last executing test programs:

17.587146836s ago: executing program 1 (id=239):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='smaps\x00')
readv(r1, &(0x7f00000022c0), 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x0, &(0x7f0000000080))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NL802154_CMD_DEL_SEC_LEVEL(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000480)=ANY=[@ANYBLOB='t\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010024bd7000fbdbdf2520ffff", @ANYRES32], 0x74}}, 0x0)
open(&(0x7f0000000400)='./file2\x00', 0x0, 0x0)
r5 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r5, 0x3b81, &(0x7f0000000380)={0xc, 0x0, <r6=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r5, 0x3ba0, &(0x7f0000000180)={0x48, 0x2, r6})
ioctl$IOMMU_VFIO_IOAS$SET(r5, 0x3b88, &(0x7f00000000c0)={0xc, r6})
ioctl$IOMMU_VFIO_CHECK_EXTENSION(r5, 0x3b65, 0x4)
read$FUSE(r1, &(0x7f0000000180)={0x2020}, 0x2020)
r7 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r8 = syz_usb_connect$hid(0x2, 0x3f, &(0x7f0000000040)={{0x12, 0x1, 0x201, 0x0, 0x0, 0x0, 0x8, 0x4e7, 0x50, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x1, 0xff, 0x60, 0x4, [{{0x9, 0x4, 0x0, 0xc2, 0x1, 0x3, 0x1, 0x0, 0x3f, {0x9, 0x21, 0x4, 0x3f, 0x1, {0x22, 0xaaf}}, {{{0x9, 0x5, 0x81, 0x3, 0x40, 0x7, 0x1, 0x9}}, [{{0x9, 0x5, 0x2, 0x3, 0x3ff, 0x4, 0x7f, 0x58}}]}}}]}}]}}, &(0x7f0000000100)={0xa, &(0x7f0000000080)={0xa, 0x6, 0x201, 0x78, 0x81, 0x40, 0x10, 0x8}, 0x8b, &(0x7f0000002300)=ANY=[@ANYBLOB="050f8b00030101000000000000ff030767100af14a41aaca487b3a024b32aea75d8446fc130ad29aab4e502e74acb4b28d7fc883e1d1872080a1d32bf6a6b20230cc5a674738133c661d71971875f034d9d6bbb268470185f34fcd3a71a860f18e1d538f13b2baa833852ea5a8214318a5a12824d68c071410040228c7721fb733078066572b4b112f4b3c"], 0x1, [{0x87, &(0x7f00000023c0)=@string={0x87, 0x3, "969a22bd6657f640b93170d2ee793888a400e395c56e2b408200c0a17519c40a6ca5982fc6c66478ddc23834469d6e3f0d7eb42b64351d9afcde3d74310d221253bc6e3839265f470f41b11e4247d925cf4dddc83c67bdfba8d21e211bd7efade7168d7fd8b0135fdeef94fd25f71a64fe2f4cc72b8c28fb1c075fe538f0e41ad6b43256f5"}}]})
syz_usb_control_io$hid(r8, &(0x7f0000002640)={0x24, &(0x7f0000002480)={0x40, 0x21, 0xdf, {0xdf, 0x23, "d1c71587e4ebb060ed100866591b839c20557ab2ad070d1e7ab8407910140902433002cdb996b8673f5303fc0e0cddb03c0e3c4ae33f772506b84a363023d484f206391404b7a6c4884de10725bf3a37775cacc979b22bd20243b1e1112eaee28ae4774358e948a6335690eaf885f3bbf718b5ce6c2f32f68e3377b1af98b9e965cc969ac4cc0011d4c70ee4824f3468a5c58a83aac1f8be816ddb141336eda6aa149fbe442c5ee196d18a99937da853ad0418d62725ff3547f821ab6f852c575e7195b254df0afb2f9a934034bc86b24ea065fd85b31702c6e14ab745"}}, &(0x7f0000002580)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x44d}}, &(0x7f00000025c0)=ANY=[@ANYBLOB="00221600000091ee5797c4e011a7ed795741abed0bea115b3e1a5325"], &(0x7f0000002600)={0x0, 0x21, 0x3e, {0x9, 0x21, 0x6, 0x3f, 0x1, {0x22, 0x2fd}}}}, &(0x7f0000002900)={0x2c, &(0x7f0000002680)={0x0, 0x31, 0xcf, "a2c52a68704762157eac5dd6d024b5e07288fda2d892207bb3731069ac23115e57f87baeb4d4cad162b302dad9319679732443b0ee6c69cd5115f78ad46d09eaa742eae45ed634fda5fe65f45b0e2c8829e2208f248781b618087dd910c609a3294ce91d950e758ea4c5fb3d409f52c886b74b16159d52f0f0bec8ba83f9419a11353517cbe21bde11c77b6d118fe168a1ce18939f307d2906a3e7c7354e6106739f77216e6b7a7a7e0c96e9c96c335094abab155b6385decbb6e18856c521dec73d6c11aeafae8dd0ea405837008f"}, &(0x7f0000002780)={0x0, 0xa, 0x1, 0x6}, &(0x7f00000027c0)={0x0, 0x8, 0x1, 0x4}, &(0x7f0000002800)={0x20, 0x1, 0x50, "cc2499de5ac9b9d128f5ae8d95f1eb8440903c404a3f1b5ea8b0f7629bebe32db81fb8cd77d8cea76bc8734a64b6571ccf12af0f90c34648f6780359b55d2f9de6ac9acc23e9ebb2e1f97996371030be"}, &(0x7f0000002880)={0x20, 0x3, 0x1, 0xff}})
ioctl$KVM_CREATE_IRQCHIP(r7, 0xae60)
sendmsg$NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x40, 0x0, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_IE={0x11, 0x2a, [@random={0xdd, 0xb, 'abcdefghijk'}]}, @NL80211_ATTR_SCAN_SSIDS={0x10, 0x2d, 0x0, 0x1, [{0xa, 0x0, @default_ap_ssid}]}]}, 0x40}}, 0x0)
sendmsg$NL80211_CMD_DEL_KEY(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0x0, 0x20, 0x70bd29, 0x25dfdbfb, {{}, {@val={0x8}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x40084}, 0xc0)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r1, &(0x7f0000002940)={&(0x7f00000021c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000028c0)={&(0x7f0000002200)={0x70, 0x0, 0x2, 0x70bd2a, 0x25dfdbfb, {{}, {@val={0x8}, @val={0xc, 0x99, {0x8, 0x5b}}}}, [@NL80211_ATTR_SCAN_FLAGS={0x8, 0x9e, 0x810}, @NL80211_ATTR_SCHED_SCAN_RSSI_ADJUST={0x6, 0xf7, {0x6, 0xf7}}, @NL80211_ATTR_MEASUREMENT_DURATION_MANDATORY={0x4}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MEASUREMENT_DURATION={0x6, 0xeb, 0x8001}, @NL80211_ATTR_MEASUREMENT_DURATION_MANDATORY={0x4}, @NL80211_ATTR_SCAN_FREQUENCIES={0xc, 0x2c, 0x0, 0x1, [{0x8, 0x0, 0x1e7d}]}, @NL80211_ATTR_SCHED_SCAN_DELAY={0x8, 0xdc, 0x101}, @NL80211_ATTR_MEASUREMENT_DURATION={0x6, 0xeb, 0x4}]}, 0x70}, 0x1, 0x0, 0x0, 0x8800}, 0x8804)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000140))
ioctl$KVM_SET_IRQCHIP(r7, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x10020f58, 0x0, [{}, {0x7}, {}, {0x0, 0x35}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, '\x00', 0x40}, {0x0, 0x1}]}})
getpid()

16.515205275s ago: executing program 4 (id=244):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000090a000000000000000000000000000008000a40000000000900020073797a32"], 0x50}}, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000100)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x32, 0x4, 0x0, 0x2, 0xc8, 0x67, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x18, 0x0, 0x0, 0x9, [0x401, 0x5, 0x0, 0x0, 0x0]}, @timestamp_prespec={0x44, 0x44, 0xc0, 0x3, 0xe, [{@private=0xa010102}, {@multicast1}, {@remote, 0x8000}, {@dev={0xac, 0x14, 0x14, 0x32}, 0x65c}, {@broadcast}, {@empty}, {@multicast1, 0xffd200}, {@private=0xa010100, 0x7}]}, @timestamp_prespec={0x44, 0x3c, 0x9c, 0x3, 0x8, [{@dev}, {@remote}, {@multicast2, 0x7}, {@private=0xa010101}, {@rand_addr=0x64010101}, {@broadcast, 0x52b1}, {@multicast2}]}, @noop, @noop, @noop, @end, @rr={0x7, 0x17, 0x0, [@dev, @loopback, @multicast1, @private=0xa010102, @loopback]}]}}}}})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0)
r3 = dup(r1)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0))
ioctl$KVM_NMI(r4, 0xae9a)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

15.789256055s ago: executing program 4 (id=247):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
sendmsg$ETHTOOL_MSG_STRSET_GET(0xffffffffffffffff, 0x0, 0x0)
accept(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000440)=ANY=[@ANYBLOB='p\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r3, @ANYBLOB="5100330080040000080211000000080211"], 0x70}}, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
syz_open_dev$usbfs(&(0x7f0000002000), 0x0, 0x20041)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
recvmmsg$unix(0xffffffffffffffff, &(0x7f0000001dc0)=[{{0x0, 0x0, &(0x7f0000001d40)=[{0x0}, {&(0x7f0000001980)=""/172, 0xac}, {0x0}, {0x0}], 0x4}}], 0x1, 0x0, 0x0)
sendto$inet6(r4, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1c9ae7fffe9a6f34}}, 0x1c)
setsockopt$inet_sctp6_SCTP_EVENTS(r4, 0x84, 0xb, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0xe)
shutdown(r4, 0x1)
recvmmsg(r4, &(0x7f0000000840)=[{{0x0, 0x0, 0x0}}], 0x414, 0x0, 0x0)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="050000130000000000000600000008000300", @ANYRES32=r6, @ANYBLOB="0800050009"], 0x24}}, 0x0)

13.921174116s ago: executing program 0 (id=249):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x7, &(0x7f00000002c0)=@framed={{0x18, 0x8}, [@initr0, @exit, @alu={0x6, 0x0, 0xb, 0xa, 0xa}]}, &(0x7f0000000000)='syzkaller\x00'}, 0x90)

13.758618485s ago: executing program 0 (id=250):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x101041)
openat$sequencer(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
write$sndseq(r1, &(0x7f0000000040)=[{0xe, 0x0, 0x0, 0xfd, @tick, {}, {0xe}, @control={0x0, 0xffffffff}}], 0x1c)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='nv\x00', 0x3)
socket$can_j1939(0x1d, 0x2, 0x7)
fsetxattr$trusted_overlay_upper(0xffffffffffffffff, &(0x7f0000000180), 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wlan0\x00'})
sendto$inet(r0, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x20c8, 0x11, 0x0, 0x27)
ioctl$FUSE_DEV_IOC_CLONE(0xffffffffffffffff, 0x8004e500, 0x0)

13.619499971s ago: executing program 1 (id=251):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000014c0), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, 0x0)
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x2c, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x994}], @NL80211_ATTR_CH_SWITCH_COUNT={0x8, 0xb7, 0x78}]}, 0x2c}}, 0x0)
gettid()
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040), 0x119000, 0x0)

13.092528896s ago: executing program 0 (id=253):
syz_open_dev$sndctrl(&(0x7f0000000080), 0x0, 0x0)
gettid()
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCSIFVLAN_SET_VLAN_FLAG_CMD(r0, 0x8921, &(0x7f0000000140)={0x3a})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00'}, 0x10)
memfd_secret(0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
mount$fuse(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='fd=', @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$SO_BINDTODEVICE(r1, 0x88, 0x67, 0x0, 0x20000000)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000400)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_CONTROL_PORT_FRAME(r2, &(0x7f0000003700)={0x0, 0x7000004, &(0x7f0000000080)={&(0x7f0000000440)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000008100000008000300", @ANYRES32=r4, @ANYBLOB="0a000600080211000001000006006600c78800001c0033"], 0x4c}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="440000001000390400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800b00010062726964676500001400028008000200012100000800030000000000"], 0x44}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
epoll_create(0x5)

13.09199741s ago: executing program 1 (id=254):
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0x0, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
socket$pppoe(0x18, 0x1, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_ACCT_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={0x28, 0x0, 0x7, 0x201, 0x0, 0x0, {}, [@NFACCT_NAME={0x9, 0x1, 'syz0\x00'}, @NFACCT_FLAGS={0x8}]}, 0x28}}, 0x0) (fail_nth: 1)

12.759443889s ago: executing program 1 (id=256):
getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0x82, &(0x7f0000000180)={0x2}, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000006c0), 0xffffffffffffffff)
sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(r0, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000940)={&(0x7f0000000140)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000001d0000000c00060001000000010000002c002f8008000100000000000c000200000000000000000014000380080001"], 0x4c}}, 0x0) (fail_nth: 1)

12.746937185s ago: executing program 0 (id=257):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000090a000000000000000000000000000008000a40000000000900020073797a32"], 0x50}}, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000100)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x32, 0x4, 0x0, 0x2, 0xc8, 0x67, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x18, 0x0, 0x0, 0x9, [0x401, 0x5, 0x0, 0x0, 0x0]}, @timestamp_prespec={0x44, 0x44, 0xc0, 0x3, 0xe, [{@private=0xa010102}, {@multicast1}, {@remote, 0x8000}, {@dev={0xac, 0x14, 0x14, 0x32}, 0x65c}, {@broadcast}, {@empty}, {@multicast1, 0xffd200}, {@private=0xa010100, 0x7}]}, @timestamp_prespec={0x44, 0x3c, 0x9c, 0x3, 0x8, [{@dev}, {@remote}, {@multicast2, 0x7}, {@private=0xa010101}, {@rand_addr=0x64010101}, {@broadcast, 0x52b1}, {@multicast2}]}, @noop, @noop, @noop, @end, @rr={0x7, 0x17, 0x0, [@dev, @loopback, @multicast1, @private=0xa010102, @loopback]}]}}}}})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0)
r3 = dup(r1)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0))
ioctl$KVM_NMI(r4, 0xae9a)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

12.371108455s ago: executing program 1 (id=258):
r0 = fsopen(&(0x7f00000000c0)='gfs2meta\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r1)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r2 = inotify_init1(0x0)
fcntl$setown(r2, 0x8, 0xffffffffffffffff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fcntl$notify(r5, 0x402, 0x1c)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r6 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r6, 0xc058534f, &(0x7f0000000380)={{0x0, 0x1}})
newfstatat(0xffffffffffffff9c, &(0x7f00000004c0)='.\x00', &(0x7f0000000500), 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @remote}, 0x10)
fcntl$getownex(r2, 0x10, &(0x7f0000000140)={0x0, <r7=>0x0})
r8 = syz_open_procfs(r7, &(0x7f0000000600)='fd/4\x00')
ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(r8, 0xc020660b, &(0x7f0000000180)={@id={0x2, 0x0, @auto="ffee8e7268b4fecd2fce2d54fbd909e4"}})

12.370735058s ago: executing program 3 (id=259):
socket$inet6(0xa, 0x0, 0x0)
syz_open_dev$vivid(0x0, 0x3, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x40000000000ead}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setscheduler(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x10, 0xffffffffffffffff, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='net/fib_trie\x00')
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
preadv(r1, &(0x7f0000000b00)=[{&(0x7f0000000300)=""/30, 0x1e}], 0x1, 0x80000001, 0x0)

12.325915164s ago: executing program 4 (id=260):
userfaultfd(0x801)
unshare(0x0)
syz_emit_vhci(&(0x7f00000028c0)=ANY=[@ANYBLOB="03c8000045c50e229c92f2d8eb9252ea4a6e3f4fe1cfa77ecd07fe4780c830cf004cda5e9e04b0c5bf6b18f65a8c0bcf844b3853724e3d719eb9ada1140c949044c179543948fac447165721a08e80fd41a981d4c45e726e67c37cea4cc9bfb9d1c08f1c55eb64c6c7aa1d5311df8b690b25f50ebb7899e93b34e4f27147152e1167b97d6013d27f4f084bfee157b3f7a906a0e4b521ad40e446ffa4beaeb93435b61f2f2fe45bc9a240428517874082fc7b4d4fb0a3d541a0521602fb7245ac546e5fe1e1e4d661b10c1730395b3a82cc50d1af0c68ba450b31b4356a1e7ea2a12ad1df8661a5ea48b775a554095f5d8df212349a355a1db770a00ac65bab197eadea6c3c20df6495f56aba78d17d98bc90b983117d7dc817b9a514d69f46c58c9bdf06c62e5b25c0318804dcff19fe1070e0d78e18c2806ef97f0fbf3af39be5b415eedc52c1818f7da57bf831f282758bfea66043cfc78a09dfbc267e8738afe68e7b1f572aab6048ba68bb85733768a6b2c893400aeb2ad00d32a11ca9c22480f0fec837355cb495827ca9cbaa452b2eaadc05eb75ac6905012892d9438fc313ef72d5982652a49275264e3b8526812e3375e0ad9108b7fc03de82695df4b7105263cb245728e9444951c3c417f8a848ba49d846c2c0dac37da4fd80e67251c0af0b95f7454d15ead9d9478b48eff0f4a959e16ab332539f172b74a9368a28ab58f1d84372249ea191759373ee3d3a0b46f66e59c6d5e563eb622cb462c619c919ef414e370caa11952a5954ea6e7da4f0dc20a65d4903af019c974692051a4f327999a9c5f0ae16666624cdd70b51a0fe6e4fb2176ecbe63e2fc79c6d3776c44c446b6f656b5a7ce2ca4e7968d1a6ef35704ac6d6f8b35f8f3b30ec547384430450cc4405ca5743c767beaceb2d0e5cd3624d06a8d316623696883d5cee06a583e325ffafbcc3c026a1b712d7853844e8b4d148078e15217dc1f00ef457e6114b8860447358b3d55015be0ed3691aad1f0ddb640d935dcd37bb99d9f3295f62c61b5caac611c926c15efbb0779079f1a5652c43372a94148e978800c07ea61023d83d3d33557395252fb2b52b330675fb0894ad851276b4a48de7d92042ac9aed27da44ba77e2fd9425bd66372f16ea782557fb94423e5f470048d7f68b994f84763ec691a501795456a6f7a320f72d83ccaef3c77c604f202dc1cfe756b83b0c3a8e2e16ad6436a0b60144352ac730485dc1e9377d25ff91b86a953ff46c86f5fb9fa6eb96293c636c3a4aea64e4641a93698fc573c3d75386a1b247d0e2234bafb50f883751bbde2fc87bc0d17a044be427f4c63ac6a27c4d203e4b876bc7c0080bfbf367d6cf89384763455cfd99d9dfc96b309e29c007f13168d1f7e90babe74410c1c229e04ae087431e1e580a3ecb06d1572f16ca4f53383f3f3ba468647afe5295dbbd093bdcd20e2741adda860385ce45eb527674a79910a9e24358d8c62cecd66e57bf066852ffd1c98b67e3c56e9c05953a60a191a5a4d989f0c6f50e1c9d49a92c17388e8c91c7e77f42a865e1f2f8e44519a4c9ffdc81cccc501e5b102117651ef1c4b4a1af0d2261ff327b945404fb104f98cc6b630b4ef3e12089acf8f5e18ebb2aea0d5404bc985d6216a2fcf0ef462bd8fbb2cd4f05b316deb33c2f80738a2a3d775479bd9971e0919a62cd7d531d8feaa5cb35b23796c648b7538d6020b7a96dcbc78810f276a1380acee1f3a7c7650aba249cd6c9a002e9a623ce3588e1f027c69d1d96df54bd6ef9eeede4d7246076d31de33224c4dbee64cab68e1af03d6c06650fc478808c1c35c205e1aafd3acb2bebc6650e53f963e648f927f8c0a28b33b66c7ac48f6266b42b3a7f333c8e7a9f414528312c5182407034aecebbfcbe9c411d35527a952b225154c8ddbebaafc08f4d0f6ef8a31be6a214476b7a6b49577e2a108741c758b30895348e19c37fab8dc2f2b9bd4e260cbf4fcce6f8a5745633a39322396c067885403b3441d6bb72c204e09d0c1dd4a1dc34a2f1699a817ff356ed473237e38da703abe0c2aa57fe473ccf76d57e1b1fc9787ae189be46ebea00607a68de2409a08a0a85204862d761067d7d786c9dd7b1ba781de32bd245050f01ba2eba955336e842f95f3477c978e5ed78029f6d230876243593028f3f4fdeb4ac290fbf155890f054bd6d8a8d45b096303f40952830b66db87a8673138f302363a72cd82c51799751b8c794bd9b876464cf3b4aaac4edfca813876e02e26064803b6a1c8911c764c4990a4ff7db8058d9bbde0f2975e62f85e7f99781cfb68fbc487ea7a1b4e8ff9ae2ef13e368280d54e01a8e849fde048b4d1f2bd1aa5e8c7e21a11394a9c4e4064699361afa0c2c83e82f7a2316cfe9674b7965480389ec5fe0b482b593d519e70b0e64815c7522b9975192f3aebf68cad2865ef9ae545f317507f9af74cd738b31228bb14ff64f545b8868d002956c99404a336f2c66c316dadb8240d4a1aabe48bc2684125514b5d10c6ed283b65ccc249caccc42367f5f58943acff086c942c57da85a7401154a7371c613a2b9b1a7fe2b39521656a30cd2774b640a245e341d854098b066fac36591d2fcfa87017941e08e31da3166b9223d343898a9c421088a5a8ce51485295c29cfe73f9fe255020611b506a0f8d866d813d22f56912cbfb325824834c4e2b5ab64f09bdce0bf3c6e23c950e2ed9cb746ceb9be1f12401ac8be6d17d38fb8d0a3e183c958939f02053677372f5fa6181451cb77deada722fa3af49513f8e403fc9a24cadb4193535465e3ac6cfc6380f0049b89e24d828d5232ecbba10e1c7f9b14b8ff40b46b30a578be54e21889c06201ed113ec9ad6ffcbdf5740c04cf33af7c5e7476921359ca3c1adaff9c47ecb49915d52e971e777b9bf40812ac54dd73b403486a6753000b69935bd57b7d29977b679dac3ed2f060039b5993d31b796f4ffc1e8341425fefcb45a7b121287efbe508e53c8060aeb9a90717c1a968598f603dafbcde572497c9a96a99c1ae381c3e287830f49fc28d9356669dd03818fb0144899c0e0cb333c7b4b36c976c0e8ed8b669332d9987d02bbe50b447bcd802f093a6bbc826c789caa1cd7b54ca23ed2df24b2e1c2caa52fd11f890091b85283dc6b2a76394a1b97c09ab24d04062ab9e4f0cc97523836638ce0bb9c1dc7e0e74a47a8d6e9ba2b923dd4a471f30bd9330bd7de347fb0566bf73cb816500b83b8517bdfaa51527d445c07f606ce584b66410338e5e9e21bd4c988ffcb934997fa848d43ef96aa5d57549496743225cd62328d1bbf598758cbcb989ab29d70691687efc0a467e1d23cf2f011caaaef6fbb0239dc9428aff8674dd9abc67f235eccd68bf4109a4fc5a85ec3d962702fd945f51c379fea3d5cdf23eab80e4341fff2fe1e12ad8f2cafcdfa9ac09a9a2b0635f0c68e7d12c91f4cb771aad30fdfde08bd33e6aac6f79160206f0b66e69fa0c3a893c6bddd1b02216b0b652a5b0f4f2d46d922d831f32bb0803b2f1696ff498fa6d1d44d42348c73cc43e700785ecc79b3a2ced89b292a62f88b1f95678234dc833c38cce886461263bb0dafff0d39e17f915108349013bdef7a22b277e140a07fdf56aa2c81062c9dad4774470e11fdb2eeb7522b1f387a0f8058c6039249e1a312b21c186bcd7c130ea5784c3be708f22688527263eed4a119ba134ea39077f79bcc6b8b57bda18443c05ecde5d735a259a30dd9b553ba04fdd370453a6cf01a39756608020974e8effeaeb0476b197a7bb2accffae3f604e1327fd0dcc9a66cd8d1ffcc952ce97383d80252212ff607e8faa2a311c5d3a73293bd5aef8e2e97010bfca5a28231d1ace9a1fc8f95b49ea451bc302697acc804a7700ddcd331a4c9d86cd45acc6126ea0822a826af5dd840a2c5088560f7bef31d6dc1514c47d046d59871083be657f3df8b52e7a14e06fef8bb295122f02f4b704a522dd01916227323d2d9cfe4dd787ab47ada652d1b9a558ff44828c6c75ffa4b7a61b806fe8f86198a5172b55acb1c669de48994294be99bd633fe0b50c780a884156ee2e0d06af812c8dfd61169201a2ed25bf1e3c7462dcdf8ac09b98b4a8ea7194c2838eb3f9ceff58a1d4304b966c9ed24e17d6e290c1055696e197f6420d47db9ad96963b1c3428b6bf8eafa3dfe039f351863d8d39e19ec22fd9855e82e1b1ec323fd47d23529b7903ad530902d0b9ac64aa8b21964c7b5ad105bb1f59c1c5c59ac0c6344be99cf5bb877012eac20ddfd14fc76767997418b70bf784a25dae6c902466cdc58e27c2187969c61d3daf69f98bc6f1ac8002786c45535ab62b03bb59d1ddbcc5c63b828dfb9465cb59915b16e2390aa5270e9a402ffc8f01b3b45a1c0eefe7a7c470bbe51aae5062aa46eb6ba9bd581132a4c47b306a5083f8c2b11cd06218c2221c4661c65e678fa5ce06ee7441e89f982676bf50342ba7fb7f72cbd14a7172aec41539b6f0fe918cc916ff16f03d5abc186f999d9bcacd0913ced8042f8a4177edd18c6ccef7a05cbb86bbc42ef8ad70130d67d948b2e27370b1eaed52a908919f40567399e42c68b8f78e8be2d246d8a6458df180c35e4d4da9c69e1ff1299855f033b0f469cfa12cdf401673730446dd830aacc9efe3c78bb44cba21b733fcc65d9c4ad3f9d6d38da464792f1960d743fb695b0d1720fccbcdf10a87b3974f12444a092f055735b0b859fe3389ecec5dd84a92930473a83cc30fe0caa5df0fe36fb13a382f27285312325ca1b4f02d25787ad8281c21c3e69ebbb28f55c9297e9b1c6f0ff5b36b9a00c81bc91d3223450c75ad36a8c9ad75d71d00f775bb79680b4427caf8967260ac8e6626da65bac79aec99b13c790344d0058e9d09b7bc3ecdca54b9f258b192b7f813edcb507575f92243fd677bc5cb9e678c3f170b664ff91ed10952e1b4df7295b2337066f13da8f9d0ce289b35b4d12069bb7fc23c62b38892baf79d3b623f2724c72c118f01b419b315253e4d5aca75d6419fa72cfd9d11aa40a9c02dcadd3a7a376ba8d2cef63721a966db98cfbfe438f6426bfc5057a8bc540ff7da9920788c2c1df01299e34a051888c71cfb4b7920327f7389e2196fbaa58dc681780e12c758223f5328aa7bb8ceda7cd584f336a92a673317ff4de1d4ae4549c12de01a82a42bd5db91dad07fc9b610b726f3d295c88ee37da5d2f80a12f2026b089cb9561b9c9cca03a82b40b6ccac4adc7cab7e5dde9ee676bcb58afa13d6cfeea089c2e6be4c6c70aa0e24b53dfb2b72bf885a2cbffd6ccbd7bf80bb7d1d39ccaa12a974debf21ed0f4952fca15e5137ab43e023a62f3b16775feadf5fa5644cb3f82097162beaabfc51245d7800b10a3a3356af0893ff608e10d8bac581e9c4169e94ceef1fca3a65665a5d232d40dfa5ca9d233ffd38131569d105c5cf94804e3bc71b3d2b0241ee59398fb24d45845fce888d55b64612dda43e6ee829f3fc4b61fc9336c6410cecb639aa89555235c4c8347e9c2f05b0b4e55fa295bdfa89e97c65b28b4e87135898eefbcf32059f2eea92364b6ae82febd40f7510fbc17f70f2061fb57b4155e0659b1e969a4f3e088d73fbeaac7039c4e2636fedf50f5d1ed95d234e0bb45ee184eda71be7cd5eaa530918bfe7baf78d090e1a68a9852c3acb41776ee342694184e639852a9310e9bb0a2f3048173d3137045b8323cefdc6117aba8960f6d5f30101274862ea345232852a5ec25aa866510b16b629a368f25e21166fbd3ee7fcb37567f13ad11cf627f9a10b7475b0b7f736ed798dc5ca7104212cedbf74bb8485b49ed4b7fa3c90c9639d3584c"], 0xd)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000940)={0x0, 0xe, &(0x7f0000000000)=[{&(0x7f00000001c0)="d8000000190081054e81f782db44b904021d005c06007c09e8fe55a10a0005400100142603600e1208001e0000000401a80016000800014009001100036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360d070100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x0)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_GET_EVENT(0xffffffffffffffff, &(0x7f00000004c0)={0xc, 0x8, 0xfa00, {&(0x7f0000000340)}}, 0x10)
r2 = socket$inet6(0xa, 0x0, 0x4000006)
setsockopt$inet6_int(r2, 0x29, 0x4e, &(0x7f0000000040)=0x9, 0x4)
bind$inet6(r2, 0x0, 0x0)
socket(0x2, 0x2, 0x0)
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000740)="10f1e2a2")
socket$inet6(0xa, 0x0, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@empty, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0xa}}, {{@in, 0x0, 0x32}, 0x0, @in=@empty}}, 0xe8)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="020b000102"], 0x10}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x0)
r3 = socket$key(0xf, 0x3, 0x2)
setsockopt$sock_int(r3, 0x1, 0x8, &(0x7f00000001c0), 0x4)
sendmsg$key(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[], 0x10}}, 0x0)
sendmsg$key(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[], 0x10}}, 0x0)
recvmmsg(r3, &(0x7f0000006dc0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x10020, 0x0)
r4 = syz_usbip_server_init(0x4)
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)={0x1c, 0x2, 0x3, 0x401, 0x0, 0x0, {0x0, 0x0, 0x2}, [@NFQA_CFG_CMD={0x8, 0x1, {0x4, 0x0, 0x1a}}]}, 0x1c}}, 0x0)
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="20000200000000000000"], 0x20}}, 0x0)
write(r4, &(0x7f0000000080)="0f", 0x1)

10.907669344s ago: executing program 1 (id=261):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='smaps\x00')
readv(r1, &(0x7f00000022c0), 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x0, &(0x7f0000000080))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NL802154_CMD_DEL_SEC_LEVEL(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000480)=ANY=[@ANYBLOB='t\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010024bd7000fbdbdf2520ffff", @ANYRES32], 0x74}}, 0x0)
open(&(0x7f0000000400)='./file2\x00', 0x0, 0x0)
r5 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r5, 0x3b81, &(0x7f0000000380)={0xc, 0x0, <r6=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r5, 0x3ba0, &(0x7f0000000180)={0x48, 0x2, r6})
ioctl$IOMMU_VFIO_IOAS$SET(r5, 0x3b88, &(0x7f00000000c0)={0xc, r6})
ioctl$IOMMU_VFIO_CHECK_EXTENSION(r5, 0x3b65, 0x4)
read$FUSE(r1, &(0x7f0000000180)={0x2020}, 0x2020)
r7 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r8 = syz_usb_connect$hid(0x2, 0x3f, &(0x7f0000000040)={{0x12, 0x1, 0x201, 0x0, 0x0, 0x0, 0x8, 0x4e7, 0x50, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x1, 0xff, 0x60, 0x4, [{{0x9, 0x4, 0x0, 0xc2, 0x1, 0x3, 0x1, 0x0, 0x3f, {0x9, 0x21, 0x4, 0x3f, 0x1, {0x22, 0xaaf}}, {{{0x9, 0x5, 0x81, 0x3, 0x40, 0x7, 0x1, 0x9}}, [{{0x9, 0x5, 0x2, 0x3, 0x3ff, 0x4, 0x7f, 0x58}}]}}}]}}]}}, &(0x7f0000000100)={0xa, &(0x7f0000000080)={0xa, 0x6, 0x201, 0x78, 0x81, 0x40, 0x10, 0x8}, 0x8b, &(0x7f0000002300)=ANY=[@ANYBLOB="050f8b00030101000000000000ff030767100af14a41aaca487b3a024b32aea75d8446fc130ad29aab4e502e74acb4b28d7fc883e1d1872080a1d32bf6a6b20230cc5a674738133c661d71971875f034d9d6bbb268470185f34fcd3a71a860f18e1d538f13b2baa833852ea5a8214318a5a12824d68c071410040228c7721fb733078066572b4b112f4b3c"], 0x1, [{0x87, &(0x7f00000023c0)=@string={0x87, 0x3, "969a22bd6657f640b93170d2ee793888a400e395c56e2b408200c0a17519c40a6ca5982fc6c66478ddc23834469d6e3f0d7eb42b64351d9afcde3d74310d221253bc6e3839265f470f41b11e4247d925cf4dddc83c67bdfba8d21e211bd7efade7168d7fd8b0135fdeef94fd25f71a64fe2f4cc72b8c28fb1c075fe538f0e41ad6b43256f5"}}]})
syz_usb_control_io$hid(r8, &(0x7f0000002640)={0x24, &(0x7f0000002480)={0x40, 0x21, 0xdf, {0xdf, 0x23, "d1c71587e4ebb060ed100866591b839c20557ab2ad070d1e7ab8407910140902433002cdb996b8673f5303fc0e0cddb03c0e3c4ae33f772506b84a363023d484f206391404b7a6c4884de10725bf3a37775cacc979b22bd20243b1e1112eaee28ae4774358e948a6335690eaf885f3bbf718b5ce6c2f32f68e3377b1af98b9e965cc969ac4cc0011d4c70ee4824f3468a5c58a83aac1f8be816ddb141336eda6aa149fbe442c5ee196d18a99937da853ad0418d62725ff3547f821ab6f852c575e7195b254df0afb2f9a934034bc86b24ea065fd85b31702c6e14ab745"}}, &(0x7f0000002580)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x44d}}, &(0x7f00000025c0)=ANY=[@ANYBLOB="00221600000091ee5797c4e011a7ed795741abed0bea115b3e1a5325"], &(0x7f0000002600)={0x0, 0x21, 0x3e, {0x9, 0x21, 0x6, 0x3f, 0x1, {0x22, 0x2fd}}}}, &(0x7f0000002900)={0x2c, &(0x7f0000002680)={0x0, 0x31, 0xcf, "a2c52a68704762157eac5dd6d024b5e07288fda2d892207bb3731069ac23115e57f87baeb4d4cad162b302dad9319679732443b0ee6c69cd5115f78ad46d09eaa742eae45ed634fda5fe65f45b0e2c8829e2208f248781b618087dd910c609a3294ce91d950e758ea4c5fb3d409f52c886b74b16159d52f0f0bec8ba83f9419a11353517cbe21bde11c77b6d118fe168a1ce18939f307d2906a3e7c7354e6106739f77216e6b7a7a7e0c96e9c96c335094abab155b6385decbb6e18856c521dec73d6c11aeafae8dd0ea405837008f"}, &(0x7f0000002780)={0x0, 0xa, 0x1, 0x6}, &(0x7f00000027c0)={0x0, 0x8, 0x1, 0x4}, &(0x7f0000002800)={0x20, 0x1, 0x50, "cc2499de5ac9b9d128f5ae8d95f1eb8440903c404a3f1b5ea8b0f7629bebe32db81fb8cd77d8cea76bc8734a64b6571ccf12af0f90c34648f6780359b55d2f9de6ac9acc23e9ebb2e1f97996371030be"}, &(0x7f0000002880)={0x20, 0x3, 0x1, 0xff}})
ioctl$KVM_CREATE_IRQCHIP(r7, 0xae60)
sendmsg$NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x40, 0x0, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_IE={0x11, 0x2a, [@random={0xdd, 0xb, 'abcdefghijk'}]}, @NL80211_ATTR_SCAN_SSIDS={0x10, 0x2d, 0x0, 0x1, [{0xa, 0x0, @default_ap_ssid}]}]}, 0x40}}, 0x0)
sendmsg$NL80211_CMD_DEL_KEY(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0x0, 0x20, 0x70bd29, 0x25dfdbfb, {{}, {@val={0x8}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x40084}, 0xc0)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r1, &(0x7f0000002940)={&(0x7f00000021c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000028c0)={&(0x7f0000002200)={0x70, 0x0, 0x2, 0x70bd2a, 0x25dfdbfb, {{}, {@val={0x8}, @val={0xc, 0x99, {0x8, 0x5b}}}}, [@NL80211_ATTR_SCAN_FLAGS={0x8, 0x9e, 0x810}, @NL80211_ATTR_SCHED_SCAN_RSSI_ADJUST={0x6, 0xf7, {0x6, 0xf7}}, @NL80211_ATTR_MEASUREMENT_DURATION_MANDATORY={0x4}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MEASUREMENT_DURATION={0x6, 0xeb, 0x8001}, @NL80211_ATTR_MEASUREMENT_DURATION_MANDATORY={0x4}, @NL80211_ATTR_SCAN_FREQUENCIES={0xc, 0x2c, 0x0, 0x1, [{0x8, 0x0, 0x1e7d}]}, @NL80211_ATTR_SCHED_SCAN_DELAY={0x8, 0xdc, 0x101}, @NL80211_ATTR_MEASUREMENT_DURATION={0x6, 0xeb, 0x4}]}, 0x70}, 0x1, 0x0, 0x0, 0x8800}, 0x8804)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000140))
ioctl$KVM_SET_IRQCHIP(r7, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x10020f58, 0x0, [{}, {0x7}, {}, {0x0, 0x35}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, '\x00', 0x40}, {0x0, 0x1}]}})
getpid()

10.737864683s ago: executing program 3 (id=262):
readlink(0x0, 0x0, 0x0)
socket$inet_sctp(0x2, 0x5, 0x84)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
syz_open_dev$video(0x0, 0x0, 0x0)
timer_create(0x0, 0x0, 0x0)
bind$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)
connect$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$inet_opts(r3, 0x0, 0x0, &(0x7f00000008c0)=';', 0x1)
setsockopt$SO_TIMESTAMPING(r3, 0x1, 0x41, &(0x7f0000000200)=0x632a, 0x4)
sendmmsg$inet6(r3, &(0x7f0000000e00)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c, 0x0}}], 0x1, 0x0)
recvmmsg(r3, &(0x7f0000000800), 0x62, 0x12141, 0x0)

10.544068616s ago: executing program 0 (id=263):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000cc0)=ANY=[@ANYBLOB="120100004f92b90857152077ebb7000000010902120001000000000904"], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000f80)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e00)={0x40, 0x13, 0x6, @local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000040)={'vcan0\x00'})
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x24, &(0x7f0000000100)={@initdev, @empty, <r2=>0x0}, &(0x7f0000000200)=0xc)
sendmsg$nl_route_sched(r1, &(0x7f0000005c40)={0x0, 0x0, &(0x7f0000005c00)={&(0x7f0000000540)=@getchain={0x74, 0x66, 0x0, 0x70bd2d, 0x25dfdbff, {0x0, 0x0, 0x0, r2, {0xc, 0x10}, {0xffff, 0x5}, {0xffff, 0xc}}, [{0x8, 0xb, 0x6}, {0x8, 0xb, 0xfff}, {0x8, 0xb, 0x7fff}, {0x8, 0xb, 0x853}, {0x8, 0xb, 0x8}, {0x8, 0xb, 0x5e17}, {0x8, 0xb, 0x4}, {0x8, 0xb, 0x7f}, {0x8}, {0x8, 0xb, 0x1}]}, 0x74}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000003c0)=ANY=[@ANYBLOB="48010000100013070000040000000000ac1414bb000000000000000000000000e000000200"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ff0200000000000000000000000000010000000032000000ac1e000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000048000200656362286369706865725f6e756c6c290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000c000000000008000b0000000000"], 0x148}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000000140), 0x84}}, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000001740)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001600)={0x40, 0x19, 0x2, "b3f0"}, 0x0, 0x0, 0x0, 0x0})
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r6, 0x8933, &(0x7f0000000300)={'batadv_slave_0\x00', <r7=>0x0})
sendmsg$nl_route(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="2c0000001a000100000000000000000002000000000000000000000008000300", @ANYRES32=r7, @ANYBLOB="08000100e088"], 0x2c}}, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000d00)={0x44, &(0x7f0000000300)=ANY=[@ANYBLOB="000001000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r9}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x12, 0x2, 0x8, 0xd0eb, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4}, 0x48)
r10 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r10, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000000)=""/59, 0x0, 0x800}, 0x20)
setsockopt$XDP_UMEM_COMPLETION_RING(r10, 0x11b, 0x3, &(0x7f0000000300)=0x8000, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)

10.431849525s ago: executing program 2 (id=264):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000180)={'wlan0\x00'})
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
r2 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e20}, 0x1c) (async)
listen(r2, 0x80080400)
r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000005c0), 0x0)
ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r3, 0xc0505405, &(0x7f0000000600)={0x1, 0x0, 0x0, 0x3}) (async)
r4 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r4, &(0x7f0000e5c000)={0x2, 0x4e1f, @loopback=0x7f000002}, 0x10) (async)
r5 = openat$cgroup_ro(r1, &(0x7f0000000240)='hugetlb.1GB.usage_in_bytes\x00', 0x7a05, 0x1700)
write$cgroup_int(r5, &(0x7f0000000200), 0xf000) (async, rerun: 32)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000cc5000/0x2000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000760000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000400000/0xc00000)=nil, &(0x7f0000a2e000/0x4000)=nil, &(0x7f0000905000/0x2000)=nil, &(0x7f0000000000)="66478143a496e385866f054e0cfb5bd8beb9d7a0a038d6f28024d80abdfb1b14fcc295cd892b9271491aa5474cf03f", 0x2f, r3}, 0x68) (async, rerun: 32)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="04080400000001f099cbf88a931bbf1f9fec5c4a72079911da17d4678ee92da6c764eed8bde592f95a50154495858152786487eafea4e1cafd69ee6f68f64ffd733fd1e7b7f9b085d9ff30eb006b4c5f2412b8e332fe88f22ea739cfe138375302837465dde07007fa916c53eac917c19bad6bcb6f5e96aedb262e2086868b484dfc5ea1a5b85024f86c78b4f56e2940091c80bbfb3fbd78b5ec73d05ec2ca58b8aafb2119001ba3976804402cd7446dfa736e2ab07909f61818560d362ab3e22dceb59c37b5574e60aba02179b0ab0ef4ceefdf16f9f7ff6afb99290a9ce6a3137c08a470b0e2287208dff844363c6fc8a4176b2c01267caaa9940f8bfb9a754e63b4a00bff0a40d3a940794f3c13e21851feddafda205e5bd86318851bd45607a3f0d25f27bde409afca117ebdcd9604ac5ba1399f4c4cc15b4e7be9f840014160e940da1512d33a1ace385055799150589934f7db0676f493ccb271808b04f3fdb2f57a454ecf18978d29fdfa70c5c42ca0c24e5067c35a9d1a3a1825e120c04af60b15667009e6c99f6b5ccfd6f365a8e0"], 0x7) (async)
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="04000703b16509061f3600ff000005e77791ff0700fea31118b3c3fb69cfd6000800"/43], 0x3c)
syz_emit_vhci(&(0x7f0000000800)=ANY=[@ANYBLOB="03c900e910972fc8287f60d70346d4dc8efb48f7effb688902413368de9c7c5c667b2ac930b904a25cc0c4351a86e1ddd6f0d6a6d21d67a87e7c2e65be16ccd7366e8d2d23ec43488facf0f3d69fd06db2b853f7c91cafbeb24a517aca67c272c1eb4e8fe9957c48dabf2f8e5b01371e93cdad876830bb6f28443370aae0645f886eb867ed23e3bd7d0fe1c90da4f5d51078ee4272c06352a518019ba5ca647b4845d1ff591257b6134c7f2d04a3300edc6f0adfbf0d8cbcf6ff391053a5dc98f1ba2abe221fb07e95e87bf88dc55c76fe72ca3b52327465d8744314cb71e1442ba390915ee8e34402b561000000"], 0xed) (async)
syz_open_dev$usbmon(&(0x7f0000000280), 0x0, 0x513800) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0) (async)
openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async)
pidfd_send_signal(0xffffffffffffffff, 0x0, 0x0, 0x0) (async, rerun: 32)
r6 = getpid() (rerun: 32)
sched_setscheduler(r6, 0x2, 0x0) (async)
mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xb635773f06ebbeee, 0x10, 0xffffffffffffffff, 0x0) (async, rerun: 32)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) (async, rerun: 32)
socket$inet_sctp(0x2, 0x0, 0x84) (async)
syz_emit_vhci(&(0x7f0000000300)=ANY=[@ANYBLOB="040544cc85665a"], 0x7) (async)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) (async)
mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) (async, rerun: 32)
mknodat(0xffffffffffffff9c, &(0x7f0000000100)='./file3\x00', 0xc1c0, 0x0) (rerun: 32)

10.167700683s ago: executing program 2 (id=265):
r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f00000000c0), 0x281, 0x0)
write$hidraw(r0, &(0x7f0000000380)="e8", 0x1)

9.992119178s ago: executing program 2 (id=266):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)={{0x14, 0x10, 0x4}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}]}, @NFT_MSG_NEWSETELEM={0x6c, 0xc, 0xa, 0x301, 0x0, 0x0, {0x7}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x40, 0x3, 0x0, 0x1, [{0x3c, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_EXPRESSIONS={0x30, 0xb, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @quota={{0xa}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_QUOTA_CONSUMED={0xc}, @NFTA_QUOTA_BYTES={0xc}]}}}]}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xf0}}, 0x0) (fail_nth: 1)

9.930309545s ago: executing program 4 (id=267):
syz_open_dev$sndctrl(&(0x7f0000000080), 0x0, 0x0)
gettid()
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCSIFVLAN_SET_VLAN_FLAG_CMD(r0, 0x8921, &(0x7f0000000140)={0x3a})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00'}, 0x10)
memfd_secret(0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
mount$fuse(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='fd=', @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$SO_BINDTODEVICE(r1, 0x88, 0x67, 0x0, 0x20000000)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000400)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_CONTROL_PORT_FRAME(r2, &(0x7f0000003700)={0x0, 0x7000004, &(0x7f0000000080)={&(0x7f0000000440)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000008100000008000300", @ANYRES32=r4, @ANYBLOB="0a000600080211000001000006006600c78800001c0033"], 0x4c}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="440000001000390400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800b00010062726964676500001400028008000200012100000800030000000000"], 0x44}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
epoll_create(0x5)

9.515183726s ago: executing program 2 (id=268):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000090a000000000000000000000000000008000a40000000000900020073797a32"], 0x50}}, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000100)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x32, 0x4, 0x0, 0x2, 0xc8, 0x67, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x18, 0x0, 0x0, 0x9, [0x401, 0x0, 0x0, 0x0, 0x4]}, @timestamp_prespec={0x44, 0x44, 0xc0, 0x3, 0xe, [{@private=0xa010102}, {@multicast1}, {@remote, 0x8000}, {@dev={0xac, 0x14, 0x14, 0x32}, 0x65c}, {@broadcast}, {@empty}, {@multicast1, 0xffd200}, {@private=0xa010100, 0x7}]}, @timestamp_prespec={0x44, 0x3c, 0x9c, 0x3, 0x8, [{@dev}, {@remote}, {@multicast2, 0x7}, {@private=0xa010101}, {@rand_addr=0x64010101}, {@broadcast, 0x52b1}, {@multicast2}]}, @noop, @noop, @noop, @end, @rr={0x7, 0x17, 0x0, [@dev, @loopback, @multicast1, @private=0xa010102, @loopback]}]}}}}})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0)
r3 = dup(r1)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_NMI(r4, 0xae9a)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

9.203459829s ago: executing program 4 (id=269):
r0 = socket(0x11, 0x800000003, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000600)={'team0\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000400)=@newqdisc={0xac, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x7c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [], 0x0, [0x8, 0x4], [0x0, 0x8]}}, @TCA_TAPRIO_ATTR_SCHED_CLOCKID={0x8}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x18, 0x2, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_GATE_MASK={0x8, 0x3, 0xa}, @TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0xcb2}]}]}]}}]}, 0xac}}, 0x0)

9.192500324s ago: executing program 3 (id=270):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0)
sendmsg$ETHTOOL_MSG_STRSET_GET(0xffffffffffffffff, 0x0, 0x0)
accept(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000440)=ANY=[@ANYBLOB='p\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r3, @ANYBLOB="5100330080040000080211000000080211"], 0x70}}, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
syz_open_dev$usbfs(&(0x7f0000002000), 0x0, 0x20041)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
recvmmsg$unix(0xffffffffffffffff, &(0x7f0000001dc0)=[{{0x0, 0x0, &(0x7f0000001d40)=[{0x0}, {&(0x7f0000001980)=""/172, 0xac}, {0x0}, {0x0}], 0x4}}], 0x1, 0x0, 0x0)
sendto$inet6(r4, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1c9ae7fffe9a6f34}}, 0x1c)
setsockopt$inet_sctp6_SCTP_EVENTS(r4, 0x84, 0xb, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0xe)
shutdown(r4, 0x1)
recvmmsg(r4, &(0x7f0000000840)=[{{0x0, 0x0, 0x0}}], 0x414, 0x0, 0x0)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="050000130000000000000600000008000300", @ANYRES32=r6, @ANYBLOB="0800050009"], 0x24}}, 0x0)

7.125887507s ago: executing program 4 (id=271):
socket(0xa, 0x3, 0x3a)
r0 = syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0)
r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000000)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01ee00000000000000003b00000008000300", @ANYRES32=r4, @ANYBLOB="2e003300d00000000802110000010802110000005050505050500000000425030000003e"], 0x4c}}, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb), 0x0)
r5 = syz_open_dev$sndctrl(&(0x7f0000000180), 0x9, 0x44401)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r5, 0xc1105517, &(0x7f0000000680)={{0xa, 0x0, 0x0, 0xfffffffd, 'syz1\x00'}, 0x6, 0x2, 0xffffffff, 0x0, 0x0, 0x0, 'syz0\x00', 0x0})
ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f00000000c0)=<r6=>0x0)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r7)
syz_usb_connect$cdc_ecm(0x0, 0x5a, &(0x7f00000001c0)=ANY=[@ANYBLOB="12010000020000102505a1a4400000000101090248000101000000090400000202020000052406000005240000000d240f0100000000feffffffff042401"], 0x0)
r8 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
r9 = add_key(&(0x7f00000011c0)='big_key\x00', &(0x7f0000000140)={'syz', 0x3}, &(0x7f0000002b40)='n', 0x1, 0xffffffffffffffff)
keyctl$read(0x2, r9, &(0x7f0000001b40)=""/4096, 0x1000)
keyctl$update(0x2, r9, &(0x7f0000000000)='p', 0x1)
r10 = io_uring_setup(0x7e7, &(0x7f0000000500)={0x0, 0x5bd3, 0x0, 0x2, 0x4, 0x0, r8})
close(r10)
clock_nanosleep(0xb, 0x0, &(0x7f0000000000)={0x77359400}, 0xfffffffffffffffe)
sendmsg$NFC_CMD_DEV_UP(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000480)=ANY=[@ANYBLOB="1c000000", @ANYRES8=r7, @ANYBLOB="010003000000000000000200000008000100", @ANYRES32=r6, @ANYBLOB="9c76ce82e3568d77a49734ec6f82c027a8c8f74b2bdb10b757f248cb3515a87f11f5763fb3d12af14b84fc305caa72bb812dcaee37f4c5e87ecff9c63957d9aa34790e"], 0x1c}}, 0x0)
connect$nfc_raw(r0, &(0x7f0000000080)={0x27, r6}, 0x10)
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x0, 0x0, &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$KVM_SET_CLOCK(r12, 0x4188aec6, &(0x7f0000000040))
ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x0)

7.091964079s ago: executing program 2 (id=272):
socket$inet6(0xa, 0x0, 0x0)
syz_open_dev$vivid(0x0, 0x3, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x40000000000ead}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setscheduler(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x10, 0xffffffffffffffff, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='net/fib_trie\x00')
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
preadv(r1, &(0x7f0000000b00)=[{&(0x7f0000000300)=""/30, 0x1e}], 0x1, 0x80000001, 0x0)

4.862075803s ago: executing program 3 (id=273):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000090a000000000000000000000000000008000a40000000000900020073797a32"], 0x50}}, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000100)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x32, 0x4, 0x0, 0x2, 0xc8, 0x67, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x18, 0x0, 0x0, 0x9, [0x401, 0x5, 0x0, 0x0, 0x0]}, @timestamp_prespec={0x44, 0x44, 0xc0, 0x3, 0xe, [{@private=0xa010102}, {@multicast1}, {@remote, 0x8000}, {@dev={0xac, 0x14, 0x14, 0x32}, 0x65c}, {@broadcast}, {@empty}, {@multicast1, 0xffd200}, {@private=0xa010100, 0x7}]}, @timestamp_prespec={0x44, 0x3c, 0x9c, 0x3, 0x8, [{@dev}, {@remote}, {@multicast2, 0x7}, {@private=0xa010101}, {@rand_addr=0x64010101}, {@broadcast, 0x52b1}, {@multicast2}]}, @noop, @noop, @noop, @end, @rr={0x7, 0x17, 0x0, [@dev, @loopback, @multicast1, @private=0xa010102, @loopback]}]}}}}})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0)
r3 = dup(r1)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

4.859992257s ago: executing program 0 (id=274):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
move_pages(0x0, 0x500, &(0x7f0000000540)=[&(0x7f0000617000/0x1000)=nil], 0x0, &(0x7f0000001180), 0x0)

421.952µs ago: executing program 3 (id=276):
r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f00000000c0), 0x281, 0x0)
write$hidraw(r0, &(0x7f0000000380)="e8", 0x1)

113.125µs ago: executing program 2 (id=277):
userfaultfd(0x801)
unshare(0x0)
syz_emit_vhci(&(0x7f00000028c0)=ANY=[@ANYBLOB="03c8000045c50e229c92f2d8eb9252ea4a6e3f4fe1cfa77ecd07fe4780c830cf004cda5e9e04b0c5bf6b18f65a8c0bcf844b3853724e3d719eb9ada1140c949044c179543948fac447165721a08e80fd41a981d4c45e726e67c37cea4cc9bfb9d1c08f1c55eb64c6c7aa1d5311df8b690b25f50ebb7899e93b34e4f27147152e1167b97d6013d27f4f084bfee157b3f7a906a0e4b521ad40e446ffa4beaeb93435b61f2f2fe45bc9a240428517874082fc7b4d4fb0a3d541a0521602fb7245ac546e5fe1e1e4d661b10c1730395b3a82cc50d1af0c68ba450b31b4356a1e7ea2a12ad1df8661a5ea48b775a554095f5d8df212349a355a1db770a00ac65bab197eadea6c3c20df6495f56aba78d17d98bc90b983117d7dc817b9a514d69f46c58c9bdf06c62e5b25c0318804dcff19fe1070e0d78e18c2806ef97f0fbf3af39be5b415eedc52c1818f7da57bf831f282758bfea66043cfc78a09dfbc267e8738afe68e7b1f572aab6048ba68bb85733768a6b2c893400aeb2ad00d32a11ca9c22480f0fec837355cb495827ca9cbaa452b2eaadc05eb75ac6905012892d9438fc313ef72d5982652a49275264e3b8526812e3375e0ad9108b7fc03de82695df4b7105263cb245728e9444951c3c417f8a848ba49d846c2c0dac37da4fd80e67251c0af0b95f7454d15ead9d9478b48eff0f4a959e16ab332539f172b74a9368a28ab58f1d84372249ea191759373ee3d3a0b46f66e59c6d5e563eb622cb462c619c919ef414e370caa11952a5954ea6e7da4f0dc20a65d4903af019c974692051a4f327999a9c5f0ae16666624cdd70b51a0fe6e4fb2176ecbe63e2fc79c6d3776c44c446b6f656b5a7ce2ca4e7968d1a6ef35704ac6d6f8b35f8f3b30ec547384430450cc4405ca5743c767beaceb2d0e5cd3624d06a8d316623696883d5cee06a583e325ffafbcc3c026a1b712d7853844e8b4d148078e15217dc1f00ef457e6114b8860447358b3d55015be0ed3691aad1f0ddb640d935dcd37bb99d9f3295f62c61b5caac611c926c15efbb0779079f1a5652c43372a94148e978800c07ea61023d83d3d33557395252fb2b52b330675fb0894ad851276b4a48de7d92042ac9aed27da44ba77e2fd9425bd66372f16ea782557fb94423e5f470048d7f68b994f84763ec691a501795456a6f7a320f72d83ccaef3c77c604f202dc1cfe756b83b0c3a8e2e16ad6436a0b60144352ac730485dc1e9377d25ff91b86a953ff46c86f5fb9fa6eb96293c636c3a4aea64e4641a93698fc573c3d75386a1b247d0e2234bafb50f883751bbde2fc87bc0d17a044be427f4c63ac6a27c4d203e4b876bc7c0080bfbf367d6cf89384763455cfd99d9dfc96b309e29c007f13168d1f7e90babe74410c1c229e04ae087431e1e580a3ecb06d1572f16ca4f53383f3f3ba468647afe5295dbbd093bdcd20e2741adda860385ce45eb527674a79910a9e24358d8c62cecd66e57bf066852ffd1c98b67e3c56e9c05953a60a191a5a4d989f0c6f50e1c9d49a92c17388e8c91c7e77f42a865e1f2f8e44519a4c9ffdc81cccc501e5b102117651ef1c4b4a1af0d2261ff327b945404fb104f98cc6b630b4ef3e12089acf8f5e18ebb2aea0d5404bc985d6216a2fcf0ef462bd8fbb2cd4f05b316deb33c2f80738a2a3d775479bd9971e0919a62cd7d531d8feaa5cb35b23796c648b7538d6020b7a96dcbc78810f276a1380acee1f3a7c7650aba249cd6c9a002e9a623ce3588e1f027c69d1d96df54bd6ef9eeede4d7246076d31de33224c4dbee64cab68e1af03d6c06650fc478808c1c35c205e1aafd3acb2bebc6650e53f963e648f927f8c0a28b33b66c7ac48f6266b42b3a7f333c8e7a9f414528312c5182407034aecebbfcbe9c411d35527a952b225154c8ddbebaafc08f4d0f6ef8a31be6a214476b7a6b49577e2a108741c758b30895348e19c37fab8dc2f2b9bd4e260cbf4fcce6f8a5745633a39322396c067885403b3441d6bb72c204e09d0c1dd4a1dc34a2f1699a817ff356ed473237e38da703abe0c2aa57fe473ccf76d57e1b1fc9787ae189be46ebea00607a68de2409a08a0a85204862d761067d7d786c9dd7b1ba781de32bd245050f01ba2eba955336e842f95f3477c978e5ed78029f6d230876243593028f3f4fdeb4ac290fbf155890f054bd6d8a8d45b096303f40952830b66db87a8673138f302363a72cd82c51799751b8c794bd9b876464cf3b4aaac4edfca813876e02e26064803b6a1c8911c764c4990a4ff7db8058d9bbde0f2975e62f85e7f99781cfb68fbc487ea7a1b4e8ff9ae2ef13e368280d54e01a8e849fde048b4d1f2bd1aa5e8c7e21a11394a9c4e4064699361afa0c2c83e82f7a2316cfe9674b7965480389ec5fe0b482b593d519e70b0e64815c7522b9975192f3aebf68cad2865ef9ae545f317507f9af74cd738b31228bb14ff64f545b8868d002956c99404a336f2c66c316dadb8240d4a1aabe48bc2684125514b5d10c6ed283b65ccc249caccc42367f5f58943acff086c942c57da85a7401154a7371c613a2b9b1a7fe2b39521656a30cd2774b640a245e341d854098b066fac36591d2fcfa87017941e08e31da3166b9223d343898a9c421088a5a8ce51485295c29cfe73f9fe255020611b506a0f8d866d813d22f56912cbfb325824834c4e2b5ab64f09bdce0bf3c6e23c950e2ed9cb746ceb9be1f12401ac8be6d17d38fb8d0a3e183c958939f02053677372f5fa6181451cb77deada722fa3af49513f8e403fc9a24cadb4193535465e3ac6cfc6380f0049b89e24d828d5232ecbba10e1c7f9b14b8ff40b46b30a578be54e21889c06201ed113ec9ad6ffcbdf5740c04cf33af7c5e7476921359ca3c1adaff9c47ecb49915d52e971e777b9bf40812ac54dd73b403486a6753000b69935bd57b7d29977b679dac3ed2f060039b5993d31b796f4ffc1e8341425fefcb45a7b121287efbe508e53c8060aeb9a90717c1a968598f603dafbcde572497c9a96a99c1ae381c3e287830f49fc28d9356669dd03818fb0144899c0e0cb333c7b4b36c976c0e8ed8b669332d9987d02bbe50b447bcd802f093a6bbc826c789caa1cd7b54ca23ed2df24b2e1c2caa52fd11f890091b85283dc6b2a76394a1b97c09ab24d04062ab9e4f0cc97523836638ce0bb9c1dc7e0e74a47a8d6e9ba2b923dd4a471f30bd9330bd7de347fb0566bf73cb816500b83b8517bdfaa51527d445c07f606ce584b66410338e5e9e21bd4c988ffcb934997fa848d43ef96aa5d57549496743225cd62328d1bbf598758cbcb989ab29d70691687efc0a467e1d23cf2f011caaaef6fbb0239dc9428aff8674dd9abc67f235eccd68bf4109a4fc5a85ec3d962702fd945f51c379fea3d5cdf23eab80e4341fff2fe1e12ad8f2cafcdfa9ac09a9a2b0635f0c68e7d12c91f4cb771aad30fdfde08bd33e6aac6f79160206f0b66e69fa0c3a893c6bddd1b02216b0b652a5b0f4f2d46d922d831f32bb0803b2f1696ff498fa6d1d44d42348c73cc43e700785ecc79b3a2ced89b292a62f88b1f95678234dc833c38cce886461263bb0dafff0d39e17f915108349013bdef7a22b277e140a07fdf56aa2c81062c9dad4774470e11fdb2eeb7522b1f387a0f8058c6039249e1a312b21c186bcd7c130ea5784c3be708f22688527263eed4a119ba134ea39077f79bcc6b8b57bda18443c05ecde5d735a259a30dd9b553ba04fdd370453a6cf01a39756608020974e8effeaeb0476b197a7bb2accffae3f604e1327fd0dcc9a66cd8d1ffcc952ce97383d80252212ff607e8faa2a311c5d3a73293bd5aef8e2e97010bfca5a28231d1ace9a1fc8f95b49ea451bc302697acc804a7700ddcd331a4c9d86cd45acc6126ea0822a826af5dd840a2c5088560f7bef31d6dc1514c47d046d59871083be657f3df8b52e7a14e06fef8bb295122f02f4b704a522dd01916227323d2d9cfe4dd787ab47ada652d1b9a558ff44828c6c75ffa4b7a61b806fe8f86198a5172b55acb1c669de48994294be99bd633fe0b50c780a884156ee2e0d06af812c8dfd61169201a2ed25bf1e3c7462dcdf8ac09b98b4a8ea7194c2838eb3f9ceff58a1d4304b966c9ed24e17d6e290c1055696e197f6420d47db9ad96963b1c3428b6bf8eafa3dfe039f351863d8d39e19ec22fd9855e82e1b1ec323fd47d23529b7903ad530902d0b9ac64aa8b21964c7b5ad105bb1f59c1c5c59ac0c6344be99cf5bb877012eac20ddfd14fc76767997418b70bf784a25dae6c902466cdc58e27c2187969c61d3daf69f98bc6f1ac8002786c45535ab62b03bb59d1ddbcc5c63b828dfb9465cb59915b16e2390aa5270e9a402ffc8f01b3b45a1c0eefe7a7c470bbe51aae5062aa46eb6ba9bd581132a4c47b306a5083f8c2b11cd06218c2221c4661c65e678fa5ce06ee7441e89f982676bf50342ba7fb7f72cbd14a7172aec41539b6f0fe918cc916ff16f03d5abc186f999d9bcacd0913ced8042f8a4177edd18c6ccef7a05cbb86bbc42ef8ad70130d67d948b2e27370b1eaed52a908919f40567399e42c68b8f78e8be2d246d8a6458df180c35e4d4da9c69e1ff1299855f033b0f469cfa12cdf401673730446dd830aacc9efe3c78bb44cba21b733fcc65d9c4ad3f9d6d38da464792f1960d743fb695b0d1720fccbcdf10a87b3974f12444a092f055735b0b859fe3389ecec5dd84a92930473a83cc30fe0caa5df0fe36fb13a382f27285312325ca1b4f02d25787ad8281c21c3e69ebbb28f55c9297e9b1c6f0ff5b36b9a00c81bc91d3223450c75ad36a8c9ad75d71d00f775bb79680b4427caf8967260ac8e6626da65bac79aec99b13c790344d0058e9d09b7bc3ecdca54b9f258b192b7f813edcb507575f92243fd677bc5cb9e678c3f170b664ff91ed10952e1b4df7295b2337066f13da8f9d0ce289b35b4d12069bb7fc23c62b38892baf79d3b623f2724c72c118f01b419b315253e4d5aca75d6419fa72cfd9d11aa40a9c02dcadd3a7a376ba8d2cef63721a966db98cfbfe438f6426bfc5057a8bc540ff7da9920788c2c1df01299e34a051888c71cfb4b7920327f7389e2196fbaa58dc681780e12c758223f5328aa7bb8ceda7cd584f336a92a673317ff4de1d4ae4549c12de01a82a42bd5db91dad07fc9b610b726f3d295c88ee37da5d2f80a12f2026b089cb9561b9c9cca03a82b40b6ccac4adc7cab7e5dde9ee676bcb58afa13d6cfeea089c2e6be4c6c70aa0e24b53dfb2b72bf885a2cbffd6ccbd7bf80bb7d1d39ccaa12a974debf21ed0f4952fca15e5137ab43e023a62f3b16775feadf5fa5644cb3f82097162beaabfc51245d7800b10a3a3356af0893ff608e10d8bac581e9c4169e94ceef1fca3a65665a5d232d40dfa5ca9d233ffd38131569d105c5cf94804e3bc71b3d2b0241ee59398fb24d45845fce888d55b64612dda43e6ee829f3fc4b61fc9336c6410cecb639aa89555235c4c8347e9c2f05b0b4e55fa295bdfa89e97c65b28b4e87135898eefbcf32059f2eea92364b6ae82febd40f7510fbc17f70f2061fb57b4155e0659b1e969a4f3e088d73fbeaac7039c4e2636fedf50f5d1ed95d234e0bb45ee184eda71be7cd5eaa530918bfe7baf78d090e1a68a9852c3acb41776ee342694184e639852a9310e9bb0a2f3048173d3137045b8323cefdc6117aba8960f6d5f30101274862ea345232852a5ec25aa866510b16b629a368f25e21166fbd3ee7fcb37567f13ad11cf627f9a10b7475b0b7f736ed798dc5ca7104212cedbf74bb8485b49ed4b7fa3c90c9639d3584ce621"], 0xd)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000940)={0x0, 0xe, &(0x7f0000000000)=[{&(0x7f00000001c0)="d8000000190081054e81f782db44b904021d005c06007c09e8fe55a10a0005400100142603600e1208001e0000000401a80016000800014009001100036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360d070100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x0)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_GET_EVENT(0xffffffffffffffff, &(0x7f00000004c0)={0xc, 0x8, 0xfa00, {&(0x7f0000000340)}}, 0x10)
r2 = socket$inet6(0xa, 0x0, 0x4000006)
setsockopt$inet6_int(r2, 0x29, 0x4e, &(0x7f0000000040)=0x9, 0x4)
bind$inet6(r2, 0x0, 0x0)
socket(0x2, 0x2, 0x0)
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000740)="10f1e2a2")
socket$inet6(0xa, 0x0, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@empty, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0xa}}, {{@in, 0x0, 0x32}, 0x0, @in=@empty}}, 0xe8)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="020b000102"], 0x10}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x0)
r3 = socket$key(0xf, 0x3, 0x2)
setsockopt$sock_int(r3, 0x1, 0x8, &(0x7f00000001c0), 0x4)
sendmsg$key(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[], 0x10}}, 0x0)
sendmsg$key(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[], 0x10}}, 0x0)
recvmmsg(r3, &(0x7f0000006dc0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x10020, 0x0)
r4 = syz_usbip_server_init(0x4)
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)={0x1c, 0x2, 0x3, 0x401, 0x0, 0x0, {0x0, 0x0, 0x2}, [@NFQA_CFG_CMD={0x8, 0x1, {0x4, 0x0, 0x1a}}]}, 0x1c}}, 0x0)
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="20000200000000000000"], 0x20}}, 0x0)
write(r4, &(0x7f0000000080)="0f", 0x1)

0s ago: executing program 3 (id=278):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x8, &(0x7f00000002c0)=@framed={{0x18, 0x8}, [@func, @initr0, @exit, @alu={0x6, 0x0, 0xb, 0xa, 0xa}]}, &(0x7f0000000000)='syzkaller\x00'}, 0x90)

kernel console output (not intermixed with test programs):

tered promiscuous mode
[   80.558122][ T5092] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   80.571687][ T5092] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   80.605769][ T5094] bridge0: port 2(bridge_slave_1) entered blocking state
[   80.613366][ T5094] bridge0: port 2(bridge_slave_1) entered disabled state
[   80.620740][ T5094] bridge_slave_1: entered allmulticast mode
[   80.629177][ T5094] bridge_slave_1: entered promiscuous mode
[   80.659216][ T5085] team0: Port device team_slave_0 added
[   80.706964][ T5085] team0: Port device team_slave_1 added
[   80.716816][ T5092] team0: Port device team_slave_0 added
[   80.766146][ T5092] team0: Port device team_slave_1 added
[   80.794748][ T5094] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   80.808769][ T5094] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   80.900233][ T5085] batman_adv: batadv0: Adding interface: batadv_slave_0
[   80.907725][ T5085] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   80.934080][ T5085] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   80.947216][ T5092] batman_adv: batadv0: Adding interface: batadv_slave_0
[   80.954201][ T5092] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   80.980508][ T5092] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   80.994518][ T5092] batman_adv: batadv0: Adding interface: batadv_slave_1
[   81.001618][ T5092] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   81.028769][ T5092] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   81.063197][ T5084] bridge0: port 1(bridge_slave_0) entered blocking state
[   81.070529][ T5084] bridge0: port 1(bridge_slave_0) entered disabled state
[   81.078176][ T5084] bridge_slave_0: entered allmulticast mode
[   81.085283][ T5084] bridge_slave_0: entered promiscuous mode
[   81.111252][ T5094] team0: Port device team_slave_0 added
[   81.117817][ T5095] bridge0: port 1(bridge_slave_0) entered blocking state
[   81.124953][ T5095] bridge0: port 1(bridge_slave_0) entered disabled state
[   81.132554][ T5095] bridge_slave_0: entered allmulticast mode
[   81.139980][ T5095] bridge_slave_0: entered promiscuous mode
[   81.148932][ T5095] bridge0: port 2(bridge_slave_1) entered blocking state
[   81.156074][ T5095] bridge0: port 2(bridge_slave_1) entered disabled state
[   81.163384][ T5095] bridge_slave_1: entered allmulticast mode
[   81.171661][ T5095] bridge_slave_1: entered promiscuous mode
[   81.179456][ T5085] batman_adv: batadv0: Adding interface: batadv_slave_1
[   81.186806][ T5085] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   81.213211][ T5085] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   81.224802][ T4476] Bluetooth: hci1: command tx timeout
[   81.241285][ T5084] bridge0: port 2(bridge_slave_1) entered blocking state
[   81.248576][ T5084] bridge0: port 2(bridge_slave_1) entered disabled state
[   81.255760][ T5084] bridge_slave_1: entered allmulticast mode
[   81.263473][ T5084] bridge_slave_1: entered promiscuous mode
[   81.272342][ T5094] team0: Port device team_slave_1 added
[   81.296648][ T4476] Bluetooth: hci3: command tx timeout
[   81.302479][ T4476] Bluetooth: hci0: command tx timeout
[   81.361339][ T5095] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   81.374218][ T5095] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   81.376908][ T4476] Bluetooth: hci4: command tx timeout
[   81.383796][ T5093] Bluetooth: hci2: command tx timeout
[   81.434134][ T5094] batman_adv: batadv0: Adding interface: batadv_slave_0
[   81.441257][ T5094] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   81.468876][ T5094] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   81.511280][ T5085] hsr_slave_0: entered promiscuous mode
[   81.518219][ T5085] hsr_slave_1: entered promiscuous mode
[   81.529640][ T5084] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   81.539692][ T5094] batman_adv: batadv0: Adding interface: batadv_slave_1
[   81.547166][ T5094] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   81.573667][ T5094] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   81.632020][ T5084] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   81.664038][ T5092] hsr_slave_0: entered promiscuous mode
[   81.671046][ T5092] hsr_slave_1: entered promiscuous mode
[   81.677641][ T5092] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   81.685883][ T5092] Cannot create hsr debugfs directory
[   81.695340][ T5095] team0: Port device team_slave_0 added
[   81.705258][ T5095] team0: Port device team_slave_1 added
[   81.804542][ T5084] team0: Port device team_slave_0 added
[   81.814149][ T5084] team0: Port device team_slave_1 added
[   81.824728][ T5094] hsr_slave_0: entered promiscuous mode
[   81.835332][ T5094] hsr_slave_1: entered promiscuous mode
[   81.842705][ T5094] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   81.850648][ T5094] Cannot create hsr debugfs directory
[   81.894736][ T5095] batman_adv: batadv0: Adding interface: batadv_slave_0
[   81.902066][ T5095] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   81.929297][ T5095] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   81.942912][ T5095] batman_adv: batadv0: Adding interface: batadv_slave_1
[   81.950123][ T5095] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   81.976182][ T5095] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   82.077646][ T5084] batman_adv: batadv0: Adding interface: batadv_slave_0
[   82.084649][ T5084] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   82.117491][ T5084] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   82.247342][ T5084] batman_adv: batadv0: Adding interface: batadv_slave_1
[   82.254346][ T5084] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   82.287785][ T5084] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   82.350804][ T5095] hsr_slave_0: entered promiscuous mode
[   82.364256][ T5095] hsr_slave_1: entered promiscuous mode
[   82.371268][ T5095] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   82.379146][ T5095] Cannot create hsr debugfs directory
[   82.579647][ T5084] hsr_slave_0: entered promiscuous mode
[   82.591375][ T5084] hsr_slave_1: entered promiscuous mode
[   82.599169][ T5084] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   82.607375][ T5084] Cannot create hsr debugfs directory
[   82.834461][ T5085] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   82.880405][ T5085] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   82.928541][ T5085] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   82.976001][ T5085] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   83.083103][ T5094] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   83.101906][ T5094] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   83.124945][ T5094] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   83.153633][ T5094] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   83.214218][ T5084] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   83.243739][ T5084] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   83.256756][ T5084] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   83.294578][ T5084] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   83.297672][ T5093] Bluetooth: hci1: command tx timeout
[   83.376752][ T5093] Bluetooth: hci0: command tx timeout
[   83.378739][ T5092] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   83.382201][ T5093] Bluetooth: hci3: command tx timeout
[   83.405423][ T5092] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   83.445546][ T5092] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   83.456549][ T4476] Bluetooth: hci4: command tx timeout
[   83.462129][ T5093] Bluetooth: hci2: command tx timeout
[   83.499371][ T5092] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   83.529637][ T5085] 8021q: adding VLAN 0 to HW filter on device bond0
[   83.589924][ T5095] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   83.601621][ T5095] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   83.614194][ T5095] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   83.632442][ T5095] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   83.713423][ T5085] 8021q: adding VLAN 0 to HW filter on device team0
[   83.756331][   T45] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.763745][   T45] bridge0: port 1(bridge_slave_0) entered forwarding state
[   83.775530][   T45] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.782687][   T45] bridge0: port 2(bridge_slave_1) entered forwarding state
[   83.820069][ T5094] 8021q: adding VLAN 0 to HW filter on device bond0
[   83.939939][ T5084] 8021q: adding VLAN 0 to HW filter on device bond0
[   83.979728][ T5094] 8021q: adding VLAN 0 to HW filter on device team0
[   84.009236][ T5095] 8021q: adding VLAN 0 to HW filter on device bond0
[   84.055869][ T5084] 8021q: adding VLAN 0 to HW filter on device team0
[   84.064940][ T5140] bridge0: port 1(bridge_slave_0) entered blocking state
[   84.072332][ T5140] bridge0: port 1(bridge_slave_0) entered forwarding state
[   84.083355][ T5140] bridge0: port 2(bridge_slave_1) entered blocking state
[   84.090548][ T5140] bridge0: port 2(bridge_slave_1) entered forwarding state
[   84.121683][ T5092] 8021q: adding VLAN 0 to HW filter on device bond0
[   84.175745][ T5139] bridge0: port 1(bridge_slave_0) entered blocking state
[   84.183033][ T5139] bridge0: port 1(bridge_slave_0) entered forwarding state
[   84.212406][ T5092] 8021q: adding VLAN 0 to HW filter on device team0
[   84.254246][ T5139] bridge0: port 2(bridge_slave_1) entered blocking state
[   84.261458][ T5139] bridge0: port 2(bridge_slave_1) entered forwarding state
[   84.289491][ T5095] 8021q: adding VLAN 0 to HW filter on device team0
[   84.323863][   T45] bridge0: port 1(bridge_slave_0) entered blocking state
[   84.331102][   T45] bridge0: port 1(bridge_slave_0) entered forwarding state
[   84.359150][   T45] bridge0: port 1(bridge_slave_0) entered blocking state
[   84.366432][   T45] bridge0: port 1(bridge_slave_0) entered forwarding state
[   84.410121][   T45] bridge0: port 2(bridge_slave_1) entered blocking state
[   84.417350][   T45] bridge0: port 2(bridge_slave_1) entered forwarding state
[   84.447579][   T45] bridge0: port 2(bridge_slave_1) entered blocking state
[   84.454728][   T45] bridge0: port 2(bridge_slave_1) entered forwarding state
[   84.662095][ T5095] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   84.682305][ T5085] 8021q: adding VLAN 0 to HW filter on device batadv0
[   85.005356][ T5084] 8021q: adding VLAN 0 to HW filter on device batadv0
[   85.175940][ T5092] 8021q: adding VLAN 0 to HW filter on device batadv0
[   85.250644][ T5084] veth0_vlan: entered promiscuous mode
[   85.285253][ T5084] veth1_vlan: entered promiscuous mode
[   85.301760][ T5094] 8021q: adding VLAN 0 to HW filter on device batadv0
[   85.378397][ T5093] Bluetooth: hci1: command tx timeout
[   85.440171][ T5084] veth0_macvtap: entered promiscuous mode
[   85.454443][ T5095] 8021q: adding VLAN 0 to HW filter on device batadv0
[   85.464751][ T5094] veth0_vlan: entered promiscuous mode
[   85.466906][ T4476] Bluetooth: hci0: command tx timeout
[   85.473486][ T5093] Bluetooth: hci3: command tx timeout
[   85.499551][ T5085] veth0_vlan: entered promiscuous mode
[   85.515345][ T5092] veth0_vlan: entered promiscuous mode
[   85.526263][ T5084] veth1_macvtap: entered promiscuous mode
[   85.539820][ T5093] Bluetooth: hci2: command tx timeout
[   85.539930][ T4476] Bluetooth: hci4: command tx timeout
[   85.562078][ T5085] veth1_vlan: entered promiscuous mode
[   85.579468][ T5092] veth1_vlan: entered promiscuous mode
[   85.591561][ T5084] batman_adv: batadv0: Interface activated: batadv_slave_0
[   85.602737][ T5094] veth1_vlan: entered promiscuous mode
[   85.640068][ T5084] batman_adv: batadv0: Interface activated: batadv_slave_1
[   85.668724][ T5084] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   85.677989][ T5084] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   85.687801][ T5084] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   85.696857][ T5084] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   85.734963][ T5085] veth0_macvtap: entered promiscuous mode
[   85.747619][ T5085] veth1_macvtap: entered promiscuous mode
[   85.815311][ T5085] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   85.826773][ T5085] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.839821][ T5085] batman_adv: batadv0: Interface activated: batadv_slave_0
[   85.852192][ T5085] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   85.864639][ T5085] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.876963][ T5085] batman_adv: batadv0: Interface activated: batadv_slave_1
[   85.894527][ T5095] veth0_vlan: entered promiscuous mode
[   85.926151][ T5095] veth1_vlan: entered promiscuous mode
[   85.938804][ T5085] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   85.950466][ T5085] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   85.959413][ T5085] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   85.968892][ T5085] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   85.991581][ T5092] veth0_macvtap: entered promiscuous mode
[   86.035123][ T5094] veth0_macvtap: entered promiscuous mode
[   86.050628][ T5092] veth1_macvtap: entered promiscuous mode
[   86.081637][ T5094] veth1_macvtap: entered promiscuous mode
[   86.193673][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   86.214967][ T5095] veth0_macvtap: entered promiscuous mode
[   86.221097][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   86.243055][ T5092] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   86.255281][ T5092] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   86.266581][ T5092] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   86.278427][ T5092] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   86.290888][ T5092] batman_adv: batadv0: Interface activated: batadv_slave_0
[   86.304626][ T5094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   86.319084][ T5094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   86.329034][ T5094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   86.340129][ T5094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   86.351428][ T5094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   86.361926][ T5094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   86.373261][ T5094] batman_adv: batadv0: Interface activated: batadv_slave_0
[   86.395631][ T5092] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   86.408315][ T5092] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   86.418702][ T5092] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   86.430448][ T5092] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   86.442920][ T5092] batman_adv: batadv0: Interface activated: batadv_slave_1
[   86.454698][ T1038] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   86.462917][ T5095] veth1_macvtap: entered promiscuous mode
[   86.471856][ T1038] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   86.473990][ T5094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   86.492444][ T5094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   86.502976][ T5094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   86.513719][ T5094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   86.523929][ T5094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   86.534460][ T5094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   86.548456][ T5094] batman_adv: batadv0: Interface activated: batadv_slave_1
[   86.579331][ T5092] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   86.589489][ T5092] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   86.599675][ T5092] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   86.608792][ T5092] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   86.628536][ T5094] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   86.638758][ T5094] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   86.648329][ T5094] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   86.657444][ T5094] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   86.681709][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   86.689034][ T5095] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   86.700295][ T5095] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   86.706426][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   86.712110][ T5095] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   86.728179][ T5095] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   86.739358][ T5095] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   86.752669][ T5095] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   86.762616][ T5095] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   86.773139][ T5095] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   86.785726][ T5095] batman_adv: batadv0: Interface activated: batadv_slave_0
[   86.818329][ T1038] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   86.829608][ T1038] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   86.832435][ T5095] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   86.848289][ T5095] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   86.858230][ T5095] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   86.870920][ T5095] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   86.881841][ T5095] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   86.892814][ T5095] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   86.904815][ T5095] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   86.915511][ T5095] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   86.929127][ T5095] batman_adv: batadv0: Interface activated: batadv_slave_1
[   86.970071][ T5095] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   86.985270][ T5095] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   86.996481][ T5095] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   87.005234][ T5095] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   87.186824][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   87.192667][   T29] audit: type=1326 audit(1720207852.021:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5171 comm="syz.0.1" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2645b75bd9 code=0x7ffc0000
[   87.209083][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   87.261015][   T29] audit: type=1326 audit(1720207852.021:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5171 comm="syz.0.1" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2645b75bd9 code=0x7ffc0000
[   87.293626][   T29] audit: type=1326 audit(1720207852.021:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5171 comm="syz.0.1" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2645b75bd9 code=0x7ffc0000
[   87.315274][   T29] audit: type=1326 audit(1720207852.021:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5171 comm="syz.0.1" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2645b75bd9 code=0x7ffc0000
[   87.347815][   T29] audit: type=1326 audit(1720207852.021:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5171 comm="syz.0.1" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2645b75bd9 code=0x7ffc0000
[   87.372687][   T29] audit: type=1326 audit(1720207852.041:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5171 comm="syz.0.1" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f2645b75bd9 code=0x7ffc0000
[   87.396084][   T29] audit: type=1326 audit(1720207852.041:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5171 comm="syz.0.1" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2645b75bd9 code=0x7ffc0000
[   87.443771][   T51] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   87.466083][ T4476] Bluetooth: hci1: command tx timeout
[   87.505503][   T29] audit: type=1326 audit(1720207852.041:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5171 comm="syz.0.1" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2645b75bd9 code=0x7ffc0000
[   87.511003][   T51] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   87.536561][ T4476] Bluetooth: hci3: command tx timeout
[   87.541005][ T5093] Bluetooth: hci0: command tx timeout
[   87.546039][   T29] audit: type=1326 audit(1720207852.041:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5171 comm="syz.0.1" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2645b75bd9 code=0x7ffc0000
[   87.574433][   T29] audit: type=1326 audit(1720207852.041:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5171 comm="syz.0.1" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2645b75bd9 code=0x7ffc0000
[   87.606092][ T5177] sctp: [Deprecated]: syz.4.5 (pid 5177) Use of struct sctp_assoc_value in delayed_ack socket option.
[   87.606092][ T5177] Use struct sctp_sack_info instead
[   87.624388][ T5093] Bluetooth: hci4: command tx timeout
[   87.624474][ T4476] Bluetooth: hci2: command tx timeout
[   87.630431][ T5177] FAULT_INJECTION: forcing a failure.
[   87.630431][ T5177] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   87.668855][ T5177] CPU: 1 PID: 5177 Comm: syz.4.5 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0
[   87.678754][ T5177] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[   87.688854][ T5177] Call Trace:
[   87.692169][ T5177]  <TASK>
[   87.695116][ T5177]  dump_stack_lvl+0x241/0x360
[   87.695173][ T5177]  ? __pfx_dump_stack_lvl+0x10/0x10
[   87.705143][ T5177]  ? __pfx__printk+0x10/0x10
[   87.709800][ T5177]  ? _printk+0xd5/0x120
[   87.714009][ T5177]  ? __pfx_lock_release+0x10/0x10
[   87.719170][ T5177]  should_fail_ex+0x3b0/0x4e0
[   87.723905][ T5177]  _copy_from_user+0x2f/0xe0
[   87.728567][ T5177]  sctp_getsockopt_delayed_ack+0x128/0x8f0
[   87.734439][ T5177]  ? __pfx_sctp_getsockopt_delayed_ack+0x10/0x10
[   87.735277][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   87.740834][ T5177]  sctp_getsockopt+0x974/0xbb0
[   87.740862][ T5177]  ? __pfx_sock_common_getsockopt+0x10/0x10
[   87.740903][ T5177]  do_sock_getsockopt+0x373/0x850
[   87.764489][ T5177]  ? __pfx_do_sock_getsockopt+0x10/0x10
[   87.770084][ T5177]  ? __fget_files+0x3f6/0x470
[   87.774814][ T5177]  __sys_getsockopt+0x271/0x330
[   87.779724][ T5177]  ? __pfx___sys_getsockopt+0x10/0x10
[   87.785149][ T5177]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   87.791698][ T5177]  ? do_syscall_64+0x100/0x230
[   87.796517][ T5177]  __x64_sys_getsockopt+0xb5/0xd0
[   87.801132][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   87.801567][ T5177]  do_syscall_64+0xf3/0x230
[   87.813425][ T5177]  ? clear_bhb_loop+0x35/0x90
[   87.818175][ T5177]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.824168][ T5177] RIP: 0033:0x7fa5b2975bd9
[   87.828648][ T5177] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   87.848309][ T5177] RSP: 002b:00007fa5b36cf048 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[   87.856774][ T5177] RAX: ffffffffffffffda RBX: 00007fa5b2b04110 RCX: 00007fa5b2975bd9
[   87.864788][ T5177] RDX: 0000000000000010 RSI: 0000000000000084 RDI: 0000000000000003
[   87.872796][ T5177] RBP: 00007fa5b36cf0a0 R08: 00000000200002c0 R09: 0000000000000000
[   87.880824][ T5177] R10: 0000000020000240 R11: 0000000000000246 R12: 0000000000000001
[   87.888839][ T5177] R13: 000000000000006e R14: 00007fa5b2b04110 R15: 00007fffa3036088
[   87.896889][ T5177]  </TASK>
[   87.914834][ T1052] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   87.959312][ T1052] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   87.998192][  T932] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   88.104703][ T1038] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   88.145246][ T5185] sctp: [Deprecated]: syz.2.3 (pid 5185) Use of struct sctp_assoc_value in delayed_ack socket option.
[   88.145246][ T5185] Use struct sctp_sack_info instead
[   88.149734][ T1038] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   88.207509][  T932] usb 1-1: Using ep0 maxpacket: 16
[   88.240802][  T932] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[   88.272602][  T932] usb 1-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[   88.298127][ T1038] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   88.339124][ T1038] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   88.353738][  T932] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   88.400522][  T932] usb 1-1: config 0 descriptor??
[   88.991007][ T5179] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   89.052787][ T5179] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   89.151963][  T932] hid-generic 0003:0158:0100.0001: unknown main item tag 0x1
[   89.170188][  T932] hid-generic 0003:0158:0100.0001: unexpected long global item
[   89.189556][  T932] hid-generic 0003:0158:0100.0001: probe with driver hid-generic failed with error -22
[   89.397875][ T5206] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   89.399478][ T5179] Zero length message leads to an empty skb
[   89.801336][ T5181] usb 1-1: USB disconnect, device number 2
[   89.861736][ T5222] netlink: 'syz.1.12': attribute type 5 has an invalid length.
[   90.834174][ T5226] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8)
[   90.840958][ T5226] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   90.851249][ T5226] vhci_hcd vhci_hcd.0: Device attached
[   91.011228][ T5232] vhci_hcd: connection closed
[   91.013458][   T51] vhci_hcd: stop threads
[   91.079959][   T51] vhci_hcd: release socket
[   91.086599][ T5137] vhci_hcd: vhci_device speed not set
[   91.120403][   T51] vhci_hcd: disconnect device
[   91.156887][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   91.177050][ T5137] usb 11-1: new full-speed USB device number 2 using vhci_hcd
[   91.228854][ T5137] usb 11-1: enqueue for inactive port 0
[   91.380583][ T5137] vhci_hcd: vhci_device speed not set
[   91.787018][    T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!!
[   92.299716][    T8] cfg80211: failed to load regulatory.db
[   92.445065][ T5141] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   92.537213][ T5248] FAULT_INJECTION: forcing a failure.
[   92.537213][ T5248] name failslab, interval 1, probability 0, space 0, times 1
[   92.568445][ T5248] CPU: 1 PID: 5248 Comm: syz.2.18 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0
[   92.578441][ T5248] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[   92.588544][ T5248] Call Trace:
[   92.591868][ T5248]  <TASK>
[   92.594832][ T5248]  dump_stack_lvl+0x241/0x360
[   92.599571][ T5248]  ? __pfx_dump_stack_lvl+0x10/0x10
[   92.604830][ T5248]  ? __pfx__printk+0x10/0x10
[   92.609474][ T5248]  ? __pfx___might_resched+0x10/0x10
[   92.614816][ T5248]  should_fail_ex+0x3b0/0x4e0
[   92.619544][ T5248]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[   92.625286][ T5248]  should_failslab+0x9/0x20
[   92.629821][ T5248]  __kmalloc_noprof+0xd8/0x400
[   92.634601][ T5248]  ? kfree+0x4e/0x360
[   92.638615][ T5248]  tomoyo_realpath_from_path+0xcf/0x5e0
[   92.644188][ T5248]  tomoyo_path_number_perm+0x23a/0x880
[   92.649669][ T5248]  ? tomoyo_path_number_perm+0x208/0x880
[   92.655332][ T5248]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[   92.661404][ T5248]  ? __fget_files+0x29/0x470
[   92.666012][ T5248]  ? __fget_files+0x3f6/0x470
[   92.670698][ T5248]  ? __fget_files+0x29/0x470
[   92.675302][ T5248]  security_file_ioctl+0x75/0xb0
[   92.680257][ T5248]  __se_sys_ioctl+0x47/0x170
[   92.684867][ T5248]  do_syscall_64+0xf3/0x230
[   92.689389][ T5248]  ? clear_bhb_loop+0x35/0x90
[   92.694172][ T5248]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   92.700079][ T5248] RIP: 0033:0x7fa7a7575bd9
[   92.704504][ T5248] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   92.724125][ T5248] RSP: 002b:00007fa7a8393048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   92.732559][ T5248] RAX: ffffffffffffffda RBX: 00007fa7a7703f60 RCX: 00007fa7a7575bd9
[   92.740722][ T5248] RDX: 0000000020000040 RSI: 00000000c008ae88 RDI: 0000000000000005
[   92.748720][ T5248] RBP: 00007fa7a83930a0 R08: 0000000000000000 R09: 0000000000000000
[   92.756697][ T5248] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   92.764672][ T5248] R13: 000000000000000b R14: 00007fa7a7703f60 R15: 00007ffd855a74e8
[   92.772664][ T5248]  </TASK>
[   92.828008][ T5248] ERROR: Out of memory at tomoyo_realpath_from_path.
[   92.839187][ T5141] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[   92.849310][ T5141] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[   92.899000][ T5141] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[   92.916574][ T5141] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[   92.928124][ T5141] usb 2-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[   92.953778][ T5141] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   93.106442][ T5141] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[   93.115218][ T5141] usb 2-1: SerialNumber: syz
[   93.133115][ T5141] cdc_ether 2-1:1.0: probe with driver cdc_ether failed with error -22
[   93.241792][ T5264] dvmrp5: entered allmulticast mode
[   93.380349][    T9] usb 2-1: USB disconnect, device number 2
[   93.406546][  T932] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[   93.484304][ T5273] syz.0.25 uses obsolete (PF_INET,SOCK_PACKET)
[   93.491913][ T5273] syzkaller1: entered promiscuous mode
[   93.497581][ T5273] syzkaller1: entered allmulticast mode
[   93.505376][ T5273] FAULT_INJECTION: forcing a failure.
[   93.505376][ T5273] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   93.518766][ T5273] CPU: 1 PID: 5273 Comm: syz.0.25 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0
[   93.528705][ T5273] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[   93.538802][ T5273] Call Trace:
[   93.542111][ T5273]  <TASK>
[   93.545066][ T5273]  dump_stack_lvl+0x241/0x360
[   93.549785][ T5273]  ? __pfx_dump_stack_lvl+0x10/0x10
[   93.555026][ T5273]  ? __pfx__printk+0x10/0x10
[   93.559668][ T5273]  ? __pfx_lock_release+0x10/0x10
[   93.564726][ T5273]  should_fail_ex+0x3b0/0x4e0
[   93.569442][ T5273]  _copy_from_iter+0x1f6/0x1960
[   93.574331][ T5273]  ? __pfx__copy_from_iter+0x10/0x10
[   93.579628][ T5273]  ? mark_lock+0x9a/0x350
[   93.583976][ T5273]  ? __pfx_validate_chain+0x10/0x10
[   93.589192][ T5273]  ? __lock_acquire+0x1346/0x1fd0
[   93.594236][ T5273]  tun_get_user+0x25b/0x4560
[   93.598873][ T5273]  ? __pfx_tun_get_user+0x10/0x10
[   93.603915][ T5273]  ? __pfx_ref_tracker_alloc+0x10/0x10
[   93.609392][ T5273]  ? tun_get+0x1e/0x2f0
[   93.613571][ T5273]  ? tun_get+0x1e/0x2f0
[   93.617745][ T5273]  ? tun_get+0x27d/0x2f0
[   93.622004][ T5273]  tun_chr_write_iter+0x113/0x1f0
[   93.627047][ T5273]  vfs_write+0xa72/0xc90
[   93.631306][ T5273]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   93.636913][ T5273]  ? __pfx_vfs_write+0x10/0x10
[   93.641726][ T5273]  ksys_write+0x1a0/0x2c0
[   93.646077][ T5273]  ? __pfx_ksys_write+0x10/0x10
[   93.650952][ T5273]  ? do_syscall_64+0x100/0x230
[   93.655736][ T5273]  ? do_syscall_64+0xb6/0x230
[   93.660443][ T5273]  do_syscall_64+0xf3/0x230
[   93.664983][ T5273]  ? clear_bhb_loop+0x35/0x90
[   93.669689][ T5273]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.675611][ T5273] RIP: 0033:0x7f2645b75bd9
[   93.680043][ T5273] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   93.699660][ T5273] RSP: 002b:00007f26469fc048 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   93.708100][ T5273] RAX: ffffffffffffffda RBX: 00007f2645d03f60 RCX: 00007f2645b75bd9
[   93.716095][ T5273] RDX: 000000000000fdef RSI: 0000000020000140 RDI: 0000000000000003
[   93.724070][ T5273] RBP: 00007f26469fc0a0 R08: 0000000000000000 R09: 0000000000000000
[   93.732046][ T5273] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   93.740376][ T5273] R13: 000000000000000b R14: 00007f2645d03f60 R15: 00007fffb1e708c8
[   93.748377][ T5273]  </TASK>
[   93.766210][  T932] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   93.784189][  T932] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   93.794638][  T932] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   93.813985][  T932] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   93.823365][  T932] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   93.839784][  T932] usb 4-1: config 0 descriptor??
[   94.043962][ T5279] netlink: 76 bytes leftover after parsing attributes in process `syz.4.27'.
[   94.064435][ T5279] netlink: 12 bytes leftover after parsing attributes in process `syz.4.27'.
[   94.298608][  T932] usbhid 4-1:0.0: can't add hid device: -71
[   94.315596][  T932] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[   94.364081][  T932] usb 4-1: USB disconnect, device number 2
[   94.437663][ T5290] kvm: emulating exchange as write
[   94.456437][    T0] NOHZ tick-stop error: local softirq work is pending, handler #340!!!
[   94.506906][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   95.945574][ T5311] netlink: 76 bytes leftover after parsing attributes in process `syz.2.36'.
[   95.977781][ T5311] netlink: 12 bytes leftover after parsing attributes in process `syz.2.36'.
[   96.826524][    T9] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   97.028573][    T9] usb 3-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad
[   97.047144][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   97.089211][    T9] usb 3-1: config 0 descriptor??
[   97.425959][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[   97.650184][    T9] gspca_main: spca508-2.14.0 probing 8086:0110
[   97.858674][    T9] gspca_spca508: reg_read err -32
[   97.867947][    T9] gspca_spca508: reg_read err -71
[   97.874961][    T9] gspca_spca508: reg_read err -71
[   97.882700][    T9] gspca_spca508: reg_read err -71
[   97.893380][    T9] gspca_spca508: reg_read err -71
[   97.909466][    T9] gspca_spca508: reg write: error -71
[   97.925429][    T9] spca508 3-1:0.0: probe with driver spca508 failed with error -71
[   97.998000][    T9] usb 3-1: USB disconnect, device number 2
[   98.133203][ T4476] Bluetooth: hci4: ACL packet for unknown connection handle 0
[   98.164271][ T5337] netlink: 76 bytes leftover after parsing attributes in process `syz.1.43'.
[   98.176665][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   98.185509][ T5337] netlink: 12 bytes leftover after parsing attributes in process `syz.1.43'.
[   98.321742][ T5344] syz.3.44 (5344): attempted to duplicate a private mapping with mremap.  This is not supported.
[   98.506728][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   99.006950][ T5360] netlink: 'syz.2.50': attribute type 5 has an invalid length.
[   99.208286][ T5368] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8)
[   99.214868][ T5368] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   99.262685][ T5368] vhci_hcd vhci_hcd.0: Device attached
[   99.456712][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   99.576632][    T0] NOHZ tick-stop error: local softirq work is pending, handler #1c0!!!
[   99.578219][  T784] vhci_hcd: vhci_device speed not set
[   99.781225][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[   99.832193][ T5370] vhci_hcd: connection closed
[   99.861313][   T51] vhci_hcd: stop threads
[   99.915151][  T784] usb 13-1: new full-speed USB device number 2 using vhci_hcd
[   99.979844][   T51] vhci_hcd: release socket
[   99.991604][   T51] vhci_hcd: disconnect device
[  100.071475][  T784] usb 13-1: enqueue for inactive port 0
[  100.216549][  T784] vhci_hcd: vhci_device speed not set
[  100.453600][ T4476] Bluetooth: hci3: ACL packet for unknown connection handle 0
[  100.650473][ T5399] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  100.772304][ T5401] netlink: 76 bytes leftover after parsing attributes in process `syz.0.59'.
[  100.910440][ T5401] netlink: 12 bytes leftover after parsing attributes in process `syz.0.59'.
[  101.045356][ T5409] FAULT_INJECTION: forcing a failure.
[  101.045356][ T5409] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  101.074402][ T5409] CPU: 1 PID: 5409 Comm: syz.4.61 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0
[  101.084371][ T5409] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  101.094432][ T5409] Call Trace:
[  101.097715][ T5409]  <TASK>
[  101.100651][ T5409]  dump_stack_lvl+0x241/0x360
[  101.105340][ T5409]  ? __pfx_dump_stack_lvl+0x10/0x10
[  101.110544][ T5409]  ? __pfx__printk+0x10/0x10
[  101.115152][ T5409]  ? __pfx_lock_release+0x10/0x10
[  101.120224][ T5409]  should_fail_ex+0x3b0/0x4e0
[  101.124913][ T5409]  _copy_from_user+0x2f/0xe0
[  101.129507][ T5409]  copy_msghdr_from_user+0xae/0x680
[  101.134717][ T5409]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  101.140568][ T5409]  __sys_sendmsg+0x23d/0x3a0
[  101.145184][ T5409]  ? __pfx___sys_sendmsg+0x10/0x10
[  101.150317][ T5409]  ? vfs_write+0x7c4/0xc90
[  101.154773][ T5409]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  101.161125][ T5409]  ? do_syscall_64+0x100/0x230
[  101.165895][ T5409]  ? do_syscall_64+0xb6/0x230
[  101.170584][ T5409]  do_syscall_64+0xf3/0x230
[  101.175094][ T5409]  ? clear_bhb_loop+0x35/0x90
[  101.179782][ T5409]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.185707][ T5409] RIP: 0033:0x7fa5b2975bd9
[  101.190144][ T5409] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  101.209841][ T5409] RSP: 002b:00007fa5b3711048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  101.218282][ T5409] RAX: ffffffffffffffda RBX: 00007fa5b2b03f60 RCX: 00007fa5b2975bd9
[  101.226284][ T5409] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000003
[  101.234291][ T5409] RBP: 00007fa5b37110a0 R08: 0000000000000000 R09: 0000000000000000
[  101.242264][ T5409] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  101.250325][ T5409] R13: 000000000000000b R14: 00007fa5b2b03f60 R15: 00007fffa3036088
[  101.258310][ T5409]  </TASK>
[  101.261428][    C1] vkms_vblank_simulate: vblank timer overrun
[  101.548466][ T4476] Bluetooth: hci1: ACL packet for unknown connection handle 0
[  101.719054][ T5138] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  101.906408][ T5138] usb 3-1: Using ep0 maxpacket: 16
[  101.954932][ T5138] usb 3-1: New USB device found, idVendor=4500, idProduct=e888, bcdDevice=a4.13
[  101.982844][ T5138] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  101.998650][ T5138] usb 3-1: Product: syz
[  102.008387][ T5138] usb 3-1: Manufacturer: syz
[  102.021562][ T5138] usb 3-1: SerialNumber: syz
[  102.095914][ T5138] usb 3-1: config 0 descriptor??
[  102.320987][ T5412] netlink: 12 bytes leftover after parsing attributes in process `syz.2.62'.
[  102.391323][ T5138] cdc_acm 3-1:0.0: Zero length descriptor references
[  102.417240][ T5138] cdc_acm 3-1:0.0: probe with driver cdc_acm failed with error -22
[  102.430967][ T5138] usb 3-1: USB disconnect, device number 3
[  102.476437][  T932] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  102.635792][ T5437] netlink: 'syz.3.70': attribute type 5 has an invalid length.
[  102.688590][  T932] usb 2-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad
[  102.704171][  T932] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  102.728787][  T932] usb 2-1: config 0 descriptor??
[  102.755826][  T932] gspca_main: spca508-2.14.0 probing 8086:0110
[  102.815100][ T5442] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8)
[  102.822206][ T5442] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  102.831322][ T5442] vhci_hcd vhci_hcd.0: Device attached
[  102.967320][  T932] gspca_spca508: reg_read err -32
[  102.977503][  T932] gspca_spca508: reg_read err -32
[  102.994337][  T932] gspca_spca508: reg_read err -32
[  103.056874][ T5141] vhci_hcd: vhci_device speed not set
[  103.146853][ T5141] usb 15-1: new full-speed USB device number 2 using vhci_hcd
[  103.441876][ T5426] overlayfs: failed to resolve './file1': -2
[  103.479070][ T5443] vhci_hcd: connection closed
[  103.482337][ T5093] Bluetooth: hci2: ACL packet for unknown connection handle 0
[  103.502490][   T12] vhci_hcd: stop threads
[  103.511964][   T12] vhci_hcd: release socket
[  103.516832][   T12] vhci_hcd: disconnect device
[  103.625935][  T932] gspca_spca508: reg_read err -71
[  103.646831][  T932] gspca_spca508: reg write: error -71
[  103.652346][  T932] spca508 2-1:0.0: probe with driver spca508 failed with error -71
[  103.700588][  T932] usb 2-1: USB disconnect, device number 3
[  103.745446][ T5462] batadv0: mtu less than device minimum
[  104.311636][ T5472] Cannot find add_set index 0 as target
[  104.656502][ T5093] Bluetooth: hci4: command 0x0406 tx timeout
[  105.361653][ T5476] tipc: Invalid UDP bearer configuration
[  105.361697][ T5476] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  105.555970][ T5478] netlink: 40 bytes leftover after parsing attributes in process `syz.4.80'.
[  105.755585][ T5484] netlink: 'syz.1.81': attribute type 30 has an invalid length.
[  105.887289][ T5489] FAULT_INJECTION: forcing a failure.
[  105.887289][ T5489] name failslab, interval 1, probability 0, space 0, times 0
[  105.946472][ T5489] CPU: 0 PID: 5489 Comm: syz.3.83 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0
[  105.956540][ T5489] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  105.966633][ T5489] Call Trace:
[  105.969924][ T5489]  <TASK>
[  105.972866][ T5489]  dump_stack_lvl+0x241/0x360
[  105.977568][ T5489]  ? __pfx_dump_stack_lvl+0x10/0x10
[  105.982787][ T5489]  ? __pfx__printk+0x10/0x10
[  105.987405][ T5489]  ? netlink_insert+0x10b7/0x14b0
[  105.992446][ T5489]  should_fail_ex+0x3b0/0x4e0
[  105.997140][ T5489]  ? __alloc_skb+0x1c3/0x440
[  106.001743][ T5489]  should_failslab+0x9/0x20
[  106.006255][ T5489]  kmem_cache_alloc_node_noprof+0x71/0x320
[  106.012109][ T5489]  __alloc_skb+0x1c3/0x440
[  106.016546][ T5489]  ? __pfx___alloc_skb+0x10/0x10
[  106.021929][ T5489]  ? netlink_autobind+0xd6/0x2f0
[  106.026891][ T5489]  ? netlink_autobind+0x2b0/0x2f0
[  106.031959][ T5489]  netlink_sendmsg+0x631/0xcb0
[  106.036804][ T5489]  ? __pfx_netlink_sendmsg+0x10/0x10
[  106.042112][ T5489]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  106.047410][ T5489]  ? security_socket_sendmsg+0x87/0xb0
[  106.052892][ T5489]  ? __pfx_netlink_sendmsg+0x10/0x10
[  106.058191][ T5489]  __sock_sendmsg+0x221/0x270
[  106.062882][ T5489]  sock_write_iter+0x2dd/0x400
[  106.067666][ T5489]  ? __pfx_sock_write_iter+0x10/0x10
[  106.073073][ T5489]  do_iter_readv_writev+0x5a4/0x800
[  106.078287][ T5489]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  106.084018][ T5489]  ? bpf_lsm_file_permission+0x9/0x10
[  106.089404][ T5489]  ? security_file_permission+0x7f/0xa0
[  106.094960][ T5489]  ? rw_verify_area+0x1d2/0x6b0
[  106.099851][ T5489]  vfs_writev+0x37c/0xbb0
[  106.104204][ T5489]  ? __pfx_lock_acquire+0x10/0x10
[  106.109241][ T5489]  ? __pfx_vfs_writev+0x10/0x10
[  106.114099][ T5489]  ? vfs_write+0x7c4/0xc90
[  106.118568][ T5489]  ? __fget_files+0x29/0x470
[  106.123179][ T5489]  do_writev+0x1b1/0x350
[  106.127444][ T5489]  ? __pfx_do_writev+0x10/0x10
[  106.132228][ T5489]  ? do_syscall_64+0x100/0x230
[  106.137013][ T5489]  ? do_syscall_64+0xb6/0x230
[  106.141712][ T5489]  do_syscall_64+0xf3/0x230
[  106.146231][ T5489]  ? clear_bhb_loop+0x35/0x90
[  106.150929][ T5489]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.156838][ T5489] RIP: 0033:0x7f0df2375bd9
[  106.161260][ T5489] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  106.180878][ T5489] RSP: 002b:00007f0df31dd048 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  106.189314][ T5489] RAX: ffffffffffffffda RBX: 00007f0df2503f60 RCX: 00007f0df2375bd9
[  106.197294][ T5489] RDX: 0000000000000001 RSI: 00000000200000c0 RDI: 0000000000000003
[  106.205273][ T5489] RBP: 00007f0df31dd0a0 R08: 0000000000000000 R09: 0000000000000000
[  106.213254][ T5489] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  106.221237][ T5489] R13: 000000000000000b R14: 00007f0df2503f60 R15: 00007ffcd2b41118
[  106.229242][ T5489]  </TASK>
[  106.379848][ T5494] netlink: 'syz.2.86': attribute type 5 has an invalid length.
[  106.386469][  T784] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  106.414382][   T29] kauditd_printk_skb: 50 callbacks suppressed
[  106.414402][   T29] audit: type=1326 audit(1720207871.251:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5501 comm="syz.4.87" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5b2975bd9 code=0x7ffc0000
[  106.504194][   T29] audit: type=1326 audit(1720207871.251:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5501 comm="syz.4.87" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5b2975bd9 code=0x7ffc0000
[  106.564799][ T5507] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8)
[  106.571385][ T5507] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  106.579159][  T784] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  106.581600][   T29] audit: type=1326 audit(1720207871.251:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5501 comm="syz.4.87" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa5b2975bd9 code=0x7ffc0000
[  106.622923][ T5507] vhci_hcd vhci_hcd.0: Device attached
[  106.627047][  T784] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  106.631432][   T29] audit: type=1326 audit(1720207871.251:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5501 comm="syz.4.87" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5b2975bd9 code=0x7ffc0000
[  106.678810][  T784] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  106.696728][ T5138] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  106.703307][  T784] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  106.732476][  T784] usb 2-1: SerialNumber: syz
[  106.751010][   T29] audit: type=1326 audit(1720207871.251:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5501 comm="syz.4.87" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa5b2975bd9 code=0x7ffc0000
[  106.788302][   T29] audit: type=1326 audit(1720207871.251:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5501 comm="syz.4.87" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5b2975bd9 code=0x7ffc0000
[  106.815016][   T29] audit: type=1326 audit(1720207871.251:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5501 comm="syz.4.87" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5b2975bd9 code=0x7ffc0000
[  106.851103][    T9] vhci_hcd: vhci_device speed not set
[  106.863937][   T29] audit: type=1326 audit(1720207871.251:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5501 comm="syz.4.87" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7fa5b2975bd9 code=0x7ffc0000
[  106.876666][ T5173] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  106.897517][   T29] audit: type=1326 audit(1720207871.261:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5501 comm="syz.4.87" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5b2975bd9 code=0x7ffc0000
[  106.923157][ T5138] usb 4-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad
[  106.933494][ T5138] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  106.944049][   T29] audit: type=1326 audit(1720207871.261:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5503 comm="syz.4.87" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fa5b29a7bc5 code=0x7ffc0000
[  106.966700][    T9] usb 13-1: new full-speed USB device number 3 using vhci_hcd
[  106.983871][ T5138] usb 4-1: config 0 descriptor??
[  106.993250][ T5138] gspca_main: spca508-2.14.0 probing 8086:0110
[  107.028360][ T5514] batadv0: mtu less than device minimum
[  107.061577][ T5093] Bluetooth: hci3: command 0x0406 tx timeout
[  107.082317][ T5173] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  107.101336][ T5508] vhci_hcd: connection closed
[  107.102399][ T1048] vhci_hcd: stop threads
[  107.122350][ T5173] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  107.149033][ T1048] vhci_hcd: release socket
[  107.161192][ T5517] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  107.162434][ T1048] vhci_hcd: disconnect device
[  107.184713][ T5173] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  107.216631][ T5173] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  107.239601][ T5173] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  107.257199][ T5517] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  107.281922][ T5138] gspca_spca508: reg_read err -32
[  107.290295][ T5173] usb 1-1: config 0 descriptor??
[  107.293830][ T5138] gspca_spca508: reg_read err -32
[  107.306099][ T5138] gspca_spca508: reg_read err -32
[  107.451891][  T784] usb 2-1: 0:2 : does not exist
[  107.480249][  T784] usb 2-1: unit 5 not found!
[  107.658611][ T5173] usbhid 1-1:0.0: can't add hid device: -71
[  107.664916][ T5173] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  107.675720][  T784] usb 2-1: USB disconnect, device number 4
[  107.713623][ T5500] overlayfs: failed to resolve './file1': -2
[  107.734944][ T5173] usb 1-1: USB disconnect, device number 3
[  107.759297][ T5525] Cannot find add_set index 0 as target
[  108.018309][ T5093] Bluetooth: hci1: command 0x0406 tx timeout
[  108.042380][ T5138] gspca_spca508: reg_read err -110
[  108.054625][ T5138] gspca_spca508: reg write: error -32
[  108.346908][ T5141] vhci_hcd: vhci_device speed not set
[  108.862909][ T5138] spca508 4-1:0.0: probe with driver spca508 failed with error -32
[  108.931168][ T5526] udevd[5526]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  109.031381][ T5536] FAULT_INJECTION: forcing a failure.
[  109.031381][ T5536] name failslab, interval 1, probability 0, space 0, times 0
[  109.044264][ T5536] CPU: 0 PID: 5536 Comm: syz.4.93 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0
[  109.054190][ T5536] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  109.064269][ T5536] Call Trace:
[  109.067573][ T5536]  <TASK>
[  109.070563][ T5536]  dump_stack_lvl+0x241/0x360
[  109.075286][ T5536]  ? __pfx_dump_stack_lvl+0x10/0x10
[  109.080530][ T5536]  ? __pfx__printk+0x10/0x10
[  109.085158][ T5536]  ? __pfx___might_resched+0x10/0x10
[  109.090486][ T5536]  should_fail_ex+0x3b0/0x4e0
[  109.095203][ T5536]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[  109.100954][ T5536]  should_failslab+0x9/0x20
[  109.105490][ T5536]  __kmalloc_noprof+0xd8/0x400
[  109.110286][ T5536]  ? kfree+0x4e/0x360
[  109.114301][ T5536]  tomoyo_realpath_from_path+0xcf/0x5e0
[  109.119898][ T5536]  tomoyo_path_number_perm+0x23a/0x880
[  109.125406][ T5536]  ? tomoyo_path_number_perm+0x208/0x880
[  109.131079][ T5536]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  109.137138][ T5536]  ? __fget_files+0x29/0x470
[  109.141760][ T5536]  ? __fget_files+0x3f6/0x470
[  109.146458][ T5536]  ? __fget_files+0x29/0x470
[  109.151081][ T5536]  security_file_ioctl+0x75/0xb0
[  109.156047][ T5536]  __se_sys_ioctl+0x47/0x170
[  109.160679][ T5536]  do_syscall_64+0xf3/0x230
[  109.165216][ T5536]  ? clear_bhb_loop+0x35/0x90
[  109.169937][ T5536]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  109.175865][ T5536] RIP: 0033:0x7fa5b2975bd9
[  109.180306][ T5536] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  109.199944][ T5536] RSP: 002b:00007fa5b36cf048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  109.208393][ T5536] RAX: ffffffffffffffda RBX: 00007fa5b2b04110 RCX: 00007fa5b2975bd9
[  109.216391][ T5536] RDX: 0000000020000040 RSI: 00000000800c5011 RDI: 0000000000000005
[  109.224383][ T5536] RBP: 00007fa5b36cf0a0 R08: 0000000000000000 R09: 0000000000000000
[  109.232379][ T5536] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  109.240375][ T5536] R13: 000000000000006e R14: 00007fa5b2b04110 R15: 00007fffa3036088
[  109.248394][ T5536]  </TASK>
[  109.255677][ T5536] ERROR: Out of memory at tomoyo_realpath_from_path.
[  109.354924][ T5138] usb 4-1: USB disconnect, device number 3
[  109.857181][ T4476] Bluetooth: hci2: command 0x0406 tx timeout
[  110.454474][ T5549] netlink: 40 bytes leftover after parsing attributes in process `syz.3.97'.
[  110.579015][ T5549] netlink: 72 bytes leftover after parsing attributes in process `syz.3.97'.
[  111.135432][ T5574] netlink: 'syz.0.102': attribute type 5 has an invalid length.
[  111.283701][ T5578] batadv0: mtu less than device minimum
[  111.356537][ T5582] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(8)
[  111.363132][ T5582] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  111.374543][ T5582] vhci_hcd vhci_hcd.0: Device attached
[  111.586594][ T5141] vhci_hcd: vhci_device speed not set
[  111.656448][ T5141] usb 9-1: new full-speed USB device number 2 using vhci_hcd
[  111.884411][ T5584] vhci_hcd: connection closed
[  111.885504][   T61] vhci_hcd: stop threads
[  111.905172][   T61] vhci_hcd: release socket
[  111.925893][   T61] vhci_hcd: disconnect device
[  112.099410][    T9] vhci_hcd: vhci_device speed not set
[  112.279711][ T5599] Cannot find add_set index 0 as target
[  112.396608][ T5173] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  112.959985][ T5173] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  112.979187][ T5173] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  112.998731][ T5173] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  113.016058][ T5173] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  113.043417][ T5173] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  113.054642][ T5173] usb 2-1: config 0 descriptor??
[  113.216638][ T5138] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  113.225016][ T5609] FAULT_INJECTION: forcing a failure.
[  113.225016][ T5609] name failslab, interval 1, probability 0, space 0, times 0
[  113.267017][ T5609] CPU: 1 PID: 5609 Comm: syz.2.111 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0
[  113.277071][ T5609] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  113.287171][ T5609] Call Trace:
[  113.292655][ T5609]  <TASK>
[  113.295617][ T5609]  dump_stack_lvl+0x241/0x360
[  113.300352][ T5609]  ? __pfx_dump_stack_lvl+0x10/0x10
[  113.305605][ T5609]  ? __pfx__printk+0x10/0x10
[  113.310255][ T5609]  ? __pfx___might_resched+0x10/0x10
[  113.315606][ T5609]  should_fail_ex+0x3b0/0x4e0
[  113.320337][ T5609]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[  113.326104][ T5609]  should_failslab+0x9/0x20
[  113.330655][ T5609]  __kmalloc_noprof+0xd8/0x400
[  113.335452][ T5609]  ? kfree+0x4e/0x360
[  113.339448][ T5609]  tomoyo_realpath_from_path+0xcf/0x5e0
[  113.345020][ T5609]  tomoyo_path_number_perm+0x23a/0x880
[  113.350500][ T5609]  ? tomoyo_path_number_perm+0x208/0x880
[  113.356172][ T5609]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  113.362196][ T5609]  ? __fget_files+0x29/0x470
[  113.366808][ T5609]  ? __fget_files+0x3f6/0x470
[  113.371482][ T5609]  ? __fget_files+0x29/0x470
[  113.376106][ T5609]  security_file_ioctl+0x75/0xb0
[  113.381074][ T5609]  __se_sys_ioctl+0x47/0x170
[  113.385711][ T5609]  do_syscall_64+0xf3/0x230
[  113.390265][ T5609]  ? clear_bhb_loop+0x35/0x90
[  113.395019][ T5609]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  113.400961][ T5609] RIP: 0033:0x7fa7a7575bd9
[  113.405416][ T5609] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  113.425099][ T5609] RSP: 002b:00007fa7a8393048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  113.433576][ T5609] RAX: ffffffffffffffda RBX: 00007fa7a7703f60 RCX: 00007fa7a7575bd9
[  113.441585][ T5609] RDX: 00000000200042c0 RSI: 00000000c0485619 RDI: 0000000000000003
[  113.449593][ T5609] RBP: 00007fa7a83930a0 R08: 0000000000000000 R09: 0000000000000000
[  113.457604][ T5609] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  113.465600][ T5609] R13: 000000000000000b R14: 00007fa7a7703f60 R15: 00007ffd855a74e8
[  113.473632][ T5609]  </TASK>
[  113.493166][ T5609] ERROR: Out of memory at tomoyo_realpath_from_path.
[  113.586453][ T5138] usb 4-1: Using ep0 maxpacket: 32
[  113.611159][ T5138] usb 4-1: config 0 has an invalid interface number: 170 but max is 0
[  113.634097][ T5138] usb 4-1: config 0 has an invalid descriptor of length 236, skipping remainder of the config
[  113.654922][ T5138] usb 4-1: config 0 has no interface number 0
[  113.701065][ T5173] usbhid 2-1:0.0: can't add hid device: -71
[  113.718340][ T5173] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  113.760131][ T5138] usb 4-1: New USB device found, idVendor=05c8, idProduct=0403, bcdDevice=75.12
[  113.761016][ T5173] usb 2-1: USB disconnect, device number 5
[  113.792609][ T5138] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  113.816415][ T5138] usb 4-1: Product: syz
[  113.820677][ T5138] usb 4-1: Manufacturer: syz
[  113.855252][ T5138] usb 4-1: SerialNumber: syz
[  113.873658][ T5138] usb 4-1: config 0 descriptor??
[  113.904567][ T5138] usb 4-1: Found UVC 0.09 device syz (05c8:0403)
[  113.938535][ T5138] usb 4-1: No valid video chain found.
[  114.110376][ T5138] usb 4-1: USB disconnect, device number 4
[  114.206749][ T5136] usb 1-1: new low-speed USB device number 4 using dummy_hcd
[  114.418780][ T5136] usb 1-1: Invalid ep0 maxpacket: 16
[  114.607924][ T5136] usb 1-1: new low-speed USB device number 5 using dummy_hcd
[  114.846600][ T5136] usb 1-1: Invalid ep0 maxpacket: 16
[  114.852589][ T5136] usb usb1-port1: attempt power cycle
[  115.002637][ T5636] batadv0: mtu less than device minimum
[  115.232296][ T5641] netlink: 'syz.1.120': attribute type 5 has an invalid length.
[  115.303238][ T5136] usb 1-1: new low-speed USB device number 6 using dummy_hcd
[  115.336871][ T5173] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  115.347179][ T5136] usb 1-1: Invalid ep0 maxpacket: 16
[  115.451490][ T5645] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8)
[  115.458064][ T5645] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  115.466108][ T5645] vhci_hcd vhci_hcd.0: Device attached
[  115.516588][ T5136] usb 1-1: new low-speed USB device number 7 using dummy_hcd
[  115.539991][ T5173] usb 4-1: config index 0 descriptor too short (expected 23569, got 27)
[  115.567358][ T5173] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  115.597063][ T5136] usb 1-1: Invalid ep0 maxpacket: 16
[  115.608713][ T5173] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  115.643197][ T5136] usb usb1-port1: unable to enumerate USB device
[  115.685752][ T5173] usb 4-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  115.695186][   T45] vhci_hcd: vhci_device speed not set
[  115.725561][ T5173] usb 4-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  115.758816][ T5173] usb 4-1: Manufacturer: syz
[  115.785119][ T5173] usb 4-1: config 0 descriptor??
[  115.791752][   T45] usb 11-1: new full-speed USB device number 3 using vhci_hcd
[  115.824658][ T5173] igorplugusb 4-1:0.0: incorrect number of endpoints
[  115.973653][ T5650] Cannot find add_set index 0 as target
[  116.066567][ T5646] vhci_hcd: connection closed
[  116.329623][   T51] vhci_hcd: stop threads
[  116.340147][   T51] vhci_hcd: release socket
[  116.344872][   T51] vhci_hcd: disconnect device
[  116.817566][ T5141] vhci_hcd: vhci_device speed not set
[  117.895511][ T5089] Bluetooth: hci1: ACL packet for unknown connection handle 0
[  118.097865][ T5670] binder: BINDER_SET_CONTEXT_MGR already set
[  118.104339][ T5670] binder: 5665:5670 ioctl 4018620d 20000040 returned -16
[  119.313314][ T5141] usb 4-1: USB disconnect, device number 5
[  119.902064][ T5690] batadv0: mtu less than device minimum
[  120.105166][ T5695] netlink: 96 bytes leftover after parsing attributes in process `syz.3.132'.
[  120.147630][ T5695] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  120.412481][ T5699] netlink: 'syz.4.133': attribute type 5 has an invalid length.
[  120.551826][ T5141] usb 4-1: new full-speed USB device number 6 using dummy_hcd
[  120.637823][ T5702] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(8)
[  120.644409][ T5702] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  120.704290][ T5702] vhci_hcd vhci_hcd.0: Device attached
[  120.888895][ T5709] netlink: 96 bytes leftover after parsing attributes in process `syz.0.134'.
[  120.903080][ T5141] usb 4-1: descriptor type invalid, skip
[  120.914491][ T5709] iommufd_mock iommufd_mock1: Adding to iommu group 1
[  120.944400][ T5173] vhci_hcd: vhci_device speed not set
[  120.959977][ T5141] usb 4-1: descriptor type invalid, skip
[  120.975198][ T5141] usb 4-1: descriptor type invalid, skip
[  120.995787][   T45] vhci_hcd: vhci_device speed not set
[  121.011898][ T5141] usb 4-1: not running at top speed; connect to a high speed hub
[  121.025711][ T5141] usb 4-1: config 1 interface 0 altsetting 194 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  121.039067][ T5173] usb 17-1: new full-speed USB device number 2 using vhci_hcd
[  121.127885][ T5141] usb 4-1: config 1 interface 0 has no altsetting 0
[  121.186865][ T5141] usb 4-1: New USB device found, idVendor=04e7, idProduct=0050, bcdDevice= 0.40
[  121.207880][ T5141] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  121.221301][ T5141] usb 4-1: Product: syz
[  121.230607][ T5141] usb 4-1: Manufacturer: syz
[  121.241413][ T5703] vhci_hcd: connection closed
[  121.252188][   T12] vhci_hcd: stop threads
[  121.269655][   T12] vhci_hcd: release socket
[  121.274214][ T5141] usb 4-1: SerialNumber: syz
[  121.296688][   T12] vhci_hcd: disconnect device
[  121.316511][ T5138] usb 1-1: new full-speed USB device number 8 using dummy_hcd
[  121.318732][ T5695] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  121.688611][ T5138] usb 1-1: descriptor type invalid, skip
[  121.695420][ T5138] usb 1-1: descriptor type invalid, skip
[  121.706472][ T5138] usb 1-1: descriptor type invalid, skip
[  121.714237][ T5138] usb 1-1: not running at top speed; connect to a high speed hub
[  121.734305][ T5138] usb 1-1: config 1 interface 0 altsetting 194 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  121.766423][ T5138] usb 1-1: config 1 interface 0 has no altsetting 0
[  121.777879][ T5138] usb 1-1: New USB device found, idVendor=04e7, idProduct=0050, bcdDevice= 0.40
[  121.789811][ T5138] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  121.799303][ T5138] usb 1-1: Product: syz
[  121.803681][ T5138] usb 1-1: Manufacturer: syz
[  121.808727][ T5138] usb 1-1: SerialNumber: syz
[  121.826473][  T932] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  121.842287][ T5709] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  122.038923][  T932] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  122.059143][  T932] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  122.087837][  T932] usb 2-1: New USB device found, idVendor=07b0, idProduct=0006, bcdDevice=84.fc
[  122.116438][  T932] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  122.142999][  T932] usb 2-1: config 0 descriptor??
[  122.165736][  T932] HFC-S_USB 2-1:0.0: probe with driver HFC-S_USB failed with error -5
[  122.251574][ T5718] netlink: 'syz.4.137': attribute type 12 has an invalid length.
[  122.534686][ T5720] netlink: 36 bytes leftover after parsing attributes in process `syz.4.137'.
[  122.664839][   T45] usb 2-1: USB disconnect, device number 6
[  122.797511][ T5719] IPVS: set_ctl: invalid protocol: 41 100.1.1.1:20003
[  123.065230][ T5141] usbhid 4-1:1.0: can't add hid device: -71
[  123.089626][ T5141] usbhid 4-1:1.0: probe with driver usbhid failed with error -71
[  123.142570][ T5141] usb 4-1: USB disconnect, device number 6
[  123.442459][ T5729] fuse: Bad value for 'fd'
[  123.776522][ T5141] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  123.842373][ T5138] usbhid 1-1:1.0: can't add hid device: -71
[  123.891085][ T5138] usbhid 1-1:1.0: probe with driver usbhid failed with error -71
[  123.913684][ T5138] usb 1-1: USB disconnect, device number 8
[  124.024313][ T5141] usb 4-1: config index 0 descriptor too short (expected 23569, got 27)
[  124.051923][ T5141] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  124.082227][ T5141] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  124.120089][ T5141] usb 4-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  124.146650][ T5141] usb 4-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  124.181720][ T5141] usb 4-1: Manufacturer: syz
[  124.208209][ T5141] usb 4-1: config 0 descriptor??
[  124.240620][ T5141] igorplugusb 4-1:0.0: incorrect number of endpoints
[  124.332144][ T5740] netlink: 4 bytes leftover after parsing attributes in process `syz.2.143'.
[  124.372653][ T5744] FAULT_INJECTION: forcing a failure.
[  124.372653][ T5744] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  124.386952][ T5744] CPU: 1 PID: 5744 Comm: syz.1.145 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0
[  124.396981][ T5744] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  124.407070][ T5744] Call Trace:
[  124.410380][ T5744]  <TASK>
[  124.413337][ T5744]  dump_stack_lvl+0x241/0x360
[  124.418053][ T5744]  ? __pfx_dump_stack_lvl+0x10/0x10
[  124.423276][ T5744]  ? __pfx__printk+0x10/0x10
[  124.427894][ T5744]  ? snprintf+0xda/0x120
[  124.432237][ T5744]  should_fail_ex+0x3b0/0x4e0
[  124.436939][ T5744]  _copy_to_user+0x2f/0xb0
[  124.441366][ T5744]  simple_read_from_buffer+0xca/0x150
[  124.446762][ T5744]  proc_fail_nth_read+0x1e9/0x250
[  124.451805][ T5744]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  124.457366][ T5744]  ? rw_verify_area+0x520/0x6b0
[  124.462233][ T5744]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  124.467796][ T5744]  vfs_read+0x204/0xbc0
[  124.471970][ T5744]  ? __pfx_lock_release+0x10/0x10
[  124.477011][ T5744]  ? __pfx_vfs_read+0x10/0x10
[  124.481719][ T5744]  ? __fget_files+0x29/0x470
[  124.486320][ T5744]  ? __fget_files+0x3f6/0x470
[  124.491014][ T5744]  ksys_read+0x1a0/0x2c0
[  124.495277][ T5744]  ? __pfx_ksys_read+0x10/0x10
[  124.500058][ T5744]  ? do_syscall_64+0x100/0x230
[  124.504896][ T5744]  ? do_syscall_64+0xb6/0x230
[  124.509601][ T5744]  do_syscall_64+0xf3/0x230
[  124.514153][ T5744]  ? clear_bhb_loop+0x35/0x90
[  124.518934][ T5744]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  124.524848][ T5744] RIP: 0033:0x7f2b8a5746bc
[  124.529272][ T5744] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[  124.548904][ T5744] RSP: 002b:00007f2b8b3a3040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  124.557334][ T5744] RAX: ffffffffffffffda RBX: 00007f2b8a703f60 RCX: 00007f2b8a5746bc
[  124.565318][ T5744] RDX: 000000000000000f RSI: 00007f2b8b3a30b0 RDI: 0000000000000004
[  124.573314][ T5744] RBP: 00007f2b8b3a30a0 R08: 0000000000000000 R09: 0000000000000000
[  124.581305][ T5744] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  124.589285][ T5744] R13: 000000000000000b R14: 00007f2b8a703f60 R15: 00007fff5d41ad38
[  124.597298][ T5744]  </TASK>
[  124.603680][ T5740] team_slave_0: entered promiscuous mode
[  124.612613][ T5740] team_slave_0: entered allmulticast mode
[  124.677349][ T5740] team0: Port device team_slave_0 removed
[  124.719854][ T5750] batadv0: mtu less than device minimum
[  124.759672][ T5752] netlink: 'syz.1.147': attribute type 5 has an invalid length.
[  125.101793][ T5758] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8)
[  125.108377][ T5758] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  125.116561][ T5758] vhci_hcd vhci_hcd.0: Device attached
[  126.117622][ T5137] vhci_hcd: vhci_device speed not set
[  126.164339][ T5766] netlink: 'syz.2.149': attribute type 27 has an invalid length.
[  126.172395][ T5759] vhci_hcd: connection closed
[  126.175826][   T61] vhci_hcd: stop threads
[  126.192724][ T5173] vhci_hcd: vhci_device speed not set
[  126.200085][ T5137] usb 11-1: new full-speed USB device number 4 using vhci_hcd
[  126.229436][   T61] vhci_hcd: release socket
[  126.242638][   T61] vhci_hcd: disconnect device
[  126.374050][ T5773] binder: BINDER_SET_CONTEXT_MGR already set
[  126.380233][ T5773] binder: 5767:5773 ioctl 4018620d 20000040 returned -16
[  126.391608][ T5773] binder: 5767:5773 ioctl c0306201 0 returned -14
[  127.687587][ T5727] netlink: 80 bytes leftover after parsing attributes in process `syz.3.140'.
[  127.960252][ T5766] bridge0: port 2(bridge_slave_1) entered disabled state
[  127.969138][ T5766] bridge0: port 1(bridge_slave_0) entered disabled state
[  128.179639][  T784] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  128.217928][ T5766] team_slave_0: left promiscuous mode
[  128.223414][ T5766] team_slave_0: left allmulticast mode
[  128.243979][ T5766] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  128.272960][ T5766] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  128.399567][  T784] usb 3-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  128.414912][  T784] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  128.487622][  T784] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  128.507985][  T784] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  128.516146][  T784] usb 3-1: Product: syz
[  128.543978][  T784] usb 3-1: Manufacturer: syz
[  128.557875][  T784] usb 3-1: SerialNumber: syz
[  128.605334][  T784] cdc_ether 3-1:1.0: probe with driver cdc_ether failed with error -22
[  128.893657][ T5766] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  128.911314][ T5766] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  128.920940][ T5766] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  128.929324][ T5771] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  128.945389][ T5766] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  129.030215][ T5771] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  130.478229][ T5769] 8021q: adding VLAN 0 to HW filter on device bond0
[  130.493731][ T5136] usb 4-1: USB disconnect, device number 7
[  130.518370][ T5769] 8021q: adding VLAN 0 to HW filter on device team0
[  130.558263][ T5769] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  130.660937][ T5792] usb 3-1: USB disconnect, device number 4
[  130.662957][ T5820] netlink: 4 bytes leftover after parsing attributes in process `syz.3.157'.
[  131.484079][ T5820] team_slave_0: entered promiscuous mode
[  131.723188][ T5820] team_slave_0: entered allmulticast mode
[  131.917042][ T5820] team0: Port device team_slave_0 removed
[  132.186440][ T5137] vhci_hcd: vhci_device speed not set
[  132.296956][ T5836] netlink: 'syz.0.162': attribute type 5 has an invalid length.
[  132.365975][ T5840] capability: warning: `syz.1.164' uses deprecated v2 capabilities in a way that may be insecure
[  132.570221][ T5850] binder: BINDER_SET_CONTEXT_MGR already set
[  132.586924][ T5850] binder: 5843:5850 ioctl 4018620d 20000040 returned -16
[  133.246946][ T1251] ieee802154 phy0 wpan0: encryption failed: -22
[  133.275957][ T1251] ieee802154 phy1 wpan1: encryption failed: -22
[  133.905991][ T5853] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(8)
[  133.906062][ T5853] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  133.906165][ T5854] vhci_hcd: connection closed
[  133.976552][ T5853] vhci_hcd vhci_hcd.0: Device attached
[  134.338297][   T35] vhci_hcd: stop threads
[  134.342590][   T35] vhci_hcd: release socket
[  134.364024][    T8] vhci_hcd: vhci_device speed not set
[  134.377264][   T35] vhci_hcd: disconnect device
[  134.470558][    T8] usb 9-1: new full-speed USB device number 3 using vhci_hcd
[  134.507537][    T8] usb 9-1: enqueue for inactive port 0
[  134.599483][    T8] vhci_hcd: vhci_device speed not set
[  134.663042][ T5867] netlink: 'syz.2.169': attribute type 27 has an invalid length.
[  134.676491][ T5792] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  134.896625][ T5136] usb 2-1: new full-speed USB device number 7 using dummy_hcd
[  134.912139][ T5792] usb 5-1: config index 0 descriptor too short (expected 23569, got 27)
[  134.931384][ T5792] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  134.960215][ T5792] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  134.990409][ T5792] usb 5-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  135.028495][ T5792] usb 5-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  135.052706][ T5792] usb 5-1: Manufacturer: syz
[  135.075830][ T5792] usb 5-1: config 0 descriptor??
[  135.090010][ T5792] igorplugusb 5-1:0.0: incorrect number of endpoints
[  135.115586][ T5136] usb 2-1: New USB device found, idVendor=056e, idProduct=4010, bcdDevice=20.1c
[  135.148967][ T5136] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  135.207004][ T5136] usb 2-1: config 0 descriptor??
[  135.311394][ T5873] 8021q: adding VLAN 0 to HW filter on device bond0
[  135.326562][ T5792] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  135.339546][ T5873] 8021q: adding VLAN 0 to HW filter on device team0
[  135.375326][ T5873] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  135.559523][ T5792] usb 3-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  135.572023][ T5792] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  135.597623][ T5792] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  135.627411][ T5792] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  135.648037][ T5792] usb 3-1: Product: syz
[  135.652294][ T5792] usb 3-1: Manufacturer: syz
[  135.661154][ T5862] netlink: 80 bytes leftover after parsing attributes in process `syz.4.167'.
[  135.672229][ T5792] usb 3-1: SerialNumber: syz
[  135.677282][ T5089] Bluetooth: Unknown BR/EDR signaling command 0x10
[  135.684049][ T5089] Bluetooth: Wrong link type (-22)
[  135.689885][ T5089] Bluetooth: Unknown BR/EDR signaling command 0x0d
[  135.697278][ T5089] Bluetooth: Wrong link type (-22)
[  135.702476][ T5089] Bluetooth: Unknown BR/EDR signaling command 0x11
[  135.710260][ T5089] Bluetooth: Wrong link type (-22)
[  135.715578][ T5089] Bluetooth: hci0: link tx timeout
[  135.722181][ T5089] Bluetooth: hci0: killing stalled connection 11:aa:aa:aa:aa:aa
[  135.743474][ T5792] cdc_ether 3-1:1.0: probe with driver cdc_ether failed with error -22
[  136.848086][ T5886] netdevsim netdevsim0: Direct firmware load for ng failed with error -2
[  136.879230][ T5886] netdevsim netdevsim0: Falling back to sysfs fallback for: ng
[  136.994977][    T8] usb 5-1: USB disconnect, device number 2
[  137.273980][ T5865] netlink: 8 bytes leftover after parsing attributes in process `syz.1.168'.
[  137.300460][ T5867] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  137.309694][ T5867] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  137.386544][ T5800] usb 3-1: USB disconnect, device number 5
[  137.776527][ T4476] Bluetooth: hci0: command 0x0406 tx timeout
[  138.428013][ T5136] pegasus 2-1:0.0: can't reset MAC
[  138.443587][ T5136] pegasus 2-1:0.0: probe with driver pegasus failed with error -5
[  138.555927][ T5903] FAULT_INJECTION: forcing a failure.
[  138.555927][ T5903] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  138.569471][ T5903] CPU: 1 PID: 5903 Comm: syz.0.177 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0
[  138.579491][ T5903] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  138.589562][ T5903] Call Trace:
[  138.592851][ T5903]  <TASK>
[  138.595795][ T5903]  dump_stack_lvl+0x241/0x360
[  138.600498][ T5903]  ? __pfx_dump_stack_lvl+0x10/0x10
[  138.605708][ T5903]  ? __pfx__printk+0x10/0x10
[  138.610332][ T5903]  ? __pfx_lock_release+0x10/0x10
[  138.615387][ T5903]  should_fail_ex+0x3b0/0x4e0
[  138.620084][ T5903]  _copy_from_user+0x2f/0xe0
[  138.624682][ T5903]  keyctl_dh_compute+0xb7/0x160
[  138.629560][ T5903]  ? __pfx_keyctl_dh_compute+0x10/0x10
[  138.635037][ T5903]  ? vfs_write+0x7c4/0xc90
[  138.639484][ T5903]  __se_sys_keyctl+0x3f3/0xa50
[  138.644264][ T5903]  ? __pfx___se_sys_keyctl+0x10/0x10
[  138.649561][ T5903]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  138.655565][ T5903]  ? __fget_files+0x3f6/0x470
[  138.660270][ T5903]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  138.666260][ T5903]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  138.672611][ T5903]  ? do_syscall_64+0x100/0x230
[  138.677393][ T5903]  ? __x64_sys_keyctl+0x20/0xc0
[  138.682253][ T5903]  do_syscall_64+0xf3/0x230
[  138.686778][ T5903]  ? clear_bhb_loop+0x35/0x90
[  138.691468][ T5903]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  138.697391][ T5903] RIP: 0033:0x7f2645b75bd9
[  138.701813][ T5903] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  138.721426][ T5903] RSP: 002b:00007f26469fc048 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa
[  138.729851][ T5903] RAX: ffffffffffffffda RBX: 00007f2645d03f60 RCX: 00007f2645b75bd9
[  138.737942][ T5903] RDX: 0000000000000000 RSI: 00000000200008c0 RDI: 0000000000000017
[  138.745919][ T5903] RBP: 00007f26469fc0a0 R08: 0000000020000980 R09: 0000000000000000
[  138.753910][ T5903] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  138.761976][ T5903] R13: 000000000000000b R14: 00007f2645d03f60 R15: 00007fffb1e708c8
[  138.769966][ T5903]  </TASK>
[  138.836711][ T5137] usb 2-1: USB disconnect, device number 7
[  138.936466][   T29] kauditd_printk_skb: 25 callbacks suppressed
[  138.936487][   T29] audit: type=1326 audit(1720207903.751:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5905 comm="syz.0.178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2645b75bd9 code=0x7ffc0000
[  139.046601][   T29] audit: type=1326 audit(1720207903.751:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5905 comm="syz.0.178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2645b75bd9 code=0x7ffc0000
[  139.073495][ T5911] netlink: 'syz.2.181': attribute type 5 has an invalid length.
[  139.084093][ T5909] could not allocate digest TFM handle rmd128-generic
[  139.102678][ T5917] FAULT_INJECTION: forcing a failure.
[  139.102678][ T5917] name failslab, interval 1, probability 0, space 0, times 0
[  139.102683][   T29] audit: type=1326 audit(1720207903.761:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5905 comm="syz.0.178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2645b75bd9 code=0x7ffc0000
[  139.115621][   T29] audit: type=1326 audit(1720207903.761:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5905 comm="syz.0.178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2645b75bd9 code=0x7ffc0000
[  139.136869][ T5917] CPU: 1 PID: 5917 Comm: syz.4.180 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0
[  139.136901][ T5917] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  139.136915][ T5917] Call Trace:
[  139.136926][ T5917]  <TASK>
[  139.136937][ T5917]  dump_stack_lvl+0x241/0x360
[  139.136980][ T5917]  ? __pfx_dump_stack_lvl+0x10/0x10
[  139.159864][   T29] audit: type=1326 audit(1720207903.761:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5905 comm="syz.0.178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2645b75bd9 code=0x7ffc0000
[  139.168298][ T5917]  ? __pfx__printk+0x10/0x10
[  139.168341][ T5917]  ? __pfx_lock_acquire+0x10/0x10
[  139.178691][   T29] audit: type=1326 audit(1720207903.761:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5905 comm="syz.0.178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2645b75bd9 code=0x7ffc0000
[  139.181679][ T5917]  ? __sigqueue_alloc+0x2f/0x540
[  139.184791][   T29] audit: type=1326 audit(1720207903.771:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5905 comm="syz.0.178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f2645b6cc27 code=0x7ffc0000
[  139.189352][ T5917]  should_fail_ex+0x3b0/0x4e0
[  139.189401][ T5917]  ? __sigqueue_alloc+0x42e/0x540
[  139.189435][ T5917]  should_failslab+0x9/0x20
[  139.189462][ T5917]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  139.189495][ T5917]  __sigqueue_alloc+0x42e/0x540
[  139.189534][ T5917]  __send_signal_locked+0x22f/0xdc0
[  139.189569][ T5917]  ? __lock_task_sighand+0x29/0x2d0
[  139.189605][ T5917]  group_send_sig_info+0x292/0x310
[  139.189642][ T5917]  ? __pfx_group_send_sig_info+0x10/0x10
[  139.189685][ T5917]  bpf_send_signal_common+0x2dd/0x430
[  139.189715][ T5917]  ? __pfx_bpf_send_signal_common+0x10/0x10
[  139.189737][ T5917]  ? lock_release+0x630/0x9f0
[  139.189773][ T5917]  ? bpf_trace_run2+0x1fc/0x540
[  139.189803][ T5917]  bpf_send_signal+0x19/0x30
[  139.189830][ T5917]  bpf_prog_2a4b6e86cea73e9e+0x22/0x28
[  139.189853][ T5917]  bpf_trace_run2+0x2ec/0x540
[  139.189893][ T5917]  ? __pfx_bpf_trace_run2+0x10/0x10
[  139.189926][ T5917]  ? __pfx___might_resched+0x10/0x10
[  139.189954][ T5917]  ? vfree+0x24c/0x2e0
[  139.189988][ T5917]  ? free_unref_page+0x634/0xea0
[  139.190013][ T5917]  ? vfree+0x24c/0x2e0
[  139.190040][ T5917]  kfree+0x2bb/0x360
[  139.190072][ T5917]  vfree+0x24c/0x2e0
[  139.201684][   T29] audit: type=1326 audit(1720207903.771:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5905 comm="syz.0.178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f2645b115c9 code=0x7ffc0000
[  139.216610][ T5917]  n_tty_close+0x168/0x1e0
[  139.216657][ T5917]  ? tty_ldisc_close+0x11d/0x190
[  139.216691][ T5917]  tty_ldisc_kill+0xa3/0x1a0
[  139.216725][ T5917]  tty_ldisc_hangup+0x3c4/0x4d0
[  139.216759][ T5917]  __tty_hangup+0x407/0x6c0
[  139.216790][ T5917]  ? pty_close+0x375/0x420
[  139.216814][ T5917]  ? __pfx_pty_close+0x10/0x10
[  139.216843][ T5917]  tty_release+0x32d/0x12c0
[  139.216886][ T5917]  ? evm_file_release+0x140/0x1d0
[  139.216911][ T5917]  ? __pfx_tty_release+0x10/0x10
[  139.216943][ T5917]  __fput+0x24a/0x8a0
[  139.216991][ T5917]  task_work_run+0x24f/0x310
[  139.217033][ T5917]  ? __pfx_task_work_run+0x10/0x10
[  139.217068][ T5917]  ? syscall_exit_to_user_mode+0xa3/0x360
[  139.217106][ T5917]  syscall_exit_to_user_mode+0x168/0x360
[  139.217150][ T5917]  do_syscall_64+0x100/0x230
[  139.217184][ T5917]  ? clear_bhb_loop+0x35/0x90
[  139.217222][ T5917]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.217254][ T5917] RIP: 0033:0x7fa5b2975bd9
[  139.217277][ T5917] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  139.217296][ T5917] RSP: 002b:00007fa5b36f0048 EFLAGS: 00000246
[  139.225122][   T29] audit: type=1326 audit(1720207903.771:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5905 comm="syz.0.178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f2645b6cc27 code=0x7ffc0000
[  139.226905][ T5917]  ORIG_RAX: 00000000000001b4
[  139.226921][ T5917] RAX: 0000000000000000 RBX: 00007fa5b2b04038 RCX: 00007fa5b2975bd9
[  139.226938][ T5917] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000000000003
[  139.226953][ T5917] RBP: 00007fa5b36f00a0 R08: 0000000000000000 R09: 0000000000000000
[  139.226969][ T5917] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  139.248604][   T29] audit: type=1326 audit(1720207903.771:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5905 comm="syz.0.178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f2645b115c9 code=0x7ffc0000
[  139.253226][ T5917] R13: 000000000000006e R14: 00007fa5b2b04038 R15: 00007fffa3036088
[  139.253270][ T5917]  </TASK>
[  139.626460][ T5921] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8)
[  139.633049][ T5921] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  139.701108][ T5921] vhci_hcd vhci_hcd.0: Device attached
[  139.829413][ T5922] vhci_hcd: connection closed
[  139.841111][   T11] vhci_hcd: stop threads
[  139.876650][   T11] vhci_hcd: release socket
[  139.896448][ T5800] vhci_hcd: vhci_device speed not set
[  139.902287][   T11] vhci_hcd: disconnect device
[  140.005873][ T5931] netlink: 4 bytes leftover after parsing attributes in process `syz.1.184'.
[  140.142044][ T5931] team_slave_0: entered promiscuous mode
[  140.158731][ T5931] team_slave_0: entered allmulticast mode
[  141.093843][ T5931] team0: Port device team_slave_0 removed
[  141.151455][ T5941] tipc: Invalid UDP bearer configuration
[  141.151497][ T5941] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  141.285046][ T5089] Bluetooth: hci0: ACL packet for unknown connection handle 0
[  141.429242][ T5957] netlink: 96 bytes leftover after parsing attributes in process `syz.3.191'.
[  141.465280][ T5957] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  141.488209][ T5137] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  141.566795][    T8] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  141.676502][ T5137] usb 3-1: Using ep0 maxpacket: 32
[  141.702640][ T5137] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[  141.714428][ T5137] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0
[  141.731240][ T5137] usb 3-1: New USB device found, idVendor=0b48, idProduct=2003, bcdDevice= 3.37
[  141.744035][ T5137] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  141.753746][ T5137] usb 3-1: Product: syz
[  141.759681][ T5137] usb 3-1: Manufacturer: syz
[  141.771087][ T5137] usb 3-1: SerialNumber: syz
[  141.780973][ T5137] usb 3-1: config 0 descriptor??
[  141.786373][    T8] usb 5-1: config index 0 descriptor too short (expected 23569, got 27)
[  141.790936][ T5137] ttusbir 3-1:0.0: cannot find expected altsetting
[  141.816450][ T5800] usb 4-1: new full-speed USB device number 8 using dummy_hcd
[  141.827794][    T8] usb 5-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  141.863995][    T8] usb 5-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  141.883925][    T8] usb 5-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  141.911007][    T8] usb 5-1: Manufacturer: syz
[  141.933817][    T8] usb 5-1: config 0 descriptor??
[  141.953402][    T8] igorplugusb 5-1:0.0: incorrect number of endpoints
[  142.021276][ T5800] usb 4-1: descriptor type invalid, skip
[  142.034530][ T5800] usb 4-1: descriptor type invalid, skip
[  142.059942][ T5800] usb 4-1: descriptor type invalid, skip
[  142.083456][ T5800] usb 4-1: not running at top speed; connect to a high speed hub
[  142.114154][ T5800] usb 4-1: config 1 interface 0 altsetting 194 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  142.162772][ T5800] usb 4-1: config 1 interface 0 has no altsetting 0
[  142.203241][ T5800] usb 4-1: New USB device found, idVendor=04e7, idProduct=0050, bcdDevice= 0.40
[  142.237880][ T5800] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  142.270776][ T5800] usb 4-1: Product: syz
[  142.287966][ T5800] usb 4-1: Manufacturer: syz
[  142.314593][ T5800] usb 4-1: SerialNumber: syz
[  142.326114][ T5949] netlink: 80 bytes leftover after parsing attributes in process `syz.4.190'.
[  142.332851][ T5957] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[  142.424102][ T5964] netlink: 'syz.1.193': attribute type 27 has an invalid length.
[  142.433518][    T8] usb 5-1: USB disconnect, device number 3
[  142.616640][ T5779] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  142.777250][ T5964] bridge0: port 2(bridge_slave_1) entered disabled state
[  142.785458][ T5964] bridge0: port 1(bridge_slave_0) entered disabled state
[  142.834476][ T5795] usb 3-1: USB disconnect, device number 6
[  142.847605][ T5779] usb 1-1: config index 0 descriptor too short (expected 23569, got 27)
[  142.887147][ T5779] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  142.942429][ T5779] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  142.970354][ T5779] usb 1-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  143.001035][ T5779] usb 1-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  143.021925][ T5779] usb 1-1: Manufacturer: syz
[  143.048379][ T5779] usb 1-1: config 0 descriptor??
[  143.059937][ T5779] igorplugusb 1-1:0.0: incorrect number of endpoints
[  144.195260][ T5964] team_slave_0: left promiscuous mode
[  144.226622][ T5964] team_slave_0: left allmulticast mode
[  144.232363][ T5173] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  144.320606][ T5964] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  144.394727][ T5964] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  144.459440][ T5173] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  144.531329][ T5173] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  144.606688][ T5173] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  144.621714][ T5962] netlink: 80 bytes leftover after parsing attributes in process `syz.0.192'.
[  144.638318][ T5800] usbhid 4-1:1.0: can't add hid device: -71
[  144.654200][ T5800] usbhid 4-1:1.0: probe with driver usbhid failed with error -71
[  144.677313][ T5173] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  144.708045][ T5800] usb 4-1: USB disconnect, device number 8
[  144.723860][ T5173] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  144.749416][    T9] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  144.773914][ T5173] usb 3-1: config 0 descriptor??
[  145.006574][    T9] usb 2-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  145.043568][    T9] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  145.115357][    T9] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  145.156826][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  145.181278][    T9] usb 2-1: Product: syz
[  145.186454][ T5964] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  145.190940][    T9] usb 2-1: Manufacturer: syz
[  145.226100][    T9] usb 2-1: SerialNumber: syz
[  145.236483][ T5964] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  145.284754][ T5964] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  145.304968][    T9] cdc_ether 2-1:1.0: probe with driver cdc_ether failed with error -22
[  145.360175][ T5964] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  145.594230][ T5991] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8)
[  145.600834][ T5991] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  145.647333][ T5991] vhci_hcd vhci_hcd.0: Device attached
[  145.896753][ T5968] vhci_hcd: vhci_device speed not set
[  145.897368][ T5996] vhci_hcd: connection closed
[  145.917460][   T35] vhci_hcd: stop threads
[  145.940469][   T35] vhci_hcd: release socket
[  145.951396][   T35] vhci_hcd: disconnect device
[  145.996866][ T5968] usb 15-1: new full-speed USB device number 3 using vhci_hcd
[  146.008907][ T5968] usb 15-1: enqueue for inactive port 0
[  146.010004][ T5967] 8021q: adding VLAN 0 to HW filter on device bond0
[  146.044570][ T5967] 8021q: adding VLAN 0 to HW filter on device team0
[  146.106625][ T5968] vhci_hcd: vhci_device speed not set
[  146.115789][ T5967] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  146.177421][ T5986] netlink: 'syz.3.198': attribute type 5 has an invalid length.
[  146.256955][ T5778] usb 2-1: USB disconnect, device number 8
[  146.278504][ T5967] syz.1.193 (5967) used greatest stack depth: 18712 bytes left
[  146.288677][ T5173] usbhid 3-1:0.0: can't add hid device: -71
[  146.305638][ T5173] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  146.320602][ T5792] usb 1-1: USB disconnect, device number 9
[  146.354335][ T5173] usb 3-1: USB disconnect, device number 7
[  146.805855][ T6016] fuse: Invalid rootmode
[  148.889470][ T6036] netlink: 96 bytes leftover after parsing attributes in process `syz.0.208'.
[  148.934259][ T6036] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  149.118118][ T6043] binder: BINDER_SET_CONTEXT_MGR already set
[  149.124189][ T6043] binder: 6037:6043 ioctl 4018620d 20000040 returned -16
[  149.376733][ T5778] usb 1-1: new full-speed USB device number 10 using dummy_hcd
[  149.619922][ T5778] usb 1-1: descriptor type invalid, skip
[  149.662126][ T5778] usb 1-1: descriptor type invalid, skip
[  149.704353][ T5778] usb 1-1: descriptor type invalid, skip
[  149.744681][ T5778] usb 1-1: not running at top speed; connect to a high speed hub
[  149.844515][ T5778] usb 1-1: config 1 interface 0 altsetting 194 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  149.872744][ T5778] usb 1-1: config 1 interface 0 has no altsetting 0
[  149.889335][ T5778] usb 1-1: New USB device found, idVendor=04e7, idProduct=0050, bcdDevice= 0.40
[  149.929246][ T5778] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  149.974088][ T5778] usb 1-1: Product: syz
[  149.986424][ T5778] usb 1-1: Manufacturer: syz
[  149.991171][ T5778] usb 1-1: SerialNumber: syz
[  150.099933][ T6036] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  150.313430][ T6049] fuse: Invalid rootmode
[  150.346414][ T5137] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  150.570303][ T5137] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  150.598529][ T5137] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  150.630200][ T5137] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  150.644196][ T5137] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  150.653747][ T5137] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  150.668089][ T5137] usb 5-1: config 0 descriptor??
[  150.777127][ T5796] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  150.979154][ T5796] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  151.003943][ T5796] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  151.015397][ T5796] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  151.047371][ T5796] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  151.066449][ T5796] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  151.080063][ T5796] usb 3-1: config 0 descriptor??
[  151.141752][ T5137] usbhid 5-1:0.0: can't add hid device: -71
[  151.204433][ T5137] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  151.247280][ T5137] usb 5-1: USB disconnect, device number 4
[  151.734025][ T5796] usbhid 3-1:0.0: can't add hid device: -71
[  151.758790][ T5796] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  152.364241][ T5796] usb 3-1: USB disconnect, device number 8
[  152.813844][ T6079] FAULT_INJECTION: forcing a failure.
[  152.813844][ T6079] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  152.847464][ T6079] CPU: 0 PID: 6079 Comm: syz.4.222 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0
[  152.857517][ T6079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  152.859251][ T5778] usbhid 1-1:1.0: can't add hid device: -71
[  152.867575][ T6079] Call Trace:
[  152.867588][ T6079]  <TASK>
[  152.867599][ T6079]  dump_stack_lvl+0x241/0x360
[  152.867640][ T6079]  ? __pfx_dump_stack_lvl+0x10/0x10
[  152.867673][ T6079]  ? __pfx__printk+0x10/0x10
[  152.867707][ T6079]  ? __pfx_lock_release+0x10/0x10
[  152.867742][ T6079]  should_fail_ex+0x3b0/0x4e0
[  152.867781][ T6079]  _copy_from_user+0x2f/0xe0
[  152.867809][ T6079]  copy_msghdr_from_user+0xae/0x680
[  152.867853][ T6079]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  152.867905][ T6079]  do_recvmmsg+0x40f/0xae0
[  152.867941][ T6079]  ? __pfx_lock_release+0x10/0x10
[  152.876474][ T5778] usbhid 1-1:1.0: probe with driver usbhid failed with error -71
[  152.877108][ T6079]  ? __pfx_do_recvmmsg+0x10/0x10
[  152.889627][ T5778] usb 1-1: USB disconnect, device number 10
[  152.890011][ T6079]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  152.903457][ T6083] binder: BINDER_SET_CONTEXT_MGR already set
[  152.904260][ T6079]  ? ksys_write+0x23e/0x2c0
[  152.909022][ T6083] binder: 6080:6083 ioctl 4018620d 20000040 returned -16
[  152.914024][ T6079]  ? __pfx_lock_release+0x10/0x10
[  152.976274][ T6079]  ? vfs_write+0x7c4/0xc90
[  152.980732][ T6079]  ? __mutex_unlock_slowpath+0x21d/0x750
[  152.986385][ T6079]  ? __fget_files+0x3f6/0x470
[  152.991083][ T6079]  __x64_sys_recvmmsg+0x199/0x250
[  152.996121][ T6079]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  153.001677][ T6079]  ? do_syscall_64+0x100/0x230
[  153.006460][ T6079]  ? do_syscall_64+0xb6/0x230
[  153.011152][ T6079]  do_syscall_64+0xf3/0x230
[  153.015666][ T6079]  ? clear_bhb_loop+0x35/0x90
[  153.020359][ T6079]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.026271][ T6079] RIP: 0033:0x7fa5b2975bd9
[  153.030700][ T6079] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  153.050317][ T6079] RSP: 002b:00007fa5b3711048 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  153.058747][ T6079] RAX: ffffffffffffffda RBX: 00007fa5b2b03f60 RCX: 00007fa5b2975bd9
[  153.066734][ T6079] RDX: 0000000000000001 RSI: 0000000020000a80 RDI: 0000000000000003
[  153.074718][ T6079] RBP: 00007fa5b37110a0 R08: 0000000000000000 R09: 0000000000000000
[  153.082694][ T6079] R10: 0000000000002020 R11: 0000000000000246 R12: 0000000000000001
[  153.090695][ T6079] R13: 000000000000000b R14: 00007fa5b2b03f60 R15: 00007fffa3036088
[  153.098686][ T6079]  </TASK>
[  153.120328][ T6085] fuse: Bad value for 'rootmode'
[  153.416687][ T6103] fuse: Bad value for 'fd'
[  153.440226][ T6101] FAULT_INJECTION: forcing a failure.
[  153.440226][ T6101] name failslab, interval 1, probability 0, space 0, times 0
[  153.489855][ T6101] CPU: 1 PID: 6101 Comm: syz.1.231 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0
[  153.499918][ T6101] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  153.510099][ T6101] Call Trace:
[  153.513409][ T6101]  <TASK>
[  153.516367][ T6101]  dump_stack_lvl+0x241/0x360
[  153.521091][ T6101]  ? __pfx_dump_stack_lvl+0x10/0x10
[  153.526345][ T6101]  ? __pfx__printk+0x10/0x10
[  153.531002][ T6101]  ? __pfx___might_resched+0x10/0x10
[  153.536353][ T6101]  should_fail_ex+0x3b0/0x4e0
[  153.541098][ T6101]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[  153.546860][ T6101]  should_failslab+0x9/0x20
[  153.551405][ T6101]  __kmalloc_noprof+0xd8/0x400
[  153.556209][ T6101]  ? kfree+0x4e/0x360
[  153.560252][ T6101]  tomoyo_realpath_from_path+0xcf/0x5e0
[  153.565864][ T6101]  tomoyo_path_number_perm+0x23a/0x880
[  153.571381][ T6101]  ? tomoyo_path_number_perm+0x208/0x880
[  153.577070][ T6101]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  153.583146][ T6101]  ? __fget_files+0x29/0x470
[  153.587870][ T6101]  ? __fget_files+0x3f6/0x470
[  153.592579][ T6101]  ? __fget_files+0x29/0x470
[  153.597217][ T6101]  security_file_ioctl+0x75/0xb0
[  153.602199][ T6101]  __se_sys_ioctl+0x47/0x170
[  153.606832][ T6101]  do_syscall_64+0xf3/0x230
[  153.611355][ T6101]  ? clear_bhb_loop+0x35/0x90
[  153.616048][ T6101]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.621954][ T6101] RIP: 0033:0x7f2b8a575bd9
[  153.626377][ T6101] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  153.645989][ T6101] RSP: 002b:00007f2b8b3a3048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  153.654424][ T6101] RAX: ffffffffffffffda RBX: 00007f2b8a703f60 RCX: 00007f2b8a575bd9
[  153.662437][ T6101] RDX: 0000000020000040 RSI: 000000004008ae89 RDI: 0000000000000005
[  153.670413][ T6101] RBP: 00007f2b8b3a30a0 R08: 0000000000000000 R09: 0000000000000000
[  153.678385][ T6101] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  153.686462][ T6101] R13: 000000000000000b R14: 00007f2b8a703f60 R15: 00007fff5d41ad38
[  153.694453][ T6101]  </TASK>
[  153.697645][    C1] vkms_vblank_simulate: vblank timer overrun
[  153.706662][ T6101] ERROR: Out of memory at tomoyo_realpath_from_path.
[  154.337153][ T5136] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  154.347539][ T5792] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  154.558971][ T5136] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  154.577532][ T5792] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  154.593962][ T5136] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  154.606995][ T5792] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  154.617334][ T5136] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  154.630665][ T5792] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  154.644008][ T5136] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  154.653234][ T5792] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  154.662711][ T5136] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  154.671110][ T5792] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  154.683138][ T5136] usb 1-1: config 0 descriptor??
[  154.690717][ T5792] usb 2-1: config 0 descriptor??
[  154.746375][ T5141] usb 3-1: new low-speed USB device number 9 using dummy_hcd
[  154.948900][ T5141] usb 3-1: config 32 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 10
[  154.961564][ T5141] usb 3-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=98.c7
[  154.976264][    C0] hrtimer: interrupt took 66657 ns
[  154.977927][ T5141] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  155.054518][ T5792] usbhid 2-1:0.0: can't add hid device: -71
[  155.067917][ T5792] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  155.076073][ T5136] usbhid 1-1:0.0: can't add hid device: -71
[  155.092661][ T5792] usb 2-1: USB disconnect, device number 9
[  155.098948][ T5136] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  155.119466][ T5136] usb 1-1: USB disconnect, device number 11
[  155.396577][ T5181] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  155.587873][ T5181] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  155.609547][ T5181] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  155.635652][ T5181] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  155.648974][ T5181] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  155.663831][ T5181] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  155.678217][ T5181] usb 5-1: config 0 descriptor??
[  155.682874][ T6129] FAULT_INJECTION: forcing a failure.
[  155.682874][ T6129] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  155.696762][ T6129] CPU: 1 PID: 6129 Comm: syz.1.237 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0
[  155.706878][ T6129] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  155.716971][ T6129] Call Trace:
[  155.720284][ T6129]  <TASK>
[  155.723262][ T6129]  dump_stack_lvl+0x241/0x360
[  155.727985][ T6129]  ? __pfx_dump_stack_lvl+0x10/0x10
[  155.733216][ T6129]  ? __pfx__printk+0x10/0x10
[  155.737845][ T6129]  ? __pfx_lock_release+0x10/0x10
[  155.742921][ T6129]  should_fail_ex+0x3b0/0x4e0
[  155.747648][ T6129]  _copy_from_user+0x2f/0xe0
[  155.752269][ T6129]  copy_msghdr_from_user+0xae/0x680
[  155.757521][ T6129]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  155.763400][ T6129]  __sys_sendmsg+0x23d/0x3a0
[  155.768042][ T6129]  ? __pfx___sys_sendmsg+0x10/0x10
[  155.773191][ T6129]  ? vfs_write+0x7c4/0xc90
[  155.777685][ T6129]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  155.784043][ T6129]  ? do_syscall_64+0x100/0x230
[  155.788843][ T6129]  ? do_syscall_64+0xb6/0x230
[  155.793665][ T6129]  do_syscall_64+0xf3/0x230
[  155.798219][ T6129]  ? clear_bhb_loop+0x35/0x90
[  155.802961][ T6129]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.808892][ T6129] RIP: 0033:0x7f2b8a575bd9
[  155.813319][ T6129] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  155.833110][ T6129] RSP: 002b:00007f2b8b3a3048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  155.841540][ T6129] RAX: ffffffffffffffda RBX: 00007f2b8a703f60 RCX: 00007f2b8a575bd9
[  155.849525][ T6129] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000004
[  155.857503][ T6129] RBP: 00007f2b8b3a30a0 R08: 0000000000000000 R09: 0000000000000000
[  155.865511][ T6129] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  155.873489][ T6129] R13: 000000000000000b R14: 00007f2b8a703f60 R15: 00007fff5d41ad38
[  155.881478][ T6129]  </TASK>
[  155.884602][    C1] vkms_vblank_simulate: vblank timer overrun
[  156.082855][ T6139] netlink: 96 bytes leftover after parsing attributes in process `syz.1.239'.
[  156.110500][ T5181] usbhid 5-1:0.0: can't add hid device: -71
[  156.126410][ T6139] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  156.148730][ T5181] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  156.159558][ T5181] usb 5-1: USB disconnect, device number 5
[  156.330871][ T6146] fuse: Bad value for 'fd'
[  156.436829][ T5792] usb 2-1: new full-speed USB device number 10 using dummy_hcd
[  156.512694][ T6149] netlink: 'syz.0.243': attribute type 5 has an invalid length.
[  156.639365][ T5792] usb 2-1: descriptor type invalid, skip
[  156.650964][ T5792] usb 2-1: descriptor type invalid, skip
[  156.692544][ T5792] usb 2-1: descriptor type invalid, skip
[  156.713071][ T5792] usb 2-1: not running at top speed; connect to a high speed hub
[  156.738827][ T5792] usb 2-1: config 1 interface 0 altsetting 194 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  156.758711][ T5792] usb 2-1: config 1 interface 0 has no altsetting 0
[  156.772889][ T6152] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(8)
[  156.773917][ T5792] usb 2-1: New USB device found, idVendor=04e7, idProduct=0050, bcdDevice= 0.40
[  156.779433][ T6152] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  156.797174][ T5792] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  156.798322][ T6152] vhci_hcd vhci_hcd.0: Device attached
[  156.805536][ T5792] usb 2-1: Product: syz
[  156.815618][ T5792] usb 2-1: Manufacturer: syz
[  156.831387][ T5792] usb 2-1: SerialNumber: syz
[  156.868502][ T6139] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  157.032566][ T5137] vhci_hcd: vhci_device speed not set
[  157.128182][ T5137] usb 9-1: new full-speed USB device number 4 using vhci_hcd
[  157.367130][ T6153] vhci_hcd: connection closed
[  157.368467][   T35] vhci_hcd: stop threads
[  157.385745][   T35] vhci_hcd: release socket
[  157.399021][ T5141] usb 3-1: string descriptor 0 read error: -71
[  157.413101][   T35] vhci_hcd: disconnect device
[  157.428201][ T5141] hub 3-1:32.0: USB hub found
[  157.452585][ T5141] hub 3-1:32.0: config failed, can't read hub descriptor (err -22)
[  157.624915][ T5141] usb 3-1: USB disconnect, device number 9
[  159.596459][ T5141] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  159.749576][ T5792] usbhid 2-1:1.0: can't add hid device: -71
[  159.779622][ T5792] usbhid 2-1:1.0: probe with driver usbhid failed with error -71
[  159.803015][ T5792] usb 2-1: USB disconnect, device number 10
[  159.838313][ T5141] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  159.849968][ T5141] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  159.872319][ T5141] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  159.896714][ T5141] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  159.922348][ T5141] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  159.976909][ T5141] usb 5-1: config 0 descriptor??
[  160.537459][ T6185] FAULT_INJECTION: forcing a failure.
[  160.537459][ T6185] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  160.547970][ T5141] usbhid 5-1:0.0: can't add hid device: -71
[  160.562024][ T6185] CPU: 0 PID: 6185 Comm: syz.1.254 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0
[  160.566573][ T5141] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  160.572034][ T6185] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  160.572051][ T6185] Call Trace:
[  160.572061][ T6185]  <TASK>
[  160.572071][ T6185]  dump_stack_lvl+0x241/0x360
[  160.588654][ T5141] usb 5-1: USB disconnect, device number 6
[  160.589925][ T6185]  ? __pfx_dump_stack_lvl+0x10/0x10
[  160.589967][ T6185]  ? __pfx__printk+0x10/0x10
[  160.616561][ T6185]  ? __pfx_lock_release+0x10/0x10
[  160.621633][ T6185]  should_fail_ex+0x3b0/0x4e0
[  160.626455][ T6185]  _copy_from_user+0x2f/0xe0
[  160.631088][ T6185]  copy_msghdr_from_user+0xae/0x680
[  160.636345][ T6185]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  160.642265][ T6185]  __sys_sendmsg+0x23d/0x3a0
[  160.646918][ T6185]  ? __pfx___sys_sendmsg+0x10/0x10
[  160.652086][ T6185]  ? vfs_write+0x7c4/0xc90
[  160.656596][ T6185]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  160.662967][ T6185]  ? do_syscall_64+0x100/0x230
[  160.667786][ T6185]  ? do_syscall_64+0xb6/0x230
[  160.672518][ T6185]  do_syscall_64+0xf3/0x230
[  160.677064][ T6185]  ? clear_bhb_loop+0x35/0x90
[  160.681878][ T6185]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  160.687826][ T6185] RIP: 0033:0x7f2b8a575bd9
[  160.689806][ T6184] fuse: Bad value for 'fd'
[  160.692254][ T6185] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  160.716322][ T6185] RSP: 002b:00007f2b8b3a3048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  160.724777][ T6185] RAX: ffffffffffffffda RBX: 00007f2b8a703f60 RCX: 00007f2b8a575bd9
[  160.732789][ T6185] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000004
[  160.740795][ T6185] RBP: 00007f2b8b3a30a0 R08: 0000000000000000 R09: 0000000000000000
[  160.748798][ T6185] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  160.756798][ T6185] R13: 000000000000000b R14: 00007f2b8a703f60 R15: 00007fff5d41ad38
[  160.764822][ T6185]  </TASK>
[  160.862897][ T6192] FAULT_INJECTION: forcing a failure.
[  160.862897][ T6192] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  160.890852][ T6192] CPU: 0 PID: 6192 Comm: syz.1.256 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0
[  160.900896][ T6192] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  160.910980][ T6192] Call Trace:
[  160.914288][ T6192]  <TASK>
[  160.917242][ T6192]  dump_stack_lvl+0x241/0x360
[  160.921963][ T6192]  ? __pfx_dump_stack_lvl+0x10/0x10
[  160.927200][ T6192]  ? __pfx__printk+0x10/0x10
[  160.931921][ T6192]  ? __pfx_lock_release+0x10/0x10
[  160.937021][ T6192]  should_fail_ex+0x3b0/0x4e0
[  160.941744][ T6192]  _copy_from_user+0x2f/0xe0
[  160.946367][ T6192]  copy_msghdr_from_user+0xae/0x680
[  160.951610][ T6192]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  160.957474][ T6192]  __sys_sendmsg+0x23d/0x3a0
[  160.962120][ T6192]  ? __pfx___sys_sendmsg+0x10/0x10
[  160.967268][ T6192]  ? vfs_write+0x7c4/0xc90
[  160.971766][ T6192]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  160.978126][ T6192]  ? do_syscall_64+0x100/0x230
[  160.982941][ T6192]  ? do_syscall_64+0xb6/0x230
[  160.987658][ T6192]  do_syscall_64+0xf3/0x230
[  160.992208][ T6192]  ? clear_bhb_loop+0x35/0x90
[  160.996925][ T6192]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  161.002857][ T6192] RIP: 0033:0x7f2b8a575bd9
[  161.007297][ T6192] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  161.026942][ T6192] RSP: 002b:00007f2b8b3a3048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  161.035393][ T6192] RAX: ffffffffffffffda RBX: 00007f2b8a703f60 RCX: 00007f2b8a575bd9
[  161.043391][ T6192] RDX: 0000000000000000 RSI: 0000000020000980 RDI: 0000000000000004
[  161.051392][ T6192] RBP: 00007f2b8b3a30a0 R08: 0000000000000000 R09: 0000000000000000
[  161.059392][ T6192] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  161.067392][ T6192] R13: 000000000000000b R14: 00007f2b8a703f60 R15: 00007fff5d41ad38
[  161.075421][ T6192]  </TASK>
[  162.290759][ T5137] vhci_hcd: vhci_device speed not set
[  162.310652][ T6208] netlink: 'syz.4.260': attribute type 5 has an invalid length.
[  162.826522][ T6211] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(8)
[  162.833104][ T6211] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  162.887965][ T6211] vhci_hcd vhci_hcd.0: Device attached
[  162.942978][ T6218] netlink: 96 bytes leftover after parsing attributes in process `syz.1.261'.
[  162.995631][ T6218] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  163.042839][ T6212] vhci_hcd: connection closed
[  163.044175][   T51] vhci_hcd: stop threads
[  163.067144][   T51] vhci_hcd: release socket
[  163.086981][ T5181] vhci_hcd: vhci_device speed not set
[  163.093403][   T51] vhci_hcd: disconnect device
[  163.448176][ T5778] usb 2-1: new full-speed USB device number 11 using dummy_hcd
[  163.486493][ T5173] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  163.670254][ T5778] usb 2-1: descriptor type invalid, skip
[  163.681846][ T6233] FAULT_INJECTION: forcing a failure.
[  163.681846][ T6233] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  163.686470][ T5778] usb 2-1: descriptor type invalid, skip
[  163.701265][ T5173] usb 1-1: Using ep0 maxpacket: 8
[  163.701820][ T6233] CPU: 0 PID: 6233 Comm: syz.2.266 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0
[  163.716321][ T6233] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  163.726413][ T6233] Call Trace:
[  163.728764][ T5173] usb 1-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  163.729706][ T6233]  <TASK>
[  163.741683][ T6233]  dump_stack_lvl+0x241/0x360
[  163.746379][ T5778] usb 2-1: descriptor type invalid, skip
[  163.746536][ T5173] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  163.752015][ T6233]  ? __pfx_dump_stack_lvl+0x10/0x10
[  163.752054][ T6233]  ? __pfx__printk+0x10/0x10
[  163.752085][ T6233]  ? __pfx_lock_release+0x10/0x10
[  163.752118][ T6233]  should_fail_ex+0x3b0/0x4e0
[  163.752155][ T6233]  _copy_from_user+0x2f/0xe0
[  163.784210][ T6233]  copy_msghdr_from_user+0xae/0x680
[  163.789464][ T6233]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  163.795312][ T6233]  __sys_sendmsg+0x23d/0x3a0
[  163.799941][ T6233]  ? __pfx___sys_sendmsg+0x10/0x10
[  163.805079][ T6233]  ? vfs_write+0x7c4/0xc90
[  163.809572][ T6233]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  163.815925][ T6233]  ? do_syscall_64+0x100/0x230
[  163.820738][ T6233]  ? do_syscall_64+0xb6/0x230
[  163.825468][ T6233]  do_syscall_64+0xf3/0x230
[  163.830038][ T6233]  ? clear_bhb_loop+0x35/0x90
[  163.834742][ T6233]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  163.840669][ T6233] RIP: 0033:0x7fa7a7575bd9
[  163.845112][ T6233] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  163.864746][ T6233] RSP: 002b:00007fa7a8393048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  163.873190][ T6233] RAX: ffffffffffffffda RBX: 00007fa7a7703f60 RCX: 00007fa7a7575bd9
[  163.881196][ T6233] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000003
[  163.889193][ T6233] RBP: 00007fa7a83930a0 R08: 0000000000000000 R09: 0000000000000000
[  163.897184][ T6233] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  163.905183][ T6233] R13: 000000000000000b R14: 00007fa7a7703f60 R15: 00007ffd855a74e8
[  163.913193][ T6233]  </TASK>
[  163.921980][ T5173] usb 1-1: config 0 descriptor??
[  163.937309][ T5778] usb 2-1: not running at top speed; connect to a high speed hub
[  163.950675][ T5778] usb 2-1: config 1 interface 0 altsetting 194 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  163.966048][ T5778] usb 2-1: config 1 interface 0 has no altsetting 0
[  164.044634][ T6239] fuse: Bad value for 'fd'
[  164.074390][ T5778] usb 2-1: New USB device found, idVendor=04e7, idProduct=0050, bcdDevice= 0.40
[  164.084431][ T5778] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  164.102921][ T5778] usb 2-1: Product: syz
[  164.113144][ T5778] usb 2-1: Manufacturer: syz
[  164.128120][ T5778] usb 2-1: SerialNumber: syz
[  164.163063][ T6223] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  173.061048][ T5137] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  173.406510][ T5136] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  181.755575][ T5173] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  181.766952][ T5173] asix 1-1:0.0: probe with driver asix failed with error -71
[  199.421774][ T5173] usb 1-1: USB disconnect, device number 12
[  199.477794][ T1251] ieee802154 phy0 wpan0: encryption failed: -22
[  199.484095][ T1251] ieee802154 phy1 wpan1: encryption failed: -22
[  199.540921][ T5090] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  199.554211][ T5090] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  199.565004][ T5090] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  199.573595][ T5090] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  199.587023][ T5090] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  199.594506][ T5090] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  199.825122][ T6275] chnl_net:caif_netlink_parms(): no params data found
[  201.561406][ T5101] Bluetooth: hci1: command 0x0406 tx timeout
[  201.659897][ T5101] Bluetooth: hci5: command tx timeout
[  201.956763][ T5103] Bluetooth: hci0: command 0x0406 tx timeout
[  201.962895][ T5103] Bluetooth: hci4: command 0x0406 tx timeout
[  201.969049][ T5101] Bluetooth: hci3: command 0x0406 tx timeout
[  203.706608][ T5096] Bluetooth: hci5: command tx timeout
[  205.813760][ T5096] Bluetooth: hci5: command tx timeout
[  207.856429][ T5096] Bluetooth: hci5: command tx timeout
[  226.056607][   T19] rcu: INFO: rcu_preempt detected expedited stalls on CPUs/tasks: { 1-...D } 2656 jiffies s: 3645 root: 0x2/.
[  226.071811][   T19] rcu: blocking rcu_node structures (internal RCU debug):
[  226.079020][   T19] Sending NMI from CPU 0 to CPUs 1:
[  226.084285][    C1] NMI backtrace for cpu 1
[  226.084300][    C1] CPU: 1 PID: 4495 Comm: jbd2/sda1-8 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0
[  226.084326][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  226.084337][    C1] RIP: 0010:lock_release+0x12d/0x9f0
[  226.084363][    C1] Code: 00 65 48 8b 04 25 80 d4 03 00 48 89 44 24 18 48 8d 98 dc 0a 00 00 48 89 d8 48 c1 e8 03 42 0f b6 04 38 84 c0 0f 85 d8 05 00 00 <83> 3b 00 0f 85 f1 04 00 00 4c 8d b4 24 b0 00 00 00 4c 89 f3 48 c1
[  226.084377][    C1] RSP: 0018:ffffc90000a18a20 EFLAGS: 00000046
[  226.084393][    C1] RAX: 0000000000000000 RBX: ffff88802aa4a8dc RCX: ffffffff81728db0
[  226.084406][    C1] RDX: 0000000000000000 RSI: ffffffff8c1f15e0 RDI: ffffffff8c1f15a0
[  226.084417][    C1] RBP: ffffc90000a18b50 R08: ffffffff8fac1def R09: 1ffffffff1f583bd
[  226.084430][    C1] R10: dffffc0000000000 R11: fffffbfff1f583be R12: 1ffff92000143150
[  226.084443][    C1] R13: ffffffff84adcf84 R14: ffffc90000a18b80 R15: dffffc0000000000
[  226.084456][    C1] FS:  0000000000000000(0000) GS:ffff8880b9500000(0000) knlGS:0000000000000000
[  226.084470][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  226.084482][    C1] CR2: 00007f2f681ffd00 CR3: 000000001eb24000 CR4: 00000000003506f0
[  226.084497][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  226.084507][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  226.084518][    C1] Call Trace:
[  226.084526][    C1]  <NMI>
[  226.084534][    C1]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[  226.084555][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  226.084575][    C1]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  226.084594][    C1]  ? nmi_handle+0x2a/0x5a0
[  226.084629][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  226.084650][    C1]  ? nmi_handle+0x14f/0x5a0
[  226.084675][    C1]  ? nmi_handle+0x2a/0x5a0
[  226.084702][    C1]  ? lock_release+0x12d/0x9f0
[  226.084719][    C1]  ? default_do_nmi+0x63/0x160
[  226.084739][    C1]  ? exc_nmi+0x123/0x1f0
[  226.084757][    C1]  ? end_repeat_nmi+0xf/0x53
[  226.084783][    C1]  ? debug_object_activate+0x3e4/0x510
[  226.084811][    C1]  ? lock_release+0xb0/0x9f0
[  226.084829][    C1]  ? lock_release+0x12d/0x9f0
[  226.084848][    C1]  ? lock_release+0x12d/0x9f0
[  226.084866][    C1]  ? lock_release+0x12d/0x9f0
[  226.084883][    C1]  </NMI>
[  226.084889][    C1]  <IRQ>
[  226.084899][    C1]  ? do_raw_spin_lock+0x14f/0x370
[  226.084924][    C1]  ? __pfx_lock_release+0x10/0x10
[  226.084943][    C1]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  226.084968][    C1]  ? __pfx_debug_objects_fill_pool+0x10/0x10
[  226.085004][    C1]  _raw_spin_unlock_irqrestore+0x79/0x140
[  226.085034][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  226.085067][    C1]  debug_object_activate+0x3e4/0x510
[  226.085095][    C1]  ? __pfx_debug_object_activate+0x10/0x10
[  226.085119][    C1]  ? advance_sched+0xa02/0xca0
[  226.085149][    C1]  ? _raw_spin_lock_irq+0xdf/0x120
[  226.085174][    C1]  ? __pfx__raw_spin_lock_irq+0x10/0x10
[  226.085203][    C1]  enqueue_hrtimer+0x30/0x3c0
[  226.085230][    C1]  __hrtimer_run_queues+0x6cb/0xd50
[  226.085255][    C1]  ? ktime_get_update_offsets_now+0x3c/0x250
[  226.085283][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  226.085312][    C1]  ? ktime_get_update_offsets_now+0x22d/0x250
[  226.085335][    C1]  hrtimer_interrupt+0x396/0x990
[  226.085372][    C1]  __sysvec_apic_timer_interrupt+0x110/0x3f0
[  226.085399][    C1]  sysvec_apic_timer_interrupt+0xa1/0xc0
[  226.085423][    C1]  </IRQ>
[  226.085428][    C1]  <TASK>
[  226.085434][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  226.085460][    C1] RIP: 0010:lock_acquire+0x264/0x550
[  226.085478][    C1] Code: 2b 00 74 08 4c 89 f7 e8 ba 29 86 00 f6 44 24 61 02 0f 85 85 01 00 00 41 f7 c7 00 02 00 00 74 01 fb 48 c7 44 24 40 0e 36 e0 45 <4b> c7 44 25 00 00 00 00 00 43 c7 44 25 09 00 00 00 00 43 c7 44 25
[  226.085491][    C1] RSP: 0018:ffffc9000c4df2a0 EFLAGS: 00000206
[  226.085505][    C1] RAX: 0000000000000001 RBX: 1ffff9200189be60 RCX: 0000000000000001
[  226.085528][    C1] RDX: dffffc0000000000 RSI: ffffffff8bcaccc0 RDI: ffffffff8c1f1600
[  226.085540][    C1] RBP: ffffc9000c4df3e8 R08: ffffffff92f71587 R09: 1ffffffff25ee2b0
[  226.085553][    C1] R10: dffffc0000000000 R11: fffffbfff25ee2b1 R12: 1ffff9200189be5c
[  226.085566][    C1] R13: dffffc0000000000 R14: ffffc9000c4df300 R15: 0000000000000246
[  226.085588][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[  226.085616][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  226.085633][    C1]  ? stack_depot_save_flags+0x29/0x830
[  226.085661][    C1]  ? kasan_save_track+0x51/0x80
[  226.085685][    C1]  ? kasan_save_track+0x3f/0x80
[  226.085707][    C1]  ? __kasan_slab_alloc+0x66/0x80
[  226.085731][    C1]  ? kmem_cache_alloc_noprof+0x135/0x2a0
[  226.085750][    C1]  ? mempool_alloc_noprof+0x197/0x5a0
[  226.085770][    C1]  ? bio_alloc_bioset+0x26f/0x1130
[  226.085787][    C1]  ? submit_bh_wbc+0x277/0x560
[  226.085811][    C1]  ? kjournald2+0x463/0x850
[  226.085828][    C1]  ? kthread+0x2f0/0x390
[  226.085849][    C1]  ? blk_mq_submit_bio+0x4f6/0x2170
[  226.085871][    C1]  blk_mq_submit_bio+0x513/0x2170
[  226.085891][    C1]  ? blk_mq_submit_bio+0x4f6/0x2170
[  226.085919][    C1]  ? __pfx_blk_mq_submit_bio+0x10/0x10
[  226.085951][    C1]  __submit_bio+0x1c1/0x560
[  226.085976][    C1]  ? __pfx___submit_bio+0x10/0x10
[  226.086010][    C1]  submit_bio_noacct_nocheck+0x4d3/0xe30
[  226.086032][    C1]  ? bio_associate_blkg_from_css+0x182/0xc70
[  226.086056][    C1]  ? __pfx___might_resched+0x10/0x10
[  226.086079][    C1]  ? __pfx_submit_bio_noacct_nocheck+0x10/0x10
[  226.086115][    C1]  jbd2_journal_commit_transaction+0x2832/0x6760
[  226.086171][    C1]  ? __pfx_jbd2_journal_commit_transaction+0x10/0x10
[  226.086195][    C1]  ? lockdep_hardirqs_on+0x99/0x150
[  226.086218][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  226.086253][    C1]  ? __try_to_del_timer_sync+0x2ad/0x340
[  226.086296][    C1]  ? __timer_delete_sync+0x15c/0x310
[  226.086321][    C1]  ? __timer_delete_sync+0x25d/0x310
[  226.086340][    C1]  ? __pfx___timer_delete_sync+0x10/0x10
[  226.086358][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  226.086385][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  226.086410][    C1]  ? prepare_to_wait+0x184/0x210
[  226.086428][    C1]  ? finish_wait+0xd4/0x1e0
[  226.086446][    C1]  kjournald2+0x463/0x850
[  226.086464][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  226.086491][    C1]  ? __pfx_kjournald2+0x10/0x10
[  226.086510][    C1]  ? __pfx_autoremove_wake_function+0x10/0x10
[  226.086529][    C1]  ? __kthread_parkme+0x169/0x1d0
[  226.086550][    C1]  ? __pfx_kjournald2+0x10/0x10
[  226.086568][    C1]  kthread+0x2f0/0x390
[  226.086589][    C1]  ? __pfx_kjournald2+0x10/0x10
[  226.086607][    C1]  ? __pfx_kthread+0x10/0x10
[  226.086628][    C1]  ret_from_fork+0x4b/0x80
[  226.086651][    C1]  ? __pfx_kthread+0x10/0x10
[  226.086671][    C1]  ret_from_fork_asm+0x1a/0x30
[  226.086706][    C1]  </TASK>