last executing test programs:

11.04004921s ago: executing program 2 (id=602):
io_setup(0x2278, 0x0)
pwritev(0xffffffffffffffff, 0x0, 0x0, 0xff, 0x9)
socket$tipc(0x1e, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getrlimit(0x3, &(0x7f00000000c0))
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000b00)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
openat$rtc(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000005c0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc6751dfb265a0e3ccae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fd52347125907000000000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df262ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71d20fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada12f7a1001500a710eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff000000000000000000000000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18a904c0e585a66c3b84b138efc20a546d3d5227e23b03f2a834391ad24fe7d9b20cf92cb151763d41f5c76e2ff3e93ee296c4082ee73e7e197253a2b66c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0842b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f04c7f0be31491eb8c9ff68236c8600000000000000000000000066e034c81c3cab4e33fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f2243471221c15fa12313ffbfa7c2730302b66a99f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca20508011132153c528f7bca92980a3223c5b9cdddedb0a14adddf9a6e70a26b5c0ee0879c349814bee9d96d8bd23db4e801d49201ae84090455682794098afa42b34196b1d849020eeeb1ef48d003d71524683d7cdfa841bca708414fb8ff49742420d1ab7fa678aa4806d5247616e8bc0b02887f8efe9310ccf9bec1c9b7f6671c9d59ac6b09b4436cafdd1887c8e884c930d21ace088ccc99a94d4b33da2fc1b1310bb607a9ad65844655de1ac9fd36d12e07a821fb950368a970c58fb4f3f403fdaf68902874"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f0000000140)={0xa, 0x4e22}, 0x1c)
listen(r4, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000a00)={@local, @link_local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0180f2", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r5, &(0x7f0000000040)=[{&(0x7f0000000280)="580000001400192340834b80040d8c560a0677bc45ff810500000000000058000b480400945f64009400050028925a01000000000000008000f0fffeffe809000000fff5dd0000001000014001080800418e00000004fcff", 0x58}], 0x1)

8.896380932s ago: executing program 2 (id=606):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, 0x0, {0x0, 0x5}, {0xc, 0xa}, {0x0, 0xf}}}, 0x24}}, 0x4000)
sendmmsg$inet6(r0, &(0x7f00000031c0)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x9, @dev={0xfe, 0x80, '\x00', 0x33}, 0x9}, 0x1c, &(0x7f0000000040)=[{&(0x7f00000000c0)="8e", 0x1}], 0xe0}}], 0x1, 0x4040)

8.718587865s ago: executing program 2 (id=610):
bind$alg(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r3, &(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x3, {0x43}}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000940)=ANY=[@ANYBLOB="b4050000200080066110000000000000c6000000000000009500d800000000009f33ef60916e55893f1eeb0b2ae13d922e6235592ce847e2566c43d72918a897323fd0723043c47c896ce0bce66a245ad9d6817fd98cd824498949714ffaac8a6f77ef0000ca5d82054d54d53cd2b6db714e75d9bdae214fa68a0557eb2c5ca683a4b6fcfcff0bffffffffffd47042eaebfa6fa26fa7a347c7faa8e700458c60897d4a6148a1c11428427c40de60beacf871ab5c2ff88a02084e5b5271e45f00003826fb8579c1fb01d2c5553d2ccb5fc5b51fe6b174ebd9907dcff414ed55b0c20cdbe7009a6fe7cc78762f1d4dcdbca64920db9a50f86c21632f7a4bd344e0bd74ff05d37ef68e3b9db863c758ffffffffabe90ac5d08dd9d4e0359c41cf3626e1230bc1cd4c02c460ceb44276e9bd94d1c2e6d17dc5c2edf332a62f5fe68fbbbbfcfd00000000000fbf940e6652d357474ed5f816f66ac3027460ae66317f83cdd7a7eb2a7003d1a6cf5478533584961c329fcf5a43e05c92bfef0dcd28000000003f2915a3039c9a78f63b8ec7e60a0000fed7d67c440e23d130e51eea1e085bebabe7059de9cbfc5117c024185a062acb6b8eec31c21b3af8b9eedb4660ed2deb7acf2a33a376a5cb7d4266d5b0be14488d14b473502486ad8dd600000000000000000000c7766ea7c581782c0d90f42a85303835fc291c25d29e6bead5d7360f2e1929d7736ebc8558c4506407d3046022bdf25485bd5442169e9b4c1278343581b7a06f65e8ea6b042c4fd08381e5000000000000006398d6480000001a723b91030000006480304c66b217aea0156ce9eef911fe5b7370f79987303ecb3aabc53c60014a0101ab766754f596b41da9534d12b8306a1b36cf3b03f0d790879f523eabfbee83d8bd472ef69660cf6ec897106c51e54a17497f384c4956b41f3843e7c878b1e11316d8ddae1c6c3b85aaf7a9fcaf8f5d6186c42542d68ba72682c938d3c0a2e6e10eed71b1d31c9f300b41745329bf34495c63e43fb896e4903fb0fae54a8f0fe3b48a5b29d279070647e65097c8ecf32a15080000000000000001007ba4a70a084bd994ac5e00000000000000000000000000351a30cd97f83d72631d0fe92efa974a53f4dc1eb9a86df632a6d463688123f64d42a919bcfc44a90ffd680200000091f842a91c977f6075d07e39e669b0713af0498a99bf5261cb3269d499a5202d7a08b33ade7b38829b9bd39619688d5e9af22170ef83e5b92cbb32b655c45de1c154aad81bf64351668a3f76d5afa958aff76249e0ffdf8e45155536a1a44bfcbfbfd232af000052f9002a"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="12000000040000000400000012"], 0x48)
bpf$BPF_PROG_DETACH(0x8, 0x0, 0x10)
close(r4)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
listen(r6, 0xd75)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000580)={{r5, <r7=>0xffffffffffffffff}, &(0x7f0000000500), &(0x7f0000000540)=r4}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000280)={r7, &(0x7f0000000200)}, 0x20)

8.668130497s ago: executing program 4 (id=611):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000040)={0x3, &(0x7f0000000000)=[{0x50, 0x20}, {0x20, 0x0, 0x0, 0xfffff00c}, {0x6, 0x8, 0x0, 0x3}]}, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f00000002c0), 0xffffffffffffffff)
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12010000000000406c256d0000000000000109022400010000000009040000010300000009210000000122050009058103"], 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
r2 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000400)=ANY=[@ANYBLOB="4400000011002901800000000000000007000000", @ANYRES32=r2, @ANYBLOB="000000000000fdff1b001a800800038004000500080000003e"], 0x44}}, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x201, 0x0, 0x0, 0x0, 0x8, 0x1784, 0x4, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x3, 0x10, 0x4, [{{0x9, 0x4, 0x0, 0x3, 0x1, 0x3, 0x1, 0x0, 0xff, {0x9, 0x21, 0x10, 0x8, 0x1, {0x22, 0xf65}}, {{{0x9, 0x5, 0x81, 0x3, 0x8, 0xf, 0x2, 0xf}}}}}]}}]}}, &(0x7f0000000580)={0xa, &(0x7f0000000100)={0xa, 0x6, 0x250, 0x0, 0x4, 0x7d, 0x20, 0x6}, 0x12, &(0x7f0000000600)={0x5, 0xf, 0x12, 0x2, [@ptm_cap={0x3}, @ss_cap={0xa, 0x10, 0x3, 0x2, 0x0, 0x6, 0xb, 0x5}]}})
sendmsg$nl_xfrm(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc0000001900674c0000000000000000e0000001000000000000000000000000e000000200000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000400000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000044000500000000000000000000000000000000000000000033"], 0xfc}}, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000000140)={0x0, 0x80000, <r4=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(0xffffffffffffffff, 0xc02064b9, &(0x7f0000000280)={&(0x7f0000000180)=[0x0, 0x0, 0x0, <r5=>0x0, 0x0, 0x0, 0x0], &(0x7f0000000200)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x7, 0x0, 0xcccccccc})
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f00000006c0)={{0x1, 0x1, 0x18, <r6=>r4, {0x58b, 0x885}}, './file0\x00'})
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r6, 0xc04064a0, &(0x7f0000000640)={&(0x7f0000000380)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000003c0)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000440)=[<r7=>0x0, 0x0, 0x0], &(0x7f00000005c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6, 0x4, 0x3, 0x8})
ioctl$DRM_IOCTL_MODE_SETPROPERTY(r4, 0xc01064ab, &(0x7f0000000680)={0x8, r5, r7})
socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
r8 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r8, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback, 0x3}, 0x31)
sendmmsg$inet6(r8, &(0x7f0000002940), 0x40000000000017d, 0x811)
syz_usb_control_io(r1, &(0x7f0000000000)={0x2c, &(0x7f0000000300)=ANY=[@ANYBLOB="00dc6b"], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(r1, &(0x7f0000000240)={0x24, 0x0, &(0x7f0000000040)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x41b}}, 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(r1, &(0x7f00000002c0)={0x24, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="00030200000002"], 0x0, 0x0}, 0x0)
syz_usb_control_io(r1, 0x0, 0x0)

6.086598947s ago: executing program 0 (id=622):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
time(0x0)

6.040362985s ago: executing program 1 (id=623):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_GUEST_MEMFD(r1, 0xc040aed4, &(0x7f00000001c0)={0x1fe0000})
fstat(r2, &(0x7f0000003280))

5.645888395s ago: executing program 1 (id=624):
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000100))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5})
ioctl$UFFDIO_CONTINUE(r0, 0xc020aa08, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)

5.139052681s ago: executing program 1 (id=626):
socket$inet(0x2, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$bt_hci_HCI_FILTER(0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000440)={0x4, [0x1, 0x6], 0x7}, 0x10)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000016000000b70300000000fff48500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x2d)
unshare(0x2010000)
setsockopt$inet6_buf(0xffffffffffffffff, 0x29, 0x39, 0x0, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x3c0, 0x210, 0x9403, 0x3002, 0x210, 0x2c0, 0x2f0, 0x3d8, 0x3d8, 0x2f0, 0x3d8, 0x3, 0x0, {[{{@ipv6={@private2, @remote, [0xffffff00, 0x0, 0xffffffff], [0xffffffff, 0xffffff00, 0xffffffff], 'macvlan1\x00', 'wg2\x00', {}, {0xa4c8dd0ffa9b1578}, 0x73, 0x9, 0x4, 0x48}, 0x0, 0x1c8, 0x210, 0x0, {}, [@inet=@rpfilter={{0x28}, {0xc}}, @common=@inet=@recent0={{0xf8}, {0x0, 0x80, 0x1, 0x0, 'syz0\x00'}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@private1}}}, {{@uncond, 0x0, 0xa8, 0xe0}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{0xffffffffffffffff, 0x0, 0x2}, {0x4, 0x5, 0x5}, {0x3, 0x4}, 0xbf, 0xb}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x47b)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCDARP(r6, 0x8953, &(0x7f0000000080)={{0x2, 0x4e22, @empty}, {0x306, @remote}, 0x2, {0x2, 0x4e20, @multicast2}, 'gre0\x00'})
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=@framed={{0x66, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x70}, [@initr0]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xe, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x82)

5.124094691s ago: executing program 4 (id=627):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x7)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

4.988436451s ago: executing program 0 (id=628):
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x10, 0x4, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000000000000000000000711008"], &(0x7f0000000400)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xe, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

4.190167649s ago: executing program 3 (id=629):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace$getregset(0x4205, r0, 0x2, 0x0)
ptrace$getregset(0x4204, r0, 0x1, &(0x7f0000000480)={&(0x7f0000001240)=""/4096, 0x1000})

4.15424105s ago: executing program 4 (id=630):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
r3 = socket$l2tp(0x2, 0x2, 0x73)
getsockopt$inet_int(r3, 0x0, 0x6, 0x0, &(0x7f0000000140))
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r4, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x0, @remote, 0x2}}, 0x0, 0x0, 0x2e, 0x0, "8ddbb51a3cfd954e41e8ccb21f650fa6a867fb9bbcf0feeee4dc036d0675af58b39fa8d54ee8323507a61a95cf134ce8f605671338c7f8838a00bdfba71bc4b828c7de258b6b9ca1fc52bcc83e2a016a"}, 0xd8)
setsockopt$inet6_tcp_TCP_MD5SIG(r4, 0x6, 0xe, &(0x7f0000000340)={@in6={{0xa, 0x4e23, 0x8, @private2, 0xffffffff}}, 0x0, 0x0, 0x25, 0x0, "9c385ce6a7c276254a95e7f9306580f1feaf045e0171478c5f226dc1a8648d11d395bbd39214868d844a5bed9c5a44b3a22ee327b0d6de39b64f72f8fa248f0e54e72e667b45e545090fc405cc4ab5b1"}, 0xd8)
bind$inet6(r4, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r4, 0x1a103e43)
pipe(0x0)
r5 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r5, &(0x7f0000000080)=[{&(0x7f0000000200)="a10100001400add427323b470c45b45602067fffffff81004e22000d00ff0028925aa80020007b00090080000efffeffe809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee00000000000000000200000000", 0x1a1}], 0x1)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtfilter={0x64, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r6, {0x0, 0xf}, {}, {0x6}}, [@filter_kind_options=@f_flow={{0x9}, {0x34, 0x2, [@TCA_FLOW_EMATCHES={0x1e, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x6}}, @TCA_EMATCH_TREE_LIST={0x24, 0x2, 0x0, 0x1, [@TCF_EM_IPT={0x20, 0x1, 0x0, 0x0, {{0x8, 0x9, 0x40}, [@TCA_EM_IPT_HOOK={0x8, 0x1, 0x3}, @TCA_EM_IPT_MATCH_NAME={0xb}]}}]}]}]}}]}, 0x64}, 0x1, 0x0, 0x0, 0x10}, 0x2008c014)

4.128033006s ago: executing program 0 (id=631):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r0, 0x0, 0x0)

3.880358257s ago: executing program 0 (id=632):
r0 = openat$vcsu(0xffffffffffffff9c, 0x0, 0x8840, 0x0)
unshare(0x28000600)
fcntl$lock(r0, 0x11, &(0x7f0000003c80)={0x0, 0x0, 0x380000000000, 0x8})

3.812283389s ago: executing program 3 (id=633):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = creat(0x0, 0x0)
mkdir(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x1b, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0xfef7fffffffffffb}, 0x18)
prctl$PR_GET_SPECULATION_CTRL(0x35, 0x0, 0x10)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_TLS_TX(r3, 0x6, 0x1, 0x0, 0x0)
r4 = syz_io_uring_setup(0x3, &(0x7f0000000580)={0x0, 0xe7b7, 0x13500, 0x0, 0xfffffffd}, &(0x7f0000000240), &(0x7f0000001880))
io_uring_register$IORING_REGISTER_CLONE_BUFFERS(r4, 0x1e, &(0x7f0000000000)={r4}, 0x1)
setsockopt$inet_int(r3, 0x0, 0x13, 0x0, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000000340), 0x0, 0x0, 0x0)
madvise(&(0x7f0000e3a000/0x2000)=nil, 0x2000, 0x16)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x40880)

3.753649915s ago: executing program 2 (id=634):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
r0 = socket$inet(0x2, 0x3, 0x6)
ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000000)={{0x2, 0x0, @dev}, {0x1, @local}, 0x4a, {0x2, 0x0, @dev}})
r1 = socket$inet(0x2, 0x80000, 0x6)
ioctl$sock_inet_SIOCSARP(r1, 0x8955, &(0x7f0000000000)={{0x2, 0x3, @local}, {0x1, @remote}, 0x4a, {0x2, 0x8, @remote}, 'veth1_to_bridge\x00'})
ioctl$sock_inet_SIOCSARP(r0, 0x8953, &(0x7f0000000000)={{0x2, 0x0, @dev}, {0x0, @local}, 0x4a, {0x2, 0x0, @multicast2}, 'syz_tun\x00'})
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x5)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sched_getscheduler(r2)
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r5 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r5, 0x3b81, &(0x7f0000000100)={0xc, 0x0, <r6=>0x0})
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_GUEST_MEMFD(r8, 0xc040aed4, &(0x7f00000001c0)={0x1fe0000})
fstat(r9, &(0x7f0000003280))
ioctl$IOMMU_IOAS_MAP$PAGES(r5, 0x3b85, &(0x7f00000001c0)={0x28, 0x4, r6, 0x0, &(0x7f00005c6000/0x2000)=nil, 0x2000, 0xd})
ptrace(0x10, 0x0)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r10}, 0x10)

3.650694297s ago: executing program 0 (id=635):
r0 = syz_usb_connect(0x2, 0x239, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000e388d640697a01006ba8010203010902270201020010000904"], 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)

3.604403666s ago: executing program 4 (id=636):
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000100))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5})
ioctl$UFFDIO_CONTINUE(r0, 0xc020aa08, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)

2.426933816s ago: executing program 3 (id=637):
unshare(0x20000400)
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x149802, 0x0)
fcntl$F_SET_RW_HINT(r0, 0x40c, &(0x7f0000000140)=0x600)

2.399201153s ago: executing program 4 (id=638):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1, 0x5d032, 0xffffffffffffffff, 0x0)
r3 = userfaultfd(0x801)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000100))
r4 = openat$incfs(r2, &(0x7f00000002c0)='.pending_reads\x00', 0xa000, 0x138)
setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f00000007c0)=@mangle={'mangle\x00', 0x1f, 0x6, 0x4a8, 0x1e8, 0x120, 0x2c8, 0x360, 0x120, 0x410, 0x410, 0x410, 0x410, 0x410, 0x6, &(0x7f0000000300), {[{{@uncond, 0x0, 0xc0, 0x120, 0x0, {}, [@common=@addrtype={{0x30}, {0x401, 0x860}}, @common=@socket0={{0x20}}]}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @remote, 0x8, 0x2, [0xe, 0x3b, 0x2b, 0x9, 0x2c, 0x7, 0x1b, 0x30, 0x2b, 0x4, 0x1d, 0x4, 0x1e, 0x21, 0xd, 0x1f], 0x0, 0x5, 0x7fffffff}}}, {{@ip={@remote, @private=0xa010101, 0xff, 0xffffff00, 'veth1_macvtap\x00', 'syzkaller0\x00', {}, {0xff}, 0x84, 0x2, 0x1c}, 0x0, 0xa0, 0xc8, 0x0, {}, [@common=@addrtype={{0x30}, {0x10, 0x62, 0x1, 0x1}}]}, @ECN={0x28, 'ECN\x00', 0x0, {0x10, 0xa, 0x1}}}, {{@ip={@loopback, @private=0xa010101, 0x0, 0xffffffff, 'bridge0\x00', 'ip6tnl0\x00', {0xff}, {}, 0x6c, 0x2, 0x20}, 0x0, 0xb8, 0xe0, 0x0, {}, [@inet=@rpfilter={{0x28}, {0x8}}, @common=@socket0={{0x20}}]}, @TTL={0x28, 'TTL\x00', 0x0, {0x2, 0x6}}}, {{@ip={@rand_addr=0x64010102, @dev={0xac, 0x14, 0x14, 0x1e}, 0xffffffff, 0x0, 'vcan0\x00', 'ip6tnl0\x00', {}, {0xff}, 0x0, 0x2, 0x8}, 0x0, 0x70, 0x98}, @TTL={0x28, 'TTL\x00', 0x0, {0x3}}}, {{@uncond, 0x0, 0x70, 0xb0}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0xc0000000, 0x80000001, @ipv6=@rand_addr=' \x01\x00', 0x4e23}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x508)
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5})
ioctl$UFFDIO_CONTINUE(r3, 0xc020aa08, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
syz_clone(0xc040600, 0x0, 0x0, 0x0, 0x0, 0x0)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
r5 = syz_io_uring_setup(0x238, &(0x7f0000000740)={0x0, 0x198b, 0x10100, 0x0, 0x3b8, 0x0, r2}, &(0x7f0000000180)=<r6=>0x0, &(0x7f00000001c0)=<r7=>0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r5, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
r8 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x40, 0x1, 0x0)
mq_timedreceive(r8, &(0x7f0000000000)=""/83, 0x9b0c4f391059f39b, 0x20000900, &(0x7f0000000100)={0x77359400})
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x4e20, 0x6, @remote, 0xb}, 0x1c)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20, 0x6, @ipv4={'\x00', '\xff\xff', @multicast2}, 0x1}, 0x1c)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000240)='virtio_transport_alloc_pkt\x00', r9}, 0x18)
r10 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r10, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10)
syz_emit_ethernet(0xfef3, &(0x7f0000000200)={@local, @local, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "010100", 0x64, 0x11, 0x0, @remote, @local, {[], {0x4e20, 0xe22, 0x64, 0x0, @wg=@response={0x2, 0x1, 0x100004, "628e0960f6d6d3f6ee6d6b84b345dccac643e7df3e526ff07833b291322d4a74", "882ed6741e7632daeaec0c95f2ad1cd6", {"8fb3d9fd3efe8e4ea8b5ec7448ddd6a3", "215990e1b896120966af96b22cf049f0"}}}}}}}}, 0x0)

2.017471392s ago: executing program 2 (id=639):
r0 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt(r0, 0x1000, 0x81, &(0x7f00000003c0)="191cfc5b5b7101d1122a59552096116f40b229a5fc1a76746ba809237b96b2bc4cfa3db950363ea15e7abec4c3b8a92ffd3028946353d38807908ff356390b8f7d161d92b743d88aedfae4098db71941bde2d14a65d070b62704dafd25a2f2fde8", 0x61)
r1 = add_key$user(&(0x7f0000000380), &(0x7f0000000000)={'syz', 0x0}, &(0x7f0000000140)='_', 0x1, 0xfffffffffffffffe)
r2 = socket(0x10, 0x2, 0x0)
write(r2, 0x0, 0x0)
pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pause()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x8002, 0x0)
unshare(0x8000000)
semtimedop(0x0, 0x0, 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0xc1105511, &(0x7f0000000140)={0xa, 0x0, 0x1, 0x0, 'syz0\x00'})
r6 = add_key$user(&(0x7f0000000200), &(0x7f00000005c0), &(0x7f00000000c0), 0x390, 0xfffffffffffffffd)
r7 = accept$unix(0xffffffffffffffff, &(0x7f0000000080)=@abs, &(0x7f00000001c0)=0x6e)
connect$unix(r7, &(0x7f00000002c0)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
r8 = add_key$user(&(0x7f0000006400), &(0x7f0000006c00)={'syz', 0x3}, &(0x7f0000006900)="3e12d23d346cfdeb1716f738274bc1c03bee4423fa20837e6e86b86592e9be8351aabbd6e24f37d5095f839fa4a3507df4f7526f2440e7988da94ccd868dd8741d1e43eba0b67b516be14a8b51a75bfd611b2d7ae6a21d056c2c5116a416a76b0204dc55ea62d43c809e0ed6e56163fdab317afd5c34d614367e4425bb9a97e38b8beb84ef6d549eed5aaa86dbe646fc77a9b3df93199c796fa597f452bed6b6fbcc812df9be8e35d8d15086609c033a5d2a42d5dcb0d103098fa302c5b1d48f913f8b22a30a47d9ae02000000e2b855845f39806305f56d918cc5b4023fdbe9cae4147c84583ec9dd375031ba5ae65e31f00e641832d29ed658b91f33595b033222944765cb6a50d859f754ed83eefd480be0e3100965f081190bbb39a5965ceaa76975f8888504", 0x128, 0xfffffffffffffffe)
init_module(0x0, 0x300, 0x0)
keyctl$dh_compute(0x17, &(0x7f0000000100)={r1, r6, r8}, 0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={'sha3-512-generic\x00'}})

1.764470079s ago: executing program 3 (id=640):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x7)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

590.435362ms ago: executing program 3 (id=641):
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x10, 0x4, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000000000000000000000711008"], &(0x7f0000000400)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xe, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

553.254045ms ago: executing program 1 (id=642):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r0, 0x0, 0x0)

420.086051ms ago: executing program 4 (id=643):
sendmsg$NL80211_CMD_NEW_STATION(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="04000226", @ANYRES16=0x0, @ANYBLOB="00000000000000000004e800000008000317"], 0x1c}}, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
r1 = socket(0x10, 0x3, 0x0)
openat$dsp(0xffffffffffffff9c, 0x0, 0x84082, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000280), 0x26e31f841f2b2d7, 0x4)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r5, 0x29, 0x23, 0x0, 0x0)
sendmsg$nl_generic(r1, &(0x7f0000000940)={&(0x7f00000008c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000900)={0x0}, 0x1, 0x0, 0x0, 0x4000}, 0x8000)
write$FUSE_BMAP(0xffffffffffffffff, 0x0, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000000c80)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xc}}, 0x10)
r6 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000030c0)=[{&(0x7f0000000340)="1400000016001963d25a80648c56915a19aa2bfe", 0x14}], 0x1}, 0x0)
recvmsg(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000001580)=""/4090, 0xffa}], 0x1}, 0x0)
r7 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000001c0)="d8000000180081064e81f782db4cb904021d080006007c09e8fe55a10a0015000400142603600e1208000f0000000401a8001600200006400300000b035c0461c1d60008000000000000fb8000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f0f49e119c849ea6e5a0fc55e4cde205a214d6102d6dcbf33fb5ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6cc", 0xd8}], 0x1}, 0x80)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)={{0x14}, [@NFT_MSG_NEWSET={0x140, 0x12, 0xa, 0x9, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_DESC={0x10c, 0x9, 0x0, 0x1, [@NFTA_SET_DESC_CONCAT={0x108, 0x2, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xe}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x6}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x3ff}]}, {0x24, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x4}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x5}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x6}]}, {0x14, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x6}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x2}]}, {0x4}, {0x1c, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x5}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xfffff6e1}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xf7f7}]}, {0x24, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x5596}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x4}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x4}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x8}]}, {0x14, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x7}]}, {0x1c, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xfffffffc}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x6bf}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x6}]}, {0x34, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x47}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x4}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x5}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x409}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x5}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x3}]}]}]}]}], {0x14}}, 0x168}, 0x1, 0x0, 0x0, 0x890}, 0x0)
syz_open_dev$vim2m(0x0, 0x2000000f5, 0x2)

377.115762ms ago: executing program 3 (id=644):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b00"/12], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x2d)
r5 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040)='c:::\x00\xfdM\xab\x89\xff\xda\xc7dw2\xa1\xb2\xabuQQ\x14\x97\xc9\xfae\xc7\xa1U\xe2\xbe\"\xb9t\xa0\x0e\xfa\xdb\xf1\xa5.\xd87\xc3p\xa5l\xf8vC\xe2\xe8 \xd5-<#\x186\xe1\xbd\xc0\xc3\xb5N(vj\xa7+<:\xc4\xe00\x01\xdd \x82\x83\xed\x0e\xc4\x1d\xac\xef7\b\xd3Z5\\A\'\x18\xa2\xc3\xab\xc7`\xc3\v\xf3L\x9d[Q\x9e\x11@=\xa1\x9b\xdc\xb1\xef\xc3k<\x97L\xa0\xab\xa6\x1ce\xcd\x99\xb3m\xef\x87\xc5i^N\xbd@\x01\xc0\xb2\x88\xc3\xe2\x96T\xa3\xa5\xeb\x0f\xf2f\xb9$\xd2\x14<L\x19K\xbf\xf7\x9c\xe7 \x12+4.\xa9\xa7\xdc[\xd2\xec\xbe\x1a\xa1\x04\xd3\x9e\x92\x8a\xf7\xdb\xe7f\xdeo\xc1\xa5\xb6T\r)\x1c\xbe\x12\xd1\xef\xc2S\xcci\xc8\x0e\x00]\xe6|\xccK\xc7\r\xfa \x02\xe8\x1b\xc1\x93\xce\x02%\x86\xcb\x94K\v\xe7x\xe3\x06[/\xf9\xa8\x82\x9b\xeeF\x88\xc0f\x82\xb7T\r\x04\xbb\x10\x1d3\xa6', 0x0)
shmget$private(0x0, 0x1000, 0x4, &(0x7f0000cac000/0x1000)=nil)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
fsmount(r5, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x800012, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))

338.362752ms ago: executing program 1 (id=645):
r0 = openat$vcsu(0xffffffffffffff9c, 0x0, 0x8840, 0x0)
unshare(0x28000600)
fcntl$lock(r0, 0x11, &(0x7f0000003c80)={0x0, 0x0, 0x380000000000, 0x8})

207.834391ms ago: executing program 0 (id=646):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
socket$unix(0x1, 0x1, 0x0)
r2 = socket$l2tp(0x2, 0x2, 0x73)
getsockopt$inet_int(r2, 0x0, 0x6, 0x0, &(0x7f0000000140))
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x0, @remote, 0x2}}, 0x0, 0x0, 0x2e, 0x0, "8ddbb51a3cfd954e41e8ccb21f650fa6a867fb9bbcf0feeee4dc036d0675af58b39fa8d54ee8323507a61a95cf134ce8f605671338c7f8838a00bdfba71bc4b828c7de258b6b9ca1fc52bcc83e2a016a"}, 0xd8)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000340)={@in6={{0xa, 0x4e23, 0x8, @private2, 0xffffffff}}, 0x0, 0x0, 0x25, 0x0, "9c385ce6a7c276254a95e7f9306580f1feaf045e0171478c5f226dc1a8648d11d395bbd39214868d844a5bed9c5a44b3a22ee327b0d6de39b64f72f8fa248f0e54e72e667b45e545090fc405cc4ab5b1"}, 0xd8)
bind$inet6(r3, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r3, 0x1a103e43)
pipe(0x0)
r4 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r4, &(0x7f0000000080)=[{&(0x7f0000000200)="a10100001400add427323b470c45b45602067fffffff81004e22000d00ff0028925aa80020007b00090080000efffeffe809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee00000000000000000200000000", 0x1a1}], 0x1)
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {0x0, 0x1}, {0xffff, 0xffff}, {0x0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtfilter={0x64, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x0, 0xf}, {}, {0x6}}, [@filter_kind_options=@f_flow={{0x9}, {0x34, 0x2, [@TCA_FLOW_EMATCHES={0x1e, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x6}}, @TCA_EMATCH_TREE_LIST={0x24, 0x2, 0x0, 0x1, [@TCF_EM_IPT={0x20, 0x1, 0x0, 0x0, {{0x8, 0x9, 0x40}, [@TCA_EM_IPT_HOOK={0x8, 0x1, 0x3}, @TCA_EM_IPT_MATCH_NAME={0xb}]}}]}]}]}}]}, 0x64}, 0x1, 0x0, 0x0, 0x10}, 0x2008c014)

415.168µs ago: executing program 1 (id=647):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
write$cgroup_devices(r0, &(0x7f0000000a00)=ANY=[], 0xffdd)

0s ago: executing program 2 (id=648):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000880), 0x8, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
r2 = fsopen(&(0x7f0000000080)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x0, 0x0)
symlinkat(&(0x7f0000000140)='.\x00', r3, &(0x7f00000000c0)='./file0\x00')
ioctl$SG_GET_VERSION_NUM(0xffffffffffffffff, 0x2284, 0x0)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYRES16=r4, @ANYRES32=0x0, @ANYBLOB], 0x1c}}, 0x0)
r5 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x2, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r5, 0xc1105518, 0x0)

kernel console output (not intermixed with test programs):

anaged:4111164kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  142.073707][ T6352] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  142.303351][ T6340] lowmem_reserve[]: 0 0 0 0 0
[  142.313849][ T6340] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  142.493658][ T6364] fuse: Bad value for 'fd'
[  143.027357][   T30] audit: type=1800 audit(1743939098.390:5): pid=6364 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.99" name="file0" dev="loop0" ino=13 res=0 errno=0
[  143.075044][ T6340] Node 0 DMA32: 272*4kB (UME) 518*8kB (UME) 392*16kB (UME) 21*32kB (UME) 129*64kB (UME) 98*128kB (UME) 48*256kB (UM) 15*512kB (UM) 6*1024kB (UM) 4*2048kB (UM) 333*4096kB (M) = 1431248kB
[  143.105115][ T6340] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  143.119560][ T6340] Node 1 Normal: 217*4kB (UE) 57*8kB (UME) 49*16kB (UME) 192*32kB (UME) 97*64kB (UME) 27*128kB (UME) 16*256kB (UME) 11*512kB (UME) 4*1024kB (UME) 3*2048kB (U) 944*4096kB (M) = 3904508kB
[  143.138423][ T6340] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  143.149543][ T6340] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  143.159095][ T6340] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  143.169664][ T6340] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  143.179575][ T6340] 44788 total pagecache pages
[  143.184302][ T6340] 0 pages in swap cache
[  143.188658][ T6340] Free swap  = 124996kB
[  143.193021][ T6340] Total swap = 124996kB
[  143.197315][ T6340] 2097051 pages RAM
[  143.201155][ T6340] 0 pages HighMem/MovableOnly
[  143.206082][ T6340] 428599 pages reserved
[  143.206220][ T6360] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  143.210252][ T6340] 0 pages cma reserved
[  143.225795][ T6360] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  143.240272][ T6360] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  143.255210][ T6360] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  143.275885][ T6360] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  143.292779][ T6360] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  143.326081][ T6360] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  143.355878][ T6360] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  143.394606][ T6360] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  143.423050][ T6360] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  143.434128][ T6360] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  143.461494][ T6360] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  143.485709][ T6360] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  143.502424][ T6360] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  143.521725][ T6360] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  143.702913][ T5840] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.819323][   T55] Bluetooth: hci1: command 0x0c1a tx timeout
[  145.825576][ T5853] Bluetooth: hci0: command 0x0c1a tx timeout
[  145.832245][ T5853] Bluetooth: hci2: command 0x0c1a tx timeout
[  145.857991][ T5847] Bluetooth: hci3: command 0x0c1a tx timeout
[  145.864359][ T5847] Bluetooth: hci4: command 0x0c1a tx timeout
[  146.300088][ T6371] loop2: detected capacity change from 0 to 32768
[  146.702345][ T6371] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.102 (6371)
[  146.712574][ T6389] loop4: detected capacity change from 0 to 128
[  146.783422][ T6391] FAULT_INJECTION: forcing a failure.
[  146.783422][ T6391] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  146.840250][ T6391] CPU: 1 UID: 0 PID: 6391 Comm: syz.1.108 Not tainted 6.14.0-next-20250404-syzkaller #0 PREEMPT(full) 
[  146.840282][ T6391] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  146.840294][ T6391] Call Trace:
[  146.840302][ T6391]  <TASK>
[  146.840311][ T6391]  dump_stack_lvl+0x241/0x360
[  146.840350][ T6391]  ? __pfx_dump_stack_lvl+0x10/0x10
[  146.840381][ T6391]  ? __pfx__printk+0x10/0x10
[  146.840423][ T6391]  should_fail_ex+0x424/0x570
[  146.840461][ T6391]  _copy_to_user+0x31/0xb0
[  146.840491][ T6391]  simple_read_from_buffer+0xc4/0x170
[  146.840530][ T6391]  proc_fail_nth_read+0x1ef/0x260
[  146.840559][ T6391]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  146.840588][ T6391]  ? rw_verify_area+0x246/0x630
[  146.840614][ T6391]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  146.840640][ T6391]  vfs_read+0x21f/0xb90
[  146.840673][ T6391]  ? __pfx___mutex_lock+0x10/0x10
[  146.840700][ T6391]  ? __pfx_vfs_read+0x10/0x10
[  146.840724][ T6391]  ? __fget_files+0x2a/0x420
[  146.840747][ T6391]  ? __fget_files+0x39d/0x420
[  146.840767][ T6391]  ? __fget_files+0x2a/0x420
[  146.840799][ T6391]  ksys_read+0x19d/0x2d0
[  146.840828][ T6391]  ? __pfx_ksys_read+0x10/0x10
[  146.840861][ T6391]  ? do_syscall_64+0xb6/0x230
[  146.840893][ T6391]  do_syscall_64+0xf3/0x230
[  146.840921][ T6391]  ? clear_bhb_loop+0x45/0xa0
[  146.840945][ T6391]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.840965][ T6391] RIP: 0033:0x7f9a7cd8bb7c
[  146.840983][ T6391] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  146.841000][ T6391] RSP: 002b:00007f9a7dcd3030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  146.841031][ T6391] RAX: ffffffffffffffda RBX: 00007f9a7cfa5fa0 RCX: 00007f9a7cd8bb7c
[  146.841046][ T6391] RDX: 000000000000000f RSI: 00007f9a7dcd30a0 RDI: 0000000000000004
[  146.841058][ T6391] RBP: 00007f9a7dcd3090 R08: 0000000000000000 R09: 0000000000000000
[  146.841071][ T6391] R10: 0000200000000140 R11: 0000000000000246 R12: 0000000000000001
[  146.841083][ T6391] R13: 0000000000000000 R14: 00007f9a7cfa5fa0 R15: 00007ffdb4316418
[  146.841116][ T6391]  </TASK>
[  147.949681][ T5847] Bluetooth: hci4: command 0x0c1a tx timeout
[  147.955849][ T5847] Bluetooth: hci2: command 0x0c1a tx timeout
[  147.985465][ T5847] Bluetooth: hci1: command 0x0c1a tx timeout
[  148.008737][ T5847] Bluetooth: hci3: command 0x0c1a tx timeout
[  148.034402][ T5847] Bluetooth: hci0: command 0x0c1a tx timeout
[  149.603796][ T6412] loop2: detected capacity change from 0 to 64
[  149.810126][ T6418] loop4: detected capacity change from 0 to 256
[  149.884017][ T6418] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x4ec6003b, utbl_chksum : 0xe619d30d)
[  150.121830][ T5853] Bluetooth: hci0: command 0x0c1a tx timeout
[  150.128046][ T5853] Bluetooth: hci3: command 0x0c1a tx timeout
[  150.134581][ T5853] Bluetooth: hci1: command 0x0c1a tx timeout
[  150.140722][ T5853] Bluetooth: hci2: command 0x0c1a tx timeout
[  150.147265][ T5853] Bluetooth: hci4: command 0x0c1a tx timeout
[  151.069201][ T6425] loop1: detected capacity change from 0 to 2048
[  151.151981][ T6430] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  151.193963][ T6429] FAULT_INJECTION: forcing a failure.
[  151.193963][ T6429] name failslab, interval 1, probability 0, space 0, times 0
[  151.206962][ T6429] CPU: 1 UID: 0 PID: 6429 Comm: syz.2.121 Not tainted 6.14.0-next-20250404-syzkaller #0 PREEMPT(full) 
[  151.206990][ T6429] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  151.207002][ T6429] Call Trace:
[  151.207010][ T6429]  <TASK>
[  151.207019][ T6429]  dump_stack_lvl+0x241/0x360
[  151.207059][ T6429]  ? __pfx_dump_stack_lvl+0x10/0x10
[  151.207091][ T6429]  ? __pfx__printk+0x10/0x10
[  151.207116][ T6429]  ? do_raw_spin_lock+0x151/0x370
[  151.207162][ T6429]  should_fail_ex+0x424/0x570
[  151.207200][ T6429]  should_failslab+0xac/0x100
[  151.207234][ T6429]  kmem_cache_alloc_noprof+0x78/0x390
[  151.207265][ T6429]  ? radix_tree_node_alloc+0x8b/0x3c0
[  151.207298][ T6429]  radix_tree_node_alloc+0x8b/0x3c0
[  151.207332][ T6429]  idr_get_free+0x296/0xac0
[  151.207383][ T6429]  idr_alloc_u32+0x197/0x330
[  151.207407][ T6429]  ? __lock_acquire+0xad5/0xd80
[  151.207435][ T6429]  ? __pfx_idr_alloc_u32+0x10/0x10
[  151.207468][ T6429]  ? __lock_acquire+0xad5/0xd80
[  151.207496][ T6429]  idr_alloc_cyclic+0x108/0x310
[  151.207529][ T6429]  ? __pfx_idr_alloc_cyclic+0x10/0x10
[  151.207555][ T6429]  ? __radix_tree_preload+0x80/0x860
[  151.207578][ T6429]  ? bpf_link_prime+0x4c/0x240
[  151.207617][ T6429]  bpf_link_prime+0x6b/0x240
[  151.207653][ T6429]  cgroup_bpf_link_attach+0x1da/0x3c0
[  151.207687][ T6429]  ? __pfx_cgroup_bpf_link_attach+0x10/0x10
[  151.207720][ T6429]  ? __fget_files+0x2a/0x420
[  151.207747][ T6429]  ? bpf_prog_attach_check_attach_type+0x23a/0x4f0
[  151.207786][ T6429]  link_create+0x4f6/0x870
[  151.207819][ T6429]  __sys_bpf+0x5ad/0x8b0
[  151.207845][ T6429]  ? __pfx___sys_bpf+0x10/0x10
[  151.207883][ T6429]  ? ksys_write+0x275/0x2d0
[  151.207926][ T6429]  __x64_sys_bpf+0x7c/0x90
[  151.207948][ T6429]  do_syscall_64+0xf3/0x230
[  151.207976][ T6429]  ? clear_bhb_loop+0x45/0xa0
[  151.208002][ T6429]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.208022][ T6429] RIP: 0033:0x7fcee918d169
[  151.208040][ T6429] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  151.208057][ T6429] RSP: 002b:00007fceea08a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  151.208079][ T6429] RAX: ffffffffffffffda RBX: 00007fcee93a5fa0 RCX: 00007fcee918d169
[  151.208094][ T6429] RDX: 0000000000000010 RSI: 0000200000000080 RDI: 000000000000001c
[  151.208107][ T6429] RBP: 00007fceea08a090 R08: 0000000000000000 R09: 0000000000000000
[  151.208119][ T6429] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  151.208132][ T6429] R13: 0000000000000000 R14: 00007fcee93a5fa0 R15: 00007ffeae79e928
[  151.208165][ T6429]  </TASK>
[  151.634171][ T6413] loop3: detected capacity change from 0 to 32768
[  151.930458][ T6448] Driver unsupported XDP return value 0 on prog  (id 25) dev N/A, expect packet loss!
[  153.247970][ T6442] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[  153.254541][ T6442] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  153.262326][ T6442] vhci_hcd vhci_hcd.0: Device attached
[  153.571197][ T6413] workqueue: Failed to create a rescuer kthread for wq "btree_update": -EINTR
[  153.595271][ T6413] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): shutdown complete
[  153.616714][ T6443] vhci_hcd: connection closed
[  153.620349][ T6129] vhci_hcd: stop threads
[  153.630756][ T6129] vhci_hcd: release socket
[  153.635804][ T6129] vhci_hcd: disconnect device
[  153.721914][ T6451] loop0: detected capacity change from 0 to 1024
[  153.784876][ T6425] overlayfs: upper fs does not support tmpfile.
[  153.806879][ T6451] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  153.868923][ T6451] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  153.912736][ T6425] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  153.933432][ T6451] JBD2: no valid journal superblock found
[  153.940357][ T6451] EXT4-fs (loop0): Could not load journal inode
[  153.952601][ T6425] overlayfs: failed to set xattr on upper
[  154.012469][ T6425] overlayfs: ...falling back to redirect_dir=nofollow.
[  154.047846][ T6425] overlayfs: ...falling back to index=off.
[  154.133451][ T6425] overlayfs: ...falling back to uuid=null.
[  154.696158][ T6430] NILFS (loop1): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3)
[  154.707435][ T6430] NILFS error (device loop1): nilfs_bmap_propagate: broken bmap (inode number=4)
[  154.768710][ T6413] bcachefs: bch2_fs_get_tree() error: ENOMEM_btree_interior_update_worker_init
[  154.782399][ T6430] Remounting filesystem read-only
[  155.397705][ T6459] netlink: 908 bytes leftover after parsing attributes in process `syz.2.125'.
[  155.437130][ T5849] NILFS (loop1): disposed unprocessed dirty file(s) when stopping log writer
[  155.857138][ T5891] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  156.019320][ T5891] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  156.035284][ T5891] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  156.068722][ T5891] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  156.111357][ T5891] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  156.137582][ T5891] usb 5-1: SerialNumber: syz
[  156.231172][ T6471] loop1: detected capacity change from 0 to 64
[  156.249888][ T6471] =======================================================
[  156.249888][ T6471] WARNING: The mand mount option has been deprecated and
[  156.249888][ T6471]          and is ignored by this kernel. Remove the mand
[  156.249888][ T6471]          option from the mount to silence this warning.
[  156.249888][ T6471] =======================================================
[  156.284811][    C0] vkms_vblank_simulate: vblank timer overrun
[  156.517244][ T6475] netlink: 64 bytes leftover after parsing attributes in process `syz.2.130'.
[  157.970685][ T6482] FAULT_INJECTION: forcing a failure.
[  157.970685][ T6482] name failslab, interval 1, probability 0, space 0, times 0
[  158.091872][ T6482] CPU: 0 UID: 0 PID: 6482 Comm: syz.2.134 Not tainted 6.14.0-next-20250404-syzkaller #0 PREEMPT(full) 
[  158.091906][ T6482] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  158.091919][ T6482] Call Trace:
[  158.091927][ T6482]  <TASK>
[  158.091936][ T6482]  dump_stack_lvl+0x241/0x360
[  158.091976][ T6482]  ? __pfx_dump_stack_lvl+0x10/0x10
[  158.092007][ T6482]  ? __pfx__printk+0x10/0x10
[  158.092041][ T6482]  ? __pfx___might_resched+0x10/0x10
[  158.092075][ T6482]  should_fail_ex+0x424/0x570
[  158.092112][ T6482]  should_failslab+0xac/0x100
[  158.092145][ T6482]  __kmalloc_cache_noprof+0x73/0x370
[  158.092176][ T6482]  ? __se_sys_mount+0x170/0x400
[  158.092195][ T6482]  ? memdup_user+0x99/0xd0
[  158.092227][ T6482]  __se_sys_mount+0x170/0x400
[  158.092255][ T6482]  ? __pfx___se_sys_mount+0x10/0x10
[  158.092284][ T6482]  ? __x64_sys_mount+0x20/0xc0
[  158.092308][ T6482]  do_syscall_64+0xf3/0x230
[  158.092337][ T6482]  ? clear_bhb_loop+0x45/0xa0
[  158.092362][ T6482]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.092382][ T6482] RIP: 0033:0x7fcee918d169
[  158.092400][ T6482] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  158.092417][ T6482] RSP: 002b:00007fceea08a038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  158.092440][ T6482] RAX: ffffffffffffffda RBX: 00007fcee93a5fa0 RCX: 00007fcee918d169
[  158.092455][ T6482] RDX: 0000200000000140 RSI: 0000200000000100 RDI: 0000000000000000
[  158.092468][ T6482] RBP: 00007fceea08a090 R08: 0000200000002280 R09: 0000000000000000
[  158.092481][ T6482] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  158.092493][ T6482] R13: 0000000000000000 R14: 00007fcee93a5fa0 R15: 00007ffeae79e928
[  158.092526][ T6482]  </TASK>
[  158.275435][    C0] vkms_vblank_simulate: vblank timer overrun
[  158.677500][ T5891] usb 5-1: 0:2 : does not exist
[  158.815718][ T6488] loop0: detected capacity change from 0 to 256
[  158.854821][ T5891] usb 5-1: USB disconnect, device number 3
[  158.910233][ T6488] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x4ec6003b, utbl_chksum : 0xe619d30d)
[  158.938808][ T6490] sg_write: data in/out 85/8 bytes for SCSI command 0xff-- guessing data in;
[  158.938808][ T6490]    program syz.4.137 not setting count and/or reply_len properly
[  158.998548][ T6490] FAULT_INJECTION: forcing a failure.
[  158.998548][ T6490] name failslab, interval 1, probability 0, space 0, times 0
[  159.160209][ T6490] CPU: 0 UID: 0 PID: 6490 Comm: syz.4.137 Not tainted 6.14.0-next-20250404-syzkaller #0 PREEMPT(full) 
[  159.160239][ T6490] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  159.160252][ T6490] Call Trace:
[  159.160261][ T6490]  <TASK>
[  159.160269][ T6490]  dump_stack_lvl+0x241/0x360
[  159.160309][ T6490]  ? __pfx_dump_stack_lvl+0x10/0x10
[  159.160340][ T6490]  ? __pfx__printk+0x10/0x10
[  159.160370][ T6490]  ? sbitmap_find_bit+0x435/0x4c0
[  159.160406][ T6490]  should_fail_ex+0x424/0x570
[  159.160447][ T6490]  should_failslab+0xac/0x100
[  159.160482][ T6490]  __kmalloc_noprof+0xdf/0x4d0
[  159.160511][ T6490]  ? blk_rq_map_user_iov+0x16b/0x1af0
[  159.160533][ T6490]  ? blk_rq_map_user_iov+0x4bf/0x1af0
[  159.160561][ T6490]  blk_rq_map_user_iov+0x4bf/0x1af0
[  159.160612][ T6490]  ? __pfx_blk_rq_map_user_iov+0x10/0x10
[  159.160649][ T6490]  ? __lock_acquire+0xad5/0xd80
[  159.160685][ T6490]  ? import_ubuf+0x96/0x1d0
[  159.160716][ T6490]  blk_rq_map_user_io+0x28a/0x420
[  159.160747][ T6490]  ? __pfx_blk_rq_map_user_io+0x10/0x10
[  159.160778][ T6490]  ? sg_common_write+0xc27/0x16c0
[  159.160805][ T6490]  ? __mutex_unlock_slowpath+0x229/0x800
[  159.160844][ T6490]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  159.160878][ T6490]  ? __pfx_vprintk_emit+0x10/0x10
[  159.160907][ T6490]  ? sg_link_reserve+0x28a/0x530
[  159.160933][ T6490]  sg_common_write+0xe5d/0x16c0
[  159.160974][ T6490]  ? __pfx_sg_common_write+0x10/0x10
[  159.161011][ T6490]  sg_write+0xa5b/0xf30
[  159.161053][ T6490]  ? __pfx_sg_write+0x10/0x10
[  159.161121][ T6490]  ? apparmor_file_permission+0xc5/0xe0
[  159.161156][ T6490]  ? bpf_lsm_file_permission+0x9/0x10
[  159.161183][ T6490]  ? rw_verify_area+0x246/0x630
[  159.161208][ T6490]  ? __pfx_sg_write+0x10/0x10
[  159.161242][ T6490]  vfs_write+0x2bc/0xd10
[  159.161282][ T6490]  ? __pfx_vfs_write+0x10/0x10
[  159.161309][ T6490]  ? __fget_files+0x2a/0x420
[  159.161331][ T6490]  ? __fget_files+0x2a/0x420
[  159.161354][ T6490]  ? __fget_files+0x39d/0x420
[  159.161374][ T6490]  ? __fget_files+0x2a/0x420
[  159.161405][ T6490]  ksys_write+0x19d/0x2d0
[  159.161435][ T6490]  ? __pfx_ksys_write+0x10/0x10
[  159.161468][ T6490]  ? do_syscall_64+0xb6/0x230
[  159.161499][ T6490]  do_syscall_64+0xf3/0x230
[  159.161527][ T6490]  ? clear_bhb_loop+0x45/0xa0
[  159.161553][ T6490]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.161573][ T6490] RIP: 0033:0x7f37a318d169
[  159.161591][ T6490] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  159.161608][ T6490] RSP: 002b:00007f37a3fa7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  159.161630][ T6490] RAX: ffffffffffffffda RBX: 00007f37a33a5fa0 RCX: 00007f37a318d169
[  159.161645][ T6490] RDX: 0000000000000038 RSI: 00002000000003c0 RDI: 0000000000000004
[  159.161658][ T6490] RBP: 00007f37a3fa7090 R08: 0000000000000000 R09: 0000000000000000
[  159.161678][ T6490] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  159.161690][ T6490] R13: 0000000000000000 R14: 00007f37a33a5fa0 R15: 00007fffdf11e358
[  159.161722][ T6490]  </TASK>
[  159.470092][    C0] vkms_vblank_simulate: vblank timer overrun
[  162.344096][ T5857] udevd[5857]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  162.455500][ T6503] loop4: detected capacity change from 0 to 2048
[  162.758349][ T6514] netlink: 908 bytes leftover after parsing attributes in process `syz.2.140'.
[  162.822665][ T6513] sg_write: data in/out 85/8 bytes for SCSI command 0xff-- guessing data in;
[  162.822665][ T6513]    program syz.0.142 not setting count and/or reply_len properly
[  162.839818][ T6503] iocharset ap865 not found
[  163.574342][   T24] IPVS: starting estimator thread 0...
[  163.795006][ T6519] IPVS: using max 26 ests per chain, 62400 per kthread
[  163.821397][ T6507] loop1: detected capacity change from 0 to 8
[  163.835444][ T6507] SQUASHFS error: lzo decompression failed, data probably corrupt
[  163.843405][ T6507] SQUASHFS error: Failed to read block 0x91: -5
[  163.850637][ T6507] SQUASHFS error: Unable to read metadata cache entry [8f]
[  163.857901][ T6507] SQUASHFS error: Unable to read inode 0x11f
[  165.104593][ T6533] loop0: detected capacity change from 0 to 256
[  165.160218][ T6533] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x4ec6003b, utbl_chksum : 0xe619d30d)
[  165.489154][    T9] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  165.638201][ T6537] netlink: 40 bytes leftover after parsing attributes in process `syz.2.149'.
[  165.672682][ T6517] loop3: detected capacity change from 0 to 32768
[  165.683057][ T6522] loop4: detected capacity change from 0 to 32768
[  165.706874][ T6517] BTRFS: device /dev/loop3 (7:3) using temp-fsid 71b5b44d-c8c4-4604-98c0-29e1345b8472
[  165.750004][ T6517] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.144 (6517)
[  165.800328][ T6522] JBD2: Ignoring recovery information on journal
[  165.850665][ T6517] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  165.946678][ T6517] BTRFS info (device loop3): using crc32c (crc32c-x86_64) checksum algorithm
[  166.038905][ T6517] BTRFS info (device loop3): using free-space-tree
[  166.123505][ T6517] workqueue: Failed to create a rescuer kthread for wq "btrfs-worker": -EINTR
[  166.123929][ T6517] workqueue: Failed to create a rescuer kthread for wq "btrfs-delalloc": -EINTR
[  166.168107][ T6522] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  166.226914][ T6517] workqueue: Failed to create a rescuer kthread for wq "btrfs-flush_delalloc": -EINTR
[  166.227537][ T6517] workqueue: Failed to create a rescuer kthread for wq "btrfs-cache": -EINTR
[  166.315474][ T6517] workqueue: Failed to create a rescuer kthread for wq "btrfs-fixup": -EINTR
[  166.363794][ T6517] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio": -EINTR
[  166.391989][ T6531] loop1: detected capacity change from 0 to 32768
[  166.447228][ T6517] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-meta": -EINTR
[  166.447585][ T6517] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR
[  166.507372][ T6517] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR
[  166.551684][ T6531] BTRFS: device /dev/loop1 (7:1) using temp-fsid 60dd96c3-3f33-4651-bc2b-7bee255cb063
[  166.598300][ T6517] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR
[  166.598677][ T6517] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR
[  166.721851][ T6531] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.147 (6531)
[  166.850621][ T6517] BTRFS error (device loop3): open_ctree failed: -12
[  166.940668][ T6531] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  166.947473][ T5850] ocfs2: Unmounting device (7,4) on (node local)
[  166.960476][ T6531] BTRFS info (device loop1): using crc32c (crc32c-x86_64) checksum algorithm
[  166.997366][ T6531] BTRFS info (device loop1): using free-space-tree
[  167.247505][ T5891] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  167.408684][    T9] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  167.461211][ T5891] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  167.481665][ T5891] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  167.518064][ T5891] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[  167.550985][ T5891] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  167.582559][ T5891] usb 3-1: New USB device found, idVendor=2040, idProduct=1605, bcdDevice= a.94
[  167.606594][ T5891] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  167.621283][ T6578] loop4: detected capacity change from 0 to 256
[  167.644986][ T5891] usb 3-1: config 0 descriptor??
[  167.662142][ T5849] BTRFS info (device loop1): last unmount of filesystem 60dd96c3-3f33-4651-bc2b-7bee255cb063
[  167.682917][ T6578] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  168.263705][   T30] audit: type=1800 audit(1743939123.597:6): pid=6586 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.152" name="file1" dev="loop4" ino=10 res=0 errno=0
[  168.799831][ T6586] exFAT-fs (loop4): error, broken FAT chain.
[  169.408408][ T6586] exFAT-fs (loop4): error, failed to bmap (inode : ffff88805c3a0e38 iblock : 8, err : -5)
[  169.422365][ T6585] loop0: detected capacity change from 0 to 2048
[  169.426744][ T6586] exFAT-fs (loop4): error, broken FAT chain.
[  169.435612][ T6586] exFAT-fs (loop4): error, failed to bmap (inode : ffff88805c3a0e38 iblock : 8, err : -5)
[  169.448410][ T6586] exFAT-fs (loop4): error, broken FAT chain.
[  169.454578][ T6585] /dev/loop0: Can't open blockdev
[  169.523736][ T6586] exFAT-fs (loop4): error, failed to bmap (inode : ffff88805c3a0e38 iblock : 9, err : -5)
[  169.548678][ T6586] exFAT-fs (loop4): error, broken FAT chain.
[  169.556219][ T6586] exFAT-fs (loop4): error, failed to bmap (inode : ffff88805c3a0e38 iblock : 10, err : -5)
[  169.609783][ T6586] exFAT-fs (loop4): error, broken FAT chain.
[  169.656553][ T6586] exFAT-fs (loop4): error, failed to bmap (inode : ffff88805c3a0e38 iblock : 11, err : -5)
[  169.715768][ T6586] exFAT-fs (loop4): error, broken FAT chain.
[  169.764166][ T6586] exFAT-fs (loop4): error, failed to bmap (inode : ffff88805c3a0e38 iblock : 12, err : -5)
[  169.816922][ T6586] exFAT-fs (loop4): error, broken FAT chain.
[  169.837635][ T6586] exFAT-fs (loop4): error, failed to bmap (inode : ffff88805c3a0e38 iblock : 13, err : -5)
[  169.870450][ T6586] exFAT-fs (loop4): error, broken FAT chain.
[  169.876569][ T6586] exFAT-fs (loop4): error, failed to bmap (inode : ffff88805c3a0e38 iblock : 14, err : -5)
[  169.886885][ T6586] exFAT-fs (loop4): error, broken FAT chain.
[  169.951722][ T6586] exFAT-fs (loop4): error, failed to bmap (inode : ffff88805c3a0e38 iblock : 15, err : -5)
[  170.007048][ T6586] exFAT-fs (loop4): error, broken FAT chain.
[  170.034277][ T6586] exFAT-fs (loop4): error, failed to bmap (inode : ffff88805c3a0e38 iblock : 16, err : -5)
[  170.067784][ T6586] exFAT-fs (loop4): error, broken FAT chain.
[  170.068850][ T6599] loop3: detected capacity change from 0 to 512
[  170.074573][ T6586] exFAT-fs (loop4): error, broken FAT chain.
[  170.090798][ T6586] exFAT-fs (loop4): error, broken FAT chain.
[  170.096971][ T6586] exFAT-fs (loop4): error, broken FAT chain.
[  170.108067][ T6586] exFAT-fs (loop4): error, broken FAT chain.
[  170.116178][ T6586] exFAT-fs (loop4): error, broken FAT chain.
[  170.124179][ T6586] exFAT-fs (loop4): error, broken FAT chain.
[  170.132596][ T6586] exFAT-fs (loop4): error, broken FAT chain.
[  170.138991][ T6586] exFAT-fs (loop4): error, broken FAT chain.
[  170.245680][ T6599] netlink: 32 bytes leftover after parsing attributes in process `syz.3.159'.
[  170.813956][    T9] usb 3-1: USB disconnect, device number 3
[  170.840986][ T6586] exFAT-fs (loop4): error, broken FAT chain.
[  170.869592][ T6586] exFAT-fs (loop4): error, broken FAT chain.
[  170.889370][ T6586] exFAT-fs (loop4): error, broken FAT chain.
[  170.962086][ T6586] exFAT-fs (loop4): error, broken FAT chain.
[  170.992074][ T6586] exFAT-fs (loop4): error, broken FAT chain.
[  171.028609][ T6586] exFAT-fs (loop4): error, broken FAT chain.
[  171.096246][ T6586] exFAT-fs (loop4): error, broken FAT chain.
[  171.140797][ T6586] exFAT-fs (loop4): error, broken FAT chain.
[  171.358768][   T30] audit: type=1800 audit(1743939126.604:7): pid=6586 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.152" name="file2" dev="loop4" ino=10 res=0 errno=0
[  171.378125][    C0] vkms_vblank_simulate: vblank timer overrun
[  171.838759][ T6609] loop3: detected capacity change from 0 to 256
[  171.905720][ T6609] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x4ec6003b, utbl_chksum : 0xe619d30d)
[  171.956905][ T6586] syz.4.152 (6586) used greatest stack depth: 19248 bytes left
[  173.147743][ T6619] hfs: can't find a HFS filesystem on dev nullb0
[  173.938149][ T6629] FAULT_INJECTION: forcing a failure.
[  173.938149][ T6629] name failslab, interval 1, probability 0, space 0, times 0
[  174.179693][ T6629] CPU: 0 UID: 0 PID: 6629 Comm: syz.2.167 Not tainted 6.14.0-next-20250404-syzkaller #0 PREEMPT(full) 
[  174.179724][ T6629] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  174.179738][ T6629] Call Trace:
[  174.179746][ T6629]  <TASK>
[  174.179755][ T6629]  dump_stack_lvl+0x241/0x360
[  174.179802][ T6629]  ? __pfx_dump_stack_lvl+0x10/0x10
[  174.179833][ T6629]  ? __pfx__printk+0x10/0x10
[  174.179868][ T6629]  ? __pfx___might_resched+0x10/0x10
[  174.179901][ T6629]  should_fail_ex+0x424/0x570
[  174.179938][ T6629]  should_failslab+0xac/0x100
[  174.179971][ T6629]  __kmalloc_noprof+0xdf/0x4d0
[  174.180002][ T6629]  ? video_usercopy+0x204/0x1330
[  174.180039][ T6629]  video_usercopy+0x204/0x1330
[  174.180071][ T6629]  ? preempt_schedule_irq+0x145/0x1c0
[  174.180098][ T6629]  ? rcu_read_unlock_special+0x49b/0x570
[  174.180125][ T6629]  ? __pfx___video_do_ioctl+0x10/0x10
[  174.180156][ T6629]  ? __pfx_video_usercopy+0x10/0x10
[  174.180212][ T6629]  ? __pfx_video_ioctl2+0x10/0x10
[  174.180254][ T6629]  v4l2_ioctl+0x189/0x1e0
[  174.180295][ T6629]  ? __pfx_v4l2_ioctl+0x10/0x10
[  174.180325][ T6629]  __se_sys_ioctl+0xf1/0x160
[  174.180355][ T6629]  do_syscall_64+0xf3/0x230
[  174.180382][ T6629]  ? clear_bhb_loop+0x45/0xa0
[  174.180407][ T6629]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  174.180426][ T6629] RIP: 0033:0x7fcee918d169
[  174.180444][ T6629] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  174.180460][ T6629] RSP: 002b:00007fceea08a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  174.180482][ T6629] RAX: ffffffffffffffda RBX: 00007fcee93a5fa0 RCX: 00007fcee918d169
[  174.180497][ T6629] RDX: 0000200000000440 RSI: 00000000c0d05604 RDI: 0000000000000003
[  174.180510][ T6629] RBP: 00007fceea08a090 R08: 0000000000000000 R09: 0000000000000000
[  174.180522][ T6629] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  174.180533][ T6629] R13: 0000000000000000 R14: 00007fcee93a5fa0 R15: 00007ffeae79e928
[  174.180565][ T6629]  </TASK>
[  174.383416][    C0] vkms_vblank_simulate: vblank timer overrun
[  174.782199][ T6637] A link change request failed with some changes committed already. Interface xfrm0 may have been left with an inconsistent configuration, please check.
[  175.097557][ T5891] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  175.341384][ T6632] loop2: detected capacity change from 0 to 4096
[  175.350228][ T6632] ntfs3: Unknown parameter 'd9�'
[  175.722316][ T6644] loop4: detected capacity change from 0 to 512
[  176.577062][ T6647] netlink: 32 bytes leftover after parsing attributes in process `syz.4.172'.
[  178.790214][ T6672] loop2: detected capacity change from 0 to 256
[  178.801659][ T6672] exfat: Deprecated parameter 'namecase'
[  178.872928][ T6672] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x2eabf3fa, utbl_chksum : 0xe619d30d)
[  179.111239][ T6676] loop0: detected capacity change from 0 to 8
[  179.226912][ T6680] netlink: 277 bytes leftover after parsing attributes in process `syz.1.182'.
[  179.488208][ T6661] loop4: detected capacity change from 0 to 32768
[  179.505503][ T6683] loop0: detected capacity change from 0 to 4096
[  179.507496][ T6661] BTRFS: device /dev/loop4 (7:4) using temp-fsid 9d0600d9-bd59-4085-ac92-7149e8a1d0f3
[  179.556902][ T6683] ntfs3(loop0): Different NTFS sector size (1024) and media sector size (512).
[  179.632120][ T6661] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.176 (6661)
[  180.092948][ T6661] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  180.155338][ T6661] BTRFS info (device loop4): using crc32c (crc32c-x86_64) checksum algorithm
[  180.232489][ T6661] BTRFS info (device loop4): using free-space-tree
[  180.479087][ T6712] loop3: detected capacity change from 0 to 512
[  180.610596][ T6711] netlink: 32 bytes leftover after parsing attributes in process `syz.3.186'.
[  180.873638][ T6129] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  181.476444][ T5850] BTRFS info (device loop4): last unmount of filesystem 9d0600d9-bd59-4085-ac92-7149e8a1d0f3
[  181.751322][   T24] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  181.995728][   T24] usb 2-1: Using ep0 maxpacket: 32
[  182.044543][   T24] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  182.163894][   T24] usb 2-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f
[  182.229453][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  182.278573][   T24] usb 2-1: Product: syz
[  182.307494][   T24] usb 2-1: Manufacturer: syz
[  182.329916][   T24] usb 2-1: SerialNumber: syz
[  182.396332][   T24] usb 2-1: config 0 descriptor??
[  182.568722][ T6717] loop2: detected capacity change from 0 to 32768
[  182.745539][ T6726] loop3: detected capacity change from 0 to 512
[  183.295549][   T12] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  183.461234][ T6732] hfs: can't find a HFS filesystem on dev nullb0
[  183.522028][ T6717] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  183.540886][ T6717] BTRFS info (device loop2): using crc32c (crc32c-x86_64) checksum algorithm
[  183.551185][ T6717] BTRFS info (device loop2): using free-space-tree
[  183.721073][ T6717] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR
[  183.721488][ T6717] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR
[  183.725403][ T6745] syz.0.195 uses obsolete (PF_INET,SOCK_PACKET)
[  183.765850][ T6717] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR
[  183.787530][ T6717] BTRFS error (device loop2): open_ctree failed: -12
[  184.878223][ T6737] loop3: detected capacity change from 0 to 32768
[  184.911186][ T6737] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.194 (6737)
[  184.965915][ T6737] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  185.018726][ T5891] usb 2-1: USB disconnect, device number 3
[  185.033805][ T6737] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  185.060926][ T6737] BTRFS info (device loop3): using free-space-tree
[  185.086136][ T6770] loop4: detected capacity change from 0 to 2048
[  185.129932][ T6758] loop0: detected capacity change from 0 to 32768
[  185.161579][ T6758] BTRFS: device /dev/loop0 (7:0) using temp-fsid d8923ee4-d669-4800-87c2-53e531ce2a67
[  185.176093][ T6770]  loop4: p1 < > p3
[  185.208594][ T6758] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.195 (6758)
[  185.224758][ T6770] loop4: p3 size 134217728 extends beyond EOD, truncated
[  185.333034][ T6737] BTRFS info (device loop3): rebuilding free space tree
[  185.335428][ T6758] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  185.433367][ T6758] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  185.492920][ T6758] BTRFS info (device loop0): using free-space-tree
[  185.658972][ T6801] loop4: detected capacity change from 0 to 512
[  185.691539][ T6758] BTRFS info (device loop0): rebuilding free space tree
[  185.781606][ T6801] netlink: 32 bytes leftover after parsing attributes in process `syz.4.201'.
[  185.847813][ T5839] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  186.288297][   T71] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  186.775400][ T6815] loop4: detected capacity change from 0 to 1024
[  186.826367][ T5840] BTRFS info (device loop0): last unmount of filesystem d8923ee4-d669-4800-87c2-53e531ce2a67
[  186.921119][ T6815] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  186.945588][ T6815] ext4 filesystem being mounted at /30/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  186.977348][ T6787] loop1: detected capacity change from 0 to 32768
[  187.040859][ T6822] loop3: detected capacity change from 0 to 512
[  187.077675][ T6787] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.200 (6787)
[  187.082153][ T6822] ext2: Unknown parameter 'fscontext'
[  187.098218][ T6815] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  187.232281][ T6787] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  187.288127][ T6827] loop3: detected capacity change from 0 to 128
[  187.345747][ T6787] BTRFS info (device loop1): using crc32c (crc32c-x86_64) checksum algorithm
[  187.370258][ T6787] BTRFS info (device loop1): using free-space-tree
[  187.425726][    T9] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  187.699926][    T9] usb 5-1: Using ep0 maxpacket: 8
[  188.324850][    T9] usb 5-1: config 162 has an invalid interface number: 174 but max is 0
[  188.345037][    T9] usb 5-1: config 162 has no interface number 0
[  188.366302][    T9] usb 5-1: config 162 interface 174 has no altsetting 0
[  188.388020][    T9] usb 5-1: New USB device found, idVendor=10c4, idProduct=88a5, bcdDevice=11.0d
[  188.422258][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  188.451717][    T9] usb 5-1: Product: syz
[  188.455971][    T9] usb 5-1: Manufacturer: syz
[  188.486662][    T9] usb 5-1: SerialNumber: syz
[  188.552163][ T5849] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  188.629565][ T3001] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  188.757816][    T9] cp210x 5-1:162.174: cp210x converter detected
[  188.778908][    T9] cp210x 5-1:162.174: failed to get vendor val 0x370b size 1: -71
[  188.795402][    T9] cp210x 5-1:162.174: querying part number failed
[  188.802947][ T6818] loop2: detected capacity change from 0 to 32768
[  188.837665][ T6818] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.206 (6818)
[  188.848610][    T9] usb 5-1: cp210x converter now attached to ttyUSB0
[  188.911531][ T6818] BTRFS info (device loop2): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  188.935325][ T6818] BTRFS info (device loop2): using xxhash64 (xxhash64-generic) checksum algorithm
[  188.969016][    T9] usb 5-1: USB disconnect, device number 4
[  189.029698][ T6818] BTRFS error (device loop2): superblock checksum mismatch
[  189.093831][    T9] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  190.313060][ T6855] loop1: detected capacity change from 0 to 32768
[  191.187290][    T9] cp210x 5-1:162.174: device disconnected
[  191.294967][ T6855] ERROR: (device loop1): diAllocBit: iag inconsistent
[  191.294967][ T6855] 
[  191.330515][ T6855] ERROR: (device loop1): remounting filesystem as read-only
[  191.339556][ T6855] ialloc: diAlloc returned -5!
[  191.730475][ T6818] BTRFS error (device loop2): open_ctree failed: -22
[  191.750475][   T63] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  191.913645][ T6858] loop3: detected capacity change from 0 to 256
[  191.926728][ T5850] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  191.957771][ T6858] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x4ec6003b, utbl_chksum : 0xe619d30d)
[  192.161736][   T30] audit: type=1800 audit(1743939147.466:8): pid=6862 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.213" name="bus" dev="tmpfs" ino=2 res=0 errno=0
[  192.684553][ T6869] block nbd1: shutting down sockets
[  192.721357][ T6868] loop1: detected capacity change from 0 to 47
[  192.789695][ T6872] loop0: detected capacity change from 0 to 512
[  192.943580][ T6872] netlink: 32 bytes leftover after parsing attributes in process `syz.0.216'.
[  194.142860][ T6866] loop2: detected capacity change from 0 to 32768
[  194.176250][ T6866] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.215 (6866)
[  194.265530][ T6866] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  194.304867][ T6866] BTRFS info (device loop2): using crc32c (crc32c-x86_64) checksum algorithm
[  194.320037][   T63] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  194.333058][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  194.339397][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  194.367018][ T6866] BTRFS info (device loop2): using free-space-tree
[  194.600589][ T6893] netlink: 908 bytes leftover after parsing attributes in process `syz.4.220'.
[  195.346553][ T6908] netlink: 11 bytes leftover after parsing attributes in process `syz.4.221'.
[  195.378053][ T5855] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  195.520948][ T6884] loop3: detected capacity change from 0 to 32768
[  195.560046][ T6884] XFS: noikeep mount option is deprecated.
[  195.691095][ T6882] loop0: detected capacity change from 0 to 32768
[  195.749673][ T6882] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.218 (6882)
[  195.768741][ T6884] XFS (loop3): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  195.836973][ T6919] syz.2.222 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  196.239942][ T6923] vimc link validate: Sensor A:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 0:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  196.286543][ T6882] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  196.392997][ T6882] BTRFS info (device loop0): using crc32c (crc32c-x86_64) checksum algorithm
[  196.522343][ T6882] BTRFS info (device loop0): using free-space-tree
[  196.769390][ T6882] workqueue: Failed to create a rescuer kthread for wq "btrfs-worker": -EINTR
[  196.771036][ T6882] workqueue: Failed to create a rescuer kthread for wq "btrfs-delalloc": -EINTR
[  196.884380][ T6882] workqueue: Failed to create a rescuer kthread for wq "btrfs-flush_delalloc": -EINTR
[  196.894344][ T6882] workqueue: Failed to create a rescuer kthread for wq "btrfs-cache": -EINTR
[  196.904992][ T6882] workqueue: Failed to create a rescuer kthread for wq "btrfs-fixup": -EINTR
[  196.905943][ T6925] loop2: detected capacity change from 0 to 16
[  196.915028][ T6882] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio": -EINTR
[  196.930179][ T6882] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-meta": -EINTR
[  196.934605][ T6925] erofs (device loop2): unsupported chunk format ffff of nid 36
[  196.940135][ T6882] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR
[  196.959135][ T6882] workqueue: Failed to create a rescuer kthread for wq "btrfs-compressed-write": -EINTR
[  197.080205][ T6882] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR
[  197.127340][ T6884] XFS (loop3): Ending clean mount
[  197.208340][ T6882] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR
[  197.208697][ T6882] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR
[  197.253170][ T6884] XFS (loop3): Quotacheck needed: Please wait.
[  197.447269][ T6882] BTRFS error (device loop0): open_ctree failed: -12
[  197.514804][   T36] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  197.654141][ T6884] XFS (loop3): Quotacheck: Done.
[  197.941909][ T5839] XFS (loop3): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  198.613958][ T6965] netlink: 908 bytes leftover after parsing attributes in process `syz.0.232'.
[  199.436468][ T3001] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  199.596034][ T5853] Bluetooth: hci4: command 0x0c1a tx timeout
[  199.600687][ T6974] gtp0: entered promiscuous mode
[  199.711411][ T6974] gtp0: entered allmulticast mode
[  199.942792][ T6977] vimc link validate: Sensor A:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 0:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  200.703588][ T6983] loop1: detected capacity change from 0 to 16
[  200.712935][ T6983] erofs (device loop1): unsupported chunk format ffff of nid 36
[  200.732563][ T6981] input: syz0 as /devices/virtual/input/input5
[  201.672797][ T6989] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  201.881260][ T6993] loop2: detected capacity change from 0 to 256
[  202.015856][ T6995] loop0: detected capacity change from 0 to 8
[  202.037635][ T6993] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x4ec6003b, utbl_chksum : 0xe619d30d)
[  202.209427][ T7000] loop4: detected capacity change from 0 to 512
[  202.411589][ T7000] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  202.478244][ T7000] ext4 filesystem being mounted at /37/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  203.051263][ T6982] loop3: detected capacity change from 0 to 32768
[  203.073457][ T6982] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.238 (6982)
[  203.174898][ T6982] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  203.208197][ T6982] BTRFS info (device loop3): using crc32c (crc32c-x86_64) checksum algorithm
[  203.276577][ T6982] BTRFS info (device loop3): using free-space-tree
[  203.283824][ T6129] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  203.669424][ T5894] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  203.778849][ T5850] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  203.869392][ T5894] usb 1-1: Using ep0 maxpacket: 32
[  203.876284][ T5894] usb 1-1: New USB device found, idVendor=041e, idProduct=403c, bcdDevice=cc.d7
[  203.885975][ T5894] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  203.896933][ T5839] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  203.897197][ T5894] usb 1-1: config 0 descriptor??
[  203.916799][ T5894] gspca_main: sq930x-2.14.0 probing 041e:403c
[  205.450997][ T5894] gspca_sq930x: reg_w 0105 bf00 failed -110
[  205.465767][   T71] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  205.670496][ T5894] sq930x 1-1:0.0: probe with driver sq930x failed with error -110
[  205.933187][ T7052] input: syz0 as /devices/virtual/input/input6
[  206.530717][ T7050] loop1: detected capacity change from 0 to 2048
[  206.728739][ T7058] loop2: detected capacity change from 0 to 32768
[  206.877436][ T5958] usb 1-1: USB disconnect, device number 3
[  206.937245][ T7058] bcachefs (loop2): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,journal_flush_disabled,fix_errors=yes,norecovery,version_upgrade=none
[  206.956931][ T7058] bcachefs (loop2): recovering from clean shutdown, journal seq 10
[  206.965227][ T7058] bcachefs (loop2): Version upgrade required:
[  206.965227][ T7058] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[  206.965227][ T7058] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.25: extent_flags
[  206.965227][ T7058]   running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance
[  207.100898][ T7058] bcachefs (loop2): bcachefs (loop2): error validating btree node at btree alloc level 0/0
[  207.100932][ T7058]   u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq ac62141f8dc7e261 written 24 min_key POS_MIN durability: 1 ptr: 0:26:0 gen 0
[  207.100950][ T7058]   node offset 8/24 bset u64s 375 bset byte offset 184: keys out of order: u64s 11 type alloc_v4 0:32:0 len 0 ver 0 > u64s 11 type alloc_v4 0:2:0 len 0 ver 0, fixing
[  207.145496][ T7058] bcachefs (loop2): btree_node_read_work: rewriting btree node at due to error
[  207.145496][ T7058]   btree=alloc level=0 u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq ac62141f8dc7e261 written 24 min_key POS_MIN durability: 1 ptr: 0:26:0 gen 0
[  207.191890][ T7058] bcachefs (loop2): accounting_read...
[  207.197105][ T7068] loop4: detected capacity change from 0 to 764
[  207.218421][ T7058]  done
[  207.221293][ T7058] bcachefs (loop2): alloc_read... done
[  207.227291][ T7058] bcachefs (loop2): snapshots_read... done
[  207.234092][ T7058] bcachefs (loop2): Fixed errors, running fsck a second time to verify fs is clean
[  207.244241][ T7058] bcachefs (loop2): done starting filesystem
[  207.258074][ T7070] FAULT_INJECTION: forcing a failure.
[  207.258074][ T7070] name failslab, interval 1, probability 0, space 0, times 0
[  207.321390][ T7068] rock: directory entry would overflow storage
[  207.341272][ T7070] CPU: 1 UID: 0 PID: 7070 Comm: syz.3.258 Not tainted 6.14.0-next-20250404-syzkaller #0 PREEMPT(full) 
[  207.341302][ T7070] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  207.341314][ T7070] Call Trace:
[  207.341323][ T7070]  <TASK>
[  207.341332][ T7070]  dump_stack_lvl+0x241/0x360
[  207.341371][ T7070]  ? __pfx_dump_stack_lvl+0x10/0x10
[  207.341403][ T7070]  ? __pfx__printk+0x10/0x10
[  207.341438][ T7070]  ? __pfx___might_resched+0x10/0x10
[  207.341471][ T7070]  should_fail_ex+0x424/0x570
[  207.341509][ T7070]  should_failslab+0xac/0x100
[  207.341551][ T7070]  __kmalloc_node_noprof+0xe7/0x4d0
[  207.341582][ T7070]  ? alloc_slab_obj_exts+0x3a/0xa0
[  207.341616][ T7070]  alloc_slab_obj_exts+0x3a/0xa0
[  207.341646][ T7070]  __memcg_slab_post_alloc_hook+0x31c/0x7e0
[  207.341689][ T7070]  kmem_cache_alloc_node_noprof+0x2ac/0x3b0
[  207.341721][ T7070]  ? __alloc_skb+0x1c2/0x480
[  207.341756][ T7070]  __alloc_skb+0x1c2/0x480
[  207.341786][ T7070]  ? __lock_acquire+0xad5/0xd80
[  207.341811][ T7070]  ? __pfx___alloc_skb+0x10/0x10
[  207.341847][ T7070]  ? process_measurement+0x7c2/0x1fe0
[  207.341877][ T7070]  alloc_skb_with_frags+0xc3/0x830
[  207.341895][ T7070]  ? up_write+0x1ab/0x590
[  207.341928][ T7070]  ? __pfx_up_write+0x10/0x10
[  207.341952][ T7070]  ? ima_get_action+0x75/0xb0
[  207.341984][ T7070]  sock_alloc_send_pskb+0x91c/0xa70
[  207.342028][ T7070]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  207.342055][ T7070]  ? __pfx_process_measurement+0x10/0x10
[  207.342083][ T7070]  ? tomoyo_check_open_permission+0x209/0x4f0
[  207.342113][ T7070]  unix_dgram_sendmsg+0x6d4/0x1ea0
[  207.342157][ T7070]  ? tomoyo_socket_sendmsg_permission+0x285/0x420
[  207.342194][ T7070]  ? __pfx_unix_dgram_sendmsg+0x10/0x10
[  207.342226][ T7070]  ? __import_iovec+0x3c2/0x830
[  207.342253][ T7070]  ? aa_sock_msg_perm+0xd9/0x1d0
[  207.342284][ T7070]  ? __pfx_unix_dgram_sendmsg+0x10/0x10
[  207.342310][ T7070]  __sock_sendmsg+0x221/0x270
[  207.342339][ T7070]  ____sys_sendmsg+0x523/0x860
[  207.342368][ T7070]  ? __pfx_____sys_sendmsg+0x10/0x10
[  207.342386][ T7070]  ? __fget_files+0x2a/0x420
[  207.342410][ T7070]  ? __fget_files+0x2a/0x420
[  207.342442][ T7070]  __sys_sendmmsg+0x3a0/0x7b0
[  207.342474][ T7070]  ? __pfx___sys_sendmmsg+0x10/0x10
[  207.342542][ T7070]  ? rcu_read_lock_any_held+0xbb/0x160
[  207.342571][ T7070]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  207.342602][ T7070]  ? vfs_write+0xb29/0xd10
[  207.342638][ T7070]  ? ksys_write+0x24e/0x2d0
[  207.342671][ T7070]  ? __mutex_unlock_slowpath+0x229/0x800
[  207.342729][ T7070]  ? ksys_write+0x275/0x2d0
[  207.342770][ T7070]  __x64_sys_sendmmsg+0xa0/0xb0
[  207.342794][ T7070]  do_syscall_64+0xf3/0x230
[  207.342821][ T7070]  ? clear_bhb_loop+0x45/0xa0
[  207.342846][ T7070]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  207.342866][ T7070] RIP: 0033:0x7f0687b8d169
[  207.342884][ T7070] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  207.342900][ T7070] RSP: 002b:00007f0688951038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  207.342923][ T7070] RAX: ffffffffffffffda RBX: 00007f0687da5fa0 RCX: 00007f0687b8d169
[  207.342938][ T7070] RDX: 0000000004000190 RSI: 0000200000000180 RDI: 0000000000000003
[  207.342951][ T7070] RBP: 00007f0688951090 R08: 0000000000000000 R09: 0000000000000000
[  207.342963][ T7070] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  207.342975][ T7070] R13: 0000000000000000 R14: 00007f0687da5fa0 R15: 00007ffd342935d8
[  207.343008][ T7070]  </TASK>
[  207.361489][ T7068] rock: sig=0x4654, size=5, remaining=4
[  207.477673][ T7074] loop1: detected capacity change from 0 to 4096
[  207.568001][ T7074] ntfs3: Unknown parameter 'ioc�arset'
[  207.697896][ T7059] capability: warning: `syz.2.255' uses 32-bit capabilities (legacy support in use)
[  207.797675][ T7058] netlink: 144 bytes leftover after parsing attributes in process `syz.2.255'.
[  207.924800][ T5855] bcachefs (loop2): shutting down
[  208.076882][ T5855] bcachefs (loop2): shutdown complete
[  208.107347][ T7073] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  208.254345][ T7085] autofs: Unknown parameter ''
[  208.330380][ T7090] dccp_invalid_packet: P.Data Offset(3) too small
[  208.404340][ T1164] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  209.707589][   T24] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  210.495009][ T7087] loop3: detected capacity change from 0 to 32768
[  210.522158][ T7103] input: syz0 as /devices/virtual/input/input7
[  210.545872][   T24] usb 5-1: Using ep0 maxpacket: 8
[  210.567556][ T6129] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  210.584028][ T7087] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.262 (7087)
[  210.716727][   T24] usb 5-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[  210.783187][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  210.866898][   T24] usb 5-1: Product: syz
[  210.907384][   T24] usb 5-1: Manufacturer: syz
[  210.950350][   T24] usb 5-1: SerialNumber: syz
[  211.004454][ T7087] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  211.031887][ T7105] vimc link validate: Sensor A:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 0:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  211.183777][ T7087] BTRFS info (device loop3): using crc32c (crc32c-x86_64) checksum algorithm
[  211.259995][   T24] usb 5-1: config 0 descriptor??
[  211.293768][ T7087] BTRFS info (device loop3): using free-space-tree
[  211.423432][ T7087] workqueue: Failed to create a rescuer kthread for wq "btrfs-worker": -EINTR
[  211.449983][ T7087] workqueue: Failed to create a rescuer kthread for wq "btrfs-delalloc": -EINTR
[  211.550421][   T24] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state.
[  211.594140][ T7087] workqueue: Failed to create a rescuer kthread for wq "btrfs-flush_delalloc": -EINTR
[  211.612402][ T7087] workqueue: Failed to create a rescuer kthread for wq "btrfs-cache": -EINTR
[  211.728470][ T7087] workqueue: Failed to create a rescuer kthread for wq "btrfs-fixup": -EINTR
[  211.755490][   T24] usb 5-1: setting power ON
[  211.791465][ T7087] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio": -EINTR
[  211.791873][ T7087] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-meta": -EINTR
[  211.807544][ T7087] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR
[  211.843504][ T7087] workqueue: Failed to create a rescuer kthread for wq "btrfs-compressed-write": -EINTR
[  211.871684][ T7116] loop1: detected capacity change from 0 to 1764
[  211.881839][   T24] dvb-usb: bulk message failed: -22 (2/0)
[  211.893343][ T7116] iso9660: Bad value for 'session'
[  211.930169][   T24] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  211.964593][   T24] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID))
[  211.987633][   T24] usb 5-1: media controller created
[  212.025441][ T7087] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR
[  212.040785][   T24] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  212.081855][ T7087] BTRFS error (device loop3): open_ctree failed: -12
[  212.143813][   T24] usb 5-1: selecting invalid altsetting 6
[  212.184017][   T24] usb 5-1: digital interface selection failed (-22)
[  212.208778][   T24] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)'
[  212.261667][   T24] usb 5-1: setting power OFF
[  212.285117][   T24] dvb-usb: bulk message failed: -22 (2/0)
[  212.319769][   T24] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected.
[  212.364468][   T24] (NULL device *): no alternate interface
[  213.149535][   T24] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected.
[  213.264303][   T24] usb 5-1: USB disconnect, device number 5
[  213.341490][ T7132] veth1_to_hsr: entered promiscuous mode
[  213.360760][ T7130] veth1_to_hsr: left promiscuous mode
[  213.459786][   T71] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  213.609126][   T24] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  213.849737][   T24] usb 5-1: Using ep0 maxpacket: 32
[  213.895996][   T24] usb 5-1: config 0 has an invalid interface number: 184 but max is 0
[  213.934926][   T24] usb 5-1: config 0 has no interface number 0
[  213.962729][   T24] usb 5-1: config 0 interface 184 has no altsetting 0
[  213.997028][   T24] usb 5-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  214.008354][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  214.022507][   T24] usb 5-1: Product: syz
[  214.070484][   T24] usb 5-1: Manufacturer: syz
[  214.083786][   T24] usb 5-1: SerialNumber: syz
[  214.101195][   T24] usb 5-1: config 0 descriptor??
[  214.129792][   T24] smsc75xx v1.0.0
[  214.333408][ T7139] FAULT_INJECTION: forcing a failure.
[  214.333408][ T7139] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  214.346605][ T7139] CPU: 0 UID: 0 PID: 7139 Comm: syz.0.274 Not tainted 6.14.0-next-20250404-syzkaller #0 PREEMPT(full) 
[  214.346633][ T7139] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  214.346646][ T7139] Call Trace:
[  214.346656][ T7139]  <TASK>
[  214.346665][ T7139]  dump_stack_lvl+0x241/0x360
[  214.346705][ T7139]  ? __pfx_dump_stack_lvl+0x10/0x10
[  214.346736][ T7139]  ? __pfx__printk+0x10/0x10
[  214.346778][ T7139]  should_fail_ex+0x424/0x570
[  214.346816][ T7139]  _copy_to_user+0x31/0xb0
[  214.346846][ T7139]  simple_read_from_buffer+0xc4/0x170
[  214.346885][ T7139]  proc_fail_nth_read+0x1ef/0x260
[  214.346914][ T7139]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  214.346950][ T7139]  ? rw_verify_area+0x246/0x630
[  214.346975][ T7139]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  214.347002][ T7139]  vfs_read+0x21f/0xb90
[  214.347034][ T7139]  ? __pfx___mutex_lock+0x10/0x10
[  214.347064][ T7139]  ? __pfx_vfs_read+0x10/0x10
[  214.347093][ T7139]  ? __fget_files+0x2a/0x420
[  214.347117][ T7139]  ? __fget_files+0x39d/0x420
[  214.347137][ T7139]  ? __fget_files+0x2a/0x420
[  214.347169][ T7139]  ksys_read+0x19d/0x2d0
[  214.347199][ T7139]  ? __pfx_ksys_read+0x10/0x10
[  214.347233][ T7139]  ? do_syscall_64+0xb6/0x230
[  214.347264][ T7139]  do_syscall_64+0xf3/0x230
[  214.347292][ T7139]  ? clear_bhb_loop+0x45/0xa0
[  214.347317][ T7139]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  214.347338][ T7139] RIP: 0033:0x7fe3b938bb7c
[  214.347357][ T7139] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  214.347373][ T7139] RSP: 002b:00007fe3b71f6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  214.347396][ T7139] RAX: ffffffffffffffda RBX: 00007fe3b95a6160 RCX: 00007fe3b938bb7c
[  214.347412][ T7139] RDX: 000000000000000f RSI: 00007fe3b71f60a0 RDI: 0000000000000007
[  214.347424][ T7139] RBP: 00007fe3b71f6090 R08: 0000000000000000 R09: 0000000000000000
[  214.347437][ T7139] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  214.347449][ T7139] R13: 0000000000000000 R14: 00007fe3b95a6160 R15: 00007ffd292155a8
[  214.347482][ T7139]  </TASK>
[  214.885976][ T7142] mac80211_hwsim hwsim6 syzkaller0: entered promiscuous mode
[  215.386540][ T7128] loop3: detected capacity change from 0 to 32768
[  215.416757][   T24] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -32
[  215.439324][   T24] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  215.454790][ T7128] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.270 (7128)
[  216.499692][ T7152] loop1: detected capacity change from 0 to 2048
[  216.505062][ T1164] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  217.015726][ T7161] input: syz0 as /devices/virtual/input/input8
[  217.640153][ T7164] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  218.438351][ T7170] loop1: detected capacity change from 0 to 8
[  218.457230][ T7170] SQUASHFS error: xz decompression failed, data probably corrupt
[  218.465272][ T7170] SQUASHFS error: Failed to read block 0x108: -5
[  218.471641][ T7170] SQUASHFS error: Unable to read metadata cache entry [106]
[  218.479963][ T7170] SQUASHFS error: Unable to read inode 0x11f
[  218.871032][ T7173] loop3: detected capacity change from 0 to 2048
[  219.593739][   T24] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000010: -71
[  219.621926][ T6130] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  219.684563][ T5953] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  219.738322][   T24] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Failed to read HW_CFG: -71
[  219.760696][ T7173] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  219.790315][   T24] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[  219.826536][   T24] smsc75xx 5-1:0.184: probe with driver smsc75xx failed with error -71
[  219.926138][ T5953] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  221.236016][ T5953] usb 3-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  221.281282][ T5953] usb 3-1: Dual-Role OTG device on HNP port
[  221.306299][ T5953] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  221.315900][ T5953] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  221.378704][   T24] usb 5-1: USB disconnect, device number 6
[  221.418578][ T5839] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.458361][ T5953] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  221.620523][ T6130] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  222.112179][ T5953] snd-usb-audio 3-1:27.0: probe with driver snd-usb-audio failed with error -2
[  222.188895][ T5953] usb 3-1: USB disconnect, device number 4
[  222.249034][ T7199] netlink: 8 bytes leftover after parsing attributes in process `syz.3.289'.
[  222.297636][ T7199] gretap0: entered promiscuous mode
[  222.306607][ T7199] gretap0: left promiscuous mode
[  222.432037][ T5844] udevd[5844]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  223.483296][ T7210] FAULT_INJECTION: forcing a failure.
[  223.483296][ T7210] name failslab, interval 1, probability 0, space 0, times 0
[  223.587729][ T7193] loop4: detected capacity change from 0 to 32768
[  223.606612][ T7210] CPU: 1 UID: 0 PID: 7210 Comm: syz.2.295 Not tainted 6.14.0-next-20250404-syzkaller #0 PREEMPT(full) 
[  223.606644][ T7210] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  223.606657][ T7210] Call Trace:
[  223.606665][ T7210]  <TASK>
[  223.606674][ T7210]  dump_stack_lvl+0x241/0x360
[  223.606714][ T7210]  ? __pfx_dump_stack_lvl+0x10/0x10
[  223.606746][ T7210]  ? __pfx__printk+0x10/0x10
[  223.606780][ T7210]  ? __pfx___might_resched+0x10/0x10
[  223.606814][ T7210]  should_fail_ex+0x424/0x570
[  223.606851][ T7210]  should_failslab+0xac/0x100
[  223.606886][ T7210]  __kmalloc_node_noprof+0xe7/0x4d0
[  223.606919][ T7210]  ? alloc_slab_obj_exts+0x3a/0xa0
[  223.606954][ T7210]  alloc_slab_obj_exts+0x3a/0xa0
[  223.607010][ T7210]  __memcg_slab_post_alloc_hook+0x31c/0x7e0
[  223.607054][ T7210]  kmem_cache_alloc_node_noprof+0x2ac/0x3b0
[  223.607087][ T7210]  ? __alloc_skb+0x1c2/0x480
[  223.607131][ T7210]  __alloc_skb+0x1c2/0x480
[  223.607163][ T7210]  ? __lock_acquire+0xad5/0xd80
[  223.607189][ T7210]  ? __pfx___alloc_skb+0x10/0x10
[  223.607228][ T7210]  ? process_measurement+0x7c2/0x1fe0
[  223.607260][ T7210]  alloc_skb_with_frags+0xc3/0x830
[  223.607281][ T7210]  ? up_write+0x1ab/0x590
[  223.607316][ T7210]  ? __pfx_up_write+0x10/0x10
[  223.607342][ T7210]  ? ima_get_action+0x75/0xb0
[  223.607375][ T7210]  sock_alloc_send_pskb+0x91c/0xa70
[  223.607420][ T7210]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  223.607449][ T7210]  ? __pfx_process_measurement+0x10/0x10
[  223.607479][ T7210]  ? tomoyo_check_open_permission+0x209/0x4f0
[  223.607510][ T7210]  unix_dgram_sendmsg+0x6d4/0x1ea0
[  223.607556][ T7210]  ? tomoyo_socket_sendmsg_permission+0x285/0x420
[  223.607594][ T7210]  ? __pfx_unix_dgram_sendmsg+0x10/0x10
[  223.607629][ T7210]  ? __import_iovec+0x3c2/0x830
[  223.607662][ T7210]  ? aa_sock_msg_perm+0xd9/0x1d0
[  223.607688][ T7210]  ? unix_seqpacket_sendmsg+0x110/0x1e0
[  223.607723][ T7210]  ? __pfx_unix_seqpacket_sendmsg+0x10/0x10
[  223.607751][ T7210]  __sock_sendmsg+0x221/0x270
[  223.607781][ T7210]  ____sys_sendmsg+0x523/0x860
[  223.607817][ T7210]  ? __pfx_____sys_sendmsg+0x10/0x10
[  223.607836][ T7210]  ? __fget_files+0x2a/0x420
[  223.607862][ T7210]  ? __fget_files+0x2a/0x420
[  223.607894][ T7210]  __sys_sendmmsg+0x3a0/0x7b0
[  223.607928][ T7210]  ? __pfx___sys_sendmmsg+0x10/0x10
[  223.607989][ T7210]  ? rcu_read_lock_any_held+0xbb/0x160
[  223.608019][ T7210]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  223.608053][ T7210]  ? vfs_write+0xb29/0xd10
[  223.608090][ T7210]  ? ksys_write+0x24e/0x2d0
[  223.608120][ T7210]  ? __mutex_unlock_slowpath+0x229/0x800
[  223.608182][ T7210]  ? ksys_write+0x275/0x2d0
[  223.608221][ T7210]  __x64_sys_sendmmsg+0xa0/0xb0
[  223.608245][ T7210]  do_syscall_64+0xf3/0x230
[  223.608273][ T7210]  ? clear_bhb_loop+0x45/0xa0
[  223.608299][ T7210]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  223.608319][ T7210] RIP: 0033:0x7fcee918d169
[  223.608339][ T7210] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  223.608357][ T7210] RSP: 002b:00007fceea08a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  223.608380][ T7210] RAX: ffffffffffffffda RBX: 00007fcee93a5fa0 RCX: 00007fcee918d169
[  223.608396][ T7210] RDX: 0000000000000001 RSI: 0000200000000400 RDI: 0000000000000003
[  223.608409][ T7210] RBP: 00007fceea08a090 R08: 0000000000000000 R09: 0000000000000000
[  223.608422][ T7210] R10: 0000000004000040 R11: 0000000000000246 R12: 0000000000000001
[  223.608435][ T7210] R13: 0000000000000000 R14: 00007fcee93a5fa0 R15: 00007ffeae79e928
[  223.608467][ T7210]  </TASK>
[  223.957481][ T7208] loop3: detected capacity change from 0 to 32768
[  224.013288][ T7208] (syz.3.294,7208,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  224.028825][ T7208] (syz.3.294,7208,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  224.066631][ T7193] BTRFS: device /dev/loop4 (7:4) using temp-fsid b55ce0d8-d105-49a3-8477-d5870f58b352
[  224.076460][ T7193] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.288 (7193)
[  224.097387][ T7193] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  224.107666][ T7193] BTRFS info (device loop4): using crc32c (crc32c-x86_64) checksum algorithm
[  224.123289][ T7193] BTRFS info (device loop4): using free-space-tree
[  224.140896][ T7208] JBD2: Ignoring recovery information on journal
[  224.209036][ T7208] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  224.367757][ T7193] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR
[  225.006122][ T7240] loop1: detected capacity change from 0 to 40427
[  225.095007][ T7240] F2FS-fs (loop1): build fault injection attr: rate: 771, type: 0x3fffff
[  225.111817][   T63] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  225.143570][ T7240] F2FS-fs (loop1): invalid crc value
[  225.162664][ T7193] BTRFS error (device loop4): open_ctree failed: -12
[  225.256514][ T7240] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  225.294778][ T5839] ocfs2: Unmounting device (7,3) on (node local)
[  226.617558][ T7264] FAULT_INJECTION: forcing a failure.
[  226.617558][ T7264] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  226.670935][ T7264] CPU: 1 UID: 0 PID: 7264 Comm: syz.3.304 Not tainted 6.14.0-next-20250404-syzkaller #0 PREEMPT(full) 
[  226.670966][ T7264] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  226.670983][ T7264] Call Trace:
[  226.670991][ T7264]  <TASK>
[  226.671000][ T7264]  dump_stack_lvl+0x241/0x360
[  226.671046][ T7264]  ? __pfx_dump_stack_lvl+0x10/0x10
[  226.671078][ T7264]  ? __pfx__printk+0x10/0x10
[  226.671120][ T7264]  should_fail_ex+0x424/0x570
[  226.671159][ T7264]  _copy_to_user+0x31/0xb0
[  226.671195][ T7264]  vfs_readlink+0x1d6/0x580
[  226.671234][ T7264]  ? __pfx_vfs_readlink+0x10/0x10
[  226.671267][ T7264]  ? touch_atime+0xf8/0x690
[  226.671292][ T7264]  ? getname_flags+0x1e2/0x530
[  226.671311][ T7264]  ? bpf_lsm_inode_readlink+0x9/0x10
[  226.671337][ T7264]  do_readlinkat+0x241/0x380
[  226.671369][ T7264]  ? __pfx_do_readlinkat+0x10/0x10
[  226.671408][ T7264]  __x64_sys_readlink+0x7f/0x90
[  226.671433][ T7264]  do_syscall_64+0xf3/0x230
[  226.671462][ T7264]  ? clear_bhb_loop+0x45/0xa0
[  226.671486][ T7264]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  226.671506][ T7264] RIP: 0033:0x7f0687b8d169
[  226.671524][ T7264] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  226.671542][ T7264] RSP: 002b:00007f0688951038 EFLAGS: 00000246 ORIG_RAX: 0000000000000059
[  226.671565][ T7264] RAX: ffffffffffffffda RBX: 00007f0687da5fa0 RCX: 00007f0687b8d169
[  226.671580][ T7264] RDX: 00000000000000bd RSI: 0000200000001200 RDI: 00002000000000c0
[  226.671594][ T7264] RBP: 00007f0688951090 R08: 0000000000000000 R09: 0000000000000000
[  226.671608][ T7264] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  226.671620][ T7264] R13: 0000000000000000 R14: 00007f0687da5fa0 R15: 00007ffd342935d8
[  226.671652][ T7264]  </TASK>
[  227.008589][   T71] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  227.242094][ T7274] input: syz0 as /devices/virtual/input/input9
[  228.974532][ T7284] netlink: 12 bytes leftover after parsing attributes in process `syz.2.311'.
[  229.048836][ T7284] Bluetooth: MGMT ver 1.23
[  229.264329][ T7269] loop4: detected capacity change from 0 to 32768
[  229.302862][ T7269] XFS (loop4): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  229.365620][ T7298] FAULT_INJECTION: forcing a failure.
[  229.365620][ T7298] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  229.381199][ T7298] CPU: 1 UID: 0 PID: 7298 Comm: syz.2.313 Not tainted 6.14.0-next-20250404-syzkaller #0 PREEMPT(full) 
[  229.381229][ T7298] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  229.381242][ T7298] Call Trace:
[  229.381251][ T7298]  <TASK>
[  229.381260][ T7298]  dump_stack_lvl+0x241/0x360
[  229.381300][ T7298]  ? __pfx_dump_stack_lvl+0x10/0x10
[  229.381331][ T7298]  ? __pfx__printk+0x10/0x10
[  229.381376][ T7298]  should_fail_ex+0x424/0x570
[  229.381414][ T7298]  _copy_from_user+0x2d/0xb0
[  229.381440][ T7298]  ? __pfx_vlan_ioctl_handler+0x10/0x10
[  229.381462][ T7298]  vlan_ioctl_handler+0xa7/0xa20
[  229.381483][ T7298]  ? __pfx___mutex_lock+0x10/0x10
[  229.381512][ T7298]  ? __pfx_vlan_ioctl_handler+0x10/0x10
[  229.381548][ T7298]  ? __pfx_vlan_ioctl_handler+0x10/0x10
[  229.381573][ T7298]  sock_ioctl+0x6f0/0x900
[  229.381600][ T7298]  ? __pfx_sock_ioctl+0x10/0x10
[  229.381622][ T7298]  ? __fget_files+0x2a/0x420
[  229.381643][ T7298]  ? __fget_files+0x2a/0x420
[  229.381668][ T7298]  ? __fget_files+0x2a/0x420
[  229.381695][ T7298]  ? __pfx_sock_ioctl+0x10/0x10
[  229.381721][ T7298]  __se_sys_ioctl+0xf1/0x160
[  229.381752][ T7298]  do_syscall_64+0xf3/0x230
[  229.381781][ T7298]  ? clear_bhb_loop+0x45/0xa0
[  229.381806][ T7298]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  229.381826][ T7298] RIP: 0033:0x7fcee918d169
[  229.381845][ T7298] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  229.381863][ T7298] RSP: 002b:00007fceea08a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  229.381890][ T7298] RAX: ffffffffffffffda RBX: 00007fcee93a5fa0 RCX: 00007fcee918d169
[  229.381913][ T7298] RDX: 0000200000000900 RSI: 0000000000008982 RDI: 0000000000000003
[  229.381927][ T7298] RBP: 00007fceea08a090 R08: 0000000000000000 R09: 0000000000000000
[  229.381940][ T7298] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  229.381953][ T7298] R13: 0000000000000000 R14: 00007fcee93a5fa0 R15: 00007ffeae79e928
[  229.381992][ T7298]  </TASK>
[  229.453821][ T5958] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  229.631993][ T7269] XFS (loop4): Ending clean mount
[  229.662710][ T7269] XFS (loop4): Quotacheck needed: Please wait.
[  229.791758][ T7269] XFS (loop4): Quotacheck: Done.
[  229.808945][ T7302] loop2: detected capacity change from 0 to 16
[  229.831846][ T7302] erofs (device loop2): unsupported chunk format ffff of nid 36
[  229.845214][ T5958] usb 1-1: Using ep0 maxpacket: 8
[  229.912704][ T5958] usb 1-1: config 0 has an invalid interface number: 145 but max is 0
[  229.934316][ T5958] usb 1-1: config 0 has no interface number 0
[  229.965132][ T5958] usb 1-1: New USB device found, idVendor=2833, idProduct=0201, bcdDevice=d8.06
[  230.001001][ T5958] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  230.034377][ T5958] usb 1-1: Product: syz
[  230.038604][ T5958] usb 1-1: Manufacturer: syz
[  230.101697][ T5958] usb 1-1: SerialNumber: syz
[  230.130619][ T5958] usb 1-1: config 0 descriptor??
[  230.477001][ T7301] loop3: detected capacity change from 0 to 32768
[  230.503359][ T7301] FAULT_INJECTION: forcing a failure.
[  230.503359][ T7301] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  230.545033][ T7301] CPU: 1 UID: 0 PID: 7301 Comm: syz.3.315 Not tainted 6.14.0-next-20250404-syzkaller #0 PREEMPT(full) 
[  230.545068][ T7301] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  230.545082][ T7301] Call Trace:
[  230.545090][ T7301]  <TASK>
[  230.545100][ T7301]  dump_stack_lvl+0x241/0x360
[  230.545139][ T7301]  ? __pfx_dump_stack_lvl+0x10/0x10
[  230.545169][ T7301]  ? __pfx__printk+0x10/0x10
[  230.545214][ T7301]  should_fail_ex+0x424/0x570
[  230.545251][ T7301]  strncpy_from_user+0x36/0x280
[  230.545286][ T7301]  path_setxattrat+0x20e/0x4c0
[  230.545320][ T7301]  ? __pfx_path_setxattrat+0x10/0x10
[  230.545388][ T7301]  ? ksys_write+0x275/0x2d0
[  230.545427][ T7301]  __x64_sys_setxattr+0xbc/0xe0
[  230.545453][ T7301]  do_syscall_64+0xf3/0x230
[  230.545483][ T7301]  ? clear_bhb_loop+0x45/0xa0
[  230.545508][ T7301]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  230.545528][ T7301] RIP: 0033:0x7f0687b8d169
[  230.545554][ T7301] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  230.545571][ T7301] RSP: 002b:00007f0688951038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc
[  230.545593][ T7301] RAX: ffffffffffffffda RBX: 00007f0687da5fa0 RCX: 00007f0687b8d169
[  230.545609][ T7301] RDX: 00002000000003c0 RSI: 0000200000000340 RDI: 0000200000000180
[  230.545624][ T7301] RBP: 00007f0688951090 R08: 0000000000000000 R09: 0000000000000000
[  230.545637][ T7301] R10: 000000000000fffe R11: 0000000000000246 R12: 0000000000000001
[  230.545650][ T7301] R13: 0000000000000000 R14: 00007f0687da5fa0 R15: 00007ffd342935d8
[  230.545683][ T7301]  </TASK>
[  230.559419][ T5850] XFS (loop4): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  230.854776][ T1164] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  232.302827][ T7308] loop3: detected capacity change from 0 to 32768
[  232.362773][ T7308] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  233.126697][ T7308] BTRFS info (device loop3): using crc32c (crc32c-x86_64) checksum algorithm
[  233.136361][ T7308] BTRFS info (device loop3): using free-space-tree
[  233.168707][ T1164] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  233.207134][ T5958] usb 1-1: USB disconnect, device number 4
[  233.663187][ T7338] netlink: 'syz.0.321': attribute type 39 has an invalid length.
[  233.678857][ T7314] loop4: detected capacity change from 0 to 32768
[  234.172863][ T5849] syz-executor: attempt to access beyond end of device
[  234.172863][ T5849] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  234.247013][ T5849] CPU: 1 UID: 0 PID: 5849 Comm: syz-executor Not tainted 6.14.0-next-20250404-syzkaller #0 PREEMPT(full) 
[  234.247045][ T5849] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  234.247059][ T5849] Call Trace:
[  234.247068][ T5849]  <TASK>
[  234.247078][ T5849]  dump_stack_lvl+0x241/0x360
[  234.247121][ T5849]  ? __pfx_dump_stack_lvl+0x10/0x10
[  234.247154][ T5849]  ? _raw_spin_unlock_irqrestore+0xde/0x140
[  234.247194][ T5849]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  234.247223][ T5849]  ? f2fs_hw_is_readonly+0x3a3/0x470
[  234.247267][ T5849]  f2fs_handle_critical_error+0x392/0x5a0
[  234.247301][ T5849]  f2fs_write_end_io+0x563/0x790
[  234.247336][ T5849]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  234.247367][ T5849]  ? bio_endio+0x7e4/0x890
[  234.247392][ T5849]  ? bio_endio+0x82a/0x890
[  234.247419][ T5849]  __submit_merged_bio+0x2a9/0x710
[  234.247450][ T5849]  ? f2fs_submit_merged_write_cond+0x101/0x380
[  234.247493][ T5849]  f2fs_submit_merged_write_cond+0x29f/0x380
[  234.247542][ T5849]  f2fs_write_data_pages+0x2f99/0x38d0
[  234.247620][ T5849]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  234.247660][ T5849]  ? __pfx_stack_trace_save+0x10/0x10
[  234.247689][ T5849]  ? __bfs+0x14a/0x270
[  234.247753][ T5849]  ? _raw_spin_unlock_irqrestore+0xde/0x140
[  234.247810][ T5849]  ? __lock_acquire+0xad5/0xd80
[  234.247842][ T5849]  ? do_raw_spin_lock+0x151/0x370
[  234.247886][ T5849]  ? do_raw_spin_unlock+0x13c/0x8b0
[  234.247924][ T5849]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  234.247952][ T5849]  do_writepages+0x364/0x890
[  234.247989][ T5849]  ? __pfx_do_writepages+0x10/0x10
[  234.248011][ T5849]  ? __lock_acquire+0xad5/0xd80
[  234.248042][ T5849]  ? do_raw_spin_lock+0x151/0x370
[  234.248090][ T5849]  ? do_raw_spin_unlock+0x13c/0x8b0
[  234.248134][ T5849]  filemap_fdatawrite+0x1f2/0x2a0
[  234.248165][ T5849]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  234.248326][ T5849]  ? do_raw_spin_unlock+0x13c/0x8b0
[  234.248370][ T5849]  f2fs_sync_dirty_inodes+0x34f/0x860
[  234.248417][ T5849]  f2fs_write_checkpoint+0x857/0x1da0
[  234.248469][ T5849]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  234.248553][ T5849]  ? kfree+0x198/0x430
[  234.248581][ T5849]  ? f2fs_stop_gc_thread+0x7f/0xb0
[  234.248610][ T5849]  ? kill_f2fs_super+0x290/0x6d0
[  234.248644][ T5849]  kill_f2fs_super+0x2b8/0x6d0
[  234.248680][ T5849]  ? __pfx_kill_f2fs_super+0x10/0x10
[  234.248717][ T5849]  ? shrinker_free+0x2ca/0x3d0
[  234.248751][ T5849]  deactivate_locked_super+0xc4/0x130
[  234.248781][ T5849]  cleanup_mnt+0x422/0x4c0
[  234.248808][ T5849]  ? lockdep_hardirqs_on+0x9d/0x150
[  234.248841][ T5849]  task_work_run+0x251/0x310
[  234.248871][ T5849]  ? __pfx_task_work_run+0x10/0x10
[  234.248898][ T5849]  ? syscall_exit_to_user_mode+0xa3/0x340
[  234.248931][ T5849]  syscall_exit_to_user_mode+0x13f/0x340
[  234.248964][ T5849]  do_syscall_64+0x100/0x230
[  234.248994][ T5849]  ? clear_bhb_loop+0x45/0xa0
[  234.249021][ T5849]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  234.249042][ T5849] RIP: 0033:0x7f9a7cd8e497
[  234.249062][ T5849] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  234.249081][ T5849] RSP: 002b:00007ffdb43156a8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  234.249104][ T5849] RAX: 0000000000000000 RBX: 00007f9a7ce0e08c RCX: 00007f9a7cd8e497
[  234.249119][ T5849] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdb4315760
[  234.249132][ T5849] RBP: 00007ffdb4315760 R08: 0000000000000000 R09: 0000000000000000
[  234.249145][ T5849] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffdb43167f0
[  234.249159][ T5849] R13: 00007f9a7ce0e08c R14: 000000000003707b R15: 00007ffdb4316830
[  234.249205][ T5849]  </TASK>
[  234.687153][ T5839] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  234.718298][ T5849] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  235.582294][ T5842] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  236.564058][ T7360] loop2: detected capacity change from 0 to 4096
[  236.600560][ T1164] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  236.625909][ T7360] ntfs3(loop2): Different NTFS sector size (2048) and media sector size (512).
[  239.343106][ T6129] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  240.121407][ T7381] loop3: detected capacity change from 0 to 16
[  240.192498][ T7381] erofs (device loop3): mounted with root inode @ nid 36.
[  240.299274][ T7381] erofs (device loop3): bogus lookback distance 1388 @ lcn 42 of nid 36
[  240.371792][ T7381] erofs (device loop3): failed to decompress -22 in[64, 4032] out[1851]
[  240.413291][ T7381] erofs (device loop3): read error -117 @ 43 of nid 36
[  240.440286][ T5842] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  240.557360][ T7382] erofs (device loop3): bogus lookback distance 1388 @ lcn 42 of nid 36
[  240.566569][ T7382] erofs (device loop3): failed to decompress -22 in[64, 4032] out[1851]
[  240.577304][ T7382] erofs (device loop3): read error -117 @ 43 of nid 36
[  242.182778][ T7394] pimreg: entered allmulticast mode
[  242.329813][ T7395] loop0: detected capacity change from 0 to 1024
[  242.440632][ T7395] hfsplus: bad catalog entry type
[  242.452054][   T13] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  244.728697][ T7400] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  244.753101][ T7400] netlink: 12 bytes leftover after parsing attributes in process `syz.1.337'.
[  245.481685][ T1164] hfsplus: b-tree write err: -5, ino 4
[  245.546283][ T7402] veth0_vlan: entered allmulticast mode
[  245.591430][   T13] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  245.871787][ T7412] loop3: detected capacity change from 0 to 16
[  245.882256][ T7412] erofs (device loop3): unsupported chunk format ffff of nid 36
[  245.992703][ T7415] loop2: detected capacity change from 0 to 1024
[  246.327446][ T7415] hfsplus: xattr searching failed
[  246.362087][ T7423] hfsplus: xattr searching failed
[  246.367415][   T30] audit: type=1800 audit(1743939185.631:9): pid=7415 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.342" name="file0" dev="loop2" ino=2 res=0 errno=0
[  246.767930][ T1164] hfsplus: b-tree write err: -5, ino 3
[  246.830668][ T7419] loop0: detected capacity change from 0 to 32768
[  246.844202][ T7419] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.344 (7419)
[  246.882808][ T7419] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  246.898486][ T7419] BTRFS info (device loop0): using crc32c (crc32c-x86_64) checksum algorithm
[  246.947024][ T7419] BTRFS info (device loop0): using free-space-tree
[  248.799779][ T7460] afs: Unknown parameter 'd9n��*'
[  248.804361][ T7460] overlayfs: failed to resolve './file1': -2
[  248.980443][ T7461] loop4: detected capacity change from 0 to 1024
[  249.070291][ T5840] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  249.123190][ T7463] input: syz0 as /devices/virtual/input/input10
[  249.142725][ T7463] input: failed to attach handler leds to device input10, error: -6
[  249.645316][ T7474] loop1: detected capacity change from 0 to 64
[  249.660570][ T7472] loop0: detected capacity change from 0 to 2048
[  249.803300][ T7474] hfs: request for non-existent node 16777216 in B*Tree
[  249.814736][ T7472] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  249.832586][ T7474] hfs: request for non-existent node 16777216 in B*Tree
[  249.844437][ T7474] hfs: request for non-existent node 16777216 in B*Tree
[  249.851686][ T7474] hfs: request for non-existent node 16777216 in B*Tree
[  249.861645][ T7472] ext4 filesystem being mounted at /75/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  249.863655][ T7474] hfs: request for non-existent node 16777216 in B*Tree
[  249.879496][ T7474] hfs: request for non-existent node 16777216 in B*Tree
[  249.900202][ T1164] hfsplus: b-tree write err: -5, ino 3
[  249.937397][ T7472] fs-verity: sha512 using implementation "sha512-avx2"
[  249.994542][ T7482] FAULT_INJECTION: forcing a failure.
[  249.994542][ T7482] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  250.031960][ T7479] loop2: detected capacity change from 0 to 2048
[  250.048830][ T6130] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  250.081704][ T7482] CPU: 0 UID: 0 PID: 7482 Comm: syz.0.356 Not tainted 6.14.0-next-20250404-syzkaller #0 PREEMPT(full) 
[  250.081737][ T7482] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  250.081757][ T7482] Call Trace:
[  250.081766][ T7482]  <TASK>
[  250.081775][ T7482]  dump_stack_lvl+0x241/0x360
[  250.081814][ T7482]  ? __pfx_dump_stack_lvl+0x10/0x10
[  250.081844][ T7482]  ? __pfx__printk+0x10/0x10
[  250.081895][ T7482]  should_fail_ex+0x424/0x570
[  250.081932][ T7482]  strncpy_from_user+0x36/0x280
[  250.081967][ T7482]  getname_flags+0xf0/0x530
[  250.081994][ T7482]  do_sys_openat2+0xbf/0x1d0
[  250.082019][ T7482]  ? __pfx_do_sys_openat2+0x10/0x10
[  250.082038][ T7482]  ? __fget_files+0x2a/0x420
[  250.082063][ T7482]  ? __fget_files+0x2a/0x420
[  250.082092][ T7482]  __x64_sys_openat+0x249/0x2a0
[  250.082116][ T7482]  ? __pfx___x64_sys_openat+0x10/0x10
[  250.082147][ T7482]  ? do_syscall_64+0xb6/0x230
[  250.082178][ T7482]  do_syscall_64+0xf3/0x230
[  250.082205][ T7482]  ? clear_bhb_loop+0x45/0xa0
[  250.082230][ T7482]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  250.082250][ T7482] RIP: 0033:0x7fe3b938d169
[  250.082268][ T7482] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  250.082284][ T7482] RSP: 002b:00007fe3ba10b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  250.082306][ T7482] RAX: ffffffffffffffda RBX: 00007fe3b95a6080 RCX: 00007fe3b938d169
[  250.082320][ T7482] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  250.082334][ T7482] RBP: 00007fe3ba10b090 R08: 0000000000000000 R09: 0000000000000000
[  250.082346][ T7482] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  250.082363][ T7482] R13: 0000000000000001 R14: 00007fe3b95a6080 R15: 00007ffd292155a8
[  250.082394][ T7482]  </TASK>
[  250.263655][    C0] vkms_vblank_simulate: vblank timer overrun
[  250.351494][ T7479] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  250.400267][ T5840] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  250.443097][ T7479] ext4 filesystem being mounted at /81/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  250.826014][ T5855] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  251.251247][ T7484] loop4: detected capacity change from 0 to 32768
[  251.403601][ T7498] hfs: can't find a HFS filesystem on dev nullb0
[  251.457647][   T13] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  251.484482][ T7484] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.358 (7484)
[  251.512078][ T7495] netlink: 'syz.2.361': attribute type 5 has an invalid length.
[  251.597925][ T7484] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  251.705912][ T7484] BTRFS info (device loop4): using crc32c (crc32c-x86_64) checksum algorithm
[  251.747326][ T7484] BTRFS info (device loop4): using free-space-tree
[  251.789023][ T7506] FAULT_INJECTION: forcing a failure.
[  251.789023][ T7506] name failslab, interval 1, probability 0, space 0, times 0
[  251.861107][ T7506] CPU: 0 UID: 0 PID: 7506 Comm: syz.3.362 Not tainted 6.14.0-next-20250404-syzkaller #0 PREEMPT(full) 
[  251.861141][ T7506] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  251.861155][ T7506] Call Trace:
[  251.861164][ T7506]  <TASK>
[  251.861173][ T7506]  dump_stack_lvl+0x241/0x360
[  251.861214][ T7506]  ? __pfx_dump_stack_lvl+0x10/0x10
[  251.861246][ T7506]  ? __pfx__printk+0x10/0x10
[  251.861281][ T7506]  ? __pfx___might_resched+0x10/0x10
[  251.861314][ T7506]  should_fail_ex+0x424/0x570
[  251.861353][ T7506]  should_failslab+0xac/0x100
[  251.861387][ T7506]  __kmalloc_noprof+0xdf/0x4d0
[  251.861418][ T7506]  ? tomoyo_encode+0x26f/0x540
[  251.861449][ T7506]  tomoyo_encode+0x26f/0x540
[  251.861482][ T7506]  tomoyo_realpath_from_path+0x59e/0x5e0
[  251.861523][ T7506]  tomoyo_path_number_perm+0x245/0x790
[  251.861550][ T7506]  ? tomoyo_path_number_perm+0x215/0x790
[  251.861574][ T7506]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  251.861604][ T7506]  ? ksys_write+0x24e/0x2d0
[  251.861640][ T7506]  ? __lock_acquire+0xad5/0xd80
[  251.861692][ T7506]  ? __fget_files+0x2a/0x420
[  251.861714][ T7506]  ? __fget_files+0x2a/0x420
[  251.861739][ T7506]  ? __fget_files+0x2a/0x420
[  251.861767][ T7506]  security_file_ioctl+0xc6/0x2a0
[  251.861803][ T7506]  __se_sys_ioctl+0x46/0x160
[  251.861834][ T7506]  do_syscall_64+0xf3/0x230
[  251.861864][ T7506]  ? clear_bhb_loop+0x45/0xa0
[  251.861889][ T7506]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  251.861910][ T7506] RIP: 0033:0x7f0687b8d169
[  251.861929][ T7506] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  251.861948][ T7506] RSP: 002b:00007f0688951038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  251.861971][ T7506] RAX: ffffffffffffffda RBX: 00007f0687da5fa0 RCX: 00007f0687b8d169
[  251.861986][ T7506] RDX: 0000200000000080 RSI: 00000000c0205649 RDI: 0000000000000004
[  251.862000][ T7506] RBP: 00007f0688951090 R08: 0000000000000000 R09: 0000000000000000
[  251.862014][ T7506] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  251.862026][ T7506] R13: 0000000000000000 R14: 00007f0687da5fa0 R15: 00007ffd342935d8
[  251.862064][ T7506]  </TASK>
[  251.862122][ T7506] ERROR: Out of memory at tomoyo_realpath_from_path.
[  252.031258][    C0] vkms_vblank_simulate: vblank timer overrun
[  253.108204][ T7534] FAULT_INJECTION: forcing a failure.
[  253.108204][ T7534] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  253.164756][ T7534] CPU: 1 UID: 0 PID: 7534 Comm: syz.0.366 Not tainted 6.14.0-next-20250404-syzkaller #0 PREEMPT(full) 
[  253.164785][ T7534] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  253.164799][ T7534] Call Trace:
[  253.164807][ T7534]  <TASK>
[  253.164816][ T7534]  dump_stack_lvl+0x241/0x360
[  253.164863][ T7534]  ? __pfx_dump_stack_lvl+0x10/0x10
[  253.164893][ T7534]  ? __pfx__printk+0x10/0x10
[  253.164937][ T7534]  should_fail_ex+0x424/0x570
[  253.164973][ T7534]  _copy_from_user+0x2d/0xb0
[  253.165001][ T7534]  drm_ioctl+0x593/0xbb0
[  253.165027][ T7534]  ? __lock_acquire+0xad5/0xd80
[  253.165049][ T7534]  ? __pfx_drm_mode_getencoder+0x10/0x10
[  253.165089][ T7534]  ? __pfx_drm_ioctl+0x10/0x10
[  253.165131][ T7534]  ? __fget_files+0x2a/0x420
[  253.165158][ T7534]  ? __pfx_drm_ioctl+0x10/0x10
[  253.165187][ T7534]  __se_sys_ioctl+0xf1/0x160
[  253.165217][ T7534]  do_syscall_64+0xf3/0x230
[  253.165246][ T7534]  ? clear_bhb_loop+0x45/0xa0
[  253.165271][ T7534]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  253.165290][ T7534] RIP: 0033:0x7fe3b938d169
[  253.165308][ T7534] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  253.165326][ T7534] RSP: 002b:00007fe3ba12c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  253.165352][ T7534] RAX: ffffffffffffffda RBX: 00007fe3b95a5fa0 RCX: 00007fe3b938d169
[  253.165366][ T7534] RDX: 0000200000000a00 RSI: 00000000c01464a6 RDI: 0000000000000003
[  253.165380][ T7534] RBP: 00007fe3ba12c090 R08: 0000000000000000 R09: 0000000000000000
[  253.165393][ T7534] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  253.165404][ T7534] R13: 0000000000000000 R14: 00007fe3b95a5fa0 R15: 00007ffd292155a8
[  253.165434][ T7534]  </TASK>
[  253.541586][ T7518] loop2: detected capacity change from 0 to 32768
[  253.564730][ T7518] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.364 (7518)
[  253.699652][ T7518] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  253.755568][ T7518] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  253.780213][ T7542] FAULT_INJECTION: forcing a failure.
[  253.780213][ T7542] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  253.825200][ T7518] BTRFS info (device loop2): using free-space-tree
[  253.841630][ T5850] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  253.856630][ T7542] CPU: 1 UID: 0 PID: 7542 Comm: syz.3.370 Not tainted 6.14.0-next-20250404-syzkaller #0 PREEMPT(full) 
[  253.856660][ T7542] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  253.856674][ T7542] Call Trace:
[  253.856683][ T7542]  <TASK>
[  253.856691][ T7542]  dump_stack_lvl+0x241/0x360
[  253.856732][ T7542]  ? __pfx_dump_stack_lvl+0x10/0x10
[  253.856763][ T7542]  ? __pfx__printk+0x10/0x10
[  253.856812][ T7542]  should_fail_ex+0x424/0x570
[  253.856850][ T7542]  _copy_to_user+0x31/0xb0
[  253.856880][ T7542]  simple_read_from_buffer+0xc4/0x170
[  253.856918][ T7542]  proc_fail_nth_read+0x1ef/0x260
[  253.856947][ T7542]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  253.856976][ T7542]  ? rw_verify_area+0x246/0x630
[  253.857001][ T7542]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  253.857029][ T7542]  vfs_read+0x21f/0xb90
[  253.857061][ T7542]  ? __pfx___mutex_lock+0x10/0x10
[  253.857090][ T7542]  ? __pfx_vfs_read+0x10/0x10
[  253.857120][ T7542]  ? __fget_files+0x2a/0x420
[  253.857145][ T7542]  ? __fget_files+0x39d/0x420
[  253.857165][ T7542]  ? __fget_files+0x2a/0x420
[  253.857197][ T7542]  ksys_read+0x19d/0x2d0
[  253.857226][ T7542]  ? __pfx_ksys_read+0x10/0x10
[  253.857260][ T7542]  ? do_syscall_64+0xb6/0x230
[  253.857291][ T7542]  do_syscall_64+0xf3/0x230
[  253.857319][ T7542]  ? clear_bhb_loop+0x45/0xa0
[  253.857344][ T7542]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  253.857365][ T7542] RIP: 0033:0x7f0687b8bb7c
[  253.857383][ T7542] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  253.857401][ T7542] RSP: 002b:00007f0688951030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  253.857424][ T7542] RAX: ffffffffffffffda RBX: 00007f0687da5fa0 RCX: 00007f0687b8bb7c
[  253.857439][ T7542] RDX: 000000000000000f RSI: 00007f06889510a0 RDI: 0000000000000004
[  253.857453][ T7542] RBP: 00007f0688951090 R08: 0000000000000000 R09: 0000000000000000
[  253.857466][ T7542] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  253.857479][ T7542] R13: 0000000000000000 R14: 00007f0687da5fa0 R15: 00007ffd342935d8
[  253.857512][ T7542]  </TASK>
[  254.256533][ T5894] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  254.408286][ T5894] usb 2-1: Using ep0 maxpacket: 8
[  254.425100][ T5894] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  254.439417][ T5894] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBE, changing to 0x8E
[  254.622671][ T7564] bridge0: port 3(team0) entered blocking state
[  254.629090][ T7564] bridge0: port 3(team0) entered disabled state
[  254.635545][ T7564] team0: entered allmulticast mode
[  254.640690][ T7564] team_slave_0: entered allmulticast mode
[  254.646409][ T7564] team_slave_1: entered allmulticast mode
[  254.653725][ T7564] team0: entered promiscuous mode
[  254.659375][ T7564] team_slave_0: entered promiscuous mode
[  254.665214][ T7564] team_slave_1: entered promiscuous mode
[  254.672206][ T7564] bridge0: port 3(team0) entered blocking state
[  254.678837][ T7564] bridge0: port 3(team0) entered forwarding state
[  254.898394][    C0] vkms_vblank_simulate: vblank timer overrun
[  254.933629][    C0] vkms_vblank_simulate: vblank timer overrun
[  255.192930][ T5894] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 7
[  255.233922][ T7518] BTRFS error (device loop2): open_ctree failed: -4
[  255.299167][ T5894] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0
[  255.397323][ T5894] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  255.461286][ T5894] usb 2-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46
[  255.490314][ T5894] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35
[  255.545371][ T5894] usb 2-1: Product: syz
[  255.555558][ T5894] usb 2-1: Manufacturer: syz
[  255.567729][ T5894] usb 2-1: SerialNumber: syz
[  255.591073][ T5894] usb 2-1: config 0 descriptor??
[  255.815106][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  255.821767][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  255.850482][   T63] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  255.891361][ T7540] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  255.946997][ T7540] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  255.960899][ T5894] radio-si470x 2-1:0.0: DeviceID=0x0000 ChipID=0x0000
[  255.967742][ T5894] radio-si470x 2-1:0.0: This driver is known to work with firmware version 12, but the device has firmware version 0.
[  256.195124][ T5894] radio-si470x 2-1:0.0: software version 0, hardware version 0
[  256.238490][ T5894] radio-si470x 2-1:0.0: This driver is known to work with hardware version 1, but the device has hardware version 0.
[  256.257872][ T5894] radio-si470x 2-1:0.0: If you have some trouble using this driver, please report to V4L ML at linux-media@vger.kernel.org
[  256.553278][ T7574] loop4: detected capacity change from 0 to 64
[  256.606642][ T5894] radio-si470x 2-1:0.0: submitting int urb failed (-90)
[  256.901486][ T7577] hfs: can't find a HFS filesystem on dev nullb0
[  257.119448][ T6130] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  257.337946][ T5894] radio-si470x 2-1:0.0: si470x_set_report: usb_control_msg returned -71
[  257.389926][ T5894] radio-si470x 2-1:0.0: probe with driver radio-si470x failed with error -22
[  257.473073][ T5894] usb 2-1: USB disconnect, device number 4
[  259.701700][   T30] audit: type=1326 audit(1743939198.948:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7598 comm="syz.3.384" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0687b8d169 code=0x0
[  259.723330][    C0] vkms_vblank_simulate: vblank timer overrun
[  259.951270][ T7605] loop3: detected capacity change from 0 to 256
[  260.033385][ T7607] netlink: 92 bytes leftover after parsing attributes in process `syz.0.385'.
[  260.151491][ T7605] exFAT-fs (loop3): failed to load upcase table (idx : 0x00011f50, chksum : 0xa6aae999, utbl_chksum : 0xe619d30d)
[  260.419312][ T7610] loop4: detected capacity change from 0 to 512
[  260.523212][ T7610] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2
[  260.535627][ T7610] EXT4-fs error (device loop4): ext4_orphan_get:1416: comm syz.4.386: bad orphan inode 15
[  260.547523][ T7610] ext4_test_bit(bit=14, block=4) = 1
[  260.553221][ T7610] is_bad_inode(inode)=0
[  260.557566][ T7610] NEXT_ORPHAN(inode)=0
[  260.561785][ T7610] max_ino=32
[  260.565287][ T7610] i_nlink=1
[  260.570311][ T7610] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  260.733601][ T7614] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 227 vs 220 free clusters
[  260.974359][ T5850] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  261.244088][ T5894] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  261.574614][ T3001] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  261.614973][ T5894] usb 1-1: Using ep0 maxpacket: 8
[  261.788096][ T5894] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  261.944782][ T5894] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  262.081448][ T5894] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x3D, changing to 0xD
[  262.280822][ T5894] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xD has an invalid bInterval 19, changing to 7
[  262.295670][ T5894] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a4, bcdDevice=9e.7e
[  262.305098][ T5894] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  262.313139][ T5894] usb 1-1: Product: syz
[  262.318019][ T5894] usb 1-1: Manufacturer: syz
[  262.322672][ T5894] usb 1-1: SerialNumber: syz
[  262.330969][ T5894] usb 1-1: config 0 descriptor??
[  262.345547][ T5894] usbtest 1-1:0.0: couldn't get endpoints, -22
[  262.352799][ T5894] usbtest 1-1:0.0: probe with driver usbtest failed with error -22
[  262.574659][ T5842] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  262.576416][ T5894] usb 1-1: USB disconnect, device number 5
[  262.861328][   T13] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  262.944148][ T7643] overlayfs: failed to resolve './file0': -2
[  262.993878][ T5842] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  263.005912][ T5842] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  263.032608][ T7646] trusted_key: encrypted_key: key description must be 16 hexadecimal characters long
[  263.192431][ T5842] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  263.262664][ T5842] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  263.360483][ T5842] usb 4-1: SerialNumber: syz
[  263.842162][ T5842] usb 4-1: 0:2 : does not exist
[  264.030312][ T5842] usb 4-1: USB disconnect, device number 4
[  264.112000][ T7654] xt_CT: You must specify a L4 protocol and not use inversions on it
[  264.564942][ T5857] udevd[5857]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  266.087861][ T5894] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  266.270711][ T5894] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  266.286352][   T30] audit: type=1804 audit(1743939205.532:11): pid=7672 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.406" name="/newroot/68/file0" dev="tmpfs" ino=405 res=1 errno=0
[  266.331039][ T5894] usb 2-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  266.362662][ T5894] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  266.393945][ T5894] usb 2-1: config 0 descriptor??
[  266.476002][ T7674] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3343437945 (53495007120 ns) > initial count (52285443328 ns). Using initial count to start timer.
[  266.519863][ T7674] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3442273030 (55076368480 ns) > initial count (33921318416 ns). Using initial count to start timer.
[  267.063339][ T5894] keytouch 0003:0926:3333.0001: fixing up Keytouch IEC report descriptor
[  267.104722][ T5894] input: HID 0926:3333 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:0926:3333.0001/input/input11
[  267.341334][   T63] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  267.712244][ T7691] netlink: 24 bytes leftover after parsing attributes in process `syz.0.411'.
[  267.908435][ T5894] keytouch 0003:0926:3333.0001: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.1-1/input0
[  268.298722][ T5894] usb 2-1: USB disconnect, device number 5
[  268.606952][ T7702] netlink: 12 bytes leftover after parsing attributes in process `syz.3.416'.
[  268.622040][   T63] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  268.955511][ T7702] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  268.965294][ T7702] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  268.974244][ T7702] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  268.983141][ T7702] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  269.066560][ T7702] vxlan0: entered promiscuous mode
[  269.879026][ T1164] Bluetooth: hci5: Frame reassembly failed (-90)
[  270.589423][ T7717] netlink: 84 bytes leftover after parsing attributes in process `syz.3.419'.
[  271.833350][ T5853] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  272.095947][ T7729] xt_TCPMSS: Only works on TCP SYN packets
[  272.653351][ T7727] overlayfs: failed to resolve './file0': -2
[  273.108520][   T36] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  273.567680][ T7745] netlink: 24 bytes leftover after parsing attributes in process `syz.2.426'.
[  273.657897][ T7746] cgroup: subsys name conflicts with all
[  274.027583][ T7745] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[  274.388739][   T63] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  276.058637][ T7764] netlink: 8 bytes leftover after parsing attributes in process `syz.3.431'.
[  276.156206][ T7765] netlink: 'syz.3.431': attribute type 11 has an invalid length.
[  278.366680][ T7762] overlayfs: missing 'workdir'
[  278.871572][   T36] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  279.513265][ T7778] syz.2.435: attempt to access beyond end of device
[  279.513265][ T7778] nbd2: rw=4096, sector=0, nr_sectors = 1 limit=0
[  279.527397][ T7778] XFS (nbd2): SB validate failed with error -5.
[  281.504988][   T63] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  284.653007][   T71] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  288.088580][ T7824] netlink: 'syz.2.447': attribute type 21 has an invalid length.
[  288.098028][ T7824] netlink: 'syz.2.447': attribute type 6 has an invalid length.
[  288.105802][ T7824] netlink: 132 bytes leftover after parsing attributes in process `syz.2.447'.
[  288.530338][   T36] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  289.099061][    T9] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  289.487553][ T7834] netlink: 16 bytes leftover after parsing attributes in process `syz.0.452'.
[  289.496946][ T7834] netlink: 18 bytes leftover after parsing attributes in process `syz.0.452'.
[  289.629634][    T9] usb 5-1: Using ep0 maxpacket: 32
[  289.651900][    T9] usb 5-1: config 0 has an invalid interface number: 101 but max is 1
[  289.668754][    T9] usb 5-1: config 0 has an invalid interface number: 43 but max is 1
[  289.709745][    T9] usb 5-1: config 0 has no interface number 0
[  289.715890][    T9] usb 5-1: config 0 has no interface number 1
[  289.770216][    T9] usb 5-1: config 0 interface 101 has no altsetting 0
[  289.777055][    T9] usb 5-1: config 0 interface 43 has no altsetting 0
[  289.796821][    T9] usb 5-1: New USB device found, idVendor=1235, idProduct=0010, bcdDevice=59.84
[  289.806455][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  289.862120][    T9] usb 5-1: config 0 descriptor??
[  290.858856][ T7849] sctp: failed to load transform for md5: -2
[  291.141748][   T13] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  292.686572][ T7827] netlink: 12 bytes leftover after parsing attributes in process `syz.4.449'.
[  293.234572][ T7868] sp0: Synchronizing with TNC
[  293.422943][ T7870] ubi31: attaching mtd0
[  293.437468][ T7870] ubi31: scanning is finished
[  293.442271][ T7870] ubi31: empty MTD device detected
[  294.933097][   T36] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  294.974144][    T9] usb 5-1: string descriptor 0 read error: -32
[  295.225598][    C0] vcan0: j1939_tp_rxtimer: 0xffff888034182c00: rx timeout, send abort
[  295.735845][    C0] vcan0: j1939_tp_rxtimer: 0xffff888034182c00: abort rx timeout. Force session deactivation
[  296.493365][    T9] usb 5-1: USB disconnect, device number 7
[  296.561687][ T7870] ubi31 error: ubi_attach_mtd_dev: cannot spawn "ubi_bgt31d", error -4
[  296.809424][ T6130] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  298.729136][ T5848] udevd[5848]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.101/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  298.929829][ T7889] netlink: 416 bytes leftover after parsing attributes in process `syz.3.464'.
[  300.597922][ T7911] netlink: 96 bytes leftover after parsing attributes in process `syz.3.471'.
[  300.653747][   T36] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  300.709443][ T5892] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  301.318972][ T7911] netlink: 'syz.3.471': attribute type 5 has an invalid length.
[  301.331083][ T7911] netlink: 44 bytes leftover after parsing attributes in process `syz.3.471'.
[  301.439161][ T7916] xt_CT: You must specify a L4 protocol and not use inversions on it
[  301.501271][ T5892] usb 3-1: Using ep0 maxpacket: 32
[  301.896641][ T5892] usb 3-1: config 0 has an invalid interface number: 184 but max is 0
[  301.952335][ T5892] usb 3-1: config 0 has no interface number 0
[  302.000030][ T5892] usb 3-1: config 0 interface 184 has no altsetting 0
[  302.123762][ T5892] usb 3-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  302.227306][ T5892] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  302.280178][ T5892] usb 3-1: Product: syz
[  302.311800][ T5892] usb 3-1: Manufacturer: syz
[  302.370053][ T5892] usb 3-1: SerialNumber: syz
[  302.586398][ T5892] usb 3-1: config 0 descriptor??
[  302.595652][   T36] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  302.653848][ T5892] smsc75xx v1.0.0
[  304.072388][ T7945] tipc: Started in network mode
[  304.077454][ T7945] tipc: Node identity ac14140f, cluster identity 4711
[  304.085096][ T7945] tipc: New replicast peer: 255.255.255.255
[  304.092045][ T7945] tipc: Enabled bearer <udp:syz2>, priority 10
[  305.304317][   T24] tipc: Node number set to 2886997007
[  305.879659][ T5892] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000044: -71
[  305.987627][ T5892] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_DATA
[  306.710330][ T5892] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  306.724692][ T5892] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[  306.736987][ T5892] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[  306.924009][ T7955] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  306.969371][ T5892] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[  307.180425][   T36] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  307.229259][ T5892] smsc75xx 3-1:0.184: probe with driver smsc75xx failed with error -71
[  307.311662][ T7966] block device autoloading is deprecated and will be removed.
[  307.566051][ T7960] netlink: 16 bytes leftover after parsing attributes in process `syz.2.487'.
[  307.767077][ T5892] usb 3-1: USB disconnect, device number 5
[  308.387567][   T13] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  309.162362][ T7978] use of bytesused == 0 is deprecated and will be removed in the future,
[  309.207123][ T7978] use the actual size instead.
[  309.213085][ T7984] netlink: 40 bytes leftover after parsing attributes in process `syz.4.493'.
[  312.413048][ T8025] netlink: 8 bytes leftover after parsing attributes in process `syz.1.504'.
[  313.348876][   T12] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  314.942394][ T6130] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  315.013207][ T8028] overlayfs: failed to resolve './file1': -2
[  315.114344][ T8032] input: syz0 as /devices/virtual/input/input12
[  316.313455][ T8052] ubi31: attaching mtd0
[  316.328125][ T8052] ubi31: scanning is finished
[  316.795170][ T8053] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  317.153084][ T8057] xt_CT: You must specify a L4 protocol and not use inversions on it
[  317.309716][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  317.316677][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  317.541335][ T8052] ubi31 error: ubi_attach_mtd_dev: cannot spawn "ubi_bgt31d", error -4
[  317.817099][ T8064] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  318.570631][ T8073] netlink: 8 bytes leftover after parsing attributes in process `syz.4.518'.
[  318.585649][   T71] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  320.121145][ T8089] tty tty28: ldisc open failed (-12), clearing slot 27
[  320.285160][   T13] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  320.587222][   T30] audit: type=1326 audit(1743939259.664:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8084 comm="syz.0.523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3b938d169 code=0x7fc00000
[  320.919528][   T30] audit: type=1326 audit(1743939259.824:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8084 comm="syz.0.523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fe3b938d169 code=0x7fc00000
[  322.778068][ T8114] sp0: Synchronizing with TNC
[  323.591172][ T5894] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  323.879174][ T8122] overlayfs: failed to resolve './file1': -2
[  324.146005][ T5894] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  324.152618][   T36] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  324.177561][ T5894] usb 1-1: New USB device found, idVendor=04d8, idProduct=0083, bcdDevice=83.9c
[  324.497760][ T5894] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  324.624588][ T5894] usb 1-1: Product: syz
[  324.631758][ T5894] usb 1-1: Manufacturer: syz
[  324.636411][ T5894] usb 1-1: SerialNumber: syz
[  324.654711][ T5894] usb 1-1: config 0 descriptor??
[  324.664326][ T5894] usb 1-1: can't set config #0, error -71
[  324.694845][ T5894] usb 1-1: USB disconnect, device number 6
[  324.946567][ T8130] netlink: 416 bytes leftover after parsing attributes in process `syz.0.534'.
[  325.190465][    T9] usb 2-1: new full-speed USB device number 6 using dummy_hcd
[  325.367384][    T9] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  325.398618][    T9] usb 2-1: config 0 interface 0 altsetting 2 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  325.433085][    T9] usb 2-1: config 0 interface 0 has no altsetting 0
[  325.443503][ T8138] netlink: 'syz.0.538': attribute type 21 has an invalid length.
[  325.443999][    T9] usb 2-1: New USB device found, idVendor=060b, idProduct=500a, bcdDevice= 0.00
[  325.473783][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  325.498782][    T9] usb 2-1: config 0 descriptor??
[  325.504239][ T8138] netlink: 'syz.0.538': attribute type 6 has an invalid length.
[  325.517568][    T9] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[  325.525316][ T8138] netlink: 132 bytes leftover after parsing attributes in process `syz.0.538'.
[  325.561001][ T5847] Bluetooth: hci5: command 0x1003 tx timeout
[  325.568275][ T5853] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  325.687569][   T53] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  326.060653][ T8143] netlink: 20 bytes leftover after parsing attributes in process `syz.1.533'.
[  326.290963][ T8142] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  326.995437][ T8152] netlink: 452 bytes leftover after parsing attributes in process `syz.2.539'.
[  328.205304][ T8160] netlink: 416 bytes leftover after parsing attributes in process `syz.4.545'.
[  330.124792][ T1164] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  330.704551][ T8183] netlink: 'syz.4.551': attribute type 21 has an invalid length.
[  330.726062][ T8183] netlink: 'syz.4.551': attribute type 6 has an invalid length.
[  330.733933][ T8183] netlink: 132 bytes leftover after parsing attributes in process `syz.4.551'.
[  331.215328][    T9] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  331.397567][    T9] usb 1-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  331.425522][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  331.470177][   T53] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  331.490186][    T9] usb 1-1: config 0 descriptor??
[  333.083049][ T5894] usb 2-1: USB disconnect, device number 6
[  333.796151][   T30] audit: type=1326 audit(1743939272.973:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8204 comm="syz.4.559" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f37a318d169 code=0x0
[  333.880924][ T5894] usb 1-1: USB disconnect, device number 7
[  334.310306][ T8228] netlink: 'syz.1.564': attribute type 21 has an invalid length.
[  334.334936][ T8228] netlink: 'syz.1.564': attribute type 6 has an invalid length.
[  334.380124][ T8228] netlink: 132 bytes leftover after parsing attributes in process `syz.1.564'.
[  335.118739][ T8251] trusted_key: encrypted_key: insufficient parameters specified
[  336.062971][   T71] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  336.358334][ T8257] sp0: Synchronizing with TNC
[  336.718714][ T8260] netlink: 'syz.4.571': attribute type 8 has an invalid length.
[  337.168380][   T13] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  337.887417][ T8276] netlink: 'syz.4.579': attribute type 21 has an invalid length.
[  337.896059][ T8276] netlink: 'syz.4.579': attribute type 6 has an invalid length.
[  337.904221][ T8276] netlink: 132 bytes leftover after parsing attributes in process `syz.4.579'.
[  338.929542][ T8287] trusted_key: encrypted_key: key description must be 16 hexadecimal characters long
[  340.895619][ T8310] netlink: 84 bytes leftover after parsing attributes in process `syz.1.593'.
[  341.635763][   T71] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  342.762463][ T1164] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  343.154981][ T8326] ALSA: mixer_oss: invalid OSS volume 'P�7{*;��+�$p�'
[  343.209789][ T8326] ALSA: mixer_oss: invalid OSS volume ''
[  343.393717][ T8326] ALSA: mixer_oss: invalid OSS volume 'b$Kf��7?]����3s�X'
[  344.406290][ T8326] ALSA: mixer_oss: invalid OSS volume '��K�׍?F�g'
[  345.086930][ T8326] ALSA: mixer_oss: invalid OSS volume '��.L!�t�8�y����W�+��$N��Js�'
[  345.744595][ T5958] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  346.622204][ T5958] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  346.654269][ T5958] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  346.685048][ T5958] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  346.724356][ T5958] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  346.772923][ T5958] usb 5-1: config 0 descriptor??
[  347.260072][ T8355] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  347.359453][ T8355] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  347.412188][ T1164] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  348.036094][ T1164] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  348.127836][   T30] audit: type=1326 audit(1743939286.321:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8402 comm="syz.0.622" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe3b938d169 code=0x0
[  348.209291][ T5958] uclogic 0003:256C:006D.0002: failed retrieving Huion firmware version: -71
[  348.258581][ T5958] uclogic 0003:256C:006D.0002: failed probing parameters: -71
[  348.311333][ T5958] uclogic 0003:256C:006D.0002: probe with driver uclogic failed with error -71
[  348.394630][ T5958] usb 5-1: USB disconnect, device number 8
[  349.198942][ T8424] Cannot find del_set index 4 as target
[  350.990037][ T5958] usb 1-1: new full-speed USB device number 8 using dummy_hcd
[  351.642521][ T5958] usb 1-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config
[  351.676443][ T5958] usb 1-1: New USB device found, idVendor=7a69, idProduct=0001, bcdDevice=a8.6b
[  351.688216][ T5958] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  351.742426][ T5958] usb 1-1: Product: syz
[  351.746667][ T5958] usb 1-1: Manufacturer: syz
[  351.773787][ T5958] usb 1-1: SerialNumber: syz
[  351.919618][ T8466] Cannot find del_set index 4 as target
[  352.202021][ T5958] usb 1-1: dvb_usb_v2: found a '774 Friio White ISDB-T USB2.0' in warm state
[  352.492615][ T8472] sp0: Synchronizing with TNC
[  352.689210][ T5958] usb 1-1: dvb_usb_v2: this USB2.0 device cannot be run on a USB1.1 port (it lacks a hardware PID filter)
[  353.286356][   T13] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  353.793453][   T10] usb 1-1: USB disconnect, device number 8
[  353.811253][   T13] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  354.162556][ T8497] netlink: 'syz.4.643': attribute type 21 has an invalid length.
[  354.171758][ T8497] netlink: 'syz.4.643': attribute type 6 has an invalid length.
[  354.179538][ T8497] netlink: 132 bytes leftover after parsing attributes in process `syz.4.643'.
[  355.031116][ T8499] ------------[ cut here ]------------
[  355.036914][ T8499] do not call blocking ops when !TASK_RUNNING; state=1 set at [<ffffffff819c19fc>] prepare_to_wait_event+0x3ac/0x460
[  355.057505][ T8499] WARNING: CPU: 1 PID: 8499 at kernel/sched/core.c:8745 __might_sleep+0xb9/0xe0
[  355.067049][ T8499] Modules linked in:
[  355.071713][ T8499] CPU: 1 UID: 0 PID: 8499 Comm: syz.3.644 Not tainted 6.14.0-next-20250404-syzkaller #0 PREEMPT(full) 
[  355.082948][ T8499] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  355.093398][ T8499] RIP: 0010:__might_sleep+0xb9/0xe0
[  355.098804][ T8499] Code: b7 0e 01 90 42 80 3c 23 00 74 08 48 89 ef e8 3e 13 9b 00 48 8b 4d 00 48 c7 c7 e0 33 4a 8c 44 89 ee 48 89 ca e8 18 11 f0 ff 90 <0f> 0b 90 90 eb b5 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c 70 ff ff ff
[  355.118925][ T8499] RSP: 0018:ffffc9001c9af988 EFLAGS: 00010246
[  355.125019][ T8499] RAX: aed45d39e8e25200 RBX: 1ffff11005f7b6b1 RCX: 0000000000080000
[  355.133034][ T8499] RDX: ffffc9000e4a9000 RSI: 0000000000007c7b RDI: 0000000000007c7c
[  355.141113][ T8499] RBP: ffff88802fbdb588 R08: ffffffff81828012 R09: fffffbfff1d7a980
[  355.149697][ T8499] R10: dffffc0000000000 R11: fffffbfff1d7a980 R12: dffffc0000000000
[  355.157737][ T8499] R13: 0000000000000001 R14: 0000000000000242 R15: ffffffff8c4ad740
[  355.165737][ T8499] FS:  00007f068890f6c0(0000) GS:ffff88812508f000(0000) knlGS:0000000000000000
[  355.174730][ T8499] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  355.181604][ T8499] CR2: 00007f92c1f0dd22 CR3: 000000003042e000 CR4: 00000000003526f0
[  355.189622][ T8499] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  355.197683][ T8499] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  355.205694][ T8499] Call Trace:
[  355.209425][ T8499]  <TASK>
[  355.212436][ T8499]  __mutex_lock+0x12c/0x10c0
[  355.217135][ T8499]  ? _raw_spin_unlock_irqrestore+0x90/0x140
[  355.223164][ T8499]  ? __ceph_open_session+0x471/0xa30
[  355.228559][ T8499]  ? _raw_spin_unlock_irqrestore+0xde/0x140
[  355.234543][ T8499]  ? __pfx___mutex_lock+0x10/0x10
[  355.239987][ T8499]  ? __up_read+0x2c4/0x6b0
[  355.244506][ T8499]  ? prepare_to_wait_event+0x3ac/0x460
[  355.250137][ T8499]  ? prepare_to_wait_event+0x40c/0x460
[  355.255701][ T8499]  __ceph_open_session+0x471/0xa30
[  355.260970][ T8499]  ? bdi_register_va+0x593/0x770
[  355.266007][ T8499]  ? __pfx___ceph_open_session+0x10/0x10
[  355.272118][ T8499]  ? __pfx_autoremove_wake_function+0x10/0x10
[  355.278316][ T8499]  ? sget_fc+0x960/0xa50
[  355.282642][ T8499]  ? __pfx_ceph_set_super+0x10/0x10
[  355.287949][ T8499]  ceph_get_tree+0xac4/0x17b0
[  355.292719][ T8499]  vfs_get_tree+0x90/0x2b0
[  355.297216][ T8499]  vfs_cmd_create+0xa0/0x1f0
[  355.302248][ T8499]  ? __se_sys_fsconfig+0xa14/0xf40
[  355.307443][ T8499]  __se_sys_fsconfig+0xa20/0xf40
[  355.312516][ T8499]  ? __pfx___se_sys_fsconfig+0x10/0x10
[  355.318085][ T8499]  ? __x64_sys_fsconfig+0x20/0xc0
[  355.323196][ T8499]  do_syscall_64+0xf3/0x230
[  355.328119][ T8499]  ? clear_bhb_loop+0x45/0xa0
[  355.332831][ T8499]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  355.338798][ T8499] RIP: 0033:0x7f0687b8d169
[  355.343237][ T8499] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  355.363148][ T8499] RSP: 002b:00007f068890f038 EFLAGS: 00000246 ORIG_RAX: 00000000000001af
[  355.371609][ T8499] RAX: ffffffffffffffda RBX: 00007f0687da6160 RCX: 00007f0687b8d169
[  355.379615][ T8499] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005
[  355.388508][ T8499] RBP: 00007f0687c0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  355.396522][ T8499] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  355.404588][ T8499] R13: 0000000000000000 R14: 00007f0687da6160 R15: 00007ffd342935d8
[  355.412696][ T8499]  </TASK>
[  355.415761][ T8499] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  355.423090][ T8499] CPU: 1 UID: 0 PID: 8499 Comm: syz.3.644 Not tainted 6.14.0-next-20250404-syzkaller #0 PREEMPT(full) 
[  355.434142][ T8499] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  355.444267][ T8499] Call Trace:
[  355.447579][ T8499]  <TASK>
[  355.450552][ T8499]  dump_stack_lvl+0x241/0x360
[  355.455287][ T8499]  ? __pfx_dump_stack_lvl+0x10/0x10
[  355.460544][ T8499]  ? __pfx__printk+0x10/0x10
[  355.465202][ T8499]  ? vscnprintf+0x5d/0x90
[  355.469587][ T8499]  panic+0x349/0x880
[  355.473539][ T8499]  ? __warn+0x174/0x4d0
[  355.477755][ T8499]  ? __pfx_panic+0x10/0x10
[  355.482245][ T8499]  __warn+0x344/0x4d0
[  355.486277][ T8499]  ? __might_sleep+0xb9/0xe0
[  355.490922][ T8499]  report_bug+0x2b3/0x500
[  355.495289][ T8499]  ? __might_sleep+0xb9/0xe0
[  355.499913][ T8499]  ? __might_sleep+0xb9/0xe0
[  355.504535][ T8499]  ? __might_sleep+0xbb/0xe0
[  355.509153][ T8499]  handle_bug+0x89/0x170
[  355.513439][ T8499]  exc_invalid_op+0x1a/0x50
[  355.518014][ T8499]  asm_exc_invalid_op+0x1a/0x20
[  355.522900][ T8499] RIP: 0010:__might_sleep+0xb9/0xe0
[  355.528136][ T8499] Code: b7 0e 01 90 42 80 3c 23 00 74 08 48 89 ef e8 3e 13 9b 00 48 8b 4d 00 48 c7 c7 e0 33 4a 8c 44 89 ee 48 89 ca e8 18 11 f0 ff 90 <0f> 0b 90 90 eb b5 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c 70 ff ff ff
[  355.547815][ T8499] RSP: 0018:ffffc9001c9af988 EFLAGS: 00010246
[  355.553928][ T8499] RAX: aed45d39e8e25200 RBX: 1ffff11005f7b6b1 RCX: 0000000000080000
[  355.561932][ T8499] RDX: ffffc9000e4a9000 RSI: 0000000000007c7b RDI: 0000000000007c7c
[  355.569941][ T8499] RBP: ffff88802fbdb588 R08: ffffffff81828012 R09: fffffbfff1d7a980
[  355.577946][ T8499] R10: dffffc0000000000 R11: fffffbfff1d7a980 R12: dffffc0000000000
[  355.585936][ T8499] R13: 0000000000000001 R14: 0000000000000242 R15: ffffffff8c4ad740
[  355.593957][ T8499]  ? __warn_printk+0x2a2/0x360
[  355.598758][ T8499]  ? __might_sleep+0xb8/0xe0
[  355.603367][ T8499]  __mutex_lock+0x12c/0x10c0
[  355.608083][ T8499]  ? _raw_spin_unlock_irqrestore+0x90/0x140
[  355.614001][ T8499]  ? __ceph_open_session+0x471/0xa30
[  355.619305][ T8499]  ? _raw_spin_unlock_irqrestore+0xde/0x140
[  355.625211][ T8499]  ? __pfx___mutex_lock+0x10/0x10
[  355.630254][ T8499]  ? __up_read+0x2c4/0x6b0
[  355.634689][ T8499]  ? prepare_to_wait_event+0x3ac/0x460
[  355.640162][ T8499]  ? prepare_to_wait_event+0x40c/0x460
[  355.645635][ T8499]  __ceph_open_session+0x471/0xa30
[  355.650764][ T8499]  ? bdi_register_va+0x593/0x770
[  355.655733][ T8499]  ? __pfx___ceph_open_session+0x10/0x10
[  355.661383][ T8499]  ? __pfx_autoremove_wake_function+0x10/0x10
[  355.667480][ T8499]  ? sget_fc+0x960/0xa50
[  355.671748][ T8499]  ? __pfx_ceph_set_super+0x10/0x10
[  355.676960][ T8499]  ceph_get_tree+0xac4/0x17b0
[  355.681664][ T8499]  vfs_get_tree+0x90/0x2b0
[  355.686107][ T8499]  vfs_cmd_create+0xa0/0x1f0
[  355.690722][ T8499]  ? __se_sys_fsconfig+0xa14/0xf40
[  355.695853][ T8499]  __se_sys_fsconfig+0xa20/0xf40
[  355.700820][ T8499]  ? __pfx___se_sys_fsconfig+0x10/0x10
[  355.706308][ T8499]  ? __x64_sys_fsconfig+0x20/0xc0
[  355.711350][ T8499]  do_syscall_64+0xf3/0x230
[  355.715880][ T8499]  ? clear_bhb_loop+0x45/0xa0
[  355.720573][ T8499]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  355.726474][ T8499] RIP: 0033:0x7f0687b8d169
[  355.730900][ T8499] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  355.750520][ T8499] RSP: 002b:00007f068890f038 EFLAGS: 00000246 ORIG_RAX: 00000000000001af
[  355.758952][ T8499] RAX: ffffffffffffffda RBX: 00007f0687da6160 RCX: 00007f0687b8d169
[  355.766934][ T8499] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005
[  355.774913][ T8499] RBP: 00007f0687c0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  355.782894][ T8499] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  355.790873][ T8499] R13: 0000000000000000 R14: 00007f0687da6160 R15: 00007ffd342935d8
[  355.798874][ T8499]  </TASK>
[  355.802212][ T8499] Kernel Offset: disabled
[  355.806539][ T8499] Rebooting in 86400 seconds..