last executing test programs:

19.88433185s ago: executing program 1 (id=427):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000000)='sched_switch\x00', r0, 0x0, 0x400}, 0x18)
r1 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
mount_setattr(0xffffffffffffffff, 0x0, 0x800, &(0x7f0000000200)={0x20, 0x76, 0x80000}, 0x20)
write$binfmt_misc(r2, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f00000002c0)={r2, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0xb, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd000000801900", [0x0, 0x2000000000001]}})
ioctl$LOOP_CHANGE_FD(r1, 0x4c06, r2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000180)=0x8)
r6 = creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xa4)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
r7 = fanotify_init(0xf00, 0x0)
fanotify_mark(r7, 0x105, 0x40009974, r6, 0x0)
socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r6, 0x29, 0x2a, 0x0, 0x0)
timer_create(0x0, 0x0, 0x0)
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='huge=always,mpol=interleave'])

17.325138124s ago: executing program 0 (id=434):
syz_open_dev$I2C(&(0x7f0000000000), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x0, 0x32}, 0x9c)
bind$inet6(r3, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r3, 0x84, 0x13, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = syz_open_procfs(0x0, &(0x7f0000000000)='net/udp6\x00')
preadv(r4, &(0x7f0000000280)=[{&(0x7f0000000380)=""/218, 0xda}], 0x1, 0x142, 0xfe)
ioctl$I2C_SLAVE(r4, 0x703, 0x20000000000001c3)

15.198930098s ago: executing program 0 (id=436):
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
ioctl$VIDIOC_QUERYSTD(0xffffffffffffffff, 0x8008563f, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
r1 = mq_open(&(0x7f00005a1ffb)='eth0\x04', 0x42, 0x0, 0x0)
mq_notify(r1, 0x0)
mq_timedsend(r1, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
fsopen(&(0x7f00000001c0)='cgroup2\x00', 0x0)
write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000300)='net/ip6_tables_matches\x00')
pipe2$watch_queue(&(0x7f00000002c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x80)
ioctl$IOC_WATCH_QUEUE_SET_SIZE(r5, 0x5760, 0x5e)

15.001192936s ago: executing program 1 (id=437):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r4 = fanotify_init(0x200, 0x0)
fanotify_mark(r4, 0x201, 0x4800003e, r3, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, 0x0)

13.624859582s ago: executing program 1 (id=439):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={0x0}, 0x1, 0x0, 0x0, 0x8800}, 0x0)

12.986455899s ago: executing program 1 (id=443):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
sched_setscheduler(r0, 0x1, &(0x7f0000000040)=0x5)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xb3d68000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000002d00)=ANY=[@ANYBLOB="200000001000010700000000000000000a0000000c0002006e6c3830323131"], 0x20}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x15, 0x3, &(0x7f0000000000)=@framed={{0x2d, 0xa, 0xa, 0x0, 0x0, 0x71, 0x10, 0x18}}, &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$inet_dccp(0x2, 0x6, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r4)

12.977549991s ago: executing program 0 (id=444):
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000200)=@newqdisc={0x58, 0x24, 0xd0f, 0x3, 0x0, {0x60, 0x0, 0x0, 0x0, {0x0, 0x2}, {0xffff, 0xffff}, {0x4}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x24, 0x2, [@TCA_FQ_CODEL_CE_THRESHOLD_SELECTOR={0x5, 0xa, 0x3}, @TCA_FQ_CODEL_CE_THRESHOLD_SELECTOR={0x5, 0xa, 0x4}, @TCA_FQ_CODEL_TARGET={0x8, 0x1, 0x3}, @TCA_FQ_CODEL_QUANTUM={0x8, 0x6, 0x1}]}}]}, 0x58}, 0x1, 0x0, 0x0, 0x40001d4}, 0x8840)

12.660965144s ago: executing program 0 (id=447):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000000)='sched_switch\x00', r0, 0x0, 0x400}, 0x18)
r1 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
mount_setattr(0xffffffffffffffff, 0x0, 0x800, &(0x7f0000000200)={0x20, 0x76, 0x80000}, 0x20)
write$binfmt_misc(r2, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f00000002c0)={r2, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0xb, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd000000801900", [0x0, 0x2000000000001]}})
ioctl$LOOP_CHANGE_FD(r1, 0x4c06, r2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000180)=0x8)
r6 = creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xa4)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
r7 = fanotify_init(0xf00, 0x0)
fanotify_mark(r7, 0x105, 0x40009974, r6, 0x0)
socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r6, 0x29, 0x2a, 0x0, 0x0)
timer_create(0x0, 0x0, 0x0)
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='huge=always,mpol=interleave'])

12.553066736s ago: executing program 2 (id=448):
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, &(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x3, {0x43}}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x9, 0x4, 0x6, 0x80, 0x46, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020700000000000002030207b1af8ff00000000bfa100000000000007010000f8ffffffb7020000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmsg$TIPC_NL_MEDIA_GET(0xffffffffffffffff, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000e00007b8af8ff00000000bfa200000000000007"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r7 = dup(r6)
write$UHID_INPUT(r7, &(0x7f0000001040)={0x8, {"a2e3ad21ed6b52f99cfbf4c087f70c1b3e6ee7ff7fc6e5539b9b3b0e8b9b411b5d36091b080d29428f0e1ac6e7049b3468959b4c9a242a9b67f3988f7ef319520200ffe8d178708c523c921b1b25380a169b63d336cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f309f4cff7738596ecae8707ce065cd5b91cd0ae193973735b36d5b1b63e91c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecd03aded6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca5b6bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295cba0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27afc953854a642c57519544ae15a7e454dea05918b4124351601611c8f11baa500a3621c56cea8d20ff911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a60560a22f1fca567e65d5e880572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5120000008213b704c7fb082ff27590678ef9f190bae979babc7041d860420c5664ba7921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202fd28f28381aab144a5d429a04a689b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2f05dd3318271a1f5f8528f227e79c1388dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eefc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44060bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783f287b3bee96e3a7288afe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f48fe4eae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf02b98a269b891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efedfd71af9444e197f47e866101496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615f7084a607a7eceb6243378e0610060f02cca4051c2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c4fe5b7b6eb65ca8104e1b4da1fbb77ab2fc043aead87c32ab875ee7c2e7b7019c902cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad948741b2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd73643de50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c1023bf70cc77737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73c497579773767075428067e7f16f4dde374f8211fef42cb468e623daf60b3569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d3414442e863a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae44369ddb4581c55925d0f6f1ba471eba281f259152f85a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b405177548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e05130935e00785ec27e923911fab964c271556527697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9ddbfb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e7027132f2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5336651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee29165895ac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463181f4b87c10772d2b13f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76d57227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f84fad6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b3110b932a4d02da711b757fe43c06d21e35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc238a081ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cb0b3e35cb80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c60edddab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec014508e5247d33ae6c962d35603ff8454c16f8342856935125102bb784ed714887071f3d998efdd9923c954ab6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee658e4cb5e930ed624806c43a006dc9336d07c2b8081c128ad2706f48261f7897084c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da3932ba5c04c24a560ad80a3ce654578376e599aff3565b1d531f30912b99e6619ebe93cc0b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e45df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e6491953264d2700c838fa2c7b34252600c9654e502dcea39cb6bc3eb69992e234b4ca7db2f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c6000064b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ff1aa70826ad01a9b03c37b0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x101c}}, 0x20002046)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f00000001c0)='jbd2_handle_extend\x00', r5}, 0x18)
r8 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r8, 0x107, 0x12, &(0x7f0000000000), 0x4)
close(r8)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10)
ftruncate(r2, 0x6)
pipe(&(0x7f0000000340))
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x129c81, 0x0)

10.092751857s ago: executing program 2 (id=449):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r4 = fanotify_init(0x200, 0x0)
fanotify_mark(r4, 0x201, 0x4800003e, r3, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, 0x0)

9.474293977s ago: executing program 0 (id=450):
r0 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)
write$tcp_congestion(r0, &(0x7f0000000100)='nv\x00', 0x3)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x58)
ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f00000000c0)={0x1b37, 0x80, 0x7, 0x0, 0x3})
bind$alg(0xffffffffffffffff, &(0x7f0000000440)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cipher_null\x00'}, 0x58)
r2 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000640)=ANY=[@ANYBLOB="9feb010018000000000000003400000034000000060000000400000000000007000000000000000000000001050000018000000000000000010000851000000000000000020000000000000000000100da"], 0x0, 0x52, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000480)={r2, 0x20, &(0x7f0000000440)={&(0x7f0000001340)=""/4092, 0xffc, 0x0, 0x0}}, 0x10)

9.399073838s ago: executing program 1 (id=451):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
getrlimit(0x4, &(0x7f0000000040))
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000cf7b6c4ba9bec153d6834bfef080df374703a8ff56a63ec1fe5f2e05a79e3cace7283dd68d41e94420c325fe4dae144fde5ec25a87d625cab20753a77b323fa3783c8b675859b9012647885a242adfee2fe812ecbe5191e0a15142f7349e7627cc39d724e2e34e7a24154f26ae3125b36d0504965295d0453902ac7079b11a3a1e655e482331e3dc35b2e7e4e3ea99064fe5b9c8ae0ca3e5fd653f3286a99d81ce4eba765c38d097391ad4babac38ce5b4344e24a361"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
connect$inet(r4, 0x0, 0x0)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r5, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc)
r6 = socket$inet6(0xa, 0x3, 0x7)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@ipv4_newrule={0x2c, 0x20, 0x1, 0x0, 0x1000000, {0x2, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x2}, [@FRA_GENERIC_POLICY=@FRA_GOTO={0x8, 0x4, 0xfffffffb}, @FRA_GENERIC_POLICY=@FRA_SUPPRESS_IFGROUP={0x8, 0xd, 0x6}]}, 0x2c}}, 0x8)
connect$inet6(r6, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r6, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x1e}, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x20}, {0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x4, 0x2}, {}, 0x0, 0x6e6bb9, 0x1}, {{@in=@broadcast, 0xfffffffc, 0x32}, 0x0, @in=@empty, 0x0, 0x0, 0x2, 0x7, 0x200}}, 0xe8)
sendmmsg(r6, &(0x7f0000000480), 0x2e9, 0x0)
ioctl$sock_inet6_SIOCDELRT(r6, 0x890c, &(0x7f0000000240)={@remote, @private2={0xfc, 0x2, '\x00', 0x1}, @mcast2, 0x6, 0x328, 0x8098, 0x800, 0x9f, 0x10280})

9.390201698s ago: executing program 3 (id=452):
unshare(0x20020680)
r0 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet_sctp(r0, 0x0, 0x0, 0x0)

9.116655648s ago: executing program 4 (id=453):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={0x0}, 0x1, 0x0, 0x0, 0x8800}, 0x0)

9.075102581s ago: executing program 0 (id=454):
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
ioctl$VIDIOC_QUERYSTD(0xffffffffffffffff, 0x8008563f, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
r1 = mq_open(&(0x7f00005a1ffb)='eth0\x04', 0x42, 0x0, 0x0)
mq_notify(r1, 0x0)
mq_timedsend(r1, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
fsopen(&(0x7f00000001c0)='cgroup2\x00', 0x0)
write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000300)='net/ip6_tables_matches\x00')
pipe2$watch_queue(&(0x7f00000002c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x80)
ioctl$IOC_WATCH_QUEUE_SET_SIZE(r5, 0x5760, 0x5e)

7.382484155s ago: executing program 2 (id=455):
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x4)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{0xffffffffffffffff, <r1=>0xffffffffffffffff}, &(0x7f0000000280), &(0x7f00000002c0)}, 0x20)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x13, &(0x7f0000000340)=@raw=[@ldst={0x1, 0x2, 0x3, 0x3, 0x0, 0x4, 0x8}, @func={0x85, 0x0, 0x1, 0x0, 0x6}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r1}}], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000040)='contention_end\x00', r2}, 0x18)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_open_dev$char_usb(0xc, 0xb4, 0x9)
read$char_usb(r5, &(0x7f0000000480)=""/153, 0x99)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="14000000", @ANYRES16=r3, @ANYBLOB="010300000100fddbdf2526"], 0x14}}, 0x0)
r6 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r6, 0x107, 0x12, &(0x7f0000000040)={0x2, 0x1004}, 0x4)
accept$packet(r6, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000400)=0x14)
r7 = open_tree(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0)
r8 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r8, 0xc004743e, 0x110c230005)
r9 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x8901, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r9, 0xc004743e, 0x110c23003f)
r10 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r10, 0xc004743e, 0x110c23004c)
close(0x3)
fstat(r7, 0x0)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000001c0)={r7, &(0x7f0000000140)="07d00b535b24e647fc3bbb9655c486f0afe4aa96a329e2f6beb0ab191f3558aec40666fb406d59dbc912b13f9ced7339afd76bec25be01cb06339d081dfe99beb3cd8b0b418c718df9f11a0842c2f47e90dc73bf77a3bc4c9c26"}, 0x20)

5.575666194s ago: executing program 4 (id=456):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000580)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f42fc3199f000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af735ed41793bdf9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbc68223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f00001000000000eeff7c5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729eec082830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d424c14283a94395b64645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d620100000000000000494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd779a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9b0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000002684c2d8eb8cac98930fa6a893ca44c0f64c07a87eb7b05f56ca6c70cb3a0eb328a15fe96a88235155e6d64bd434f641ddf9db2245e47e5904453577895dd81d"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010e7010000000000000000000000000a20000000000a03000000000000000000070000000c00044000000000000000021c000000090a010400000000000000000700000008000a4000000003"], 0x64}, 0x1, 0x0, 0x0, 0x4004001}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=@newlink={0x34, 0x10, 0x40d, 0x70bd25, 0x25ffdbfc, {0x0, 0x0, 0x0, 0x0, 0x10}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x4}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x1, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r1, &(0x7f00000002c0), 0x40000000000009f, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001440)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x18)

5.523116956s ago: executing program 3 (id=457):
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000200)=@newqdisc={0x58, 0x24, 0xd0f, 0x3, 0x0, {0x60, 0x0, 0x0, 0x0, {0x0, 0x2}, {0xffff, 0xffff}, {0x4}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x24, 0x2, [@TCA_FQ_CODEL_CE_THRESHOLD_SELECTOR={0x5, 0xa, 0x3}, @TCA_FQ_CODEL_CE_THRESHOLD_SELECTOR={0x5, 0xa, 0x4}, @TCA_FQ_CODEL_TARGET={0x8, 0x1, 0x3}, @TCA_FQ_CODEL_QUANTUM={0x8, 0x6, 0x1}]}}]}, 0x58}, 0x1, 0x0, 0x0, 0x40001d4}, 0x8840)

5.439770446s ago: executing program 1 (id=458):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000000)={0x1, 0x0, [{0x4b564d01, 0x0, 0xaf}]})
openat$snapshot(0xffffffffffffff9c, &(0x7f00000002c0), 0x40000, 0x0)

5.384060337s ago: executing program 3 (id=459):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_int(r1, 0x6, 0xa, &(0x7f0000000040)=0x3, 0x4)
r2 = socket(0x2a, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0x1ffe6}, {0xfff2, 0x1}, {0x0, 0xf}}}, 0x24}}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x48, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, 0x0, {0x0, 0x2}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0x8}}}]}, 0x48}}, 0x0)
getsockname$packet(r2, &(0x7f0000000200)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000006c0)=@newqdisc={0x24, 0x24, 0xf0b, 0x70bd27, 0x25dfdbfe, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}}, 0x24}}, 0x80)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000440)=@newtfilter={0x40, 0x2c, 0xd27, 0x10, 0x0, {0x0, 0x0, 0x0, r4, {}, {}, {0x8}}, [@filter_kind_options=@f_matchall={{0xd}, {0xc, 0x2, [@TCA_MATCHALL_CLASSID={0x8, 0x1, {0x3, 0xa}}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x4000001}, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000040)={'lo\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000002c00)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000008100)=@newqdisc={0x34, 0x24, 0x4ee4e6a52ff56561, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0x8}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x4}}]}, 0x34}}, 0x0)

5.206072109s ago: executing program 4 (id=460):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
getrlimit(0x4, &(0x7f0000000040))
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000cf7b6c4ba9bec153d6834bfef080df374703a8ff56a63ec1fe5f2e05a79e3cace7283dd68d41e94420c325fe4dae144fde5ec25a87d625cab20753a77b323fa3783c8b675859b9012647885a242adfee2fe812ecbe5191e0a15142f7349e7627cc39d724e2e34e7a24154f26ae3125b36d0504965295d0453902ac7079b11a3a1e655e482331e3dc35b2e7e4e3ea99064fe5b9c8ae0ca3e5fd653f3286a99d81ce4eba765c38d097391ad4babac38ce5b4344e24a361"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
connect$inet(r4, 0x0, 0x0)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r5, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc)
r6 = socket$inet6(0xa, 0x3, 0x7)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@ipv4_newrule={0x2c, 0x20, 0x1, 0x0, 0x1000000, {0x2, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x2}, [@FRA_GENERIC_POLICY=@FRA_GOTO={0x8, 0x4, 0xfffffffb}, @FRA_GENERIC_POLICY=@FRA_SUPPRESS_IFGROUP={0x8, 0xd, 0x6}]}, 0x2c}}, 0x8)
connect$inet6(r6, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r6, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x1e}, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x20}, {0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x4, 0x2}, {}, 0x0, 0x6e6bb9, 0x1}, {{@in=@broadcast, 0xfffffffc, 0x32}, 0x0, @in=@empty, 0x0, 0x0, 0x2, 0x7, 0x200}}, 0xe8)
sendmmsg(r6, &(0x7f0000000480), 0x2e9, 0x0)
ioctl$sock_inet6_SIOCDELRT(r6, 0x890c, &(0x7f0000000240)={@remote, @private2={0xfc, 0x2, '\x00', 0x1}, @mcast2, 0x6, 0x328, 0x8098, 0x800, 0x9f, 0x10280})

3.871131104s ago: executing program 3 (id=461):
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(0xffffffffffffffff, 0x40505331, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000005000000df65a8b1945c86733d34ab0db97c2a5bd9a67c85711187a9469a8e", @ANYBLOB, @ANYRESDEC=0x0], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000200)='qrtr_ns_server_add\x00', r0, 0x0, 0x3}, 0x18)
r1 = syz_open_dev$usbfs(0x0, 0x77, 0x1a1281)
ioctl$F2FS_IOC_PRECACHE_EXTENTS(r1, 0x80005520, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000000c0)="d557fc16674b56c0a96a733c232d6790c63ca969a688b06e3da58f3c4568bf0a77bdff6f41d7890e18defe94ef1a392dc00dea94a1bfe64982de7cf1c91e1103cc1840210cbb57222bc2bfa30369992a6bc5156c00aeadd359a7991ad1de01feec401dba6d7694a14785839d3c2d67188cd07827c934897de4676743c192c4a4b24f7f8747141a1325d29da89694574c32eba56e5bbc8f80376f3325dd89937e990089294183a4829e21849004c538378d41066cb7de399450b3544067", 0xbd}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f00000001c0)=r0, 0x4)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
socket(0x400000000010, 0x3, 0x0)
socket$unix(0x1, 0x5, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000001c0)={0xa, 0x8b}, 0x0)
r3 = socket(0x2, 0x80805, 0x0)
setsockopt$inet_sctp_SCTP_MAX_BURST(r3, 0x84, 0x14, &(0x7f0000000380)=@assoc_value, 0x8)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x3)
r4 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r5 = syz_open_dev$MSR(&(0x7f0000000300), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x20000000)
syslog(0x3, &(0x7f0000002e00)=""/165, 0xa5)

3.74211309s ago: executing program 2 (id=462):
syz_pidfd_open(0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x41000, 0x30, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340), 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0xe1}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f00000002c0)=@abs={0x1, 0x0, 0x4e21}, 0x6e)
preadv2(0xffffffffffffffff, 0x0, 0x0, 0x2b, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x18, 0xb, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000140), 0x8, 0x80000)
syz_io_uring_setup(0x39, &(0x7f0000000580)={0x0, 0xe7b7, 0x13500}, &(0x7f0000000240), &(0x7f00000001c0))
mkdirat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x120)
openat$6lowpan_control(0xffffffffffffff9c, 0x0, 0x2, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)

3.701899185s ago: executing program 4 (id=463):
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/drop_packet\x00', 0x2, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x20)
r1 = socket$kcm(0x2, 0x3, 0x106)
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x2, 0x0, @local, 0x2}]}, &(0x7f00000002c0)=0x10)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r3, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={<r4=>0x0}, &(0x7f0000000300)=0x35)
r5 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r5, 0x84, 0x18, &(0x7f0000000040)={r4, 0x6}, 0x8)
sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)={{0x14}, [@NFT_MSG_NEWRULE={0x14, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x1, 0x0, 0x1}}], {0x14}}, 0x3c}}, 0x0)
sendmsg$inet(r1, &(0x7f0000000340)={&(0x7f0000000380)={0x2, 0x0, @remote}, 0x10, &(0x7f0000000300)=[{&(0x7f0000000080)="b51150c5e4c96e6d4e7719b506a0977a00000000", 0x14}], 0x1}, 0x0)

2.147621816s ago: executing program 2 (id=464):
r0 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)
write$tcp_congestion(r0, &(0x7f0000000100)='nv\x00', 0x3)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x58)
bind$alg(0xffffffffffffffff, &(0x7f0000000440)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cipher_null\x00'}, 0x58)
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000640)=ANY=[@ANYBLOB="9feb010018000000000000003400000034000000060000000400000000000007000000000000000000000001050000018000000000000000010000851000000000000000020000000000000000000100da"], 0x0, 0x52, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000480)={r1, 0x20, &(0x7f0000000440)={&(0x7f0000001340)=""/4092, 0xffc, 0x0, 0x0}}, 0x10)

2.120082338s ago: executing program 3 (id=465):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r3 = fanotify_init(0x200, 0x0)
fanotify_mark(r3, 0x201, 0x4800003e, r2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, 0x0)

2.005244898s ago: executing program 4 (id=466):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r4, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
ioctl$SIOCX25SFACILITIES(0xffffffffffffffff, 0x89e3, &(0x7f0000000080)={0x3d, 0x800000, 0x8, 0x7, 0x2, 0x81})
write$bt_hci(r4, &(0x7f0000000080)=ANY=[], 0x6)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=@newlink={0x20, 0x10, 0x1}, 0x20}, 0x1, 0x0, 0x0, 0x88000}, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_clone3(&(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000000040), 0x2}, 0xa0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000477000/0x3000)=nil, 0x3000, 0x2000006, 0x10, r3, 0x641ed000)

1.938738111s ago: executing program 2 (id=467):
socket(0x400000000010, 0x3, 0x0)
timer_create(0x7, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc))
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x20000008b}, 0x0)
setgid(0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
ioctl$TIOCPKT(0xffffffffffffffff, 0x5420, &(0x7f0000000040)=0x10001)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000003b40)={0x0, 0x0, &(0x7f0000003b00)={&(0x7f00000000c0)=@newtaction={0xfffffffffffffe93, 0x30, 0x1, 0x0, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x22000005}, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_opts(r4, 0x29, 0x3b, &(0x7f0000000140)=ANY=[@ANYBLOB="3a0004002238d8582e4985000000b000"], 0x8)
getsockopt$inet6_opts(r4, 0x29, 0x3b, 0xfffffffffffffffe, 0x0)
ioctl$SNDCTL_SEQ_OUTOFBAND(0xffffffffffffffff, 0x40085112, &(0x7f0000000380)=@v={0x93, 0x7, 0x0, 0x15, @MIDI_NOTEON=@special, 0x9a, 0x3})
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'\x00', 0x2})
ioctl$TUNSETOFFLOAD(r5, 0x400454c9, 0x13)
ioctl$TUNSETLINK(r5, 0x400454cd, 0x30a)
r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r6, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe)
r7 = socket$alg(0x26, 0x5, 0x0)
setsockopt$ALG_SET_KEY(r7, 0x117, 0x1, &(0x7f0000000100)="ad733642561534f1", 0x8)
listen(r6, 0x3)
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="043e130100c900"], 0x16)

714.00458ms ago: executing program 4 (id=468):
socket(0x400000000010, 0x3, 0x0)
timer_create(0x7, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc))
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x20000008b}, 0x0)
setgid(0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
ioctl$TIOCPKT(0xffffffffffffffff, 0x5420, &(0x7f0000000040)=0x10001)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000003b40)={0x0, 0x0, &(0x7f0000003b00)={&(0x7f00000000c0)=@newtaction={0xfffffffffffffe93, 0x30, 0x1, 0x0, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x22000005}, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_opts(r4, 0x29, 0x3b, &(0x7f0000000140)=ANY=[@ANYBLOB="3a0004002238d8582e4985000000b000"], 0x8)
getsockopt$inet6_opts(r4, 0x29, 0x3b, 0xfffffffffffffffe, 0x0)
ioctl$SNDCTL_SEQ_OUTOFBAND(0xffffffffffffffff, 0x40085112, &(0x7f0000000380)=@v={0x93, 0x7, 0x0, 0x15, @MIDI_NOTEON=@special, 0x9a, 0x3})
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'\x00', 0x2})
ioctl$TUNSETOFFLOAD(r5, 0x400454c9, 0x13)
ioctl$TUNSETLINK(r5, 0x400454cd, 0x30a)
r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r6, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe)
r7 = socket$alg(0x26, 0x5, 0x0)
setsockopt$ALG_SET_KEY(r7, 0x117, 0x1, &(0x7f0000000100)="ad733642561534f1", 0x8)
listen(r6, 0x3)
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="043e130100c900"], 0x16)

0s ago: executing program 3 (id=469):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'lo\x00', <r0=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000200)=@newqdisc={0x58, 0x24, 0xd0f, 0x3, 0x0, {0x60, 0x0, 0x0, r0, {0x0, 0x2}, {0xffff, 0xffff}, {0x4}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x24, 0x2, [@TCA_FQ_CODEL_CE_THRESHOLD_SELECTOR={0x5, 0xa, 0x3}, @TCA_FQ_CODEL_CE_THRESHOLD_SELECTOR={0x5, 0xa, 0x4}, @TCA_FQ_CODEL_TARGET={0x8, 0x1, 0x3}, @TCA_FQ_CODEL_QUANTUM={0x8, 0x6, 0x1}]}}]}, 0x58}, 0x1, 0x0, 0x0, 0x40001d4}, 0x8840)

kernel console output (not intermixed with test programs):

.0: probe with driver dvb_usb_mxl111sf failed with error -22
[  159.980591][ T5880] airspy 1-1:0.0: usb_control_msg() failed -71 request 09
[  160.031386][ T5880] airspy 1-1:0.0: Could not detect board
[  160.060648][ T5880] airspy 1-1:0.0: probe with driver airspy failed with error -71
[  160.102182][ T5880] usb 1-1: USB disconnect, device number 3
[  160.148590][ T5910] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  160.307658][ T6268] netlink: 'syz.4.87': attribute type 39 has an invalid length.
[  160.428291][ T5910] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  160.450634][ T5910] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0xB has an invalid bInterval 255, changing to 11
[  160.465602][ T6270] 
: renamed from bond0 (while UP)
[  160.474395][ T5910] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0xB has invalid maxpacket 59391, setting to 1024
[  160.716924][ T5910] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  161.419618][ T5910] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  161.446859][ T6260] raw-gadget.3 gadget.1: fail, usb_ep_enable returned -22
[  161.459209][ T5910] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  161.532120][ T1162] usb 4-1: USB disconnect, device number 3
[  162.816948][ T1162] usb 2-1: USB disconnect, device number 4
[  163.330651][ T6293] IPVS: Error connecting to the multicast addr
[  167.208045][ T6022] udevd[6022]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  169.441545][ T6328] FAULT_INJECTION: forcing a failure.
[  169.441545][ T6328] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  169.473125][ T6328] CPU: 0 UID: 0 PID: 6328 Comm: syz.3.103 Not tainted 6.15.0-rc1-syzkaller-00060-ga24588245776 #0 PREEMPT(full) 
[  169.473163][ T6328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  169.473175][ T6328] Call Trace:
[  169.473184][ T6328]  <TASK>
[  169.473191][ T6328]  dump_stack_lvl+0x241/0x360
[  169.473228][ T6328]  ? __pfx_dump_stack_lvl+0x10/0x10
[  169.473255][ T6328]  ? __pfx__printk+0x10/0x10
[  169.473297][ T6328]  should_fail_ex+0x424/0x570
[  169.473324][ T6328]  _copy_from_user+0x2d/0xb0
[  169.473354][ T6328]  do_sock_getsockopt+0x1d5/0x740
[  169.473382][ T6328]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  169.473400][ T6328]  ? __fget_files+0x2a/0x420
[  169.473425][ T6328]  ? __fget_files+0x39d/0x420
[  169.473447][ T6328]  ? __fget_files+0x2a/0x420
[  169.473478][ T6328]  __x64_sys_getsockopt+0x2a3/0x370
[  169.473507][ T6328]  ? __pfx___x64_sys_getsockopt+0x10/0x10
[  169.473535][ T6328]  ? do_syscall_64+0xb6/0x230
[  169.473563][ T6328]  do_syscall_64+0xf3/0x230
[  169.473587][ T6328]  ? clear_bhb_loop+0x45/0xa0
[  169.473611][ T6328]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  169.473631][ T6328] RIP: 0033:0x7f55e598d169
[  169.473647][ T6328] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  169.473663][ T6328] RSP: 002b:00007f55e67e8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  169.473685][ T6328] RAX: ffffffffffffffda RBX: 00007f55e5ba5fa0 RCX: 00007f55e598d169
[  169.473699][ T6328] RDX: 0000000000000072 RSI: 0000000000000084 RDI: 0000000000000003
[  169.473711][ T6328] RBP: 00007f55e67e8090 R08: 0000200000000080 R09: 0000000000000000
[  169.473724][ T6328] R10: 0000200000000040 R11: 0000000000000246 R12: 0000000000000001
[  169.473736][ T6328] R13: 0000000000000000 R14: 00007f55e5ba5fa0 R15: 00007ffd0f7e94a8
[  169.473766][ T6328]  </TASK>
[  169.810011][ T5880] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  170.091258][ T6337] PKCS8: Unsupported PKCS#8 version
[  170.098786][ T5880] usb 3-1: config 1 has an invalid descriptor of length 255, skipping remainder of the config
[  170.116630][ T5880] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  170.135635][ T6339] netlink: 'syz.0.106': attribute type 1 has an invalid length.
[  170.175632][ T6339] netlink: 224 bytes leftover after parsing attributes in process `syz.0.106'.
[  170.323126][ T5880] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  170.335066][ T5880] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  170.344082][ T5880] usb 3-1: SerialNumber: syz
[  170.462513][   T53] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  170.628035][   T53] usb 5-1: device descriptor read/64, error -71
[  170.907192][   T53] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  171.068285][   T53] usb 5-1: device descriptor read/64, error -71
[  171.365408][   T53] usb usb5-port1: attempt power cycle
[  173.276818][   T53] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  173.297021][    C1] raw-gadget.1 gadget.4: ignoring, device is not running
[  173.304287][   T53] usb 5-1: device descriptor read/8, error -32
[  173.577174][   T53] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  173.581396][ T5880] usb 3-1: 0:2 : does not exist
[  173.699766][    C1] raw-gadget.1 gadget.4: ignoring, device is not running
[  173.716066][   T53] usb 5-1: device descriptor read/8, error -32
[  173.867299][ T5880] usb 3-1: unit 255 not found!
[  173.907271][   T53] usb usb5-port1: unable to enumerate USB device
[  173.954949][ T5880] usb 3-1: USB disconnect, device number 4
[  174.528715][ T6073] udevd[6073]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  175.260463][ T6371] FAULT_INJECTION: forcing a failure.
[  175.260463][ T6371] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  175.428446][ T6371] CPU: 1 UID: 0 PID: 6371 Comm: syz.3.113 Not tainted 6.15.0-rc1-syzkaller-00060-ga24588245776 #0 PREEMPT(full) 
[  175.428476][ T6371] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  175.428488][ T6371] Call Trace:
[  175.428496][ T6371]  <TASK>
[  175.428504][ T6371]  dump_stack_lvl+0x241/0x360
[  175.428540][ T6371]  ? __pfx_dump_stack_lvl+0x10/0x10
[  175.428566][ T6371]  ? __pfx__printk+0x10/0x10
[  175.428605][ T6371]  should_fail_ex+0x424/0x570
[  175.428631][ T6371]  _copy_from_user+0x2d/0xb0
[  175.428659][ T6371]  copy_msghdr_from_user+0xb3/0x580
[  175.428693][ T6371]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  175.428717][ T6371]  ? __fget_files+0x2a/0x420
[  175.428743][ T6371]  ? __fget_files+0x2a/0x420
[  175.428775][ T6371]  do_recvmmsg+0x3bf/0xab0
[  175.428809][ T6371]  ? __pfx_do_recvmmsg+0x10/0x10
[  175.428848][ T6371]  ? rcu_read_lock_any_held+0xbb/0x160
[  175.428873][ T6371]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  175.428901][ T6371]  ? vfs_write+0xb29/0xd10
[  175.428938][ T6371]  ? ksys_write+0x24e/0x2d0
[  175.428968][ T6371]  ? __mutex_unlock_slowpath+0x229/0x800
[  175.429001][ T6371]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  175.429023][ T6371]  ? __fget_files+0x2a/0x420
[  175.429061][ T6371]  __x64_sys_recvmmsg+0x1ab/0x260
[  175.429085][ T6371]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  175.429114][ T6371]  ? do_syscall_64+0xb6/0x230
[  175.429140][ T6371]  do_syscall_64+0xf3/0x230
[  175.429163][ T6371]  ? clear_bhb_loop+0x45/0xa0
[  175.429186][ T6371]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  175.429204][ T6371] RIP: 0033:0x7f55e598d169
[  175.429222][ T6371] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  175.429237][ T6371] RSP: 002b:00007f55e67a6038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  175.429258][ T6371] RAX: ffffffffffffffda RBX: 00007f55e5ba6160 RCX: 00007f55e598d169
[  175.429272][ T6371] RDX: 040000000000012d RSI: 0000200000000080 RDI: 0000000000000005
[  175.429284][ T6371] RBP: 00007f55e67a6090 R08: 0000000000000000 R09: 0000000000000000
[  175.429296][ T6371] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  175.429307][ T6371] R13: 0000000000000000 R14: 00007f55e5ba6160 R15: 00007ffd0f7e94a8
[  175.429336][ T6371]  </TASK>
[  175.660168][    C1] vkms_vblank_simulate: vblank timer overrun
[  178.622098][ T6379] (unnamed net_device) (uninitialized): option ad_select: invalid value (105)
[  179.964973][ T5910] usb 2-1: new full-speed USB device number 5 using dummy_hcd
[  180.435190][ T5910] usb 2-1: New USB device found, idVendor=13d3, idProduct=3224, bcdDevice=cb.0d
[  180.569750][ T5910] usb 2-1: New USB device strings: Mfr=1, Product=12, SerialNumber=3
[  180.606769][ T5910] usb 2-1: Product: syz
[  180.611017][ T5910] usb 2-1: Manufacturer: syz
[  180.650608][ T5910] usb 2-1: SerialNumber: syz
[  180.669710][ T5910] dvb-usb: found a 'DigitalNow TinyUSB 2 DVB-t Receiver' in warm state.
[  181.067818][ T5910] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  181.086821][ T5910] dvb-usb: DigitalNow TinyUSB 2 DVB-t Receiver error while loading driver (-19)
[  181.116936][    T9] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  181.160769][ T6402] FAULT_INJECTION: forcing a failure.
[  181.160769][ T6402] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  181.216897][ T6402] CPU: 1 UID: 0 PID: 6402 Comm: syz.0.124 Not tainted 6.15.0-rc1-syzkaller-00060-ga24588245776 #0 PREEMPT(full) 
[  181.216928][ T6402] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  181.216954][ T6402] Call Trace:
[  181.216962][ T6402]  <TASK>
[  181.216971][ T6402]  dump_stack_lvl+0x241/0x360
[  181.217017][ T6402]  ? __pfx_dump_stack_lvl+0x10/0x10
[  181.217045][ T6402]  ? __pfx__printk+0x10/0x10
[  181.217086][ T6402]  should_fail_ex+0x424/0x570
[  181.217112][ T6402]  _copy_from_user+0x2d/0xb0
[  181.217143][ T6402]  do_ipv6_setsockopt+0x2f9/0x3680
[  181.217184][ T6402]  ? __pfx_do_ipv6_setsockopt+0x10/0x10
[  181.217243][ T6402]  ? rcu_read_lock_any_held+0xbb/0x160
[  181.217271][ T6402]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  181.217299][ T6402]  ? vfs_write+0xb29/0xd10
[  181.217337][ T6402]  ? ksys_write+0x24e/0x2d0
[  181.217370][ T6402]  ? __lock_acquire+0xad5/0xd80
[  181.217393][ T6402]  ipv6_setsockopt+0x5d/0x170
[  181.217425][ T6402]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  181.217454][ T6402]  do_sock_setsockopt+0x3b1/0x710
[  181.217481][ T6402]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  181.217500][ T6402]  ? __fget_files+0x2a/0x420
[  181.217527][ T6402]  ? __fget_files+0x39d/0x420
[  181.217549][ T6402]  ? __fget_files+0x2a/0x420
[  181.217581][ T6402]  __x64_sys_setsockopt+0x1ee/0x280
[  181.217608][ T6402]  do_syscall_64+0xf3/0x230
[  181.217633][ T6402]  ? clear_bhb_loop+0x45/0xa0
[  181.217657][ T6402]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  181.217676][ T6402] RIP: 0033:0x7faa3658d169
[  181.217700][ T6402] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  181.217717][ T6402] RSP: 002b:00007faa343d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  181.217748][ T6402] RAX: ffffffffffffffda RBX: 00007faa367a6080 RCX: 00007faa3658d169
[  181.217763][ T6402] RDX: 000000000000003b RSI: 0000000000000029 RDI: 0000000000000003
[  181.217775][ T6402] RBP: 00007faa343d5090 R08: 0000000000000130 R09: 0000000000000000
[  181.217787][ T6402] R10: 0000200000000280 R11: 0000000000000246 R12: 0000000000000001
[  181.217800][ T6402] R13: 0000000000000001 R14: 00007faa367a6080 R15: 00007ffe7aeea918
[  181.217832][ T6402]  </TASK>
[  181.305362][    T9] usb 5-1: config 1 has an invalid descriptor of length 255, skipping remainder of the config
[  181.512800][ T5820] usb 2-1: USB disconnect, device number 5
[  181.727733][    T9] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  181.780298][    T9] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  181.791154][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  181.828336][    T9] usb 5-1: SerialNumber: syz
[  182.110375][    T9] usb 5-1: 0:2 : does not exist
[  182.115373][    T9] usb 5-1: unit 255 not found!
[  182.187140][    T9] usb 5-1: USB disconnect, device number 7
[  183.738640][ T6427] netlink: 'syz.3.133': attribute type 4 has an invalid length.
[  184.021820][ T6073] udevd[6073]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  186.598553][   T30] audit: type=1326 audit(1744226364.440:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6442 comm="syz.2.138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15dbf8d169 code=0x7ffc0000
[  186.662522][   T30] audit: type=1326 audit(1744226364.460:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6442 comm="syz.2.138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f15dbf8d169 code=0x7ffc0000
[  186.724494][ T6444] Bluetooth: MGMT ver 1.23
[  186.879515][   T30] audit: type=1326 audit(1744226364.460:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6442 comm="syz.2.138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15dbf8d169 code=0x7ffc0000
[  186.923880][   T30] audit: type=1326 audit(1744226364.460:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6442 comm="syz.2.138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f15dbf8d169 code=0x7ffc0000
[  186.966565][   T30] audit: type=1326 audit(1744226364.460:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6442 comm="syz.2.138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15dbf8d169 code=0x7ffc0000
[  187.025029][   T30] audit: type=1326 audit(1744226364.460:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6442 comm="syz.2.138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15dbf8d169 code=0x7ffc0000
[  187.255325][ T6457] FAULT_INJECTION: forcing a failure.
[  187.255325][ T6457] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  187.336765][ T6457] CPU: 1 UID: 0 PID: 6457 Comm: syz.2.143 Not tainted 6.15.0-rc1-syzkaller-00060-ga24588245776 #0 PREEMPT(full) 
[  187.336797][ T6457] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  187.336810][ T6457] Call Trace:
[  187.336818][ T6457]  <TASK>
[  187.336827][ T6457]  dump_stack_lvl+0x241/0x360
[  187.336863][ T6457]  ? __pfx_dump_stack_lvl+0x10/0x10
[  187.336890][ T6457]  ? __pfx__printk+0x10/0x10
[  187.336929][ T6457]  should_fail_ex+0x424/0x570
[  187.336956][ T6457]  _copy_from_user+0x2d/0xb0
[  187.336987][ T6457]  raw_setsockopt+0x62f/0x1450
[  187.337014][ T6457]  ? sb_end_write+0xe9/0x1c0
[  187.337037][ T6457]  ? vfs_write+0xb29/0xd10
[  187.337074][ T6457]  ? __pfx_raw_setsockopt+0x10/0x10
[  187.337100][ T6457]  ? do_sys_openat2+0x165/0x1d0
[  187.337125][ T6457]  ? __pfx_vfs_write+0x10/0x10
[  187.337149][ T6457]  ? do_sys_openat2+0x165/0x1d0
[  187.337174][ T6457]  ? __pfx_raw_setsockopt+0x10/0x10
[  187.337200][ T6457]  do_sock_setsockopt+0x3b1/0x710
[  187.337228][ T6457]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  187.337260][ T6457]  ? ksys_write+0x266/0x2d0
[  187.337296][ T6457]  __x64_sys_setsockopt+0x1ee/0x280
[  187.337332][ T6457]  do_syscall_64+0xf3/0x230
[  187.337357][ T6457]  ? clear_bhb_loop+0x45/0xa0
[  187.337381][ T6457]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  187.337400][ T6457] RIP: 0033:0x7f15dbf8d169
[  187.337418][ T6457] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  187.337435][ T6457] RSP: 002b:00007f15dcd5e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  187.337457][ T6457] RAX: ffffffffffffffda RBX: 00007f15dc1a5fa0 RCX: 00007f15dbf8d169
[  187.337472][ T6457] RDX: 0000000000000007 RSI: 0000000000000065 RDI: 0000000000000003
[  187.337484][ T6457] RBP: 00007f15dcd5e090 R08: 0000000000000004 R09: 0000000000000000
[  187.337496][ T6457] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  187.337508][ T6457] R13: 0000000000000000 R14: 00007f15dc1a5fa0 R15: 00007ffee79e5d08
[  187.337540][ T6457]  </TASK>
[  187.658479][   T53] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  187.955459][   T53] usb 5-1: Using ep0 maxpacket: 32
[  187.964600][   T53] usb 5-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7
[  187.975360][   T53] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  188.003947][   T53] usb 5-1: config 0 descriptor??
[  188.247142][ T5880] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  188.416892][ T5880] usb 4-1: device descriptor read/64, error -71
[  188.796824][ T5880] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  189.006829][ T5880] usb 4-1: device descriptor read/64, error -71
[  189.019767][   T53] gspca_main: sunplus-2.14.0 probing 041e:400b
[  189.178021][ T5880] usb usb4-port1: attempt power cycle
[  189.687498][ T5880] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  189.825479][ T6478] netlink: 1004 bytes leftover after parsing attributes in process `syz.2.149'.
[  189.891785][ T5880] usb 4-1: device descriptor read/8, error -71
[  190.156964][ T5880] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  190.216839][ T5880] usb 4-1: device descriptor read/8, error -71
[  190.337201][ T5880] usb usb4-port1: unable to enumerate USB device
[  190.591367][ T6455] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  191.066360][ T6455] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  191.168565][   T53] gspca_sunplus: reg_w_riv err -71
[  191.173846][   T53] sunplus 5-1:0.0: probe with driver sunplus failed with error -71
[  191.195402][   T53] usb 5-1: USB disconnect, device number 8
[  191.566902][   T24] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  191.676963][   T53] usb 5-1: new full-speed USB device number 9 using dummy_hcd
[  191.739742][   T24] usb 3-1: Using ep0 maxpacket: 16
[  191.756107][   T24] usb 3-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  191.776159][   T24] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  191.806795][ T5878] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  191.814731][   T24] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  191.846254][   T24] usb 3-1: config 1 has no interface number 1
[  191.857709][   T53] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  191.871996][   T24] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  191.885934][   T53] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4
[  191.911627][   T24] usb 3-1: config 1 interface 2 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  191.928838][   T53] usb 5-1: New USB device found, idVendor=045e, idProduct=009d, bcdDevice= 0.00
[  191.940021][   T53] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  191.954282][   T24] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  191.965588][   T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  191.978726][   T53] usb 5-1: config 0 descriptor??
[  191.983970][   T24] usb 3-1: Product: syz
[  191.994748][ T6499] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  192.010068][ T5878] usb 1-1: config 0 has more interface descriptors, than it declares in bNumInterfaces, ignoring interface number: 0
[  192.031810][   T24] usb 3-1: Manufacturer: syz
[  192.036638][ T5878] usb 1-1: config 0 has more interface descriptors, than it declares in bNumInterfaces, ignoring interface number: 0
[  192.053239][   T24] usb 3-1: SerialNumber: syz
[  192.064061][ T5878] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  192.084907][ T5878] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 4
[  192.106070][ T5878] usb 1-1: New USB device found, idVendor=1908, idProduct=1315, bcdDevice= 0.00
[  192.125959][ T5878] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  192.150048][ T5878] usb 1-1: Product: syz
[  192.154316][ T5878] usb 1-1: Manufacturer: syz
[  192.178643][ T5878] usb 1-1: SerialNumber: syz
[  192.197607][ T5878] usb 1-1: config 0 descriptor??
[  192.223178][ T5878] usb-storage 1-1:0.0: USB Mass Storage device detected
[  192.254411][ T5878] usb-storage 1-1:0.0: Quirks match for vid 1908 pid 1315: 20000
[  193.111725][   T53] microsoft 0003:045E:009D.0002: unknown main item tag 0x1
[  193.127622][   T53] microsoft 0003:045E:009D.0002: unbalanced delimiter at end of report description
[  193.162909][   T53] microsoft 0003:045E:009D.0002: parse failed
[  193.172719][   T24] usb 3-1: USB disconnect, device number 5
[  193.187155][   T53] microsoft 0003:045E:009D.0002: probe with driver microsoft failed with error -22
[  193.407041][   T53] usb 5-1: USB disconnect, device number 9
[  193.553205][ T6046] udevd[6046]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  193.623003][ T5878] usb 1-1: USB disconnect, device number 4
[  193.934829][ T6517] netlink: 1004 bytes leftover after parsing attributes in process `syz.0.161'.
[  194.330823][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  194.988291][ T5880] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  195.277496][ T5878] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  196.177274][ T5883] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  196.680918][ T5879] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  196.688610][ T5878] usb 5-1: device descriptor read/64, error -71
[  196.830497][ T5880] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  196.839023][ T5879] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  196.850389][ T5880] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  196.862724][ T5879] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  196.876426][ T5879] usb 1-1: New USB device found, idVendor=1223, idProduct=3f07, bcdDevice= 0.00
[  196.881811][ T5880] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  196.894939][ T5879] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  196.904432][ T5883] usb 3-1: Using ep0 maxpacket: 8
[  196.914450][ T5879] usb 1-1: config 0 descriptor??
[  196.936491][ T5880] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  196.945254][ T5883] usb 3-1: config index 0 descriptor too short (expected 301, got 45)
[  196.953546][ T5878] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  196.983591][ T5880] usb 2-1: config 0 descriptor??
[  196.995456][ T5883] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  197.019284][ T5883] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  197.030846][ T5883] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  197.043314][ T5883] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  197.090921][ T5878] usb 5-1: device descriptor read/64, error -71
[  197.108495][ T5883] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  197.148991][ T5883] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  197.210184][ T5878] usb usb5-port1: attempt power cycle
[  197.407730][ T5883] usb 3-1: usb_control_msg returned -32
[  197.435572][ T5883] usbtmc 3-1:16.0: can't read capabilities
[  197.439686][ T5879] ortek 0003:1223:3F07.0003: unknown main item tag 0x6
[  197.451793][ T5880] pyra 0003:1E7D:2CF6.0004: hidraw0: USB HID v0.00 Device [HID 1e7d:2cf6] on usb-dummy_hcd.1-1/input0
[  197.469107][ T5879] ortek 0003:1223:3F07.0003: unknown global tag 0xc
[  197.508810][ T5879] ortek 0003:1223:3F07.0003: item 0 2 1 12 parsing failed
[  197.547592][ T5879] ortek 0003:1223:3F07.0003: probe with driver ortek failed with error -22
[  197.577568][ T5878] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  197.706603][ T6523] input: syz0 as /devices/virtual/input/input9
[  197.807246][ T6550] usbtmc 3-1:16.0: stb usb_control_msg returned -32
[  197.886060][ T5879] usb 3-1: USB disconnect, device number 6
[  197.922605][ T6549] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  197.967787][   T24] usb 1-1: USB disconnect, device number 5
[  197.995326][ T6549] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  198.025727][ T5878] usb 5-1: device descriptor read/8, error -71
[  198.273707][ T5880] pyra 0003:1E7D:2CF6.0004: couldn't init struct pyra_device
[  198.297462][ T5880] pyra 0003:1E7D:2CF6.0004: couldn't install mouse
[  198.337418][ T5880] pyra 0003:1E7D:2CF6.0004: probe with driver pyra failed with error -71
[  198.379291][ T5880] usb 2-1: USB disconnect, device number 6
[  199.091526][ T6560] netlink: 1004 bytes leftover after parsing attributes in process `syz.2.175'.
[  201.399531][ T5835] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:201'
[  201.409259][ T5835] CPU: 0 UID: 0 PID: 5835 Comm: kworker/u9:3 Not tainted 6.15.0-rc1-syzkaller-00060-ga24588245776 #0 PREEMPT(full) 
[  201.409290][ T5835] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  201.409305][ T5835] Workqueue: hci0 hci_rx_work
[  201.409343][ T5835] Call Trace:
[  201.409359][ T5835]  <TASK>
[  201.409369][ T5835]  dump_stack_lvl+0x241/0x360
[  201.409406][ T5835]  ? __pfx_dump_stack_lvl+0x10/0x10
[  201.409437][ T5835]  ? __pfx__printk+0x10/0x10
[  201.409464][ T5835]  ? kernfs_path_from_node+0x2b/0x250
[  201.409497][ T5835]  ? kernfs_path_from_node+0x217/0x250
[  201.409528][ T5835]  sysfs_create_dir_ns+0x2fd/0x3f0
[  201.409558][ T5835]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  201.409596][ T5835]  kobject_add_internal+0x435/0x8d0
[  201.409635][ T5835]  kobject_add+0x15b/0x230
[  201.409662][ T5835]  ? do_raw_spin_unlock+0x13c/0x8b0
[  201.409692][ T5835]  ? device_add+0x3e7/0xbf0
[  201.409717][ T5835]  ? __pfx_kobject_add+0x10/0x10
[  201.409745][ T5835]  ? _raw_spin_unlock+0x28/0x50
[  201.409771][ T5835]  ? get_device_parent+0x165/0x410
[  201.409800][ T5835]  device_add+0x4e5/0xbf0
[  201.409833][ T5835]  hci_conn_add_sysfs+0xe8/0x200
[  201.409867][ T5835]  le_conn_complete_evt+0xc6e/0x12a0
[  201.409926][ T5835]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  201.409959][ T5835]  ? irqentry_exit+0x63/0x90
[  201.409982][ T5835]  ? lockdep_hardirqs_on+0x9d/0x150
[  201.410016][ T5835]  ? skb_pull_data+0x112/0x230
[  201.410050][ T5835]  hci_le_conn_complete_evt+0x18c/0x420
[  201.410083][ T5835]  hci_event_packet+0xa5c/0x1550
[  201.410122][ T5835]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  201.410152][ T5835]  ? __pfx_hci_event_packet+0x10/0x10
[  201.410192][ T5835]  ? kcov_remote_start+0x2e/0x7d0
[  201.410228][ T5835]  ? hci_send_to_monitor+0xdc/0x530
[  201.410256][ T5835]  hci_rx_work+0x3f3/0xdb0
[  201.410301][ T5835]  ? process_scheduled_works+0x9cb/0x18e0
[  201.410323][ T5835]  process_scheduled_works+0xac3/0x18e0
[  201.410386][ T5835]  ? __pfx_process_scheduled_works+0x10/0x10
[  201.410420][ T5835]  ? assign_work+0x367/0x3d0
[  201.410448][ T5835]  worker_thread+0x870/0xd50
[  201.410489][ T5835]  ? __kthread_parkme+0x1a8/0x200
[  201.410519][ T5835]  ? __pfx_worker_thread+0x10/0x10
[  201.410543][ T5835]  kthread+0x7b7/0x940
[  201.410573][ T5835]  ? __pfx_worker_thread+0x10/0x10
[  201.410598][ T5835]  ? __pfx_kthread+0x10/0x10
[  201.410623][ T5835]  ? __pfx_kthread+0x10/0x10
[  201.410650][ T5835]  ? __pfx_kthread+0x10/0x10
[  201.410677][ T5835]  ? __pfx_kthread+0x10/0x10
[  201.410704][ T5835]  ? _raw_spin_unlock_irq+0x23/0x50
[  201.410724][ T5835]  ? lockdep_hardirqs_on+0x9d/0x150
[  201.410747][ T5835]  ? __pfx_kthread+0x10/0x10
[  201.410776][ T5835]  ret_from_fork+0x4b/0x80
[  201.410796][ T5835]  ? __pfx_kthread+0x10/0x10
[  201.410824][ T5835]  ret_from_fork_asm+0x1a/0x30
[  201.410875][ T5835]  </TASK>
[  201.410907][ T5835] kobject: kobject_add_internal failed for hci0:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  201.706780][ T5835] Bluetooth: hci0: failed to register connection device
[  201.899536][ T6579] netlink: 16 bytes leftover after parsing attributes in process `syz.1.181'.
[  201.952686][ T6580] netlink: 16 bytes leftover after parsing attributes in process `syz.1.181'.
[  202.144133][ T6582] overlayfs: failed to resolve './file1': -2
[  202.184370][   T24] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  202.477543][   T24] usb 5-1: config 0 has no interfaces?
[  202.483314][   T24] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  202.506722][   T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  202.527201][   T24] usb 5-1: config 0 descriptor??
[  202.861268][ T5883] usb 5-1: USB disconnect, device number 14
[  204.529695][ T6603] netlink: 1004 bytes leftover after parsing attributes in process `syz.1.189'.
[  204.876789][ T5883] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  206.442054][ T5883] usb 4-1: config 1 has an invalid descriptor of length 255, skipping remainder of the config
[  206.553442][ T5883] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  206.595551][ T5883] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  206.616881][ T5883] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  206.646749][ T5883] usb 4-1: SerialNumber: syz
[  206.887657][ T5883] usb 4-1: 0:2 : does not exist
[  206.906251][ T5883] usb 4-1: unit 255 not found!
[  206.966926][   T10] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  206.993342][ T5883] usb 4-1: USB disconnect, device number 8
[  207.160346][   T10] usb 5-1: Using ep0 maxpacket: 8
[  207.242950][   T10] usb 5-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[  207.265970][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  207.297171][   T10] usb 5-1: Product: syz
[  207.302347][   T10] usb 5-1: Manufacturer: syz
[  207.319952][   T10] usb 5-1: SerialNumber: syz
[  207.331636][   T10] usb 5-1: config 0 descriptor??
[  207.388800][ T6073] udevd[6073]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  207.421057][   T10] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state.
[  207.441394][   T10] usb 5-1: setting power ON
[  207.451567][   T10] dvb-usb: bulk message failed: -22 (2/0)
[  207.492581][   T10] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  207.646364][ T6618] dvb-usb: bulk message failed: -22 (3/0)
[  207.652562][ T6618] usb 5-1: gpio_write failed.
[  207.694251][ T6618] dvb-usb: bulk message failed: -22 (4/0)
[  207.705167][   T10] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID))
[  207.722373][   T10] usb 5-1: media controller created
[  207.727906][ T6627] dvb-usb: bulk message failed: -22 (4/0)
[  207.733684][ T6627] cxusb: i2c read failed
[  207.751908][ T6627] FAULT_INJECTION: forcing a failure.
[  207.751908][ T6627] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  207.852547][ T5139] Bluetooth: hci0: command 0x0406 tx timeout
[  207.987643][ T6627] CPU: 1 UID: 0 PID: 6627 Comm: syz.4.194 Not tainted 6.15.0-rc1-syzkaller-00060-ga24588245776 #0 PREEMPT(full) 
[  207.987673][ T6627] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  207.987686][ T6627] Call Trace:
[  207.987695][ T6627]  <TASK>
[  207.987704][ T6627]  dump_stack_lvl+0x241/0x360
[  207.987748][ T6627]  ? __pfx_dump_stack_lvl+0x10/0x10
[  207.987777][ T6627]  ? __pfx__printk+0x10/0x10
[  207.987816][ T6627]  should_fail_ex+0x424/0x570
[  207.987844][ T6627]  _copy_to_user+0x31/0xb0
[  207.987878][ T6627]  simple_read_from_buffer+0xc4/0x170
[  207.987905][ T6627]  proc_fail_nth_read+0x1ef/0x260
[  207.987936][ T6627]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  207.987964][ T6627]  ? rw_verify_area+0x1f0/0x630
[  207.987993][ T6627]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  207.988022][ T6627]  vfs_read+0x21f/0xb90
[  207.988055][ T6627]  ? __pfx___mutex_lock+0x10/0x10
[  207.988081][ T6627]  ? __pfx_vfs_read+0x10/0x10
[  207.988113][ T6627]  ? __fget_files+0x2a/0x420
[  207.988139][ T6627]  ? __fget_files+0x39d/0x420
[  207.988161][ T6627]  ? __fget_files+0x2a/0x420
[  207.988195][ T6627]  ksys_read+0x19d/0x2d0
[  207.988226][ T6627]  ? __pfx_ksys_read+0x10/0x10
[  207.988261][ T6627]  ? do_syscall_64+0xb6/0x230
[  207.988289][ T6627]  do_syscall_64+0xf3/0x230
[  207.988314][ T6627]  ? clear_bhb_loop+0x45/0xa0
[  207.988339][ T6627]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  207.988359][ T6627] RIP: 0033:0x7f9010b8bb7c
[  207.988377][ T6627] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  207.988394][ T6627] RSP: 002b:00007f9011997030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  207.988416][ T6627] RAX: ffffffffffffffda RBX: 00007f9010da6080 RCX: 00007f9010b8bb7c
[  207.988431][ T6627] RDX: 000000000000000f RSI: 00007f90119970a0 RDI: 0000000000000005
[  207.988443][ T6627] RBP: 00007f9011997090 R08: 0000000000000000 R09: 0000000000000000
[  207.988456][ T6627] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  207.988468][ T6627] R13: 0000000000000001 R14: 00007f9010da6080 R15: 00007fff3948e2d8
[  207.988501][ T6627]  </TASK>
[  208.206326][    C1] vkms_vblank_simulate: vblank timer overrun
[  208.383273][   T10] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  208.528541][   T10] usb 5-1: selecting invalid altsetting 6
[  209.294150][   T10] usb 5-1: digital interface selection failed (-22)
[  209.303164][   T10] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)'
[  209.317513][   T10] usb 5-1: setting power OFF
[  209.324562][   T10] dvb-usb: bulk message failed: -22 (2/0)
[  209.330888][   T10] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected.
[  209.340487][   T10] (NULL device *): no alternate interface
[  209.458028][ T6636] capability: warning: `syz.2.197' uses deprecated v2 capabilities in a way that may be insecure
[  210.311794][   T10] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected.
[  210.373455][   T10] usb 5-1: USB disconnect, device number 15
[  211.299816][ T6652] FAULT_INJECTION: forcing a failure.
[  211.299816][ T6652] name failslab, interval 1, probability 0, space 0, times 0
[  211.326854][ T6652] CPU: 0 UID: 0 PID: 6652 Comm: syz.3.198 Not tainted 6.15.0-rc1-syzkaller-00060-ga24588245776 #0 PREEMPT(full) 
[  211.326886][ T6652] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  211.326900][ T6652] Call Trace:
[  211.326908][ T6652]  <TASK>
[  211.326917][ T6652]  dump_stack_lvl+0x241/0x360
[  211.326955][ T6652]  ? __pfx_dump_stack_lvl+0x10/0x10
[  211.326984][ T6652]  ? __pfx__printk+0x10/0x10
[  211.327016][ T6652]  ? __pfx___might_resched+0x10/0x10
[  211.327048][ T6652]  should_fail_ex+0x424/0x570
[  211.327076][ T6652]  should_failslab+0xac/0x100
[  211.327099][ T6652]  __kmalloc_cache_noprof+0x73/0x370
[  211.327120][ T6652]  ? madvise_collapse+0x210/0xd20
[  211.327148][ T6652]  madvise_collapse+0x210/0xd20
[  211.327177][ T6652]  ? __lock_acquire+0xad5/0xd80
[  211.327199][ T6652]  ? __pfx_find_vma_prev+0x10/0x10
[  211.327226][ T6652]  ? __pfx_madvise_collapse+0x10/0x10
[  211.327265][ T6652]  madvise_do_behavior+0x1349/0x4640
[  211.327287][ T6652]  ? is_bpf_text_address+0x288/0x2a0
[  211.327331][ T6652]  ? kstrtoull+0x1d3/0x2f0
[  211.327356][ T6652]  ? __pfx_kstrtoull+0x10/0x10
[  211.327391][ T6652]  ? __pfx_madvise_do_behavior+0x10/0x10
[  211.327420][ T6652]  ? kstrtouint+0xfc/0x190
[  211.327457][ T6652]  ? __lock_acquire+0xad5/0xd80
[  211.327504][ T6652]  ? __lock_acquire+0xad5/0xd80
[  211.327552][ T6652]  ? down_read+0x813/0xa50
[  211.327583][ T6652]  ? __mutex_unlock_slowpath+0x229/0x800
[  211.327620][ T6652]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  211.327644][ T6652]  ? __fget_files+0x2a/0x420
[  211.327686][ T6652]  __x64_sys_madvise+0x185/0x220
[  211.327712][ T6652]  ? __pfx___x64_sys_madvise+0x10/0x10
[  211.327743][ T6652]  ? do_syscall_64+0xb6/0x230
[  211.327772][ T6652]  do_syscall_64+0xf3/0x230
[  211.327797][ T6652]  ? clear_bhb_loop+0x45/0xa0
[  211.327822][ T6652]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  211.327842][ T6652] RIP: 0033:0x7f55e598d169
[  211.327860][ T6652] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  211.327877][ T6652] RSP: 002b:00007f55e67c7038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[  211.327900][ T6652] RAX: ffffffffffffffda RBX: 00007f55e5ba6080 RCX: 00007f55e598d169
[  211.327915][ T6652] RDX: 0000000000000019 RSI: 0000000000600003 RDI: 0000200000000000
[  211.327929][ T6652] RBP: 00007f55e67c7090 R08: 0000000000000000 R09: 0000000000000000
[  211.327941][ T6652] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  211.327953][ T6652] R13: 0000000000000000 R14: 00007f55e5ba6080 R15: 00007ffd0f7e94a8
[  211.327986][ T6652]  </TASK>
[  213.682769][ T6666] netlink: 12 bytes leftover after parsing attributes in process `syz.0.207'.
[  213.746357][ T6666] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  213.755986][ T6666] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  213.765301][ T6666] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  213.774179][ T6666] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  213.851102][ T6666] netdevsim netdevsim0 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  213.860512][ T6666] netdevsim netdevsim0 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  213.869777][ T6666] netdevsim netdevsim0 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  213.879129][ T6666] netdevsim netdevsim0 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  213.955716][ T6673] netlink: 'syz.2.209': attribute type 1 has an invalid length.
[  213.963869][ T6673] netlink: 224 bytes leftover after parsing attributes in process `syz.2.209'.
[  213.988902][ T6673] netlink: 8 bytes leftover after parsing attributes in process `syz.2.209'.
[  214.051516][ T5880] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  214.097241][   T24] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  214.265254][ T5880] usb 2-1: config 0 has too many interfaces: 36, using maximum allowed: 32
[  214.274552][ T5880] usb 2-1: config 0 has an invalid interface number: 82 but max is 35
[  214.290247][   T24] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  214.300914][ T5880] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 36
[  214.601252][   T24] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  214.617445][ T5880] usb 2-1: config 0 has no interface number 0
[  214.623573][   T24] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  214.623635][   T24] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  214.676365][ T5880] usb 2-1: New USB device found, idVendor=08ca, idProduct=0104, bcdDevice=32.8f
[  214.828972][ T6682] tap0: tun_chr_ioctl cmd 1074025677
[  214.836504][ T6682] tap0: linktype set to 778
[  215.444005][ T5880] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  215.457190][ T5843] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[  215.474748][ T5880] usb 2-1: config 0 descriptor??
[  215.490228][ T5880] gspca_main: sunplus-2.14.0 probing 08ca:0104
[  215.496991][   T24] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  215.520468][   T24] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  215.539441][   T24] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  215.548915][   T24] usb 5-1: Product: syz
[  215.553169][   T24] usb 5-1: Manufacturer: syz
[  215.572535][   T24] cdc_wdm 5-1:1.0: skipping garbage
[  215.578697][   T24] cdc_wdm 5-1:1.0: skipping garbage
[  215.639329][   T24] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  215.646840][   T24] cdc_wdm 5-1:1.0: Unknown control protocol
[  215.748214][ T5880] usb 2-1: USB disconnect, device number 7
[  215.841196][ T6691] FAULT_INJECTION: forcing a failure.
[  215.841196][ T6691] name failslab, interval 1, probability 0, space 0, times 0
[  215.968059][ T6691] CPU: 1 UID: 0 PID: 6691 Comm: syz.0.214 Not tainted 6.15.0-rc1-syzkaller-00060-ga24588245776 #0 PREEMPT(full) 
[  215.968090][ T6691] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  215.968103][ T6691] Call Trace:
[  215.968111][ T6691]  <TASK>
[  215.968120][ T6691]  dump_stack_lvl+0x241/0x360
[  215.968156][ T6691]  ? __pfx_dump_stack_lvl+0x10/0x10
[  215.968184][ T6691]  ? __pfx__printk+0x10/0x10
[  215.968216][ T6691]  ? __pfx___might_resched+0x10/0x10
[  215.968246][ T6691]  should_fail_ex+0x424/0x570
[  215.968273][ T6691]  should_failslab+0xac/0x100
[  215.968296][ T6691]  __kmalloc_cache_noprof+0x73/0x370
[  215.968316][ T6691]  ? snd_pcm_oss_change_params_locked+0x176/0x4150
[  215.968352][ T6691]  snd_pcm_oss_change_params_locked+0x176/0x4150
[  215.968393][ T6691]  ? rcu_is_watching+0x15/0xb0
[  215.968421][ T6691]  ? __mutex_lock+0x380/0x10c0
[  215.968455][ T6691]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[  215.968485][ T6691]  ? snd_pcm_oss_read+0x1c3/0x8a0
[  215.968511][ T6691]  ? __pfx___mutex_lock+0x10/0x10
[  215.968550][ T6691]  ? rcu_read_lock_any_held+0xbb/0x160
[  215.968579][ T6691]  snd_pcm_oss_read+0x22f/0x8a0
[  215.968636][ T6691]  ? __pfx_snd_pcm_oss_read+0x10/0x10
[  215.968662][ T6691]  vfs_read+0x21f/0xb90
[  215.968696][ T6691]  ? __pfx_vfs_read+0x10/0x10
[  215.968721][ T6691]  ? __fget_files+0x2a/0x420
[  215.968742][ T6691]  ? __fget_files+0x2a/0x420
[  215.968764][ T6691]  ? __fget_files+0x39d/0x420
[  215.968789][ T6691]  ? __fget_files+0x2a/0x420
[  215.968823][ T6691]  ksys_read+0x19d/0x2d0
[  215.968854][ T6691]  ? __pfx_ksys_read+0x10/0x10
[  215.968889][ T6691]  ? do_syscall_64+0xb6/0x230
[  215.968916][ T6691]  do_syscall_64+0xf3/0x230
[  215.968941][ T6691]  ? clear_bhb_loop+0x45/0xa0
[  215.968965][ T6691]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  215.968985][ T6691] RIP: 0033:0x7faa3658d169
[  215.969003][ T6691] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  215.969020][ T6691] RSP: 002b:00007faa343f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  215.969042][ T6691] RAX: ffffffffffffffda RBX: 00007faa367a5fa0 RCX: 00007faa3658d169
[  215.969057][ T6691] RDX: 0000000000002020 RSI: 00002000000063c0 RDI: 0000000000000003
[  215.969070][ T6691] RBP: 00007faa343f6090 R08: 0000000000000000 R09: 0000000000000000
[  215.969082][ T6691] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  215.969093][ T6691] R13: 0000000000000000 R14: 00007faa367a5fa0 R15: 00007ffe7aeea918
[  215.969125][ T6691]  </TASK>
[  216.084324][ T6693] netlink: 8 bytes leftover after parsing attributes in process `syz.4.208'.
[  216.087945][    C1] vkms_vblank_simulate: vblank timer overrun
[  216.239546][    C1] vkms_vblank_simulate: vblank timer overrun
[  216.321154][ T5883] usb 5-1: USB disconnect, device number 16
[  217.541792][ T5139] Bluetooth: hci2: command 0x0406 tx timeout
[  217.548304][ T5139] Bluetooth: hci3: command 0x0406 tx timeout
[  217.555249][ T5139] Bluetooth: hci4: command 0x0406 tx timeout
[  217.568423][ T5139] Bluetooth: hci0: command 0x0406 tx timeout
[  217.916390][ T5139] Bluetooth: hci1: command 0x0406 tx timeout
[  218.483493][ T6713] netlink: 8 bytes leftover after parsing attributes in process `syz.4.219'.
[  218.493089][ T6713] netlink: 4 bytes leftover after parsing attributes in process `syz.4.219'.
[  218.502110][ T6713] netlink: 'syz.4.219': attribute type 14 has an invalid length.
[  218.510076][ T6713] netlink: 'syz.4.219': attribute type 13 has an invalid length.
[  219.006890][   T24] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  219.659016][ T6723] workqueue: Failed to create a rescuer kthread for wq "ceph-completion": -EINTR
[  219.666787][ T5880] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  219.827785][   T24] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  219.836501][   T24] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  219.855334][   T24] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  219.865477][   T24] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  219.884162][   T24] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  219.894974][   T24] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  219.903110][   T24] usb 5-1: Product: syz
[  219.907370][   T24] usb 5-1: Manufacturer: syz
[  219.919542][   T24] cdc_wdm 5-1:1.0: skipping garbage
[  219.924838][   T24] cdc_wdm 5-1:1.0: skipping garbage
[  219.957813][   T24] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  219.963874][   T24] cdc_wdm 5-1:1.0: Unknown control protocol
[  219.986891][ T5880] usb 3-1: device descriptor read/64, error -71
[  220.537159][ T5880] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  220.677019][ T5880] usb 3-1: device descriptor read/64, error -71
[  220.787268][ T5880] usb usb3-port1: attempt power cycle
[  221.209245][ T5880] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  221.324849][   T10] usb 5-1: USB disconnect, device number 17
[  221.402005][ T5880] usb 3-1: device descriptor read/8, error -71
[  221.667278][    T9] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  221.668294][ T6745] netlink: 32 bytes leftover after parsing attributes in process `syz.4.227'.
[  221.708611][ T6747] netlink: 32 bytes leftover after parsing attributes in process `syz.2.228'.
[  221.836903][    T9] usb 4-1: Using ep0 maxpacket: 32
[  221.903989][    T9] usb 4-1: no configurations
[  221.933467][    T9] usb 4-1: can't read configurations, error -22
[  222.198665][    T9] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  222.984947][   T24] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  223.006766][    T9] usb 4-1: Using ep0 maxpacket: 32
[  223.018635][    T9] usb 4-1: no configurations
[  223.026945][    T9] usb 4-1: can't read configurations, error -22
[  223.033711][    T9] usb usb4-port1: attempt power cycle
[  223.058543][ T6764] overlayfs: missing 'lowerdir'
[  223.742152][   T24] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  223.752852][   T24] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  223.767823][   T24] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  223.777545][   T24] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  223.791787][   T24] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  223.812390][   T24] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  223.821922][   T24] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  223.832941][   T24] usb 5-1: Product: syz
[  223.838045][   T24] usb 5-1: Manufacturer: syz
[  223.872550][   T24] cdc_wdm 5-1:1.0: skipping garbage
[  223.883823][   T24] cdc_wdm 5-1:1.0: skipping garbage
[  223.923029][   T24] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  224.005143][   T24] cdc_wdm 5-1:1.0: Unknown control protocol
[  224.011590][    T9] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  224.041550][    T9] usb 4-1: Using ep0 maxpacket: 32
[  224.049460][    T9] usb 4-1: no configurations
[  224.054356][    T9] usb 4-1: can't read configurations, error -22
[  224.115715][ T6759] netlink: 40 bytes leftover after parsing attributes in process `syz.4.231'.
[  224.127002][ T6759] netlink: 40 bytes leftover after parsing attributes in process `syz.4.231'.
[  224.198843][    C0] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  224.205592][    C0] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  224.211962][    C0] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  224.218562][    C0] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  224.224847][    C0] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  224.231481][    C0] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  224.237804][    C0] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  224.244760][    C0] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  224.251057][    C0] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  224.257669][    C0] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  224.264980][    T9] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  224.273162][    C0] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  224.273183][    C0] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  224.273718][    C0] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  224.273731][    C0] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  224.280506][    C0] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  224.280522][    C0] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  224.286680][    C0] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  224.286702][    C0] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  224.293437][    C0] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  224.293458][    C0] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  224.339292][ T5880] usb 5-1: USB disconnect, device number 18
[  224.345224][    C0] cdc_wdm 5-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  224.936329][    T9] usb 4-1: device descriptor read/8, error -71
[  225.525080][    T9] usb usb4-port1: unable to enumerate USB device
[  225.920622][ T6784] netlink: 132 bytes leftover after parsing attributes in process `syz.3.238'.
[  226.374438][    T9] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  227.668048][    T9] usb 4-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[  227.696480][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  227.728473][    T9] usb 4-1: Product: syz
[  227.732702][    T9] usb 4-1: Manufacturer: syz
[  227.759084][    T9] usb 4-1: SerialNumber: syz
[  227.808557][    T9] usb 4-1: config 0 descriptor??
[  227.895839][    T9] ch341 4-1:0.0: ch341-uart converter detected
[  229.289473][ T6808] FAULT_INJECTION: forcing a failure.
[  229.289473][ T6808] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  229.356321][    T9] ch341-uart ttyUSB0: break control not supported, using simulated break
[  229.378193][ T6808] CPU: 1 UID: 0 PID: 6808 Comm: syz.2.245 Not tainted 6.15.0-rc1-syzkaller-00060-ga24588245776 #0 PREEMPT(full) 
[  229.378225][ T6808] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  229.378238][ T6808] Call Trace:
[  229.378247][ T6808]  <TASK>
[  229.378256][ T6808]  dump_stack_lvl+0x241/0x360
[  229.378296][ T6808]  ? __pfx_dump_stack_lvl+0x10/0x10
[  229.378326][ T6808]  ? __pfx__printk+0x10/0x10
[  229.378367][ T6808]  should_fail_ex+0x424/0x570
[  229.378395][ T6808]  prepare_alloc_pages+0x220/0x610
[  229.378434][ T6808]  __alloc_frozen_pages_noprof+0x162/0x5b0
[  229.378468][ T6808]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  229.378499][ T6808]  ? rcu_preempt_deferred_qs_irqrestore+0x8c6/0xcb0
[  229.378554][ T6808]  alloc_pages_mpol+0x339/0x690
[  229.378583][ T6808]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  229.378616][ T6808]  vma_alloc_folio_noprof+0x12d/0x260
[  229.378649][ T6808]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  229.378683][ T6808]  folio_prealloc+0x2e/0x170
[  229.378711][ T6808]  handle_pte_fault+0x2e45/0x61c0
[  229.378761][ T6808]  ? __pfx_handle_pte_fault+0x10/0x10
[  229.378797][ T6808]  ? finish_task_switch+0x1e5/0x870
[  229.378827][ T6808]  ? lockdep_hardirqs_on+0x9d/0x150
[  229.378857][ T6808]  ? rcu_is_watching+0x15/0xb0
[  229.378882][ T6808]  ? trace_sched_exit_tp+0x3c/0x120
[  229.378915][ T6808]  ? __schedule+0x1b51/0x51f0
[  229.378965][ T6808]  ? __lock_acquire+0xad5/0xd80
[  229.378991][ T6808]  handle_mm_fault+0x1030/0x1aa0
[  229.379042][ T6808]  ? __pfx_handle_mm_fault+0x10/0x10
[  229.379066][ T6808]  ? lock_vma_under_rcu+0x1f0/0x9a0
[  229.379110][ T6808]  ? trace_irq_enable+0x2c/0x120
[  229.379148][ T6808]  exc_page_fault+0x45b/0x920
[  229.379174][ T6808]  ? do_syscall_64+0x100/0x230
[  229.379205][ T6808]  asm_exc_page_fault+0x26/0x30
[  229.379226][ T6808] RIP: 0033:0x7f15dbe5e7f6
[  229.379245][ T6808] Code: 00 00 00 00 41 57 31 c0 41 56 49 89 d6 41 55 49 89 f5 48 89 d6 41 54 49 89 fc 48 8d 3d 4e 13 1b 00 55 53 48 81 ec 88 20 00 00 <48> 89 0c 24 4c 89 44 24 08 e8 ac e7 fe ff 4d 85 f6 0f 84 46 0a 00
[  229.379262][ T6808] RSP: 002b:00007f15dcd19f70 EFLAGS: 00010202
[  229.379282][ T6808] RAX: 0000000000000000 RBX: 00007f15dc1a6160 RCX: 0000000000000000
[  229.379296][ T6808] RDX: 0000200000000000 RSI: 0000200000000000 RDI: 00007f15dc00fb3b
[  229.379311][ T6808] RBP: 00007f15dcd1c090 R08: 00007f15dbe4d330 R09: 0000000000000000
[  229.379326][ T6808] R10: 0000000000000000 R11: 0000200000000000 R12: 0000000000000000
[  229.379339][ T6808] R13: 000000000000005f R14: 0000200000000000 R15: 00007ffee79e5d08
[  229.379373][ T6808]  </TASK>
[  229.386347][    T9] usb 4-1: ch341-uart converter now attached to ttyUSB0
[  229.714969][ T6808] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[  229.971502][    T9] usb 4-1: USB disconnect, device number 13
[  230.016795][   T24] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  230.033494][    T9] ch341-uart ttyUSB0: ch341-uart converter now disconnected from ttyUSB0
[  230.077436][    T9] ch341 4-1:0.0: device disconnected
[  230.225919][   T24] usb 3-1: config 0 has no interfaces?
[  230.670256][   T24] usb 3-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  230.853189][   T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  230.862708][   T24] usb 3-1: Product: syz
[  230.882421][   T24] usb 3-1: Manufacturer: syz
[  230.901567][   T24] usb 3-1: SerialNumber: syz
[  230.963017][   T10] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  231.771000][   T24] usb 3-1: config 0 descriptor??
[  231.936913][   T10] usb 2-1: Using ep0 maxpacket: 8
[  231.955109][   T10] usb 2-1: config 0 has no interfaces?
[  231.963967][   T10] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  231.977245][   T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  232.018976][   T10] usb 2-1: config 0 descriptor??
[  232.333080][ T6821] loop9: detected capacity change from 0 to 7
[  232.342171][ T6821] Buffer I/O error on dev loop9, logical block 0, async page read
[  232.357587][ T6821] Buffer I/O error on dev loop9, logical block 0, async page read
[  232.365970][   T10] usb 4-1: new full-speed USB device number 14 using dummy_hcd
[  232.368162][ T6821] Buffer I/O error on dev loop9, logical block 0, async page read
[  232.481600][ T6821] Buffer I/O error on dev loop9, logical block 0, async page read
[  232.500244][ T6821] Buffer I/O error on dev loop9, logical block 0, async page read
[  232.509757][ T6821] Buffer I/O error on dev loop9, logical block 0, async page read
[  232.519205][ T6821] Buffer I/O error on dev loop9, logical block 0, async page read
[  232.527631][ T6821] ldm_validate_partition_table(): Disk read failed.
[  232.535103][ T6821] Buffer I/O error on dev loop9, logical block 0, async page read
[  232.544841][ T6821] Buffer I/O error on dev loop9, logical block 0, async page read
[  232.558724][ T6821] Buffer I/O error on dev loop9, logical block 0, async page read
[  232.568949][ T6821] Dev loop9: unable to read RDB block 0
[  232.575385][ T6821]  loop9: unable to read partition table
[  232.585195][ T6821] loop9: partition table beyond EOD, truncated
[  232.595341][ T6821] loop_reread_partitions: partition scan of loop9 (þ被x󟣑– ) failed (rc=-5)
[  232.620282][   T10] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  232.683102][   T10] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  232.707213][   T10] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  232.716891][   T10] usb 4-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[  232.738274][   T10] usb 4-1: Product: syz
[  232.746396][   T10] usb 4-1: Manufacturer: syz
[  232.816126][   T10] hub 4-1:4.0: USB hub found
[  233.092040][   T10] hub 4-1:4.0: 6 ports detected
[  233.097638][   T10] hub 4-1:4.0: insufficient power available to use all downstream ports
[  234.181219][   T10] hub 4-1:4.0: hub_hub_status failed (err = -32)
[  234.196089][   T10] hub 4-1:4.0: config failed, can't get hub status (err -32)
[  234.304909][   T24] usb 3-1: USB disconnect, device number 11
[  235.116878][   T10] usb 4-1: USB disconnect, device number 14
[  236.122206][ T6844] netlink: 8 bytes leftover after parsing attributes in process `syz.4.257'.
[  236.195927][ T5879] usb 2-1: USB disconnect, device number 8
[  236.285517][ T6861] FAULT_INJECTION: forcing a failure.
[  236.285517][ T6861] name failslab, interval 1, probability 0, space 0, times 0
[  236.337015][ T6861] CPU: 1 UID: 0 PID: 6861 Comm: syz.0.262 Not tainted 6.15.0-rc1-syzkaller-00060-ga24588245776 #0 PREEMPT(full) 
[  236.337045][ T6861] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  236.337058][ T6861] Call Trace:
[  236.337066][ T6861]  <TASK>
[  236.337080][ T6861]  dump_stack_lvl+0x241/0x360
[  236.337119][ T6861]  ? __pfx_dump_stack_lvl+0x10/0x10
[  236.337147][ T6861]  ? __pfx__printk+0x10/0x10
[  236.337179][ T6861]  ? __pfx___might_resched+0x10/0x10
[  236.337208][ T6861]  should_fail_ex+0x424/0x570
[  236.337236][ T6861]  should_failslab+0xac/0x100
[  236.337258][ T6861]  __kmalloc_noprof+0xdf/0x4d0
[  236.337293][ T6861]  ? tomoyo_realpath_from_path+0xc2/0x5e0
[  236.337313][ T6861]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[  236.337340][ T6861]  tomoyo_realpath_from_path+0xcf/0x5e0
[  236.337375][ T6861]  tomoyo_path_number_perm+0x245/0x790
[  236.337408][ T6861]  ? tomoyo_path_number_perm+0x215/0x790
[  236.337440][ T6861]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  236.337476][ T6861]  ? ksys_write+0x24e/0x2d0
[  236.337514][ T6861]  ? __lock_acquire+0xad5/0xd80
[  236.337554][ T6861]  ? __fget_files+0x2a/0x420
[  236.337577][ T6861]  ? __fget_files+0x2a/0x420
[  236.337604][ T6861]  ? __fget_files+0x2a/0x420
[  236.337633][ T6861]  security_file_ioctl+0xc6/0x2a0
[  236.337666][ T6861]  __se_sys_ioctl+0x46/0x160
[  236.337698][ T6861]  do_syscall_64+0xf3/0x230
[  236.337724][ T6861]  ? clear_bhb_loop+0x45/0xa0
[  236.337750][ T6861]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  236.337770][ T6861] RIP: 0033:0x7faa3658d169
[  236.337789][ T6861] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  236.337805][ T6861] RSP: 002b:00007faa343f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  236.337827][ T6861] RAX: ffffffffffffffda RBX: 00007faa367a5fa0 RCX: 00007faa3658d169
[  236.337841][ T6861] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  236.337853][ T6861] RBP: 00007faa343f6090 R08: 0000000000000000 R09: 0000000000000000
[  236.337866][ T6861] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  236.337878][ T6861] R13: 0000000000000000 R14: 00007faa367a5fa0 R15: 00007ffe7aeea918
[  236.337910][ T6861]  </TASK>
[  236.337918][ T6861] ERROR: Out of memory at tomoyo_realpath_from_path.
[  236.963345][ T6878] netlink: 16 bytes leftover after parsing attributes in process `syz.3.268'.
[  237.199880][ T6886] sg_write: data in/out 2031668/2 bytes for SCSI command 0x26-- guessing data in;
[  237.199880][ T6886]    program syz.2.270 not setting count and/or reply_len properly
[  238.706788][   T53] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  239.000371][ T6900] FAULT_INJECTION: forcing a failure.
[  239.000371][ T6900] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  239.036455][ T6900] CPU: 1 UID: 0 PID: 6900 Comm: syz.4.274 Not tainted 6.15.0-rc1-syzkaller-00060-ga24588245776 #0 PREEMPT(full) 
[  239.036486][ T6900] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  239.036499][ T6900] Call Trace:
[  239.036508][ T6900]  <TASK>
[  239.036517][ T6900]  dump_stack_lvl+0x241/0x360
[  239.036554][ T6900]  ? __pfx_dump_stack_lvl+0x10/0x10
[  239.036582][ T6900]  ? __pfx__printk+0x10/0x10
[  239.036622][ T6900]  should_fail_ex+0x424/0x570
[  239.036654][ T6900]  _copy_from_user+0x2d/0xb0
[  239.036685][ T6900]  copy_msghdr_from_user+0xb3/0x580
[  239.036729][ T6900]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  239.036753][ T6900]  ? __fget_files+0x2a/0x420
[  239.036780][ T6900]  ? __fget_files+0x2a/0x420
[  239.036813][ T6900]  __sys_sendmsg+0x20a/0x360
[  239.036841][ T6900]  ? __pfx___sys_sendmsg+0x10/0x10
[  239.036918][ T6900]  ? do_syscall_64+0xb6/0x230
[  239.036947][ T6900]  do_syscall_64+0xf3/0x230
[  239.036972][ T6900]  ? clear_bhb_loop+0x45/0xa0
[  239.036996][ T6900]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  239.037016][ T6900] RIP: 0033:0x7f9010b8d169
[  239.037034][ T6900] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  239.037050][ T6900] RSP: 002b:00007f90119b8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  239.037075][ T6900] RAX: ffffffffffffffda RBX: 00007f9010da5fa0 RCX: 00007f9010b8d169
[  239.037090][ T6900] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000003
[  239.037101][ T6900] RBP: 00007f90119b8090 R08: 0000000000000000 R09: 0000000000000000
[  239.037114][ T6900] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  239.037125][ T6900] R13: 0000000000000000 R14: 00007f9010da5fa0 R15: 00007fff3948e2d8
[  239.037157][ T6900]  </TASK>
[  239.213914][    C1] vkms_vblank_simulate: vblank timer overrun
[  239.225272][ T6904] xt_limit: Overflow, try lower: 687865856/40
[  239.264020][ T6906] syz_tun: entered allmulticast mode
[  239.271637][ T6906] netlink: 8 bytes leftover after parsing attributes in process `syz.1.276'.
[  239.281105][ T6906] netlink: 8 bytes leftover after parsing attributes in process `syz.1.276'.
[  239.376936][   T53] usb 1-1: Using ep0 maxpacket: 32
[  239.384578][   T53] usb 1-1: config 0 has an invalid interface number: 101 but max is 1
[  239.393056][   T53] usb 1-1: config 0 has an invalid interface number: 43 but max is 1
[  239.401289][   T53] usb 1-1: config 0 has no interface number 0
[  239.408561][   T53] usb 1-1: config 0 has no interface number 1
[  239.417390][   T53] usb 1-1: config 0 interface 101 has no altsetting 0
[  239.424597][   T53] usb 1-1: config 0 interface 43 has no altsetting 0
[  239.431612][   T53] usb 1-1: New USB device found, idVendor=1235, idProduct=0010, bcdDevice=59.84
[  239.440914][   T53] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  239.454151][   T53] usb 1-1: config 0 descriptor??
[  239.724816][   T24] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  239.771725][ T6893] netlink: 12 bytes leftover after parsing attributes in process `syz.0.271'.
[  239.864871][   T53] usb 1-1: string descriptor 0 read error: -71
[  239.916823][   T24] usb 2-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  239.963092][   T24] usb 2-1: config 220 has 1 interface, different from the descriptor's value: 3
[  239.987106][   T53] usb 1-1: USB disconnect, device number 6
[  240.007752][   T24] usb 2-1: config 220 interface 0 has no altsetting 0
[  240.053295][   T24] usb 2-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  240.094915][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  240.130848][   T24] usb 2-1: Product: syz
[  240.155589][   T24] usb 2-1: Manufacturer: syz
[  240.180273][   T24] usb 2-1: SerialNumber: syz
[  240.367013][ T5910] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  240.500044][ T6073] udevd[6073]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.101/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  240.808496][ T6905] syz_tun: left allmulticast mode
[  240.816977][   T24] usb 2-1: Found UVC 0.00 device syz (8086:0b07)
[  240.824016][   T24] usb 2-1: No valid video chain found.
[  240.870465][   T24] usb 2-1: USB disconnect, device number 9
[  240.887376][ T5910] usb 5-1: Using ep0 maxpacket: 16
[  240.906007][ T5910] usb 5-1: config 1 has an invalid descriptor of length 97, skipping remainder of the config
[  241.032877][ T5910] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  241.072474][ T5910] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  241.085539][ T5910] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  241.672252][ T5910] usb 5-1: Product: syz
[  241.676494][ T5910] usb 5-1: Manufacturer: syz
[  241.729359][ T5910] usb 5-1: SerialNumber: syz
[  242.005184][ T5910] usb 5-1: 0:2 : does not exist
[  242.023524][ T5910] usb 5-1: 5:0: failed to get current value for ch 0 (-22)
[  242.313118][ T5910] usb 5-1: USB disconnect, device number 19
[  242.840289][ T6073] udevd[6073]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  244.221571][ T6957] syz_tun: entered allmulticast mode
[  244.232230][ T6957] syz_tun: left allmulticast mode
[  245.767480][ T6968] tipc: Started in network mode
[  245.772640][ T6968] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[  245.820181][ T6968] tipc: Enabled bearer <udp:syz0>, priority 10
[  245.820770][ T6971] FAULT_INJECTION: forcing a failure.
[  245.820770][ T6971] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  245.826575][ T5845] Bluetooth: hci0: unexpected event for opcode 0x0c6d
[  246.136991][ T6971] CPU: 0 UID: 0 PID: 6971 Comm: syz.2.293 Not tainted 6.15.0-rc1-syzkaller-00060-ga24588245776 #0 PREEMPT(full) 
[  246.137023][ T6971] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  246.137047][ T6971] Call Trace:
[  246.137054][ T6971]  <TASK>
[  246.137064][ T6971]  dump_stack_lvl+0x241/0x360
[  246.137101][ T6971]  ? __pfx_dump_stack_lvl+0x10/0x10
[  246.137129][ T6971]  ? __pfx__printk+0x10/0x10
[  246.137170][ T6971]  should_fail_ex+0x424/0x570
[  246.137199][ T6971]  _copy_from_user+0x2d/0xb0
[  246.137224][ T6971]  copy_msghdr_from_user+0xb3/0x580
[  246.137249][ T6971]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  246.137267][ T6971]  ? __fget_files+0x2a/0x420
[  246.137287][ T6971]  ? __fget_files+0x2a/0x420
[  246.137318][ T6971]  __sys_sendmmsg+0x361/0x7b0
[  246.137343][ T6971]  ? __pfx___sys_sendmmsg+0x10/0x10
[  246.137384][ T6971]  ? rcu_read_lock_any_held+0xbb/0x160
[  246.137404][ T6971]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  246.137425][ T6971]  ? vfs_write+0xb29/0xd10
[  246.137453][ T6971]  ? ksys_write+0x24e/0x2d0
[  246.137475][ T6971]  ? __mutex_unlock_slowpath+0x229/0x800
[  246.137515][ T6971]  ? ksys_write+0x275/0x2d0
[  246.137544][ T6971]  __x64_sys_sendmmsg+0xa0/0xb0
[  246.137562][ T6971]  do_syscall_64+0xf3/0x230
[  246.137580][ T6971]  ? clear_bhb_loop+0x45/0xa0
[  246.137597][ T6971]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  246.137617][ T6971] RIP: 0033:0x7f15dbf8d169
[  246.137630][ T6971] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  246.137643][ T6971] RSP: 002b:00007f15dcd3d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  246.137659][ T6971] RAX: ffffffffffffffda RBX: 00007f15dc1a6080 RCX: 00007f15dbf8d169
[  246.137670][ T6971] RDX: 00000000040001b6 RSI: 0000200000001540 RDI: 0000000000000008
[  246.137679][ T6971] RBP: 00007f15dcd3d090 R08: 0000000000000000 R09: 0000000000000000
[  246.137688][ T6971] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  246.137697][ T6971] R13: 0000000000000000 R14: 00007f15dc1a6080 R15: 00007ffee79e5d08
[  246.137719][ T6971]  </TASK>
[  246.921854][   T10] tipc: Node number set to 1
[  247.568290][ T6982] FAULT_INJECTION: forcing a failure.
[  247.568290][ T6982] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  247.581610][ T6982] CPU: 1 UID: 0 PID: 6982 Comm: syz.4.296 Not tainted 6.15.0-rc1-syzkaller-00060-ga24588245776 #0 PREEMPT(full) 
[  247.581639][ T6982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  247.581653][ T6982] Call Trace:
[  247.581662][ T6982]  <TASK>
[  247.581671][ T6982]  dump_stack_lvl+0x241/0x360
[  247.581707][ T6982]  ? __pfx_dump_stack_lvl+0x10/0x10
[  247.581737][ T6982]  ? __pfx__printk+0x10/0x10
[  247.581778][ T6982]  should_fail_ex+0x424/0x570
[  247.581806][ T6982]  _copy_from_user+0x2d/0xb0
[  247.581838][ T6982]  copy_msghdr_from_user+0xb3/0x580
[  247.581874][ T6982]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  247.581900][ T6982]  ? __fget_files+0x2a/0x420
[  247.581928][ T6982]  ? __fget_files+0x2a/0x420
[  247.581959][ T6982]  __sys_sendmsg+0x20a/0x360
[  247.581981][ T6982]  ? __pfx___sys_sendmsg+0x10/0x10
[  247.582044][ T6982]  ? do_syscall_64+0xb6/0x230
[  247.582068][ T6982]  do_syscall_64+0xf3/0x230
[  247.582088][ T6982]  ? clear_bhb_loop+0x45/0xa0
[  247.582108][ T6982]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  247.582125][ T6982] RIP: 0033:0x7f9010b8d169
[  247.582141][ T6982] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  247.582155][ T6982] RSP: 002b:00007f90119b8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  247.582174][ T6982] RAX: ffffffffffffffda RBX: 00007f9010da5fa0 RCX: 00007f9010b8d169
[  247.582186][ T6982] RDX: 0000000000000000 RSI: 0000200000000940 RDI: 0000000000000005
[  247.582197][ T6982] RBP: 00007f90119b8090 R08: 0000000000000000 R09: 0000000000000000
[  247.582208][ T6982] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  247.582217][ T6982] R13: 0000000000000000 R14: 00007f9010da5fa0 R15: 00007fff3948e2d8
[  247.582242][ T6982]  </TASK>
[  247.763925][    C1] vkms_vblank_simulate: vblank timer overrun
[  248.151543][ T6994] netlink: 'syz.3.298': attribute type 4 has an invalid length.
[  249.945043][ T7003] FAULT_INJECTION: forcing a failure.
[  249.945043][ T7003] name failslab, interval 1, probability 0, space 0, times 0
[  251.062272][ T7003] CPU: 1 UID: 0 PID: 7003 Comm: syz.1.302 Not tainted 6.15.0-rc1-syzkaller-00060-ga24588245776 #0 PREEMPT(full) 
[  251.062307][ T7003] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  251.062321][ T7003] Call Trace:
[  251.062330][ T7003]  <TASK>
[  251.062339][ T7003]  dump_stack_lvl+0x241/0x360
[  251.062377][ T7003]  ? __pfx_dump_stack_lvl+0x10/0x10
[  251.062407][ T7003]  ? __pfx__printk+0x10/0x10
[  251.062441][ T7003]  ? __pfx___might_resched+0x10/0x10
[  251.062471][ T7003]  should_fail_ex+0x424/0x570
[  251.062499][ T7003]  should_failslab+0xac/0x100
[  251.062524][ T7003]  __kmalloc_noprof+0xdf/0x4d0
[  251.062545][ T7003]  ? tomoyo_realpath_from_path+0xc2/0x5e0
[  251.062566][ T7003]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[  251.062594][ T7003]  tomoyo_realpath_from_path+0xcf/0x5e0
[  251.062631][ T7003]  tomoyo_path_number_perm+0x245/0x790
[  251.062665][ T7003]  ? tomoyo_path_number_perm+0x215/0x790
[  251.062706][ T7003]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  251.062744][ T7003]  ? ksys_write+0x24e/0x2d0
[  251.062783][ T7003]  ? __lock_acquire+0xad5/0xd80
[  251.062825][ T7003]  ? __fget_files+0x2a/0x420
[  251.062850][ T7003]  ? __fget_files+0x2a/0x420
[  251.062878][ T7003]  ? __fget_files+0x2a/0x420
[  251.062909][ T7003]  security_file_ioctl+0xc6/0x2a0
[  251.062942][ T7003]  __se_sys_ioctl+0x46/0x160
[  251.062976][ T7003]  do_syscall_64+0xf3/0x230
[  251.063004][ T7003]  ? clear_bhb_loop+0x45/0xa0
[  251.063030][ T7003]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  251.063051][ T7003] RIP: 0033:0x7ff8f898d169
[  251.063070][ T7003] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  251.063088][ T7003] RSP: 002b:00007ff8f97fc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  251.063111][ T7003] RAX: ffffffffffffffda RBX: 00007ff8f8ba5fa0 RCX: 00007ff8f898d169
[  251.063127][ T7003] RDX: 0000200000000480 RSI: 00000000c04064a0 RDI: 0000000000000003
[  251.063142][ T7003] RBP: 00007ff8f97fc090 R08: 0000000000000000 R09: 0000000000000000
[  251.063155][ T7003] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  251.063168][ T7003] R13: 0000000000000000 R14: 00007ff8f8ba5fa0 R15: 00007ffc1184e398
[  251.063202][ T7003]  </TASK>
[  251.064820][ T7003] ERROR: Out of memory at tomoyo_realpath_from_path.
[  252.167904][ T7025] FAULT_INJECTION: forcing a failure.
[  252.167904][ T7025] name failslab, interval 1, probability 0, space 0, times 0
[  252.167990][ T7025] CPU: 1 UID: 0 PID: 7025 Comm: syz.0.308 Not tainted 6.15.0-rc1-syzkaller-00060-ga24588245776 #0 PREEMPT(full) 
[  252.168016][ T7025] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  252.168029][ T7025] Call Trace:
[  252.168037][ T7025]  <TASK>
[  252.168046][ T7025]  dump_stack_lvl+0x241/0x360
[  252.168083][ T7025]  ? __pfx_dump_stack_lvl+0x10/0x10
[  252.168113][ T7025]  ? __pfx__printk+0x10/0x10
[  252.168145][ T7025]  ? __pfx___might_resched+0x10/0x10
[  252.168175][ T7025]  should_fail_ex+0x424/0x570
[  252.168202][ T7025]  should_failslab+0xac/0x100
[  252.168226][ T7025]  kmem_cache_alloc_lru_noprof+0x7d/0x390
[  252.168248][ T7025]  ? sock_alloc_inode+0x28/0xc0
[  252.168274][ T7025]  ? __lock_acquire+0xad5/0xd80
[  252.168297][ T7025]  sock_alloc_inode+0x28/0xc0
[  252.168322][ T7025]  ? __pfx_sock_alloc_inode+0x10/0x10
[  252.168346][ T7025]  alloc_inode+0x69/0x1b0
[  252.168371][ T7025]  do_accept+0x130/0x700
[  252.168407][ T7025]  ? __pfx_do_accept+0x10/0x10
[  252.168463][ T7025]  io_accept+0x38b/0x950
[  252.168516][ T7025]  ? __pfx_io_accept+0x10/0x10
[  252.168547][ T7025]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  252.168579][ T7025]  __io_issue_sqe+0x1c9/0x3a0
[  252.168605][ T7025]  io_issue_sqe+0x1cb/0xe90
[  252.168631][ T7025]  ? __pfx_io_issue_sqe+0x10/0x10
[  252.168662][ T7025]  io_req_task_submit+0x10a/0x1c0
[  252.168697][ T7025]  io_poll_task_func+0xd65/0x11c0
[  252.168736][ T7025]  ? __pfx_io_poll_task_func+0x10/0x10
[  252.168770][ T7025]  ? percpu_ref_get_many+0x1f/0x1d0
[  252.168799][ T7025]  ? __pfx_io_poll_task_func+0x10/0x10
[  252.168828][ T7025]  io_handle_tw_list+0x219/0x500
[  252.168858][ T7025]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  252.168892][ T7025]  tctx_task_work_run+0x9a/0x370
[  252.168927][ T7025]  tctx_task_work+0x9e/0x100
[  252.168957][ T7025]  ? __pfx_tctx_task_work+0x10/0x10
[  252.168992][ T7025]  ? _raw_spin_unlock_irq+0x23/0x50
[  252.169011][ T7025]  ? lockdep_hardirqs_on+0x9d/0x150
[  252.169038][ T7025]  task_work_run+0x251/0x310
[  252.169076][ T7025]  ? __pfx_task_work_run+0x10/0x10
[  252.169109][ T7025]  ? __pfx_task_work_add+0x10/0x10
[  252.169141][ T7025]  ? __lock_acquire+0xad5/0xd80
[  252.169165][ T7025]  get_signal+0x15db/0x1730
[  252.169213][ T7025]  ? __pfx_get_signal+0x10/0x10
[  252.169245][ T7025]  ? _raw_spin_unlock_irqrestore+0xde/0x140
[  252.169275][ T7025]  arch_do_signal_or_restart+0x98/0x840
[  252.169310][ T7025]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  252.169356][ T7025]  ? syscall_exit_to_user_mode+0xa3/0x340
[  252.169385][ T7025]  syscall_exit_to_user_mode+0xce/0x340
[  252.169413][ T7025]  do_syscall_64+0x100/0x230
[  252.169439][ T7025]  ? clear_bhb_loop+0x45/0xa0
[  252.169464][ T7025]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  252.169484][ T7025] RIP: 0033:0x7faa3658d169
[  252.169510][ T7025] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  252.169528][ T7025] RSP: 002b:00007faa343f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000030
[  252.169550][ T7025] RAX: 0000000000000000 RBX: 00007faa367a5fa0 RCX: 00007faa3658d169
[  252.169565][ T7025] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[  252.169577][ T7025] RBP: 00007faa343f6090 R08: 0000000000000000 R09: 0000000000000000
[  252.169591][ T7025] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  252.169603][ T7025] R13: 0000000000000000 R14: 00007faa367a5fa0 R15: 00007ffe7aeea918
[  252.169636][ T7025]  </TASK>
[  252.496751][   T10] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  252.537816][ T7033] devpts: Bad value for 'uid'
[  253.619760][   T10] usb 5-1: config 0 has no interfaces?
[  253.709108][ T7042] netlink: 20 bytes leftover after parsing attributes in process `syz.2.312'.
[  254.372798][   T10] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  254.372823][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  254.372839][   T10] usb 5-1: Product: syz
[  254.372850][   T10] usb 5-1: Manufacturer: syz
[  254.372862][   T10] usb 5-1: SerialNumber: syz
[  254.375044][   T10] usb 5-1: config 0 descriptor??
[  254.621628][ T7045] netlink: 'syz.2.314': attribute type 4 has an invalid length.
[  255.208775][ T7055] overlayfs: missing 'lowerdir'
[  256.557982][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  256.619441][   T24] usb 5-1: USB disconnect, device number 20
[  256.937652][ T7067] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  258.679807][ T7066] FAULT_INJECTION: forcing a failure.
[  258.679807][ T7066] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  258.788436][ T7066] CPU: 1 UID: 0 PID: 7066 Comm: syz.2.318 Not tainted 6.15.0-rc1-syzkaller-00060-ga24588245776 #0 PREEMPT(full) 
[  258.788468][ T7066] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  258.788482][ T7066] Call Trace:
[  258.788490][ T7066]  <TASK>
[  258.788499][ T7066]  dump_stack_lvl+0x241/0x360
[  258.788538][ T7066]  ? __pfx_dump_stack_lvl+0x10/0x10
[  258.788566][ T7066]  ? __pfx__printk+0x10/0x10
[  258.788606][ T7066]  should_fail_ex+0x424/0x570
[  258.788635][ T7066]  _copy_to_user+0x31/0xb0
[  258.788669][ T7066]  simple_read_from_buffer+0xc4/0x170
[  258.788696][ T7066]  proc_fail_nth_read+0x1ef/0x260
[  258.788727][ T7066]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  258.788758][ T7066]  ? rw_verify_area+0x246/0x630
[  258.788786][ T7066]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  258.788815][ T7066]  vfs_read+0x21f/0xb90
[  258.788856][ T7066]  ? __pfx___mutex_lock+0x10/0x10
[  258.788883][ T7066]  ? __pfx_vfs_read+0x10/0x10
[  258.788915][ T7066]  ? __fget_files+0x2a/0x420
[  258.788941][ T7066]  ? __fget_files+0x39d/0x420
[  258.788970][ T7066]  ? __fget_files+0x2a/0x420
[  258.789004][ T7066]  ksys_read+0x19d/0x2d0
[  258.789036][ T7066]  ? __pfx_ksys_read+0x10/0x10
[  258.789072][ T7066]  ? do_syscall_64+0xb6/0x230
[  258.789102][ T7066]  do_syscall_64+0xf3/0x230
[  258.789129][ T7066]  ? clear_bhb_loop+0x45/0xa0
[  258.789154][ T7066]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  258.789176][ T7066] RIP: 0033:0x7f15dbf8bb7c
[  258.789194][ T7066] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  258.789213][ T7066] RSP: 002b:00007f15dcd3c030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  258.789234][ T7066] RAX: ffffffffffffffda RBX: 00007f15dc1a6080 RCX: 00007f15dbf8bb7c
[  258.789250][ T7066] RDX: 000000000000000f RSI: 00007f15dcd3c0a0 RDI: 0000000000000005
[  258.789264][ T7066] RBP: 00007f15dcd3c090 R08: 0000000000000000 R09: 0000000000000000
[  258.789277][ T7066] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  258.789289][ T7066] R13: 0000000000000000 R14: 00007f15dc1a6080 R15: 00007ffee79e5d08
[  258.789322][ T7066]  </TASK>
[  260.918026][ T7084] tap0: tun_chr_ioctl cmd 1074025677
[  260.924106][ T7084] tap0: linktype set to 778
[  260.954180][ T5845] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:201'
[  260.964124][ T5845] CPU: 1 UID: 0 PID: 5845 Comm: kworker/u9:9 Not tainted 6.15.0-rc1-syzkaller-00060-ga24588245776 #0 PREEMPT(full) 
[  260.964156][ T5845] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  260.964172][ T5845] Workqueue: hci4 hci_rx_work
[  260.964209][ T5845] Call Trace:
[  260.964218][ T5845]  <TASK>
[  260.964228][ T5845]  dump_stack_lvl+0x241/0x360
[  260.964265][ T5845]  ? __pfx_dump_stack_lvl+0x10/0x10
[  260.964296][ T5845]  ? __pfx__printk+0x10/0x10
[  260.964326][ T5845]  ? __rcu_read_unlock+0xa1/0x110
[  260.964364][ T5845]  ? kernfs_path_from_node+0x217/0x250
[  260.964396][ T5845]  sysfs_create_dir_ns+0x2fd/0x3f0
[  260.964426][ T5845]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  260.964465][ T5845]  kobject_add_internal+0x435/0x8d0
[  260.964505][ T5845]  kobject_add+0x15b/0x230
[  260.964533][ T5845]  ? preempt_schedule_thunk+0x16/0x30
[  260.964555][ T5845]  ? device_add+0x3e7/0xbf0
[  260.964581][ T5845]  ? __pfx_kobject_add+0x10/0x10
[  260.964627][ T5845]  ? _raw_spin_unlock+0x3e/0x50
[  260.964652][ T5845]  ? get_device_parent+0x165/0x410
[  260.964682][ T5845]  device_add+0x4e5/0xbf0
[  260.964716][ T5845]  hci_conn_add_sysfs+0xe8/0x200
[  260.964750][ T5845]  le_conn_complete_evt+0xc6e/0x12a0
[  260.964774][ T5845]  ? trace_irq_disable+0x3b/0x120
[  260.964822][ T5845]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  260.964846][ T5845]  ? irqentry_exit+0x63/0x90
[  260.964869][ T5845]  ? lockdep_hardirqs_on+0x9d/0x150
[  260.964903][ T5845]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[  260.964927][ T5845]  ? skb_pull_data+0x105/0x230
[  260.964958][ T5845]  hci_le_conn_complete_evt+0x18c/0x420
[  260.964991][ T5845]  hci_event_packet+0xa5c/0x1550
[  260.965029][ T5845]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  260.965063][ T5845]  ? __pfx_hci_event_packet+0x10/0x10
[  260.965110][ T5845]  ? kcov_remote_start+0x2e/0x7d0
[  260.965147][ T5845]  ? hci_send_to_monitor+0xdc/0x530
[  260.965177][ T5845]  hci_rx_work+0x3f3/0xdb0
[  260.965221][ T5845]  ? process_scheduled_works+0x9cb/0x18e0
[  260.965244][ T5845]  process_scheduled_works+0xac3/0x18e0
[  260.965301][ T5845]  ? __pfx_process_scheduled_works+0x10/0x10
[  260.965336][ T5845]  ? assign_work+0x367/0x3d0
[  260.965365][ T5845]  worker_thread+0x870/0xd50
[  260.965406][ T5845]  ? __kthread_parkme+0x1a8/0x200
[  260.965436][ T5845]  ? __pfx_worker_thread+0x10/0x10
[  260.965460][ T5845]  kthread+0x7b7/0x940
[  260.965491][ T5845]  ? __pfx_worker_thread+0x10/0x10
[  260.965517][ T5845]  ? __pfx_kthread+0x10/0x10
[  260.965543][ T5845]  ? __pfx_kthread+0x10/0x10
[  260.965570][ T5845]  ? __pfx_kthread+0x10/0x10
[  260.965597][ T5845]  ? __pfx_kthread+0x10/0x10
[  260.965625][ T5845]  ? _raw_spin_unlock_irq+0x23/0x50
[  260.965644][ T5845]  ? lockdep_hardirqs_on+0x9d/0x150
[  260.965668][ T5845]  ? __pfx_kthread+0x10/0x10
[  260.965697][ T5845]  ret_from_fork+0x4b/0x80
[  260.965718][ T5845]  ? __pfx_kthread+0x10/0x10
[  260.965745][ T5845]  ret_from_fork_asm+0x1a/0x30
[  260.965795][ T5845]  </TASK>
[  260.966170][ T5845] kobject: kobject_add_internal failed for hci4:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  261.276907][ T5845] Bluetooth: hci4: failed to register connection device
[  261.431423][ T7087] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  261.504360][ T7085] FAULT_INJECTION: forcing a failure.
[  261.504360][ T7085] name failslab, interval 1, probability 0, space 0, times 0
[  261.557052][ T7085] CPU: 1 UID: 0 PID: 7085 Comm: syz.2.324 Not tainted 6.15.0-rc1-syzkaller-00060-ga24588245776 #0 PREEMPT(full) 
[  261.557083][ T7085] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  261.557096][ T7085] Call Trace:
[  261.557104][ T7085]  <TASK>
[  261.557113][ T7085]  dump_stack_lvl+0x241/0x360
[  261.557150][ T7085]  ? __pfx_dump_stack_lvl+0x10/0x10
[  261.557178][ T7085]  ? __pfx__printk+0x10/0x10
[  261.557210][ T7085]  ? __pfx___might_resched+0x10/0x10
[  261.557239][ T7085]  should_fail_ex+0x424/0x570
[  261.557266][ T7085]  should_failslab+0xac/0x100
[  261.557289][ T7085]  __kmalloc_noprof+0xdf/0x4d0
[  261.557308][ T7085]  ? tomoyo_realpath_from_path+0xc2/0x5e0
[  261.557329][ T7085]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[  261.557356][ T7085]  tomoyo_realpath_from_path+0xcf/0x5e0
[  261.557391][ T7085]  tomoyo_path_number_perm+0x245/0x790
[  261.557425][ T7085]  ? tomoyo_path_number_perm+0x215/0x790
[  261.557456][ T7085]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  261.557492][ T7085]  ? ksys_write+0x24e/0x2d0
[  261.557530][ T7085]  ? __lock_acquire+0xad5/0xd80
[  261.557570][ T7085]  ? __fget_files+0x2a/0x420
[  261.557594][ T7085]  ? __fget_files+0x2a/0x420
[  261.557621][ T7085]  ? __fget_files+0x2a/0x420
[  261.557651][ T7085]  security_file_ioctl+0xc6/0x2a0
[  261.557684][ T7085]  __se_sys_ioctl+0x46/0x160
[  261.557717][ T7085]  do_syscall_64+0xf3/0x230
[  261.557743][ T7085]  ? clear_bhb_loop+0x45/0xa0
[  261.557769][ T7085]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  261.557789][ T7085] RIP: 0033:0x7f15dbf8d169
[  261.557807][ T7085] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  261.557824][ T7085] RSP: 002b:00007f15dcd3d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  261.557846][ T7085] RAX: ffffffffffffffda RBX: 00007f15dc1a6080 RCX: 00007f15dbf8d169
[  261.557862][ T7085] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000007
[  261.557874][ T7085] RBP: 00007f15dcd3d090 R08: 0000000000000000 R09: 0000000000000000
[  261.557887][ T7085] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  261.557899][ T7085] R13: 0000000000000000 R14: 00007f15dc1a6080 R15: 00007ffee79e5d08
[  261.557932][ T7085]  </TASK>
[  261.557940][ T7085] ERROR: Out of memory at tomoyo_realpath_from_path.
[  261.852390][ T7087] xt_SECMARK: unable to map security context 'system_u:object_r:dbusd_etc_t:s0'
[  264.452574][ T7109] overlayfs: missing 'lowerdir'
[  264.579128][ T5879] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  264.767961][ T5879] usb 5-1: Using ep0 maxpacket: 8
[  265.118598][ T7110] syz_tun: entered allmulticast mode
[  265.126970][ T7110] syz_tun: left allmulticast mode
[  265.435891][ T5879] usb 5-1: device descriptor read/all, error -71
[  265.498263][ T7114] netlink: 8 bytes leftover after parsing attributes in process `syz.0.330'.
[  265.507197][ T7114] netlink: 4 bytes leftover after parsing attributes in process `syz.0.330'.
[  265.569871][ T7114] ipvlan2: entered allmulticast mode
[  265.575369][ T7114] veth0_vlan: entered allmulticast mode
[  267.528300][ T5843] Bluetooth: hci4: command 0x0406 tx timeout
[  267.602084][ T7128] FAULT_INJECTION: forcing a failure.
[  267.602084][ T7128] name failslab, interval 1, probability 0, space 0, times 0
[  267.615125][ T7128] CPU: 0 UID: 0 PID: 7128 Comm: syz.0.334 Not tainted 6.15.0-rc1-syzkaller-00060-ga24588245776 #0 PREEMPT(full) 
[  267.615154][ T7128] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  267.615168][ T7128] Call Trace:
[  267.615176][ T7128]  <TASK>
[  267.615185][ T7128]  dump_stack_lvl+0x241/0x360
[  267.615230][ T7128]  ? __pfx_dump_stack_lvl+0x10/0x10
[  267.615260][ T7128]  ? __pfx__printk+0x10/0x10
[  267.615294][ T7128]  ? should_fail_ex+0x3d1/0x570
[  267.615321][ T7128]  should_fail_ex+0x424/0x570
[  267.615349][ T7128]  should_failslab+0xac/0x100
[  267.615372][ T7128]  kmem_cache_alloc_noprof+0x78/0x390
[  267.615394][ T7128]  ? prepare_creds+0x31/0x6f0
[  267.615421][ T7128]  ? ksys_write+0x275/0x2d0
[  267.615454][ T7128]  prepare_creds+0x31/0x6f0
[  267.615488][ T7128]  __sys_setgid+0x93/0x300
[  267.615512][ T7128]  do_syscall_64+0xf3/0x230
[  267.615539][ T7128]  ? clear_bhb_loop+0x45/0xa0
[  267.615565][ T7128]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  267.615586][ T7128] RIP: 0033:0x7faa3658d169
[  267.615606][ T7128] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  267.615624][ T7128] RSP: 002b:00007faa343b4038 EFLAGS: 00000246 ORIG_RAX: 000000000000006a
[  267.615648][ T7128] RAX: ffffffffffffffda RBX: 00007faa367a6160 RCX: 00007faa3658d169
[  267.615664][ T7128] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  267.615678][ T7128] RBP: 00007faa343b4090 R08: 0000000000000000 R09: 0000000000000000
[  267.615691][ T7128] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  267.615705][ T7128] R13: 0000000000000000 R14: 00007faa367a6160 R15: 00007ffe7aeea918
[  267.615738][ T7128]  </TASK>
[  268.132304][ T7122] (unnamed net_device) (uninitialized): ARP target 1.0.0.0 is already present
[  268.165743][ T7122] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (1)
[  269.351555][   T24] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  269.597389][ T7144] tap0: tun_chr_ioctl cmd 1074025677
[  269.603537][ T7144] tap0: linktype set to 778
[  269.677028][ T5845] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[  270.299646][   T24] usb 1-1: Using ep0 maxpacket: 16
[  270.337871][   T24] usb 1-1: config 1 interface 0 altsetting 5 endpoint 0x81 has an invalid bInterval 112, changing to 10
[  270.422942][   T24] usb 1-1: config 1 interface 0 has no altsetting 0
[  270.435821][   T24] usb 1-1: New USB device found, idVendor=05ac, idProduct=025b, bcdDevice= 0.40
[  270.478384][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  270.486447][   T24] usb 1-1: Product: syz
[  270.596978][   T24] usb 1-1: Manufacturer: syz
[  270.606091][   T24] usb 1-1: SerialNumber: syz
[  270.920932][   T24] input: bcm5974 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/input/input10
[  270.940246][ T5184] bcm5974 1-1:1.0: could not read from device
[  270.956314][   T24] usb 1-1: USB disconnect, device number 7
[  271.041492][ T7157] overlayfs: missing 'lowerdir'
[  271.133379][    T9] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  271.623825][    T9] usb 4-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=e2.3d
[  271.674169][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  271.732154][    T9] usb 4-1: Product: syz
[  271.756011][    T9] usb 4-1: Manufacturer: syz
[  271.807172][    T9] usb 4-1: SerialNumber: syz
[  271.854892][ T7162] netlink: 'syz.1.344': attribute type 10 has an invalid length.
[  271.876489][    T9] r8152-cfgselector 4-1: Unknown version 0x0000
[  271.901342][    T9] r8152-cfgselector 4-1: config 0 descriptor??
[  271.995841][ T7162] veth0_vlan: left promiscuous mode
[  272.468998][ T7162] veth0_vlan: entered promiscuous mode
[  272.543819][ T7162] team0: Device veth0_vlan failed to register rx_handler
[  273.284119][ T7162] syz.1.344 (7162) used greatest stack depth: 19448 bytes left
[  273.324886][ T5883] r8152-cfgselector 4-1: USB disconnect, device number 15
[  273.593932][   T30] audit: type=1326 audit(1744226451.430:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7177 comm="syz.0.349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa3658d169 code=0x7ffc0000
[  273.703505][   T30] audit: type=1326 audit(1744226451.430:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7177 comm="syz.0.349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa3658d169 code=0x7ffc0000
[  273.839477][   T30] audit: type=1326 audit(1744226451.460:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7177 comm="syz.0.349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7faa3658d169 code=0x7ffc0000
[  273.937805][ T7185] loop2: detected capacity change from 0 to 7
[  273.954815][   T30] audit: type=1326 audit(1744226451.460:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7177 comm="syz.0.349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa3658d169 code=0x7ffc0000
[  273.977852][ T7185] Dev loop2: unable to read RDB block 7
[  274.017269][ T7185]  loop2: AHDI p3
[  274.022471][ T7185] loop2: partition table partially beyond EOD, truncated
[  274.245179][   T30] audit: type=1326 audit(1744226451.460:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7177 comm="syz.0.349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa3658d169 code=0x7ffc0000
[  276.936731][   T30] audit: type=1326 audit(1744226451.460:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7177 comm="syz.0.349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7faa3658d169 code=0x7ffc0000
[  277.189816][   T30] audit: type=1326 audit(1744226451.460:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7177 comm="syz.0.349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa3658d169 code=0x7ffc0000
[  277.325957][   T30] audit: type=1326 audit(1744226451.460:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7177 comm="syz.0.349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faa3658d169 code=0x7ffc0000
[  277.405172][   T30] audit: type=1326 audit(1744226451.460:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7177 comm="syz.0.349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa3658d169 code=0x7ffc0000
[  277.464505][   T30] audit: type=1326 audit(1744226451.460:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7177 comm="syz.0.349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7faa3658d169 code=0x7ffc0000
[  277.682860][ T7207] overlayfs: missing 'lowerdir'
[  278.976362][ T7225] FAULT_INJECTION: forcing a failure.
[  278.976362][ T7225] name failslab, interval 1, probability 0, space 0, times 0
[  278.989165][ T7225] CPU: 1 UID: 0 PID: 7225 Comm: syz.2.362 Not tainted 6.15.0-rc1-syzkaller-00060-ga24588245776 #0 PREEMPT(full) 
[  278.989201][ T7225] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  278.989215][ T7225] Call Trace:
[  278.989224][ T7225]  <TASK>
[  278.989233][ T7225]  dump_stack_lvl+0x241/0x360
[  278.989270][ T7225]  ? __pfx_dump_stack_lvl+0x10/0x10
[  278.989299][ T7225]  ? __pfx__printk+0x10/0x10
[  278.989332][ T7225]  ? __pfx___might_resched+0x10/0x10
[  278.989355][ T7225]  ? lock_acquire+0x167/0x2f0
[  278.989379][ T7225]  should_fail_ex+0x424/0x570
[  278.989406][ T7225]  should_failslab+0xac/0x100
[  278.989430][ T7225]  kmem_cache_alloc_node_noprof+0x7d/0x3b0
[  278.989453][ T7225]  ? __alloc_skb+0x1c2/0x480
[  278.989478][ T7225]  __alloc_skb+0x1c2/0x480
[  278.989504][ T7225]  ? __pfx___alloc_skb+0x10/0x10
[  278.989521][ T7225]  ? __rcu_read_unlock+0xa1/0x110
[  278.989555][ T7225]  ? netlink_autobind+0xd6/0x2f0
[  278.989584][ T7225]  ? netlink_autobind+0x2b0/0x2f0
[  278.989618][ T7225]  netlink_sendmsg+0x638/0xcd0
[  278.989662][ T7225]  ? __pfx_netlink_sendmsg+0x10/0x10
[  278.989694][ T7225]  ? tomoyo_socket_sendmsg_permission+0x130/0x420
[  278.989716][ T7225]  ? __sock_sendmsg+0x54/0x270
[  278.989750][ T7225]  ? __pfx_netlink_sendmsg+0x10/0x10
[  278.989778][ T7225]  __sock_sendmsg+0x221/0x270
[  278.989810][ T7225]  ____sys_sendmsg+0x523/0x860
[  278.989842][ T7225]  ? __pfx_____sys_sendmsg+0x10/0x10
[  278.989861][ T7225]  ? __fget_files+0x2a/0x420
[  278.989889][ T7225]  ? __fget_files+0x2a/0x420
[  278.989923][ T7225]  __sys_sendmsg+0x271/0x360
[  278.989952][ T7225]  ? __pfx___sys_sendmsg+0x10/0x10
[  278.989971][ T7225]  ? trace_sched_exit_tp+0x3c/0x120
[  278.990066][ T7225]  do_syscall_64+0xf3/0x230
[  278.990092][ T7225]  ? clear_bhb_loop+0x45/0xa0
[  278.990118][ T7225]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  278.990139][ T7225] RIP: 0033:0x7f15dbf8d169
[  278.990157][ T7225] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  278.990183][ T7225] RSP: 002b:00007f15dcd1c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  278.990206][ T7225] RAX: ffffffffffffffda RBX: 00007f15dc1a6160 RCX: 00007f15dbf8d169
[  278.990222][ T7225] RDX: 000000000000a000 RSI: 0000200000000280 RDI: 0000000000000003
[  278.990235][ T7225] RBP: 00007f15dcd1c090 R08: 0000000000000000 R09: 0000000000000000
[  278.990249][ T7225] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  278.990262][ T7225] R13: 0000000000000000 R14: 00007f15dc1a6160 R15: 00007ffee79e5d08
[  278.990294][ T7225]  </TASK>
[  281.737141][   T24] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  281.932248][   T24] usb 5-1: Using ep0 maxpacket: 32
[  281.961258][   T24] usb 5-1: config 0 has an invalid interface number: 184 but max is 0
[  282.176425][   T24] usb 5-1: config 0 has no interface number 0
[  282.182817][   T24] usb 5-1: config 0 interface 184 has no altsetting 0
[  282.192986][   T24] usb 5-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  282.202374][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  282.211827][   T24] usb 5-1: Product: syz
[  282.216118][   T24] usb 5-1: Manufacturer: syz
[  282.220873][   T24] usb 5-1: SerialNumber: syz
[  282.230728][   T24] usb 5-1: config 0 descriptor??
[  282.300345][ T7249] overlayfs: missing 'lowerdir'
[  282.976825][   T24] smsc75xx v1.0.0
[  284.257462][ T7261] netlink: 'syz.1.374': attribute type 10 has an invalid length.
[  284.301482][ T7261] veth0_vlan: left promiscuous mode
[  284.312237][ T7261] veth0_vlan: entered promiscuous mode
[  284.336870][   T24] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -32
[  284.352873][   T24] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  284.372013][ T7261] team0: Device veth0_vlan failed to register rx_handler
[  284.810451][ T7237] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  284.890805][ T7237] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  284.908930][ T7265] netlink: 'syz.1.375': attribute type 1 has an invalid length.
[  285.140973][   T24] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000010: -71
[  285.171830][   T24] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Failed to write HW_CFG: -71
[  285.196756][   T24] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[  285.224826][   T24] smsc75xx 5-1:0.184: probe with driver smsc75xx failed with error -71
[  285.287355][   T24] usb 5-1: USB disconnect, device number 23
[  285.488006][   T10] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  285.666764][ T5883] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  285.718471][ T7283] overlayfs: missing 'lowerdir'
[  286.322881][   T10] usb 1-1: config 8 has an invalid interface number: 236 but max is 0
[  286.331625][   T10] usb 1-1: config 8 has an invalid descriptor of length 215, skipping remainder of the config
[  286.347000][   T10] usb 1-1: config 8 has no interface number 0
[  286.353409][   T10] usb 1-1: config 8 interface 236 altsetting 128 endpoint 0x1 has invalid maxpacket 512, setting to 64
[  286.369348][   T10] usb 1-1: config 8 interface 236 altsetting 128 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  286.384418][   T10] usb 1-1: config 8 interface 236 has no altsetting 0
[  286.429535][ T5883] usb 3-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=e2.3d
[  286.452239][   T10] usb 1-1: New USB device found, idVendor=10c4, idProduct=f004, bcdDevice=a6.71
[  286.475011][ T5883] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  286.519210][   T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  286.533664][ T5883] usb 3-1: Product: syz
[  286.538339][   T10] usb 1-1: Product: syz
[  286.542885][ T5883] usb 3-1: Manufacturer: syz
[  286.551752][   T10] usb 1-1: Manufacturer: syz
[  286.556420][   T10] usb 1-1: SerialNumber: syz
[  286.561722][ T5883] usb 3-1: SerialNumber: syz
[  286.588280][ T5883] r8152-cfgselector 3-1: Unknown version 0x0000
[  286.595744][ T5883] r8152-cfgselector 3-1: config 0 descriptor??
[  286.649857][ T7288] FAULT_INJECTION: forcing a failure.
[  286.649857][ T7288] name failslab, interval 1, probability 0, space 0, times 0
[  286.665279][ T7288] CPU: 1 UID: 0 PID: 7288 Comm: syz.3.385 Not tainted 6.15.0-rc1-syzkaller-00060-ga24588245776 #0 PREEMPT(full) 
[  286.665309][ T7288] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  286.665322][ T7288] Call Trace:
[  286.665330][ T7288]  <TASK>
[  286.665338][ T7288]  dump_stack_lvl+0x241/0x360
[  286.665377][ T7288]  ? __pfx_dump_stack_lvl+0x10/0x10
[  286.665408][ T7288]  ? __pfx__printk+0x10/0x10
[  286.665441][ T7288]  ? __pfx___might_resched+0x10/0x10
[  286.665470][ T7288]  should_fail_ex+0x424/0x570
[  286.665497][ T7288]  should_failslab+0xac/0x100
[  286.665521][ T7288]  kmem_cache_alloc_node_noprof+0x7d/0x3b0
[  286.665560][ T7288]  ? __alloc_skb+0x1c2/0x480
[  286.665592][ T7288]  __alloc_skb+0x1c2/0x480
[  286.665617][ T7288]  ? __pfx___alloc_skb+0x10/0x10
[  286.665644][ T7288]  ? netlink_autobind+0xd6/0x2f0
[  286.665674][ T7288]  ? netlink_autobind+0x2b0/0x2f0
[  286.665719][ T7288]  netlink_sendmsg+0x638/0xcd0
[  286.665770][ T7288]  ? __pfx_netlink_sendmsg+0x10/0x10
[  286.665815][ T7288]  ? __pfx_netlink_sendmsg+0x10/0x10
[  286.665843][ T7288]  __sock_sendmsg+0x221/0x270
[  286.665874][ T7288]  ____sys_sendmsg+0x523/0x860
[  286.665914][ T7288]  ? __pfx_____sys_sendmsg+0x10/0x10
[  286.665934][ T7288]  ? __fget_files+0x2a/0x420
[  286.665965][ T7288]  ? __fget_files+0x2a/0x420
[  286.666000][ T7288]  __sys_sendmsg+0x271/0x360
[  286.666029][ T7288]  ? __pfx___sys_sendmsg+0x10/0x10
[  286.666111][ T7288]  ? do_syscall_64+0xb6/0x230
[  286.666140][ T7288]  do_syscall_64+0xf3/0x230
[  286.666165][ T7288]  ? clear_bhb_loop+0x45/0xa0
[  286.666190][ T7288]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  286.666211][ T7288] RIP: 0033:0x7f55e598d169
[  286.666230][ T7288] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  286.666248][ T7288] RSP: 002b:00007f55e67e8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  286.666271][ T7288] RAX: ffffffffffffffda RBX: 00007f55e5ba5fa0 RCX: 00007f55e598d169
[  286.666286][ T7288] RDX: 0000000000000100 RSI: 00002000000000c0 RDI: 0000000000000003
[  286.666299][ T7288] RBP: 00007f55e67e8090 R08: 0000000000000000 R09: 0000000000000000
[  286.666313][ T7288] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  286.666325][ T7288] R13: 0000000000000000 R14: 00007f55e5ba5fa0 R15: 00007ffd0f7e94a8
[  286.666357][ T7288]  </TASK>
[  286.813796][   T10] cp210x 1-1:8.236: cp210x converter detected
[  286.829208][ T7295] FAULT_INJECTION: forcing a failure.
[  286.829208][ T7295] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  286.829275][ T7295] CPU: 1 UID: 0 PID: 7295 Comm: syz.4.384 Not tainted 6.15.0-rc1-syzkaller-00060-ga24588245776 #0 PREEMPT(full) 
[  286.829301][ T7295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  286.829314][ T7295] Call Trace:
[  286.829322][ T7295]  <TASK>
[  286.829330][ T7295]  dump_stack_lvl+0x241/0x360
[  286.829368][ T7295]  ? __pfx_dump_stack_lvl+0x10/0x10
[  286.829397][ T7295]  ? __pfx__printk+0x10/0x10
[  286.829440][ T7295]  should_fail_ex+0x424/0x570
[  286.829467][ T7295]  _copy_to_iter+0x1f6/0x1c90
[  286.829501][ T7295]  ? seq_printf+0x12c/0x270
[  286.829540][ T7295]  ? __pfx__copy_to_iter+0x10/0x10
[  286.829564][ T7295]  ? __up_read+0x2c4/0x6b0
[  286.829593][ T7295]  ? __pfx___up_read+0x10/0x10
[  286.829620][ T7295]  ? seq_read_iter+0xb0f/0xda0
[  286.829657][ T7295]  seq_read_iter+0xb7b/0xda0
[  286.829722][ T7295]  proc_reg_read_iter+0x1c2/0x290
[  286.829757][ T7295]  vfs_read+0x9a0/0xb90
[  286.829795][ T7295]  ? __pfx_vfs_read+0x10/0x10
[  286.829827][ T7295]  ? __fget_files+0x2a/0x420
[  286.829853][ T7295]  ? __fget_files+0x2a/0x420
[  286.829887][ T7295]  ksys_read+0x19d/0x2d0
[  286.829918][ T7295]  ? __pfx_ksys_read+0x10/0x10
[  286.829957][ T7295]  ? do_syscall_64+0xb6/0x230
[  286.829990][ T7295]  do_syscall_64+0xf3/0x230
[  286.830020][ T7295]  ? clear_bhb_loop+0x45/0xa0
[  286.830046][ T7295]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  286.830069][ T7295] RIP: 0033:0x7f9010b8d169
[  286.830090][ T7295] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  286.830109][ T7295] RSP: 002b:00007f9011997038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  286.830134][ T7295] RAX: ffffffffffffffda RBX: 00007f9010da6080 RCX: 00007f9010b8d169
[  286.830150][ T7295] RDX: 0000000000002020 RSI: 0000200000000200 RDI: 0000000000000004
[  286.830165][ T7295] RBP: 00007f9011997090 R08: 0000000000000000 R09: 0000000000000000
[  286.830179][ T7295] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  286.830193][ T7295] R13: 0000000000000000 R14: 00007f9010da6080 R15: 00007fff3948e2d8
[  286.830230][ T7295]  </TASK>
[  287.076935][ T5910] usb 2-1: new full-speed USB device number 10 using dummy_hcd
[  287.241400][   T24] r8152-cfgselector 3-1: USB disconnect, device number 12
[  287.305003][   T10] usb 1-1: cp210x converter now attached to ttyUSB0
[  287.337394][ T5910] usb 2-1: device descriptor read/64, error -71
[  287.491258][   T24] usb 1-1: USB disconnect, device number 8
[  287.513693][   T24] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  287.545362][   T24] cp210x 1-1:8.236: device disconnected
[  287.576901][ T5910] usb 2-1: new full-speed USB device number 11 using dummy_hcd
[  287.707218][ T5910] usb 2-1: device descriptor read/64, error -71
[  287.822066][ T5910] usb usb2-port1: attempt power cycle
[  288.996497][ T5845] Bluetooth: hci4: command 0x0406 tx timeout
[  289.649872][ T5910] usb 2-1: new full-speed USB device number 12 using dummy_hcd
[  290.023994][ T5910] usb 2-1: device descriptor read/8, error -71
[  291.926887][    T9] usb 1-1: new full-speed USB device number 9 using dummy_hcd
[  291.976830][ T5883] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  291.996453][ T7361] FAULT_INJECTION: forcing a failure.
[  291.996453][ T7361] name failslab, interval 1, probability 0, space 0, times 0
[  292.016900][ T7361] CPU: 1 UID: 0 PID: 7361 Comm: syz.3.403 Not tainted 6.15.0-rc1-syzkaller-00060-ga24588245776 #0 PREEMPT(full) 
[  292.016931][ T7361] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  292.016944][ T7361] Call Trace:
[  292.016953][ T7361]  <TASK>
[  292.016961][ T7361]  dump_stack_lvl+0x241/0x360
[  292.016999][ T7361]  ? __pfx_dump_stack_lvl+0x10/0x10
[  292.017028][ T7361]  ? __pfx__printk+0x10/0x10
[  292.017060][ T7361]  ? __pfx___might_resched+0x10/0x10
[  292.017088][ T7361]  should_fail_ex+0x424/0x570
[  292.017116][ T7361]  should_failslab+0xac/0x100
[  292.017138][ T7361]  kmem_cache_alloc_node_noprof+0x7d/0x3b0
[  292.017162][ T7361]  ? __alloc_skb+0x1c2/0x480
[  292.017186][ T7361]  __alloc_skb+0x1c2/0x480
[  292.017211][ T7361]  ? __pfx___alloc_skb+0x10/0x10
[  292.017240][ T7361]  ? netlink_autobind+0xd6/0x2f0
[  292.017269][ T7361]  ? netlink_autobind+0x2b0/0x2f0
[  292.017304][ T7361]  netlink_sendmsg+0x638/0xcd0
[  292.017348][ T7361]  ? __pfx_netlink_sendmsg+0x10/0x10
[  292.017392][ T7361]  ? __pfx_netlink_sendmsg+0x10/0x10
[  292.017419][ T7361]  __sock_sendmsg+0x221/0x270
[  292.017450][ T7361]  ____sys_sendmsg+0x523/0x860
[  292.017482][ T7361]  ? __pfx_____sys_sendmsg+0x10/0x10
[  292.017501][ T7361]  ? __fget_files+0x2a/0x420
[  292.017529][ T7361]  ? __fget_files+0x2a/0x420
[  292.017562][ T7361]  __sys_sendmmsg+0x3a0/0x7b0
[  292.017598][ T7361]  ? __pfx___sys_sendmmsg+0x10/0x10
[  292.017659][ T7361]  ? rcu_read_lock_any_held+0xbb/0x160
[  292.017686][ T7361]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  292.017715][ T7361]  ? vfs_write+0xb29/0xd10
[  292.017754][ T7361]  ? ksys_write+0x24e/0x2d0
[  292.017786][ T7361]  ? __mutex_unlock_slowpath+0x229/0x800
[  292.017842][ T7361]  ? ksys_write+0x275/0x2d0
[  292.017883][ T7361]  __x64_sys_sendmmsg+0xa0/0xb0
[  292.017907][ T7361]  do_syscall_64+0xf3/0x230
[  292.017933][ T7361]  ? clear_bhb_loop+0x45/0xa0
[  292.017958][ T7361]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  292.017979][ T7361] RIP: 0033:0x7f55e598d169
[  292.017998][ T7361] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  292.018016][ T7361] RSP: 002b:00007f55e67e8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  292.018038][ T7361] RAX: ffffffffffffffda RBX: 00007f55e5ba5fa0 RCX: 00007f55e598d169
[  292.018053][ T7361] RDX: 040000000000009f RSI: 00002000000002c0 RDI: 0000000000000006
[  292.018067][ T7361] RBP: 00007f55e67e8090 R08: 0000000000000000 R09: 0000000000000000
[  292.018080][ T7361] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  292.018092][ T7361] R13: 0000000000000000 R14: 00007f55e5ba5fa0 R15: 00007ffd0f7e94a8
[  292.018125][ T7361]  </TASK>
[  292.288211][    C1] vkms_vblank_simulate: vblank timer overrun
[  292.322716][    T9] usb 1-1: config 5 has an invalid interface number: 66 but max is 3
[  292.331231][    T9] usb 1-1: config 5 has an invalid interface number: 33 but max is 3
[  292.340057][    T9] usb 1-1: config 5 has an invalid interface number: 190 but max is 3
[  292.369244][    T9] usb 1-1: config 5 contains an unexpected descriptor of type 0x2, skipping
[  292.395970][    T9] usb 1-1: config 5 contains an unexpected descriptor of type 0x1, skipping
[  292.399494][ T5883] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  292.438231][    T9] usb 1-1: config 5 contains an unexpected descriptor of type 0x1, skipping
[  292.448113][ T5910] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  292.611874][ T5883] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  292.622325][    T9] usb 1-1: config 5 has an invalid interface number: 8 but max is 3
[  292.635350][ T5883] usb 5-1: New USB device found, idVendor=28bd, idProduct=0051, bcdDevice= 0.00
[  292.645692][    T9] usb 1-1: config 5 has no interface number 0
[  292.653654][ T5883] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  292.663640][    T9] usb 1-1: config 5 has no interface number 1
[  292.670648][    T9] usb 1-1: config 5 has no interface number 2
[  292.678937][    T9] usb 1-1: config 5 has no interface number 3
[  292.680842][ T7370] FAULT_INJECTION: forcing a failure.
[  292.680842][ T7370] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  292.686370][    T9] usb 1-1: config 5 interface 66 altsetting 7 has an invalid descriptor for endpoint zero, skipping
[  292.702322][ T7370] CPU: 1 UID: 0 PID: 7370 Comm: syz.2.407 Not tainted 6.15.0-rc1-syzkaller-00060-ga24588245776 #0 PREEMPT(full) 
[  292.702356][ T7370] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  292.702370][ T7370] Call Trace:
[  292.702380][ T7370]  <TASK>
[  292.702390][ T7370]  dump_stack_lvl+0x241/0x360
[  292.702431][ T7370]  ? __pfx_dump_stack_lvl+0x10/0x10
[  292.702462][ T7370]  ? __pfx__printk+0x10/0x10
[  292.702508][ T7370]  should_fail_ex+0x424/0x570
[  292.702537][ T7370]  _copy_to_iter+0x1f6/0x1c90
[  292.702585][ T7370]  ? __pfx__copy_to_iter+0x10/0x10
[  292.702617][ T7370]  ? __pfx_process_measurement+0x10/0x10
[  292.702659][ T7370]  ? skb_recv_datagram+0x26e/0x310
[  292.702691][ T7370]  __skb_datagram_iter+0x101/0x940
[  292.702721][ T7370]  ? __pfx_simple_copy_to_iter+0x10/0x10
[  292.702757][ T7370]  skb_copy_datagram_iter+0xd1/0x250
[  292.702788][ T7370]  netlink_recvmsg+0x2d4/0x1180
[  292.702820][ T7370]  ? __lock_acquire+0xad5/0xd80
[  292.702851][ T7370]  ? __pfx_netlink_recvmsg+0x10/0x10
[  292.702886][ T7370]  ? __lock_acquire+0xad5/0xd80
[  292.702920][ T7370]  ? __import_iovec+0x585/0x830
[  292.702949][ T7370]  ? bpf_lsm_socket_recvmsg+0x9/0x10
[  292.702981][ T7370]  ? __pfx_netlink_recvmsg+0x10/0x10
[  292.703015][ T7370]  sock_recvmsg+0x22f/0x280
[  292.703050][ T7370]  ____sys_recvmsg+0x1c8/0x480
[  292.703090][ T7370]  ? __pfx_____sys_recvmsg+0x10/0x10
[  292.703141][ T7370]  do_recvmmsg+0x428/0xab0
[  292.703190][ T7370]  ? __pfx_do_recvmmsg+0x10/0x10
[  292.703234][ T7370]  ? rcu_read_lock_any_held+0xbb/0x160
[  292.703263][ T7370]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  292.703296][ T7370]  ? vfs_write+0xb29/0xd10
[  292.703338][ T7370]  ? ksys_write+0x24e/0x2d0
[  292.703374][ T7370]  ? __mutex_unlock_slowpath+0x229/0x800
[  292.703413][ T7370]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  292.703440][ T7370]  ? __fget_files+0x2a/0x420
[  292.703484][ T7370]  __x64_sys_recvmmsg+0x1ab/0x260
[  292.703513][ T7370]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  292.703546][ T7370]  ? do_syscall_64+0xb6/0x230
[  292.703577][ T7370]  do_syscall_64+0xf3/0x230
[  292.703604][ T7370]  ? clear_bhb_loop+0x45/0xa0
[  292.703632][ T7370]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  292.703653][ T7370] RIP: 0033:0x7f15dbf8d169
[  292.703675][ T7370] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  292.703693][ T7370] RSP: 002b:00007f15dcd5e038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  292.703718][ T7370] RAX: ffffffffffffffda RBX: 00007f15dc1a5fa0 RCX: 00007f15dbf8d169
[  292.703734][ T7370] RDX: 0000000000000001 RSI: 0000200000000000 RDI: 0000000000000003
[  292.703749][ T7370] RBP: 00007f15dcd5e090 R08: 0000000000000000 R09: 0000000000000000
[  292.703763][ T7370] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  292.703775][ T7370] R13: 0000000000000000 R14: 00007f15dc1a5fa0 R15: 00007ffee79e5d08
[  292.703810][ T7370]  </TASK>
[  292.733539][ T5910] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  292.739815][ T5883] usb 5-1: config 0 descriptor??
[  293.073018][    T9] usb 1-1: config 5 interface 66 altsetting 7 endpoint 0xC has invalid maxpacket 512, setting to 64
[  293.103130][    T9] usb 1-1: config 5 interface 66 altsetting 7 endpoint 0xA has invalid maxpacket 1024, setting to 64
[  293.116467][    T9] usb 1-1: config 5 interface 66 altsetting 7 has a duplicate endpoint with address 0xA, skipping
[  293.127546][    T9] usb 1-1: config 5 interface 33 altsetting 129 has a duplicate endpoint with address 0xA, skipping
[  293.142562][    T9] usb 1-1: config 5 interface 190 altsetting 64 endpoint 0x5 has invalid maxpacket 1024, setting to 64
[  293.154252][    T9] usb 1-1: config 5 interface 190 altsetting 64 has a duplicate endpoint with address 0xA, skipping
[  293.165773][    T9] usb 1-1: config 5 interface 190 altsetting 64 has a duplicate endpoint with address 0xA, skipping
[  293.177632][    T9] usb 1-1: config 5 interface 190 altsetting 64 has a duplicate endpoint with address 0x5, skipping
[  293.189356][    T9] usb 1-1: config 5 interface 190 altsetting 64 has a duplicate endpoint with address 0xF, skipping
[  293.204129][ T5910] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  293.208339][    T9] usb 1-1: config 5 interface 190 altsetting 64 endpoint 0xD has invalid maxpacket 1024, setting to 64
[  293.227183][ T5910] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  293.235318][    T9] usb 1-1: config 5 interface 190 altsetting 64 endpoint 0x6 has invalid maxpacket 1023, setting to 64
[  293.247408][ T5910] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  293.247440][ T5910] usb 2-1: SerialNumber: syz
[  293.272020][    T9] usb 1-1: config 5 interface 190 altsetting 64 endpoint 0x1 has invalid maxpacket 1023, setting to 64
[  293.284532][    T9] usb 1-1: config 5 interface 190 altsetting 64 has a duplicate endpoint with address 0x9, skipping
[  293.299942][    T9] usb 1-1: config 5 interface 190 altsetting 64 has a duplicate endpoint with address 0x9, skipping
[  293.355885][    T9] usb 1-1: config 5 interface 190 altsetting 64 endpoint 0x8B has invalid wMaxPacketSize 0
[  293.409073][    T9] usb 1-1: config 5 interface 190 altsetting 64 has a duplicate endpoint with address 0x5, skipping
[  293.432786][ T7374] loop2: detected capacity change from 0 to 7
[  293.444968][ T7374] Dev loop2: unable to read RDB block 7
[  293.450786][    T9] usb 1-1: config 5 interface 190 altsetting 64 has a duplicate endpoint with address 0x6, skipping
[  293.470099][ T7374]  loop2: AHDI p3
[  293.482001][ T5910] usb 2-1: 0:2 : does not exist
[  293.485120][ T7374] loop2: partition table partially beyond EOD, 
[  293.488197][    T9] usb 1-1: config 5 interface 190 altsetting 64 has a duplicate endpoint with address 0x1, skipping
[  293.505791][ T7374] truncated
[  293.513920][    T9] usb 1-1: config 5 interface 8 altsetting 114 has a duplicate endpoint with address 0x1, skipping
[  293.525382][    T9] usb 1-1: config 5 interface 8 altsetting 114 endpoint 0xE has an invalid bInterval 0, changing to 10
[  293.543152][    T9] usb 1-1: config 5 interface 8 altsetting 114 endpoint 0xE has invalid maxpacket 1024, setting to 64
[  293.747033][ T5910] usb 2-1: USB disconnect, device number 14
[  293.841277][ T7380] overlayfs: missing 'lowerdir'
[  293.853478][    T9] usb 1-1: config 5 interface 8 altsetting 114 has a duplicate endpoint with address 0x9, skipping
[  293.866862][    T9] usb 1-1: config 5 interface 8 altsetting 114 has a duplicate endpoint with address 0x5, skipping
[  293.880163][    T9] usb 1-1: config 5 interface 8 altsetting 114 has a duplicate endpoint with address 0xA, skipping
[  294.263274][ T7377] Dev loop2: unable to read RDB block 7
[  294.271481][ T7377]  loop2: AHDI p3
[  294.290285][ T7377] loop2: partition table partially beyond EOD, truncated
[  294.451849][ T6073] udevd[6073]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  294.588945][    T9] usb 1-1: config 5 interface 8 altsetting 114 has an endpoint descriptor with address 0x96, changing to 0x86
[  294.602191][    T9] usb 1-1: config 5 interface 8 altsetting 114 has a duplicate endpoint with address 0x86, skipping
[  294.615758][    T9] usb 1-1: config 5 interface 8 altsetting 114 has an invalid descriptor for endpoint zero, skipping
[  294.628012][    T9] usb 1-1: config 5 interface 66 has no altsetting 0
[  294.634794][    T9] usb 1-1: config 5 interface 33 has no altsetting 0
[  294.641716][    T9] usb 1-1: config 5 interface 190 has no altsetting 0
[  294.648823][    T9] usb 1-1: config 5 interface 8 has no altsetting 0
[  294.681482][    T9] usb 1-1: string descriptor 0 read error: -71
[  294.688050][    T9] usb 1-1: New USB device found, idVendor=06f8, idProduct=0003, bcdDevice=c0.14
[  294.741551][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  294.791127][    T9] usb 1-1: can't set config #5, error -71
[  294.820476][    T9] usb 1-1: USB disconnect, device number 9
[  296.077402][    T9] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  296.167207][ T5883] usbhid 5-1:0.0: can't add hid device: -71
[  296.185799][ T5883] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  296.291470][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  296.321755][ T5883] usb 5-1: USB disconnect, device number 24
[  296.474229][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  296.733508][    T9] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  296.846821][    T9] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  296.891778][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  296.976476][    T9] usb 3-1: config 0 descriptor??
[  297.664318][    T9] plantronics 0003:047F:FFFF.0005: No inputs registered, leaving
[  297.741071][    T9] plantronics 0003:047F:FFFF.0005: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  298.000384][ T7418] overlayfs: missing 'lowerdir'
[  298.100110][ T7422] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  298.120275][ T7422] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  298.143530][ T7422] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  298.160787][ T7422] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  299.644565][    T9] usb 3-1: reset high-speed USB device number 13 using dummy_hcd
[  299.695306][ T7431] loop2: detected capacity change from 0 to 7
[  299.735660][ T7431] Dev loop2: unable to read RDB block 7
[  299.766866][ T7431]  loop2: AHDI p3
[  299.774676][ T7431] loop2: partition table partially beyond EOD, truncated
[  301.448697][ T5883] usb 3-1: USB disconnect, device number 13
[  301.546521][ T7440] Dev loop2: unable to read RDB block 7
[  301.546558][ T7440]  loop2: AHDI p3
[  301.546583][ T7440] loop2: partition table partially beyond EOD, truncated
[  303.106979][ T7461] veth0_to_team: entered promiscuous mode
[  303.112839][ T7461] veth0_to_team: entered allmulticast mode
[  303.669731][   T10] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  304.406822][   T10] usb 5-1: Using ep0 maxpacket: 16
[  304.442985][   T10] usb 5-1: New USB device found, idVendor=1235, idProduct=0010, bcdDevice=29.82
[  304.487541][   T10] usb 5-1: New USB device strings: Mfr=83, Product=5, SerialNumber=10
[  304.526409][   T10] usb 5-1: Product: syz
[  304.531492][   T10] usb 5-1: Manufacturer: syz
[  304.542646][   T10] usb 5-1: SerialNumber: syz
[  304.573392][   T10] usb 5-1: config 0 descriptor??
[  304.820938][   T10] usb 5-1: selecting invalid altsetting 1
[  304.861792][ T7482] overlayfs: missing 'lowerdir'
[  305.842121][   T10] snd-usb-audio 5-1:0.0: probe with driver snd-usb-audio failed with error -22
[  305.893161][   T10] usb 5-1: USB disconnect, device number 25
[  305.950352][ T7488] FAULT_INJECTION: forcing a failure.
[  305.950352][ T7488] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  306.015977][ T7488] CPU: 1 UID: 0 PID: 7488 Comm: syz.2.440 Not tainted 6.15.0-rc1-syzkaller-00060-ga24588245776 #0 PREEMPT(full) 
[  306.016010][ T7488] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  306.016023][ T7488] Call Trace:
[  306.016032][ T7488]  <TASK>
[  306.016041][ T7488]  dump_stack_lvl+0x241/0x360
[  306.016079][ T7488]  ? __pfx_dump_stack_lvl+0x10/0x10
[  306.016108][ T7488]  ? __pfx__printk+0x10/0x10
[  306.016149][ T7488]  should_fail_ex+0x424/0x570
[  306.016176][ T7488]  _copy_from_user+0x2d/0xb0
[  306.016208][ T7488]  sctp_setsockopt+0xc9/0x11e0
[  306.016244][ T7488]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  306.016273][ T7488]  do_sock_setsockopt+0x3b1/0x710
[  306.016301][ T7488]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  306.016320][ T7488]  ? __fget_files+0x2a/0x420
[  306.016349][ T7488]  ? __fget_files+0x39d/0x420
[  306.016372][ T7488]  ? __fget_files+0x2a/0x420
[  306.016405][ T7488]  __x64_sys_setsockopt+0x1ee/0x280
[  306.016434][ T7488]  do_syscall_64+0xf3/0x230
[  306.016461][ T7488]  ? clear_bhb_loop+0x45/0xa0
[  306.016486][ T7488]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  306.016507][ T7488] RIP: 0033:0x7f15dbf8d169
[  306.016525][ T7488] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  306.016544][ T7488] RSP: 002b:00007f15dcd5e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  306.016567][ T7488] RAX: ffffffffffffffda RBX: 00007f15dc1a5fa0 RCX: 00007f15dbf8d169
[  306.016583][ T7488] RDX: 0000000000000064 RSI: 0000000000000084 RDI: 0000000000000003
[  306.016595][ T7488] RBP: 00007f15dcd5e090 R08: 000000000000002c R09: 0000000000000000
[  306.016608][ T7488] R10: 00002000000001c0 R11: 0000000000000246 R12: 0000000000000001
[  306.016625][ T7488] R13: 0000000000000000 R14: 00007f15dc1a5fa0 R15: 00007ffee79e5d08
[  306.016654][ T7488]  </TASK>
[  306.638668][ T6073] udevd[6073]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  306.897612][ T7506] loop2: detected capacity change from 0 to 7
[  306.918843][ T7506] Dev loop2: unable to read RDB block 7
[  306.924483][ T7506]  loop2: AHDI p3
[  306.936880][ T7506] loop2: partition table partially beyond EOD, truncated
[  307.241202][ T6073] Dev loop2: unable to read RDB block 7
[  307.265514][ T6073]  loop2: AHDI p3
[  307.277496][ T6073] loop2: partition table partially beyond EOD, truncated
[  308.262659][ T7506] Dev loop2: unable to read RDB block 7
[  308.262692][ T7506]  loop2: AHDI p3
[  308.262716][ T7506] loop2: partition table partially beyond EOD, truncated
[  309.761155][ T7521] overlayfs: missing 'lowerdir'
[  314.085490][ T7542] netlink: 20 bytes leftover after parsing attributes in process `syz.4.456'.
[  316.326751][ T5843] Bluetooth: hci0: command 0x0406 tx timeout
[  316.486986][ T7543] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  317.089877][ T7543] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  317.211299][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  317.321759][ T7543] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  317.378543][ T7543] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  317.384644][ T7543] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  317.687541][ T7543] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  317.693583][ T7543] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  317.713958][ T7575] overlayfs: missing 'lowerdir'
[  318.699771][ T5843] Bluetooth: hci0: command 0x0406 tx timeout
[  319.375053][ T7543] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  319.511779][ T5845] Bluetooth: hci1: command 0x0406 tx timeout
[  319.526951][ T5843] ==================================================================
[  319.535102][ T5843] BUG: KASAN: slab-use-after-free in l2cap_connect_cfm+0x70e/0x1220
[  319.543135][ T5843] Read of size 8 at addr ffff88807e75a480 by task kworker/u9:7/5843
[  319.551191][ T5843] 
[  319.553634][ T5843] CPU: 1 UID: 0 PID: 5843 Comm: kworker/u9:7 Not tainted 6.15.0-rc1-syzkaller-00060-ga24588245776 #0 PREEMPT(full) 
[  319.553663][ T5843] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  319.553681][ T5843] Workqueue: hci0 hci_rx_work
[  319.553718][ T5843] Call Trace:
[  319.553727][ T5843]  <TASK>
[  319.553738][ T5843]  dump_stack_lvl+0x241/0x360
[  319.553771][ T5843]  ? __pfx_dump_stack_lvl+0x10/0x10
[  319.553799][ T5843]  ? __virt_addr_valid+0x183/0x530
[  319.553827][ T5843]  ? rcu_is_watching+0x15/0xb0
[  319.553851][ T5843]  ? __virt_addr_valid+0x183/0x530
[  319.553877][ T5843]  ? lock_release+0x4e/0x3e0
[  319.553899][ T5843]  ? __virt_addr_valid+0x183/0x530
[  319.553926][ T5843]  ? __virt_addr_valid+0x183/0x530
[  319.553954][ T5843]  print_report+0x16e/0x5b0
[  319.553986][ T5843]  ? __virt_addr_valid+0x183/0x530
[  319.554012][ T5843]  ? __virt_addr_valid+0x183/0x530
[  319.554038][ T5843]  ? __virt_addr_valid+0x45f/0x530
[  319.554064][ T5843]  ? __phys_addr+0xba/0x170
[  319.554091][ T5843]  ? l2cap_connect_cfm+0x70e/0x1220
[  319.554116][ T5843]  kasan_report+0x143/0x180
[  319.554137][ T5843]  ? l2cap_connect_cfm+0x70e/0x1220
[  319.554166][ T5843]  l2cap_connect_cfm+0x70e/0x1220
[  319.554198][ T5843]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[  319.554227][ T5843]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[  319.554254][ T5843]  hci_connect_cfm+0xa2/0x150
[  319.554279][ T5843]  le_conn_complete_evt+0xcf4/0x12a0
[  319.554310][ T5843]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  319.554333][ T5843]  ? __mutex_unlock_slowpath+0x229/0x800
[  319.554362][ T5843]  ? __skb_clone+0x5c/0x6d0
[  319.554385][ T5843]  ? skb_pull_data+0x112/0x230
[  319.554414][ T5843]  hci_le_conn_complete_evt+0x18c/0x420
[  319.554441][ T5843]  hci_event_packet+0xa5c/0x1550
[  319.554475][ T5843]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  319.554500][ T5843]  ? __pfx_hci_event_packet+0x10/0x10
[  319.554540][ T5843]  ? __hci_send_to_channel+0x211/0x2b0
[  319.554563][ T5843]  ? hci_send_to_monitor+0x2a/0x530
[  319.554589][ T5843]  ? kasan_check_range+0x86/0x2a0
[  319.554613][ T5843]  ? hci_send_to_monitor+0xdc/0x530
[  319.554639][ T5843]  hci_rx_work+0x3f3/0xdb0
[  319.554676][ T5843]  ? process_scheduled_works+0x9cb/0x18e0
[  319.554698][ T5843]  process_scheduled_works+0xac3/0x18e0
[  319.554737][ T5843]  ? __pfx_process_scheduled_works+0x10/0x10
[  319.554764][ T5843]  ? assign_work+0x367/0x3d0
[  319.554789][ T5843]  worker_thread+0x870/0xd50
[  319.554820][ T5843]  ? __kthread_parkme+0x1a8/0x200
[  319.554846][ T5843]  ? __pfx_worker_thread+0x10/0x10
[  319.554869][ T5843]  kthread+0x7b7/0x940
[  319.554897][ T5843]  ? __pfx_worker_thread+0x10/0x10
[  319.554921][ T5843]  ? __pfx_kthread+0x10/0x10
[  319.554947][ T5843]  ? __pfx_kthread+0x10/0x10
[  319.554973][ T5843]  ? __pfx_kthread+0x10/0x10
[  319.555000][ T5843]  ? __pfx_kthread+0x10/0x10
[  319.555026][ T5843]  ? _raw_spin_unlock_irq+0x23/0x50
[  319.555046][ T5843]  ? lockdep_hardirqs_on+0x9d/0x150
[  319.555070][ T5843]  ? __pfx_kthread+0x10/0x10
[  319.555097][ T5843]  ret_from_fork+0x4b/0x80
[  319.555118][ T5843]  ? __pfx_kthread+0x10/0x10
[  319.555145][ T5843]  ret_from_fork_asm+0x1a/0x30
[  319.555186][ T5843]  </TASK>
[  319.555194][ T5843] 
[  319.859926][ T5843] Allocated by task 5843:
[  319.864288][ T5843]  kasan_save_track+0x3f/0x80
[  319.869059][ T5843]  __kasan_kmalloc+0x9d/0xb0
[  319.873675][ T5843]  __kmalloc_cache_noprof+0x236/0x370
[  319.879090][ T5843]  l2cap_chan_create+0x50/0x760
[  319.883961][ T5843]  l2cap_sock_new_connection_cb+0x181/0x2b0
[  319.889872][ T5843]  l2cap_connect_cfm+0x37b/0x1220
[  319.894912][ T5843]  hci_connect_cfm+0xa2/0x150
[  319.899606][ T5843]  le_conn_complete_evt+0xcf4/0x12a0
[  319.904909][ T5843]  hci_le_conn_complete_evt+0x18c/0x420
[  319.910465][ T5843]  hci_event_packet+0xa5c/0x1550
[  319.915417][ T5843]  hci_rx_work+0x3f3/0xdb0
[  319.919849][ T5843]  process_scheduled_works+0xac3/0x18e0
[  319.925403][ T5843]  worker_thread+0x870/0xd50
[  319.929999][ T5843]  kthread+0x7b7/0x940
[  319.934077][ T5843]  ret_from_fork+0x4b/0x80
[  319.938495][ T5843]  ret_from_fork_asm+0x1a/0x30
[  319.943390][ T5843] 
[  319.945739][ T5843] Freed by task 7576:
[  319.949753][ T5843]  kasan_save_track+0x3f/0x80
[  319.954507][ T5843]  kasan_save_free_info+0x40/0x50
[  319.960084][ T5843]  __kasan_slab_free+0x59/0x70
[  319.964885][ T5843]  kfree+0x198/0x430
[  319.968804][ T5843]  l2cap_sock_cleanup_listen+0xed/0x3c0
[  319.974401][ T5843]  l2cap_sock_release+0x5d/0x1d0
[  319.979373][ T5843]  sock_close+0xbc/0x240
[  319.983629][ T5843]  __fput+0x3e9/0x9f0
[  319.987710][ T5843]  task_work_run+0x251/0x310
[  319.992315][ T5843]  syscall_exit_to_user_mode+0x13f/0x340
[  319.997965][ T5843]  do_syscall_64+0x100/0x230
[  320.002589][ T5843]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  320.008500][ T5843] 
[  320.010834][ T5843] The buggy address belongs to the object at ffff88807e75a000
[  320.010834][ T5843]  which belongs to the cache kmalloc-2k of size 2048
[  320.024980][ T5843] The buggy address is located 1152 bytes inside of
[  320.024980][ T5843]  freed 2048-byte region [ffff88807e75a000, ffff88807e75a800)
[  320.039061][ T5843] 
[  320.041402][ T5843] The buggy address belongs to the physical page:
[  320.047837][ T5843] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7e758
[  320.056607][ T5843] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  320.065208][ T5843] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  320.072777][ T5843] page_type: f5(slab)
[  320.076946][ T5843] raw: 00fff00000000040 ffff88801b042000 ffffea00016f7600 dead000000000002
[  320.085558][ T5843] raw: 0000000000000000 0000000080080008 00000000f5000000 0000000000000000
[  320.094339][ T5843] head: 00fff00000000040 ffff88801b042000 ffffea00016f7600 dead000000000002
[  320.103900][ T5843] head: 0000000000000000 0000000080080008 00000000f5000000 0000000000000000
[  320.112598][ T5843] head: 00fff00000000003 ffffea0001f9d601 00000000ffffffff 00000000ffffffff
[  320.121291][ T5843] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  320.129973][ T5843] page dumped because: kasan: bad access detected
[  320.136405][ T5843] page_owner tracks the page as allocated
[  320.142127][ T5843] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5833, tgid 5833 (syz-executor), ts 91037859785, free_ts 90994052268
[  320.163592][ T5843]  post_alloc_hook+0x1f4/0x240
[  320.168374][ T5843]  get_page_from_freelist+0x351d/0x36b0
[  320.174047][ T5843]  __alloc_frozen_pages_noprof+0x211/0x5b0
[  320.179872][ T5843]  alloc_pages_mpol+0x339/0x690
[  320.184743][ T5843]  allocate_slab+0x8f/0x3a0
[  320.189276][ T5843]  ___slab_alloc+0xc3b/0x1500
[  320.193961][ T5843]  __slab_alloc+0x58/0xa0
[  320.198316][ T5843]  __kmalloc_cache_noprof+0x26a/0x370
[  320.203812][ T5843]  rtnl_newlink+0x144/0x1fe0
[  320.208821][ T5843]  rtnetlink_rcv_msg+0x80f/0xd70
[  320.213945][ T5843]  netlink_rcv_skb+0x208/0x480
[  320.219410][ T5843]  netlink_unicast+0x7f8/0x9a0
[  320.224317][ T5843]  netlink_sendmsg+0x8c3/0xcd0
[  320.229189][ T5843]  __sock_sendmsg+0x221/0x270
[  320.233876][ T5843]  __sys_sendto+0x365/0x4c0
[  320.238396][ T5843]  __x64_sys_sendto+0xde/0x100
[  320.243179][ T5843] page last free pid 5834 tgid 5834 stack trace:
[  320.249507][ T5843]  __free_frozen_pages+0xddf/0x10a0
[  320.254749][ T5843]  __slab_free+0x2c6/0x390
[  320.259182][ T5843]  qlist_free_all+0x9a/0x140
[  320.263785][ T5843]  kasan_quarantine_reduce+0x14f/0x170
[  320.269265][ T5843]  __kasan_slab_alloc+0x23/0x80
[  320.274212][ T5843]  __kmalloc_cache_noprof+0x1c8/0x370
[  320.279602][ T5843]  ref_tracker_alloc+0x159/0x4c0
[  320.284558][ T5843]  net_rx_queue_update_kobjects+0x1a5/0x6d0
[  320.290544][ T5843]  netdev_register_kobject+0x1fd/0x2f0
[  320.296100][ T5843]  register_netdevice+0x12b0/0x1b80
[  320.301401][ T5843]  bond_newlink+0x5e/0xb0
[  320.305747][ T5843]  rtnl_newlink_create+0x39b/0xcb0
[  320.310976][ T5843]  rtnl_newlink+0x18b0/0x1fe0
[  320.315675][ T5843]  rtnetlink_rcv_msg+0x80f/0xd70
[  320.320721][ T5843]  netlink_rcv_skb+0x208/0x480
[  320.325502][ T5843]  netlink_unicast+0x7f8/0x9a0
[  320.330288][ T5843] 
[  320.332633][ T5843] Memory state around the buggy address:
[  320.338287][ T5843]  ffff88807e75a380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  320.347082][ T5843]  ffff88807e75a400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  320.355347][ T5843] >ffff88807e75a480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  320.363445][ T5843]                    ^
[  320.367960][ T5843]  ffff88807e75a500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  320.376114][ T5843]  ffff88807e75a580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  320.384266][ T5843] ==================================================================
[  320.416737][ T5845] Bluetooth: hci3: command 0x0406 tx timeout
[  320.427313][ T5843] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  320.434585][ T5843] CPU: 1 UID: 0 PID: 5843 Comm: kworker/u9:7 Not tainted 6.15.0-rc1-syzkaller-00060-ga24588245776 #0 PREEMPT(full) 
[  320.446822][ T5843] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  320.457366][ T5843] Workqueue: hci0 hci_rx_work
[  320.462168][ T5843] Call Trace:
[  320.465463][ T5843]  <TASK>
[  320.468423][ T5843]  dump_stack_lvl+0x241/0x360
[  320.473214][ T5843]  ? __pfx_dump_stack_lvl+0x10/0x10
[  320.478482][ T5843]  ? __pfx__printk+0x10/0x10
[  320.483192][ T5843]  ? vscnprintf+0x5d/0x90
[  320.487549][ T5843]  panic+0x349/0x880
[  320.491567][ T5843]  ? check_panic_on_warn+0x21/0xb0
[  320.496717][ T5843]  ? __pfx_panic+0x10/0x10
[  320.501182][ T5843]  ? _raw_spin_unlock_irqrestore+0x134/0x140
[  320.507185][ T5843]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  320.513551][ T5843]  ? print_report+0x519/0x5b0
[  320.518261][ T5843]  check_panic_on_warn+0x86/0xb0
[  320.523259][ T5843]  ? l2cap_connect_cfm+0x70e/0x1220
[  320.528477][ T5843]  end_report+0x77/0x160
[  320.532750][ T5843]  kasan_report+0x154/0x180
[  320.537262][ T5843]  ? l2cap_connect_cfm+0x70e/0x1220
[  320.542475][ T5843]  l2cap_connect_cfm+0x70e/0x1220
[  320.547528][ T5843]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[  320.553002][ T5843]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[  320.558488][ T5843]  hci_connect_cfm+0xa2/0x150
[  320.563176][ T5843]  le_conn_complete_evt+0xcf4/0x12a0
[  320.568480][ T5843]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  320.574213][ T5843]  ? __mutex_unlock_slowpath+0x229/0x800
[  320.579864][ T5843]  ? __skb_clone+0x5c/0x6d0
[  320.584376][ T5843]  ? skb_pull_data+0x112/0x230
[  320.589166][ T5843]  hci_le_conn_complete_evt+0x18c/0x420
[  320.594728][ T5843]  hci_event_packet+0xa5c/0x1550
[  320.599706][ T5843]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  320.605016][ T5843]  ? __pfx_hci_event_packet+0x10/0x10
[  320.610423][ T5843]  ? __hci_send_to_channel+0x211/0x2b0
[  320.615916][ T5843]  ? hci_send_to_monitor+0x2a/0x530
[  320.621171][ T5843]  ? kasan_check_range+0x86/0x2a0
[  320.626215][ T5843]  ? hci_send_to_monitor+0xdc/0x530
[  320.631433][ T5843]  hci_rx_work+0x3f3/0xdb0
[  320.635876][ T5843]  ? process_scheduled_works+0x9cb/0x18e0
[  320.641610][ T5843]  process_scheduled_works+0xac3/0x18e0
[  320.647188][ T5843]  ? __pfx_process_scheduled_works+0x10/0x10
[  320.653186][ T5843]  ? assign_work+0x367/0x3d0
[  320.657807][ T5843]  worker_thread+0x870/0xd50
[  320.662442][ T5843]  ? __kthread_parkme+0x1a8/0x200
[  320.667505][ T5843]  ? __pfx_worker_thread+0x10/0x10
[  320.672652][ T5843]  kthread+0x7b7/0x940
[  320.676757][ T5843]  ? __pfx_worker_thread+0x10/0x10
[  320.681899][ T5843]  ? __pfx_kthread+0x10/0x10
[  320.686517][ T5843]  ? __pfx_kthread+0x10/0x10
[  320.691131][ T5843]  ? __pfx_kthread+0x10/0x10
[  320.695747][ T5843]  ? __pfx_kthread+0x10/0x10
[  320.700364][ T5843]  ? _raw_spin_unlock_irq+0x23/0x50
[  320.705580][ T5843]  ? lockdep_hardirqs_on+0x9d/0x150
[  320.710797][ T5843]  ? __pfx_kthread+0x10/0x10
[  320.715406][ T5843]  ret_from_fork+0x4b/0x80
[  320.719839][ T5843]  ? __pfx_kthread+0x10/0x10
[  320.724452][ T5843]  ret_from_fork_asm+0x1a/0x30
[  320.729250][ T5843]  </TASK>
[  320.732561][ T5843] Kernel Offset: disabled
[  320.736893][ T5843] Rebooting in 86400 seconds..