? __pfx_dump_stack_lvl+0x10/0x10
[  493.774460][T10877]  ? __pfx__printk+0x10/0x10
[  493.779068][T10877]  ? kmem_cache_alloc_node_noprof+0x49/0x320
[  493.785059][T10877]  ? __pfx___might_resched+0x10/0x10
[  493.790366][T10877]  should_fail_ex+0x3b0/0x4e0
[  493.795062][T10877]  should_failslab+0xac/0x100
[  493.799760][T10877]  ? __alloc_skb+0x1c3/0x440
[  493.804367][T10877]  kmem_cache_alloc_node_noprof+0x71/0x320
[  493.810190][T10877]  __alloc_skb+0x1c3/0x440
[  493.814630][T10877]  ? __pfx___alloc_skb+0x10/0x10
[  493.819583][T10877]  ? netlink_autobind+0xd6/0x2f0
[  493.824532][T10877]  ? netlink_autobind+0x2b0/0x2f0
[  493.829571][T10877]  netlink_sendmsg+0x638/0xcb0
[  493.834361][T10877]  ? __pfx_netlink_sendmsg+0x10/0x10
[  493.839671][T10877]  ? __pfx_netlink_sendmsg+0x10/0x10
[  493.844965][T10877]  __sock_sendmsg+0x221/0x270
[  493.849656][T10877]  ____sys_sendmsg+0x52a/0x7e0
[  493.854445][T10877]  ? __pfx_____sys_sendmsg+0x10/0x10
[  493.859761][T10877]  __sys_sendmsg+0x292/0x380
[  493.864370][T10877]  ? __pfx___sys_sendmsg+0x10/0x10
[  493.869506][T10877]  ? __pfx_vfs_write+0x10/0x10
[  493.874314][T10877]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  493.880662][T10877]  ? do_syscall_64+0x100/0x230
[  493.885445][T10877]  ? do_syscall_64+0xb6/0x230
[  493.890141][T10877]  do_syscall_64+0xf3/0x230
[  493.894659][T10877]  ? clear_bhb_loop+0x35/0x90
[  493.899357][T10877]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  493.905262][T10877] RIP: 0033:0x7f3b0f77e719
[  493.909689][T10877] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  493.929311][T10877] RSP: 002b:00007f3b0dbf6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  493.937730][T10877] RAX: ffffffffffffffda RBX: 00007f3b0f935f80 RCX: 00007f3b0f77e719
[  493.945699][T10877] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000003
[  493.953666][T10877] RBP: 00007f3b0dbf6090 R08: 0000000000000000 R09: 0000000000000000
[  493.961634][T10877] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  493.969595][T10877] R13: 0000000000000000 R14: 00007f3b0f935f80 R15: 00007fff5c022b58
[  493.977572][T10877]  </TASK>
[  493.980630][    C1] vkms_vblank_simulate: vblank timer overrun
[  494.101957][   T29] audit: type=1326 audit(1730945432.900:413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10874 comm="syz.0.1413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd41ab7e719 code=0x7ffc0000
[  494.156990][   T29] audit: type=1326 audit(1730945432.900:414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10874 comm="syz.0.1413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd41ab7e719 code=0x7ffc0000
[  494.181218][   T29] audit: type=1326 audit(1730945432.910:415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10874 comm="syz.0.1413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=246 compat=0 ip=0x7fd41ab7e719 code=0x7ffc0000
[  494.203147][   T29] audit: type=1326 audit(1730945432.910:416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10874 comm="syz.0.1413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd41ab7e719 code=0x7ffc0000
[  494.225064][   T29] audit: type=1326 audit(1730945432.910:417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10874 comm="syz.0.1413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd41ab7e719 code=0x7ffc0000
[  494.249319][   T29] audit: type=1326 audit(1730945432.910:418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10874 comm="syz.0.1413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7fd41ab7e719 code=0x7ffc0000
[  494.271436][   T29] audit: type=1326 audit(1730945432.910:419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10874 comm="syz.0.1413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd41ab7e719 code=0x7ffc0000
[  494.294036][   T29] audit: type=1326 audit(1730945432.910:420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10874 comm="syz.0.1413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd41ab7e719 code=0x7ffc0000
[  494.315940][   T29] audit: type=1326 audit(1730945432.910:421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10874 comm="syz.0.1413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd41ab7e719 code=0x7ffc0000
[  494.337822][   T29] audit: type=1326 audit(1730945432.910:422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10874 comm="syz.0.1413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd41ab7e719 code=0x7ffc0000
[  495.346237][T10900] sctp: [Deprecated]: syz.0.1420 (pid 10900) Use of struct sctp_assoc_value in delayed_ack socket option.
[  495.346237][T10900] Use struct sctp_sack_info instead
[  495.651120][T10904] netlink: 'syz.4.1422': attribute type 21 has an invalid length.
[  495.659130][T10904] netlink: 128 bytes leftover after parsing attributes in process `syz.4.1422'.
[  495.668390][T10904] netlink: 'syz.4.1422': attribute type 5 has an invalid length.
[  495.676237][T10904] netlink: 3 bytes leftover after parsing attributes in process `syz.4.1422'.
[  496.773247][T10908] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1423'.
[  496.995670][T10916] netlink: 'syz.2.1426': attribute type 1 has an invalid length.
[  497.387628][T10915] netlink: 'syz.1.1424': attribute type 21 has an invalid length.
[  497.395969][T10915] netlink: 128 bytes leftover after parsing attributes in process `syz.1.1424'.
[  497.405278][T10915] netlink: 'syz.1.1424': attribute type 5 has an invalid length.
[  497.413107][T10915] netlink: 3 bytes leftover after parsing attributes in process `syz.1.1424'.
[  499.283204][ T5839] Bluetooth: hci5: command 0x0405 tx timeout
[  500.059058][T10954] overlayfs: workdir and upperdir must reside under the same mount
[  501.433097][T10978] sctp: [Deprecated]: syz.2.1439 (pid 10978) Use of struct sctp_assoc_value in delayed_ack socket option.
[  501.433097][T10978] Use struct sctp_sack_info instead
[  505.185673][ T1205] usb 2-1: new full-speed USB device number 23 using dummy_hcd
[  505.577674][ T1205] usb 2-1: unable to get BOS descriptor or descriptor too short
[  505.863323][T11020] netlink: 'syz.0.1450': attribute type 21 has an invalid length.
[  505.871298][T11020] netlink: 128 bytes leftover after parsing attributes in process `syz.0.1450'.
[  505.880615][T11020] netlink: 'syz.0.1450': attribute type 5 has an invalid length.
[  505.888469][T11020] netlink: 3 bytes leftover after parsing attributes in process `syz.0.1450'.
[  506.511676][T11023] netlink: 236 bytes leftover after parsing attributes in process `syz.2.1453'.
[  506.520942][T11023] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1453'.
[  506.529995][T11023] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1453'.
[  506.566124][ T1205] usb 2-1: not running at top speed; connect to a high speed hub
[  506.607579][ T1205] usb 2-1: config 253 has an invalid interface number: 202 but max is 0
[  506.616126][ T1205] usb 2-1: config 253 has no interface number 0
[  507.102690][ T1205] usb 2-1: string descriptor 0 read error: -71
[  507.110310][ T1205] usb 2-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=58.16
[  507.120125][ T1205] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  507.164639][ T5912] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  507.512033][ T5912] usb 5-1: Using ep0 maxpacket: 16
[  507.553530][ T5912] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  507.601402][ T1205] usb 2-1: can't set config #253, error -71
[  507.880393][ T5912] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  507.892209][ T5912] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  507.901921][ T5912] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  507.911574][ T5912] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  507.925245][ T1205] usb 2-1: USB disconnect, device number 23
[  508.686684][ T5912] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  508.696928][ T5912] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  508.711527][ T5912] usb 5-1: config 0 descriptor??
[  508.717969][ T5912] usb 5-1: can't set config #0, error -71
[  508.725486][ T5912] usb 5-1: USB disconnect, device number 17
[  509.549343][T11053] netlink: 'syz.2.1461': attribute type 10 has an invalid length.
[  509.571300][T11053] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1461'.
[  509.614898][T11054] fuse: Bad value for 'fd'
[  510.882440][   T29] kauditd_printk_skb: 23 callbacks suppressed
[  510.882458][   T29] audit: type=1326 audit(1730945450.420:446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11076 comm="syz.4.1469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ebc97e719 code=0x7ffc0000
[  510.884793][T11080] netlink: 'syz.2.1470': attribute type 1 has an invalid length.
[  510.888578][   T29] audit: type=1326 audit(1730945450.420:447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11076 comm="syz.4.1469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ebc97e719 code=0x7ffc0000
[  511.003033][T11079] dlm: plock device version mismatch: kernel (1.2.0), user (32768.0.0)
[  511.009786][T11080] netlink: 100 bytes leftover after parsing attributes in process `syz.2.1470'.
[  511.056484][   T29] audit: type=1326 audit(1730945450.540:448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11076 comm="syz.4.1469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7f5ebc97e719 code=0x7ffc0000
[  511.193704][   T29] audit: type=1326 audit(1730945450.540:449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11076 comm="syz.4.1469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ebc97e719 code=0x7ffc0000
[  511.217375][   T98] block nbd3: Possible stuck request ffff8880257e8000: control (read@0,11264B). Runtime 150 seconds
[  512.090484][   T29] audit: type=1326 audit(1730945450.540:450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11076 comm="syz.4.1469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ebc97e719 code=0x7ffc0000
[  512.241483][   T29] audit: type=1326 audit(1730945450.540:451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11076 comm="syz.4.1469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f5ebc97e719 code=0x7ffc0000
[  513.016169][T11109] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1478'.
[  513.408021][T11118] netlink: 'syz.4.1481': attribute type 1 has an invalid length.
[  513.454777][T11123] FAULT_INJECTION: forcing a failure.
[  513.454777][T11123] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  513.468187][T11123] CPU: 1 UID: 0 PID: 11123 Comm: syz.2.1483 Not tainted 6.12.0-rc6-syzkaller-00099-g7758b206117d #0
[  513.478976][T11123] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  513.489046][T11123] Call Trace:
[  513.492328][T11123]  <TASK>
[  513.495255][T11123]  dump_stack_lvl+0x241/0x360
[  513.499934][T11123]  ? __pfx_dump_stack_lvl+0x10/0x10
[  513.505128][T11123]  ? __pfx__printk+0x10/0x10
[  513.509725][T11123]  should_fail_ex+0x3b0/0x4e0
[  513.514407][T11123]  strncpy_from_user+0x36/0x260
[  513.519257][T11123]  getname_flags+0xf1/0x540
[  513.523764][T11123]  do_sys_openat2+0xd2/0x1d0
[  513.528353][T11123]  ? __pfx_do_sys_openat2+0x10/0x10
[  513.533558][T11123]  __x64_sys_openat+0x247/0x2a0
[  513.538404][T11123]  ? __pfx___x64_sys_openat+0x10/0x10
[  513.543778][T11123]  ? do_syscall_64+0x100/0x230
[  513.548541][T11123]  ? do_syscall_64+0xb6/0x230
[  513.553216][T11123]  do_syscall_64+0xf3/0x230
[  513.557716][T11123]  ? clear_bhb_loop+0x35/0x90
[  513.562396][T11123]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  513.568290][T11123] RIP: 0033:0x7f10dcb7e719
[  513.572702][T11123] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  513.592314][T11123] RSP: 002b:00007f10dd8a9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  513.600739][T11123] RAX: ffffffffffffffda RBX: 00007f10dcd35f80 RCX: 00007f10dcb7e719
[  513.608713][T11123] RDX: 000000000000275a RSI: 00000000200000c0 RDI: 0000000000000003
[  513.616685][T11123] RBP: 00007f10dd8a9090 R08: 0000000000000000 R09: 0000000000000000
[  513.624653][T11123] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  513.632623][T11123] R13: 0000000000000000 R14: 00007f10dcd35f80 R15: 00007ffe6ab7eaa8
[  513.640619][T11123]  </TASK>
[  514.825440][T11180] FAULT_INJECTION: forcing a failure.
[  514.825440][T11180] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  514.825494][T11180] CPU: 1 UID: 0 PID: 11180 Comm: syz.5.1488 Not tainted 6.12.0-rc6-syzkaller-00099-g7758b206117d #0
[  514.825519][T11180] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  514.825531][T11180] Call Trace:
[  514.825539][T11180]  <TASK>
[  514.825549][T11180]  dump_stack_lvl+0x241/0x360
[  514.825579][T11180]  ? __pfx_dump_stack_lvl+0x10/0x10
[  514.825602][T11180]  ? __pfx__printk+0x10/0x10
[  514.825626][T11180]  ? __pfx_lock_release+0x10/0x10
[  514.825650][T11180]  ? __lock_acquire+0x1384/0x2050
[  514.825682][T11180]  should_fail_ex+0x3b0/0x4e0
[  514.825709][T11180]  _copy_from_user+0x2f/0xc0
[  514.825730][T11180]  kstrtouint_from_user+0xc6/0x190
[  514.825757][T11180]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  514.825784][T11180]  ? __pfx_lock_acquire+0x10/0x10
[  514.825827][T11180]  proc_fail_nth_write+0xaa/0x2d0
[  514.825851][T11180]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  514.825873][T11180]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  514.825902][T11180]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  514.825927][T11180]  vfs_write+0x2a3/0xd30
[  514.825955][T11180]  ? fdget_pos+0x24e/0x320
[  514.825980][T11180]  ? __pfx_vfs_write+0x10/0x10
[  514.826008][T11180]  ? __fget_files+0x3f3/0x470
[  514.826041][T11180]  ? fdget_pos+0x24e/0x320
[  514.826067][T11180]  ksys_write+0x183/0x2b0
[  514.826090][T11180]  ? __pfx_ksys_write+0x10/0x10
[  514.826113][T11180]  ? do_syscall_64+0x100/0x230
[  514.826138][T11180]  ? do_syscall_64+0xb6/0x230
[  514.826162][T11180]  do_syscall_64+0xf3/0x230
[  514.826184][T11180]  ? clear_bhb_loop+0x35/0x90
[  514.826207][T11180]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  514.826227][T11180] RIP: 0033:0x7fd2d5d7d1ff
[  514.826245][T11180] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8e 02 00 48
[  514.826261][T11180] RSP: 002b:00007fd2d6bc9030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  514.826285][T11180] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fd2d5d7d1ff
[  514.826299][T11180] RDX: 0000000000000001 RSI: 00007fd2d6bc90a0 RDI: 0000000000000005
[  514.826311][T11180] RBP: 00007fd2d6bc9090 R08: 0000000000000000 R09: 0000000000000000
[  514.826324][T11180] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  514.826337][T11180] R13: 0000000000000000 R14: 00007fd2d5f36058 R15: 00007ffcf0e42158
[  514.826367][T11180]  </TASK>
[  515.211832][   T29] audit: type=1326 audit(1730945454.730:452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11137 comm="syz.4.1487" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5ebc97e719 code=0x0
[  515.304223][T11198] batman_adv: batadv0: Interface deactivated: virt_wifi0
[  515.304259][T11198] batman_adv: batadv0: Removing interface: virt_wifi0
[  516.290113][T11212] FAULT_INJECTION: forcing a failure.
[  516.290113][T11212] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  516.290146][T11212] CPU: 0 UID: 0 PID: 11212 Comm: syz.5.1492 Not tainted 6.12.0-rc6-syzkaller-00099-g7758b206117d #0
[  516.290169][T11212] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  516.290182][T11212] Call Trace:
[  516.290190][T11212]  <TASK>
[  516.290199][T11212]  dump_stack_lvl+0x241/0x360
[  516.290231][T11212]  ? __pfx_dump_stack_lvl+0x10/0x10
[  516.290255][T11212]  ? __pfx__printk+0x10/0x10
[  516.290280][T11212]  ? __pfx_lock_release+0x10/0x10
[  516.290306][T11212]  ? __lock_acquire+0x1384/0x2050
[  516.290337][T11212]  should_fail_ex+0x3b0/0x4e0
[  516.290363][T11212]  _copy_from_user+0x2f/0xc0
[  516.290384][T11212]  kstrtouint_from_user+0xc6/0x190
[  516.290410][T11212]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  516.290436][T11212]  ? __pfx_lock_acquire+0x10/0x10
[  516.290472][T11212]  proc_fail_nth_write+0xaa/0x2d0
[  516.290496][T11212]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  516.290519][T11212]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  516.290549][T11212]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  516.290574][T11212]  vfs_write+0x2a3/0xd30
[  516.290602][T11212]  ? fdget_pos+0x24e/0x320
[  516.290628][T11212]  ? __pfx_vfs_write+0x10/0x10
[  516.290664][T11212]  ? __fget_files+0x3f3/0x470
[  516.290697][T11212]  ? fdget_pos+0x24e/0x320
[  516.290724][T11212]  ksys_write+0x183/0x2b0
[  516.290749][T11212]  ? __pfx_ksys_write+0x10/0x10
[  516.290773][T11212]  ? do_syscall_64+0x100/0x230
[  516.290797][T11212]  ? do_syscall_64+0xb6/0x230
[  516.290821][T11212]  do_syscall_64+0xf3/0x230
[  516.290842][T11212]  ? clear_bhb_loop+0x35/0x90
[  516.290865][T11212]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  516.290884][T11212] RIP: 0033:0x7fd2d5d7d1ff
[  516.290902][T11212] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8e 02 00 48
[  516.290918][T11212] RSP: 002b:00007fd2d6bc9030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  516.290941][T11212] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fd2d5d7d1ff
[  516.290955][T11212] RDX: 0000000000000001 RSI: 00007fd2d6bc90a0 RDI: 0000000000000006
[  516.290969][T11212] RBP: 00007fd2d6bc9090 R08: 0000000000000000 R09: 0000000000000000
[  516.290982][T11212] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  516.290994][T11212] R13: 0000000000000000 R14: 00007fd2d5f36058 R15: 00007ffcf0e42158
[  516.291025][T11212]  </TASK>
[  516.951862][ T5882] usb 2-1: new full-speed USB device number 24 using dummy_hcd
[  517.201922][T11226] netlink: 'syz.4.1497': attribute type 1 has an invalid length.
[  517.243928][ T5882] usb 2-1: unable to get BOS descriptor or descriptor too short
[  517.252305][ T5882] usb 2-1: not running at top speed; connect to a high speed hub
[  517.263971][ T5882] usb 2-1: config 253 has an invalid interface number: 202 but max is 0
[  517.286975][ T5882] usb 2-1: config 253 has no interface number 0
[  517.300097][T11231] fuse: Bad value for 'fd'
[  517.398049][ T5882] usb 2-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=58.16
[  517.407301][ T5882] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  517.415469][ T5882] usb 2-1: Product: syz
[  517.419625][ T5882] usb 2-1: Manufacturer: syz
[  517.424259][ T5882] usb 2-1: SerialNumber: syz
[  518.263212][   T29] audit: type=1326 audit(1730945457.800:453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11244 comm="syz.0.1504" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd41ab7e719 code=0x0
[  518.362137][ T1205] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  518.696630][T11254] netlink: 'syz.2.1506': attribute type 21 has an invalid length.
[  518.704536][T11254] netlink: 128 bytes leftover after parsing attributes in process `syz.2.1506'.
[  518.713683][T11254] netlink: 'syz.2.1506': attribute type 5 has an invalid length.
[  518.721493][T11254] netlink: 3 bytes leftover after parsing attributes in process `syz.2.1506'.
[  518.733219][ T1205] usb 6-1: Using ep0 maxpacket: 32
[  519.551193][T11256] batman_adv: batadv0: Interface deactivated: virt_wifi0
[  519.558697][T11256] batman_adv: batadv0: Removing interface: virt_wifi0
[  519.936385][ T1205] usb 6-1: config index 0 descriptor too short (expected 164, got 36)
[  519.951532][ T1205] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  519.969972][ T1205] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  519.980098][ T1205] usb 6-1: New USB device found, idVendor=046d, idProduct=c29c, bcdDevice= 0.00
[  519.991811][ T1205] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  520.016910][ T1205] usb 6-1: config 0 descriptor??
[  520.276109][T11235] fuse: Bad value for 'fd'
[  520.455655][ T5882] usb 2-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  520.468621][ T2971] usb 2-1: Failed to submit usb control message: -71
[  520.488295][ T2971] usb 2-1: unable to send the bmi data to the device: -71
[  520.649945][ T5882] usb 2-1: USB disconnect, device number 24
[  521.463375][ T2971] usb 2-1: unable to get target info from device
[  521.471418][ T2971] usb 2-1: could not get target info (-71)
[  521.589809][ T2971] usb 2-1: could not probe fw (-71)
[  521.671529][T11265] fuse: Bad value for 'fd'
[  522.083385][   T30] INFO: task syz.3.975:9333 blocked for more than 143 seconds.
[  522.091259][   T30]       Not tainted 6.12.0-rc6-syzkaller-00099-g7758b206117d #0
[  522.162098][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  522.173050][   T30] task:syz.3.975       state:D stack:22160 pid:9333  tgid:9332  ppid:5825   flags:0x00004006
[  522.183816][   T30] Call Trace:
[  522.242735][   T30]  <TASK>
[  522.259822][   T30]  __schedule+0x17fa/0x4bd0
[  522.269015][   T30]  ? __pfx___schedule+0x10/0x10
[  522.276813][   T30]  ? __pfx_lock_release+0x10/0x10
[  522.285400][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  522.291501][   T30]  ? schedule+0x90/0x320
[  522.296823][   T30]  schedule+0x14b/0x320
[  522.301195][   T30]  io_schedule+0x8d/0x110
[  522.306652][   T30]  folio_wait_bit_common+0x882/0x12b0
[  522.312309][   T30]  ? __pfx_folio_wait_bit_common+0x10/0x10
[  522.318243][   T30]  ? __pfx_wake_page_function+0x10/0x10
[  522.323924][   T30]  __filemap_get_folio+0xaf/0xbd0
[  522.328993][   T30]  truncate_inode_pages_range+0x57e/0xfc0
[  522.334806][   T30]  ? irqentry_exit+0x63/0x90
[  522.339428][   T30]  ? __pfx_truncate_inode_pages_range+0x10/0x10
[  522.346872][   T30]  ? __pfx_has_bh_in_lru+0x10/0x10
[  522.352073][   T30]  ? __pfx_invalidate_bh_lru+0x10/0x10
[  522.357594][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  522.362773][   T30]  ? __pfx_invalidate_bh_lru+0x10/0x10
[  522.368270][   T30]  ? __pfx_invalidate_bh_lru+0x10/0x10
[  522.373828][   T30]  blkdev_flush_mapping+0x108/0x270
[  522.379060][   T30]  ? bdev_release+0x456/0x700
[  522.383838][   T30]  bdev_release+0x460/0x700
[  522.388374][   T30]  blkdev_release+0x15/0x20
[  522.394301][   T30]  ? __pfx_blkdev_release+0x10/0x10
[  522.399615][   T30]  __fput+0x23f/0x880
[  522.403731][   T30]  task_work_run+0x24f/0x310
[  522.408361][   T30]  ? __pfx_task_work_run+0x10/0x10
[  522.451069][ T1205] usbhid 6-1:0.0: can't add hid device: -71
[  522.460697][ T1205] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  522.479862][ T1205] usb 6-1: USB disconnect, device number 6
[  522.499497][   T30]  get_signal+0x15e8/0x1740
[  522.505252][   T30]  ? kick_process+0xef/0x160
[  522.509885][   T30]  ? __pfx_get_signal+0x10/0x10
[  522.514946][   T30]  arch_do_signal_or_restart+0x96/0x860
[  522.520517][   T30]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  522.527072][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  522.533667][   T30]  ? syscall_exit_to_user_mode+0xa3/0x370
[  522.539541][   T30]  syscall_exit_to_user_mode+0xc9/0x370
[  522.545229][   T30]  do_syscall_64+0x100/0x230
[  522.549960][   T30]  ? clear_bhb_loop+0x35/0x90
[  522.554888][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  522.560858][   T30] RIP: 0033:0x7f0acad7e719
[  522.566905][   T30] RSP: 002b:00007f0acbba4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011
[  522.575892][   T30] RAX: fffffffffffffffc RBX: 00007f0acaf35f80 RCX: 00007f0acad7e719
[  522.584038][   T30] RDX: 0000000000000046 RSI: 0000000020000240 RDI: 0000000000000004
[  522.592215][   T30] RBP: 00007f0acadf139e R08: 0000000000000000 R09: 0000000000000000
[  522.600253][   T30] R10: 000000000000052c R11: 0000000000000246 R12: 0000000000000000
[  522.608310][   T30] R13: 0000000000000000 R14: 00007f0acaf35f80 R15: 00007fff4a0a77c8
[  522.616708][   T30]  </TASK>
[  522.619828][   T30] 
[  522.619828][   T30] Showing all locks held in the system:
[  522.627885][   T30] 1 lock held by khungtaskd/30:
[  522.632970][   T30]  #0: ffffffff8e937da0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0
[  522.643051][   T30] 2 locks held by kworker/u8:2/35:
[  522.648262][   T30] 3 locks held by kworker/u8:4/61:
[  522.653545][   T30]  #0: ffff88801ac89148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850
[  522.665407][   T30]  #1: ffffc900015c7d00 ((work_completion)(&map->work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[  522.677345][   T30]  #2: ffffffff8e93d200 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x4c/0x530
[  522.687486][   T30] 3 locks held by kworker/0:2/1205:
[  522.692808][   T30] 2 locks held by getty/5585:
[  522.697552][   T30]  #0: ffff8880318160a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  522.707426][   T30]  #1: ffffc900032532f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6a6/0x1e00
[  522.717600][   T30] 2 locks held by syz-executor/5833:
[  522.723136][   T30]  #0: ffff88807d92c0e0 (&type->s_umount_key#60){+.+.}-{3:3}, at: deactivate_super+0xb5/0xf0
[  522.733830][   T30]  #1: ffffffff8e93d338 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x381/0x830
[  522.746318][   T30] 2 locks held by kworker/u8:8/6014:
[  522.752143][   T30] 1 lock held by syz.3.975/9333:
[  522.757150][   T30]  #0: ffff8880256464c8 (&disk->open_mutex){+.+.}-{3:3}, at: bdev_release+0x17e/0x700
[  522.766948][   T30] 
[  522.769282][   T30] =============================================
[  522.769282][   T30] 
[  522.792700][   T30] NMI backtrace for cpu 1
[  522.797060][   T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc6-syzkaller-00099-g7758b206117d #0
[  522.807562][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  522.817631][   T30] Call Trace:
[  522.820905][   T30]  <TASK>
[  522.823830][   T30]  dump_stack_lvl+0x241/0x360
[  522.828511][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  522.833707][   T30]  ? __pfx__printk+0x10/0x10
[  522.838304][   T30]  nmi_cpu_backtrace+0x49c/0x4d0
[  522.843247][   T30]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  522.848718][   T30]  ? _printk+0xd5/0x120
[  522.852881][   T30]  ? __pfx__printk+0x10/0x10
[  522.857467][   T30]  ? __wake_up_klogd+0xcc/0x110
[  522.862317][   T30]  ? __pfx__printk+0x10/0x10
[  522.866906][   T30]  ? __rcu_read_unlock+0xa1/0x110
[  522.871931][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  522.877909][   T30]  nmi_trigger_cpumask_backtrace+0x198/0x320
[  522.883895][   T30]  watchdog+0xff4/0x1040
[  522.888138][   T30]  ? watchdog+0x1ea/0x1040
[  522.892557][   T30]  ? __pfx_watchdog+0x10/0x10
[  522.897232][   T30]  kthread+0x2f0/0x390
[  522.901296][   T30]  ? __pfx_watchdog+0x10/0x10
[  522.905969][   T30]  ? __pfx_kthread+0x10/0x10
[  522.910553][   T30]  ret_from_fork+0x4b/0x80
[  522.914971][   T30]  ? __pfx_kthread+0x10/0x10
[  522.919561][   T30]  ret_from_fork_asm+0x1a/0x30
[  522.924335][   T30]  </TASK>
[  522.927951][   T30] Sending NMI from CPU 1 to CPUs 0:
[  522.933312][    C0] NMI backtrace for cpu 0
[  522.933326][    C0] CPU: 0 UID: 0 PID: 11285 Comm: syz.2.1515 Not tainted 6.12.0-rc6-syzkaller-00099-g7758b206117d #0
[  522.933346][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  522.933357][    C0] RIP: 0010:copy_mc_enhanced_fast_string+0xa/0x13
[  522.933385][    C0] Code: 89 ca e9 89 fd ff ff 66 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 66 0f 1f 00 48 89 f8 48 89 d1 <f3> a4 31 c0 c3 cc cc cc cc 48 89 c8 c3 cc cc cc cc 0f 1f 44 00 00
[  522.933400][    C0] RSP: 0000:ffffc9000f477758 EFLAGS: 00010246
[  522.933415][    C0] RAX: ffff88807bfb9000 RBX: 0005088000000000 RCX: 0000000000000ef0
[  522.933428][    C0] RDX: 0000000000001000 RSI: ffff88806f6c8110 RDI: ffff88807bfb9110
[  522.933439][    C0] RBP: ffffc9000f477990 R08: ffff88806f6c8fff R09: 1ffff1100ded91ff
[  522.933452][    C0] R10: dffffc0000000000 R11: ffffed100ded9200 R12: ffff88807ab0e5c0
[  522.933465][    C0] R13: ffff88806f6c8000 R14: ffffc9000f477e18 R15: ffffea0001efee40
[  522.933478][    C0] FS:  000055555eb08500(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[  522.933493][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  522.933505][    C0] CR2: 00007f10dcd36000 CR3: 0000000055864000 CR4: 00000000003526f0
[  522.933520][    C0] Call Trace:
[  522.933527][    C0]  <NMI>
[  522.933533][    C0]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[  522.933557][    C0]  ? __pfx_lock_acquire+0x10/0x10
[  522.933582][    C0]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  522.933604][    C0]  ? nmi_handle+0x2a/0x5a0
[  522.933628][    C0]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  522.933650][    C0]  ? nmi_handle+0x14f/0x5a0
[  522.933666][    C0]  ? nmi_handle+0x2a/0x5a0
[  522.933683][    C0]  ? copy_mc_enhanced_fast_string+0xa/0x13
[  522.933705][    C0]  ? default_do_nmi+0x63/0x160
[  522.933729][    C0]  ? exc_nmi+0x123/0x1f0
[  522.933751][    C0]  ? end_repeat_nmi+0xf/0x53
[  522.933775][    C0]  ? copy_mc_enhanced_fast_string+0xa/0x13
[  522.933798][    C0]  ? copy_mc_enhanced_fast_string+0xa/0x13
[  522.933821][    C0]  ? copy_mc_enhanced_fast_string+0xa/0x13
[  522.933843][    C0]  </NMI>
[  522.933849][    C0]  <TASK>
[  522.933854][    C0]  do_wp_page+0x1352/0x52d0
[  522.933880][    C0]  ? __pfx_do_wp_page+0x10/0x10
[  522.933902][    C0]  ? __pfx_lock_acquire+0x10/0x10
[  522.933926][    C0]  ? do_raw_spin_lock+0x14f/0x370
[  522.933956][    C0]  handle_pte_fault+0x10e3/0x6820
[  522.933980][    C0]  ? mark_lock+0x9a/0x360
[  522.933997][    C0]  ? mark_lock+0x9a/0x360
[  522.934015][    C0]  ? __pfx_handle_pte_fault+0x10/0x10
[  522.934045][    C0]  ? reacquire_held_locks+0x3eb/0x690
[  522.934062][    C0]  ? lock_vma_under_rcu+0x34b/0x790
[  522.934088][    C0]  ? __pfx_reacquire_held_locks+0x10/0x10
[  522.934113][    C0]  handle_mm_fault+0x1053/0x1ad0
[  522.934143][    C0]  ? __pfx_handle_mm_fault+0x10/0x10
[  522.934161][    C0]  ? lock_vma_under_rcu+0x602/0x790
[  522.934181][    C0]  ? lock_vma_under_rcu+0x1dd/0x790
[  522.934209][    C0]  ? exc_page_fault+0x113/0x8c0
[  522.934227][    C0]  exc_page_fault+0x459/0x8c0
[  522.934248][    C0]  asm_exc_page_fault+0x26/0x30
[  522.934271][    C0] RIP: 0033:0x7f10dca511e3
[  522.934283][    C0] Code: 8b 74 24 20 c6 42 20 01 89 72 24 8b 74 24 28 44 89 7a 28 89 72 78 48 8d 35 22 4e 2e 00 44 89 72 2c 40 88 7c 06 04 8b 44 24 24 <89> 82 80 00 00 00 31 c0 0f 1f 44 00 00 48 8b 8c 04 a0 01 00 00 48
[  522.934298][    C0] RSP: 002b:00007ffe6ab7ec10 EFLAGS: 00010246
[  522.934311][    C0] RAX: 0000000000000000 RBX: 00007f10dcd35f88 RCX: 00007f10dcb35a47
[  522.934322][    C0] RDX: 00007f10dcd35f80 RSI: 00007f10dcd35ff8 RDI: 0000000000000000
[  522.934333][    C0] RBP: 00007f10dcd35f8c R08: 00007f10dcd35f80 R09: 00007ffe6ab7eaa7
[  522.934345][    C0] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000000
[  522.934355][    C0] R13: 00007f10dcd35f80 R14: 0000000000000003 R15: 0000000000000076
[  522.934374][    C0]  </TASK>
[  522.951898][   T30] Kernel panic - not syncing: hung_task: blocked tasks
[  522.951916][   T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc6-syzkaller-00099-g7758b206117d #0
[  522.951939][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  522.951951][   T30] Call Trace:
[  522.951958][   T30]  <TASK>
[  522.951967][   T30]  dump_stack_lvl+0x241/0x360
[  522.951996][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  522.952018][   T30]  ? __pfx__printk+0x10/0x10
[  522.952035][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  522.952065][   T30]  ? vscnprintf+0x5d/0x90
[  522.952090][   T30]  panic+0x349/0x880
[  522.952111][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  522.952136][   T30]  ? __pfx_panic+0x10/0x10
[  522.952153][   T30]  ? tick_nohz_tick_stopped+0x82/0xb0
[  522.952174][   T30]  ? __irq_work_queue_local+0x137/0x410
[  522.952198][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[  522.952218][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  522.952240][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d4/0x320
[  522.952273][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d9/0x320
[  522.952299][   T30]  watchdog+0x1033/0x1040
[  522.952323][   T30]  ? watchdog+0x1ea/0x1040
[  522.952349][   T30]  ? __pfx_watchdog+0x10/0x10
[  522.952370][   T30]  kthread+0x2f0/0x390
[  522.952389][   T30]  ? __pfx_watchdog+0x10/0x10
[  522.952409][   T30]  ? __pfx_kthread+0x10/0x10
[  522.952427][   T30]  ret_from_fork+0x4b/0x80
[  522.952450][   T30]  ? __pfx_kthread+0x10/0x10
[  522.952468][   T30]  ret_from_fork_asm+0x1a/0x30
[  522.952502][   T30]  </TASK>
[  523.457837][   T30] Kernel Offset: disabled
[  523.462165][   T30] Rebooting in 86400 seconds..