last executing test programs:

11.220109177s ago: executing program 0 (id=322):
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
r0 = socket(0x1e, 0x3, 0x0)
r1 = socket(0x1e, 0x2, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
prlimit64(r2, 0xe, &(0x7f00000000c0)={0x9, 0x87}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=@can_newroute={0x34, 0x18, 0x1, 0x0, 0x0, {}, [@CGW_MOD_XOR={0x15, 0x3, {{{}, 0x0, 0x0, 0x0, 0x0, "8ca5be073cff296e"}, 0x2}}, @CGW_CS_XOR={0x8, 0x5, {0xfffffffffffffff7, 0x0, 0x8}}]}, 0x34}}, 0x0)
syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x5885}, &(0x7f0000000340)=<r5=>0x0, &(0x7f0000000280)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0})
r7 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r7, &(0x7f00000003c0)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000040)={'macvlan0\x00', <r10=>0x0})
sendmsg$nl_route(r9, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="2c00000013000100"/20, @ANYRES32=r10, @ANYBLOB="0000d400000000000a000100003b"], 0x2c}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000001900)=ANY=[@ANYRES16=0x0], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r10, @fallback=0xe, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
setsockopt$inet6_IPV6_HOPOPTS(r7, 0x29, 0x36, &(0x7f0000001500)=ANY=[], 0x10)
setsockopt$SO_BINDTODEVICE(r7, 0x1, 0x19, &(0x7f0000000240)='bridge0\x00', 0x10)
write(r7, &(0x7f00000000c0)="8f2a0a65bd8c022b0304000e0580a7b6070d63e286a5cefe", 0x5ac)
bpf$OBJ_GET_MAP(0x7, 0x0, 0x0)

10.419572262s ago: executing program 4 (id=324):
socket$netlink(0x10, 0x3, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$sock_int(0xffffffffffffffff, 0x1, 0x2a, 0x0, 0x0)
r0 = openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000001a00), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x17, &(0x7f0000000040)=0x4000009ce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0)
write$6lowpan_control(r0, &(0x7f0000000000)='connect aa:aa:aa:aa:aa:10 0', 0x1b)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000002c0), r3)
sendmsg$NLBL_UNLABEL_C_STATICADD(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYRES16=r4, @ANYBLOB="010200000000feffffff0300260008000400000000001400060073697430000000000000000000000000140007000000000000", @ANYBLOB="f9880898"], 0x4c}, 0x8, 0x3000000000002}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000540), 0xffffffffffffffff)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r5}, 0x10)
getxattr(0x0, 0x0, 0x0, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r6, 0x8933, &(0x7f0000000100))
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f0000000180)})
prlimit64(0x0, 0xe, &(0x7f0000000240)={0xf8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)

9.786966844s ago: executing program 4 (id=325):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=@newtaction={0x14, 0x30, 0x829}, 0x14}}, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d90000002e460f01c50f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x45}], 0x1, 0x43, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text32={0x20, 0x0}], 0x1, 0x20, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0xa, 0x4, 0x6, 0x3, 0x0, 0xffffffffffffffff, 0x3, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r4, 0x107, 0x12, &(0x7f0000000280)={0x0, 0x1}, 0x4)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0x20}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r5}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r6}, 0x10)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@x86={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

9.717758064s ago: executing program 0 (id=326):
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{0x1, <r0=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'team0\x00', <r1=>0x0})
r2 = bpf$TOKEN_CREATE(0x24, &(0x7f0000000180), 0x8)
r3 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x101000, 0x0)
r4 = syz_open_dev$tty20(0xc, 0x4, 0x0)
fcntl$setown(r4, 0x8, 0x0)
fcntl$setownex(r4, 0xf, &(0x7f0000000300)={0x1})
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
setsockopt$netrom_NETROM_T1(0xffffffffffffffff, 0x103, 0x1, &(0x7f0000000080)=0x7, 0x4)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x1800, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
syz_open_dev$evdev(&(0x7f0000000040), 0x2, 0x0)
ioctl$KVM_SET_CPUID2(r7, 0x4008ae90, &(0x7f0000000000)=ANY=[@ANYBLOB="1900000000000000010000400100000000000000c700000005000000e00000000300000000000000000000000000000001"])
syz_open_dev$sg(0x0, 0x0, 0x101005)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
r8 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r8, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$sock_bt_hci(0xffffffffffffffff, 0x800448d3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r3, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r9=>0x0})
ioctl$IOMMU_HWPT_ALLOC$NONE(r3, 0x3b89, &(0x7f0000000180)={0x28, 0x1, 0x0, r9, 0x0, 0x0, 0x0, 0x0, 0x0})
openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x42, 0x0)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r10, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c0000000206030000000000008000000000000005000100070000000900020073797a30000000001400078008001240000a00000500150003000000050005000000000005000400000000000d000300686173683a6d6163"], 0x5c}}, 0x0)
r11 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r11, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue1\x00'})
write$sndseq(r11, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8)
bpf$MAP_CREATE(0x1900000000000000, &(0x7f00000000c0)=@bloom_filter={0x1e, 0xeb, 0xa, 0x3, 0x11000, r0, 0x0, '\x00', r1, 0xffffffffffffffff, 0x0, 0x1, 0x5, 0x3, @void, @value, @value=r2}, 0x50)

9.443627195s ago: executing program 1 (id=328):
getgroups(0x3, &(0x7f0000002f80)=[0xee01, 0xffffffffffffffff, 0xee01])
r0 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
bind$inet(r0, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f00000003c0)="fe", 0x1}], 0x1}, 0x0)
recvmmsg(r0, &(0x7f0000001740)=[{{0x0, 0x0, &(0x7f0000001400)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1}}], 0x4000210, 0x2, 0x0)

9.323648816s ago: executing program 1 (id=330):
r0 = socket$inet(0x2, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001180)={0x1a, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8b04, &(0x7f0000000000)={'wlan1\x00'})
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_procs(r1, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0/file0\x00', 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1801000000000000000000004b84ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r3}, 0x10)
openat$dlm_monitor(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r4, 0xffffffffffffffff, 0x0)

9.228635889s ago: executing program 4 (id=331):
r0 = syz_usb_connect(0x2, 0x3f, &(0x7f0000000340)=ANY=[@ANYBLOB="120110012cae9308da040d39dffa0102030109022d00"], 0x0)
syz_usb_control_io$printer(r0, &(0x7f0000000180)={0x14, &(0x7f00000004c0)={0x40, 0x11, 0x102, {0x102, 0xe, "341f767754098e1e91f392ed1572b609837cf6fd9f821101b534f33ca95c20736527d47896c69ecfc258d685690106ffdb6454ebba0ec72dcf1cae251c98f4135941d1564fdd236bd11e35c7c029ab25f94a6c77f9d2178913e6250f7dbd403d47cf00a066f1149f07fc871ba3922d63de48350666515d9e7e62fd5565fcf9207d068fb297ab761b36e16f499a72b7ea131263b552852540f4a2071a92a1f73eb514e07d653a501c8c4c780237a946ef7b8b05d947fa8cfd21c6c5bc07c9fec81cca687acfa9e1a7d55f2e53213b9873015c4a5abe27a84c0eea840cfa7d5d2bdea4c16d179f3a1f4a15072d8738855e443a995b380ea0316d00000000000000"}}, &(0x7f0000000040)={0x0, 0x3, 0x25, @string={0x25, 0x3, "fa956613cb4a8fd70364d7cb7e3bb3e82fed37a9c54e77c46dc6f79564cfd0c66b9ca3"}}}, &(0x7f0000000400)={0x34, &(0x7f0000000600)=ANY=[], &(0x7f0000000240)={0x0, 0xa, 0x1, 0x80}, &(0x7f0000000280)={0x0, 0x8, 0x1, 0x8}, 0x0, &(0x7f0000000300)={0x20, 0x1, 0x1, 0x5}, &(0x7f00000003c0)={0x20, 0x0, 0x1, 0x9}})
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
socket$inet_sctp(0x2, 0x5, 0x84)
syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB], 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000240), 0xc2882, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fe050000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000740)='sched_switch\x00', r3, 0x0, 0xffffffffffffffff}, 0x18)
r4 = socket$kcm(0x29, 0x2, 0x0)
sendmmsg$inet(r4, &(0x7f0000007fc0)=[{{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f00000001c0)=' ', 0x1}], 0x1}}], 0x4000000000001f3, 0x0)

8.992263252s ago: executing program 1 (id=332):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
mount(&(0x7f0000000080)=@sg0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='hfs\x00', 0x20026, &(0x7f00000001c0)='\x00')
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x18, 0x3, &(0x7f0000000940)=ANY=[@ANYBLOB="1800000008000000000000000000000095"], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='contention_end\x00', r1}, 0x10)
r2 = syz_open_dev$vim2m(&(0x7f0000000000), 0x8, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r2, 0xc0145608, &(0x7f00000000c0)={0x400000ff, 0x2, 0x4, 0x0, 0x4})
ioctl$vim2m_VIDIOC_EXPBUF(r2, 0xc0405668, &(0x7f0000000100)={0x0, 0x20, 0x2, 0x4000})
r3 = fcntl$dupfd(r0, 0x0, r0)
sendmsg$IPCTNL_MSG_CT_GET_DYING(r3, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x14, 0x6, 0x1, 0x201, 0x0, 0x0, {0x3, 0x0, 0x1}, ["", "", "", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x11)
ioctl$TCFLSH(r3, 0x400455c8, 0x20000000009)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x4)

8.915564187s ago: executing program 0 (id=333):
ioctl$TCSETAF(0xffffffffffffffff, 0x5408, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000001340)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000ffffffff7a0af0fff8ffff5979a4f0ff00000000b7060000ffffffff2d6405000000000065040400014741001404000001007d60b7030000000000006a0a00fe40000900850000001f000000b70000000004000095000000000000006623848adf1dc9a7645100b2ffbdb0ab51a064e0ff0c9b27a26293fddf0180000071ff31f1622271d5518193e09483c5a020c334f8c76334d8ce8303b01ddaa52e8756ad60a07d6f27c125e16d024098f755d8583da60f27c162dbba0700002ac9170f50f2568836077b7f711a18ebf608d87b885297b6a79819782748b376358c33c9f53bfd989b1ca58949a54d5827df14faecea46408a05d572077f1252fbb72c3d099c501bc4ded6fca17a3447222c95edb47b77aafa63b9dd5fa5c53e9cf53ce129a9ecd3b4dd15100f2b450f98526a0d8cac7c97fc2f64015306a1bd7e43fe1ca8345710fb6379b4c53cf55eefb4c0974486a8d25a363adbd83b49e13fbd1777b27020bd9b8cff3f48c9411670c34f23ab8caf7851b290feb3045a1b622f20c4383a0280f040de7667f8b1d0842835e81c358ebe73af41e5b5b924275cb1749289b44e9728e7a73f148ac8206afe120c1437490d99000000110000fdffffffffffffffaf580278e1342aabd1b623f6c4f128858e4eb6b42f2173184c2b99b645f6ec0e14e5d7c95a0008000000f30f6c0000000000ff0000b8f5001a1d2a34dc0973ec302bc23211d3e3b6e6dad65a51e5497a3419cecec38126247b2f113ad4c7915c8f82c333a7b350802f03b0057010d1ed50c18411aa6900daccc02f4ba4b078f07e41f781eee222c7d071d5a94d82ca9a0846c1af59cee16639b4970f8f0a82c6a712fd5722d637d406160ffaffffffb4e0bde6749aa52c408b74251914c5d3255fd88a42e7ebb69ebcd8eee623e51dbb1f1b548c91a6825c0686fdc16be1cbb72c217fda18bd746253ca66093daf35923300b600000000ac376e0a4649a8a84e1d293a6b109c5e59b366bca5cc3d936c53d4a48c05099e6fc36d5aa23bff8cce0600fcff00000300a568a8532623d12b40b50ac26f2e8255470a04bfbe7acb581b90991d965a01d1f84cb6b973558e1e3f8118c77ccf0b3c6eb6443870004da10c75723b65f83769ad1f0e4ef6b9ef1cec23264fd8fdac6264af1cb467020bdc12b797b6c156c439105829d2ae1c45f7cfa40df68fd36a03353a55a8a89b60317cd78ea1dc8e0f77f2c1e68ec7c01bd5a2028a8fc107007f3deb1f200abe1f753754678dae8b4e3ba3d086d4b95dfc5817e3dafae2d38b522f842cc750399d90296171fdb1e05882f8a4b8fbd219ccac3a895828b4f22b6527ce31ceb02b7b2beaf4510134552f0b076b168394f8417f25cc82ae04007193cbe69de8bf35e4bebd15412426b2e20ab1f05fc44be9ae094c1b81d3ef947692b44d2afb09c7498dedf0f87c38bbcab7357836f03e8a7c392e535694a3ead2de11e6b1781e2a018c0ada7bc7f0eb2d678f23c07ac341fda2e563ee95085742f5fee9f95f4741b226e428d20b00bc140000e4b2f5efd0a0b1ceba000830ba8634b5aa26bdbe91614e92fae3c7349531df9bf4c01ebf5d8eb7d53e5f30647661623fbdb3f60033fc32f68ea86a2df1e76fe27dfdff1cf9194849c4cc0da9533e5983693e526a7dc0d8728f3b573ca4427bdb44df9341e9b8050e896598a156c935c800436a312e7ae3c011e46851ac599f0427729ab9c55ae0ab4c0000000000000000000000000000c87bcc2ac5aed9247b51d92e0993af4beaf1f3f47dcdfab9165f98155d93e383d6b85158b54675c1585037508c1e9461a1c3d1a6e2002045cae150a7016f1a90716eebbdf6afc4414d900be0bdf19f4a273f44f4357380b4387f1c8b104f0e406b2f04e5ed8c631be6411f9927fe9f6b43ec83412b7c5a676ceec8b454ebf6481c98e86b6933a02daea0b4ec0be5b3d916bd70208b4588626c277648475002e2c62681bd07331422a6e47bbd40857d52c4894944fae5c500000000000000ff00000000de784314b8fd419216b48d0f353c11ae185749fa9ac7dfa16bc5c23a23f74b17a7f1b2d799480f33faa3537a910d6ca02f48b0e69beb1119f106ea5919ffff72e17a5dc8c3d131d82f067e29dc39665dff39fb6347b374aaaf6e65efde3fc6202bf29ccfcb08caf18d668a462493aa82e76affba9c9af31d1c23237aa6eccfadfaf794bb1004c07b21ac6ed77718098b2f722bd05fea3561b86b2838a8de5b4f91d6aba95dc9f4464a024be4d0d8d04f5023e7e19e503624d39a43c7b310de519b40738ff9a623065c06d69d16d4a46ff300022fee47803989b7e916254e0fb9e1c8b07d8a4b8b692a75a32e6ed2caeaa7c258c47fe6143cd9e90b801eff78cd4e402374e0e4ca07b7f17254e3d2f0a2a1bac6fde8a15e3ef3588065524d41966fb3915e804c53201efee751ec294584d23d9008bdf046f55c030ab941a0b8723412127efb3eac0ccf68133c76770d5e7dabcc48d47685404cc540535ed70df75c24660d85f9c9a245185c7da217d1c3743db85db67b9b8a8f00af02367429f6f0b53c169c4356751bf68745dbde055e1722ae256ae53ae637a1431855d16dfa91d82a021a4b2dbb50bf6d59fdd0c9bc84cd7d544de2523b6ce8aaeb94bfba75079f7455204ccca02bd389d8409b2effe9b88e301ac4fe28752386a0678a3f54b2bdf56f927ddd6b0ac98b2b505f668597455ada51ba95ab852b49373a11ff153d20f3681f7a3a31dcd82474b51498f65e0601bcdd23acb4c01bcd2f3e1ad378d14c07d923087d3518369710b70ffb0b523dc4f00f275c381fe1c091e478b04d5e4a9f75b4072acb005a83c25625ab7a351a68977177e27a1bf112114eb10250c2b9dca234f8967f0439696a2345e747b5f1d8c4bec86d8e8f2eb121ea0159615e7d475d45837921c2c0c3f9e683ac8000214a657c9f5cb6dbb714487a9145e9d2918846e78072e0b8f6df849e7f5e3c7e92292c858570d210720102d509083e7af826d9d9f5e4fb389d782e26f243be0c05b9c60383ad28ea3d21466c8d87a4c9cf649315fbd62a6aa4188abb6d8d42785a4ae50157d76efb9c8df83b1c35daad5afaebc7756af1b80d92e8f96a6332e429f6939c230169307e92acd283063304bf6243a0e1f5487bbd54da9fed9bee94d374cc55333fb5c4760cc9ba610937c0f107ef6fbad781863a56897c93c7de1defeaefcef70692d3a8bbf7a4364eac7d608c69caec0f4df2"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000880), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x49)
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e27, 0x0, @local, 0xb}, 0x1c)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000300)={r3, 0xe0, &(0x7f0000000480)={0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
r5 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r4}, 0x4)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000840)={r5, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r6=>0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffd6e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x4)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="01000000a8db0000040000000100000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=r6], 0x50)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000140)={r7, 0x0, 0x0}, 0x20)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f00000003c0)=0x42)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000100)=0xff)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x6, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="1802ff0000000000009b052492c6f07e08b6e72f9c9e1a654c670b00000000000000008dc251f6dc7665573eef09b6c2d4f8a41e91b0fcd6b0bd49b923e0a446149cfdd921fd6964d44d1d8cf56a7a43a36e70d3c0da403c07718e4bc9feffef07351f1bd1a8434c21e0ccb17a054e7dddb38b82a785184477fd987146e9b80a00078d510000c8dab28a991b99dd506ab6ab2e3965ec7c0fbbeadbea00"/166], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x63, '\x00', 0x0, @xdp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f0000000180)={0x0, 0x1, 0xfffffcfa, @local}, 0x10)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)

8.721727037s ago: executing program 1 (id=334):
openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0xc200, 0x0)
r0 = socket(0x10, 0x3, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b000000000000000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000fdffffff850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x4)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=@newsa={0x140, 0x10, 0x1, 0x800000, 0x0, {{@in6=@dev={0xfe, 0x80, '\x00', 0x1e}, @in6=@rand_addr=' \x01\x00', 0x0, 0x0, 0x0, 0x1ff, 0xa, 0x0, 0x0, 0x0, 0x0, 0xee00}, {@in=@loopback, 0xfe, 0x32}, @in=@multicast2, {0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x2}, {0x80000000, 0x853f, 0x0, 0x7}, {}, 0x70bd26, 0x0, 0xa, 0x4, 0xfd}, [@algo_aead={0x4e, 0x12, {{'rfc4106(gcm(aes))\x00'}, 0x10, 0x60, "25ca"}}]}, 0x140}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000024000/0x18000)=nil, &(0x7f0000000200)=[@text16={0x10, &(0x7f0000000280)="66b9800000c00f326635010000000f3064660f38828e4258660f086766c744240012e93bf96766c7442402010000006766c744240600000000670f011c2466b9800000c00f326635002000000f300f01df66b80500000066b900200000a90a000f01c40f019f09000f01c2", 0x6b}], 0x1, 0x7d, 0x0, 0x0)
read$msr(0xffffffffffffffff, &(0x7f0000002700)=""/102392, 0x18ff8)
socket$kcm(0x10, 0x3, 0x10)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20000002)
syz_io_uring_setup(0xd2, &(0x7f00000000c0)={0x0, 0x0, 0x3010}, &(0x7f0000000040), &(0x7f0000000080))
sendto$inet6(r0, &(0x7f0000000300)="7800000018002507b9409b02ffff48000203be04020406050a08040c5c000900580004020a0000000d0085a168d0bf46d32345653600648d270016000a09000049935ade4a460c89b6ec0cff3959547f509058ba86c902007a00004a320004070b0015000a0000000000e000e218d1dd3b6ed538640f3250", 0x78, 0x0, 0x0, 0x0)

7.956180975s ago: executing program 0 (id=335):
syz_usb_connect(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x141, 0x48, 0x13, 0x44, 0x20, 0x424, 0x7500, 0x69ee, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0xb8, 0x7, 0x2, 0x96, 0xd1, 0xca, 0x0, [], [{{0x9, 0x5, 0x6, 0x2, 0x200, 0xd, 0x0, 0x6}}, {{0x9, 0x5, 0x82, 0x2, 0x200, 0x0, 0x1, 0x10}}]}}]}}]}}, 0x0)
r0 = socket$inet6_dccp(0xa, 0x6, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x12, &(0x7f0000005540)=0xe593, 0x4)
pipe2$9p(&(0x7f0000000000), 0x4800)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_RTHDRDSTOPTS(r1, 0x29, 0x37, &(0x7f0000001040), 0x8)
getsockopt$inet6_opts(r1, 0x29, 0x37, 0x0, &(0x7f0000001000))

6.133739554s ago: executing program 0 (id=339):
syz_usb_connect(0x0, 0x3d, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x18, 0xb2, 0xfc, 0x20, 0xbb4, 0xa52, 0xe078, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2b, 0x1, 0x4, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x14, 0x0, 0x2, 0xce, 0x6c, 0x8c, 0x0, [], [{{0x9, 0x5, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, [@generic={0x7, 0x5, "e37e1b82e6"}]}}, {{0x9, 0x5, 0xb, 0x2}}]}}]}}]}}, 0x0)
syz_usb_connect$uac1(0x0, 0xa5, &(0x7f0000000a00)=ANY=[@ANYBLOB="12010000000000106b1d01014000010203010902930003010000000904000000010100000a2401000000020102132406000006000000000000000000000000000924030400000000000924050000f8431cfd0924030003070004fc0624050400fd09040100000102000009040101010102000009050109000000000007250100000000090402000001020000090402010101020000090582"], 0x0)

5.235494385s ago: executing program 1 (id=340):
r0 = socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0xd, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000047733757000000000000000085000000ba00000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x17fe, @void, @value}, 0x94)
r1 = socket(0x22, 0x2, 0x3)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x12, &(0x7f0000000140)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000660000000000000018000000000000000000000000000000950000000000000018010000202070250000000000202020db1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b502000050000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0xce, &(0x7f0000000340)=""/206, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
getsockopt$nfc_llcp(r1, 0x6a, 0x0, 0x0, 0x1000000000000)
ioperm(0x0, 0xab4d, 0x8)
setsockopt$inet6_MCAST_JOIN_GROUP(r1, 0x29, 0x2a, &(0x7f0000000100)={0xfffffff7, {{0xa, 0x4e22, 0xffffffff, @local, 0x81}}}, 0x88)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000000c0)=ANY=[@ANYBLOB="3c0000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001c0012800b00010062212ed3d05d2327030002800500290003000000"], 0x3c}}, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="2eec0a0009000070e2db620ba046a7d4574c71cc0000357b72", 0x19}], 0x1}, 0x20000000)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)=ANY=[], 0x20)
r2 = syz_usb_connect(0x0, 0x24, &(0x7f0000000280)=ANY=[@ANYBLOB="12010000d3750820c80a2103be6f000000010902120001000000000904"], 0x0)
ioctl$sock_rose_SIOCDELRT(r1, 0x890c, &(0x7f0000000200)={@dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x7, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={'nr', 0x0}, 0x6, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @null, @null, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @null]})
syz_usb_control_io$cdc_ecm(r2, 0x0, &(0x7f0000000540)={0x10, &(0x7f00000025c0)=ANY=[], 0x0, 0x0})
r3 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0)
sendmsg$key(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000440)={0x2, 0x6, 0xd8, 0x9, 0x1e, 0x0, 0x70bd27, 0x25dfdbff, [@sadb_spirange={0x2, 0x10, 0x4d5, 0x4d5}, @sadb_x_nat_t_port={0x1, 0x15, 0x4e24}, @sadb_x_policy={0x8, 0x12, 0x4, 0x3, 0x0, 0x6e6bb5, 0x74a, {0x6, 0x33, 0x4, 0xd, 0x0, 0x10000, 0x0, @in6=@mcast1, @in=@rand_addr=0x64010100}}, @sadb_x_sa2={0x2, 0x13, 0x36, 0x0, 0x0, 0x70bd2a}, @sadb_x_policy={0x8, 0x12, 0x3, 0x0, 0x0, 0x6e6bb1, 0xd39b, {0x6, 0x6c, 0x5, 0xb, 0x0, 0x8001, 0x0, @in6=@private0, @in6=@mcast1}}, @sadb_x_kmaddress={0x5, 0x19, 0x0, @in={0x2, 0x4e23, @local}, @in={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x22}}}, @sadb_x_sa2={0x2, 0x13, 0x9, 0x0, 0x0, 0x70bd28, 0x3506}]}, 0xf0}}, 0x40)
syz_usb_control_io(r2, 0x0, 0x0)

3.969617459s ago: executing program 2 (id=342):
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000080)='rpc_stats_latency\x00', r1, 0x0, 0x40000000}, 0x18)
sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x20, &(0x7f0000002580)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140000002500010000000000f100000006"], 0x14}], 0x1, 0x0, 0x0, 0x400048c0}, 0x0)

3.391545192s ago: executing program 2 (id=344):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@xino_on}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) (fail_nth: 26)

2.913434023s ago: executing program 2 (id=345):
ioctl$TCSETAF(0xffffffffffffffff, 0x5408, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000001340)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000ffffffff7a0af0fff8ffff5979a4f0ff00000000b7060000ffffffff2d6405000000000065040400014741001404000001007d60b7030000000000006a0a00fe40000900850000001f000000b70000000004000095000000000000006623848adf1dc9a7645100b2ffbdb0ab51a064e0ff0c9b27a26293fddf0180000071ff31f1622271d5518193e09483c5a020c334f8c76334d8ce8303b01ddaa52e8756ad60a07d6f27c125e16d024098f755d8583da60f27c162dbba0700002ac9170f50f2568836077b7f711a18ebf608d87b885297b6a79819782748b376358c33c9f53bfd989b1ca58949a54d5827df14faecea46408a05d572077f1252fbb72c3d099c501bc4ded6fca17a3447222c95edb47b77aafa63b9dd5fa5c53e9cf53ce129a9ecd3b4dd15100f2b450f98526a0d8cac7c97fc2f64015306a1bd7e43fe1ca8345710fb6379b4c53cf55eefb4c0974486a8d25a363adbd83b49e13fbd1777b27020bd9b8cff3f48c9411670c34f23ab8caf7851b290feb3045a1b622f20c4383a0280f040de7667f8b1d0842835e81c358ebe73af41e5b5b924275cb1749289b44e9728e7a73f148ac8206afe120c1437490d99000000110000fdffffffffffffffaf580278e1342aabd1b623f6c4f128858e4eb6b42f2173184c2b99b645f6ec0e14e5d7c95a0008000000f30f6c0000000000ff0000b8f5001a1d2a34dc0973ec302bc23211d3e3b6e6dad65a51e5497a3419cecec38126247b2f113ad4c7915c8f82c333a7b350802f03b0057010d1ed50c18411aa6900daccc02f4ba4b078f07e41f781eee222c7d071d5a94d82ca9a0846c1af59cee16639b4970f8f0a82c6a712fd5722d637d406160ffaffffffb4e0bde6749aa52c408b74251914c5d3255fd88a42e7ebb69ebcd8eee623e51dbb1f1b548c91a6825c0686fdc16be1cbb72c217fda18bd746253ca66093daf35923300b600000000ac376e0a4649a8a84e1d293a6b109c5e59b366bca5cc3d936c53d4a48c05099e6fc36d5aa23bff8cce0600fcff00000300a568a8532623d12b40b50ac26f2e8255470a04bfbe7acb581b90991d965a01d1f84cb6b973558e1e3f8118c77ccf0b3c6eb6443870004da10c75723b65f83769ad1f0e4ef6b9ef1cec23264fd8fdac6264af1cb467020bdc12b797b6c156c439105829d2ae1c45f7cfa40df68fd36a03353a55a8a89b60317cd78ea1dc8e0f77f2c1e68ec7c01bd5a2028a8fc107007f3deb1f200abe1f753754678dae8b4e3ba3d086d4b95dfc5817e3dafae2d38b522f842cc750399d90296171fdb1e05882f8a4b8fbd219ccac3a895828b4f22b6527ce31ceb02b7b2beaf4510134552f0b076b168394f8417f25cc82ae04007193cbe69de8bf35e4bebd15412426b2e20ab1f05fc44be9ae094c1b81d3ef947692b44d2afb09c7498dedf0f87c38bbcab7357836f03e8a7c392e535694a3ead2de11e6b1781e2a018c0ada7bc7f0eb2d678f23c07ac341fda2e563ee95085742f5fee9f95f4741b226e428d20b00bc140000e4b2f5efd0a0b1ceba000830ba8634b5aa26bdbe91614e92fae3c7349531df9bf4c01ebf5d8eb7d53e5f30647661623fbdb3f60033fc32f68ea86a2df1e76fe27dfdff1cf9194849c4cc0da9533e5983693e526a7dc0d8728f3b573ca4427bdb44df9341e9b8050e896598a156c935c800436a312e7ae3c011e46851ac599f0427729ab9c55ae0ab4c0000000000000000000000000000c87bcc2ac5aed9247b51d92e0993af4beaf1f3f47dcdfab9165f98155d93e383d6b85158b54675c1585037508c1e9461a1c3d1a6e2002045cae150a7016f1a90716eebbdf6afc4414d900be0bdf19f4a273f44f4357380b4387f1c8b104f0e406b2f04e5ed8c631be6411f9927fe9f6b43ec83412b7c5a676ceec8b454ebf6481c98e86b6933a02daea0b4ec0be5b3d916bd70208b4588626c277648475002e2c62681bd07331422a6e47bbd40857d52c4894944fae5c500000000000000ff00000000de784314b8fd419216b48d0f353c11ae185749fa9ac7dfa16bc5c23a23f74b17a7f1b2d799480f33faa3537a910d6ca02f48b0e69beb1119f106ea5919ffff72e17a5dc8c3d131d82f067e29dc39665dff39fb6347b374aaaf6e65efde3fc6202bf29ccfcb08caf18d668a462493aa82e76affba9c9af31d1c23237aa6eccfadfaf794bb1004c07b21ac6ed77718098b2f722bd05fea3561b86b2838a8de5b4f91d6aba95dc9f4464a024be4d0d8d04f5023e7e19e503624d39a43c7b310de519b40738ff9a623065c06d69d16d4a46ff300022fee47803989b7e916254e0fb9e1c8b07d8a4b8b692a75a32e6ed2caeaa7c258c47fe6143cd9e90b801eff78cd4e402374e0e4ca07b7f17254e3d2f0a2a1bac6fde8a15e3ef3588065524d41966fb3915e804c53201efee751ec294584d23d9008bdf046f55c030ab941a0b8723412127efb3eac0ccf68133c76770d5e7dabcc48d47685404cc540535ed70df75c24660d85f9c9a245185c7da217d1c3743db85db67b9b8a8f00af02367429f6f0b53c169c4356751bf68745dbde055e1722ae256ae53ae637a1431855d16dfa91d82a021a4b2dbb50bf6d59fdd0c9bc84cd7d544de2523b6ce8aaeb94bfba75079f7455204ccca02bd389d8409b2effe9b88e301ac4fe28752386a0678a3f54b2bdf56f927ddd6b0ac98b2b505f668597455ada51ba95ab852b49373a11ff153d20f3681f7a3a31dcd82474b51498f65e0601bcdd23acb4c01bcd2f3e1ad378d14c07d923087d3518369710b70ffb0b523dc4f00f275c381fe1c091e478b04d5e4a9f75b4072acb005a83c25625ab7a351a68977177e27a1bf112114eb10250c2b9dca234f8967f0439696a2345e747b5f1d8c4bec86d8e8f2eb121ea0159615e7d475d45837921c2c0c3f9e683ac8000214a657c9f5cb6dbb714487a9145e9d2918846e78072e0b8f6df849e7f5e3c7e92292c858570d210720102d509083e7af826d9d9f5e4fb389d782e26f243be0c05b9c60383ad28ea3d21466c8d87a4c9cf649315fbd62a6aa4188abb6d8d42785a4ae50157d76efb9c8df83b1c35daad5afaebc7756af1b80d92e8f96a6332e429f6939c230169307e92acd283063304bf6243a0e1f5487bbd54da9fed9bee94d374cc55333fb5c4760cc9ba610937c0f107ef6fbad781863a56897c93c7de1defeaefcef70692d3a8bbf7a4364eac7d608c69caec0f4df2"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000880), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x49)
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e27, 0x0, @local, 0xb}, 0x1c)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000300)={r3, 0xe0, &(0x7f0000000480)={0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
r5 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r4}, 0x4)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000840)={r5, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r6=>0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffd6e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x4)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="01000000a8db0000040000000100000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=r6], 0x50)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000140)={r7, 0x0, 0x0}, 0x20)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f00000003c0)=0x42)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000100)=0xff)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x6, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="1802ff0000000000009b052492c6f07e08b6e72f9c9e1a654c670b00000000000000008dc251f6dc7665573eef09b6c2d4f8a41e91b0fcd6b0bd49b923e0a446149cfdd921fd6964d44d1d8cf56a7a43a36e70d3c0da403c07718e4bc9feffef07351f1bd1a8434c21e0ccb17a054e7dddb38b82a785184477fd987146e9b80a00078d510000c8dab28a991b99dd506ab6ab2e3965ec7c0fbbeadbea00"/166], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x63, '\x00', 0x0, @xdp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f0000000180)={0x0, 0x1, 0xfffffcfa, @local}, 0x10)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)

2.854725331s ago: executing program 4 (id=346):
sendmsg$IPSET_CMD_RENAME(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB="200000000506010200000000000000000a00000109006e"], 0x20}, 0x1, 0x0, 0x0, 0x20004000}, 0x800)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r0 = socket$igmp6(0xa, 0x3, 0x2)
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}})
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r0, 0x8983, &(0x7f0000000300)={0x0, 'syzkaller1\x00'})
sendmsg$L2TP_CMD_SESSION_DELETE(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c0000fa", @ANYBLOB], 0x2c}, 0x1, 0x0, 0x0, 0xc100}, 0x0)
write$tun(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="06000000bbbbbbbbbbbbaaaaaaaaaabb88f5"], 0x72)
r2 = syz_open_procfs$pagemap(0x0, &(0x7f0000000040))
sched_setscheduler(0x0, 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write$binfmt_register(0xffffffffffffffff, 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="2400000076000907000000000800000007020000", @ANYRES32=0x0, @ANYBLOB="0c000d800800010021000000"], 0x24}, 0x1, 0x5502000000000000}, 0x0)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000140)=""/95)
r6 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_DISABLE_BEARER(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000380)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010028bd7000fcdbdf2501140020000000000241000000090013"], 0x2c}, 0x1, 0x0, 0x0, 0x40010}, 0x200c48a4)
fchdir(r3)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0x58, &(0x7f0000000480)}, 0x10)
sendmsg$nl_route_sched(r5, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24000000}, 0x8000)
writev(r2, &(0x7f0000000080)=[{&(0x7f0000000400)="2c2f4632e1a120a9bd5398fdfd2935b6db361213c8890f7a2ca46b9bffc0eb3170ac5e4c40553722961724063c57ec2c44b7d4066f965723ae50e7ba407ee4947983ec69709a697b2739b4f93d849ea8ddc508d4f91a004f26aefa9511c412e295837d1898d8f1c620cfc66065bffad075428a501b7971006c830a8bfa4dd8f27a134f72e4a8baafe4b8561471298d750d30065068afc1a564a3963b6bd4820a00d934297ee87cb2f31cced3bcfa80190ae4146da5fc5c7ece1ef67c6f510443a8a332ddbba0a293353c5770618a2c13aaa74eb30df12d8235f131f9752bbced732d53cb77badbf639d1e10bb02adf", 0xef}], 0x1)
r7 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$inet6_udp_int(r7, 0x11, 0x67, &(0x7f00000000c0)=0xc, 0x4)
sendmmsg$inet6(r7, &(0x7f0000004880)=[{{&(0x7f0000000380)={0xa, 0x4e22, 0x0, @mcast2={0xff, 0x2, '\x00', 0xa}, 0x9}, 0x1c, &(0x7f0000000540)=[{&(0x7f00000003c0)="a4de72125546e578", 0xdd86}, {&(0x7f0000000000)="5ccacfca73", 0x5}], 0x2}}], 0x1, 0x0)
r8 = syz_open_dev$vim2m(&(0x7f0000000100), 0x6, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r8, 0xc0d05605, &(0x7f0000000240)={0x1, @raw_data="a425e2f1a54d24f14742524760608d70566e425a6c36af37b33fac9d31c8a9c7044410d324b03e044e454d2092a62fea8f13441431ce248bfc73a6726ee61ba491d15d8f392ff66fe0b17f0e11f5d2367d5593205ab1efa97d40619a553e7da2518125b850a186ef691daa55c9e50ffaf6ddc25220ded32aeba4524cec1afbd17abba1d15ea05e97ed3dcad452db6e08a991e2c78b057f55de7fdeba7411ce65700c0a1ad7946ff7c355db87566e3e5abb7a37a06731ed19ddfa970bb58a27fd9fa194c092730319"})

2.759643249s ago: executing program 3 (id=347):
r0 = socket$netlink(0x10, 0x3, 0x4)
write(r0, 0x0, 0x0)
sendmsg$RDMA_NLDEV_CMD_PORT_GET(r0, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x800838}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x50, 0x1405, 0x100, 0x70bd26, 0x25dfdbff, "", [{{0x8}, {0x8, 0x3, 0x2}}, {{0x8}, {0x8, 0x3, 0x1}}, {{0x8, 0x1, 0x2}, {0x8, 0x3, 0x1}}, {{0x8, 0x1, 0x1}, {0x8, 0x3, 0x1}}]}, 0x50}, 0x1, 0x0, 0x0, 0x4}, 0xc000)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xc)
syz_clone(0x49000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_open_dev$cec(&(0x7f00000000c0), 0x0, 0x80042)
r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$UI_SET_MSCBIT(r1, 0x40045568, 0x2c)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r2=>0xffffffffffffffff}, './file0\x00'})
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000040)="b8189cc0318f18a934876bdb29705cd3167d8255077a463ef820a917fd15881df3a0f25437060df63060d04b3dfafe1bc3b468270fd0926090c31a648b619f867d4c33ae98f75b4abdbb5ea9013bdc9049d365de88822c01ee9492aae3a6b642f9c05f3f81e240b1f663e40b56f8bb8adc692e83b4f8092212", 0x79)

2.597547036s ago: executing program 3 (id=348):
io_setup(0x1, &(0x7f0000000000)=<r0=>0x0)
io_pgetevents(r0, 0x3, 0x1, &(0x7f0000000040)=[{}], &(0x7f0000000080)={0x77359400}, &(0x7f0000000100)={&(0x7f00000000c0)={[0x8]}, 0x8}) (async)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000140), r1) (async)
r3 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000180)='.pending_reads\x00', 0x220000, 0x0)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f00000001c0)=<r4=>0x0)
fcntl$lock(r3, 0x0, &(0x7f0000000200)={0x1, 0x0, 0x8a, 0x9, r4}) (async)
rt_sigsuspend(&(0x7f0000000240)={[0x9]}, 0x8) (async)
sendmsg$kcm(r3, &(0x7f0000000ac0)={0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000280)="a4f7b0a575402b5ccea70e50e5f5298c791db500045947172d2481b07a4979c7910cc59a9ba59d8cec64a080ce71de6768bdf04cc4424b1b9de55e123e1c28f2d301ae4a65dd95db92a6f5e03b22f34a90e9f8f7aba2a35ade57d87e17c87a158fa8ff8236be4eed78bec6b21815877c297339db5c98538f2887832bced51c482259391829b65ff4582d4e51ec10442f6f3d2d0cac9bdbf482431238a2935243ca238fea12411510501ed7ab65", 0xad}, {&(0x7f0000000340)="2d27e1", 0x3}, {&(0x7f0000000380)="dee1ba7958ccfded91f853bc88a31a4249ae102129b17f37f83a891db4cf6f591cc2aafd5bea4ffbdecfe7ac35ceac01c707544b3a12852db50da9d284e3b3f12841b16c", 0x44}, {&(0x7f0000000400)="5f001c6bf4088bf1f92e6d2bbfcab9583ca1e5cc2dd6dbc97467d5ce91d92c1d9234c02529", 0x25}, {&(0x7f0000000440)="8fba08973928bbbc6415870846f155c35ab93318cee1f9ee2e86fec29e8e8e55eb73c8a9ed518d94e3f486b988731b24bb9c26d777129ae2a79df28f3d92c94b648b55cf1a51bba2dba25702e6dd99d43364bfcded9bf32266e65d02a00ac16ea09c403ec8e543a559a146403c913432ea61cd795a787b492f68eed7dbe5234d59caa8933af48d08d31ac0b373cb69887c5b12e40b426c438b9ac573fce44be64f427d12f261ccd90ea290d7bb46d9ce68cc5e91f62e7850bd3e725b80ff0848175d3a0c62161360a485683f0af53dd35e50d27373bf580a29a8", 0xda}, {&(0x7f0000000540)="d26d2f9587036ca354992e12cab025ba195b807df297e67c4d843d152a6258c2c484ee99f8fb2503748ff430f513ea5139fb8ea3c8e96a9e435c7c19802915c6b4141d266315d48ea35bee398e2123610b51436277eb4f9bc697a0e190997e6a2ee85b50176acee6c7f88f0b33170f453d9723927bb87950cacb041ca33464c781783e72c050236d6d6a6500cd4f1af2ecce03babb39259cdb2460ce4b7448ee87f711c8c5f4736e3ab39d3c79f8d7cfd290", 0xb2}, {&(0x7f0000000600)="a8ff6bb80b5582e8aa68b3f60228d66ad4d1abbe5b81ca07c338add841e33adf6a04961d2fa1f557c4e911d36f8f2e5d248cdf471a8894edaeaf888caca4230be07e1e9bb8a6b3e74f8ccef4077ee96fa0f14b1f2598dd2cd6f1aba421b20d76417cc46f5287bf0a1d6dad5d349dca2b03b80f2dcdbc3550b47f0c9133de0a5ca3f881edc48bd200ddc01f1fe5fd56ab1c34a5b1c88a312629fc9aa9680645671581e21bc8baef56fa152becfc4b72cfa2aa19", 0xb3}, {&(0x7f00000006c0)="42c75dc65445f85cc325e5fca713e58bc4cc584119931726de9a13f2a10c87301aa3ab7a551d45d3f7a5d81f05675b98ecfe90eda88142ba7682652777297008545404fdbb0aabb2aeee9d6b86091c5a3a2e09366a991df5524683c251265ae7f8daea91454cca358c9537c16d9fe1c167270964436e46e1807a1d33eadac389423c97007b450659f1fcd67f045a904af182c48995acd9056ecc9e1a73aba38bc1739bc258387d83dafc54ac34b762b032a3a0d2d6f68b71f48b8934dd9049612950e2d9b3862c9d6a29bdf9e7887d8afba8ab", 0xd3}], 0x8, &(0x7f0000000840)=[{0x78, 0x115, 0x6, "103b3fe7b55df3434d281e90f4febbf233fcf0dcce08d8fe8d49d4b8d67c49da85a07bb42f876c793d09b61ef89e9234fea51f208ad9339255be4be97136071680d7b6a97a1522bbefc705b235fe88a0b044b9712f6a3b6c360d7967c2605595270d22f1f9fac5a4"}, {0x100, 0x10a, 0x9, "d36f2ca466fbca18bc83337f99278e513e4f7301bdb0700abfd48d1c2b768b2c3eb212be8a3df6ddb9a42fd805e18fb741fc511172009dbaa0ba0f0f3a91d4b68486877257ce1fe56f45bab7f7ccc4e95a945b2573cab917cb0ad37f0126746cdc4eb85b6053eeaeceff6b8f382db8f6dc4eaa17d9c6515f8f20520d323eb8ed39f3ac22165afa8fb59d4002111277a95834c02bb9fd571cc387a0c63b01505fc70edcbcdcddb3ee1a6aaf1996981f09ed9b80f0bae675cfc59928290309e5a20d2911642537a541c2c54cc55bc884b3242cb1beb73deff8b6ccd636c1da165e98d6c95f1378670cfcab63fe89"}, {0xe8, 0x84, 0x3, "4c8f5c828b1b45ec21234eddf5453874d40ceb550de20d19f6b427b424002a21b0156396180a5df4e69257e28b289b4b84fd61e0144d461a37a793d0579282e3cefcbf0b8b70f1e01fa4ea7e94cce88302e117e47f178ee6d9b43f90332505bcbd51f64fd61232fbce1fc52e791ac5103cda1c312d67fa005efd229a8391ece9256f3b9f4c50a054c25a1fbcf1f95a416e927afa1596757a50eeb539b27c0857d10eb9f7d14d02953b33ede09a3128c9f63737334452fd75eb2220465940b7d9079b4e2111c9c83cc0dbc4910b61ae71ff04a32a"}, {0x18, 0x116, 0x4, "8f"}], 0x278}, 0x10) (async)
sendmsg$NFNL_MSG_ACCT_NEW(r3, &(0x7f0000000c00)={&(0x7f0000000b00)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000bc0)={&(0x7f0000000b40)={0x70, 0x0, 0x7, 0x301, 0x0, 0x0, {0x5}, [@NFACCT_QUOTA={0xc, 0x6, 0x1, 0x0, 0x400}, @NFACCT_FILTER={0x2c, 0x7, 0x0, 0x1, [@NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x6}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x7}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x6}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x3}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x40}]}, @NFACCT_BYTES={0xc, 0x3, 0x1, 0x0, 0x8}, @NFACCT_PKTS={0xc, 0x2, 0x1, 0x0, 0x3ff}, @NFACCT_QUOTA={0xc, 0x6, 0x1, 0x0, 0xf4}]}, 0x70}, 0x1, 0x0, 0x0, 0x1040}, 0x800)
clock_gettime(0x0, &(0x7f0000000c80)={<r5=>0x0, <r6=>0x0}) (async)
clock_gettime(0x0, &(0x7f0000000cc0)={<r7=>0x0, <r8=>0x0})
utimes(&(0x7f0000000c40)='./file0\x00', &(0x7f0000000d00)={{r5, r6/1000+10000}, {r7, r8/1000+60000}}) (async)
r9 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000d80), r1) (async)
ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000dc0)={'wpan3\x00', <r10=>0x0}) (async)
ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000e00)={'wpan0\x00', <r11=>0x0})
ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000e40)={'wpan4\x00', <r12=>0x0})
ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000e80)={'wpan1\x00', <r13=>0x0})
sendmsg$NL802154_CMD_GET_SEC_DEVKEY(r1, &(0x7f0000000f80)={&(0x7f0000000d40)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000f40)={&(0x7f0000000ec0)={0x50, r9, 0x100, 0x70bd28, 0x25dfdbff, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r10}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r11}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r12}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r13}]}, 0x50}, 0x1, 0x0, 0x0, 0x35}, 0x200000c1) (async)
pselect6(0x40, &(0x7f0000000fc0)={0x1, 0x81, 0xe000000000000000, 0x80000000, 0x6, 0xc6f, 0x40, 0xf80c}, &(0x7f0000001000)={0x8000, 0xffffffffffff31f1, 0x8000, 0x7fff, 0xca, 0x26e, 0x5, 0xff}, &(0x7f0000001040)={0x1000, 0x1, 0x7, 0x3, 0xffffffffffffffff, 0x6, 0x5, 0x8000}, &(0x7f0000001080)={0x0, 0x3938700}, &(0x7f0000001100)={&(0x7f00000010c0)={[0x5]}, 0x8})
r14 = syz_open_dev$vcsu(&(0x7f0000001140), 0x4, 0x2001)
ioctl(r14, 0x2, &(0x7f0000001180))
ioctl$SNDCTL_DSP_GETODELAY(r3, 0x80045017, &(0x7f00000011c0)) (async)
r15 = syz_open_dev$vcsn(&(0x7f00000014c0), 0xff, 0x200)
bpf$PROG_LOAD(0x5, &(0x7f00000015c0)={0x13, 0x21, &(0x7f0000001200)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x596f5ae2}, {{0x18, 0x1, 0x1, 0x0, 0x1}}, {}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r14}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x5f6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @generic={0x6, 0x3, 0x0, 0x8, 0x4}, @printk={@llu, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x6}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}}}, &(0x7f0000001340)='syzkaller\x00', 0x10001, 0xbd, &(0x7f0000001380)=""/189, 0x40f00, 0x43, '\x00', 0x0, @fallback=0xd, r3, 0x8, &(0x7f0000001440)={0x7, 0x1}, 0x8, 0x10, &(0x7f0000001480)={0x1, 0xc, 0xff, 0x4}, 0x10, 0xffffffffffffffff, r14, 0x5, &(0x7f0000001500)=[r15], &(0x7f0000001540)=[{0x3, 0x5, 0x9, 0x7}, {0x3, 0x4, 0x10, 0x2}, {0x4, 0x1, 0x9, 0x3}, {0x1, 0x4, 0x7, 0x6}, {0x1, 0x3, 0x8, 0x8}], 0x10, 0xee, @void, @value}, 0x94) (async)
ppoll(&(0x7f0000001680)=[{r15, 0x2008}, {r14}], 0x2, &(0x7f00000016c0)={0x0, 0x989680}, &(0x7f0000001700)={[0x8]}, 0x8) (async)
pidfd_getfd(r3, r15, 0x0) (async)
sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(r1, &(0x7f0000001800)={&(0x7f0000001740)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000017c0)={&(0x7f0000001780)={0x2c, r2, 0x300, 0x70bd2a, 0x25dfdbfd, {}, [@IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0102}}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0302}}]}, 0x2c}, 0x1, 0x0, 0x0, 0x804}, 0x800) (async)
write$sndseq(r15, &(0x7f0000001840)=[{0x6, 0xad, 0x4, 0x6, @tick=0x4d9c, {0x3, 0x4}, {0xff, 0x2}, @queue={0x40, {0xed8, 0xab3}}}, {0x0, 0x7, 0x4, 0x5, @tick=0x1, {0x9, 0x38}, {0xfe, 0x4}, @raw32={[0x400, 0x1, 0x2]}}], 0x38)
futex_waitv(&(0x7f0000001d80)=[{0xd98, &(0x7f0000001880)=0x7fff, 0x82}, {0xffff, &(0x7f00000018c0)=0x2, 0x2}, {0x3000, &(0x7f0000001900)=0x6, 0x2}, {0x9, &(0x7f0000001940)=0xad, 0x2}, {0x9, &(0x7f0000001980)=0x8, 0x82}, {0x9, &(0x7f00000019c0)=0x6ab4, 0x82}, {0x5, &(0x7f0000001a00)=0x2, 0x82}, {0x9, &(0x7f0000001a40)=0x10000, 0x2}, {0x9, &(0x7f0000001a80)=0x7, 0x2}, {0x80, &(0x7f0000001ac0), 0x82}, {0x8, &(0x7f0000001b00)=0x6, 0x82}, {0xfffffffffffffffe, &(0x7f0000001b40)=0xb0, 0x2}, {0x285f9207, &(0x7f0000001b80)=0x40, 0x2}, {0x8, &(0x7f0000001bc0)=0xa8, 0x82}, {0x100000001, &(0x7f0000001c00)=0x5, 0x82}, {0x3ff, &(0x7f0000001c40)=0x249c120000000000, 0x2}, {0x8a76, &(0x7f0000001c80)=0x9, 0x2}, {0xff, &(0x7f0000001cc0)=0x10, 0x2}, {0x8000, &(0x7f0000001d00)=0x5, 0x82}, {0x8, &(0x7f0000001d40)=0x2, 0x82}], 0x14, 0x0, &(0x7f0000001fc0), 0x0)

1.9400252s ago: executing program 4 (id=349):
r0 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040)='c:::\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)

1.887547218s ago: executing program 0 (id=350):
openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0xc200, 0x0)
r0 = socket(0x10, 0x3, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b000000000000000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000fdffffff850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x4)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=@newsa={0x140, 0x10, 0x1, 0x800000, 0x0, {{@in6=@dev={0xfe, 0x80, '\x00', 0x1e}, @in6=@rand_addr=' \x01\x00', 0x0, 0x0, 0x0, 0x1ff, 0xa, 0x0, 0x0, 0x0, 0x0, 0xee00}, {@in=@loopback, 0xfe, 0x32}, @in=@multicast2, {0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x2}, {0x80000000, 0x853f, 0x0, 0x7}, {}, 0x70bd26, 0x0, 0xa, 0x4, 0xfd}, [@algo_aead={0x4e, 0x12, {{'rfc4106(gcm(aes))\x00'}, 0x10, 0x60, "25ca"}}]}, 0x140}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000024000/0x18000)=nil, &(0x7f0000000200)=[@text16={0x10, &(0x7f0000000280)="66b9800000c00f326635010000000f3064660f38828e4258660f086766c744240012e93bf96766c7442402010000006766c744240600000000670f011c2466b9800000c00f326635002000000f300f01df66b80500000066b900200000a90a000f01c40f019f09000f01c2", 0x6b}], 0x1, 0x7d, 0x0, 0x0)
read$msr(0xffffffffffffffff, &(0x7f0000002700)=""/102392, 0x18ff8)
socket$kcm(0x10, 0x3, 0x10)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20000002)
syz_io_uring_setup(0xd2, &(0x7f00000000c0)={0x0, 0x0, 0x3010}, &(0x7f0000000040), &(0x7f0000000080))
sendto$inet6(r0, &(0x7f0000000300)="7800000018002507b9409b02ffff48000203be04020406050a08040c5c000900580004020a0000000d0085a168d0bf46d32345653600648d270016000a09000049935ade4a460c89b6ec0cff3959547f509058ba86c902007a00004a320004070b0015000a0000000000e000e218d1dd3b6ed538640f3250", 0x78, 0x0, 0x0, 0x0)

1.855419304s ago: executing program 2 (id=351):
ioprio_set$uid(0x0, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) (async)
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan0\x00'}) (async)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_KEY(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="090000000000feffffff0a00000008000300", @ANYRES32=r2, @ANYBLOB="140050800500090002000000050002"], 0x3c}}, 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r3, 0x1, 0x2f, &(0x7f0000000340), 0x4) (async)
setsockopt$sock_int(r3, 0x1, 0x2f, &(0x7f0000000340), 0x4)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000840)=ANY=[@ANYBLOB="202c00090027bd700000000000060000000c000000000000000000000007e0a90ea62ccbf2d4d7b366c2ad4867747a492f5becef7163da9182de2d739234e0f708194de2e33496393d2d0b1e1244b1253a45495b81e4ed980fc9e01a000000"], 0x20}, 0x1, 0x0, 0x0, 0x26000000}, 0x0)
io_uring_setup(0x29ea, &(0x7f0000000480)={0x0, 0x0, 0x2}) (async)
r5 = io_uring_setup(0x29ea, &(0x7f0000000480)={0x0, 0x0, 0x2})
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r5, 0x13, &(0x7f0000000080), 0x2) (async)
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r5, 0x13, &(0x7f0000000080), 0x2)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x7, &(0x7f00000003c0)=0x85, 0x4)
bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e21, @local}, 0x10)
connect$inet(r3, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
recvmsg(r3, &(0x7f00000033c0)={&(0x7f00000002c0)=@ethernet={0x0, @dev}, 0x80, &(0x7f0000002040)=[{&(0x7f0000000080)=""/49, 0x31}, {&(0x7f0000000f80)=""/4096, 0x1000}, {0x0}, {&(0x7f0000000100)=""/102, 0x66}, {&(0x7f00000021c0)=""/4096, 0x1000}], 0x5, &(0x7f0000000740)=""/190, 0xbe}, 0x0)
r6 = gettid()
socket$inet_dccp(0x2, 0x6, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
sendmmsg$unix(r9, &(0x7f00000bd000), 0x318, 0x0)
ioctl$int_in(r7, 0x5452, &(0x7f0000000180)=0xffffffffffffffff) (async)
ioctl$int_in(r7, 0x5452, &(0x7f0000000180)=0xffffffffffffffff)
r10 = accept$packet(0xffffffffffffffff, &(0x7f0000000800)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000380)=0x14)
setsockopt$packet_fanout_data(r10, 0x107, 0x16, &(0x7f0000000400)={0x9, &(0x7f00000008c0)=[{0x2, 0x5, 0xd, 0x4}, {0x4, 0x9e, 0x4, 0x7}, {0xfff9, 0x6, 0x0, 0x8}, {0x1, 0x6, 0x6, 0x1}, {0x2cef, 0x8, 0x15, 0x5}, {0x3, 0x5, 0x3}, {0x3, 0x51, 0x1, 0x2}, {0x4, 0x7, 0xc}, {0x3ff, 0xbd, 0xd9, 0x7fffffff}]}, 0x10)
fcntl$setsig(r4, 0xa, 0x12) (async)
fcntl$setsig(r4, 0xa, 0x12)
socket$nl_route(0x10, 0x3, 0x0) (async)
r11 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r11, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[], 0x24}}, 0x200080c4)
sendmsg$nl_route(r11, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)=ANY=[@ANYBLOB="2000000069000b00000000000a00000000000000000000000800010002"], 0x20}, 0x1, 0x0, 0x0, 0x200008c4}, 0x0)
ppoll(&(0x7f0000000100)=[{r8}], 0x1, 0x0, 0x0, 0x0)
dup2(r7, r8)
fcntl$setown(r8, 0x8, r6) (async)
fcntl$setown(r8, 0x8, r6)

1.760042088s ago: executing program 3 (id=352):
r0 = socket$netlink(0x10, 0x3, 0x10)
writev(r0, &(0x7f0000000300)=[{&(0x7f0000000080)="580000001500192340834b80040d8c560aff820fffff5bab003a0000002058000b4824ca945f6400940f6a0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100030c100000000000224e0000", 0x58}], 0x1)

1.575588451s ago: executing program 3 (id=353):
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffe57, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0) (async)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/notes', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x1000000000004) (async)
connect$caif(r2, &(0x7f0000000080), 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x10) (async)
ioctl$VIDIOC_ENUMAUDOUT(0xffffffffffffffff, 0xc0345642, &(0x7f0000000000)={0x9, "a8d44a766e5bf368e887bfa3773a10d7307381946e1a0a7f64190187d4d30358", 0x2}) (async)
openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x410400, 0x0) (async)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000fd7000/0x18000)=nil, &(0x7f0000005700)=[@text32={0x20, 0x0}], 0x1, 0xc, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r6 = fsopen(&(0x7f0000000040)='nfsd\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0) (async, rerun: 32)
r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) (rerun: 32)
close_range(r7, 0xffffffffffffffff, 0x0)

1.485556842s ago: executing program 2 (id=354):
syz_usb_connect(0x2, 0x0, 0x0, 0x0)
r0 = creat(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x400, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000400)=ANY=[@ANYBLOB="1c009595580000012bfd7000fedbdfca6f6d89f2f54addeeef541dc3f08100"/44], 0x1c}}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'lo\x00', <r6=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000007c0)=@newtfilter={0xbf4, 0x2c, 0x200, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, r6, {0xffe0, 0xfff1}, {0xf, 0xfff3}, {0x4, 0xffe0}}, [@TCA_RATE={0x6, 0x5, {0x6, 0x6}}, @filter_kind_options=@f_fw={{0x7}, {0xc, 0x2, [@TCA_FW_MASK={0x8, 0x5, 0x6}]}}, @filter_kind_options=@f_basic={{0xa}, {0x18, 0x2, [@TCA_BASIC_EMATCHES={0x14, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x1ff}}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x200}}]}]}}, @filter_kind_options=@f_bpf={{0x8}, {0xb88, 0x2, [@TCA_BPF_FLAGS={0x8, 0x8, 0x1}, @TCA_BPF_OPS={{0x6, 0x4, 0x6}, {0x34, 0x5, [{0x9, 0x6, 0x0, 0x80000000}, {0x4, 0x7, 0xa5, 0x7}, {0xc334, 0x4, 0xa, 0x7f}, {0x7, 0x19, 0x1, 0x26cb}, {0x7, 0x7, 0x2, 0x6}, {0xa07, 0x1, 0x60, 0x5}]}}, @TCA_BPF_ACT={0x2c4, 0x1, [@m_mpls={0x10c, 0x8, 0x0, 0x0, {{0x9}, {0x6c, 0x2, 0x0, 0x1, [@TCA_MPLS_PARMS={0x1c, 0x2, {{0x2, 0x4e4, 0xffffffffffffffff, 0xc, 0x7ff}, 0x3}}, @TCA_MPLS_LABEL={0x8, 0x5, 0x6e757}, @TCA_MPLS_TTL={0x5, 0x7, 0x9}, @TCA_MPLS_PROTO={0x6, 0x4, 0x9}, @TCA_MPLS_BOS={0x5}, @TCA_MPLS_BOS={0x5}, @TCA_MPLS_PARMS={0x1c, 0x2, {{0x3, 0x200, 0xffffffffffffffff, 0x7, 0x4}, 0x3}}, @TCA_MPLS_TTL={0x5, 0x7, 0x4}]}, {0x76, 0x6, "821f1b5b9d70cff0ea98a64931520fb4a80ad56cf1dec7e2b1e51aabf872275b85ad8e5f529b6477fc887ec4e82b2353095da693ea18afe37b73cdab363524bf478b1a9b199d21a59eacf8f34845d282a5ea2fce168ee25b1e2d95b3250f52ef273a4c27584f9081a1c52126a5e550083438"}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}, @m_sample={0x98, 0xd, 0x0, 0x0, {{0xb}, {0xc, 0x2, 0x0, 0x1, [@TCA_SAMPLE_TRUNC_SIZE={0x8, 0x4, 0x3}]}, {0x63, 0x6, "011a8ec7478110cdf78f1b9c2a4022d0f01ebe9d72b30984ea4e23c0214da2cc95ea881c997f2783c7d83652f5a0e3ce66ee211c35756be5d921b806b3a8c5af2dc7432409580e88b571afb3cb4ea1f9f38cbe7b823b675a36983b4507efdb"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3}}}}, @m_vlan={0x11c, 0x1b, 0x0, 0x0, {{0x9}, {0x54, 0x2, 0x0, 0x1, [@TCA_VLAN_PUSH_VLAN_PRIORITY={0x5, 0x6, 0x1}, @TCA_VLAN_PARMS={0x1c, 0x2, {{0x3, 0x3, 0x6463c1773399a7f, 0x100, 0x2}, 0x1}}, @TCA_VLAN_PUSH_VLAN_PRIORITY={0x5, 0x6, 0x7}, @TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0x33d}, @TCA_VLAN_PARMS={0x1c, 0x2, {{0x7f, 0xa, 0x6, 0x0, 0x8e4}, 0x1}}]}, {0x9d, 0x6, "05f9787719892377ace355eb43d115e0973438d21dd76f256ff36f3ab13f07ed7ff1b31e8c6146672361b2c031600dabf2754d1a60c31b1b55abca5b3af2d7aa02e44019e423ebc12cf7eda2abee796e9056f97dcd040f3cc11a86a09a690e4d4dd5d35e7a8c523b64c5ec1b9474c6ba32218736754f5fe8873d85d75c04d848e6fb1c5de632bd5bc0aee062447b77e5e077994e4de8e9abd1"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x6}}}}]}, @TCA_BPF_ACT={0x874, 0x1, [@m_ctinfo={0x124, 0x8, 0x0, 0x0, {{0xb}, {0xc, 0x2, 0x0, 0x1, [@TCA_CTINFO_PARMS_CPMARK_MASK={0x8, 0x7, 0x8}]}, {0xee, 0x6, "63bf6552de7c8d61ca1d5bff00e94e33575660df349e5c789fd09d19d8707d713b94963f2c72d5e1713d56915ae96942333f6df3aa98d2bbded87b1d6249583a068f3e7319d8853af0e924600d6affc874ff7511ffd266acd3cff9e857d09be407d06f864bc46a7ccf2b4921f880b19a11635504371dce14cf8d7418310efbc4a479e3d77063cb48d1abd07ab22300009cc2341467e1eb1f1a4564eefaa5cd740b54e4abb80628cf3f1c6fabf7979c02b51d280df3f68400cbadd353afdcd2a12a269d027f7af0e3cbba9851550190af5afe2e107eae8729bdb7fa949135c5231f1784a62da7e7a353d4"}, {0xc}, {0xc, 0x8, {0x2, 0x3}}}}, @m_skbmod={0x138, 0xa, 0x0, 0x0, {{0xb}, {0x10, 0x2, 0x0, 0x1, [@TCA_SKBMOD_DMAC={0xa, 0x3, @remote}]}, {0xff, 0x6, "19130a7d684f1f234db792175bce50bda688a15682307b3a6a3d7f4fed26f0b257ab95a98e4613f6e34ac2d1ddf28096ca8914b0f7ff831319fb18ef2217d0626661f5e3aab7d40d47058ea25586a7a7f96526a98644627c0a7dee51224870f40bfce6546fcf6b10ce64f150410cf1d5be15150bc5b21b458d36cf6e12b2f2ae80786300caa186e40cc7b7769b9efe9917c949f0f9e88139c4376656643e51c9e19fc8798dfbd5fe90157521e47029e80c32181bf36119c5db0a7c31b30ef0ce8fd8831e0ea7a55d8e6df6423d6ebf7ec2e46ca1827648606861b0021d51f44a5b0caa0c3e2aed435e935ae233be9b8a99ee64625f2600e6240a8e"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x1, 0x1}}}}, @m_nat={0x108, 0x0, 0x0, 0x0, {{0x8}, {0x7c, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{0x9, 0x200, 0x0, 0x0, 0xa}, @private=0xa010100, @multicast2, 0xffffff00}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x8, 0xfffffffd, 0x6, 0xd7e, 0x8e07}, @remote, @multicast2, 0x0, 0x1}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x2, 0x7, 0x5, 0x4, 0x6}, @multicast2, @local, 0xff000000, 0x1}}]}, {0x67, 0x6, "7e101aee597c7eccb7eb1e44c3a13534860113ceb5c30df79dcb79a20f735331e11cd214df98e51cc463e792654203f8bab6b193cdacf3796b8b599467e7a43ef2258fa756ddb20e401b0b49037ad4ed055db43605d3dc9fe33cbb996451a83d26bd50"}, {0xc}, {0xc, 0x8, {0x3, 0x3}}}}, @m_tunnel_key={0x7c, 0x10, 0x0, 0x0, {{0xf}, {0x18, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_ENC_IPV6_DST={0x14, 0x6, @remote}]}, {0x37, 0x6, "bf88c30130a9fa9e8920ba787f429c151cffc68b00ce128585cc8799b46bbbde4b59f558d9f9569a42a69e5267f0102ab6f968"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x1, 0x1}}}}, @m_gact={0x84, 0x1a, 0x0, 0x0, {{0x9}, {0x40, 0x2, 0x0, 0x1, [@TCA_GACT_PROB={0xc, 0x3, {0x2, 0x743, 0x4}}, @TCA_GACT_PARMS={0x18, 0x2, {0x2, 0x1, 0x2, 0x656, 0x10001}}, @TCA_GACT_PARMS={0x18, 0x2, {0x3, 0x6, 0x7, 0x6, 0x3}}]}, {0x19, 0x6, "3368fbbe41e8e666276c7786ff9990cd905db69794"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}, @m_bpf={0x180, 0xf, 0x0, 0x0, {{0x8}, {0x60, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_NAME={0xc, 0x6, './file0\x00'}, @TCA_ACT_BPF_NAME={0xc, 0x6, './file0\x00'}, @TCA_ACT_BPF_PARMS={0x18, 0x2, {0x7fffffff, 0x94, 0x0, 0x1, 0x7}}, @TCA_ACT_BPF_FD={0x8, 0x5, r3}, @TCA_ACT_BPF_NAME={0xc, 0x6, './file0\x00'}, @TCA_ACT_BPF_OPS_LEN={0x6}, @TCA_ACT_BPF_FD={0x8, 0x5, r4}, @TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x5}]}, {0xf9, 0x6, "bc38f451a696dd9c5515c2891567c835dc6e758b3c4da513aec918b28bf59fe912719e8a3fa84625e9677fcafa95849aed4bc66b84c9f6cace02637c4f0ca1d045a0d20e98fddce17c05c68634cb00809da35bd692f3c132057ddb572704abca0efeddc902924a8342f0834387259d7a18a2c26f9b1fae6a728aa6712ecaacc4f575bdaf6c53ae4a97eb36e99574feaf6e4ecfa3b95bd9027ecf15bbc2becf44b1df63f3a33024df4b395adfbb70724884b14442ddcb92259c6b896bb70f79a70acb4a17c9068d3ef5dc31394fd7c25072586ccd51aa8a56ede769181723bc5d3567f14bb2b5929a44660d2d0b0f776c5ed3707bc5"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}, @m_nat={0x1a4, 0x1c, 0x0, 0x0, {{0x8}, {0x144, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{0x0, 0x2, 0x4, 0xf854, 0x7}, @remote, @local, 0xffffffff}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x800, 0xf69f, 0x20000000, 0x3ff, 0x200}, @rand_addr=0x64010101, @rand_addr=0x64010101, 0xff000000}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x9, 0x1, 0xffffffffdffffffe, 0x64, 0x80000001}, @remote, @initdev={0xac, 0x1e, 0x1, 0x0}, 0xff000000}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x1, 0x2, 0x2, 0x4}, @empty, @empty, 0x0, 0x1}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x8, 0x200, 0x6, 0x9, 0x9}, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1, 0xffffff00, 0x1}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x3, 0xffff9799, 0x5, 0x1, 0x3}, @local, @empty}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x0, 0x0, 0x8, 0x1}, @private=0xa010102, @initdev={0xac, 0x1e, 0x1, 0x0}, 0xff000000, 0x1}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x1, 0x80000000, 0x0, 0x4, 0x5}, @initdev={0xac, 0x1e, 0x0, 0x0}, @dev={0xac, 0x14, 0x14, 0xb}, 0xff000000}}]}, {0x3c, 0x6, "024df3f53a9901e18fcdf503731826562cae254924657c4445ac8d21011aa1160f8424ef1a1eeece036f01812da6f429795271f8c68a6623"}, {0xc}, {0xc, 0x8, {0x2, 0x1}}}}, @m_csum={0xe8, 0x1, 0x0, 0x0, {{0x9}, {0x58, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0x2, 0x0, 0xffffffffffffffff, 0x7, 0x7}, 0x4c}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x4f1, 0x45, 0x2, 0x6, 0x6}, 0x43}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0xad, 0x3, 0x0, 0x7, 0x8}, 0x66}}]}, {0x67, 0x6, "21b73bc7ee9399f0f6acdb2925c5bcebde28940ea53c96a86aa790e05f674ba980af7685b2257cb04caa01fceae1ec6fa5fdcc605feb0a4f2d9b0e6caf1bd44d15d11d812893354932f7709531b9b7308d649a186f01955d00fc2a008df852f2a4f21b"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x966caf1c4b704afb}}}}]}, @TCA_BPF_FLAGS_GEN={0x8, 0x9, 0x7}]}}]}, 0xbf4}}, 0x44080)
ioctl$FBIOPUTCMAP(r1, 0x4605, &(0x7f00000001c0)={0x0, 0x1, &(0x7f00000000c0)=[0x1138], &(0x7f0000000100), &(0x7f0000000140), 0x0})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r7 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r7, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r8 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r8, 0x0, 0x0)
ioctl$RFKILL_IOC_MAX_SIZE(r0, 0x2, &(0x7f0000000100)=0x4)
r9 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0xd, 0x110, r9, 0x0)
r10 = socket(0x10, 0x803, 0x0)
syz_emit_ethernet(0x66, &(0x7f00000002c0)=ANY=[@ANYBLOB="bb86dd60f4b90600303a01fc010000000000000000000000000000ff020000000000000000000000000001020090780000000060000000400033000000000000000000000000000000000100"/91], 0x0)
sendmsg$nl_route(r10, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3800000056000100000000000000000007020000", @ANYRES32, @ANYBLOB="200001"], 0x38}}, 0x0)
socket$packet(0x11, 0x2, 0x300)
capset(&(0x7f0000000340)={0x19980330}, &(0x7f0000000380)={0x0, 0x4519, 0x8, 0x80000001, 0xfffffff7, 0x6})
r11 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r11, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000180)="39000000140081ae10003c000500018311001f9f660fcf066505acb612f691f3bd3508abca1be6eeb89c44ebb37358582bdbb7d553b4e92155", 0x39}], 0x1}, 0x0)
recvmsg(r11, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)

1.397147818s ago: executing program 3 (id=355):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@xino_on}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) (fail_nth: 27)

621.857992ms ago: executing program 4 (id=356):
r0 = syz_usb_connect(0x2, 0x3f, &(0x7f0000000340)=ANY=[@ANYBLOB="120110012cae9308da040d39dffa0102030109022d00"], 0x0)
syz_usb_control_io$printer(r0, &(0x7f0000000180)={0x14, &(0x7f00000004c0)={0x40, 0x11, 0x102, {0x102, 0xe, "341f767754098e1e91f392ed1572b609837cf6fd9f821101b534f33ca95c20736527d47896c69ecfc258d685690106ffdb6454ebba0ec72dcf1cae251c98f4135941d1564fdd236bd11e35c7c029ab25f94a6c77f9d2178913e6250f7dbd403d47cf00a066f1149f07fc871ba3922d63de48350666515d9e7e62fd5565fcf9207d068fb297ab761b36e16f499a72b7ea131263b552852540f4a2071a92a1f73eb514e07d653a501c8c4c780237a946ef7b8b05d947fa8cfd21c6c5bc07c9fec81cca687acfa9e1a7d55f2e53213b9873015c4a5abe27a84c0eea840cfa7d5d2bdea4c16d179f3a1f4a15072d8738855e443a995b380ea0316d00000000000000"}}, &(0x7f0000000040)={0x0, 0x3, 0x25, @string={0x25, 0x3, "fa956613cb4a8fd70364d7cb7e3bb3e82fed37a9c54e77c46dc6f79564cfd0c66b9ca3"}}}, &(0x7f0000000400)={0x34, &(0x7f0000000600)=ANY=[], &(0x7f0000000240)={0x0, 0xa, 0x1, 0x80}, &(0x7f0000000280)={0x0, 0x8, 0x1, 0x8}, &(0x7f00000004c0)=ANY=[], 0x0, &(0x7f00000003c0)={0x20, 0x0, 0x1, 0x9}})
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
socket$inet_sctp(0x2, 0x5, 0x84)
syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB], 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000240), 0xc2882, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fe050000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000740)='sched_switch\x00', r3, 0x0, 0xffffffffffffffff}, 0x18)
r4 = socket$kcm(0x29, 0x2, 0x0)
sendmmsg$inet(r4, &(0x7f0000007fc0)=[{{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f00000001c0)=' ', 0x1}], 0x1}}], 0x4000000000001f3, 0x0)

336.808621ms ago: executing program 1 (id=357):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4)
bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22}, 0x1c)
listen(r0, 0x0)
r1 = socket(0x10, 0x803, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000), 0x101, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_NMI(r4, 0xae9a)
syz_usb_connect$hid(0x4, 0x36, &(0x7f00000001c0)=ANY=[@ANYRESDEC, @ANYRESDEC=r1, @ANYRES8=0x0], 0x0)
socket(0x2, 0x80805, 0x0)
socket(0x10, 0x80002, 0x0)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="9000000010000305000000000000000000000700", @ANYRES32=0x0, @ANYBLOB="996e06004d4c0700540012800800010068737200480002800500030008000000050003000500000005000300fd00000008000200", @ANYRES32=r5, @ANYBLOB="08000100", @ANYRES32=r7], 0x90}}, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @random="5f198721fa66", @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "a8b4ce", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x2, 0x5, 0x10}}}}}}}, 0x0)

310.162809ms ago: executing program 3 (id=358):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x200, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={0x0, 0xb8}}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x9, 0x5d032, 0xffffffffffffffff, 0x0)
r4 = userfaultfd(0x801)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_CONTINUE(r4, 0xc020aa08, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})
madvise(&(0x7f000012d000/0xc00000)=nil, 0xc00000, 0x4)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x0)

0s ago: executing program 2 (id=359):
r0 = syz_open_dev$media(&(0x7f00000012c0), 0x66, 0x180502)
r1 = syz_open_dev$media(&(0x7f00000012c0), 0x66, 0x180502)
bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@private0={0xfc, 0x0, '\x00', 0x1}, @in=@private=0xa010100, 0x0, 0x2, 0xfffe, 0xeb39, 0xa, 0x10, 0x80}, {0x0, 0x3, 0x0, 0x0, 0x5, 0x8000000000000}, {0x0, 0x9}, 0x2, 0x0, 0x1}, {{@in=@dev={0xac, 0x14, 0x14, 0x22}, 0x0, 0x32}, 0x0, @in6=@private2, 0x0, 0x0, 0x2, 0x0, 0xfffffffd}}, 0xe4)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/fscaps', 0x2a000, 0x2)
r4 = syz_open_dev$vim2m(&(0x7f0000000040), 0x7, 0x2)
ioctl$vim2m_VIDIOC_CREATE_BUFS(r4, 0xc100565c, &(0x7f0000000140)={0x0, 0x40, 0x2, {0x1, @win={{}, 0x0, 0x9, 0x0, 0x0, 0x0}}})
ppoll(&(0x7f0000000240)=[{r4, 0xa0e4}], 0x1, 0x0, 0x0, 0x0)
sendmmsg$inet6(r3, &(0x7f0000001300)=[{{&(0x7f0000000040)={0xa, 0x4e23, 0x0, @mcast2}, 0x1c, 0x0}}], 0x1, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x201, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0xa}]}], {0x14}}, 0x64}}, 0x0)
syz_emit_ethernet(0x3e, &(0x7f00000005c0)={@local, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x2, 0x0, 0x30, 0x64, 0x0, 0x2, 0x1, 0x0, @empty, @private=0xa010101}, @redirect={0x5, 0x0, 0x0, @remote, {0x5, 0x4, 0x1, 0x4, 0x4, 0x67, 0x8, 0x8, 0x88, 0x40, @empty, @rand_addr=0x64010100}}}}}}, 0x0)
ioctl$MEDIA_IOC_G_TOPOLOGY(r1, 0xc0487c04, &(0x7f00000007c0)={0x0, 0x5, 0x0, &(0x7f0000000280)=[{}, {}, {}, {}, {}], 0x7, 0x0, &(0x7f0000000480)=[{}, {}, {}, {}, {}, {}, {}], 0x3, 0x0, &(0x7f0000000180)=[{}, {}, {0x0, 0x80000000, 0x0, {<r5=>0x0}}], 0x0, 0x0, &(0x7f0000000100)})
ioctl$MEDIA_IOC_SETUP_LINK(r0, 0xc0347c03, &(0x7f00000009c0)={{0x80000000, 0x0, 0x4, [0xc, 0x2]}, {0x80000000, r5, 0x3, [0xfffffff9, 0xffffff79]}, 0x2, [0x3]})

kernel console output (not intermixed with test programs):

[ T5831] bridge0: port 2(bridge_slave_1) entered disabled state
[   69.267810][ T5831] bridge_slave_1: entered allmulticast mode
[   69.274881][ T5831] bridge_slave_1: entered promiscuous mode
[   69.297992][ T5817] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   69.340046][ T5819] batman_adv: batadv0: Adding interface: batadv_slave_0
[   69.347203][ T5819] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   69.373271][ T5819] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   69.385419][ T5834] bridge0: port 1(bridge_slave_0) entered blocking state
[   69.394700][ T5834] bridge0: port 1(bridge_slave_0) entered disabled state
[   69.401878][ T5834] bridge_slave_0: entered allmulticast mode
[   69.409279][ T5834] bridge_slave_0: entered promiscuous mode
[   69.416861][ T5834] bridge0: port 2(bridge_slave_1) entered blocking state
[   69.424674][ T5834] bridge0: port 2(bridge_slave_1) entered disabled state
[   69.431824][ T5834] bridge_slave_1: entered allmulticast mode
[   69.438837][ T5834] bridge_slave_1: entered promiscuous mode
[   69.447985][ T5817] team0: Port device team_slave_0 added
[   69.456194][ T5817] team0: Port device team_slave_1 added
[   69.463854][ T5826] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   69.479624][ T5819] batman_adv: batadv0: Adding interface: batadv_slave_1
[   69.486994][ T5819] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   69.512987][ T5819] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   69.553819][ T5826] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   69.564675][ T5831] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   69.576418][ T5831] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   69.604001][ T5817] batman_adv: batadv0: Adding interface: batadv_slave_0
[   69.611063][ T5817] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   69.637236][ T5817] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   69.681570][ T5834] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   69.691755][ T5817] batman_adv: batadv0: Adding interface: batadv_slave_1
[   69.699203][ T5817] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   69.725480][ T5817] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   69.738744][ T5826] team0: Port device team_slave_0 added
[   69.746940][ T5826] team0: Port device team_slave_1 added
[   69.762427][ T5831] team0: Port device team_slave_0 added
[   69.770867][ T5834] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   69.815069][ T5819] hsr_slave_0: entered promiscuous mode
[   69.821388][ T5819] hsr_slave_1: entered promiscuous mode
[   69.829670][ T5831] team0: Port device team_slave_1 added
[   69.848145][ T5834] team0: Port device team_slave_0 added
[   69.856550][ T5834] team0: Port device team_slave_1 added
[   69.872628][ T5826] batman_adv: batadv0: Adding interface: batadv_slave_0
[   69.879571][ T5826] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   69.906515][ T5826] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   69.919173][ T5826] batman_adv: batadv0: Adding interface: batadv_slave_1
[   69.926170][ T5826] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   69.952419][ T5826] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   69.987998][ T5817] hsr_slave_0: entered promiscuous mode
[   69.994487][ T5817] hsr_slave_1: entered promiscuous mode
[   70.000418][ T5817] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   70.008727][ T5817] Cannot create hsr debugfs directory
[   70.049481][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_0
[   70.056591][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   70.082562][ T5831] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   70.094983][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_1
[   70.101943][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   70.128307][ T5831] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   70.146299][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_0
[   70.153414][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   70.179348][ T5834] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   70.212162][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_1
[   70.219175][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   70.229197][ T5824] Bluetooth: hci0: command tx timeout
[   70.245943][ T5834] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   70.250873][ T5829] Bluetooth: hci2: command tx timeout
[   70.262331][ T5833] Bluetooth: hci1: command tx timeout
[   70.292417][ T5833] Bluetooth: hci4: command tx timeout
[   70.292537][ T5824] Bluetooth: hci3: command tx timeout
[   70.338608][ T5826] hsr_slave_0: entered promiscuous mode
[   70.345125][ T5826] hsr_slave_1: entered promiscuous mode
[   70.351023][ T5826] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   70.359065][ T5826] Cannot create hsr debugfs directory
[   70.381397][ T5834] hsr_slave_0: entered promiscuous mode
[   70.387666][ T5834] hsr_slave_1: entered promiscuous mode
[   70.394156][ T5834] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   70.401723][ T5834] Cannot create hsr debugfs directory
[   70.425953][ T5831] hsr_slave_0: entered promiscuous mode
[   70.433777][ T5831] hsr_slave_1: entered promiscuous mode
[   70.439801][ T5831] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   70.447456][ T5831] Cannot create hsr debugfs directory
[   70.734883][ T5819] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   70.745855][ T5819] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   70.756534][ T5819] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   70.766546][ T5819] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   70.819558][ T5817] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   70.843772][ T5817] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   70.864075][ T5817] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   70.873954][ T5817] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   70.909508][ T5826] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   70.922286][ T5826] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   70.935964][ T5826] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   70.963161][ T5826] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   71.023343][ T5834] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   71.054487][ T5834] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   71.079634][ T5834] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   71.097530][ T5831] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   71.109601][ T5831] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   71.119949][ T5831] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   71.131205][ T5834] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   71.146219][ T5819] 8021q: adding VLAN 0 to HW filter on device bond0
[   71.154176][ T5831] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   71.205413][ T5819] 8021q: adding VLAN 0 to HW filter on device team0
[   71.237518][ T5817] 8021q: adding VLAN 0 to HW filter on device bond0
[   71.251702][ T1160] bridge0: port 1(bridge_slave_0) entered blocking state
[   71.258930][ T1160] bridge0: port 1(bridge_slave_0) entered forwarding state
[   71.271773][ T1160] bridge0: port 2(bridge_slave_1) entered blocking state
[   71.278947][ T1160] bridge0: port 2(bridge_slave_1) entered forwarding state
[   71.328201][ T5817] 8021q: adding VLAN 0 to HW filter on device team0
[   71.349131][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   71.356236][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   71.377842][   T68] bridge0: port 2(bridge_slave_1) entered blocking state
[   71.384959][   T68] bridge0: port 2(bridge_slave_1) entered forwarding state
[   71.409171][ T5826] 8021q: adding VLAN 0 to HW filter on device bond0
[   71.426890][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[   71.433882][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[   71.461615][ T5826] 8021q: adding VLAN 0 to HW filter on device team0
[   71.492131][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   71.499276][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   71.510640][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   71.517743][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   71.551063][ T5831] 8021q: adding VLAN 0 to HW filter on device bond0
[   71.572495][ T5834] 8021q: adding VLAN 0 to HW filter on device bond0
[   71.601979][ T5826] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   71.625119][ T5834] 8021q: adding VLAN 0 to HW filter on device team0
[   71.638640][ T5831] 8021q: adding VLAN 0 to HW filter on device team0
[   71.668507][ T5055] bridge0: port 1(bridge_slave_0) entered blocking state
[   71.675675][ T5055] bridge0: port 1(bridge_slave_0) entered forwarding state
[   71.693759][ T5055] bridge0: port 1(bridge_slave_0) entered blocking state
[   71.700987][ T5055] bridge0: port 1(bridge_slave_0) entered forwarding state
[   71.737668][ T1160] bridge0: port 2(bridge_slave_1) entered blocking state
[   71.744801][ T1160] bridge0: port 2(bridge_slave_1) entered forwarding state
[   71.789232][ T1160] bridge0: port 2(bridge_slave_1) entered blocking state
[   71.796419][ T1160] bridge0: port 2(bridge_slave_1) entered forwarding state
[   71.907094][ T5834] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   72.025418][ T5826] 8021q: adding VLAN 0 to HW filter on device batadv0
[   72.044389][ T5817] 8021q: adding VLAN 0 to HW filter on device batadv0
[   72.059617][ T5819] 8021q: adding VLAN 0 to HW filter on device batadv0
[   72.167424][ T5817] veth0_vlan: entered promiscuous mode
[   72.223340][ T5817] veth1_vlan: entered promiscuous mode
[   72.235209][ T5826] veth0_vlan: entered promiscuous mode
[   72.248970][ T5826] veth1_vlan: entered promiscuous mode
[   72.284942][ T5834] 8021q: adding VLAN 0 to HW filter on device batadv0
[   72.294750][ T5824] Bluetooth: hci0: command tx timeout
[   72.294772][ T5833] Bluetooth: hci2: command tx timeout
[   72.300147][ T5829] Bluetooth: hci1: command tx timeout
[   72.356773][ T5817] veth0_macvtap: entered promiscuous mode
[   72.373337][ T5833] Bluetooth: hci4: command tx timeout
[   72.376030][ T5829] Bluetooth: hci3: command tx timeout
[   72.396406][ T5817] veth1_macvtap: entered promiscuous mode
[   72.447810][ T5834] veth0_vlan: entered promiscuous mode
[   72.459621][ T5826] veth0_macvtap: entered promiscuous mode
[   72.468888][ T5826] veth1_macvtap: entered promiscuous mode
[   72.486259][ T5817] batman_adv: batadv0: Interface activated: batadv_slave_0
[   72.509861][ T5834] veth1_vlan: entered promiscuous mode
[   72.519768][ T5826] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   72.535478][ T5826] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   72.548686][ T5826] batman_adv: batadv0: Interface activated: batadv_slave_0
[   72.562479][ T5817] batman_adv: batadv0: Interface activated: batadv_slave_1
[   72.573417][ T5817] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   72.583313][ T5817] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   72.592029][ T5817] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   72.600868][ T5817] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   72.619557][ T5826] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   72.630285][ T5826] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   72.642145][ T5826] batman_adv: batadv0: Interface activated: batadv_slave_1
[   72.662765][ T5831] 8021q: adding VLAN 0 to HW filter on device batadv0
[   72.675794][ T5826] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   72.686107][ T5826] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   72.697887][ T5826] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   72.707821][ T5826] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   72.822388][ T5055] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   72.830534][ T5055] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   72.870353][ T5819] veth0_vlan: entered promiscuous mode
[   72.899584][   T68] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   72.903733][ T5834] veth0_macvtap: entered promiscuous mode
[   72.914086][   T68] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   72.925179][ T5834] veth1_macvtap: entered promiscuous mode
[   72.944947][ T5819] veth1_vlan: entered promiscuous mode
[   72.986122][ T5831] veth0_vlan: entered promiscuous mode
[   72.997847][  T448] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   73.011526][ T5834] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   73.025616][  T448] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   73.033029][ T5834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   73.043150][ T5834] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   73.053721][ T5834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   73.064982][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_0
[   73.090299][ T5831] veth1_vlan: entered promiscuous mode
[   73.111209][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   73.111722][ T5834] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   73.129744][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   73.142050][ T5834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   73.157333][ T5834] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   73.167854][ T5834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   73.180107][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_1
[   73.198146][ T5819] veth0_macvtap: entered promiscuous mode
[   73.211755][ T5819] veth1_macvtap: entered promiscuous mode
[   73.231942][ T5817] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   73.244410][ T5834] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   73.259025][ T5834] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   73.267836][ T5834] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   73.277072][ T5834] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   73.310972][ T5819] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   73.347393][ T5819] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   73.358080][ T5819] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   73.378873][ T5819] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   73.392072][ T5819] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   73.402800][ T5819] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   73.414399][ T5819] batman_adv: batadv0: Interface activated: batadv_slave_0
[   73.474355][ T5819] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   73.519529][ T5819] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   73.542990][ T5819] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   73.554687][ T5819] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   73.566090][ T5819] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   73.577470][ T5819] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   73.589260][ T5819] batman_adv: batadv0: Interface activated: batadv_slave_1
[   73.618362][ T5831] veth0_macvtap: entered promiscuous mode
[   73.646228][ T5910] hsr0: entered promiscuous mode
[   73.703820][ T5819] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   73.708529][ T5917] loop6: detected capacity change from 0 to 524287999
[   73.717273][ T5819] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   73.751034][ T5819] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   73.772094][ T5819] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   73.789733][ T5831] veth1_macvtap: entered promiscuous mode
[   73.821156][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   73.833262][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   73.843717][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   73.854622][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   73.882241][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   73.895925][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   73.905929][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   73.916605][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   73.928131][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_0
[   73.959001][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   73.971613][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   73.987444][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   73.999261][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   74.009697][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   74.021714][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   74.032767][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   74.043502][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   74.055454][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_1
[   74.088034][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   74.125330][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   74.137375][  T448] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   74.158297][ T5831] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   74.172456][  T448] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   74.211539][ T5831] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   74.232857][ T5926] process 'syz.3.9' launched './file2' with NULL argv: empty string added
[   74.237172][ T5831] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   74.250318][ T5831] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   74.326205][ T5928] netlink: 4 bytes leftover after parsing attributes in process `syz.1.10'.
[   74.347326][ T5929] netlink: 'syz.3.9': attribute type 3 has an invalid length.
[   74.365991][ T5929] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.9'.
[   74.375352][ T5829] Bluetooth: hci2: command tx timeout
[   74.385315][ T5829] Bluetooth: hci1: command tx timeout
[   74.387934][ T5833] Bluetooth: hci0: command tx timeout
[   74.444874][ T5927] netlink: 4 bytes leftover after parsing attributes in process `syz.1.10'.
[   74.458680][ T5833] Bluetooth: hci4: command tx timeout
[   74.462999][ T5829] Bluetooth: hci3: command tx timeout
[   74.481508][ T5055] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   74.500807][ T5055] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   74.599268][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   74.628989][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   74.669021][ T5055] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   74.678185][ T5872] usb 2-1: new low-speed USB device number 2 using dummy_hcd
[   74.723266][ T5055] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   74.796026][ T5934] netlink: 12 bytes leftover after parsing attributes in process `syz.3.11'.
[   74.807229][   T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   74.834120][   T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   74.873634][ T5872] usb 2-1: device descriptor read/64, error -71
[   75.093861][ T5947] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   75.122828][ T5872] usb 2-1: new low-speed USB device number 3 using dummy_hcd
[   75.132390][ T5874] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[   75.172421][ T5873] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   75.282415][ T5874] usb 4-1: Using ep0 maxpacket: 32
[   75.312494][ T5874] usb 4-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be
[   75.321779][ T5874] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   75.340514][ T5872] usb 2-1: device descriptor read/64, error -71
[   75.349270][ T5873] usb 3-1: device descriptor read/64, error -71
[   75.383835][ T5874] usb 4-1: config 0 descriptor??
[   75.398390][ T5874] gspca_main: vc032x-2.14.0 probing 0ac8:0321
[   75.462966][ T5872] usb usb2-port1: attempt power cycle
[   75.602611][ T5873] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[   76.033090][ T5874] gspca_vc032x: reg_w err -71
[   76.125278][ T5874] gspca_vc032x: I2c Bus Busy Wait 00
[   76.222294][ T5874] gspca_vc032x: I2c Bus Busy Wait 00
[   76.252357][ T5872] usb 2-1: new low-speed USB device number 4 using dummy_hcd
[   76.330995][ T5872] usb 2-1: device descriptor read/8, error -71
[   76.331187][ T5874] gspca_vc032x: I2c Bus Busy Wait 00
[   76.338139][ T5873] usb 3-1: device descriptor read/64, error -71
[   76.352647][ T5874] gspca_vc032x: I2c Bus Busy Wait 00
[   76.357986][ T5874] gspca_vc032x: I2c Bus Busy Wait 00
[   76.366011][ T5874] gspca_vc032x: I2c Bus Busy Wait 00
[   76.371324][ T5874] gspca_vc032x: I2c Bus Busy Wait 00
[   76.377182][ T5874] gspca_vc032x: I2c Bus Busy Wait 00
[   76.383667][ T5874] gspca_vc032x: I2c Bus Busy Wait 00
[   76.388994][ T5874] gspca_vc032x: I2c Bus Busy Wait 00
[   76.394373][ T5874] gspca_vc032x: I2c Bus Busy Wait 00
[   76.399683][ T5874] gspca_vc032x: I2c Bus Busy Wait 00
[   76.405689][ T5874] gspca_vc032x: I2c Bus Busy Wait 00
[   76.410996][ T5874] gspca_vc032x: I2c Bus Busy Wait 00
[   76.416662][ T5874] gspca_vc032x: I2c Bus Busy Wait 00
[   76.422052][ T5874] gspca_vc032x: I2c Bus Busy Wait 00
[   76.428477][ T5874] gspca_vc032x: I2c Bus Busy Wait 00
[   76.433897][ T5874] gspca_vc032x: I2c Bus Busy Wait 00
[   76.439213][ T5874] gspca_vc032x: Unknown sensor...
[   76.448006][ T5874] vc032x 4-1:0.0: probe with driver vc032x failed with error -22
[   76.456104][ T5829] Bluetooth: hci0: command tx timeout
[   76.462749][ T5829] Bluetooth: hci1: command tx timeout
[   76.462786][ T5829] Bluetooth: hci2: command tx timeout
[   76.493718][ T5874] usb 4-1: USB disconnect, device number 2
[   76.532953][ T5833] Bluetooth: hci4: command tx timeout
[   76.533515][ T5829] Bluetooth: hci3: command tx timeout
[   76.550171][ T5873] usb usb3-port1: attempt power cycle
[   76.562644][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   76.622447][ T5872] usb 2-1: new low-speed USB device number 5 using dummy_hcd
[   76.654249][ T5872] usb 2-1: device descriptor read/8, error -71
[   76.695796][ T5974] netlink: 'syz.0.16': attribute type 1 has an invalid length.
[   76.742509][   T25] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   76.791313][ T5872] usb usb2-port1: unable to enumerate USB device
[   77.062400][ T5873] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[   77.082338][   T25] usb 5-1: Using ep0 maxpacket: 16
[   77.088049][ T5987] netlink: 'syz.0.18': attribute type 10 has an invalid length.
[   77.092635][ T5918] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[   77.098856][ T5873] usb 3-1: device descriptor read/8, error -71
[   77.119287][ T5987] team0: Port device netdevsim0 added
[   77.128653][   T25] usb 5-1: config index 0 descriptor too short (expected 8602, got 154)
[   77.137423][   T25] usb 5-1: config 253 has too many interfaces: 250, using maximum allowed: 32
[   77.147016][   T25] usb 5-1: config 253 has an invalid descriptor of length 213, skipping remainder of the config
[   77.159544][   T25] usb 5-1: config 253 has 0 interfaces, different from the descriptor's value: 250
[   77.894750][   T25] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   77.904216][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   77.913903][   T25] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   77.921918][   T25] usb 5-1: Product: syz
[   77.927933][   T25] usb 5-1: Manufacturer: syz
[   77.932665][ T5873] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[   77.932726][ T5918] usb 4-1: device descriptor read/64, error -71
[   77.941102][   T25] usb 5-1: SerialNumber: syz
[   77.983080][ T5873] usb 3-1: device descriptor read/8, error -71
[   78.082462][    T0] NOHZ tick-stop error: local softirq work is pending, handler #300!!!
[   78.102336][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[   78.151681][ T5873] usb usb3-port1: unable to enumerate USB device
[   78.213491][   T25] usb 5-1: USB disconnect, device number 2
[   78.299383][ T5918] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[   78.442301][ T5918] usb 4-1: device descriptor read/64, error -71
[   78.533782][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   78.542097][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   78.562683][ T5918] usb usb4-port1: attempt power cycle
[   78.843113][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   78.993073][ T5918] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[   79.022284][ T5873] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[   79.023005][ T5918] usb 4-1: device descriptor read/8, error -71
[   79.173700][ T5873] usb 3-1: Using ep0 maxpacket: 16
[   79.200412][ T5873] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   79.218009][ T5873] usb 3-1: New USB device found, idVendor=045e, idProduct=0721, bcdDevice=9c.25
[   79.233900][ T5873] usb 3-1: New USB device strings: Mfr=0, Product=251, SerialNumber=3
[   79.243217][ T5873] usb 3-1: Product: syz
[   79.247415][ T5873] usb 3-1: SerialNumber: syz
[   79.279220][ T5873] usb 3-1: config 0 descriptor??
[   79.361889][ T5918] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[   79.395059][ T5918] usb 4-1: device descriptor read/8, error -71
[   79.513350][ T5918] usb usb4-port1: unable to enumerate USB device
[   79.584286][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   79.599180][ T5873] usb 3-1: USB disconnect, device number 6
[   79.782342][ T5872] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[   79.943093][ T5872] usb 2-1: Using ep0 maxpacket: 8
[   79.970112][ T5872] usb 2-1: config 1 interface 0 has no altsetting 0
[   80.073075][ T5872] usb 2-1: New USB device found, idVendor=1e7d, idProduct=3264, bcdDevice= 0.40
[   80.082158][ T5872] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   80.093994][ T5872] usb 2-1: Product: syz
[   80.098173][ T5872] usb 2-1: Manufacturer: 껂衜휷�◦⎡嶺斘暶徾�缅퉰怼⤗黋뙠践蓑窶憄ႉ쀾峥���蒞숧趾붿崗ᰚ�㭉웞糑잤眯웗�͎佔텕�ꃑ葬ჯ꼣朋麜﫣黯�䒼瓡挈�Ƥ녭�
[   80.213134][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   80.223023][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   81.091494][ T5872] usb 2-1: SerialNumber: syz
[   82.090243][   T82] cfg80211: failed to load regulatory.db
[   82.100575][ T5872] usbhid 2-1:1.0: can't add hid device: -71
[   82.127524][ T5872] usbhid 2-1:1.0: probe with driver usbhid failed with error -71
[   82.466521][ T5872] usb 2-1: USB disconnect, device number 6
[   83.497323][ T6033] sctp: failed to load transform for md5: -2
[   83.682294][    T9] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   83.814030][ T5918] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[   84.287810][    T9] usb 1-1: Using ep0 maxpacket: 32
[   84.613753][ T6050] netlink: 12 bytes leftover after parsing attributes in process `syz.3.33'.
[   84.666018][ T6050] netlink: 12 bytes leftover after parsing attributes in process `syz.3.33'.
[   85.190300][ T5918] usb 5-1: Using ep0 maxpacket: 8
[   85.196664][    T9] usb 1-1: device descriptor read/all, error -71
[   85.207760][ T5918] usb 5-1: config 0 has an invalid interface number: 155 but max is 1
[   85.216413][ T5918] usb 5-1: config 0 has an invalid interface number: 245 but max is 1
[   85.232232][ T5918] usb 5-1: config 0 has no interface number 0
[   85.238458][ T5918] usb 5-1: config 0 has no interface number 1
[   85.266484][ T5918] usb 5-1: config 0 interface 155 has no altsetting 0
[   85.302346][ T5918] usb 5-1: config 0 interface 245 has no altsetting 0
[   85.309195][ T5918] usb 5-1: New USB device found, idVendor=04c8, idProduct=0720, bcdDevice=b8.b6
[   85.333196][ T5918] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   85.384318][ T5918] usb 5-1: config 0 descriptor??
[   85.422707][    C0] raw-gadget.1 gadget.4: ignoring, device is not running
[   85.452717][ T5918] usb 5-1: can't set config #0, error -32
[   85.494007][ T5918] usb 5-1: USB disconnect, device number 3
[   85.924808][ T6059] overlayfs: "xino" feature enabled using 2 upper inode bits.
[   87.025181][ T6071] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   87.041456][ T6071] netlink: 260 bytes leftover after parsing attributes in process `syz.1.40'.
[   87.538739][ T6082] xt_cluster: node mask cannot exceed total number of nodes
[   89.198523][ T6097] sctp: failed to load transform for md5: -2
[   89.365637][    T9] usb 5-1: new full-speed USB device number 4 using dummy_hcd
[   89.769378][ T6109] netlink: 'syz.1.45': attribute type 11 has an invalid length.
[   89.777278][ T6109] netlink: 'syz.1.45': attribute type 5 has an invalid length.
[   90.065315][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 4
[   90.127539][    T9] usb 5-1: New USB device found, idVendor=05e1, idProduct=0408, bcdDevice=25.11
[   90.172785][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   90.425982][    T9] usb 5-1: Product: syz
[   90.742318][    T9] usb 5-1: Manufacturer: syz
[   90.746961][    T9] usb 5-1: SerialNumber: syz
[   90.824325][    T9] usb 5-1: config 0 descriptor??
[   90.847654][    T9] usb 5-1: no audio or video endpoints found
[   91.639545][    T9] usb 5-1: USB disconnect, device number 4
[   91.730998][ T6119] xt_cluster: node mask cannot exceed total number of nodes
[   92.585274][ T6121] overlayfs: "xino" feature enabled using 2 upper inode bits.
[   92.946463][ T6126] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   93.062994][ T5829] Bluetooth: hci4: Received unexpected HCI Event 0x00
[   93.431971][ T6142] xt_cluster: node mask cannot exceed total number of nodes
[   94.633309][ T6144] sctp: failed to load transform for md5: -2
[   94.815640][ T6154] Zero length message leads to an empty skb
[   94.870301][ T6154] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   95.228823][ T6168] netlink: 'syz.3.60': attribute type 2 has an invalid length.
[   95.258665][ T6168] Tq€: entered promiscuous mode
[   95.820671][ T6167] capability: warning: `syz.2.57' uses deprecated v2 capabilities in a way that may be insecure
[   95.841496][   T29] audit: type=1400 audit(1738867655.907:2): lsm=SMACK fn=smack_file_ioctl action=denied subject="w" object="_" requested=w pid=6155 comm="syz.2.57" path="/8/file1" dev="tmpfs" ino=59
[   96.022332][   T29] audit: type=1326 audit(1738867656.087:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6161 comm="syz.0.61" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f258018cde9 code=0x0
[   96.465267][ T6174] program syz.0.61 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   96.980466][ T6179] devpts: called with bogus options
[   97.241420][ T5918] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[   97.491985][ T6158] netlink: 'syz.1.59': attribute type 7 has an invalid length.
[   98.142248][ T5918] usb 3-1: Using ep0 maxpacket: 16
[   98.153912][ T5918] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   98.181302][ T5918] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   98.227839][ T5918] usb 3-1: New USB device found, idVendor=0419, idProduct=0001, bcdDevice= 0.00
[   98.237317][ T5918] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   98.259970][ T5918] usb 3-1: config 0 descriptor??
[   99.095825][ T6200] sp0: Synchronizing with TNC
[   99.914334][ T5918] samsung 0003:0419:0001.0001: hidraw0: USB HID v0.00 Device [HID 0419:0001] on usb-dummy_hcd.2-1/input0
[  101.704369][   T57] usb 3-1: USB disconnect, device number 7
[  101.905192][ T6210] sctp: failed to load transform for md5: -2
[  102.494871][ T6230] netlink: 'syz.2.73': attribute type 2 has an invalid length.
[  102.521645][ T6230] Tq€: entered promiscuous mode
[  103.277950][ T6232] syz.4.75: attempt to access beyond end of device
[  103.277950][ T6232] nbd4: rw=0, sector=0, nr_sectors = 1 limit=0
[  103.294994][ T6232] FAT-fs (nbd4): unable to read boot sector
[  104.046296][ T6244] syz.0.78 (6244) used greatest stack depth: 19120 bytes left
[  104.478749][ T6261] netlink: 'syz.0.81': attribute type 2 has an invalid length.
[  104.517883][ T6261] fþ: entered promiscuous mode
[  106.755833][ T6283] warning: `syz.0.86' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  108.448594][   T57] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  109.048462][ T6300] netlink: 12 bytes leftover after parsing attributes in process `syz.4.92'.
[  109.152726][   T57] usb 3-1: Using ep0 maxpacket: 8
[  109.173313][   T57] usb 3-1: descriptor type invalid, skip
[  109.213292][   T57] usb 3-1: config 1 interface 0 altsetting 4 bulk endpoint 0x1 has invalid maxpacket 16
[  109.231447][   T57] usb 3-1: config 1 interface 0 has no altsetting 0
[  109.250200][   T57] usb 3-1: string descriptor 0 read error: -22
[  109.259311][   T57] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  109.268795][   T57] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  109.455999][ T5873] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  109.642388][ T5873] usb 5-1: Using ep0 maxpacket: 32
[  109.691209][ T5873] usb 5-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be
[  109.707664][ T5873] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  109.772062][ T5873] usb 5-1: config 0 descriptor??
[  109.788623][ T5873] gspca_main: vc032x-2.14.0 probing 0ac8:0321
[  109.812842][ T6290] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  109.896352][ T6307] overlay: Unknown parameter 'subj_type'
[  110.103093][   T57] usblp 3-1:1.0: usblp0: USB Unidirectional printer dev 8 if 0 alt 4 proto 1 vid 0x0525 pid 0xA4A8
[  110.128328][   T57] usb 3-1: USB disconnect, device number 8
[  110.154685][   T57] usblp0: removed
[  110.465868][ T5873] gspca_vc032x: reg_w err -71
[  110.683457][ T5873] gspca_vc032x: I2c Bus Busy Wait 00
[  110.688807][ T5873] gspca_vc032x: I2c Bus Busy Wait 00
[  110.702594][ T5873] gspca_vc032x: I2c Bus Busy Wait 00
[  110.708041][ T5873] gspca_vc032x: I2c Bus Busy Wait 00
[  110.713430][ T5873] gspca_vc032x: I2c Bus Busy Wait 00
[  110.718830][ T5873] gspca_vc032x: I2c Bus Busy Wait 00
[  110.726860][ T5873] gspca_vc032x: I2c Bus Busy Wait 00
[  110.757196][ T5873] gspca_vc032x: I2c Bus Busy Wait 00
[  110.762619][ T5873] gspca_vc032x: I2c Bus Busy Wait 00
[  110.767921][ T5873] gspca_vc032x: I2c Bus Busy Wait 00
[  110.776816][ T5873] gspca_vc032x: I2c Bus Busy Wait 00
[  110.782132][ T5873] gspca_vc032x: I2c Bus Busy Wait 00
[  110.788304][ T5873] gspca_vc032x: I2c Bus Busy Wait 00
[  110.794359][ T5873] gspca_vc032x: I2c Bus Busy Wait 00
[  110.799672][ T5873] gspca_vc032x: I2c Bus Busy Wait 00
[  110.805065][ T5873] gspca_vc032x: I2c Bus Busy Wait 00
[  110.810362][ T5873] gspca_vc032x: I2c Bus Busy Wait 00
[  110.822226][ T5873] gspca_vc032x: I2c Bus Busy Wait 00
[  110.827570][ T5873] gspca_vc032x: Unknown sensor...
[  110.841365][ T5873] vc032x 5-1:0.0: probe with driver vc032x failed with error -22
[  110.872711][ T5873] usb 5-1: USB disconnect, device number 5
[  110.926591][ T6323] capability: warning: `syz.1.97' uses 32-bit capabilities (legacy support in use)
[  111.244582][ T6333] netlink: 8 bytes leftover after parsing attributes in process `syz.1.99'.
[  112.097606][ T6337] sctp: failed to load transform for md5: -2
[  112.217379][ T6335] FAULT_INJECTION: forcing a failure.
[  112.217379][ T6335] name failslab, interval 1, probability 0, space 0, times 0
[  112.236143][ T6335] CPU: 0 UID: 0 PID: 6335 Comm: syz.3.101 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  112.236169][ T6335] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  112.236183][ T6335] Call Trace:
[  112.236189][ T6335]  <TASK>
[  112.236196][ T6335]  dump_stack_lvl+0x241/0x360
[  112.236237][ T6335]  ? __pfx_dump_stack_lvl+0x10/0x10
[  112.236265][ T6335]  ? __pfx__printk+0x10/0x10
[  112.236293][ T6335]  ? __kmalloc_noprof+0xb5/0x4c0
[  112.236317][ T6335]  ? __pfx___might_resched+0x10/0x10
[  112.236341][ T6335]  should_fail_ex+0x40a/0x550
[  112.236366][ T6335]  should_failslab+0xac/0x100
[  112.236389][ T6335]  __kmalloc_noprof+0xdd/0x4c0
[  112.236409][ T6335]  ? safesetid_security_capable+0xb2/0x1d0
[  112.236433][ T6335]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x290
[  112.236461][ T6335]  genl_family_rcv_msg_attrs_parse+0xa3/0x290
[  112.236490][ T6335]  genl_rcv_msg+0x802/0xec0
[  112.236519][ T6335]  ? __pfx_genl_rcv_msg+0x10/0x10
[  112.236564][ T6335]  ? __pfx_lock_acquire+0x10/0x10
[  112.236586][ T6335]  ? __pfx_ioam6_genl_delsc+0x10/0x10
[  112.236614][ T6335]  ? __pfx___might_resched+0x10/0x10
[  112.236642][ T6335]  netlink_rcv_skb+0x1e3/0x430
[  112.236670][ T6335]  ? __pfx_genl_rcv_msg+0x10/0x10
[  112.236692][ T6335]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  112.236737][ T6335]  ? __netlink_deliver_tap+0x7aa/0x7f0
[  112.236767][ T6335]  genl_rcv+0x28/0x40
[  112.236786][ T6335]  netlink_unicast+0x7f6/0x990
[  112.236819][ T6335]  ? __pfx_netlink_unicast+0x10/0x10
[  112.236841][ T6335]  ? __virt_addr_valid+0x45f/0x530
[  112.236866][ T6335]  ? __phys_addr_symbol+0x2f/0x70
[  112.236888][ T6335]  ? __check_object_size+0x47a/0x730
[  112.236914][ T6335]  netlink_sendmsg+0x8e4/0xcb0
[  112.236941][ T6335]  ? __pfx_netlink_sendmsg+0x10/0x10
[  112.236970][ T6335]  ? __pfx_netlink_sendmsg+0x10/0x10
[  112.236986][ T6335]  __sock_sendmsg+0x221/0x270
[  112.237011][ T6335]  ____sys_sendmsg+0x52a/0x7e0
[  112.237036][ T6335]  ? __pfx_____sys_sendmsg+0x10/0x10
[  112.237051][ T6335]  ? __fget_files+0x2a/0x410
[  112.237077][ T6335]  ? __fget_files+0x2a/0x410
[  112.237108][ T6335]  __sys_sendmsg+0x269/0x350
[  112.237129][ T6335]  ? __pfx___sys_sendmsg+0x10/0x10
[  112.237172][ T6335]  ? irqentry_exit+0x63/0x90
[  112.237209][ T6335]  ? __x64_sys_sendmsg+0x63/0x90
[  112.237230][ T6335]  do_syscall_64+0xf3/0x230
[  112.237254][ T6335]  ? clear_bhb_loop+0x35/0x90
[  112.237281][ T6335]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.237304][ T6335] RIP: 0033:0x7fa51798cde9
[  112.237324][ T6335] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  112.237338][ T6335] RSP: 002b:00007fa5157d5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  112.237357][ T6335] RAX: ffffffffffffffda RBX: 00007fa517ba6080 RCX: 00007fa51798cde9
[  112.237370][ T6335] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000008
[  112.237380][ T6335] RBP: 00007fa5157d5090 R08: 0000000000000000 R09: 0000000000000000
[  112.237391][ T6335] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  112.237401][ T6335] R13: 0000000000000000 R14: 00007fa517ba6080 R15: 00007fff1d263348
[  112.237426][ T6335]  </TASK>
[  112.874195][ T5873] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  113.869495][ T6357] openvswitch: netlink: Unexpected mask (mask=20040, allowed=10048)
[  114.082386][ T5873] usb 3-1: Using ep0 maxpacket: 32
[  114.104200][ T5873] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  114.242649][ T5873] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  114.253546][ T5873] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  114.797252][ T5873] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  114.823027][ T5873] usb 3-1: config 0 descriptor??
[  115.964855][ T6369] netlink: 'syz.4.108': attribute type 10 has an invalid length.
[  115.976042][ T6369] bridge0: port 2(bridge_slave_1) entered disabled state
[  115.984182][ T6369] bridge0: port 1(bridge_slave_0) entered disabled state
[  116.596715][ T6369] bridge0: port 2(bridge_slave_1) entered blocking state
[  116.604009][ T6369] bridge0: port 2(bridge_slave_1) entered forwarding state
[  116.612123][ T6369] bridge0: port 1(bridge_slave_0) entered blocking state
[  116.619258][ T6369] bridge0: port 1(bridge_slave_0) entered forwarding state
[  116.765983][ T6369] team0: Port device bridge0 added
[  116.791319][ T5873] usbhid 3-1:0.0: can't add hid device: -71
[  116.816638][ T5873] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  116.848504][ T5873] usb 3-1: USB disconnect, device number 9
[  116.884834][ T6378] netlink: 12 bytes leftover after parsing attributes in process `syz.0.110'.
[  117.192338][ T5918] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  117.363612][ T5918] usb 1-1: Using ep0 maxpacket: 32
[  117.400513][ T5918] usb 1-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be
[  117.438931][ T5918] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  117.787699][ T5918] usb 1-1: config 0 descriptor??
[  117.801994][ T5918] gspca_main: vc032x-2.14.0 probing 0ac8:0321
[  118.414845][ T5918] gspca_vc032x: reg_w err -71
[  118.424511][ T5918] gspca_vc032x: I2c Bus Busy Wait 00
[  118.442377][ T5918] gspca_vc032x: I2c Bus Busy Wait 00
[  118.458004][ T5918] gspca_vc032x: I2c Bus Busy Wait 00
[  118.519368][ T5918] gspca_vc032x: I2c Bus Busy Wait 00
[  118.529685][ T5918] gspca_vc032x: I2c Bus Busy Wait 00
[  118.552401][ T5918] gspca_vc032x: I2c Bus Busy Wait 00
[  119.314742][ T5918] gspca_vc032x: I2c Bus Busy Wait 00
[  119.320085][ T5918] gspca_vc032x: I2c Bus Busy Wait 00
[  119.325458][ T5918] gspca_vc032x: I2c Bus Busy Wait 00
[  119.331723][ T5918] gspca_vc032x: I2c Bus Busy Wait 00
[  119.337119][ T5918] gspca_vc032x: I2c Bus Busy Wait 00
[  119.342447][ T5918] gspca_vc032x: I2c Bus Busy Wait 00
[  119.347740][ T5918] gspca_vc032x: I2c Bus Busy Wait 00
[  119.353071][ T5918] gspca_vc032x: I2c Bus Busy Wait 00
[  119.359318][ T5918] gspca_vc032x: I2c Bus Busy Wait 00
[  119.402266][ T5918] gspca_vc032x: I2c Bus Busy Wait 00
[  119.428935][ T5918] gspca_vc032x: I2c Bus Busy Wait 00
[  119.476966][ T5918] gspca_vc032x: I2c Bus Busy Wait 00
[  119.497173][ T5918] gspca_vc032x: Unknown sensor...
[  119.511201][ T5918] vc032x 1-1:0.0: probe with driver vc032x failed with error -22
[  119.555232][ T5918] usb 1-1: USB disconnect, device number 4
[  119.830674][ T6413] syz.0.121 (6413) used greatest stack depth: 19096 bytes left
[  120.880622][   T29] audit: type=1326 audit(1738867680.247:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6417 comm="syz.3.123" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa51798cde9 code=0x7ffc0000
[  120.946970][   T29] audit: type=1326 audit(1738867680.247:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6417 comm="syz.3.123" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa51798cde9 code=0x7ffc0000
[  120.968300][   T29] audit: type=1326 audit(1738867680.257:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6417 comm="syz.3.123" exe="/root/syz-executor" sig=0 arch=c000003e syscall=292 compat=0 ip=0x7fa51798cde9 code=0x7ffc0000
[  121.090069][   T29] audit: type=1326 audit(1738867680.257:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6417 comm="syz.3.123" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa51798cde9 code=0x7ffc0000
[  121.125663][   T29] audit: type=1326 audit(1738867680.257:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6417 comm="syz.3.123" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa51798cde9 code=0x7ffc0000
[  121.382584][   T29] audit: type=1326 audit(1738867680.257:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6417 comm="syz.3.123" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7fa51798cde9 code=0x7ffc0000
[  121.633947][ T6436] netlink: 76 bytes leftover after parsing attributes in process `syz.4.126'.
[  121.703491][   T29] audit: type=1326 audit(1738867680.257:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6417 comm="syz.3.123" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa51798cde9 code=0x7ffc0000
[  121.728526][ T6439] netlink: 12 bytes leftover after parsing attributes in process `syz.3.127'.
[  121.737975][ T6439] FAULT_INJECTION: forcing a failure.
[  121.737975][ T6439] name failslab, interval 1, probability 0, space 0, times 0
[  121.752213][ T6439] CPU: 0 UID: 0 PID: 6439 Comm: syz.3.127 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  121.752237][ T6439] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  121.752248][ T6439] Call Trace:
[  121.752254][ T6439]  <TASK>
[  121.752261][ T6439]  dump_stack_lvl+0x241/0x360
[  121.752297][ T6439]  ? __pfx_dump_stack_lvl+0x10/0x10
[  121.752325][ T6439]  ? __pfx__printk+0x10/0x10
[  121.752353][ T6439]  ? kmem_cache_alloc_node_noprof+0x4f/0x380
[  121.752372][ T6439]  ? __pfx___might_resched+0x10/0x10
[  121.752389][ T6439]  should_fail_ex+0x40a/0x550
[  121.752406][ T6439]  should_failslab+0xac/0x100
[  121.752423][ T6439]  kmem_cache_alloc_node_noprof+0x77/0x380
[  121.752439][ T6439]  ? __alloc_skb+0x1c3/0x440
[  121.752460][ T6439]  __alloc_skb+0x1c3/0x440
[  121.752480][ T6439]  ? __pfx___alloc_skb+0x10/0x10
[  121.752501][ T6439]  ? netlink_ack_tlv_len+0x6e/0x200
[  121.752522][ T6439]  netlink_ack+0x145/0xa50
[  121.752542][ T6439]  ? __pfx___might_resched+0x10/0x10
[  121.752561][ T6439]  netlink_rcv_skb+0x262/0x430
[  121.752581][ T6439]  ? __pfx_genl_rcv_msg+0x10/0x10
[  121.752597][ T6439]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  121.752623][ T6439]  ? __netlink_deliver_tap+0x7aa/0x7f0
[  121.752643][ T6439]  genl_rcv+0x28/0x40
[  121.752656][ T6439]  netlink_unicast+0x7f6/0x990
[  121.752678][ T6439]  ? __pfx_netlink_unicast+0x10/0x10
[  121.752695][ T6439]  ? __virt_addr_valid+0x45f/0x530
[  121.752713][ T6439]  ? __phys_addr_symbol+0x2f/0x70
[  121.752730][ T6439]  ? __check_object_size+0x47a/0x730
[  121.752748][ T6439]  netlink_sendmsg+0x8e4/0xcb0
[  121.752766][ T6439]  ? __pfx_netlink_sendmsg+0x10/0x10
[  121.752777][ T6439]  ? __import_iovec+0x1a6/0x870
[  121.752797][ T6439]  ? __pfx_netlink_sendmsg+0x10/0x10
[  121.752808][ T6439]  __sock_sendmsg+0x221/0x270
[  121.752825][ T6439]  ____sys_sendmsg+0x52a/0x7e0
[  121.752842][ T6439]  ? __pfx_____sys_sendmsg+0x10/0x10
[  121.752853][ T6439]  ? __fget_files+0x2a/0x410
[  121.752871][ T6439]  ? __fget_files+0x2a/0x410
[  121.752892][ T6439]  __sys_sendmsg+0x269/0x350
[  121.752907][ T6439]  ? __pfx___sys_sendmsg+0x10/0x10
[  121.752943][ T6439]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  121.752960][ T6439]  ? do_syscall_64+0x100/0x230
[  121.752979][ T6439]  ? do_syscall_64+0xb6/0x230
[  121.752997][ T6439]  do_syscall_64+0xf3/0x230
[  121.753014][ T6439]  ? clear_bhb_loop+0x35/0x90
[  121.753033][ T6439]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  121.753050][ T6439] RIP: 0033:0x7fa51798cde9
[  121.753062][ T6439] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  121.753072][ T6439] RSP: 002b:00007fa5157d5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  121.753093][ T6439] RAX: ffffffffffffffda RBX: 00007fa517ba6080 RCX: 00007fa51798cde9
[  121.753102][ T6439] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000008
[  121.753110][ T6439] RBP: 00007fa5157d5090 R08: 0000000000000000 R09: 0000000000000000
[  121.753117][ T6439] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  121.753124][ T6439] R13: 0000000000000000 R14: 00007fa517ba6080 R15: 00007fff1d263348
[  121.753141][ T6439]  </TASK>
[  122.117174][   T29] audit: type=1326 audit(1738867680.257:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6417 comm="syz.3.123" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa51798cde9 code=0x7ffc0000
[  122.185344][   T29] audit: type=1326 audit(1738867680.257:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6417 comm="syz.3.123" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa51798cde9 code=0x7ffc0000
[  122.206754][   T29] audit: type=1326 audit(1738867680.267:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6417 comm="syz.3.123" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa51798cde9 code=0x7ffc0000
[  122.283959][ T6442] FAULT_INJECTION: forcing a failure.
[  122.283959][ T6442] name failslab, interval 1, probability 0, space 0, times 0
[  122.297827][ T6442] CPU: 0 UID: 0 PID: 6442 Comm: syz.0.129 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  122.297851][ T6442] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  122.297861][ T6442] Call Trace:
[  122.297868][ T6442]  <TASK>
[  122.297875][ T6442]  dump_stack_lvl+0x241/0x360
[  122.297910][ T6442]  ? __pfx_dump_stack_lvl+0x10/0x10
[  122.297937][ T6442]  ? __pfx__printk+0x10/0x10
[  122.297966][ T6442]  ? __kmalloc_noprof+0xb5/0x4c0
[  122.297989][ T6442]  ? __pfx___might_resched+0x10/0x10
[  122.298013][ T6442]  should_fail_ex+0x40a/0x550
[  122.298037][ T6442]  should_failslab+0xac/0x100
[  122.298060][ T6442]  __kmalloc_noprof+0xdd/0x4c0
[  122.298083][ T6442]  ? security_prepare_creds+0x53/0x360
[  122.298109][ T6442]  ? rcu_is_watching+0x15/0xb0
[  122.298138][ T6442]  security_prepare_creds+0x53/0x360
[  122.298173][ T6442]  prepare_creds+0x467/0x640
[  122.298200][ T6442]  copy_creds+0x109/0x9c0
[  122.298222][ T6442]  ? kmap_local_fork+0x42/0x80
[  122.298249][ T6442]  copy_process+0x9df/0x3d50
[  122.298274][ T6442]  ? __pfx_lock_release+0x10/0x10
[  122.298295][ T6442]  ? kstrtouint_from_user+0x128/0x190
[  122.298331][ T6442]  ? __pfx_copy_process+0x10/0x10
[  122.298354][ T6442]  ? ksys_write+0x22a/0x2b0
[  122.298376][ T6442]  kernel_clone+0x223/0x870
[  122.298395][ T6442]  ? sb_end_write+0xe9/0x1c0
[  122.298420][ T6442]  ? __pfx_kernel_clone+0x10/0x10
[  122.298445][ T6442]  ? do_sys_openat2+0x17a/0x1d0
[  122.298476][ T6442]  __x64_sys_clone+0x258/0x2a0
[  122.298498][ T6442]  ? __pfx___x64_sys_clone+0x10/0x10
[  122.298529][ T6442]  ? do_syscall_64+0x100/0x230
[  122.298560][ T6442]  ? do_syscall_64+0xb6/0x230
[  122.298603][ T6442]  do_syscall_64+0xf3/0x230
[  122.298631][ T6442]  ? clear_bhb_loop+0x35/0x90
[  122.298662][ T6442]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  122.298690][ T6442] RIP: 0033:0x7f258018cde9
[  122.298708][ T6442] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  122.298729][ T6442] RSP: 002b:00007f25810b6fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  122.298751][ T6442] RAX: ffffffffffffffda RBX: 00007f25803a5fa0 RCX: 00007f258018cde9
[  122.298765][ T6442] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000049000
[  122.298778][ T6442] RBP: 00007f25810b7090 R08: 0000000000000000 R09: 0000000000000000
[  122.298791][ T6442] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[  122.298803][ T6442] R13: 0000000000000000 R14: 00007f25803a5fa0 R15: 00007ffe62d85898
[  122.298831][ T6442]  </TASK>
[  124.306579][ T6468] mmap: syz.2.134 (6468) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  125.211834][ T6478] =======================================================
[  125.211834][ T6478] WARNING: The mand mount option has been deprecated and
[  125.211834][ T6478]          and is ignored by this kernel. Remove the mand
[  125.211834][ T6478]          option from the mount to silence this warning.
[  125.211834][ T6478] =======================================================
[  125.334374][ T6481] FAULT_INJECTION: forcing a failure.
[  125.334374][ T6481] name failslab, interval 1, probability 0, space 0, times 0
[  125.382277][ T6481] CPU: 1 UID: 0 PID: 6481 Comm: syz.4.140 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  125.382304][ T6481] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  125.382314][ T6481] Call Trace:
[  125.382321][ T6481]  <TASK>
[  125.382328][ T6481]  dump_stack_lvl+0x241/0x360
[  125.382363][ T6481]  ? __pfx_dump_stack_lvl+0x10/0x10
[  125.382391][ T6481]  ? __pfx__printk+0x10/0x10
[  125.382419][ T6481]  ? fs_reclaim_acquire+0x93/0x130
[  125.382438][ T6481]  ? __pfx___might_resched+0x10/0x10
[  125.382462][ T6481]  should_fail_ex+0x40a/0x550
[  125.382487][ T6481]  should_failslab+0xac/0x100
[  125.382510][ T6481]  __kmalloc_noprof+0xdd/0x4c0
[  125.382532][ T6481]  ? tomoyo_encode+0x26f/0x540
[  125.382553][ T6481]  tomoyo_encode+0x26f/0x540
[  125.382574][ T6481]  tomoyo_mount_permission+0x53d/0xb80
[  125.382606][ T6481]  ? stack_depot_save_flags+0x37/0x940
[  125.382627][ T6481]  ? tomoyo_mount_permission+0x298/0xb80
[  125.382662][ T6481]  ? __pfx_tomoyo_mount_permission+0x10/0x10
[  125.382729][ T6481]  ? hook_sb_mount+0x10b/0x420
[  125.382746][ T6481]  ? security_sb_mount+0x22/0x2f0
[  125.382767][ T6481]  security_sb_mount+0xe0/0x2f0
[  125.382789][ T6481]  path_mount+0xb9/0xfa0
[  125.382809][ T6481]  ? kmem_cache_free+0x195/0x410
[  125.382830][ T6481]  ? user_path_at+0x44/0x60
[  125.382863][ T6481]  __se_sys_mount+0x2d6/0x3c0
[  125.382890][ T6481]  ? __pfx___se_sys_mount+0x10/0x10
[  125.382914][ T6481]  ? do_syscall_64+0x100/0x230
[  125.382941][ T6481]  ? __x64_sys_mount+0x20/0xc0
[  125.382965][ T6481]  do_syscall_64+0xf3/0x230
[  125.382988][ T6481]  ? clear_bhb_loop+0x35/0x90
[  125.383016][ T6481]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  125.383039][ T6481] RIP: 0033:0x7f6e14b8cde9
[  125.383055][ T6481] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  125.383068][ T6481] RSP: 002b:00007f6e15a52038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  125.383087][ T6481] RAX: ffffffffffffffda RBX: 00007f6e14da5fa0 RCX: 00007f6e14b8cde9
[  125.383100][ T6481] RDX: 0000200000000080 RSI: 00002000000000c0 RDI: 0000000000000000
[  125.383111][ T6481] RBP: 00007f6e15a52090 R08: 0000200000000340 R09: 0000000000000000
[  125.383122][ T6481] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  125.383132][ T6481] R13: 0000000000000000 R14: 00007f6e14da5fa0 R15: 00007ffcf91e9358
[  125.383157][ T6481]  </TASK>
[  125.774773][ T6471] syz.3.136: attempt to access beyond end of device
[  125.774773][ T6471] nbd3: rw=0, sector=0, nr_sectors = 1 limit=0
[  125.787694][ T6471] (syz.3.136,6471,1):ocfs2_get_sector:1714 ERROR: status = -5
[  125.795328][ T6471] (syz.3.136,6471,1):ocfs2_sb_probe:753 ERROR: status = -5
[  125.802569][ T6471] (syz.3.136,6471,1):ocfs2_fill_super:989 ERROR: superblock probe failed!
[  125.813459][ T6471] (syz.3.136,6471,0):ocfs2_fill_super:1177 ERROR: status = -5
[  129.276306][ T5918] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  129.472271][ T5918] usb 4-1: Using ep0 maxpacket: 32
[  129.479788][ T5918] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  129.492226][ T5918] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  129.516196][ T5918] usb 4-1: New USB device found, idVendor=077d, idProduct=627a, bcdDevice= 0.10
[  129.535536][ T5918] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  129.566142][ T5918] usb 4-1: Product: syz
[  129.576925][ T5918] usb 4-1: Manufacturer: syz
[  129.591792][ T5918] usb 4-1: SerialNumber: syz
[  129.613003][ T5918] usb 4-1: config 0 descriptor??
[  129.837931][ T5918] usb 4-1: USB disconnect, device number 7
[  129.893166][   T11] wlan1: Trigger new scan to find an IBSS to join
[  130.952572][   T82] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  131.082678][   T25] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  131.148082][   T82] usb 4-1: Using ep0 maxpacket: 32
[  131.219147][   T82] usb 4-1: config 0 has an invalid interface number: 184 but max is 0
[  131.272942][   T25] usb 3-1: Using ep0 maxpacket: 16
[  131.296308][   T82] usb 4-1: config 0 has no interface number 0
[  131.372039][   T82] usb 4-1: config 0 interface 184 has no altsetting 0
[  131.394563][ T5918] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  131.406859][   T25] usb 3-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3
[  131.430770][   T25] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  131.455516][   T82] usb 4-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  131.488783][   T82] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  131.497416][   T25] usb 3-1: Product: syz
[  131.501602][   T25] usb 3-1: Manufacturer: syz
[  131.506277][   T82] usb 4-1: Product: syz
[  131.511016][   T25] usb 3-1: SerialNumber: syz
[  131.515925][   T82] usb 4-1: Manufacturer: syz
[  131.520543][   T82] usb 4-1: SerialNumber: syz
[  131.522946][   T25] usb 3-1: config 0 descriptor??
[  131.538434][   T82] usb 4-1: config 0 descriptor??
[  131.549433][   T82] smsc75xx v1.0.0
[  131.635785][ T5918] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  131.667372][ T5918] usb 5-1: New USB device found, idVendor=0421, idProduct=0128, bcdDevice=a6.84
[  131.686802][ T5918] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  131.704499][ T5918] usb 5-1: Product: syz
[  131.712256][ T5918] usb 5-1: Manufacturer: syz
[  131.716879][ T5918] usb 5-1: SerialNumber: syz
[  131.744175][ T5918] usb 5-1: config 0 descriptor??
[  131.751727][ T5918] usb 5-1: bad CDC descriptors
[  131.757553][ T5918] cdc_acm 5-1:0.0: Control and data interfaces are not separated!
[  131.772376][ T5918] cdc_acm 5-1:0.0: This needs exactly 3 endpoints
[  131.789158][ T5918] cdc_acm 5-1:0.0: probe with driver cdc_acm failed with error -22
[  131.981159][ T5827] usb 5-1: USB disconnect, device number 6
[  131.995222][   T25] dvb-usb: found a 'AME DTV-5100 USB2.0 DVB-T' in warm state.
[  132.034540][   T25] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  132.061347][   T25] dvbdev: DVB: registering new adapter (AME DTV-5100 USB2.0 DVB-T)
[  132.079860][   T25] usb 3-1: media controller created
[  132.307430][   T25] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  132.555234][   T25] zl10353_read_register: readreg error (reg=127, ret==0)
[  132.562527][   T25] dvb-usb: no frontend was attached by 'AME DTV-5100 USB2.0 DVB-T'
[  132.571348][   T25] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully initialized and connected.
[  132.873578][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  133.328220][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  133.424681][   T25] usb 3-1: USB disconnect, device number 10
[  133.474725][   T25] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully deinitialized and disconnected.
[  133.893560][ T6433] wlan1: Trigger new scan to find an IBSS to join
[  135.319434][   T82] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -71
[  135.597867][   T82] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  135.622785][   T82] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  135.641230][   T82] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[  135.691071][   T82] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[  135.753696][   T82] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[  135.772626][   T82] smsc75xx 4-1:0.184: probe with driver smsc75xx failed with error -71
[  135.988973][   T82] usb 4-1: USB disconnect, device number 8
[  136.857318][ T5963] wlan1: Creating new IBSS network, BSSID 62:a0:dc:71:d5:9a
[  137.564132][    T9] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  137.703634][    T9] usb 3-1: device descriptor read/64, error -71
[  137.982265][    T9] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  138.474281][    T9] usb 3-1: device descriptor read/64, error -71
[  138.634803][    T9] usb usb3-port1: attempt power cycle
[  138.853838][ T6655] FAULT_INJECTION: forcing a failure.
[  138.853838][ T6655] name failslab, interval 1, probability 0, space 0, times 0
[  138.894833][ T6655] CPU: 0 UID: 0 PID: 6655 Comm: syz.4.177 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  138.894870][ T6655] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  138.894886][ T6655] Call Trace:
[  138.894896][ T6655]  <TASK>
[  138.894903][ T6655]  dump_stack_lvl+0x241/0x360
[  138.894938][ T6655]  ? __pfx_dump_stack_lvl+0x10/0x10
[  138.894966][ T6655]  ? __pfx__printk+0x10/0x10
[  138.894994][ T6655]  ? __kmalloc_cache_noprof+0x48/0x390
[  138.895018][ T6655]  ? __pfx___might_resched+0x10/0x10
[  138.895039][ T6655]  should_fail_ex+0x40a/0x550
[  138.895063][ T6655]  should_failslab+0xac/0x100
[  138.895087][ T6655]  __kmalloc_cache_noprof+0x70/0x390
[  138.895109][ T6655]  ? ovl_init_fs_context+0x58/0x4f0
[  138.895134][ T6655]  ovl_init_fs_context+0x58/0x4f0
[  138.895159][ T6655]  alloc_fs_context+0x68a/0x800
[  138.895191][ T6655]  do_new_mount+0x160/0xb40
[  138.895217][ T6655]  ? __pfx_do_new_mount+0x10/0x10
[  138.895245][ T6655]  __se_sys_mount+0x2d6/0x3c0
[  138.895270][ T6655]  ? __pfx___se_sys_mount+0x10/0x10
[  138.895291][ T6655]  ? do_syscall_64+0x100/0x230
[  138.895316][ T6655]  ? __x64_sys_mount+0x20/0xc0
[  138.895338][ T6655]  do_syscall_64+0xf3/0x230
[  138.895359][ T6655]  ? clear_bhb_loop+0x35/0x90
[  138.895384][ T6655]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  138.895405][ T6655] RIP: 0033:0x7f6e14b8cde9
[  138.895419][ T6655] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  138.895433][ T6655] RSP: 002b:00007f6e15a52038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  138.895450][ T6655] RAX: ffffffffffffffda RBX: 00007f6e14da5fa0 RCX: 00007f6e14b8cde9
[  138.895462][ T6655] RDX: 0000200000000080 RSI: 00002000000000c0 RDI: 0000000000000000
[  138.895473][ T6655] RBP: 00007f6e15a52090 R08: 0000200000000340 R09: 0000000000000000
[  138.895483][ T6655] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  138.895492][ T6655] R13: 0000000000000000 R14: 00007f6e14da5fa0 R15: 00007ffcf91e9358
[  138.895516][ T6655]  </TASK>
[  139.321980][    T9] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  139.334037][   T29] kauditd_printk_skb: 23 callbacks suppressed
[  139.334054][   T29] audit: type=1326 audit(1738867699.357:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6662 comm="syz.1.180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8eebf8cde9 code=0x7ffc0000
[  139.403919][    T9] usb 3-1: device descriptor read/8, error -71
[  139.493306][   T29] audit: type=1326 audit(1738867699.357:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6662 comm="syz.1.180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8eebf8cde9 code=0x7ffc0000
[  140.018972][   T29] audit: type=1326 audit(1738867699.357:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6662 comm="syz.1.180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8eebf8cde9 code=0x7ffc0000
[  140.118894][   T29] audit: type=1326 audit(1738867699.357:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6662 comm="syz.1.180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8eebf8cde9 code=0x7ffc0000
[  140.262329][   T29] audit: type=1326 audit(1738867699.357:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6662 comm="syz.1.180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8eebf8cde9 code=0x7ffc0000
[  140.404207][   T29] audit: type=1326 audit(1738867699.357:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6662 comm="syz.1.180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8eebf8cde9 code=0x7ffc0000
[  140.604349][ T6682] netlink: 16 bytes leftover after parsing attributes in process `syz.4.184'.
[  140.615949][   T29] audit: type=1326 audit(1738867699.367:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6662 comm="syz.1.180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8eebf8cde9 code=0x7ffc0000
[  140.827560][ T6685] overlayfs: missing 'lowerdir'
[  140.913658][   T29] audit: type=1326 audit(1738867699.367:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6662 comm="syz.1.180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8eebf8cde9 code=0x7ffc0000
[  141.061689][   T29] audit: type=1326 audit(1738867699.367:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6662 comm="syz.1.180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8eebf8cde9 code=0x7ffc0000
[  141.162764][   T29] audit: type=1326 audit(1738867699.367:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6662 comm="syz.1.180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8eebf8cde9 code=0x7ffc0000
[  141.957605][ T6704] FAULT_INJECTION: forcing a failure.
[  141.957605][ T6704] name failslab, interval 1, probability 0, space 0, times 0
[  141.992051][ T6704] CPU: 1 UID: 0 PID: 6704 Comm: syz.1.189 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  141.992077][ T6704] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  141.992087][ T6704] Call Trace:
[  141.992094][ T6704]  <TASK>
[  141.992101][ T6704]  dump_stack_lvl+0x241/0x360
[  141.992139][ T6704]  ? __pfx_dump_stack_lvl+0x10/0x10
[  141.992167][ T6704]  ? __pfx__printk+0x10/0x10
[  141.992194][ T6704]  ? __kmalloc_cache_noprof+0x48/0x390
[  141.992219][ T6704]  ? __pfx___might_resched+0x10/0x10
[  141.992241][ T6704]  should_fail_ex+0x40a/0x550
[  141.992265][ T6704]  should_failslab+0xac/0x100
[  141.992288][ T6704]  __kmalloc_cache_noprof+0x70/0x390
[  141.992310][ T6704]  ? ovl_init_fs_context+0x11d/0x4f0
[  141.992334][ T6704]  ovl_init_fs_context+0x11d/0x4f0
[  141.992358][ T6704]  alloc_fs_context+0x68a/0x800
[  141.992389][ T6704]  do_new_mount+0x160/0xb40
[  141.992416][ T6704]  ? __pfx_do_new_mount+0x10/0x10
[  141.992446][ T6704]  __se_sys_mount+0x2d6/0x3c0
[  141.992472][ T6704]  ? __pfx___se_sys_mount+0x10/0x10
[  141.992496][ T6704]  ? do_syscall_64+0x100/0x230
[  141.992531][ T6704]  ? __x64_sys_mount+0x20/0xc0
[  141.992556][ T6704]  do_syscall_64+0xf3/0x230
[  141.992579][ T6704]  ? clear_bhb_loop+0x35/0x90
[  141.992606][ T6704]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  141.992628][ T6704] RIP: 0033:0x7f8eebf8cde9
[  141.992644][ T6704] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  141.992658][ T6704] RSP: 002b:00007f8eecd09038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  141.992677][ T6704] RAX: ffffffffffffffda RBX: 00007f8eec1a5fa0 RCX: 00007f8eebf8cde9
[  141.992689][ T6704] RDX: 0000200000000080 RSI: 00002000000000c0 RDI: 0000000000000000
[  141.992700][ T6704] RBP: 00007f8eecd09090 R08: 0000200000000340 R09: 0000000000000000
[  141.992711][ T6704] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  141.992720][ T6704] R13: 0000000000000000 R14: 00007f8eec1a5fa0 R15: 00007ffcaeed6978
[  141.992745][ T6704]  </TASK>
[  142.424757][ T6710] /dev/sg0: Can't lookup blockdev
[  142.512682][ T6716] netlink: 'syz.1.192': attribute type 11 has an invalid length.
[  142.520675][ T6716] netlink: 'syz.1.192': attribute type 5 has an invalid length.
[  143.627792][   T57] libceph: connect (1)[c::]:6789 error -101
[  143.681496][   T57] libceph: mon0 (1)[c::]:6789 connect error
[  143.876870][ T6730] cgroup: none used incorrectly
[  143.913553][ T6729] ieee802154 phy0 wpan0: encryption failed: -90
[  144.173966][   T57] libceph: connect (1)[c::]:6789 error -101
[  144.180060][   T57] libceph: mon0 (1)[c::]:6789 connect error
[  144.473769][ T6730] orangefs_mount: mount request failed with -4
[  144.775070][   T57] libceph: connect (1)[c::]:6789 error -101
[  144.794272][   T57] libceph: mon0 (1)[c::]:6789 connect error
[  144.831949][ T6745] netlink: 'syz.3.199': attribute type 11 has an invalid length.
[  144.839957][ T6745] netlink: 'syz.3.199': attribute type 5 has an invalid length.
[  146.054090][ T6719] ceph: No mds server is up or the cluster is laggy
[  146.484273][ T6758] FAULT_INJECTION: forcing a failure.
[  146.484273][ T6758] name failslab, interval 1, probability 0, space 0, times 0
[  146.525412][ T6758] CPU: 0 UID: 0 PID: 6758 Comm: syz.3.202 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  146.525440][ T6758] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  146.525451][ T6758] Call Trace:
[  146.525458][ T6758]  <TASK>
[  146.525466][ T6758]  dump_stack_lvl+0x241/0x360
[  146.525504][ T6758]  ? __pfx_dump_stack_lvl+0x10/0x10
[  146.525534][ T6758]  ? __pfx__printk+0x10/0x10
[  146.525565][ T6758]  ? __kmalloc_node_track_caller_noprof+0xb4/0x4c0
[  146.525594][ T6758]  ? __pfx___might_resched+0x10/0x10
[  146.525618][ T6758]  should_fail_ex+0x40a/0x550
[  146.525644][ T6758]  should_failslab+0xac/0x100
[  146.525669][ T6758]  __kmalloc_node_track_caller_noprof+0xdc/0x4c0
[  146.525696][ T6758]  ? vfs_parse_monolithic_sep+0x287/0x420
[  146.525734][ T6758]  kmemdup_nul+0x30/0xa0
[  146.525758][ T6758]  ? __pfx_ovl_next_opt+0x10/0x10
[  146.525779][ T6758]  vfs_parse_monolithic_sep+0x287/0x420
[  146.525806][ T6758]  ? __pfx_vfs_parse_monolithic_sep+0x10/0x10
[  146.525846][ T6758]  do_new_mount+0x28f/0xb40
[  146.525873][ T6758]  ? __pfx_do_new_mount+0x10/0x10
[  146.525910][ T6758]  __se_sys_mount+0x2d6/0x3c0
[  146.525938][ T6758]  ? __pfx___se_sys_mount+0x10/0x10
[  146.525961][ T6758]  ? do_syscall_64+0x100/0x230
[  146.525988][ T6758]  ? __x64_sys_mount+0x20/0xc0
[  146.526012][ T6758]  do_syscall_64+0xf3/0x230
[  146.526036][ T6758]  ? clear_bhb_loop+0x35/0x90
[  146.526063][ T6758]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.526086][ T6758] RIP: 0033:0x7fa51798cde9
[  146.526102][ T6758] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  146.526116][ T6758] RSP: 002b:00007fa5157d5038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  146.526136][ T6758] RAX: ffffffffffffffda RBX: 00007fa517ba6080 RCX: 00007fa51798cde9
[  146.526149][ T6758] RDX: 0000200000000080 RSI: 00002000000000c0 RDI: 0000000000000000
[  146.526160][ T6758] RBP: 00007fa5157d5090 R08: 0000200000000340 R09: 0000000000000000
[  146.526171][ T6758] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  146.526181][ T6758] R13: 0000000000000001 R14: 00007fa517ba6080 R15: 00007fff1d263348
[  146.526206][ T6758]  </TASK>
[  146.893290][ T6760] fuse: Bad value for 'rootmode'
[  147.186986][ T6769] netlink: 'syz.1.204': attribute type 21 has an invalid length.
[  147.198485][ T6769] netlink: 128 bytes leftover after parsing attributes in process `syz.1.204'.
[  147.222276][ T6769] netlink: 'syz.1.204': attribute type 4 has an invalid length.
[  147.230162][ T6769] netlink: 3 bytes leftover after parsing attributes in process `syz.1.204'.
[  147.255720][   T25] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  147.412586][ T5873] usb 3-1: new full-speed USB device number 15 using dummy_hcd
[  147.432292][   T25] usb 1-1: Using ep0 maxpacket: 8
[  147.440375][   T25] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  147.474659][   T25] usb 1-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a
[  147.512556][ T5918] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  147.531031][   T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  147.533319][ T6777] netlink: 16 bytes leftover after parsing attributes in process `syz.4.209'.
[  147.545921][   T25] usb 1-1: config 0 descriptor??
[  147.589000][ T6777] ip6tnl2: entered allmulticast mode
[  147.593604][   T25] gspca_main: vc032x-2.14.0 probing 046d:0892
[  147.606767][ T5873] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  147.621309][ T5873] usb 3-1: config 0 has no interfaces?
[  147.636058][ T5873] usb 3-1: New USB device found, idVendor=04da, idProduct=390d, bcdDevice=fa.df
[  147.655324][ T5873] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  147.672194][ T5873] usb 3-1: Product: syz
[  147.676679][ T5873] usb 3-1: Manufacturer: syz
[  147.682243][ T5873] usb 3-1: SerialNumber: syz
[  147.722291][ T5918] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 237, changing to 11
[  147.740497][ T5873] usb 3-1: config 0 descriptor??
[  147.760089][ T5918] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 33230, setting to 1024
[  147.786785][ T5918] usb 2-1: New USB device found, idVendor=18b1, idProduct=0037, bcdDevice= 0.00
[  147.815666][ T5918] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  147.850861][ T5918] usb 2-1: config 0 descriptor??
[  148.304380][ T5918] petalynx 0003:18B1:0037.0002: report_id 1848049794 is invalid
[  148.323829][ T6783] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  148.332333][ T5918] petalynx 0003:18B1:0037.0002: item 0 4 1 8 parsing failed
[  148.332968][ T5918] petalynx 0003:18B1:0037.0002: parse failed
[  148.357289][ T5918] petalynx 0003:18B1:0037.0002: probe with driver petalynx failed with error -22
[  148.361374][ T6783] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  148.631270][ T6769] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  148.654820][ T6769] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  149.113726][   T25] gspca_vc032x: reg_w err -110
[  149.118644][   T25] vc032x 1-1:0.0: probe with driver vc032x failed with error -110
[  149.202204][ T6784] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  149.523781][ T5874] usb 1-1: USB disconnect, device number 5
[  151.285729][ T5873] usb 2-1: USB disconnect, device number 7
[  152.461022][ T6818] 8021q: adding VLAN 0 to HW filter on device bond1
[  152.981821][ T6822] FAULT_INJECTION: forcing a failure.
[  152.981821][ T6822] name failslab, interval 1, probability 0, space 0, times 0
[  152.994912][ T6822] CPU: 0 UID: 0 PID: 6822 Comm: syz.0.217 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  152.994929][ T6822] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  152.994936][ T6822] Call Trace:
[  152.994941][ T6822]  <TASK>
[  152.994946][ T6822]  dump_stack_lvl+0x241/0x360
[  152.994972][ T6822]  ? __pfx_dump_stack_lvl+0x10/0x10
[  152.994992][ T6822]  ? __pfx__printk+0x10/0x10
[  152.995012][ T6822]  ? __kmalloc_node_track_caller_noprof+0xb4/0x4c0
[  152.995031][ T6822]  ? __pfx___might_resched+0x10/0x10
[  152.995044][ T6822]  ? kmemdup_nul+0x30/0xa0
[  152.995064][ T6822]  should_fail_ex+0x40a/0x550
[  152.995081][ T6822]  should_failslab+0xac/0x100
[  152.995097][ T6822]  __kmalloc_node_track_caller_noprof+0xdc/0x4c0
[  152.995114][ T6822]  ? ovl_parse_param+0xdf0/0x1900
[  152.995132][ T6822]  kstrdup+0x39/0xb0
[  152.995149][ T6822]  ovl_parse_param+0xdf0/0x1900
[  152.995169][ T6822]  ? __pfx_ovl_parse_param+0x10/0x10
[  152.995182][ T6822]  ? smack_fs_context_parse_param+0xff/0x170
[  152.995197][ T6822]  ? __pfx_smack_fs_context_parse_param+0x10/0x10
[  152.995214][ T6822]  ? rcu_is_watching+0x15/0xb0
[  152.995234][ T6822]  ? static_key_count+0x41/0x70
[  152.995256][ T6822]  vfs_parse_fs_param+0x1a5/0x420
[  152.995272][ T6822]  ? __pfx_ovl_next_opt+0x10/0x10
[  152.995286][ T6822]  vfs_parse_monolithic_sep+0x2d9/0x420
[  152.995305][ T6822]  ? __pfx_vfs_parse_monolithic_sep+0x10/0x10
[  152.995332][ T6822]  do_new_mount+0x28f/0xb40
[  152.995358][ T6822]  ? __pfx_do_new_mount+0x10/0x10
[  152.995379][ T6822]  __se_sys_mount+0x2d6/0x3c0
[  152.995403][ T6822]  ? __pfx___se_sys_mount+0x10/0x10
[  152.995427][ T6822]  ? do_syscall_64+0x100/0x230
[  152.995454][ T6822]  ? __x64_sys_mount+0x20/0xc0
[  152.995478][ T6822]  do_syscall_64+0xf3/0x230
[  152.995503][ T6822]  ? clear_bhb_loop+0x35/0x90
[  152.995523][ T6822]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.995540][ T6822] RIP: 0033:0x7f258018cde9
[  152.995552][ T6822] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  152.995561][ T6822] RSP: 002b:00007f25810b7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  152.995575][ T6822] RAX: ffffffffffffffda RBX: 00007f25803a5fa0 RCX: 00007f258018cde9
[  152.995584][ T6822] RDX: 0000200000000080 RSI: 00002000000000c0 RDI: 0000000000000000
[  152.995592][ T6822] RBP: 00007f25810b7090 R08: 0000200000000340 R09: 0000000000000000
[  152.995601][ T6822] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  152.995608][ T6822] R13: 0000000000000000 R14: 00007f25803a5fa0 R15: 00007ffe62d85898
[  152.995626][ T6822]  </TASK>
[  153.301117][ T6825] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  155.692104][   T57] usb 3-1: USB disconnect, device number 15
[  156.782281][ T5873] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  156.815565][ T6889] FAULT_INJECTION: forcing a failure.
[  156.815565][ T6889] name failslab, interval 1, probability 0, space 0, times 0
[  156.860518][ T6889] CPU: 0 UID: 0 PID: 6889 Comm: syz.4.228 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  156.860546][ T6889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  156.860557][ T6889] Call Trace:
[  156.860563][ T6889]  <TASK>
[  156.860571][ T6889]  dump_stack_lvl+0x241/0x360
[  156.860608][ T6889]  ? __pfx_dump_stack_lvl+0x10/0x10
[  156.860636][ T6889]  ? __pfx__printk+0x10/0x10
[  156.860664][ T6889]  ? kmem_cache_alloc_noprof+0x48/0x380
[  156.860689][ T6889]  ? __pfx___might_resched+0x10/0x10
[  156.860712][ T6889]  should_fail_ex+0x40a/0x550
[  156.860736][ T6889]  should_failslab+0xac/0x100
[  156.860759][ T6889]  ? getname_kernel+0x59/0x2f0
[  156.860786][ T6889]  kmem_cache_alloc_noprof+0x70/0x380
[  156.860808][ T6889]  ? trace_kmalloc+0x1f/0xd0
[  156.860832][ T6889]  getname_kernel+0x59/0x2f0
[  156.860857][ T6889]  kern_path+0x1d/0x50
[  156.860881][ T6889]  ovl_parse_param+0x13f2/0x1900
[  156.860911][ T6889]  ? __pfx_ovl_parse_param+0x10/0x10
[  156.860930][ T6889]  ? smack_fs_context_parse_param+0xff/0x170
[  156.860951][ T6889]  ? __pfx_smack_fs_context_parse_param+0x10/0x10
[  156.860976][ T6889]  ? rcu_is_watching+0x15/0xb0
[  156.861005][ T6889]  ? static_key_count+0x41/0x70
[  156.861034][ T6889]  vfs_parse_fs_param+0x1a5/0x420
[  156.861057][ T6889]  ? __pfx_ovl_next_opt+0x10/0x10
[  156.861078][ T6889]  vfs_parse_monolithic_sep+0x2d9/0x420
[  156.861106][ T6889]  ? __pfx_vfs_parse_monolithic_sep+0x10/0x10
[  156.861152][ T6889]  do_new_mount+0x28f/0xb40
[  156.861180][ T6889]  ? __pfx_do_new_mount+0x10/0x10
[  156.861210][ T6889]  __se_sys_mount+0x2d6/0x3c0
[  156.861237][ T6889]  ? __pfx___se_sys_mount+0x10/0x10
[  156.861261][ T6889]  ? do_syscall_64+0x100/0x230
[  156.861288][ T6889]  ? __x64_sys_mount+0x20/0xc0
[  156.861312][ T6889]  do_syscall_64+0xf3/0x230
[  156.861336][ T6889]  ? clear_bhb_loop+0x35/0x90
[  156.861363][ T6889]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.861386][ T6889] RIP: 0033:0x7f6e14b8cde9
[  156.861402][ T6889] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  156.861416][ T6889] RSP: 002b:00007f6e15a52038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  156.861435][ T6889] RAX: ffffffffffffffda RBX: 00007f6e14da5fa0 RCX: 00007f6e14b8cde9
[  156.861448][ T6889] RDX: 0000200000000080 RSI: 00002000000000c0 RDI: 0000000000000000
[  156.861459][ T6889] RBP: 00007f6e15a52090 R08: 0000200000000340 R09: 0000000000000000
[  156.861470][ T6889] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  156.861480][ T6889] R13: 0000000000000000 R14: 00007f6e14da5fa0 R15: 00007ffcf91e9358
[  156.861505][ T6889]  </TASK>
[  156.861624][ T6889] overlayfs: failed to resolve './bus': -12
[  157.092545][ T5873] usb 1-1: Using ep0 maxpacket: 32
[  157.874583][ T5873] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  157.900552][ T6899] netlink: 36 bytes leftover after parsing attributes in process `syz.4.231'.
[  157.903971][ T5873] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  157.939183][ T5873] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  157.982232][ T5873] usb 1-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[  157.990622][ T5873] usb 1-1: Product: syz
[  157.995162][ T5873] usb 1-1: Manufacturer: syz
[  158.147630][ T5873] hub 1-1:4.0: USB hub found
[  158.948519][ T5873] hub 1-1:4.0: config failed, can't read hub descriptor (err -22)
[  158.961900][ T6909] 8021q: adding VLAN 0 to HW filter on device bond2
[  159.021062][ T5873] usb 1-1: USB disconnect, device number 6
[  160.071394][ T6931] netlink: 12 bytes leftover after parsing attributes in process `syz.4.237'.
[  160.094513][ T6932] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  160.812233][ T5827] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  160.962756][   T57] usb 4-1: new full-speed USB device number 9 using dummy_hcd
[  161.050503][ T5827] usb 5-1: Using ep0 maxpacket: 32
[  161.073404][ T5827] usb 5-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be
[  161.102230][ T5827] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  161.138778][   T57] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  161.160388][ T5827] usb 5-1: config 0 descriptor??
[  161.187113][ T5827] gspca_main: vc032x-2.14.0 probing 0ac8:0321
[  161.197379][   T57] usb 4-1: config 0 has no interfaces?
[  161.395795][   T57] usb 4-1: New USB device found, idVendor=04da, idProduct=390d, bcdDevice=fa.df
[  161.416780][   T57] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  161.425260][   T57] usb 4-1: Product: syz
[  161.429672][   T57] usb 4-1: Manufacturer: syz
[  161.435205][   T57] usb 4-1: SerialNumber: syz
[  161.922973][ T5827] gspca_vc032x: reg_w err -110
[  162.073577][   T57] usb 4-1: config 0 descriptor??
[  162.166595][ T5827] gspca_vc032x: I2c Bus Busy Wait 00
[  162.200281][ T5827] gspca_vc032x: I2c Bus Busy Wait 00
[  162.215750][ T5827] gspca_vc032x: I2c Bus Busy Wait 00
[  162.240745][ T5827] gspca_vc032x: I2c Bus Busy Wait 00
[  162.252122][ T5827] gspca_vc032x: I2c Bus Busy Wait 00
[  162.266009][ T5827] gspca_vc032x: I2c Bus Busy Wait 00
[  162.271439][ T5827] gspca_vc032x: I2c Bus Busy Wait 00
[  162.281966][ T5827] gspca_vc032x: I2c Bus Busy Wait 00
[  162.322351][ T5827] gspca_vc032x: I2c Bus Busy Wait 00
[  162.327683][ T5827] gspca_vc032x: I2c Bus Busy Wait 00
[  162.342514][ T5827] gspca_vc032x: I2c Bus Busy Wait 00
[  162.370025][ T5827] gspca_vc032x: I2c Bus Busy Wait 00
[  162.389639][ T5827] gspca_vc032x: I2c Bus Busy Wait 00
[  162.413549][ T5827] gspca_vc032x: I2c Bus Busy Wait 00
[  162.439397][ T5827] gspca_vc032x: I2c Bus Busy Wait 00
[  162.452591][ T5827] gspca_vc032x: I2c Bus Busy Wait 00
[  162.457916][ T5827] gspca_vc032x: I2c Bus Busy Wait 00
[  162.502297][ T5827] gspca_vc032x: I2c Bus Busy Wait 00
[  162.514868][ T5827] gspca_vc032x: Unknown sensor...
[  162.533408][ T5827] vc032x 5-1:0.0: probe with driver vc032x failed with error -22
[  162.572510][   T57] usb 2-1: new full-speed USB device number 8 using dummy_hcd
[  162.696119][ T6971] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  162.711525][ T6971] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  162.780087][   T57] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  162.798218][   T57] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid maxpacket 1024, setting to 64
[  162.814245][   T57] usb 2-1: config 0 interface 0 has no altsetting 0
[  162.821033][   T57] usb 2-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00
[  162.881911][   T57] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  162.945672][   T57] usb 2-1: config 0 descriptor??
[  162.960459][ T6952] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[  163.236004][ T5874] usb 5-1: USB disconnect, device number 7
[  163.477795][   T57] wacom 0003:056A:0063.0003: Unknown device_type for 'HID 056a:0063'. Assuming pen.
[  163.630779][   T57] wacom 0003:056A:0063.0003: hidraw0: USB HID v0.00 Device [HID 056a:0063] on usb-dummy_hcd.1-1/input0
[  163.782558][   T57] input: Wacom Volito2 2x3 Pen as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:056A:0063.0003/input/input6
[  164.127211][   T57] usb 2-1: USB disconnect, device number 8
[  164.842762][ T7000] sctp: [Deprecated]: syz.4.250 (pid 7000) Use of int in max_burst socket option.
[  164.842762][ T7000] Use struct sctp_assoc_value instead
[  165.098895][ T7001] netlink: 'syz.0.251': attribute type 2 has an invalid length.
[  165.110983][ T7001] Tq€: entered promiscuous mode
[  165.656416][ T7014] FAULT_INJECTION: forcing a failure.
[  165.656416][ T7014] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  165.669863][ T7014] CPU: 0 UID: 0 PID: 7014 Comm: syz.0.252 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  165.669886][ T7014] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  165.669896][ T7014] Call Trace:
[  165.669901][ T7014]  <TASK>
[  165.669908][ T7014]  dump_stack_lvl+0x241/0x360
[  165.669943][ T7014]  ? __pfx_dump_stack_lvl+0x10/0x10
[  165.669971][ T7014]  ? __pfx__printk+0x10/0x10
[  165.670005][ T7014]  should_fail_ex+0x40a/0x550
[  165.670026][ T7014]  _copy_to_user+0x31/0xb0
[  165.670044][ T7014]  generic_map_lookup_batch+0x95d/0xf90
[  165.670069][ T7014]  ? __pfx_lock_release+0x10/0x10
[  165.670104][ T7014]  ? __pfx_generic_map_lookup_batch+0x10/0x10
[  165.670129][ T7014]  ? __fget_files+0x395/0x410
[  165.670152][ T7014]  ? __fget_files+0x2a/0x410
[  165.670178][ T7014]  ? __pfx_generic_map_lookup_batch+0x10/0x10
[  165.670206][ T7014]  bpf_map_do_batch+0x288/0x660
[  165.670232][ T7014]  __sys_bpf+0x654/0x810
[  165.670250][ T7014]  ? __pfx___sys_bpf+0x10/0x10
[  165.670266][ T7014]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  165.670307][ T7014]  __x64_sys_bpf+0x7c/0x90
[  165.670323][ T7014]  do_syscall_64+0xf3/0x230
[  165.670347][ T7014]  ? clear_bhb_loop+0x35/0x90
[  165.670373][ T7014]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  165.670396][ T7014] RIP: 0033:0x7f258018cde9
[  165.670412][ T7014] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  165.670426][ T7014] RSP: 002b:00007f2581096038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  165.670444][ T7014] RAX: ffffffffffffffda RBX: 00007f25803a6080 RCX: 00007f258018cde9
[  165.670457][ T7014] RDX: 0000000000000038 RSI: 00002000000003c0 RDI: 0000000000000018
[  165.670468][ T7014] RBP: 00007f2581096090 R08: 0000000000000000 R09: 0000000000000000
[  165.670478][ T7014] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  165.670488][ T7014] R13: 0000000000000000 R14: 00007f25803a6080 R15: 00007ffe62d85898
[  165.670512][ T7014]  </TASK>
[  166.823851][ T7035] netlink: 12 bytes leftover after parsing attributes in process `syz.4.259'.
[  166.878502][ T6593] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  167.172869][ T5918] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  167.517864][ T5918] usb 5-1: Using ep0 maxpacket: 32
[  167.725674][ T5918] usb 5-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be
[  167.762231][ T5918] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  167.789477][ T5918] usb 5-1: config 0 descriptor??
[  167.831416][ T5918] gspca_main: vc032x-2.14.0 probing 0ac8:0321
[  168.002680][ T5873] usb 4-1: USB disconnect, device number 9
[  168.396960][ T7067] netlink: 'syz.2.263': attribute type 2 has an invalid length.
[  168.493886][ T5918] gspca_vc032x: reg_w err -71
[  169.061012][ T5918] gspca_vc032x: I2c Bus Busy Wait 00
[  169.074723][ T5918] gspca_vc032x: I2c Bus Busy Wait 00
[  169.091683][ T5918] gspca_vc032x: I2c Bus Busy Wait 00
[  169.097078][ T5918] gspca_vc032x: I2c Bus Busy Wait 00
[  169.115921][ T5918] gspca_vc032x: I2c Bus Busy Wait 00
[  169.121244][ T5918] gspca_vc032x: I2c Bus Busy Wait 00
[  169.540364][ T5918] gspca_vc032x: I2c Bus Busy Wait 00
[  169.563896][ T5918] gspca_vc032x: I2c Bus Busy Wait 00
[  169.570628][ T5918] gspca_vc032x: I2c Bus Busy Wait 00
[  169.576325][ T5918] gspca_vc032x: I2c Bus Busy Wait 00
[  169.581630][ T5918] gspca_vc032x: I2c Bus Busy Wait 00
[  169.586962][ T5918] gspca_vc032x: I2c Bus Busy Wait 00
[  169.592341][ T5918] gspca_vc032x: I2c Bus Busy Wait 00
[  169.597638][ T5918] gspca_vc032x: I2c Bus Busy Wait 00
[  169.602992][ T5918] gspca_vc032x: I2c Bus Busy Wait 00
[  169.608317][ T5918] gspca_vc032x: I2c Bus Busy Wait 00
[  169.613640][ T5918] gspca_vc032x: I2c Bus Busy Wait 00
[  169.618944][ T5918] gspca_vc032x: I2c Bus Busy Wait 00
[  169.624370][ T5918] gspca_vc032x: Unknown sensor...
[  169.629469][ T5918] vc032x 5-1:0.0: probe with driver vc032x failed with error -22
[  169.643517][ T5918] usb 5-1: USB disconnect, device number 8
[  170.986311][ T7093] block device autoloading is deprecated and will be removed.
[  172.512413][ T5873] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  172.854240][ T5873] usb 3-1: Using ep0 maxpacket: 32
[  172.894901][ T5873] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  172.932489][ T5874] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  172.986880][ T5873] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  173.167627][ T5874] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  173.183254][ T7127] netlink: 8 bytes leftover after parsing attributes in process `syz.0.276'.
[  173.196247][   T25] usb 5-1: new full-speed USB device number 9 using dummy_hcd
[  173.267420][ T5874] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  173.269961][ T5873] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  173.350987][ T5873] usb 3-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[  173.372465][ T5874] usb 4-1: New USB device found, idVendor=07c0, idProduct=1125, bcdDevice= 0.00
[  173.374718][ T5873] usb 3-1: Product: syz
[  173.430806][ T5874] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  173.438500][   T25] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  173.502221][ T5874] usb 4-1: config 0 descriptor??
[  173.505680][ T5873] usb 3-1: Manufacturer: syz
[  173.517448][ T5873] hub 3-1:4.0: USB hub found
[  173.523621][   T25] usb 5-1: config 0 has no interfaces?
[  173.534496][   T25] usb 5-1: New USB device found, idVendor=04da, idProduct=390d, bcdDevice=fa.df
[  173.544520][   T25] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  173.554123][   T25] usb 5-1: Product: syz
[  173.558420][   T25] usb 5-1: Manufacturer: syz
[  173.590694][   T25] usb 5-1: SerialNumber: syz
[  173.623852][   T25] usb 5-1: config 0 descriptor??
[  173.746255][ T5873] hub 3-1:4.0: 2 ports detected
[  173.951300][ T5873] hub 3-1:4.0: hub_hub_status failed (err = -71)
[  173.979486][ T5873] hub 3-1:4.0: config failed, can't get hub status (err -71)
[  174.076992][ T5873] usb 3-1: USB disconnect, device number 16
[  174.207462][ T7139] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  174.224004][ T7139] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  174.591620][ T7141] netlink: 'syz.1.277': attribute type 2 has an invalid length.
[  174.667985][ T7141] Tq€: entered promiscuous mode
[  175.495796][ T7143] netlink: 8 bytes leftover after parsing attributes in process `syz.0.278'.
[  175.911138][ T5874] usbhid 4-1:0.0: can't add hid device: -71
[  175.942267][ T5874] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  175.990860][ T5874] usb 4-1: USB disconnect, device number 10
[  176.298929][ T7155] netlink: 8 bytes leftover after parsing attributes in process `syz.0.282'.
[  177.270932][    T9] kernel write not supported for file /159/attr/exec (pid: 9 comm: kworker/0:1)
[  177.452283][ T5874] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  177.514138][ T7173] block device autoloading is deprecated and will be removed.
[  177.533982][ T7173] syz.1.288: attempt to access beyond end of device
[  177.533982][ T7173] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  177.607863][ T7175] xt_cluster: node mask cannot exceed total number of nodes
[  178.352681][ T7177] xt_TCPMSS: Only works on TCP SYN packets
[  178.401074][ T5918] usb 5-1: USB disconnect, device number 9
[  178.416540][ T5874] usb 4-1: Using ep0 maxpacket: 16
[  178.442345][ T5874] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  178.480327][ T5874] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  178.668931][ T5874] usb 4-1: New USB device found, idVendor=05a4, idProduct=8003, bcdDevice= 0.00
[  178.678181][ T5874] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  178.729029][ T5874] usb 4-1: config 0 descriptor??
[  178.797474][ T7185] netlink: 'syz.1.289': attribute type 2 has an invalid length.
[  179.453295][ T5874] usb 4-1: can't set config #0, error -71
[  179.497492][ T5874] usb 4-1: USB disconnect, device number 11
[  179.587514][ T7186] netlink: 8 bytes leftover after parsing attributes in process `syz.4.292'.
[  180.607207][ T7196] netlink: 16 bytes leftover after parsing attributes in process `syz.1.294'.
[  181.416381][ T7206] overlayfs: missing 'lowerdir'
[  181.500033][ T7206] Bluetooth: hci4: Opcode 0x0401 failed: -4
[  181.529337][ T7208] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  183.097875][ T5827] usb 4-1: new full-speed USB device number 12 using dummy_hcd
[  183.212419][ T7233] netlink: 'syz.1.304': attribute type 2 has an invalid length.
[  183.281939][ T5827] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  183.452038][ T5827] usb 4-1: config 0 has no interfaces?
[  183.502696][ T5829] Bluetooth: hci4: command 0x0401 tx timeout
[  183.625843][ T5827] usb 4-1: New USB device found, idVendor=04da, idProduct=390d, bcdDevice=fa.df
[  183.753633][ T7237] FAULT_INJECTION: forcing a failure.
[  183.753633][ T7237] name failslab, interval 1, probability 0, space 0, times 0
[  183.770433][ T5827] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  183.877999][ T7237] CPU: 0 UID: 0 PID: 7237 Comm: syz.4.306 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  183.878029][ T7237] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  183.878040][ T7237] Call Trace:
[  183.878047][ T7237]  <TASK>
[  183.878054][ T7237]  dump_stack_lvl+0x241/0x360
[  183.878091][ T7237]  ? __pfx_dump_stack_lvl+0x10/0x10
[  183.878120][ T7237]  ? __pfx__printk+0x10/0x10
[  183.878148][ T7237]  ? kmem_cache_alloc_noprof+0x48/0x380
[  183.878172][ T7237]  ? __pfx___might_resched+0x10/0x10
[  183.878196][ T7237]  should_fail_ex+0x40a/0x550
[  183.878220][ T7237]  should_failslab+0xac/0x100
[  183.878243][ T7237]  ? getname_kernel+0x59/0x2f0
[  183.878265][ T7237]  kmem_cache_alloc_noprof+0x70/0x380
[  183.878288][ T7237]  ? trace_kmalloc+0x1f/0xd0
[  183.878313][ T7237]  getname_kernel+0x59/0x2f0
[  183.878338][ T7237]  kern_path+0x1d/0x50
[  183.878362][ T7237]  ovl_parse_param+0x11b7/0x1900
[  183.878392][ T7237]  ? __pfx_ovl_parse_param+0x10/0x10
[  183.878411][ T7237]  ? smack_fs_context_parse_param+0xff/0x170
[  183.878432][ T7237]  ? __pfx_smack_fs_context_parse_param+0x10/0x10
[  183.878457][ T7237]  ? rcu_is_watching+0x15/0xb0
[  183.878485][ T7237]  ? static_key_count+0x41/0x70
[  183.878516][ T7237]  vfs_parse_fs_param+0x1a5/0x420
[  183.878539][ T7237]  ? __pfx_ovl_next_opt+0x10/0x10
[  183.878560][ T7237]  vfs_parse_monolithic_sep+0x2d9/0x420
[  183.878592][ T7237]  ? __pfx_vfs_parse_monolithic_sep+0x10/0x10
[  183.878654][ T7237]  do_new_mount+0x28f/0xb40
[  183.878686][ T7237]  ? __pfx_do_new_mount+0x10/0x10
[  183.878722][ T7237]  __se_sys_mount+0x2d6/0x3c0
[  183.878755][ T7237]  ? __pfx___se_sys_mount+0x10/0x10
[  183.878789][ T7237]  ? do_syscall_64+0x100/0x230
[  183.878821][ T7237]  ? __x64_sys_mount+0x20/0xc0
[  183.878850][ T7237]  do_syscall_64+0xf3/0x230
[  183.878879][ T7237]  ? clear_bhb_loop+0x35/0x90
[  183.878911][ T7237]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  183.878940][ T7237] RIP: 0033:0x7f6e14b8cde9
[  183.878958][ T7237] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  183.878975][ T7237] RSP: 002b:00007f6e15a52038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  183.878997][ T7237] RAX: ffffffffffffffda RBX: 00007f6e14da5fa0 RCX: 00007f6e14b8cde9
[  183.879012][ T7237] RDX: 0000200000000080 RSI: 00002000000000c0 RDI: 0000000000000000
[  183.879025][ T7237] RBP: 00007f6e15a52090 R08: 0000200000000340 R09: 0000000000000000
[  183.879039][ T7237] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  183.879051][ T7237] R13: 0000000000000000 R14: 00007f6e14da5fa0 R15: 00007ffcf91e9358
[  183.879081][ T7237]  </TASK>
[  183.879091][ T7237] overlayfs: failed to resolve './file0': -12
[  183.972819][ T5827] usb 4-1: Product: syz
[  184.352492][ T5874] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  184.389148][ T5827] usb 4-1: Manufacturer: syz
[  184.394250][ T5827] usb 4-1: SerialNumber: syz
[  184.401197][ T5827] usb 4-1: config 0 descriptor??
[  184.512253][ T5874] usb 2-1: Using ep0 maxpacket: 16
[  184.534093][ T5874] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  184.713507][ T5874] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  184.723766][ T5874] usb 2-1: New USB device found, idVendor=1b96, idProduct=0008, bcdDevice= 0.00
[  184.732977][ T5874] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  184.744346][ T5874] usb 2-1: config 0 descriptor??
[  185.193480][ T7263] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  185.229760][ T5874] ntrig 0003:1B96:0008.0004: hidraw0: USB HID v0.00 Device [HID 1b96:0008] on usb-dummy_hcd.1-1/input0
[  185.240633][ T7263] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  185.646749][ T5874] usb 2-1: USB disconnect, device number 9
[  185.655998][ T5827] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  185.832229][ T5827] usb 1-1: Using ep0 maxpacket: 32
[  185.844023][ T5827] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  185.872259][ T5827] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  185.884616][ T5827] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  185.893889][ T5827] usb 1-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[  185.902396][ T5827] usb 1-1: Product: syz
[  185.906620][ T5827] usb 1-1: Manufacturer: syz
[  185.934840][ T5827] hub 1-1:4.0: USB hub found
[  186.159741][ T5827] hub 1-1:4.0: 2 ports detected
[  186.366893][ T5827] hub 1-1:4.0: hub_hub_status failed (err = -71)
[  186.388923][ T5827] hub 1-1:4.0: config failed, can't get hub status (err -71)
[  186.445586][ T5827] usb 1-1: USB disconnect, device number 7
[  186.639081][ T7273] evm: overlay not supported
[  187.053667][ T7278] No control pipe specified
[  187.104432][ T7281] netlink: 28 bytes leftover after parsing attributes in process `syz.4.316'.
[  187.387192][ T5827] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  187.552303][ T5827] usb 5-1: Using ep0 maxpacket: 32
[  187.566044][ T5827] usb 5-1: config 0 has an invalid interface number: 146 but max is 0
[  187.590794][ T5827] usb 5-1: config 0 has no interface number 0
[  187.610607][ T5827] usb 5-1: config 0 interface 146 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  187.823763][ T5827] usb 5-1: config 0 interface 146 altsetting 0 has an endpoint descriptor with address 0xE3, changing to 0x83
[  187.842536][ T7291] netlink: 'syz.0.317': attribute type 2 has an invalid length.
[  187.875112][ T5827] usb 5-1: config 0 interface 146 altsetting 0 endpoint 0x83 has invalid maxpacket 33307, setting to 1024
[  187.886668][ T5827] usb 5-1: config 0 interface 146 altsetting 0 bulk endpoint 0x83 has invalid maxpacket 1024
[  188.037261][ T5827] usb 5-1: config 0 interface 146 altsetting 0 has an endpoint descriptor with address 0xF2, changing to 0x82
[  188.332288][ T5827] usb 5-1: config 0 interface 146 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  188.380800][   T25] usb 4-1: USB disconnect, device number 12
[  188.392297][ T5827] usb 5-1: config 0 interface 146 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  188.465654][ T5827] usb 5-1: config 0 interface 146 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  188.507498][ T7293] netlink: 'syz.2.318': attribute type 2 has an invalid length.
[  188.515797][ T5827] usb 5-1: config 0 interface 146 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3
[  188.560224][ T5827] usb 5-1: New USB device found, idVendor=05da, idProduct=009a, bcdDevice=62.95
[  188.632247][ T5827] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  188.643193][ T5827] usb 5-1: Product: syz
[  188.647387][ T5827] usb 5-1: Manufacturer: syz
[  188.652704][ T5827] usb 5-1: SerialNumber: syz
[  188.710651][ T5827] usb 5-1: config 0 descriptor??
[  188.739996][ T7283] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  188.786018][ T5827] microtek usb (rev 0.4.3): can only deal with bulk endpoints; endpoint 1 is not bulk.
[  188.796583][ T5827] microtek usb (rev 0.4.3): couldn't find an output bulk endpoint. Bailing out.
[  188.926470][ T7299] bridge1: the hash_elasticity option has been deprecated and is always 16
[  188.982903][ T5827] usb 5-1: USB disconnect, device number 10
[  189.479328][   T25] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  189.903649][   T25] usb 4-1: invalid descriptor for config index 0: type = 0x2, length = 73
[  189.968174][   T25] usb 4-1: can't read configurations, error -22
[  190.122253][   T25] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  190.417150][   T25] usb 4-1: invalid descriptor for config index 0: type = 0x2, length = 73
[  190.662618][   T25] usb 4-1: can't read configurations, error -22
[  190.673011][   T25] usb usb4-port1: attempt power cycle
[  190.963151][ T7319] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  191.042608][   T25] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  191.086631][   T25] usb 4-1: invalid descriptor for config index 0: type = 0x2, length = 73
[  191.099043][   T25] usb 4-1: can't read configurations, error -22
[  191.254836][   T25] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  191.262681][ T5825] Bluetooth: hci1: command 0x0406 tx timeout
[  191.268853][   T53] Bluetooth: hci2: command 0x0406 tx timeout
[  191.274976][   T53] Bluetooth: hci0: command 0x0406 tx timeout
[  191.283118][ T5825] Bluetooth: hci3: command 0x0406 tx timeout
[  191.289453][ T5830] Bluetooth: hci4: command 0x0401 tx timeout
[  191.328886][   T25] usb 4-1: invalid descriptor for config index 0: type = 0x2, length = 73
[  191.363582][ T7333] blackhole_netdev_xmit(): Dropping skb.
[  191.380028][   T25] usb 4-1: can't read configurations, error -22
[  191.387032][   T25] usb usb4-port1: unable to enumerate USB device
[  191.412953][ T7333] blackhole_netdev_xmit(): Dropping skb.
[  191.419058][ T7333] blackhole_netdev_xmit(): Dropping skb.
[  191.425700][ T7333] blackhole_netdev_xmit(): Dropping skb.
[  191.452092][ T7333] blackhole_netdev_xmit(): Dropping skb.
[  191.458663][ T7333] blackhole_netdev_xmit(): Dropping skb.
[  191.468210][ T7333] blackhole_netdev_xmit(): Dropping skb.
[  191.474141][ T7333] blackhole_netdev_xmit(): Dropping skb.
[  191.482633][ T7333] blackhole_netdev_xmit(): Dropping skb.
[  191.488431][ T7333] blackhole_netdev_xmit(): Dropping skb.
[  191.670291][    T9] usb 5-1: new full-speed USB device number 11 using dummy_hcd
[  191.846721][    T9] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  191.858119][    T9] usb 5-1: config 0 has no interfaces?
[  192.092204][    T9] usb 5-1: New USB device found, idVendor=04da, idProduct=390d, bcdDevice=fa.df
[  192.183422][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  192.327568][    T9] usb 5-1: Product: syz
[  192.408634][    T9] usb 5-1: Manufacturer: syz
[  192.480679][    T9] usb 5-1: SerialNumber: syz
[  192.502108][    T9] usb 5-1: config 0 descriptor??
[  192.842263][    T9] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  193.023950][    T9] usb 1-1: Using ep0 maxpacket: 32
[  193.038711][    T9] usb 1-1: config 0 has an invalid interface number: 184 but max is 0
[  193.057275][    T9] usb 1-1: config 0 has no interface number 0
[  193.072180][    T9] usb 1-1: config 0 interface 184 has no altsetting 0
[  193.101663][    T9] usb 1-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  193.121153][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  193.142856][ T7356] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  193.161650][    T9] usb 1-1: Product: syz
[  193.171908][ T7356] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  193.184377][    T9] usb 1-1: Manufacturer: syz
[  193.199570][    T9] usb 1-1: SerialNumber: syz
[  193.382269][ T5837] Bluetooth: hci4: command 0x0401 tx timeout
[  193.425627][    T9] usb 1-1: config 0 descriptor??
[  193.437823][    T9] smsc75xx v1.0.0
[  193.669232][    T9] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -71
[  193.710296][    T9] smsc75xx 1-1:0.184: probe with driver smsc75xx failed with error -71
[  193.727137][    T9] usb 1-1: USB disconnect, device number 8
[  194.177125][ T5827] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  194.307501][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  194.315012][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  194.482524][ T5827] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  194.515883][ T5827] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  194.584484][ T5827] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  194.676765][ T5873] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  194.766032][ T5827] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  194.942387][ T5873] usb 1-1: Using ep0 maxpacket: 32
[  195.691987][ T5873] usb 1-1: config 4 has an invalid interface number: 20 but max is 0
[  196.083269][ T7370] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  196.173870][ T7371] cgroup2: Unknown parameter 'memory'
[  196.665983][ T5827] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  196.812945][ T5873] usb 1-1: config 4 has no interface number 0
[  196.819110][ T5873] usb 1-1: config 4 interface 20 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  196.830281][ T5827] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  196.847662][ T5873] usb 1-1: config 4 interface 20 altsetting 0 has an endpoint descriptor with address 0xE3, changing to 0x83
[  196.860494][ T5827] usb 4-1: config 0 descriptor??
[  196.867401][ T5873] usb 1-1: config 4 interface 20 altsetting 0 endpoint 0x83 has invalid maxpacket 33307, setting to 1024
[  196.879708][ T5827] usb 4-1: can't set config #0, error -71
[  196.889980][ T5873] usb 1-1: config 4 interface 20 altsetting 0 bulk endpoint 0x83 has invalid maxpacket 1024
[  196.902670][ T5827] usb 4-1: USB disconnect, device number 17
[  196.915402][ T5873] usb 1-1: config 4 interface 20 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  196.926088][ T5873] usb 1-1: config 4 interface 20 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0
[  196.935941][ T5873] usb 1-1: config 4 interface 20 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  196.951250][ T5873] usb 1-1: New USB device found, idVendor=0bb4, idProduct=0a52, bcdDevice=e0.78
[  196.960509][ T5873] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  196.972202][ T5873] usb 1-1: Product: syz
[  196.977195][ T5873] usb 1-1: Manufacturer: syz
[  196.992016][ T5873] usb 1-1: SerialNumber: syz
[  197.005930][ T7367] raw-gadget.3 gadget.0: fail, usb_ep_enable returned -22
[  197.024255][ T5873] ipaq 1-1:4.20: PocketPC PDA converter detected
[  197.030802][ T5873] usb 1-1: active config #4 != 1 ??
[  197.103376][ T7378] netlink: 12 bytes leftover after parsing attributes in process `syz.1.340'.
[  197.143914][ T7375] netlink: 16 bytes leftover after parsing attributes in process `syz.3.343'.
[  197.212107][    T9] usb 5-1: USB disconnect, device number 11
[  197.213117][ T7383] FAULT_INJECTION: forcing a failure.
[  197.213117][ T7383] name failslab, interval 1, probability 0, space 0, times 0
[  197.240091][ T7367] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  197.254826][ T7383] CPU: 1 UID: 0 PID: 7383 Comm: syz.2.344 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  197.254850][ T7383] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  197.254861][ T7383] Call Trace:
[  197.254867][ T7383]  <TASK>
[  197.254874][ T7383]  dump_stack_lvl+0x241/0x360
[  197.254912][ T7383]  ? __pfx_dump_stack_lvl+0x10/0x10
[  197.254951][ T7383]  ? __pfx__printk+0x10/0x10
[  197.254981][ T7383]  ? __kmalloc_node_track_caller_noprof+0xb4/0x4c0
[  197.255009][ T7383]  ? __pfx___might_resched+0x10/0x10
[  197.255028][ T7383]  ? do_new_mount+0x28f/0xb40
[  197.255053][ T7383]  should_fail_ex+0x40a/0x550
[  197.255079][ T7383]  should_failslab+0xac/0x100
[  197.255103][ T7383]  __kmalloc_node_track_caller_noprof+0xdc/0x4c0
[  197.255129][ T7383]  ? ovl_do_parse_layer+0x99/0xb80
[  197.255157][ T7383]  kstrdup+0x39/0xb0
[  197.255185][ T7383]  ovl_do_parse_layer+0x99/0xb80
[  197.255207][ T7383]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  197.255237][ T7383]  ? __pfx_ovl_do_parse_layer+0x10/0x10
[  197.255259][ T7383]  ? lockdep_hardirqs_on+0x99/0x150
[  197.255285][ T7383]  ? ovl_parse_param+0x11d9/0x1900
[  197.255309][ T7383]  ? ovl_parse_param+0x11d9/0x1900
[  197.255334][ T7383]  ovl_parse_param+0x11eb/0x1900
[  197.255374][ T7383]  ? __pfx_ovl_parse_param+0x10/0x10
[  197.255393][ T7383]  ? smack_fs_context_parse_param+0xff/0x170
[  197.255415][ T7383]  ? __pfx_smack_fs_context_parse_param+0x10/0x10
[  197.255439][ T7383]  ? rcu_is_watching+0x15/0xb0
[  197.255468][ T7383]  ? static_key_count+0x41/0x70
[  197.255499][ T7383]  vfs_parse_fs_param+0x1a5/0x420
[  197.255522][ T7383]  ? __pfx_ovl_next_opt+0x10/0x10
[  197.255542][ T7383]  vfs_parse_monolithic_sep+0x2d9/0x420
[  197.255570][ T7383]  ? __pfx_vfs_parse_monolithic_sep+0x10/0x10
[  197.255609][ T7383]  do_new_mount+0x28f/0xb40
[  197.255636][ T7383]  ? __pfx_do_new_mount+0x10/0x10
[  197.255666][ T7383]  __se_sys_mount+0x2d6/0x3c0
[  197.255693][ T7383]  ? __pfx___se_sys_mount+0x10/0x10
[  197.255717][ T7383]  ? do_syscall_64+0x100/0x230
[  197.255743][ T7383]  ? __x64_sys_mount+0x20/0xc0
[  197.255767][ T7383]  do_syscall_64+0xf3/0x230
[  197.255791][ T7383]  ? clear_bhb_loop+0x35/0x90
[  197.255819][ T7383]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  197.255842][ T7383] RIP: 0033:0x7f9e28f8cde9
[  197.255857][ T7383] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  197.255871][ T7383] RSP: 002b:00007f9e29d77038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  197.255890][ T7383] RAX: ffffffffffffffda RBX: 00007f9e291a5fa0 RCX: 00007f9e28f8cde9
[  197.255903][ T7383] RDX: 0000200000000080 RSI: 00002000000000c0 RDI: 0000000000000000
[  197.255915][ T7383] RBP: 00007f9e29d77090 R08: 0000200000000340 R09: 0000000000000000
[  197.255926][ T7383] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  197.255936][ T7383] R13: 0000000000000000 R14: 00007f9e291a5fa0 R15: 00007ffc256beb58
[  197.255967][ T7383]  </TASK>
[  197.256330][ T7367] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  197.684233][ T5827] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  197.705873][    T9] usb 1-1: USB disconnect, device number 9
[  197.831058][ T7390] syz.4.346 uses obsolete (PF_INET,SOCK_PACKET)
[  198.307677][   T52] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  198.744638][ T5827] usb 2-1: Using ep0 maxpacket: 32
[  198.754308][    T9] libceph: connect (1)[c::]:6789 error -101
[  198.763985][ T5827] usb 2-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be
[  198.777934][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  198.794650][    T9] libceph: connect (1)[c::]:6789 error -101
[  198.802299][ T5827] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  198.803197][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  198.814731][ T7409] netlink: 12 bytes leftover after parsing attributes in process `syz.2.351'.
[  198.837770][ T5827] usb 2-1: config 0 descriptor??
[  198.858384][ T5827] gspca_main: vc032x-2.14.0 probing 0ac8:0321
[  199.083472][    T9] libceph: connect (1)[c::]:6789 error -101
[  199.106834][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  199.493115][ T5827] gspca_vc032x: reg_w err -71
[  199.500240][ T5827] gspca_vc032x: I2c Bus Busy Wait 00
[  199.527455][ T7403] ceph: No mds server is up or the cluster is laggy
[  199.570460][ T5827] gspca_vc032x: I2c Bus Busy Wait 00
[  199.608547][ T5827] gspca_vc032x: I2c Bus Busy Wait 00
[  199.646920][ T5827] gspca_vc032x: I2c Bus Busy Wait 00
[  199.647189][ T5874] libceph: connect (1)[c::]:6789 error -101
[  199.716845][ T5827] gspca_vc032x: I2c Bus Busy Wait 00
[  199.752217][ T5874] libceph: mon0 (1)[c::]:6789 connect error
[  199.760655][ T5827] gspca_vc032x: I2c Bus Busy Wait 00
[  199.807653][ T7427] FAULT_INJECTION: forcing a failure.
[  199.807653][ T7427] name failslab, interval 1, probability 0, space 0, times 0
[  199.828704][ T5827] gspca_vc032x: I2c Bus Busy Wait 00
[  199.835196][ T5827] gspca_vc032x: I2c Bus Busy Wait 00
[  199.840526][ T5827] gspca_vc032x: I2c Bus Busy Wait 00
[  199.852331][ T7427] CPU: 0 UID: 0 PID: 7427 Comm: syz.3.355 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  199.852355][ T7427] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  199.852366][ T7427] Call Trace:
[  199.852372][ T7427]  <TASK>
[  199.852380][ T7427]  dump_stack_lvl+0x241/0x360
[  199.852416][ T7427]  ? __pfx_dump_stack_lvl+0x10/0x10
[  199.852445][ T7427]  ? __pfx__printk+0x10/0x10
[  199.852474][ T7427]  ? __kmalloc_node_track_caller_noprof+0xb4/0x4c0
[  199.852502][ T7427]  ? __pfx___might_resched+0x10/0x10
[  199.852521][ T7427]  ? kmemdup_nul+0x30/0xa0
[  199.852551][ T7427]  should_fail_ex+0x40a/0x550
[  199.852577][ T7427]  should_failslab+0xac/0x100
[  199.852602][ T7427]  __kmalloc_node_track_caller_noprof+0xdc/0x4c0
[  199.852627][ T7427]  ? ovl_parse_param+0xdf0/0x1900
[  199.852652][ T7427]  kstrdup+0x39/0xb0
[  199.852679][ T7427]  ovl_parse_param+0xdf0/0x1900
[  199.852709][ T7427]  ? __pfx_ovl_parse_param+0x10/0x10
[  199.852738][ T7427]  ? smack_fs_context_parse_param+0xff/0x170
[  199.852761][ T7427]  ? __pfx_smack_fs_context_parse_param+0x10/0x10
[  199.852787][ T7427]  ? rcu_is_watching+0x15/0xb0
[  199.852815][ T7427]  ? static_key_count+0x41/0x70
[  199.852846][ T7427]  vfs_parse_fs_param+0x1a5/0x420
[  199.852870][ T7427]  ? __pfx_ovl_next_opt+0x10/0x10
[  199.852891][ T7427]  vfs_parse_monolithic_sep+0x2d9/0x420
[  199.852920][ T7427]  ? __pfx_vfs_parse_monolithic_sep+0x10/0x10
[  199.852960][ T7427]  do_new_mount+0x28f/0xb40
[  199.852987][ T7427]  ? __pfx_do_new_mount+0x10/0x10
[  199.853019][ T7427]  __se_sys_mount+0x2d6/0x3c0
[  199.853051][ T7427]  ? __pfx___se_sys_mount+0x10/0x10
[  199.853076][ T7427]  ? do_syscall_64+0x100/0x230
[  199.853103][ T7427]  ? __x64_sys_mount+0x20/0xc0
[  199.853128][ T7427]  do_syscall_64+0xf3/0x230
[  199.853153][ T7427]  ? clear_bhb_loop+0x35/0x90
[  199.853181][ T7427]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  199.853205][ T7427] RIP: 0033:0x7fa51798cde9
[  199.853221][ T7427] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  199.853237][ T7427] RSP: 002b:00007fa5157f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  199.853257][ T7427] RAX: ffffffffffffffda RBX: 00007fa517ba5fa0 RCX: 00007fa51798cde9
[  199.853271][ T7427] RDX: 0000200000000080 RSI: 00002000000000c0 RDI: 0000000000000000
[  199.853283][ T7427] RBP: 00007fa5157f6090 R08: 0000200000000340 R09: 0000000000000000
[  199.853295][ T7427] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  199.853307][ T7427] R13: 0000000000000000 R14: 00007fa517ba5fa0 R15: 00007fff1d263348
[  199.853332][ T7427]  </TASK>
[  199.859567][ T5827] gspca_vc032x: I2c Bus Busy Wait 00
[  200.136077][ T5827] gspca_vc032x: I2c Bus Busy Wait 00
[  200.141403][ T5827] gspca_vc032x: I2c Bus Busy Wait 00
[  200.146877][ T5827] gspca_vc032x: I2c Bus Busy Wait 00
[  200.153504][ T5827] gspca_vc032x: I2c Bus Busy Wait 00
[  200.158912][ T5827] gspca_vc032x: I2c Bus Busy Wait 00
[  200.164300][ T5827] gspca_vc032x: I2c Bus Busy Wait 00
[  200.169697][ T5827] gspca_vc032x: I2c Bus Busy Wait 00
[  200.175768][ T5827] gspca_vc032x: I2c Bus Busy Wait 00
[  200.181156][ T5827] gspca_vc032x: Unknown sensor...
[  200.216722][ T5827] vc032x 2-1:0.0: probe with driver vc032x failed with error -22
[  200.248341][ T5827] usb 2-1: USB disconnect, device number 10
[  200.299061][ T7431] netlink: 28 bytes leftover after parsing attributes in process `syz.1.357'.
[  200.308496][ T5874] usb 5-1: new full-speed USB device number 12 using dummy_hcd
[  200.321852][ T7431] netlink: 28 bytes leftover after parsing attributes in process `syz.1.357'.
[  200.524875][ T5874] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  201.267967][ T5874] usb 5-1: config 0 has no interfaces?
[  201.278250][ T5874] usb 5-1: New USB device found, idVendor=04da, idProduct=390d, bcdDevice=fa.df
[  201.314516][ T5874] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  201.344986][ T5874] usb 5-1: Product: syz
[  201.349210][ T5874] usb 5-1: Manufacturer: syz
[  201.357016][ T5874] usb 5-1: SerialNumber: syz
[  201.367237][ T5874] usb 5-1: config 0 descriptor??
[  201.437715][ T7436] page: refcount:3 mapcount:1 mapping:ffff888031e1f2a8 index:0x209 pfn:0x4ffea
[  201.447319][ T7436] memcg:ffff8880291ee000
[  201.451578][ T7436] aops:shmem_aops ino:441
[  201.455946][ T7436] flags: 0xfff0000002012d(locked|referenced|uptodate|lru|active|swapbacked|node=0|zone=1|lastcpupid=0x7ff)
[  201.467337][ T7436] raw: 00fff0000002012d ffffea00013ffa48 ffffea00013ffac8 ffff888031e1f2a8
[  201.475939][ T7436] raw: 0000000000000209 0000000000000000 0000000300000000 ffff8880291ee000
[  201.484535][ T7436] page dumped because: VM_BUG_ON_FOLIO(folio_mapped(folio))
[  201.491841][ T7436] page_owner tracks the page as allocated
[  201.498141][ T7436] page last allocated via order 0, migratetype Movable, gfp_mask 0x140cca(GFP_HIGHUSER_MOVABLE|__GFP_COMP), pid 7433, tgid 7432 (syz.3.358), ts 200357939981, free_ts 197597880735
[  201.515786][ T7436]  post_alloc_hook+0x1f4/0x240
[  201.520590][ T7436]  get_page_from_freelist+0x3651/0x37a0
[  201.526159][ T7436]  __alloc_frozen_pages_noprof+0x292/0x710
[  201.531982][ T7436]  alloc_pages_mpol+0x311/0x660
[  201.536855][ T7436]  folio_alloc_mpol_noprof+0x36/0x70
[  201.542162][ T7436]  shmem_alloc_and_add_folio+0x4a0/0x1090
[  201.547902][ T7436]  shmem_get_folio_gfp+0x621/0x1840
[  201.553116][ T7436]  shmem_fault+0x220/0x5b0
[  201.557552][ T7436]  __do_fault+0x135/0x390
[  201.561903][ T7436]  __handle_mm_fault+0x4c44/0x70f0
[  201.567044][ T7436]  handle_mm_fault+0x2c1/0x7e0
[  201.571839][ T7436]  __get_user_pages+0x1a92/0x4140
[  201.576892][ T7436]  populate_vma_page_range+0x264/0x330
[  201.582383][ T7436]  __mm_populate+0x27a/0x460
[  201.587001][ T7436]  vm_mmap_pgoff+0x303/0x430
[  201.591618][ T7436]  do_syscall_64+0xf3/0x230
[  201.596150][ T7436] page last free pid 7357 tgid 7334 stack trace:
[  201.602487][ T7436]  free_unref_folios+0xe2f/0x18a0
[  201.607540][ T7436]  folios_put_refs+0x76c/0x860
[  201.612335][ T7436]  shmem_undo_range+0x593/0x1820
[  201.617299][ T7436]  shmem_evict_inode+0x29b/0xa80
[  201.622263][ T7436]  evict+0x4e8/0x9a0
[  201.626176][ T7436]  __dentry_kill+0x20d/0x630
[  201.630792][ T7436]  dput+0x19f/0x2b0
[  201.634623][ T7436]  __fput+0x60b/0x9f0
[  201.638653][ T7436]  task_work_run+0x24f/0x310
[  201.643279][ T7436]  do_exit+0xa2a/0x28e0
[  201.647452][ T7436]  do_group_exit+0x207/0x2c0
[  201.652063][ T7436]  get_signal+0x16b2/0x1750
[  201.656594][ T7436]  arch_do_signal_or_restart+0x96/0x860
[  201.662157][ T7436]  syscall_exit_to_user_mode+0xce/0x340
[  201.667731][ T7436]  do_syscall_64+0x100/0x230
[  201.672351][ T7436]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  201.678418][ T7436] ------------[ cut here ]------------
[  201.683892][ T7436] kernel BUG at mm/filemap.c:154!
[  201.688976][ T7436] Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI
[  201.695931][ T7436] CPU: 1 UID: 0 PID: 7436 Comm: syz.3.358 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  201.698178][ T7438] netlink: 4 bytes leftover after parsing attributes in process `syz.2.359'.
[  201.706955][ T7436] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  201.706973][ T7436] RIP: 0010:filemap_unaccount_folio+0x73d/0x7d0
[  201.707007][ T7436] Code: de c7 ff 48 89 df 48 c7 c6 e0 d3 13 8c e8 1b b2 0f 00 90 0f 0b e8 d3 de c7 ff 48 89 df 48 c7 c6 c0 d2 13 8c e8 04 b2 0f 00 90 <0f> 0b e8 bc de c7 ff 48 89 df 48 c7 c6 e0 d3 13 8c e8 ed b1 0f 00
[  201.707022][ T7436] RSP: 0018:ffffc90004f8f070 EFLAGS: 00010046
[  201.707042][ T7436] RAX: c2690ad93f379500 RBX: ffffea00013ffa80 RCX: ffffc90004f8ec03
[  201.765685][ T7436] RDX: 0000000000000002 RSI: ffffffff8c0ab8e0 RDI: ffffffff8c5fb600
[  201.773677][ T7436] RBP: 0000000000000000 R08: ffffffff901a2777 R09: 1ffffffff20344ee
[  201.781655][ T7436] R10: dffffc0000000000 R11: fffffbfff20344ef R12: dffffc0000000000
[  201.789631][ T7436] R13: 1ffffd400027ff51 R14: ffff888031e1f2a8 R15: ffffea00013ffa88
[  201.797606][ T7436] FS:  0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[  201.806531][ T7436] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  201.813113][ T7436] CR2: 000000110c3b6291 CR3: 000000000e738000 CR4: 00000000003526f0
[  201.821077][ T7436] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  201.829053][ T7436] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  201.837029][ T7436] Call Trace:
[  201.840303][ T7436]  <TASK>
[  201.843231][ T7436]  ? __die_body+0x5f/0xb0
[  201.847569][ T7436]  ? die+0x9e/0xc0
[  201.851284][ T7436]  ? do_trap+0x15a/0x3a0
[  201.855524][ T7436]  ? filemap_unaccount_folio+0x73d/0x7d0
[  201.861164][ T7436]  ? do_error_trap+0x1dc/0x2c0
[  201.865921][ T7436]  ? filemap_unaccount_folio+0x73d/0x7d0
[  201.871557][ T7436]  ? __pfx_do_error_trap+0x10/0x10
[  201.876662][ T7436]  ? report_bug+0x3cd/0x500
[  201.881181][ T7436]  ? handle_invalid_op+0x34/0x40
[  201.886133][ T7436]  ? filemap_unaccount_folio+0x73d/0x7d0
[  201.891778][ T7436]  ? exc_invalid_op+0x38/0x50
[  201.896460][ T7436]  ? asm_exc_invalid_op+0x1a/0x20
[  201.901606][ T7436]  ? filemap_unaccount_folio+0x73d/0x7d0
[  201.907245][ T7436]  __filemap_remove_folio+0xc7/0x670
[  201.912544][ T7436]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  201.917928][ T7436]  ? __pfx___filemap_remove_folio+0x10/0x10
[  201.923827][ T7436]  ? _raw_spin_lock_irq+0xdf/0x120
[  201.928937][ T7436]  ? __pfx__raw_spin_lock_irq+0x10/0x10
[  201.934489][ T7436]  filemap_remove_folio+0xe1/0x1f0
[  201.939607][ T7436]  truncate_inode_folio+0x5d/0x70
[  201.944636][ T7436]  shmem_undo_range+0x44b/0x1820
[  201.949586][ T7436]  ? __pfx_shmem_undo_range+0x10/0x10
[  201.954975][ T7436]  ? __kernel_text_address+0xd/0x40
[  201.960180][ T7436]  ? unwind_get_return_address+0x4d/0x90
[  201.965814][ T7436]  ? __pfx_validate_chain+0x10/0x10
[  201.971014][ T7436]  ? arch_stack_walk+0xfd/0x150
[  201.975875][ T7436]  ? percpu_counter_add_batch+0xff/0x1f0
[  201.981507][ T7436]  shmem_evict_inode+0x29b/0xa80
[  201.986448][ T7436]  ? inode_wait_for_writeback+0x111/0x2a0
[  201.992166][ T7436]  ? __pfx_shmem_evict_inode+0x10/0x10
[  201.997626][ T7436]  ? do_raw_spin_unlock+0x13c/0x8b0
[  202.002823][ T7436]  ? __pfx_shmem_evict_inode+0x10/0x10
[  202.008281][ T7436]  evict+0x4e8/0x9a0
[  202.012179][ T7436]  ? __pfx_evict+0x10/0x10
[  202.016592][ T7436]  ? iput+0x713/0xa50
[  202.020572][ T7436]  __dentry_kill+0x20d/0x630
[  202.025160][ T7436]  ? dput+0x37/0x2b0
[  202.029055][ T7436]  dput+0x19f/0x2b0
[  202.032865][ T7436]  __fput+0x60b/0x9f0
[  202.036860][ T7436]  task_work_run+0x24f/0x310
[  202.041456][ T7436]  ? __pfx_task_work_run+0x10/0x10
[  202.046572][ T7436]  ? switch_task_namespaces+0xe4/0x110
[  202.052032][ T7436]  do_exit+0xa2a/0x28e0
[  202.056200][ T7436]  ? __pfx_do_exit+0x10/0x10
[  202.060795][ T7436]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  202.066169][ T7436]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  202.072151][ T7436]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  202.078480][ T7436]  ? _raw_spin_lock_irq+0xdf/0x120
[  202.083589][ T7436]  do_group_exit+0x207/0x2c0
[  202.088181][ T7436]  ? _raw_spin_unlock_irq+0x23/0x50
[  202.093372][ T7436]  ? lockdep_hardirqs_on+0x99/0x150
[  202.098578][ T7436]  get_signal+0x16b2/0x1750
[  202.103113][ T7436]  ? __pfx_get_signal+0x10/0x10
[  202.107967][ T7436]  arch_do_signal_or_restart+0x96/0x860
[  202.113510][ T7436]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  202.119665][ T7436]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  202.125652][ T7436]  ? syscall_exit_to_user_mode+0xa3/0x340
[  202.131378][ T7436]  syscall_exit_to_user_mode+0xce/0x340
[  202.136928][ T7436]  do_syscall_64+0x100/0x230
[  202.141515][ T7436]  ? clear_bhb_loop+0x35/0x90
[  202.146194][ T7436]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  202.152082][ T7436] RIP: 0033:0x7fa51798cde9
[  202.156500][ T7436] Code: Unable to access opcode bytes at 0x7fa51798cdbf.
[  202.163527][ T7436] RSP: 002b:00007fa5157b40e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  202.171940][ T7436] RAX: fffffffffffffe00 RBX: 00007fa517ba6168 RCX: 00007fa51798cde9
[  202.179915][ T7436] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fa517ba6168
[  202.187883][ T7436] RBP: 00007fa517ba6160 R08: 0000000000000000 R09: 0000000000000000
[  202.195850][ T7436] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa517ba616c
[  202.204251][ T7436] R13: 0000000000000000 R14: 00007fff1d263260 R15: 00007fff1d263348
[  202.212225][ T7436]  </TASK>
[  202.215238][ T7436] Modules linked in:
[  202.219143][ T7436] ---[ end trace 0000000000000000 ]---
[  202.224592][ T7436] RIP: 0010:filemap_unaccount_folio+0x73d/0x7d0
[  202.230837][ T7436] Code: de c7 ff 48 89 df 48 c7 c6 e0 d3 13 8c e8 1b b2 0f 00 90 0f 0b e8 d3 de c7 ff 48 89 df 48 c7 c6 c0 d2 13 8c e8 04 b2 0f 00 90 <0f> 0b e8 bc de c7 ff 48 89 df 48 c7 c6 e0 d3 13 8c e8 ed b1 0f 00
[  202.250445][ T7436] RSP: 0018:ffffc90004f8f070 EFLAGS: 00010046
[  202.256526][ T7436] RAX: c2690ad93f379500 RBX: ffffea00013ffa80 RCX: ffffc90004f8ec03
[  202.264496][ T7436] RDX: 0000000000000002 RSI: ffffffff8c0ab8e0 RDI: ffffffff8c5fb600
[  202.272469][ T7436] RBP: 0000000000000000 R08: ffffffff901a2777 R09: 1ffffffff20344ee
[  202.280440][ T7436] R10: dffffc0000000000 R11: fffffbfff20344ef R12: dffffc0000000000
[  202.288423][ T7436] R13: 1ffffd400027ff51 R14: ffff888031e1f2a8 R15: ffffea00013ffa88
[  202.296399][ T7436] FS:  0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[  202.305332][ T7436] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  202.311910][ T7436] CR2: 000000110c3b6291 CR3: 000000000e738000 CR4: 00000000003526f0
[  202.319886][ T7436] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  202.327852][ T7436] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  202.335830][ T7436] Kernel panic - not syncing: Fatal exception
[  202.342226][ T7436] Kernel Offset: disabled
[  202.346550][ T7436] Rebooting in 86400 seconds..