last executing test programs:

4m9.318753736s ago: executing program 4 (id=135):
syz_emit_ethernet(0xae, &(0x7f0000000000)=ANY=[@ANYBLOB="ffffffffffff0180c200000086dd6000021000783afffe80000000000000638ea72f000000bbff02000000000000ffffffffffffffff860090e8eb00020000000000e0c92dbd870390dd6194a0487ffbff66000000001801000009000000000aa78ce54006598080a8030037004023493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af"], 0x0)
sendmsg$TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="01000000000000000000030000004800018044000400200001000a000000004000002e0000000000013a000000000000005f00000000200002000a00000000000000fe8000000000000000000000000000bb000000002b5c358c079f5544e66b4b434f47311701000000821636f8991c57a9451f2cafbb9453b295cd03eb24a3488c8a4230128a392b52e066cc57c449a456c9670dd317cab911c7449421177a2a4481aeb35dfc78f45fbcf56d7491d501f3b568181b91a1a0d6b82ad5119f65e4b9d202abebde7f97f70e4f418980c62f6317c1de59f534d4c47c7c46bb9ba6f54037c6f6558a7c79283c9960967d71279f6ac3529c6d04802c889e14de289b0e732d8a461c15cfa9c7e9af18942df4"], 0x5c}}, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
timerfd_settime(0xffffffffffffffff, 0x3, &(0x7f00000000c0)={{0x0, 0x989680}, {0x77359400}}, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000240)='io_uring_cqe_overflow\x00', r4, 0x0, 0x9135}, 0x18)
r5 = syz_io_uring_setup(0x228f, &(0x7f0000000400)={0x0, 0x2000c6da, 0x10100, 0x1, 0x3}, &(0x7f0000000100), &(0x7f0000000340))
io_uring_enter(r5, 0x2d3e, 0x0, 0x0, 0x0, 0x0)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r6 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
bind$802154_raw(r6, &(0x7f0000000040)={0x24, @long={0x3, 0xffff, {0xaaaaaaaaaaaa0202}}}, 0x14)
mq_open(0x0, 0x0, 0x80, &(0x7f0000000180)={0xffffffffffffffff, 0x80000000001})
r7 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
r9 = socket$kcm(0xf, 0x3, 0x2)
sendmsg$inet(r9, &(0x7f0000003780)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="020b0700fc670000e4a17c45c8d260c9", 0x33fe0}], 0x1}, 0x0)
syz_io_uring_setup(0x70e4, &(0x7f0000000080)={0x0, 0x0, 0x10100, 0x2}, &(0x7f0000000100), &(0x7f0000000140))
pipe2(&(0x7f0000000040), 0x800)
ioctl$KVM_SET_CPUID2(r8, 0x4008ae90, &(0x7f0000000140)=ANY=[])

4m9.027143338s ago: executing program 4 (id=138):
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$ttyS3(0xffffff9c, &(0x7f0000000080), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x16, 0x6, &(0x7f0000000180)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x4, 0xd3, &(0x7f00000005c0)=""/211, 0x40f00, 0x40, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000780)=0x3)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x221b03, 0x0)
ioctl$EVIOCGPROP(0xffffffffffffffff, 0x40047438, &(0x7f0000000940)=""/282)
mount$fuseblk(0x0, 0x0, 0x0, 0x4000, 0x0)
write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0xfce1)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0)
socket$netlink(0x10, 0x3, 0x4)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
unshare(0x42000300)
connect$bt_l2cap(r2, &(0x7f00000000c0)={0x1f, 0x21, @none, 0x0, 0x3}, 0xe)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x2, @thr={0x0, &(0x7f0000000300)="5e980f2d9c2d5e48a7c91da9e5c10da21968250cc1fe101374e0e1b31d890f7802e75849f3d3d9cd0902e18f2e8082f49ffcfae365f4ba846393849f9d3237ead75bc2d53d85ec"}}, &(0x7f0000000100)=<r3=>0x0)
clock_gettime(0x0, &(0x7f0000000380))
timer_settime(r3, 0x1, &(0x7f0000000280)={{0x77359400}, {0x0, 0x3938700}}, 0x0)
eventfd(0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet(0x2, 0x5, 0x2)
socket$packet(0x11, 0x3, 0x300)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYBLOB="9feb01001800000000000000340000003400000006000000040000000000000e0400000000000000000000000000000d000000000000000000000002000000000000000000100000000000000000000061"], 0x0, 0x52, 0x0, 0xfffffffc, 0x3, 0x0, @void, @value}, 0x28)
socket$inet6(0xa, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
open(&(0x7f0000000140)='./file0\x00', 0x101100, 0x0)

4m8.770671436s ago: executing program 4 (id=139):
r0 = socket(0x40000000015, 0x5, 0x0)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000000)=0x1, 0x4)
bind$inet(r0, &(0x7f00008a5ff0)={0x2, 0x0, @loopback}, 0x10)
recvmmsg(r0, &(0x7f0000000d00)=[{{0x0, 0x0, 0x0}, 0x7ff}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000003380)=""/4096, 0x1000}}], 0x2, 0x60010020, 0x0)
sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x2, 0x0, @loopback}, 0x10)

4m8.589203189s ago: executing program 4 (id=141):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)={0x114, 0x2d, 0x1, 0xfdffffff, 0x0, "", [@nested={0x104, 0x0, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}, @typed={0x14, 0x1, 0x0, 0x0, @ipv6=@loopback={0x100000000000000}}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a487f26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f55ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd3f8cd1"]}]}, 0x114}], 0x1}, 0x0)

4m7.670149897s ago: executing program 4 (id=144):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0xc70, 0xf003, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x3ff, 0x0, 0x0, 0x3}}}}}]}}]}}, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
r2 = epoll_create1(0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000280))
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x1000000000021, 0x0, 0x0)
sendmmsg(0xffffffffffffffff, &(0x7f0000000200)=[{{&(0x7f0000000180)=@l2tp6={0xa, 0x500, 0x80000, @remote, 0xffffffff}, 0x18, 0x0}, 0x5b4}], 0x1, 0x0)
syz_kvm_setup_cpu$x86(r5, r6, &(0x7f0000008000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, 0x0}], 0x1, 0x28, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r7 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x402, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x38011, r7, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={0x0, 0x0, 0xffffffffffffff7f, 0x0, 0x24000000, 0x100004, 0x10000, @value}, 0x28)
socket$inet(0x2, 0x2, 0x1)
writev(0xffffffffffffffff, 0x0, 0x0)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000095000000000000009ee6575013ddc9a401d9a764117d71947366c76863c11e903da324f9c9a3ae23017bc29a4c3d841a7b731b0e67f868559f83a0c99519e823791dd29095f8f3c65bacf99e5096780ae52ddfa5e64cdd9dbf7d8bf996e4842b1b0b3f4f3fe6ff449802030f993b951db3de"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r8}, 0x10)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x1, [0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000000000000]})
r9 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_DELETE(r10, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000002c0)={0x24, 0x2, 0x2, 0x801, 0x0, 0x0, {}, [@CTA_EXPECT_HELP_NAME={0xf, 0x6, 'sane-20000\x00'}]}, 0x24}}, 0x0)
ioctl$RTC_AIE_ON(r9, 0x7001)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000440)={0xa000001c})
close(r2)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000040)={0x2c, &(0x7f0000000180)=ANY=[@ANYBLOB="0021ac"], 0x0, 0x0, 0x0, 0x0}, 0x0)

4m2.656119235s ago: executing program 4 (id=161):
ioprio_set$pid(0x1, 0x0, 0x2007)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/resume', 0x169a82, 0x0)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00'})
fadvise64(r0, 0x2, 0x8, 0x1)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000009c0), 0x0)
futex_waitv(&(0x7f0000001140)=[{0x40, 0x0, 0x2, 0xca9a3b}], 0x1, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = fsopen(&(0x7f00000000c0)='ecryptfs\x00', 0x0)
r7 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r7, 0x84, 0x6f, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)}, 0x0)
sendto$inet(r7, &(0x7f0000000540)='0', 0x1, 0x0, &(0x7f0000000580)={0x2, 0x0, @rand_addr=0x64010102}, 0x10)
ioperm(0x0, 0x9, 0x5)
bpf$MAP_CREATE(0x180, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r7, 0x84, 0x7b, &(0x7f0000000100), 0x8)
setsockopt$inet_sctp_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r2, 0x404c534a, &(0x7f0000000e40)={0x0, 0x0, 0xeac7})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r1, 0x404c534a, &(0x7f00000000c0)={0x0, 0x0, {0x2, 0x0, 0x1000, 0x0, 0x20000007}})
write$cgroup_int(r0, &(0x7f0000000040)=0x1f00, 0x12)

3m47.445158296s ago: executing program 32 (id=161):
ioprio_set$pid(0x1, 0x0, 0x2007)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/resume', 0x169a82, 0x0)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00'})
fadvise64(r0, 0x2, 0x8, 0x1)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000009c0), 0x0)
futex_waitv(&(0x7f0000001140)=[{0x40, 0x0, 0x2, 0xca9a3b}], 0x1, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = fsopen(&(0x7f00000000c0)='ecryptfs\x00', 0x0)
r7 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r7, 0x84, 0x6f, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)}, 0x0)
sendto$inet(r7, &(0x7f0000000540)='0', 0x1, 0x0, &(0x7f0000000580)={0x2, 0x0, @rand_addr=0x64010102}, 0x10)
ioperm(0x0, 0x9, 0x5)
bpf$MAP_CREATE(0x180, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r7, 0x84, 0x7b, &(0x7f0000000100), 0x8)
setsockopt$inet_sctp_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r2, 0x404c534a, &(0x7f0000000e40)={0x0, 0x0, 0xeac7})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r1, 0x404c534a, &(0x7f00000000c0)={0x0, 0x0, {0x2, 0x0, 0x1000, 0x0, 0x20000007}})
write$cgroup_int(r0, &(0x7f0000000040)=0x1f00, 0x12)

23.651094531s ago: executing program 5 (id=732):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x2000000000000019, &(0x7f00000000c0)=ANY=[], &(0x7f0000000300)='syzkaller\x00', 0x8, 0xb1, &(0x7f0000000140)=""/177, 0x41000, 0x6, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x8, 0x5}, 0x8, 0x10, &(0x7f0000000240)={0x3, 0x5, 0x3, 0x6}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x34, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
r1 = syz_open_dev$cec(&(0x7f0000000000), 0x0, 0x0)
ioctl$CEC_S_MODE(r1, 0x40046109, &(0x7f0000000140)=0x11)
ioctl$CEC_S_MODE(r1, 0x40046109, &(0x7f0000000040)=0x11)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080), 0x1c0002, 0x0)
write$vga_arbiter(r4, 0x0, 0xe)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca0000c441f96ec80fc4c60066400fe2def3ad46c7045300101000f00fc01ec422e10399c5c1202066410f6f15040000000000e1f563df", 0xdc000006, 0x0}, 0x0, 0x8, &(0x7f0000000300))
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f0000001540)={0x14, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="00220f00"], 0x0}, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r6, &(0x7f0000000040)=ANY=[], 0x118)
r7 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r7, &(0x7f0000000600)={&(0x7f0000000140)={0x2, 0x2000, @remote}, 0x10, &(0x7f0000000100)=[{&(0x7f00000002c0)="080027226db4d6c1", 0x8}], 0x1}, 0x31c467c443849f7c)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r6, 0x0)
sendmmsg$inet6(r5, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)

22.119309323s ago: executing program 2 (id=735):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000001140)={0x0, <r1=>0x0}, &(0x7f0000001180)=0xc)
setresuid(r1, r1, r1)

22.06961517s ago: executing program 2 (id=736):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f00000000c0)=0xe)
r4 = syz_open_dev$ptys(0xc, 0x3, 0x1)
ioctl$VT_OPENQRY(r4, 0x5600, &(0x7f0000000540))
ioctl$TCGETS2(r3, 0x802c542a, &(0x7f0000000040))
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x200000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40}, 0x24044095)
r5 = accept4$unix(0xffffffffffffffff, 0x0, &(0x7f00000002c0), 0xc00)
getsockopt$IP_SET_OP_GET_BYINDEX(r5, 0x1, 0x53, &(0x7f0000000400)={0x7, 0x7, 0x2}, &(0x7f0000000440)=0x28)
ioctl$FS_IOC_SETFSLABEL(r5, 0x41009432, &(0x7f0000000300)="f9f4b9407978c5f5957e07e889d3341ba13e2bb8b53b04e806e941f3d5671ec0cc85e7bab26a2301a4fd4a84594a0735215ad9cc09cfb73bd2769e12d2a6bf0911b214e044a709a7c5ab194e2bc75aa4a7c2f23e1908b899c1e948ed52a225ad793fab1cbf4d3c043ec126de69294b3b95713e1dfc189a09616d50b8c41a2d6ce8d07409f680e7fb504ddfaa01b5c1947d333e8e2ffbf39b26a60f991fb054b81cea535af80d74be28d5b463e2f83ebe801838a4068acc2973b29d58037bd1e72d71073faca0e39474c6e807fe6afd3d4cbefa810f6d589d88e5edd790b08b7f5637eb1bfb795ad61988660714ff22675c5062dca98195ef828914a8d87e5108")
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
syz_emit_ethernet(0x86, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
sendmsg$NL80211_CMD_RADAR_DETECT(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x40, r2, 0x400, 0x70bd29, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x42, 0x1d}}}}, [@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x3}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x772dee96}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0xc3e8}]}, 0x40}, 0x1, 0x0, 0x0, 0x1}, 0x8040)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000000480)=ANY=[@ANYBLOB="f0000000100013070000000000000000ffffffff000000000000000000000000fe8000000000000000000000000000bb0000000000000000000000a000000000", @ANYRES32, @ANYRES32=0x0, @ANYRES16=r1], 0xf0}, 0x1, 0xe, 0x0, 0x4008815}, 0x4040040)
syz_open_procfs(0x0, &(0x7f0000000040)='attr/current\x00')
r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x8, &(0x7f0000001b40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f6fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe508185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff90326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c6be0ed9257851ed916219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c5b901dbd7387f49e0b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000053046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25132a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a068c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238e3fee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e89884cb73f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182060e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000008835196ed0c6a1c1d4c140e5ff0000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd574d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d0104361c37c61a43b5afd865b60d4cae891b73220f17d25979a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fcd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d372e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36d3cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e64701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4faa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a2689217380400a9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a000000000000000000000000000020bd79e41c682139c58ac1deb039a691ad640e12c12fe11d70fe495906f200d71778acbd4eee53a3996cb0de84bd2b059d60c0f96a53ea44e0b293865aa68df494f87db976e36ad6c06912244d4c883c4aaa60b4a1392ce0b2f2c519663b4652ff871e0f6dfff9f7d34ecf04be0a58c3d53174b67d1886e34b81ad8c60da56acc64739c3acab24aa8d0ac92d465074f915608b1b60a948bad401b1a7fb3627bbe6c45123ed44bfdf8cc143bd1b7a663dc3d0476b8e39becffc429e41f66b1e37ae52aacaff0f1dc8ea70b68c25072e20586b19127d75fa71577f265c5100000000000000000000000000028bfaaf1dce7970ae04e33a3d130761c0c0a53997716ebfa0e03c0acdb52e4af877a339d154fea243453e69bc89bb18fc501cf3a623bb871047060234ebc21155d0dc6efa64749afb63a0f8a9c28f62861e826ddf243bd9dda895a9b24d38641856dc058040a418e15139c0b13d52258254eacf045386abe27e8756c29758330146da2e25822afd92467974f70fa71a971517be63845c1eeb1a7a39a8e01750a67925746ffbc35c0046a1d660ebe5967bbc0496d0c9ba9758f9fcf46ecbd2e07523af5e56ff1d8eee549ecc92b0d13ad2edb0149b25debe70d227afb1ad45991bfb63f7cf6a8b5bcabf504d7fe21df0a23e8615055df856d88b7379a4c4499d01221d10c286c10b12ff5c89903806eab61c18721be6edc3d0fdbe2448f130b87b375f0de009ac38fd159a9f54771388f54b50caf5caf896ceb214b298b524c6cfeca9e0343038c68de8856772de2c498e191b9da24cc2a4b722c88a0fd2cca32ea9445e06549d1b5e9c1c90f4de9ce818694c1ced8354729bbec6a828876dae455e24f0f40490aaf80825d0fcdd8620b43da6b7f94c82aac9b256a469312aff3411ac73a377f01f7329a8027d9b47212c2ae9f2038152d0e99b4622a6eb35ba206e43cfbb50ef80b84a1854208c8414b309eb8a3408050772e161beac866e7247b3dc245c9ea14965f2a1a4a97c8baa5a4dd9f8904d47"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x49)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='mmap_lock_acquire_returned\x00', r7}, 0x10)
r8 = memfd_create(&(0x7f0000000640)='@&)#\n*)\\\x00', 0x0)
prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r8)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000002c00)={0x4, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {<r9=>0x0}], 0xfe, "f0c03d9adb7cd8"})
ioctl$BTRFS_IOC_TREE_SEARCH_V2(r5, 0xc0709411, &(0x7f00000001c0)={{r9, 0x48000000000, 0x101, 0xb62, 0x1, 0xffffffffffffffff, 0x10001, 0x9, 0x1130eef6, 0x4, 0x6, 0x3a, 0x3, 0x7fffffffffffffff, 0xfffffffffffffff8}, 0x18, [0x0, 0x0, 0x0]})
ioctl$KVM_SET_IRQCHIP(r6, 0x4020aeb2, &(0x7f0000000740)={0x0, 0x12c, @pic={0x0, 0x0, 0x0, 0x0, 0x1}})

21.946632368s ago: executing program 5 (id=737):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pipe(&(0x7f00000002c0)={<r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f00000014c0)=[{&(0x7f0000000000)='|', 0xfd}], 0xf, 0x0)

21.713620734s ago: executing program 2 (id=739):
r0 = socket$packet(0x11, 0x3, 0x300)
socket$kcm(0x11, 0x3, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x1, @pix={0x9, 0x1, 0xd7861687b8cfee55, 0x4, 0x7f, 0x2, 0xa, 0x1779, 0x1, 0x0, 0x1, 0x5}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
shutdown(0xffffffffffffffff, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000080), 0x8081, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYRES64=r0], 0x1e6)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
r2 = syz_open_procfs(0x0, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
r3 = syz_open_dev$vim2m(&(0x7f0000000040), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r3, 0xc0145608, 0x0)
r4 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r4, 0x11b, 0x3, 0x0, 0x0)
setsockopt$XDP_UMEM_REG(r4, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x200000, 0x1000}, 0x20)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0x1)
mlockall(0x7)
socketpair$tipc(0x1e, 0x5, 0x0, 0x0)
ioctl$NS_GET_USERNS(0xffffffffffffffff, 0xb701, 0x0)

20.987516927s ago: executing program 1 (id=741):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x3, &(0x7f0000001980)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000003e40)=ANY=[@ANYBLOB="6006000040000900fffffffffddbdf250100000099001f0046060180"], 0x660}, 0x1, 0x0, 0x0, 0x8000}, 0x0)

20.867179172s ago: executing program 5 (id=743):
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
open(0x0, 0x0, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0)
r1 = dup(r0)
write$binfmt_script(r0, &(0x7f0000000080)={'#! ', './file0'}, 0xfffffffffffffcf3)
ioctl$EXT4_IOC_MOVE_EXT(r1, 0x40305828, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x1})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, 0x0)

20.866438079s ago: executing program 2 (id=744):
r0 = syz_open_dev$sndctrl(&(0x7f0000000100), 0xab3, 0x2d0142)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f0000000240)=0xffffffff)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
kcmp(0x0, 0x0, 0x4, 0xffffffffffffffff, r0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
mkdir(&(0x7f0000000080)='./bus\x00', 0x0)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000480), r4)
sendmsg$NLBL_CIPSOV4_C_REMOVE(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000004c0)={0x1c, r5, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x3}]}, 0x1c}}, 0x4000880)
chdir(&(0x7f00000001c0)='./bus\x00')
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000340)='./file0\x00', &(0x7f00000004c0), 0x700, 0x0)
mkdir(&(0x7f0000000080)='./bus\x00', 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
chown(&(0x7f0000000280)='./file0\x00', 0x0, 0xffffffffffffffff)

20.780874641s ago: executing program 0 (id=745):
socket$alg(0x26, 0x5, 0x0)
setrlimit(0x7, &(0x7f0000000000)={0x4, 0x6})
syz_usbip_server_init(0x4)

20.772608256s ago: executing program 5 (id=746):
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
r0 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0)
ioctl$NBD_SET_SIZE_BLOCKS(r0, 0xab07, 0xb)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$SIOCSIFMTU(r1, 0x8922, &(0x7f0000000140)={'caif0\x00', 0x100})
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000440)=@raw={'raw\x00', 0x3c1, 0x3, 0x40c, 0x1f0, 0xc8, 0x8, 0x0, 0x5803, 0x344, 0x2e8, 0x2e8, 0x344, 0x2e8, 0x3, 0x0, {[{{@ipv6={@empty, @mcast1, [], [0xff], 'geneve0\x00', 'geneve1\x00', {0x80}}, 0x0, 0x188, 0x1f0, 0x0, {0x0, 0x2000000000000}, [@common=@unspec=@string={{0xc0}, {0x0, 0x1, 'bm\x00', "cfcaf80c672f61cd17ae5119b5135c2aee68d23a465cd431e1ecef50c3234e082555f67222476147864fa03182f5df11d8c348cbd06dc8de1dcbde7d4e252c3394fed47bf78c70f607b0178fa5ea335019ac07a602061c96baebc989f1f35a214e67262c1fe4b124e0f7323a587d2a1fcfe36bbf12eca0a7b66c60c527bac2b5", 0x1, 0x2}}, @common=@inet=@socket1={{0x24}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x11, 0x81, 0x8, 0x6, 'syz0\x00', 'syz1\x00', {0x33}}}}, {{@ipv6={@private0, @local, [0xffffff00, 0xff000000], [0x0, 0xff, 0xffffff00, 0xffffff00], 'nr0\x00', 'caif0\x00', {0xff}, {}, 0x1, 0x6, 0x4, 0x4}, 0x0, 0xec, 0x154, 0x0, {}, [@common=@ipv6header={{0x24}}, @inet=@rpfilter={{0x24}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x468)
r5 = openat$autofs(0xffffff9c, &(0x7f0000000080), 0x4000, 0x0)
r6 = openat$ptmx(0xffffff9c, &(0x7f00000000c0), 0x20600, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r5, 0xc018937d, &(0x7f0000000100)={{0x1, 0x1, 0x18, r6, {0x933}}, './file0\x00'})
r7 = syz_genetlink_get_family_id$nbd(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NBD_CMD_CONNECT(r3, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000000440)={0x38, r7, 0x1, 0x3, 0x0, {}, [@NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x1}, @NBD_ATTR_SOCKETS={0x4}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x3}]}, 0x38}, 0x1, 0x0, 0x0, 0x20004000}, 0x0)
sendmsg$NBD_CMD_RECONFIGURE(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)={0x1c, r7, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x0}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8004}, 0xc0)
mount(&(0x7f0000000480)=@nullb, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000040)='squashfs\x00', 0x8200, 0x0)

20.687266897s ago: executing program 1 (id=747):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f00000007c0)={'wpan1\x00', <r2=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_DEVKEY(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f00000002c0)={0x3c, r1, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r2}, @NL802154_ATTR_SEC_DEVKEY={0x20, 0x2f, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_ID={0x10, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_IMPLICIT={0x4}, @NL802154_KEY_ID_ATTR_MODE={0x8}]}, @NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc, 0x2, {0xaaaaaaaaaaaa0002}}]}]}, 0x3c}}, 0x0)

20.582805023s ago: executing program 3 (id=748):
r0 = socket(0x200000100000011, 0x3, 0x0)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f00000001c0)={0x4, 0x4}, 0x4)

20.492174941s ago: executing program 3 (id=749):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x4e20, @local}]}, &(0x7f0000000100)=0x10)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f00000024c0)={0x0, 0xf4, 0x6}, 0x8)

20.40727344s ago: executing program 1 (id=750):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r1 = socket$xdp(0x2c, 0x3, 0x0)
getsockopt$XDP_STATISTICS(r1, 0x11b, 0x7, &(0x7f0000001040), &(0x7f0000001080)=0x26)

20.372510647s ago: executing program 1 (id=751):
bpf$TOKEN_CREATE(0x24, &(0x7f0000000300), 0x8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x4, &(0x7f00000000c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, [@kfunc={0x85, 0x0, 0x2, 0x0, 0x2}]}, &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x8, 0x4}, 0x8, 0x10, &(0x7f0000000240)={0x3, 0x4004, 0x3, 0x4}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000016c0), 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
kcmp(0x0, 0x0, 0x2, 0xffffffffffffffff, 0xffffffffffffffff)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x0, &(0x7f0000000380)})
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000580)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a6c000000060a0904000000000000000002000000400004803c0001800e000100696d6d656469617465000000280002801c000280180002800900020073797a320000000008000180fffffffc08000140000000000900010073797a30000000000900020073797a320000000014000000110001"], 0x94}}, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040)={0x0, <r4=>0x0, <r5=>0x0}, &(0x7f00000002c0)=0xc)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fchown(r2, r4, r5)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_DELSET={0x20, 0xb, 0xa, 0x201, 0x0, 0x0, {0x1, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}]}], {0x14, 0x10}}, 0x48}}, 0x0)

20.307675992s ago: executing program 5 (id=752):
r0 = syz_open_dev$sndctrl(&(0x7f0000000100), 0xab3, 0x2d0142)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f0000000240)=0xffffffff)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB, @ANYBLOB="0000000000000000b70500000800000085000000a50000009500"], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
mkdir(&(0x7f0000000080)='./bus\x00', 0x0)
mount(0x0, &(0x7f0000000380)='./bus\x00', &(0x7f0000000440)='ramfs\x00', 0x0, 0x0)
chdir(&(0x7f00000001c0)='./bus\x00')
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000340)='./file0\x00', &(0x7f00000004c0), 0x700, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000080)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
chown(&(0x7f0000000280)='./file0\x00', 0xee01, 0xffffffffffffffff)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r5, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c)
sendto$inet6(r5, 0x0, 0x0, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in6={{0xa, 0x4e23, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x9c)
sendmmsg$unix(r3, &(0x7f0000010b40)=[{{&(0x7f00000002c0)=@abs={0x1, 0x0, 0x4e24}, 0x6e, &(0x7f0000000480)=[{&(0x7f0000000680)="8d9e91309a3839b9ba7832d569cd183f5a4f0bb9510b20097d3eda040c484bbbae43488c82a3f5bd2baa150f9c92b515fdc4fe80f28f60f6a41311b6ef180f9a53fd9562d8c62475eafa326bb63aad6ad3e49101c7c461df568ba36abb294d1af612b215f10f22da4e07d85a6484f974f0c89a7bf50aaafe7f6b6b227096e17c314789a63291f948159c10478ddacd28112e6bdca07d08b6b6c1464b359237890bac52e5b62c7e7a379082555dc7785be7205580bd1f9e62c9c9fe3777", 0xbd}, {&(0x7f0000000ac0)="0fad463029e82448d720dd4b5df9942ce91130e973de34d8c0f48a113b71707d983a2c89e1c08efb78a8be6b86f6835b1a3180dd6733973c32a45ce27135dd734dd0708eb40844e99789c1e1c0d2613060450853afbdb804ba541ad980a68fb5ace9a4738960d5ec03f1cbaa42f58d8ea6db10945569549655a6a26eebdb7cc1747a3bf4108779073246506ab3f802958b9e204e34126d3913fb637bd73df4cb9b4e8e571ea8d21cd837ef63c4bfe3d9e0275e0af3623d7a6b52baa3d12d1df15d6b6fb02d9f5bfe826b3115f345f65d86851be43ee8dac0559153498777bd9c0bf3a95923c1d42e699b26ff5818762bc6ae538d5c4d0f3a377d99e77caed5c4f205dc4b5e3bfe5782ccaab08bd0fb90c777e71b58adc38491d241a2bd6c003b1840efebfd0371846c446f27f2ceece59a40dbdbd48359e9b79852d056985a8e274c35f073dd016ada3f91bfcc764283621c2436713f52675309453fedfeff9495896cbf24e13dcaf7d3b81d10796ba9a66c0cd6476d427fb8167e0a5de0b6b6e0ee09cbc445e34337d6fe9ed1178756533f08da854122b141eb01c89d8862cfaecaf87059ee63785a1c78a255dc493d1756fdd1a0aa2b751196639978d35b758ef52523087354ccdb61f6ceb5871c3600f8bf6c4690782222f8562c475ffc300bf058ff7540b09f2235e8deedf233e6e925eabc0b39b3e35143e92ed8b27dfb253a9f1b28d74219e436fc04529f1f6ba66e3723d4046e9051cbe247c1d35ed55eef881687344d408c488802e809a29372a24b9c3ee2b99e03e77b00aa482cb45df627fb31554078871a621ccf8d0fc0df968588223577f4629d8f3c5a2f2a5130a94c4e1e95882a873154a238822ae8a6c573df9e58bafdbe81e4f38f81f704e3d3f5ed96d568ba2776810400e13cd1e861cc71fe5b8115e793b970d3ae8bd427c3cdbce3c92bb93a02cdc19bffb8c315b61ea82d11f21ecc74f5f848e591f626bbc9863176972f67dd40a68f066102519f8a7a8d5c0aaa737dcfe2a9324991b13cecd0f4bf98aa687263092549f587ce2c3e8d12e27ac39a86b1bf1be1bece35777d0865de558b1a40a7aeedbb8b5e238444927d6652ad6c9fd9ce3170917dd6151f65c33002f1fb83e0d58cb730e45b79d4c6fe62f5a3d2df91107aa6a5ae871cfb6f5e121122392ae7d3192173f263b1848349409078f52102decaa45201c6bce1e4c4218dfac10c4d1b0d56bff1c818c5a4fbe1191afcc9d3120f38bd432896b070e30fdd26412ea9d7c27c669144bfaeca71efbf20537a46d79c5a6f631d1d51404effc65c54795285e61632edf14cf93efc36317fc37f41babf9a934e4c8276428a6bdbeaf285920672b48f3862339211f474f64f45e5e79e8746bd42f15a6a4ec0709f4181721ba0fa31899dd0b91772111770da966a3b01928819a352c79c987b765bd4df1228079c651ed52432491eb3905467217ed91f8148301a5348a84c06d2332d0f636d8f564ea79275968265f53c5225e952af273488e73cd5b3794a06ae0117d9babe7e02ad8d8ed371d806a911f562662258bf85961c982d02ccac5b8c5a75aef225557eea0ff870fde0b6e833b1dec5a3540fee6c2c1ee0512e4cd94921a66284ccbc1bb2cc30e57433ef529dade00ebd2e531fee30c4886cbadf20b167473ab5961665ac1b4efaa3a67476c6f428f9e4b6adb5116863973d9a18d48460b8b018227a3dea823a13c061149b44699a6cd678218869b8730b582028e65c2e1dc6c6eae77fc317a5a4becb68aa428687d43ae2ef4f8506b0609e75fb3b3dd1abdc632bd7004a4b2e597070caaa6e952849d50b71ed2d5b4591eeb97a954bc0bb4462246925e34b81b9ddc335a9107da6abde4616c29fe058ce616676248ee7bb984c5bd5712a10b66814418c2d80729b9e8a7ad960c17bc20651793de5ff9d10a30ed1457a11f53f1d71954a12ad3ac61488c157c50f67e60e8f62a4e6eb24ad61a578e0c61f518797b5172daecfecf486f4944662c160534ce0e4910164c0e70af590477493e194750cf0041fb1295d683d9461bab7aee10bdb876b9603c0b5354700c3037502317b5ce295f9ee9f5d82842b32b3fa2dabd0c4304524786babc915ae3a9deefbfc32b9239118a67c81980d9e8742ee2734c2f5fe1968709fda0027c0c9068172f7fc5add72316dbc942b1e1eeb71949898b0cfb3fa35865987aedbdc7d257c66be7923ffadef8b9a05a12b01abafe2263cdc242b83a64851fe19c77f40484b3cb012e6d3788e95687d25d34eed5d8acd627e05adbc02895552aec691163f7f96a0f54f6f2dce3966bf8f7c2d528eab2b4888c5be9b1c45da492a811717a66da1dd7c90f558e039110eff11cdad69ad5b263b11ff1edbafe7c5ae447397f3f04f34c424e78ea2f7c6270a62b415de912c0e9741b84b907926d8508e92124cc9af1edfeb92709e47e285598956ee2f3093e382aaa8bbdf1b9401e24e4047e47f2a122003b383e2d2587968f769ce29ceb38368ed9943437fedb7372f2303335e3d21d7696a74df5d9999bfb6d475da6fe50a349773b1f692266dad4d995bd5f4ceac5812e34e3e9f20c55e26fd64e7ddef7116994ce60a1da961cc8b13816fc688cbfaa78dd5c62cd02638fbb6cfc54efc9d4e88e10fb55f4145e151ab4e38a8b926d3eecf572b97b19f27b9377f449bc5278eaeca04788ef4ab21b3e65336d92de5264bfb67ab9aec85287098dab686c5703ee2071ae7c7f4a95b5be63fd77a64c43b7c9d2c9f4e4b8550281ed3586eb255863e62cc8d3f086935dba82e27d3d1497f2c8ccbf8ca403a6011e65821b4afbeae428f785bc3f5442bd16a1d0e80b72b989ad7568bcb0f1af57794a30845d377f20595b5e7a2b9626ff83fde610a63298f58f1b9f46ddd56f5cb91ddbae23f48fd5ed40078a012cfe0bf7ad8eadda06066172d6c9f95f0a8f1d87f4d5602a09f71895808c7a94ae9db0c619b52e3d9222a392b648c879f416e6a13567096fb4ac1f9c1f6466506d04df8c5bd513845f9f82cfa137c72f46c63003c1ce2d1416af586e805dd841e5f7b03375dfbaa593e4a8e5cb990139396d7235f95365d16090951cfa1affd98054ca7b0e025f337d856125a96b05045197da94943c9a4dce2c9e839a0b5f4a0f94ce23f5d53ef0ea8a4f66b3005f3fe97e6622e37d9531c590f3dc7a811d3146abc78288cc5c3912b4fa39b70b16dd1f555f87fd4cb6aa7f23d98b9b3067291bd5f680f8893577a979bd99337adaec9c3c5230e1e6f8d18fa6b48a482331b452de487dddda76a001f348fce72485a256b5937aeaa087ec1230a0ed30c883497d2f6312064cc8014c1a3250c3ada1f23b3e144da8b6a0666420fc47d6fe47a3fd671916e47b4aeb7d2b42b6ea153dffec687216ea02c36427a906bddf0a6a3dfa1bafd5c1111b17d997dd9d527a5fe4a7c8678671f3aeb1b6fd8977566d639745f21eba4cf5cbe2810b0972795cd8023d1010377762f22918660382210f5f195266b28f781ec83cbafd0994065376793c7b3846184f819169d576efbe4befa9f204bcdb56410063842a40aa47343fd583cdb5552df138b33d00e57be8237a5172c503c38574e2f2ee36fdac4580151f7e1e67d3c68f646ad00d5fda62177b518fe9e6e5236f241d69826f7149c4d7356a63fcadfff915629af61c4072a353d9e503dc354bc2bc0a959bde1655ed8974e8d4a8bd528a99ff707c638daf4dd938292ac21223b95cd2ff69b017d72dcc1d034a2036f2829f4f7b431882ce64166afdf8602fa587dcd97a891bdd87d86964bd07a394ab214b150ef22d5e29cd1f0e82589e814ba02140d46a903fb02ed767ae2ca354115655709e909728d6efbd45070c9c7c1c8ae751c8ab25a4c9f82e95ef927a745da532dedc136b99e1de956c70ecbeae15d2e5257612cb3278bf751907644ab63ebc12610429474ab5471db03a5e38c3678d34a638ae269ed6ed37dbf95d69a8001fc2b11f8cca87b7a4da14b43c326db905705ee52f6412eab14764cff61cda52c890e9be5d5eea0256f61de121e6756a4c323827853fc34b9970732f449bd981f26d2b3e6f176956cd06955adf559136880233793e15a7088a3a75748b6bb4092c9aec89a3f3f83b08d22efb5bb80e116932a142b4400fb744166d1081734ac03d63ef0a1b764ca60b11e6841029b9d17332873f4142f10bcbcf4a3ca6a63737ec169561c0a2773df7c2c4dec74387cf6c31d2abd147713e04ef99bd8923867edfef1efacf68f4bf242628b18f783b8568bd1c76b9b0be1431c34d34d87330a1b484ac130f8a11afec46cb1b261e87abfaaea37c1d9bb0979d494ac04a95b02659a64d0c3c30479e25f68a32abecd1b6c85c7dbe2910c0db3e1e169fec725aad4a96da345c0f126eca6b49798cc1731b533c15140f07a62e323c89db96871476a30f6f391cf117f6c5faf3483308114e74f55b522c1b6cf96bdc84b3c2b32c10aae2d230d91877be83dbba5f6b608f132d4a046ee9253dcd023e3c82e7f9b7f736dbcd975ef4b2a31b1e0b70fcc6cf1d7c38098ae831cc3a2f8ffabb2ccd7c347b72b303a2cef23ed503e8750eb8d9f094cf05ff21d88994fa14d61efefe461a5ebbad25c46415e5446fdd921da8d90e5ba959a816acf0cd2888d3306524135cc08dbc0e9407da7b233045a5c369bee0c2f56916b33f4a308743f4e7ce7a3fedf17b3d34033662a044d250576cc6a23b1dab6ef831e0fa4fcccbe62cad203a86f9a7389129c2f29f709a8f035e9a982d92600cfcff9e87d1e3e372adb432f03f3dc4304e5b49ccfd3be266e81459ee91ab49381d5fabc8052e91f440a1db0831113614d81cb3c301d37090b0f6206c2180f9d801a4fbf33905e8abb07c35b347a416f851cdd32794b3102f6e796d6404396f0342d722405c239e4d401cd648c17a976678a251888930c4eada00ce040436aeebf11949c77c794a8873d0b2b2068b7148b9f31a138277290021c6fd1faf5d0ffe6165c41b59fbb1805f05586906724ab3751e63530bef0f1cf35a1ef5869f57ccfd419503963a7d7cec5bfa91aaf7586739c92a6d32035c22bc3b46499c1fd4270e8b8474778fee8fe97ae335721a3ca63e5126901e65f58d6594e8b5a334061de241d7d73462cdcf67868f3c4cb24e830c87113e7418af0e98bc4bdefaddd1405dea1bd15a4676b2b17dc4804847f855645da749ee0bb8d4a02d8391d09d9ee43de8ed9ef12fea007d3340dda6b86b3e3400c75acda44f622871ef511683c92af76973f159c14cfbb5e58de40703a8981043ff29064726d670483e24cdb6c5f992841f4af465b578ad9d3cdeaef718efc50991084b4823a9e3d45fc5ef408fe031df30d725c0a3bbf81b8ef4468b1aa75d6628773677f7328d15c465e53e8bc59bb6ea9d728be9ba49c0d65370f9426b6fcc33d3d8aa22e27ba525fb266a0d57890242cf6756e96b11ba7160a847ccf9eb629169c8d75d70ad8243f1812b73d4cceb41f3b8a74925e289b8358630f004b1ea1c530a74a86382c1357fff421b55364bc151b5c80d96cd12ec29d0760b0543845cbc263ca6de1f78100fadf3b6e0874547e706b9e1d581c0681a8b77c6200df0eb8d0f9bbeed5f07cb6e6016c5682dc298993ea116fd165b722e8eeac407864126713d4c2825001fd41f8f403bb5f7cc0bf457984b67885b506f35f3cb9e164657111e6506766eddf95e6f98cf1a84b10cca1e33f3e4162997a77a0648e1ae0", 0x1000}, {&(0x7f0000002000)="a45e01225658f832da59e6d7e8fa674aac4b53743c7c4da9a1fe53384a993a04d2322a6b32e672c86a7a2c75a9325d53690670b221eca20bda8462e50ff118e6e4c062ac44cb0652fbf8deb57bc75f5fb5a73c000000000800"/100, 0x64}, {0x0}], 0x4, &(0x7f0000000740)=[@cred={{0x18, 0x1, 0x2, {r2}}}], 0x18, 0x800}}, {{&(0x7f0000000940)=@abs={0x1, 0x0, 0x4e20}, 0x6e, &(0x7f0000001e40)=[{&(0x7f0000001ac0)="381f7b0205d3f32b454f7bd76c69679f5391613a769bf48e3a1a71d1a4aaa000ccd896c8669d0d81b85a65d8009d134a0c6373e83b552d64888b9fc07bfad4dc661b07d5681b6b9f683b23f2356e8f5e865025c392ee7974b87b3f3fc2f33506e07d2a4e6444ec0dbaaceb9e506d44ac167d6060f2702ad35ddb2a1f7ae935afa2b9640e4f967bfdaba2733d88cd6be2feec8da736", 0x95}, {&(0x7f00000009c0)="2da918b56f2d83e362e06a96a2bb7776e9f0e89dec4eb0c79025e60c67be8bb1b1", 0x21}, {&(0x7f0000001b80)="80c3aff8dfe5a9319e31252a38acaae8586c8009383102165e76d1fd4234a430e4401699ccb0e5390a53b89c1d8b1fc6bdb12ed9e824ae7f85560b8ff9687b3029fa0e08760fcde659359e4f291f8f7327b6ead2d7fe14d46a06701ed3549ee2bac01babfbb68b98deffd99c27b6eb529105e300fe1fd653bf9983a07264772a595c40e173bda7549685206b661ac096", 0x90}, {&(0x7f0000001c40)="980c37247a342bded8c7600e6c266058142541266b513c154087e176765857d8b148f57888cf0bc4", 0x28}, {&(0x7f0000001c80)="9f4ea0ebd8a6de390d516d905b0eae9edca31b67d3200e8f787ab25b83834c196edd20996e6776fbe38d26bcbd0dfe5cf88eb68043", 0x35}, {&(0x7f0000001d00)="a5d0e7734f9f64014a2cda05dd8e83d9444a00d3b3c38298d25c236a047059ae38", 0x21}, {&(0x7f0000001d40)="e5c9e5ecfb5779beea0d779678fbe2de0641c2b530a15eafbf33df5206a0f27b91b068333908bb2230bee90fa927ac02dabaacff821dfff34f6443c59a0938057f69e968fee4b414342cf4d47299c7f51f46be9d6ce5dbbb5c5bed37fa4d70ee0e6fa8aed9eacea49b6e6beeb4c128afa47078a08c1988bc40123efc02fa607acae5caebc76b1d14ab08ee7e84f811b13e8949928cd3dc6e385cd899cdb2297678675a33e22dd4ab63e316b9484384a2f71243fe08d939aba946df07e751d914aea638ee19da29a2d156fa71edbf8faa322c772902b914da59eea9f06ed2d2c7864c20b91d22f259c90f9ac256028831f716cd176cb6b1b0103f", 0xfa}], 0x7, &(0x7f0000000900)=[@cred={{0x18}}, @cred={{0x18, 0x1, 0x2, {r2}}}], 0x30, 0x4004004}}, {{&(0x7f0000000800)=@abs={0x0, 0x0, 0x4e24}, 0x6e, &(0x7f0000007300), 0x0, &(0x7f0000007400)=[@rights={{0x1c, 0x1, 0x1, [r1, r4, 0xffffffffffffffff, r5]}}, @cred={{0x18, 0x1, 0x2, {0x0, 0xffffffffffffffff}}}, @cred={{0x18, 0x1, 0x2, {r2}}}, @rights={{0x18, 0x1, 0x1, [r4, r4, r4]}}, @rights={{0x20, 0x1, 0x1, [r3, 0xffffffffffffffff, 0xffffffffffffffff, r1, 0xffffffffffffffff]}}, @rights={{0x10, 0x1, 0x1, [r3]}}], 0x94, 0x48040}}, {{&(0x7f00000074c0)=@abs={0x1, 0x0, 0x4e22}, 0x6e, &(0x7f0000008880)=[{&(0x7f0000007540)="2d3344741e819943db3ec8e9a8850a0af4029a104fe060efa58aecffe538b36295b63a8152a9a7e3e67b91b0b2223f400bd07823670122b76daa7d00e41f410edcea8c1e33fcddc686bed1ed2ef9ef26d6d426a964649ddb37afaeede19971adfad7883936038d4f402fc6d593fd9297107934a1a35e41fb6e4e80e58790883eb8bce71df2eefcf0f568e5", 0x8b}, {&(0x7f0000007600)="0b23822c554c052bbd33e9618576abcb1f030ce1576309984f9b2bd181caaff2ba6ebe2604c6f581b96f8311ca78619c3fa9dbb953368b46287b954869166d9a810153ec0a3d7f1747ac73c43eea59a7954db8c0610d832dbdfee7294f07ec1372f98a67cc133757f79a83196a5797424587f110eb1857504627fb8b05d66c42a030439b31aa172588d6da71f0814e9f25a9a1ad2c888bac1e7d3c15e495d8a205edf891c54ecf3b", 0xa8}, {&(0x7f00000076c0)="3f57a144c9b5d92a2116fbebdf93410859e56f43f82f0a5a543b29ac11efe184f628b34dff7f91d5c06016100a3d790d375aa68ca08fb1e82d3fdde38cf71a18543b0df18f65fd012f9af57c83148b2c8664f35590bbfe4bf2a37343012860e822bc304712821df3200368b0792fe1a86ea21659b98642f8781feea19abc", 0x7e}, {0x0}, {&(0x7f0000008840)="d706e9b5502d57a7a5f044fa5b22ebb122ee6d351c916c6b758114aa071befcfdf00ff10f51e7d7055fe03b7ec78d17d720744945336", 0x36}], 0x5, &(0x7f0000000880)=ANY=[@ANYBLOB="180000000100000002000000", @ANYRES32=r2, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="1800000001000000010000c58045d786683610e004c0a3d9f0219400", @ANYRES32, @ANYRES32=r0, @ANYRES32, @ANYBLOB="180000000100000002000000", @ANYRES32=r2, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="180000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0], 0x60, 0x40011}}, {{&(0x7f000000ec00)=@abs={0x0, 0x0, 0x4e20}, 0x6e, &(0x7f000000ff80)=[{&(0x7f000000ed40)}, {&(0x7f000000fd40)="64fe46fd68437b5bfd5b77cafe54104758189fc4aaf5de43013f2ac9400f3838f94da4c84627de73b52cd0a2452e8725890ba228628137d6c179aaeebac028f0e59780567462e8c6678803f8de17301ed4bd005aa4cba221b73fb40c920d993c945104cc3fdc2c8c948717aa3275", 0x6e}, {&(0x7f000000fe00)="7f67cd86e461b518364b59147b9c3ebe7b35fb3ed09627d633b5f0c1fdb8ab4d1ebdf8d1be68b158e18c03bf2ee39c9d1a3de0eed79d8681831ab6e9bf8126a73f9cabc23473285c4352ab343b3a6e27ed19e674d405bb96d810146c72c7fb2a1356141f4233d2d43aa0d5b4fca2c2bbef4fed7e89538078e754c6aab04703b40d4498964a6ee2725c496eb306f5d57b98cf6700ff742a7417884dc18160aeb292", 0xa1}, {&(0x7f0000001e80)="c72f2f336e91a8d056532d83f8912f07e9b60e77355ade5c2f0241a8118922ed8aa54a1b8cf830bf56ac15c5d198a0395efd25b51f62da55ae4cedadbd33a8ce2777b0e55ff66392b08d322203db87287170d089dc86c482befe8facd5f3dbcb2fec9e00a3f962ba186de4c0a67cc1c42186134a489bd4a9ad81700feb1efc3384b9d6c3c88875fd8295443e2f94b2535d84d6b471452c0f85d95fcd2dc76ca6f9ec84b0ee71e83350a47a73dccb8c070000764e2a7243d1c0989bc58425dcf4a0ed0c13f45651024a5ccfdcf63e7d544701731f5c57c29096662f68f43d08648b43f5a0e2449813355ad68596f65bb3ecafb1017105fef8e94a88ccc1fe416637a815cb6d232705cfff527d68e52486ccc9def2c6719cf078e70045df9f5826206e5b3bc6a763a67cc3b725ed713e6d5aeb34921b7c7bff851a875a059a98a8e0390fff310b0e5c634da3f874424f7859b8fbfb4469e9a4c7b0180e54f09e89ff", 0x161}], 0x4, &(0x7f0000010200)=ANY=[], 0x30, 0x40}}, {{&(0x7f0000010240)=@file={0x1, './bus\x00'}, 0x6e, &(0x7f0000010500)=[{&(0x7f00000102c0)="266dd1d4534b30c91f69619cafa3cc2f5d0ea7cd45840527caa9af613e0d32f2e4c07ff8c945bed42b5b44c3c24abeaff2fb82445d635c7356394fac7b1045439eedcb040e16cec8bf34bf8d10640620c9dc0ffa05d1ddf4acd94b7cef7389d96d02c8eabc6c4aabe9d244096c5e4c52019ca52f085afc56a4d1c13df7737b3b", 0x80}, {&(0x7f0000010340)="fdd29c834d3836a02efada8c6a48c696f6db58a10e889de33e7c196838c896743755d0fd256e6e43697cfad68bdfcdd5b92504beeed693f95b497b3a26e1c56ff9fa817677b209bbac3dcf6f80c5ac5ae01ccd565b8749f56af9bf200b74ddedca36a3840f1177776ae812eeb04e7c0d95142398d0a40e96cf963e99bc7a208f3d8e5291adaf799071e0b3c9beb0ba202532d822e43b6496712189029a5c257a4dc73208b6163c91e3b2e387a6ceb04d", 0xb0}, {&(0x7f0000010440)="4c1083e4df34bc11c71a696a8d2d87270d7def07ed13681fdcb49c121186e02f395e89711413635c4df982932aa20b34c14ba3a0537f080a084c545b009895ff9564a6a408ea950b66377d8329fe60091a6609bfc6929e01c1b7da9ac4674d421f5f21fc0e95975ceda66cd5df23e10830315f565fa3e785153b1659f458834ebcc44b6e6f73e25039f58679c37caf5026b814", 0x93}], 0x3, &(0x7f00000107c0)=[@cred={{0x18, 0x1, 0x2, {r2}}}], 0x18, 0x20004040}}, {{&(0x7f0000010800)=@abs={0x0, 0x0, 0x4e24}, 0x6e, &(0x7f0000010940)=[{0x0}], 0x1, &(0x7f0000000780), 0x0, 0x20040080}}], 0x7, 0x20004041)

20.063314091s ago: executing program 0 (id=753):
r0 = syz_open_dev$vbi(&(0x7f0000000400), 0x1, 0x2)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc0f8565c, &(0x7f00000002c0)={0x0, 0x3, 0x1, {0x5, @sliced={0x8000, [0x184, 0x501, 0x80, 0xaf9, 0x6, 0x2, 0xa79a, 0x6, 0xfff8, 0x0, 0xd, 0x9, 0x5, 0x8, 0x5, 0x44, 0xd, 0x7f, 0xfffc, 0x71a, 0xfffe, 0x2, 0x5, 0x80, 0x1, 0x0, 0x3ef, 0xd68f, 0x4, 0x7, 0x8, 0x100, 0x4f2, 0x0, 0x800, 0x7, 0x7, 0x8, 0x2, 0x4, 0x65, 0xc, 0x9, 0x6, 0x1ff, 0x7f, 0x4, 0x2], 0x803}}})

19.018939098s ago: executing program 1 (id=754):
socket$inet_udplite(0x2, 0x2, 0x88)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x609, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @bond={{0x9}, {0x18, 0x2, 0x0, 0x1, [@IFLA_BOND_ARP_IP_TARGET={0xc, 0x8, 0x0, 0x1, [@initdev={0xac, 0x1e, 0x1, 0x0}, @dev={0xac, 0x14, 0x14, 0x24}]}, @IFLA_BOND_ARP_INTERVAL={0x8, 0x7, 0x2}]}}}]}, 0x48}}, 0x8000)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000130000000000000000004000000000000000005c"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0x11, 0x17, &(0x7f00000007c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x6}, {0x66, 0x0, 0x0, 0x80ffffff}}, [@printk={@p, {0x3, 0x3, 0x3, 0xa, 0x9, 0xfe00}, {0x6, 0x1, 0x5, 0x1, 0x9}, {0x7, 0x0, 0x3}, {}, {}, {0x56}}], {{0x4, 0x1, 0x2, 0x3}, {0x5, 0x0, 0xb, 0x3}, {0x85, 0x0, 0x0, 0x76}}}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4a, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x31, 0x0, &(0x7f0000000040))
sendmsg$NFT_BATCH(r2, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000cc0)={{0x14}, [], {0x14}}, 0x28}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(camellia)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, 0x0, 0x0)
ioctl$TIOCGSOFTCAR(0xffffffffffffffff, 0x5416, 0x0)
rt_sigprocmask(0x0, 0x0, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
syz_open_dev$evdev(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000400)=0x200002)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
io_setup(0xfffffc01, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
creat(&(0x7f0000000000)='./file0\x00', 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x1, 0x5, 0x9fd, 0x84, 0x105, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0xffffffffffffffff, 0x0, &(0x7f00000000c0), &(0x7f0000000240), 0x800, r6}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x19, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x70, r6}, 0x38)

18.882977577s ago: executing program 3 (id=755):
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_usb_connect$cdc_ncm(0x4, 0x6e, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000020000002505a1a440000102030109025c0002010000000904000001a3f45747d649f9a30105240000000d240f8100000000000000000006241a0000000905810300000000000904010000020d00000904010102020d000009058202000000000009050302"], 0x0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904010001faf40d00090582"], 0x0)
r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
write$char_usb(r0, 0x0, 0x0)

18.794948907s ago: executing program 5 (id=756):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
read$hidraw(0xffffffffffffffff, 0x0, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x40241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000380)='mountinfo\x00')
r3 = open(&(0x7f0000000080)='./file1\x00', 0x10b942, 0x0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000080)={[{@quota}, {@usrquota_inode_hardlimit={'usrquota_inode_hardlimit', 0x3d, [0x37]}}]})
sendfile(r3, r2, 0x0, 0x80000000)
mount$9p_unix(0x0, &(0x7f0000000600)='./bus\x00', 0x0, 0x2100001, 0x0)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x141a82, 0x0)
r5 = dup(r4)
r6 = open(&(0x7f0000000100)='./bus\x00', 0x18d542, 0x2)
ftruncate(r6, 0xee77)
sendfile(r5, r6, 0x0, 0x8000fffffffe)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080), 0x40281, 0x0)
r7 = syz_io_uring_setup(0x70e4, &(0x7f0000000800)={0x0, 0x0, 0x10100, 0x6}, &(0x7f0000000100)=<r8=>0x0, &(0x7f0000000140)=<r9=>0x0)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r10, &(0x7f00000001c0)=ANY=[@ANYBLOB=')'], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r10, 0x0)
syz_io_uring_submit(r8, r9, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer)
io_uring_enter(r7, 0x2d3e, 0x0, 0x0, 0x0, 0x0)
r11 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r11, &(0x7f0000000000)={0x1f, 0x0, @any, 0x0, 0x1}, 0xe)
setsockopt$bt_BT_DEFER_SETUP(r11, 0x112, 0xf, &(0x7f0000000200), 0x4)
ioctl$KVM_PRE_FAULT_MEMORY(r10, 0xc040aed5, &(0x7f0000000040)={0x8080000, 0x8000})
sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000440)=ANY=[], 0x3c}}, 0x0)

18.79450159s ago: executing program 0 (id=757):
r0 = syz_open_procfs(0x0, &(0x7f0000002180)='net/mcfilter\x00')
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
preadv(r0, 0x0, 0x0, 0x1, 0x0)

18.717318445s ago: executing program 0 (id=758):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x1, 0x40, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x7d, &(0x7f0000000300)=@assoc_value={0x0, 0x3af4}, 0x8)

18.32510106s ago: executing program 0 (id=759):
r0 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000440), 0x141700, 0x0)
read$FUSE(r0, &(0x7f00000020c0)={0x2020}, 0xffffff68)

18.063103516s ago: executing program 0 (id=760):
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x2000000000000376, &(0x7f00000000c0)=ANY=[@ANYRESHEX], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0xa, 0x4}, 0x8, 0x10, &(0x7f0000000240)={0x3, 0x4, 0x5, 0x6}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x800005d, 0x4810)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x0, 0x0})
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x40241, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}})
sendmsg$NFT_BATCH(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[], 0x7c}}, 0x0)
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f00000000c0), 0xc102, 0x0)
sendfile(r5, r5, 0x0, 0x40008)

17.137528179s ago: executing program 3 (id=761):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="440000001000390400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800b0001006272696467650000140002800800150000000000060027"], 0x44}}, 0x0)

16.960848369s ago: executing program 2 (id=762):
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000048000000160a01020000000000000000010000000900010073797a30000000000900020073797a3000000000140003800800024000000000080001400000000008000740000000015c000000160a01010000000000000000010000000900020073797a30000000000900010073797a3000000000300003802c00038014"], 0xec}}, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, &(0x7f0000000140))
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000240)={{{@in6=@loopback, @in6=@dev}}, {{@in6=@remote}, 0x0, @in=@dev}}, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, 0x0, 0x0)
setsockopt$inet6_tcp_TLS_TX(0xffffffffffffffff, 0x11a, 0x1, 0x0, 0x0)
sendto$inet6(0xffffffffffffffff, &(0x7f00000001c0), 0xfffffffffffffede, 0x0, 0x0, 0x3000137)

16.879294s ago: executing program 3 (id=763):
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x300000a, 0x4031, 0xffffffffffffffff, 0x0)
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000000)=""/74, 0x32a000, 0x800}, 0x20)
mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)

16.864237728s ago: executing program 2 (id=764):
syz_io_uring_setup(0x24fd, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x2, 0xfffffffd}, 0x0, &(0x7f0000000140))
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x610c42, 0x0)
socket$netlink(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, &(0x7f0000000340)=[{0x0, 0x1, 0xa, 0xb}, {0x5, 0x2, 0x13, 0x2}, {0x5, 0x5, 0x5, 0x9}], 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
add_key$user(&(0x7f00000003c0), &(0x7f0000000440), 0x0, 0x0, 0xfffffffffffffffd)
r3 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000004380), 0x101602, 0x0)
read$FUSE(r3, &(0x7f00000020c0)={0x2020}, 0xffffffffffffff5c)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000240)={'veth0_to_team\x00'})
socket$nl_route(0x10, 0x3, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r4, &(0x7f0000000440), 0x10)
connect$vsock_stream(r4, &(0x7f0000000100)={0x28, 0x0, 0x2711, @local}, 0x10)
listen(r4, 0x0)
r5 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r5, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10)
accept4$vsock_stream(r4, 0x0, 0x0, 0x80000)

15.768302619s ago: executing program 3 (id=765):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000080)='westwood\x00', 0x9)
connect$inet6(r0, &(0x7f00000001c0)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
syz_usb_connect(0x0, 0x24, &(0x7f0000000600)={{0x12, 0x1, 0x0, 0x9, 0x14, 0xbf, 0x20, 0xac8, 0xc301, 0x82d5, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x53, 0x8, 0x98}}]}}]}}, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000100), 0xfffffd9d)
sendfile(r0, r1, 0x0, 0x8000002b)

15.291138014s ago: executing program 1 (id=766):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x35, 0x1, 0x8, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00')
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000f00)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c, &(0x7f0000000500)=[{&(0x7f0000000140)="03", 0x1}], 0x1}}], 0x1, 0x4000001)
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
sendmsg$802154_dgram(r0, &(0x7f0000000300)={&(0x7f0000000200)={0x24, @long={0x3, 0x2, {0xaaaaaaaaaaaa0302}}}, 0x14, &(0x7f00000002c0)={&(0x7f0000000240)}, 0x1, 0x0, 0x0, 0x4040014}, 0x4040048)
socket$inet(0x2, 0x80001, 0x84)
r1 = gettid()
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x602, 0x0)
write$rfkill(r2, &(0x7f0000000300)={0x0, 0x2, 0x3, 0x1}, 0x8)
write$rfkill(r2, &(0x7f0000000340)={0x53, 0x8, 0x0, 0x1, 0xcc}, 0x8)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
socket(0x10, 0x3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0)
r3 = socket(0x22, 0x2, 0x3)
setsockopt$MISDN_TIME_STAMP(r3, 0x0, 0x1, &(0x7f0000000140)=0xfffffffe, 0x4)
setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000000640)=@broute={'broute\x00', 0x7001, 0x1, 0x170, [], 0x0, 0x0, 0x0}, 0x1e8)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f00000001c0)={0x0, 0x12, "c29bc5bdc4eaa3ecb4fb9f7547b30f4c5333"}, &(0x7f0000000100)=0x1a)

3.505295038s ago: executing program 33 (id=756):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
read$hidraw(0xffffffffffffffff, 0x0, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x40241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000380)='mountinfo\x00')
r3 = open(&(0x7f0000000080)='./file1\x00', 0x10b942, 0x0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000080)={[{@quota}, {@usrquota_inode_hardlimit={'usrquota_inode_hardlimit', 0x3d, [0x37]}}]})
sendfile(r3, r2, 0x0, 0x80000000)
mount$9p_unix(0x0, &(0x7f0000000600)='./bus\x00', 0x0, 0x2100001, 0x0)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x141a82, 0x0)
r5 = dup(r4)
r6 = open(&(0x7f0000000100)='./bus\x00', 0x18d542, 0x2)
ftruncate(r6, 0xee77)
sendfile(r5, r6, 0x0, 0x8000fffffffe)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080), 0x40281, 0x0)
r7 = syz_io_uring_setup(0x70e4, &(0x7f0000000800)={0x0, 0x0, 0x10100, 0x6}, &(0x7f0000000100)=<r8=>0x0, &(0x7f0000000140)=<r9=>0x0)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r10, &(0x7f00000001c0)=ANY=[@ANYBLOB=')'], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r10, 0x0)
syz_io_uring_submit(r8, r9, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer)
io_uring_enter(r7, 0x2d3e, 0x0, 0x0, 0x0, 0x0)
r11 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r11, &(0x7f0000000000)={0x1f, 0x0, @any, 0x0, 0x1}, 0xe)
setsockopt$bt_BT_DEFER_SETUP(r11, 0x112, 0xf, &(0x7f0000000200), 0x4)
ioctl$KVM_PRE_FAULT_MEMORY(r10, 0xc040aed5, &(0x7f0000000040)={0x8080000, 0x8000})
sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000440)=ANY=[], 0x3c}}, 0x0)

2.499525802s ago: executing program 34 (id=760):
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x2000000000000376, &(0x7f00000000c0)=ANY=[@ANYRESHEX], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0xa, 0x4}, 0x8, 0x10, &(0x7f0000000240)={0x3, 0x4, 0x5, 0x6}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x800005d, 0x4810)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x0, 0x0})
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x40241, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}})
sendmsg$NFT_BATCH(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[], 0x7c}}, 0x0)
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f00000000c0), 0xc102, 0x0)
sendfile(r5, r5, 0x0, 0x40008)

994.301317ms ago: executing program 35 (id=764):
syz_io_uring_setup(0x24fd, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x2, 0xfffffffd}, 0x0, &(0x7f0000000140))
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x610c42, 0x0)
socket$netlink(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, &(0x7f0000000340)=[{0x0, 0x1, 0xa, 0xb}, {0x5, 0x2, 0x13, 0x2}, {0x5, 0x5, 0x5, 0x9}], 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
add_key$user(&(0x7f00000003c0), &(0x7f0000000440), 0x0, 0x0, 0xfffffffffffffffd)
r3 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000004380), 0x101602, 0x0)
read$FUSE(r3, &(0x7f00000020c0)={0x2020}, 0xffffffffffffff5c)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000240)={'veth0_to_team\x00'})
socket$nl_route(0x10, 0x3, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r4, &(0x7f0000000440), 0x10)
connect$vsock_stream(r4, &(0x7f0000000100)={0x28, 0x0, 0x2711, @local}, 0x10)
listen(r4, 0x0)
r5 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r5, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10)
accept4$vsock_stream(r4, 0x0, 0x0, 0x80000)

506.457158ms ago: executing program 36 (id=765):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000080)='westwood\x00', 0x9)
connect$inet6(r0, &(0x7f00000001c0)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
syz_usb_connect(0x0, 0x24, &(0x7f0000000600)={{0x12, 0x1, 0x0, 0x9, 0x14, 0xbf, 0x20, 0xac8, 0xc301, 0x82d5, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x53, 0x8, 0x98}}]}}]}}, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000100), 0xfffffd9d)
sendfile(r0, r1, 0x0, 0x8000002b)

0s ago: executing program 37 (id=766):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x35, 0x1, 0x8, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00')
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000f00)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c, &(0x7f0000000500)=[{&(0x7f0000000140)="03", 0x1}], 0x1}}], 0x1, 0x4000001)
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
sendmsg$802154_dgram(r0, &(0x7f0000000300)={&(0x7f0000000200)={0x24, @long={0x3, 0x2, {0xaaaaaaaaaaaa0302}}}, 0x14, &(0x7f00000002c0)={&(0x7f0000000240)}, 0x1, 0x0, 0x0, 0x4040014}, 0x4040048)
socket$inet(0x2, 0x80001, 0x84)
r1 = gettid()
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x602, 0x0)
write$rfkill(r2, &(0x7f0000000300)={0x0, 0x2, 0x3, 0x1}, 0x8)
write$rfkill(r2, &(0x7f0000000340)={0x53, 0x8, 0x0, 0x1, 0xcc}, 0x8)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
socket(0x10, 0x3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0)
r3 = socket(0x22, 0x2, 0x3)
setsockopt$MISDN_TIME_STAMP(r3, 0x0, 0x1, &(0x7f0000000140)=0xfffffffe, 0x4)
setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000000640)=@broute={'broute\x00', 0x7001, 0x1, 0x170, [], 0x0, 0x0, 0x0}, 0x1e8)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f00000001c0)={0x0, 0x12, "c29bc5bdc4eaa3ecb4fb9f7547b30f4c5333"}, &(0x7f0000000100)=0x1a)

kernel console output (not intermixed with test programs):

 USB device number 4 using dummy_hcd
[  121.661703][   T25] usb 5-1: Using ep0 maxpacket: 16
[  121.718725][   T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  121.895517][   T25] usb 5-1: New USB device found, idVendor=0c70, idProduct=f003, bcdDevice= 0.00
[  122.206909][   T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  122.267778][   T25] usb 5-1: config 0 descriptor??
[  122.365188][  T974] imon:send_packet: packet tx failed (-71)
[  122.389846][  T974] imon 4-1:0.0: panel buttons/knobs setup failed
[  122.420102][ T5923] usb 2-1: USB disconnect, device number 9
[  122.671875][  T974] rc_core: IR keymap rc-imon-pad not found
[  122.677843][  T974] Registered IR keymap rc-empty
[  122.683218][  T974] imon 4-1:0.0: Looks like you're trying to use an IR protocol this device does not support
[  122.695545][  T974] imon 4-1:0.0: Unsupported IR protocol specified, overriding to iMON IR protocol
[  122.710933][  T974] imon:send_packet: packet tx failed (-71)
[  122.747833][  T974] imon 4-1:0.0: remote input dev register failed
[  122.777646][  T974] imon 4-1:0.0: imon_init_intf0: rc device setup failed
[  122.815176][ T6595] kvm: pic: non byte write
[  122.875129][  T974] imon 4-1:0.0: unable to initialize intf0, err 0
[  122.881938][  T974] imon:imon_probe: failed to initialize context!
[  122.891197][  T974] imon 4-1:0.0: unable to register, err -19
[  122.931160][  T974] usb 4-1: USB disconnect, device number 13
[  123.313528][ T6604] 9pnet_virtio: no channels available for device 
[  124.076872][   T25] usbhid 5-1:0.0: can't add hid device: -71
[  124.083035][   T25] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  124.100054][   T25] usb 5-1: USB disconnect, device number 4
[  125.070460][ T6625] xt_CT: You must specify a L4 protocol and not use inversions on it
[  125.107006][ T6625] xt_TCPMSS: Only works on TCP SYN packets
[  126.650124][ T6648] Device name cannot be null; rc = [-22]
[  127.307762][ T6656] fuse: Bad value for 'fd'
[  127.406375][ T6658] netlink: 156 bytes leftover after parsing attributes in process `syz.3.163'.
[  129.564337][ T6682] cgroup: Name too long
[  130.641858][ T6690] FAULT_INJECTION: forcing a failure.
[  130.641858][ T6690] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  130.680361][ T6690] CPU: 1 UID: 0 PID: 6690 Comm: syz.3.171 Not tainted 6.12.0-syzkaller-10740-g509f806f7f70 #0
[  130.690659][ T6690] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  130.700728][ T6690] Call Trace:
[  130.704017][ T6690]  <TASK>
[  130.706954][ T6690]  dump_stack_lvl+0x241/0x360
[  130.711627][ T6690]  ? __pfx_dump_stack_lvl+0x10/0x10
[  130.716812][ T6690]  ? __pfx__printk+0x10/0x10
[  130.721391][ T6690]  ? __pfx_lock_release+0x10/0x10
[  130.726405][ T6690]  should_fail_ex+0x3b0/0x4e0
[  130.731075][ T6690]  _copy_from_user+0x2f/0xc0
[  130.735655][ T6690]  get_user_ifreq+0xc3/0x200
[  130.740232][ T6690]  sock_ioctl+0x793/0x8e0
[  130.744553][ T6690]  ? __pfx_sock_ioctl+0x10/0x10
[  130.749400][ T6690]  ? __pfx_sock_ioctl+0x10/0x10
[  130.754237][ T6690]  __se_sys_ioctl+0xf5/0x170
[  130.758815][ T6690]  do_syscall_64+0xf3/0x230
[  130.763325][ T6690]  ? clear_bhb_loop+0x35/0x90
[  130.768015][ T6690]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  130.773905][ T6690] RIP: 0033:0x7f04e2d80849
[  130.778309][ T6690] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  130.797905][ T6690] RSP: 002b:00007f04e3bb5058 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  130.806325][ T6690] RAX: ffffffffffffffda RBX: 00007f04e2f45fa0 RCX: 00007f04e2d80849
[  130.814309][ T6690] RDX: 0000000020000280 RSI: 00000000000089fe RDI: 0000000000000004
[  130.822271][ T6690] RBP: 00007f04e3bb50a0 R08: 0000000000000000 R09: 0000000000000000
[  130.830242][ T6690] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  130.838229][ T6690] R13: 0000000000000000 R14: 00007f04e2f45fa0 R15: 00007ffefc1c90d8
[  130.846207][ T6690]  </TASK>
[  130.849379][    C1] vkms_vblank_simulate: vblank timer overrun
[  130.989913][   T25] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  131.035023][ T6700] netlink: 64 bytes leftover after parsing attributes in process `syz.2.170'.
[  131.143576][   T25] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  131.199835][   T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  131.241991][ T6705] vivid-000: =================  START STATUS  =================
[  131.250032][ T6705] vivid-000: Enable Output Cropping: true grabbed
[  131.256739][ T6705] vivid-000: Enable Output Composing: true grabbed
[  131.263429][ T6705] vivid-000: Enable Output Scaler: true grabbed
[  131.269755][ T6705] vivid-000: Tx RGB Quantization Range: Automatic grabbed
[  131.276910][ T6705] vivid-000: Transmit Mode: HDMI grabbed
[  131.282703][ T6705] vivid-000: Hotplug Present: 0x00000000
[  131.288359][ T6705] vivid-000: RxSense Present: 0x00000000
[  131.294168][ T6705] vivid-000: EDID Present: 0x00000000
[  131.299618][ T6705] vivid-000: ==================  END STATUS  ==================
[  131.598285][ T6709] fuse: Bad value for 'fd'
[  132.029993][   T25] usb 2-1: New USB device found, idVendor=fff0, idProduct=fff0, bcdDevice=39.78
[  132.046029][   T25] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  132.054409][   T25] usb 2-1: Product: syz
[  132.058620][   T25] usb 2-1: Manufacturer: syz
[  132.063391][   T25] usb 2-1: SerialNumber: syz
[  132.092054][   T25] usb 2-1: config 0 descriptor??
[  132.190157][   T25] usbtest 2-1:0.0: usb test device
[  132.195347][   T25] usbtest 2-1:0.0: high-speed {control in/out iso-in} tests (+alt)
[  133.207337][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  133.784561][  T974] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  133.919993][  T974] usb 1-1: device descriptor read/64, error -71
[  134.170053][  T974] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  134.460258][  T974] usb 1-1: device descriptor read/64, error -71
[  134.467169][ T5923] usb 2-1: USB disconnect, device number 10
[  134.570075][  T974] usb usb1-port1: attempt power cycle
[  135.003112][ T6735] usb usb8: usbfs: process 6735 (syz.3.184) did not claim interface 0 before use
[  135.259863][  T974] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  135.367657][ T6745] bridge0: port 3(erspan0) entered blocking state
[  135.374693][ T6745] bridge0: port 3(erspan0) entered disabled state
[  135.382214][ T6745] erspan0: entered allmulticast mode
[  135.393283][ T6745] erspan0: entered promiscuous mode
[  135.400908][ T6745] bridge0: port 3(erspan0) entered blocking state
[  135.407678][ T6745] bridge0: port 3(erspan0) entered forwarding state
[  135.491707][ T6745] dvmrp0: entered allmulticast mode
[  135.556549][ T6745] pimreg: entered allmulticast mode
[  135.960813][  T974] usb 1-1: device descriptor read/8, error -71
[  136.209798][  T974] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  136.314099][  T974] usb 1-1: device descriptor read/8, error -71
[  136.367195][ T6731] xt_CT: No such helper "snmp"
[  136.462722][  T974] usb usb1-port1: unable to enumerate USB device
[  138.850040][ T5956] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  139.261335][ T5956] usb 3-1: Using ep0 maxpacket: 16
[  139.418809][ T6785] netlink: 'syz.1.192': attribute type 21 has an invalid length.
[  139.426942][ T6785] netlink: 156 bytes leftover after parsing attributes in process `syz.1.192'.
[  139.985115][ T6774] Zero length message leads to an empty skb
[  140.049850][ T6776] tc_dump_action: action bad kind
[  140.063671][ T5956] usb 3-1: New USB device found, idVendor=061d, idProduct=c020, bcdDevice=9c.15
[  140.073026][ T5956] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  140.083462][ T5956] usb 3-1: Product: syz
[  140.088708][ T5956] usb 3-1: Manufacturer: syz
[  140.093650][ T5956] usb 3-1: SerialNumber: syz
[  140.110957][ T5956] usb 3-1: config 0 descriptor??
[  140.122181][ T5956] ssu100 3-1:0.0: Quatech SSU-100 USB to Serial Driver converter detected
[  140.320704][ T6768] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  140.336821][ T6768] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  140.415216][ T6768] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  140.443556][ T5956] ssu100 3-1:0.0: probe with driver ssu100 failed with error -110
[  140.445500][ T6768] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  140.520042][ T6791] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  141.258205][ T6768] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  141.333607][ T6768] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  141.419446][ T5956] usb 3-1: USB disconnect, device number 11
[  142.871181][ T6814] mkiss: ax0: crc mode is auto.
[  143.432271][ T6819] team0: No ports can be present during mode change
[  145.512677][ T6809] loop2: detected capacity change from 0 to 7
[  145.524224][ T6809] Dev loop2: unable to read RDB block 7
[  145.530931][ T6809]  loop2: unable to read partition table
[  145.536650][ T6809] loop2: partition table beyond EOD, truncated
[  145.543133][ T6809] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  146.189192][ T6828] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  146.571385][ T5855] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  146.643096][ T5855] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  146.670235][ T5855] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  146.683484][ T5855] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  146.701503][ T5855] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  146.710366][ T5855] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  147.747680][ T6824] chnl_net:caif_netlink_parms(): no params data found
[  148.916023][ T5855] Bluetooth: hci5: command tx timeout
[  149.030388][ T6824] bridge0: port 1(bridge_slave_0) entered blocking state
[  149.072059][ T6824] bridge0: port 1(bridge_slave_0) entered disabled state
[  149.079351][ T6824] bridge_slave_0: entered allmulticast mode
[  149.165433][ T6824] bridge_slave_0: entered promiscuous mode
[  149.301703][ T6824] bridge0: port 2(bridge_slave_1) entered blocking state
[  149.310188][ T6824] bridge0: port 2(bridge_slave_1) entered disabled state
[  149.981075][ T6874] overlayfs: option "index=on" is useless in a non-upper mount, ignore
[  149.989372][ T6874] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it.
[  149.998564][ T6874] overlayfs: missing 'lowerdir'
[  150.203830][ T6824] bridge_slave_1: entered allmulticast mode
[  150.452729][ T6824] bridge_slave_1: entered promiscuous mode
[  150.987877][ T5855] Bluetooth: hci5: command tx timeout
[  151.320422][ T6824] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  151.341711][ T6824] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  151.525117][ T6824] team0: Port device team_slave_0 added
[  152.559196][ T6891] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  152.586072][ T6824] team0: Port device team_slave_1 added
[  152.808123][ T6900] loop5: detected capacity change from 0 to 7
[  152.816928][ T6900] Buffer I/O error on dev loop5, logical block 0, async page read
[  152.826127][ T6900] Buffer I/O error on dev loop5, logical block 0, async page read
[  152.834684][ T6900] Buffer I/O error on dev loop5, logical block 0, async page read
[  152.843213][ T6900] Buffer I/O error on dev loop5, logical block 0, async page read
[  152.853378][ T6900] Buffer I/O error on dev loop5, logical block 0, async page read
[  152.861842][ T6900] Buffer I/O error on dev loop5, logical block 0, async page read
[  152.870089][ T6900] Buffer I/O error on dev loop5, logical block 0, async page read
[  152.878611][ T6900] ldm_validate_partition_table(): Disk read failed.
[  152.885795][ T6900] Buffer I/O error on dev loop5, logical block 0, async page read
[  152.894336][ T6900] Buffer I/O error on dev loop5, logical block 0, async page read
[  152.904210][ T6900] Buffer I/O error on dev loop5, logical block 0, async page read
[  152.912916][ T6900] Dev loop5: unable to read RDB block 0
[  152.919338][ T6900]  loop5: unable to read partition table
[  152.925614][ T6900] loop5: partition table beyond EOD, truncated
[  152.932280][ T6900] loop_reread_partitions: partition scan of loop5 (þ被xüŸÑø éÚ¬§½dƤ´à–ƒÝ¡¯¨�â·û
[  152.932280][ T6900] 
) failed (rc=-5)
[  153.074969][ T5855] Bluetooth: hci5: command tx timeout
[  153.286792][ T6901] vivid-000: =================  START STATUS  =================
[  153.294648][ T6901] vivid-000: Enable Output Cropping: true grabbed
[  153.302165][ T6901] vivid-000: Enable Output Composing: true grabbed
[  153.308877][ T6901] vivid-000: Enable Output Scaler: true grabbed
[  153.315266][ T6901] vivid-000: Tx RGB Quantization Range: Automatic grabbed
[  153.322486][ T6901] vivid-000: Transmit Mode: HDMI grabbed
[  153.328174][ T6901] vivid-000: Hotplug Present: 0x00000000
[  153.333897][ T6901] vivid-000: RxSense Present: 0x00000000
[  153.340064][ T6901] vivid-000: EDID Present: 0x00000000
[  153.345492][ T6901] vivid-000: ==================  END STATUS  ==================
[  153.984837][ T6824] batman_adv: batadv0: Adding interface: batadv_slave_0
[  154.057309][ T6824] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  154.130689][ T6824] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  154.271357][ T6824] batman_adv: batadv0: Adding interface: batadv_slave_1
[  154.278490][ T6824] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  154.358934][ T6824] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  154.623075][ T6824] hsr_slave_0: entered promiscuous mode
[  154.646411][ T6824] hsr_slave_1: entered promiscuous mode
[  154.734082][ T6824] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  154.816300][ T6824] Cannot create hsr debugfs directory
[  155.209923][ T5852] Bluetooth: hci5: command tx timeout
[  155.440658][ T6920] netlink: 104 bytes leftover after parsing attributes in process `syz.1.225'.
[  157.986905][ T6824] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  158.164815][ T6824] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  158.274746][ T6824] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  158.306160][ T6824] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  158.604269][ T6946] overlayfs: option "index=on" is useless in a non-upper mount, ignore
[  158.612834][ T6946] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it.
[  158.622081][ T6946] overlayfs: missing 'lowerdir'
[  159.028503][ T6824] 8021q: adding VLAN 0 to HW filter on device bond0
[  159.204100][ T6824] 8021q: adding VLAN 0 to HW filter on device team0
[  159.241564][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  159.248764][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  159.290151][ T5956] usb 2-1: new full-speed USB device number 11 using dummy_hcd
[  159.363718][  T174] bridge0: port 2(bridge_slave_1) entered blocking state
[  159.370998][  T174] bridge0: port 2(bridge_slave_1) entered forwarding state
[  159.606751][ T6824] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  160.179451][ T5956] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  160.190482][ T5956] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBE, changing to 0x8E
[  160.829752][ T6961] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  160.903649][ T5956] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 10
[  160.915353][ T5956] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0
[  160.925857][ T5956] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  160.966159][   T46] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  160.994697][ T5956] usb 2-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46
[  161.004268][ T5956] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35
[  161.016741][ T5956] usb 2-1: Product: syz
[  161.021045][ T5956] usb 2-1: Manufacturer: syz
[  161.025651][ T5956] usb 2-1: SerialNumber: syz
[  161.079628][ T5956] usb 2-1: config 0 descriptor??
[  161.109946][ T6824] 8021q: adding VLAN 0 to HW filter on device batadv0
[  161.764542][ T5956] radio-si470x 2-1:0.0: si470x_get_report: usb_control_msg returned -110
[  161.773702][ T5956] radio-si470x 2-1:0.0: probe with driver radio-si470x failed with error -5
[  161.787237][   T46] usb 3-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[  161.797846][   T46] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  161.846378][   T46] usb 3-1: Product: syz
[  161.852317][   T46] usb 3-1: Manufacturer: syz
[  161.857016][   T46] usb 3-1: SerialNumber: syz
[  161.890641][   T46] usb 3-1: config 0 descriptor??
[  162.627077][ T5851] usb 2-1: USB disconnect, device number 11
[  162.752546][   T46] usb 3-1: Firmware version (0.0) predates our first public release.
[  162.763462][   T46] usb 3-1: Please update to version 0.2 or newer
[  163.952028][   T46] usb 3-1: USB disconnect, device number 12
[  164.309295][ T7001] overlayfs: option "index=on" is useless in a non-upper mount, ignore
[  164.317736][ T7001] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it.
[  164.327126][ T7001] overlayfs: missing 'lowerdir'
[  165.429333][ T6824] veth0_vlan: entered promiscuous mode
[  165.515538][ T6824] veth1_vlan: entered promiscuous mode
[  165.702947][ T7015] bridge0: port 3(erspan0) entered blocking state
[  165.709960][ T7015] bridge0: port 3(erspan0) entered disabled state
[  165.717345][ T7015] erspan0: entered allmulticast mode
[  165.727967][ T7015] erspan0: entered promiscuous mode
[  165.735155][ T7015] bridge0: port 3(erspan0) entered blocking state
[  165.741703][ T7015] bridge0: port 3(erspan0) entered forwarding state
[  165.819448][ T7015] dvmrp0: entered allmulticast mode
[  166.085435][ T6824] veth0_macvtap: entered promiscuous mode
[  166.419377][ T6824] veth1_macvtap: entered promiscuous mode
[  166.464836][ T1948] IPVS: starting estimator thread 0...
[  166.472981][ T6824] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  166.506931][ T6824] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  166.537526][ T6824] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  166.545038][ T7022] FAULT_INJECTION: forcing a failure.
[  166.545038][ T7022] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  166.560915][ T6824] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  166.578492][ T7022] CPU: 0 UID: 0 PID: 7022 Comm: syz.1.250 Not tainted 6.12.0-syzkaller-10740-g509f806f7f70 #0
[  166.588791][ T7022] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  166.598873][ T7022] Call Trace:
[  166.602181][ T7022]  <TASK>
[  166.605138][ T7022]  dump_stack_lvl+0x241/0x360
[  166.609847][ T7022]  ? __pfx_dump_stack_lvl+0x10/0x10
[  166.615075][ T7022]  ? __pfx__printk+0x10/0x10
[  166.619708][ T7022]  ? __lock_acquire+0x1397/0x2100
[  166.620000][ T6824] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  166.624743][ T7022]  should_fail_ex+0x3b0/0x4e0
[  166.624782][ T7022]  prepare_alloc_pages+0x1da/0x5b0
[  166.645344][ T7022]  __alloc_pages_noprof+0x16f/0x710
[  166.650947][ T7022]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  166.655132][ T6824] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  166.656952][ T7022]  ? __pfx_lock_acquire+0x10/0x10
[  166.656984][ T7022]  alloc_pages_mpol_noprof+0x3e8/0x680
[  166.677313][ T7022]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  166.683368][ T7022]  vma_alloc_folio_noprof+0x12e/0x230
[  166.688753][ T7022]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  166.694685][ T7022]  folio_prealloc+0x2e/0x170
[  166.699336][ T7022]  handle_pte_fault+0x2518/0x68a0
[  166.704371][ T7022]  ? mark_lock+0x9a/0x360
[  166.708703][ T7022]  ? __lock_acquire+0x1397/0x2100
[  166.713738][ T7022]  ? mark_lock+0x9a/0x360
[  166.718068][ T7022]  ? __pfx_handle_pte_fault+0x10/0x10
[  166.723443][ T7022]  ? __lock_acquire+0x1397/0x2100
[  166.728593][ T7022]  ? __pfx_lock_acquire+0x10/0x10
[  166.733634][ T7022]  ? count_memcg_event_mm+0x3c2/0x420
[  166.739019][ T7022]  ? do_raw_spin_lock+0x14f/0x370
[  166.744053][ T7022]  handle_mm_fault+0x1053/0x1ad0
[  166.749012][ T7022]  ? __pfx_handle_mm_fault+0x10/0x10
[  166.754300][ T7022]  ? follow_page_pte+0x9ad/0x1db0
[  166.759334][ T7022]  ? __pfx_find_vma+0x10/0x10
[  166.764014][ T7022]  ? vma_is_secretmem+0xd/0x50
[  166.768772][ T7022]  ? check_vma_flags+0x52b/0x5a0
[  166.773719][ T7022]  __get_user_pages+0x1c82/0x49e0
[  166.778749][ T7022]  ? mark_lock+0x9a/0x360
[  166.783090][ T7022]  ? __pfx___get_user_pages+0x10/0x10
[  166.788460][ T7022]  ? __pfx_down_read_killable+0x10/0x10
[  166.794007][ T7022]  ? __pfx_lock_acquire+0x10/0x10
[  166.799031][ T7022]  ? try_get_folio+0xf1/0x6f0
[  166.803709][ T7022]  ? __pfx_lock_release+0x10/0x10
[  166.808733][ T7022]  __gup_longterm_locked+0x49a/0x17f0
[  166.814120][ T7022]  ? __pfx___gup_longterm_locked+0x10/0x10
[  166.819927][ T7022]  ? sanity_check_pinned_pages+0x12b2/0x13b0
[  166.825910][ T7022]  gup_fast_fallback+0x276c/0x2b80
[  166.831041][ T7022]  ? __pfx_gup_fast_fallback+0x10/0x10
[  166.836517][ T7022]  ? is_valid_gup_args+0x124/0x200
[  166.841630][ T7022]  pin_user_pages_fast+0xcc/0x160
[  166.846655][ T7022]  ? __pfx_pin_user_pages_fast+0x10/0x10
[  166.852286][ T7022]  ? trace_kmalloc+0x1f/0xd0
[  166.856878][ T7022]  ? __kvmalloc_node_noprof+0x72/0x190
[  166.862369][ T7022]  io_pin_pages+0x8c/0x180
[  166.866805][ T7022]  __io_uaddr_map+0xfb/0x2d0
[  166.871406][ T7022]  ? __pfx___io_uaddr_map+0x10/0x10
[  166.876604][ T7022]  ? rcu_read_lock_any_held+0xb7/0x160
[  166.882061][ T7022]  ? cap_capable+0x1b4/0x250
[  166.886661][ T7022]  io_allocate_scq_urings+0x1c0/0x650
[  166.892044][ T7022]  io_uring_create+0x5b5/0xc00
[  166.896813][ T7022]  __se_sys_io_uring_setup+0x2ba/0x330
[  166.902276][ T7022]  ? __pfx___se_sys_io_uring_setup+0x10/0x10
[  166.908266][ T7022]  ? do_syscall_64+0x100/0x230
[  166.913030][ T7022]  ? do_syscall_64+0xb6/0x230
[  166.917730][ T7022]  do_syscall_64+0xf3/0x230
[  166.922262][ T7022]  ? clear_bhb_loop+0x35/0x90
[  166.926959][ T7022]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.932863][ T7022] RIP: 0033:0x7f90ac380849
[  166.937279][ T7022] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  166.956894][ T7022] RSP: 002b:00007f90ad15cfe8 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[  166.965322][ T7022] RAX: ffffffffffffffda RBX: 00007f90ac545fa0 RCX: 00007f90ac380849
[  166.973297][ T7022] RDX: 00000000200004c0 RSI: 0000000020000400 RDI: 0000000000002c0c
[  166.981311][ T7022] RBP: 0000000020000400 R08: 0000000000000000 R09: 00000000200004c0
[  166.989310][ T7022] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[  166.997293][ T7022] R13: 0000000020000480 R14: 0000000000002c0c R15: 00000000200004c0
[  167.005286][ T7022]  </TASK>
[  167.017852][ T6824] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  167.040022][ T6824] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  167.057461][ T6824] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  167.109142][ T6824] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  167.167356][ T7020] IPVS: using max 24 ests per chain, 57600 per kthread
[  167.191335][ T6824] batman_adv: batadv0: Interface activated: batadv_slave_0
[  167.274688][ T6824] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  167.575735][ T6824] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  168.046824][ T6824] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  168.561439][ T6824] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  168.639808][ T6824] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  168.724449][ T6824] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  169.059751][ T6824] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  169.070858][ T6824] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  169.118885][ T6824] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  169.185963][ T6824] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  169.835945][ T6824] batman_adv: batadv0: Interface activated: batadv_slave_1
[  170.828134][ T6824] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  170.899859][ T6824] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  170.909044][ T6824] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  170.918209][ T6824] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  172.077001][ T7047] netlink: 'syz.1.258': attribute type 21 has an invalid length.
[  172.084934][ T7047] netlink: 156 bytes leftover after parsing attributes in process `syz.1.258'.
[  172.184128][ T6821] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  172.209830][ T6821] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  173.670554][ T7063] netlink: 'syz.2.259': attribute type 21 has an invalid length.
[  173.678477][ T7063] netlink: 156 bytes leftover after parsing attributes in process `syz.2.259'.
[  173.742178][   T68] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  173.752743][   T68] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  174.029861][ T5923] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  174.181777][ T5923] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  174.199454][ T5923] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  174.236996][ T5923] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  174.302702][ T5923] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  174.342108][ T5923] usb 4-1: SerialNumber: syz
[  174.608296][  T974] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x4
[  174.629292][ T7081] binder: 7080:7081 ioctl c0306201 20000480 returned -22
[  174.664357][  T974] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x2
[  174.698263][  T974] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x3
[  174.793621][  T974] hid-generic 0000:3000000:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  177.020360][  T974] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  177.265991][  T974] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  177.276846][  T974] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  177.287997][  T974] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  177.301886][  T974] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  177.315767][  T974] usb 2-1: SerialNumber: syz
[  177.815673][  T974] usb 2-1: 0:2 : does not exist
[  177.822021][  T974] usb 2-1: unit 255 not found!
[  177.838956][  T974] usb 2-1: 5:0: cannot get min/max values for control 15 (id 5)
[  177.858597][  T974] usb 2-1: 5:0: cannot get min/max values for control 16 (id 5)
[  177.988517][  T974] usb 2-1: USB disconnect, device number 12
[  178.228615][ T7110] netlink: 'syz.0.272': attribute type 21 has an invalid length.
[  178.236802][ T7110] netlink: 156 bytes leftover after parsing attributes in process `syz.0.272'.
[  180.326506][ T5923] usb 4-1: invalid UAC_HEADER (v1)
[  180.375795][ T7112] syz.2.273 (7112) used greatest stack depth: 18712 bytes left
[  180.378504][ T5923] snd-usb-audio 4-1:1.0: probe with driver snd-usb-audio failed with error -22
[  180.469118][ T5849] udevd[5849]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  180.638167][ T5923] usb 4-1: USB disconnect, device number 14
[  180.698833][ T7120] xt_CT: No such helper "snmp_trap"
[  180.836569][  T974] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  182.624833][  T974] usb 3-1: Using ep0 maxpacket: 16
[  182.870446][ T7137] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in;
[  182.870446][ T7137]    program syz.0.278 not setting count and/or reply_len properly
[  183.583246][  T974] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  183.594232][  T974] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  183.604322][  T974] usb 3-1: New USB device found, idVendor=1044, idProduct=7a4d, bcdDevice= 0.00
[  183.613581][  T974] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  183.623850][  T974] usb 3-1: config 0 descriptor??
[  184.329264][ T7146] 9pnet_fd: Insufficient options for proto=fd
[  184.426942][ T7126] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(7)
[  184.433747][ T7126] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  184.445153][ T7126] vhci_hcd vhci_hcd.0: Device attached
[  184.462637][ T7126] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  184.619839][ T5956] vhci_hcd: vhci_device speed not set
[  184.823801][ T7126] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  184.830470][ T5956] usb 37-1: new full-speed USB device number 2 using vhci_hcd
[  185.583710][ T7149] vhci_hcd: unknown pdu 1
[  185.611526][   T11] vhci_hcd: stop threads
[  185.615913][   T11] vhci_hcd: release socket
[  185.660560][ T5956] vhci_hcd: vhci_device speed not set
[  185.696072][   T11] vhci_hcd: disconnect device
[  185.856999][  T974] usbhid 3-1:0.0: can't add hid device: -71
[  185.864813][  T974] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  185.891160][  T974] usb 3-1: USB disconnect, device number 13
[  186.835517][ T7174] netlink: 'syz.3.288': attribute type 21 has an invalid length.
[  186.843508][ T7174] netlink: 156 bytes leftover after parsing attributes in process `syz.3.288'.
[  187.033302][ T5847] Bluetooth: hci2: command 0x0406 tx timeout
[  187.039419][ T5847] Bluetooth: hci0: command 0x0406 tx timeout
[  187.045603][ T5847] Bluetooth: hci4: command 0x0406 tx timeout
[  187.052034][ T5847] Bluetooth: hci3: command 0x0406 tx timeout
[  187.058173][ T5847] Bluetooth: hci1: command 0x0406 tx timeout
[  188.161060][ T7197] loop5: detected capacity change from 0 to 7
[  188.169379][ T7197] buffer_io_error: 4 callbacks suppressed
[  188.169420][ T7197] Buffer I/O error on dev loop5, logical block 0, async page read
[  188.185285][ T7197] Buffer I/O error on dev loop5, logical block 0, async page read
[  188.193833][ T7197] Buffer I/O error on dev loop5, logical block 0, async page read
[  188.203016][ T7197] Buffer I/O error on dev loop5, logical block 0, async page read
[  188.211576][ T7197] Buffer I/O error on dev loop5, logical block 0, async page read
[  188.224364][ T7197] Buffer I/O error on dev loop5, logical block 0, async page read
[  188.238195][ T7197] Buffer I/O error on dev loop5, logical block 0, async page read
[  188.248906][ T7197] ldm_validate_partition_table(): Disk read failed.
[  188.260395][ T7197] Buffer I/O error on dev loop5, logical block 0, async page read
[  188.271678][ T7197] Buffer I/O error on dev loop5, logical block 0, async page read
[  188.398158][ T7199] netlink: 16 bytes leftover after parsing attributes in process `syz.5.293'.
[  188.427061][ T7197] Buffer I/O error on dev loop5, logical block 0, async page read
[  188.437378][ T7197] Dev loop5: unable to read RDB block 0
[  188.448024][ T7197]  loop5: unable to read partition table
[  188.457040][ T7197] loop5: partition table beyond EOD, truncated
[  188.464945][ T7197] loop_reread_partitions: partition scan of loop5 (þ被xüŸÑø éÚ¬§½dƤ´à–ƒÝ¡¯¨�â·û
[  188.464945][ T7197] 
) failed (rc=-5)
[  189.418792][ T7209] netlink: 44 bytes leftover after parsing attributes in process `syz.5.297'.
[  189.708091][ T7209] netlink: 8 bytes leftover after parsing attributes in process `syz.5.297'.
[  190.570636][  T974] usb 3-1: new full-speed USB device number 14 using dummy_hcd
[  190.810768][  T974] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  190.844720][  T974] usb 3-1: New USB device found, idVendor=d6ff, idProduct=00cf, bcdDevice=d8.b0
[  190.861269][  T974] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  190.900607][  T974] usb 3-1: config 0 descriptor??
[  190.920981][  T974] usb 3-1: bad CDC descriptors
[  191.105489][ T7228] Invalid source name
[  191.109905][ T7228] UBIFS error (pid: 7228): cannot open "./file0", error -22
[  191.712942][ T1948] usb 3-1: USB disconnect, device number 14
[  191.765945][ T7242] sp0: Synchronizing with TNC
[  194.076833][ T5956] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  195.352382][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  196.298804][ T7281] netlink: 'syz.1.322': attribute type 1 has an invalid length.
[  196.306659][ T7281] netlink: 4 bytes leftover after parsing attributes in process `syz.1.322'.
[  196.593071][ T5956] usb 2-1: device not accepting address 13, error -71
[  197.680746][ T1948] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  198.951563][ T1948] usb 6-1: Using ep0 maxpacket: 8
[  199.679427][ T1948] usb 6-1: device descriptor read/all, error -71
[  201.268015][ T7330] netlink: 108 bytes leftover after parsing attributes in process `syz.3.334'.
[  201.300346][ T1948] usb 6-1: new full-speed USB device number 3 using dummy_hcd
[  201.329099][   T29] audit: type=1326 audit(1732946907.439:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7329 comm="syz.3.334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f04e2d80849 code=0x7ffc0000
[  201.368427][   T29] audit: type=1326 audit(1732946907.439:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7329 comm="syz.3.334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f04e2d80849 code=0x7ffc0000
[  201.390074][   T29] audit: type=1326 audit(1732946907.439:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7329 comm="syz.3.334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=100 compat=0 ip=0x7f04e2d80849 code=0x7ffc0000
[  201.413869][   T29] audit: type=1326 audit(1732946907.439:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7329 comm="syz.3.334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f04e2d80849 code=0x7ffc0000
[  201.476026][ T7334] overlayfs: option "index=on" is useless in a non-upper mount, ignore
[  201.505867][ T7334] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it.
[  201.515143][ T7334] overlayfs: missing 'lowerdir'
[  202.048147][   T29] audit: type=1326 audit(1732946907.439:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7329 comm="syz.3.334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f04e2d80849 code=0x7ffc0000
[  202.270514][ T1948] usb 6-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 51724, setting to 64
[  202.317328][   T29] audit: type=1326 audit(1732946907.439:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7329 comm="syz.3.334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=100 compat=0 ip=0x7f04e2d80849 code=0x7ffc0000
[  202.483786][   T29] audit: type=1326 audit(1732946907.439:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7329 comm="syz.3.334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f04e2d80849 code=0x7ffc0000
[  202.699790][   T29] audit: type=1326 audit(1732946907.439:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7329 comm="syz.3.334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f04e2d80849 code=0x7ffc0000
[  202.762420][   T29] audit: type=1326 audit(1732946907.439:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7329 comm="syz.3.334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f04e2d80849 code=0x7ffc0000
[  202.783944][   T29] audit: type=1326 audit(1732946907.439:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7329 comm="syz.3.334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f04e2d80849 code=0x7ffc0000
[  203.125536][ T1948] usb 6-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  204.085256][ T1948] usb 6-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[  204.100400][ T1948] usb 6-1: Product: syz
[  204.104614][ T1948] usb 6-1: Manufacturer: syz
[  204.336856][ T1948] usb 6-1: can't set config #4, error -71
[  204.346426][ T1948] usb 6-1: USB disconnect, device number 3
[  207.542876][ T5895] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  207.900406][ T5895] usb 4-1: too many configurations: 94, using maximum allowed: 8
[  207.957017][ T5895] usb 4-1: unable to read config index 0 descriptor/start: -61
[  208.014187][ T5895] usb 4-1: can't read configurations, error -61
[  208.319890][ T5895] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  208.467361][ T7402] netlink: 8 bytes leftover after parsing attributes in process `syz.1.352'.
[  208.491696][ T5895] usb 4-1: too many configurations: 94, using maximum allowed: 8
[  208.597168][ T5895] usb 4-1: unable to read config index 0 descriptor/start: -61
[  208.598064][ T5851] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  208.649722][ T5895] usb 4-1: can't read configurations, error -61
[  208.869519][ T5895] usb usb4-port1: attempt power cycle
[  208.880329][ T5851] usb 3-1: Using ep0 maxpacket: 32
[  208.905174][ T5851] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  209.011012][ T5851] usb 3-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  209.029244][ T5851] usb 3-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  209.037571][ T5851] usb 3-1: Product: syz
[  209.042579][ T5851] usb 3-1: Manufacturer: syz
[  209.047205][ T5851] usb 3-1: SerialNumber: syz
[  209.058794][ T5851] usb 3-1: config 0 descriptor??
[  209.074636][ T7398] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  209.523158][ T7398] warning: `syz.2.351' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  209.549507][ T7394] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  209.559027][ T7394] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  209.570842][ T1948] usb 3-1: USB disconnect, device number 15
[  211.349325][ T7428] netlink: 'syz.1.358': attribute type 21 has an invalid length.
[  211.357469][ T7428] netlink: 156 bytes leftover after parsing attributes in process `syz.1.358'.
[  212.339869][ T5851] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  212.489985][ T5851] usb 1-1: Using ep0 maxpacket: 32
[  212.505044][ T5851] usb 1-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f
[  212.526364][ T5851] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  212.548723][ T5851] usb 1-1: Product: syz
[  212.558274][ T5851] usb 1-1: Manufacturer: syz
[  212.565846][ T5851] usb 1-1: SerialNumber: syz
[  212.583727][ T5851] gspca_main: stk1135-2.14.0 probing 174f:6a31
[  212.599848][ T5895] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  212.697022][ T7444] bridge0: port 3(erspan0) entered blocking state
[  212.703866][ T7444] bridge0: port 3(erspan0) entered disabled state
[  212.711407][ T7444] erspan0: entered allmulticast mode
[  212.721867][ T7444] erspan0: entered promiscuous mode
[  212.729282][ T7444] bridge0: port 3(erspan0) entered blocking state
[  212.735833][ T7444] bridge0: port 3(erspan0) entered forwarding state
[  212.802593][ T7444] dvmrp0: entered allmulticast mode
[  212.858767][ T7444] pimreg: entered allmulticast mode
[  213.070626][ T5895] usb 3-1: Using ep0 maxpacket: 8
[  213.168472][ T5895] usb 3-1: unable to read config index 0 descriptor/start: -61
[  213.503211][ T5851] gspca_stk1135: reg_w 0x2 err -110
[  213.509624][ T5851] gspca_stk1135: serial bus timeout: status=0x00
[  213.516274][ T5851] gspca_stk1135: Sensor write failed
[  213.589333][ T5895] usb 3-1: can't read configurations, error -61
[  213.612674][ T5851] gspca_stk1135: serial bus timeout: status=0x00
[  213.626587][ T5851] gspca_stk1135: Sensor write failed
[  213.640990][ T5851] gspca_stk1135: serial bus timeout: status=0x00
[  213.656356][ T5851] gspca_stk1135: Sensor read failed
[  213.668172][ T5851] gspca_stk1135: serial bus timeout: status=0x00
[  213.682259][ T5851] gspca_stk1135: Sensor read failed
[  213.696488][ T5851] gspca_stk1135: Detected sensor type unknown (0x0)
[  213.711161][ T5851] gspca_stk1135: serial bus timeout: status=0x00
[  213.725161][ T5851] gspca_stk1135: Sensor read failed
[  213.734856][ T5851] gspca_stk1135: serial bus timeout: status=0x00
[  213.741932][ T5851] gspca_stk1135: Sensor read failed
[  213.747589][ T5851] gspca_stk1135: serial bus timeout: status=0x00
[  213.749867][ T5895] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  213.756203][ T5851] gspca_stk1135: Sensor write failed
[  213.768556][ T5851] gspca_stk1135: serial bus timeout: status=0x00
[  213.775845][ T5851] gspca_stk1135: Sensor write failed
[  213.781949][ T5851] stk1135 1-1:64.0: probe with driver stk1135 failed with error -110
[  214.085755][ T7458] binder: 7452:7458 ioctl c0306201 0 returned -14
[  214.095862][ T7458] binder: 7452:7458 ioctl 4020ae46 7f04e3b71c00 returned -22
[  214.103548][ T7458] binder: 7452:7458 ioctl 4020ae46 7f04e3b71c00 returned -22
[  214.111121][ T7458] binder: 7452:7458 ioctl 4020ae46 7f04e3b71c00 returned -22
[  214.118610][ T7458] binder: 7452:7458 ioctl 4020ae46 7f04e3b71c00 returned -22
[  214.126239][ T7458] binder: 7452:7458 ioctl 4020ae46 7f04e3b71c00 returned -22
[  214.133867][ T7458] binder: 7452:7458 ioctl 4020ae46 7f04e3b71c00 returned -22
[  214.141461][ T7458] binder: 7452:7458 ioctl 4020ae46 7f04e3b71c00 returned -22
[  214.149096][ T7458] binder: 7452:7458 ioctl 4020ae46 7f04e3b71c00 returned -22
[  214.157173][ T7458] binder: 7452:7458 ioctl 4020ae46 7f04e3b71c00 returned -22
[  214.166623][ T7458] binder: 7452:7458 ioctl 4020ae46 7f04e3b71c00 returned -22
[  214.174440][ T7458] binder: 7452:7458 ioctl 4020ae46 7f04e3b71c00 returned -22
[  214.192529][ T7458] binder: 7452:7458 ioctl 4020ae46 7f04e3b71c00 returned -22
[  214.200284][ T7458] binder: 7452:7458 ioctl 4020ae46 7f04e3b71c00 returned -22
[  214.207854][ T7458] binder: 7452:7458 ioctl 4020ae46 7f04e3b71c00 returned -22
[  214.215516][ T7458] binder: 7452:7458 ioctl 4020ae46 7f04e3b71c00 returned -22
[  214.223215][ T7458] binder: 7452:7458 ioctl 4020ae46 7f04e3b71c00 returned -22
[  214.230911][ T7458] binder: 7452:7458 ioctl 4020ae46 7f04e3b71c00 returned -22
[  214.238467][ T7458] binder: 7452:7458 ioctl 4020ae46 7f04e3b71c00 returned -22
[  214.246119][ T7458] binder: 7452:7458 ioctl 4020ae46 7f04e3b71c00 returned -22
[  214.253779][ T7458] binder: 7452:7458 ioctl 4020ae46 7f04e3b71c00 returned -22
[  214.261389][ T7458] binder: 7452:7458 ioctl 4020ae46 7f04e3b71c00 returned -22
[  214.270803][ T7458] binder: 7452:7458 ioctl 4020ae46 7f04e3b71c00 returned -22
[  214.278460][ T7458] binder: 7452:7458 ioctl 4020ae46 7f04e3b71c00 returned -22
[  214.286191][ T7458] binder: 7452:7458 ioctl 4020ae46 7f04e3b71c00 returned -22
[  214.294780][ T7458] binder: 7452:7458 ioctl 4020ae46 7f04e3b71900 returned -22
[  214.302521][ T7458] binder: 7452:7458 ioctl 8138ae83 7f04e3b71ac0 returned -22
[  214.351109][ T5895] usb 3-1: Using ep0 maxpacket: 8
[  214.483321][ T5895] usb 3-1: unable to read config index 0 descriptor/start: -61
[  214.665129][ T5895] usb 3-1: can't read configurations, error -61
[  214.711035][ T5895] usb usb3-port1: attempt power cycle
[  215.069995][ T5895] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  215.115399][ T7468] netlink: 64 bytes leftover after parsing attributes in process `syz.1.370'.
[  215.128751][ T5895] usb 3-1: Using ep0 maxpacket: 8
[  215.165164][ T5895] usb 3-1: unable to read config index 0 descriptor/start: -61
[  215.185729][ T5895] usb 3-1: can't read configurations, error -61
[  215.454465][ T7475] FAULT_INJECTION: forcing a failure.
[  215.454465][ T7475] name failslab, interval 1, probability 0, space 0, times 0
[  215.518681][ T7475] CPU: 0 UID: 0 PID: 7475 Comm: syz.2.373 Not tainted 6.12.0-syzkaller-10740-g509f806f7f70 #0
[  215.528974][ T7475] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  215.539028][ T7475] Call Trace:
[  215.542303][ T7475]  <TASK>
[  215.545227][ T7475]  dump_stack_lvl+0x241/0x360
[  215.549913][ T7475]  ? __pfx_dump_stack_lvl+0x10/0x10
[  215.555106][ T7475]  ? __pfx__printk+0x10/0x10
[  215.559716][ T7475]  ? trace_kmem_cache_alloc+0x1f/0xc0
[  215.565107][ T7475]  ? __build_skb_around+0x245/0x3d0
[  215.570314][ T7475]  should_fail_ex+0x3b0/0x4e0
[  215.574996][ T7475]  should_failslab+0xac/0x100
[  215.579681][ T7475]  ? _sctp_make_chunk+0x161/0x460
[  215.584707][ T7475]  kmem_cache_alloc_noprof+0x70/0x380
[  215.590078][ T7475]  _sctp_make_chunk+0x161/0x460
[  215.594956][ T7475]  sctp_make_init+0x603/0x2840
[  215.599727][ T7475]  ? set_normalized_timespec64+0x1f/0x1e0
[  215.605442][ T7475]  ? kernel_text_address+0xa7/0xe0
[  215.610556][ T7475]  ? __pfx_sctp_make_init+0x10/0x10
[  215.615748][ T7475]  ? stack_trace_save+0x118/0x1d0
[  215.620773][ T7475]  sctp_sf_do_prm_asoc+0xd2/0x3f0
[  215.625792][ T7475]  ? __pfx_sctp_pname+0x10/0x10
[  215.630636][ T7475]  sctp_do_sm+0x1f1/0x60c0
[  215.635086][ T7475]  ? stack_depot_save_flags+0x29/0x830
[  215.640561][ T7475]  ? kasan_save_track+0x51/0x80
[  215.645424][ T7475]  ? __kasan_kmalloc+0x98/0xb0
[  215.650214][ T7475]  ? sctp_stream_init_ext+0x56/0x180
[  215.655514][ T7475]  ? sctp_sendmsg_to_asoc+0x12fd/0x1800
[  215.661078][ T7475]  ? __sock_sendmsg+0x1a6/0x270
[  215.665932][ T7475]  ? __sys_sendto+0x363/0x4c0
[  215.670614][ T7475]  ? __x64_sys_sendto+0xde/0x100
[  215.675562][ T7475]  ? do_syscall_64+0xf3/0x230
[  215.680239][ T7475]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  215.686315][ T7475]  ? __pfx_sctp_do_sm+0x10/0x10
[  215.691218][ T7475]  ? __sk_mem_raise_allocated+0xa5f/0x1140
[  215.697045][ T7475]  sctp_primitive_ASSOCIATE+0x95/0xc0
[  215.702432][ T7475]  sctp_sendmsg_to_asoc+0xfa5/0x1800
[  215.707720][ T7475]  ? __asan_memcpy+0x40/0x70
[  215.712311][ T7475]  ? sctp_assoc_add_peer+0xe3c/0x15c0
[  215.717679][ T7475]  ? __pfx_sctp_sendmsg_to_asoc+0x10/0x10
[  215.723389][ T7475]  ? sctp_connect_new_asoc+0x3fe/0x6c0
[  215.728839][ T7475]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  215.734648][ T7475]  ? sctp_sendmsg+0xbb9/0x3520
[  215.739404][ T7475]  ? sctp_endpoint_lookup_assoc+0x7c/0x250
[  215.745243][ T7475]  ? sctp_endpoint_lookup_assoc+0x217/0x250
[  215.751127][ T7475]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  215.756671][ T7475]  sctp_sendmsg+0x1bc3/0x3520
[  215.761351][ T7475]  ? __pfx_sctp_sendmsg+0x10/0x10
[  215.766388][ T7475]  ? __pfx_tomoyo_socket_sendmsg_permission+0x10/0x10
[  215.773150][ T7475]  ? inet_sendmsg+0x330/0x390
[  215.777817][ T7475]  __sock_sendmsg+0x1a6/0x270
[  215.782496][ T7475]  __sys_sendto+0x363/0x4c0
[  215.787006][ T7475]  ? __pfx___sys_sendto+0x10/0x10
[  215.792019][ T7475]  ? __mutex_unlock_slowpath+0x21e/0x790
[  215.797657][ T7475]  ? __fget_files+0x2a/0x410
[  215.802276][ T7475]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  215.808263][ T7475]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  215.814618][ T7475]  __x64_sys_sendto+0xde/0x100
[  215.819384][ T7475]  do_syscall_64+0xf3/0x230
[  215.823903][ T7475]  ? clear_bhb_loop+0x35/0x90
[  215.828585][ T7475]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  215.834476][ T7475] RIP: 0033:0x7f8ba4580849
[  215.838899][ T7475] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  215.858512][ T7475] RSP: 002b:00007f8ba534a058 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  215.866932][ T7475] RAX: ffffffffffffffda RBX: 00007f8ba4745fa0 RCX: 00007f8ba4580849
[  215.875077][ T7475] RDX: 0000000000000001 RSI: 0000000020000080 RDI: 0000000000000003
[  215.883039][ T7475] RBP: 00007f8ba534a0a0 R08: 0000000020000100 R09: 0000000000000010
[  215.891004][ T7475] R10: 0000000020000050 R11: 0000000000000246 R12: 0000000000000002
[  215.898967][ T7475] R13: 0000000000000000 R14: 00007f8ba4745fa0 R15: 00007ffe108e2d28
[  215.906948][ T7475]  </TASK>
[  216.120970][ T7445] usb 1-1: USB disconnect, device number 15
[  216.843542][ T7491] pimreg: entered allmulticast mode
[  217.469885][ T5851] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  217.620870][ T7497] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  217.630743][ T5851] usb 1-1: Using ep0 maxpacket: 8
[  217.643437][ T5851] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  217.666975][ T5851] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  217.729172][ T5851] usb 1-1: New USB device found, idVendor=06a3, idProduct=0ccd, bcdDevice= 0.00
[  217.731719][ T7504] loop5: detected capacity change from 0 to 7
[  217.746862][ T7504] buffer_io_error: 4 callbacks suppressed
[  217.746900][ T7504] Buffer I/O error on dev loop5, logical block 0, async page read
[  217.761225][ T7504] Buffer I/O error on dev loop5, logical block 0, async page read
[  217.769779][ T7504] Buffer I/O error on dev loop5, logical block 0, async page read
[  217.778263][ T7504] Buffer I/O error on dev loop5, logical block 0, async page read
[  217.786793][ T7504] Buffer I/O error on dev loop5, logical block 0, async page read
[  217.796168][ T7504] Buffer I/O error on dev loop5, logical block 0, async page read
[  217.804883][ T7504] Buffer I/O error on dev loop5, logical block 0, async page read
[  217.813145][ T7504] ldm_validate_partition_table(): Disk read failed.
[  217.820396][ T7504] Buffer I/O error on dev loop5, logical block 0, async page read
[  217.829032][ T7504] Buffer I/O error on dev loop5, logical block 0, async page read
[  217.837514][ T5851] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  217.837798][ T7504] Buffer I/O error on dev loop5, logical block 0, async page read
[  217.849983][ T5851] usb 1-1: config 0 descriptor??
[  217.854666][ T7504] Dev loop5: unable to read RDB block 0
[  217.865599][ T7504]  loop5: unable to read partition table
[  217.871833][ T7504] loop5: partition table beyond EOD, truncated
[  217.878482][ T7504] loop_reread_partitions: partition scan of loop5 (þ被xüŸÑø éÚ¬§½dƤ´à–ƒÝ¡¯¨�â·û
[  217.878482][ T7504] 
) failed (rc=-5)
[  218.718589][ T7506] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  218.777197][ T7488] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  218.794231][ T7488] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  218.912257][ T7510] netlink: 16 bytes leftover after parsing attributes in process `syz.5.382'.
[  219.431041][ T7497] capability: warning: `syz.3.379' uses deprecated v2 capabilities in a way that may be insecure
[  219.819997][ T5925] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  219.920844][ T7519] netlink: 'syz.5.384': attribute type 21 has an invalid length.
[  219.921246][ T7519] netlink: 156 bytes leftover after parsing attributes in process `syz.5.384'.
[  219.980707][ T5925] usb 3-1: Using ep0 maxpacket: 8
[  219.998975][ T5925] usb 3-1: unable to read config index 0 descriptor/start: -61
[  219.999273][ T5925] usb 3-1: can't read configurations, error -61
[  220.135174][ T5925] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  220.300320][ T5925] usb 3-1: Using ep0 maxpacket: 8
[  220.326479][ T5925] usb 3-1: unable to read config index 0 descriptor/start: -61
[  220.326706][ T5925] usb 3-1: can't read configurations, error -61
[  220.328954][ T5925] usb usb3-port1: attempt power cycle
[  220.747528][ T5851] usbhid 1-1:0.0: can't add hid device: -71
[  220.763194][ T5851] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  220.780026][ T5925] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  220.795454][ T7523] FAULT_INJECTION: forcing a failure.
[  220.795454][ T7523] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  220.801056][ T5925] usb 3-1: Using ep0 maxpacket: 8
[  220.808696][ T7523] CPU: 1 UID: 0 PID: 7523 Comm: syz.0.386 Not tainted 6.12.0-syzkaller-10740-g509f806f7f70 #0
[  220.823967][ T7523] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  220.834031][ T7523] Call Trace:
[  220.837317][ T7523]  <TASK>
[  220.840247][ T7523]  dump_stack_lvl+0x241/0x360
[  220.844925][ T7523]  ? __pfx_dump_stack_lvl+0x10/0x10
[  220.850122][ T7523]  ? __pfx__printk+0x10/0x10
[  220.854716][ T7523]  ? __pfx_lock_release+0x10/0x10
[  220.859750][ T7523]  should_fail_ex+0x3b0/0x4e0
[  220.864433][ T7523]  _copy_from_user+0x2f/0xc0
[  220.869021][ T7523]  copy_msghdr_from_user+0xae/0x680
[  220.874219][ T7523]  ? __pfx___might_resched+0x10/0x10
[  220.879510][ T7523]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  220.885315][ T7523]  ? __fget_files+0x2a/0x410
[  220.889910][ T7523]  ? __sys_sendmmsg+0x392/0x720
[  220.894762][ T7523]  ? __might_fault+0xaa/0x120
[  220.899439][ T7523]  __sys_sendmmsg+0x32b/0x720
[  220.904119][ T7523]  ? __pfx___sys_sendmmsg+0x10/0x10
[  220.909329][ T7523]  ? __pfx_lock_release+0x10/0x10
[  220.914346][ T7523]  ? kstrtouint_from_user+0x128/0x190
[  220.919760][ T7523]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  220.925752][ T7523]  ? ksys_write+0x22a/0x2b0
[  220.930281][ T7523]  ? __pfx_lock_release+0x10/0x10
[  220.935324][ T7523]  ? vfs_write+0x730/0xd30
[  220.939763][ T7523]  ? __mutex_unlock_slowpath+0x21e/0x790
[  220.945410][ T7523]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  220.951388][ T7523]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  220.957713][ T7523]  ? do_syscall_64+0x100/0x230
[  220.962561][ T7523]  __x64_sys_sendmmsg+0xa0/0xb0
[  220.967422][ T7523]  do_syscall_64+0xf3/0x230
[  220.971921][ T7523]  ? clear_bhb_loop+0x35/0x90
[  220.976599][ T7523]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  220.982498][ T7523] RIP: 0033:0x7fe851f80849
[  220.986916][ T7523] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  221.006793][ T7523] RSP: 002b:00007fe852d1b058 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  221.015214][ T7523] RAX: ffffffffffffffda RBX: 00007fe852145fa0 RCX: 00007fe851f80849
[  221.023280][ T7523] RDX: 040000000000009f RSI: 00000000200002c0 RDI: 0000000000000005
[  221.031520][ T7523] RBP: 00007fe852d1b0a0 R08: 0000000000000000 R09: 0000000000000000
[  221.039488][ T7523] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  221.047455][ T7523] R13: 0000000000000000 R14: 00007fe852145fa0 R15: 00007fff131f46f8
[  221.055433][ T7523]  </TASK>
[  221.058544][    C1] vkms_vblank_simulate: vblank timer overrun
[  221.094645][ T5851] usb 1-1: USB disconnect, device number 16
[  221.667983][ T5925] usb 3-1: unable to read config index 0 descriptor/start: -61
[  221.675773][ T5925] usb 3-1: can't read configurations, error -61
[  221.899817][ T5925] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  222.640068][ T5925] usb 3-1: device descriptor read/8, error -71
[  222.764015][ T5925] usb usb3-port1: unable to enumerate USB device
[  222.971761][ T7539] overlayfs: overlapping lowerdir path
[  223.390516][ T7542] sch_tbf: burst 274 is lower than device lo mtu (65550) !
[  223.489916][ T5895] usb 2-1: new low-speed USB device number 15 using dummy_hcd
[  223.560224][ T7549] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  223.671459][ T5895] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  223.681767][ T5895] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2
[  223.698644][ T5895] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  223.724484][ T5895] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  223.777531][ T5895] usb 2-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  223.809964][ T5895] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  223.907344][ T5895] hub 2-1:1.0: bad descriptor, ignoring hub
[  223.914242][ T5895] hub 2-1:1.0: probe with driver hub failed with error -5
[  223.930469][ T5895] cdc_wdm 2-1:1.0: skipping garbage
[  223.950339][ T5895] cdc_wdm 2-1:1.0: skipping garbage
[  223.985513][ T5895] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device
[  224.021557][ T5895] cdc_wdm 2-1:1.0: Unknown control protocol
[  224.420591][ T5895] usb 2-1: USB disconnect, device number 15
[  225.869830][ T7525] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  226.030601][ T7525] usb 4-1: Using ep0 maxpacket: 8
[  226.053660][ T7525] usb 4-1: unable to read config index 0 descriptor/start: -61
[  226.062356][ T7525] usb 4-1: can't read configurations, error -61
[  226.957502][ T7575] 9pnet_fd: Insufficient options for proto=fd
[  226.964497][ T7525] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  227.120655][ T7525] usb 4-1: Using ep0 maxpacket: 8
[  227.270045][ T7445] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  227.500430][ T7445] usb 6-1: Using ep0 maxpacket: 32
[  227.726837][ T7445] usb 6-1: config 0 has an invalid interface number: 244 but max is 0
[  227.948396][ T7525] usb 4-1: unable to read config index 0 descriptor/start: -71
[  228.022243][ T7445] usb 6-1: config 0 has no interface number 0
[  228.028708][ T7445] usb 6-1: config 0 interface 244 altsetting 2 endpoint 0x2 has invalid maxpacket 512, setting to 64
[  228.041472][ T7445] usb 6-1: config 0 interface 244 has no altsetting 0
[  228.050059][ T7525] usb 4-1: can't read configurations, error -71
[  228.056773][ T7525] usb usb4-port1: attempt power cycle
[  229.039889][ T7445] usb 6-1: New USB device found, idVendor=0e41, idProduct=4750, bcdDevice=26.9c
[  229.049003][ T7445] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  229.057382][ T7445] usb 6-1: Product: syz
[  229.061625][ T7445] usb 6-1: Manufacturer: syz
[  229.112620][ T7445] usb 6-1: SerialNumber: syz
[  229.167686][ T7607] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  229.231171][ T7445] usb 6-1: config 0 descriptor??
[  229.934269][ T7612] bridge0: port 3(erspan0) entered blocking state
[  229.941115][ T7612] bridge0: port 3(erspan0) entered disabled state
[  229.948330][ T7612] erspan0: entered allmulticast mode
[  229.954968][ T7612] erspan0: entered promiscuous mode
[  229.960902][ T7612] bridge0: port 3(erspan0) entered blocking state
[  229.967431][ T7612] bridge0: port 3(erspan0) entered forwarding state
[  229.987678][ T7612] dvmrp0: entered allmulticast mode
[  230.003816][ T7612] pimreg: entered allmulticast mode
[  230.029876][ T5925] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  230.181641][ T5925] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  230.191607][ T5925] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  230.210113][ T5925] usb 4-1: config 0 descriptor??
[  230.217091][ T5925] cp210x 4-1:0.0: cp210x converter detected
[  230.369885][ T7445] usb 6-1: can't set config #0, error -71
[  230.386117][ T7445] usb 6-1: USB disconnect, device number 4
[  230.399813][ T7525] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[  230.449823][ T5925] usb 4-1: cp210x converter now attached to ttyUSB0
[  230.549761][ T7525] usb 3-1: Using ep0 maxpacket: 32
[  230.556831][ T7622] binder: BINDER_SET_CONTEXT_MGR already set
[  230.569418][ T7622] binder: 7621:7622 ioctl 4018620d 20000040 returned -16
[  230.570692][ T7525] usb 3-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed
[  230.593282][ T7622] binder: 7621:7622 ioctl c0045006 20000180 returned -22
[  230.600822][ T7525] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  230.617796][ T7525] usb 3-1: Product: syz
[  230.629573][ T7622] serio: Serial port pts0
[  230.634415][ T7525] usb 3-1: Manufacturer: syz
[  230.642158][ T7525] usb 3-1: SerialNumber: syz
[  230.652832][ T7525] usb 3-1: config 0 descriptor??
[  230.849854][ T7445] usb 4-1: USB disconnect, device number 21
[  230.861166][ T7445] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  230.869339][ T7445] cp210x 4-1:0.0: device disconnected
[  231.199900][ T5895] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  231.385963][ T5895] usb 6-1: Using ep0 maxpacket: 8
[  231.405586][ T5895] usb 6-1: unable to read config index 0 descriptor/start: -61
[  231.425783][ T5895] usb 6-1: can't read configurations, error -61
[  231.697008][ T7632] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  231.707962][ T5895] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  231.730177][ T7632] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  231.730299][ T7525] (unnamed net_device) (uninitialized): Assigned a random MAC address: c2:88:c0:9f:58:e3
[  231.761680][ T7525] rtl8150 3-1:0.0: eth1: rtl8150 is detected
[  231.789374][ T7615] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  231.818836][ T7615] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  231.904338][ T7445] usb 3-1: USB disconnect, device number 24
[  231.931237][ T5895] usb 6-1: Using ep0 maxpacket: 8
[  231.960235][ T5895] usb 6-1: unable to read config index 0 descriptor/start: -61
[  231.969177][ T5895] usb 6-1: can't read configurations, error -61
[  231.998864][ T5895] usb usb6-port1: attempt power cycle
[  232.879760][ T5895] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  233.040476][ T5895] usb 6-1: Using ep0 maxpacket: 8
[  233.071319][ T5895] usb 6-1: unable to read config index 0 descriptor/start: -61
[  233.103288][ T5895] usb 6-1: can't read configurations, error -61
[  233.230860][ T7661] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  234.782038][ T5895] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  235.066337][ T5895] usb 6-1: device not accepting address 8, error -71
[  235.083748][ T5895] usb usb6-port1: unable to enumerate USB device
[  235.190182][ T7674] netlink: 'syz.2.424': attribute type 21 has an invalid length.
[  235.198125][ T7674] netlink: 156 bytes leftover after parsing attributes in process `syz.2.424'.
[  235.219028][ T7678] netlink: 'syz.3.423': attribute type 21 has an invalid length.
[  235.227074][ T7678] netlink: 156 bytes leftover after parsing attributes in process `syz.3.423'.
[  235.598018][ T7675] FAULT_INJECTION: forcing a failure.
[  235.598018][ T7675] name failslab, interval 1, probability 0, space 0, times 0
[  235.736620][ T7675] CPU: 1 UID: 0 PID: 7675 Comm: syz.0.426 Not tainted 6.12.0-syzkaller-10740-g509f806f7f70 #0
[  235.746922][ T7675] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  235.756990][ T7675] Call Trace:
[  235.760300][ T7675]  <TASK>
[  235.763254][ T7675]  dump_stack_lvl+0x241/0x360
[  235.767967][ T7675]  ? __pfx_dump_stack_lvl+0x10/0x10
[  235.773191][ T7675]  ? __pfx__printk+0x10/0x10
[  235.777806][ T7675]  ? fs_reclaim_acquire+0x93/0x130
[  235.782940][ T7675]  ? __pfx___might_resched+0x10/0x10
[  235.788265][ T7675]  should_fail_ex+0x3b0/0x4e0
[  235.792974][ T7675]  should_failslab+0xac/0x100
[  235.797679][ T7675]  __kmalloc_noprof+0xdd/0x4c0
[  235.802478][ T7675]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[  235.808244][ T7675]  tomoyo_realpath_from_path+0xcf/0x5e0
[  235.813842][ T7675]  tomoyo_path_number_perm+0x236/0x860
[  235.819342][ T7675]  ? __lock_acquire+0x1397/0x2100
[  235.824395][ T7675]  ? tomoyo_path_number_perm+0x206/0x860
[  235.830064][ T7675]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  235.836068][ T7675]  ? __pfx___schedule+0x10/0x10
[  235.840927][ T7675]  ? __fget_files+0x2a/0x410
[  235.845518][ T7675]  ? __fget_files+0x2a/0x410
[  235.850115][ T7675]  security_file_ioctl+0xc6/0x2a0
[  235.855139][ T7675]  __se_sys_ioctl+0x46/0x170
[  235.859731][ T7675]  do_syscall_64+0xf3/0x230
[  235.864234][ T7675]  ? clear_bhb_loop+0x35/0x90
[  235.868919][ T7675]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  235.874826][ T7675] RIP: 0033:0x7fe851f80849
[  235.879241][ T7675] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  235.898846][ T7675] RSP: 002b:00007fe852d1b058 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  235.907285][ T7675] RAX: ffffffffffffffda RBX: 00007fe852145fa0 RCX: 00007fe851f80849
[  235.915275][ T7675] RDX: 0000000020000100 RSI: 0000000000008914 RDI: 0000000000000004
[  235.923247][ T7675] RBP: 00007fe852d1b0a0 R08: 0000000000000000 R09: 0000000000000000
[  235.931215][ T7675] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  235.939185][ T7675] R13: 0000000000000000 R14: 00007fe852145fa0 R15: 00007fff131f46f8
[  235.947166][ T7675]  </TASK>
[  235.985274][ T7675] ERROR: Out of memory at tomoyo_realpath_from_path.
[  236.287965][ T7681] xt_time: unknown flags 0xc
[  236.294840][ T7681] macvlan0: entered allmulticast mode
[  236.300367][ T7681] veth1_vlan: entered allmulticast mode
[  236.312855][ T7681] 9pnet_fd: Insufficient options for proto=fd
[  237.969784][ T1948] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[  239.084354][ T7722] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  239.739564][ T1948] usb 3-1: Using ep0 maxpacket: 32
[  239.766712][ T1948] usb 3-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed
[  239.786425][ T1948] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  239.794623][ T1948] usb 3-1: Product: syz
[  239.798836][ T1948] usb 3-1: Manufacturer: syz
[  239.803625][ T1948] usb 3-1: SerialNumber: syz
[  239.878226][ T1948] usb 3-1: config 0 descriptor??
[  242.399271][ T5895] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  242.439091][ T1948] rtl8150 3-1:0.0: couldn't reset the device
[  242.445557][ T1948] rtl8150 3-1:0.0: probe with driver rtl8150 failed with error -5
[  242.463519][ T1948] usb 3-1: USB disconnect, device number 25
[  242.891447][ T5895] usb 2-1: Using ep0 maxpacket: 8
[  242.929459][ T5895] usb 2-1: device descriptor read/all, error -71
[  243.936596][ T7760] netlink: 'syz.3.439': attribute type 24 has an invalid length.
[  245.963388][ T7770] netlink: 'syz.1.441': attribute type 21 has an invalid length.
[  245.971942][ T7770] netlink: 156 bytes leftover after parsing attributes in process `syz.1.441'.
[  247.960016][ T7782] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  249.482818][ T7788] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  249.670384][ T5925] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  250.580413][ T5925] usb 2-1: Using ep0 maxpacket: 32
[  250.596642][ T5925] usb 2-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed
[  250.609376][ T5925] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  250.621800][ T5925] usb 2-1: Product: syz
[  250.626013][ T5925] usb 2-1: Manufacturer: syz
[  250.635006][ T5925] usb 2-1: SerialNumber: syz
[  250.644434][ T5925] usb 2-1: config 0 descriptor??
[  250.748881][ T7811] mmap: syz.2.452 (7811) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  251.134968][ T5895] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[  252.219757][ T5895] usb 4-1: Using ep0 maxpacket: 8
[  252.746929][ T7794] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  252.779721][ T7794] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  252.801793][ T7794] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  252.825258][ T5895] usb 4-1: unable to read config index 0 descriptor/start: -61
[  252.972249][ T5895] usb 4-1: can't read configurations, error -61
[  252.990538][ T7794] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  253.086522][ T5925] (unnamed net_device) (uninitialized): Assigned a random MAC address: b6:65:0c:2e:92:9b
[  253.103430][ T5925] rtl8150 2-1:0.0: eth1: rtl8150 is detected
[  253.113431][ T5925] usb 2-1: USB disconnect, device number 18
[  253.355039][ T5895] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[  253.515702][ T7837] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  253.560745][ T5895] usb 4-1: Using ep0 maxpacket: 8
[  253.628169][ T5895] usb 4-1: unable to read config index 0 descriptor/start: -61
[  253.639042][ T5895] usb 4-1: can't read configurations, error -61
[  253.680238][ T7445] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  253.805626][ T5895] usb usb4-port1: attempt power cycle
[  253.860200][ T7445] usb 1-1: Using ep0 maxpacket: 8
[  253.883650][ T7445] usb 1-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  253.982857][ T7445] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  254.109063][ T7445] usb 1-1: Product: syz
[  254.124599][ T7445] usb 1-1: Manufacturer: syz
[  254.158389][ T7445] usb 1-1: SerialNumber: syz
[  254.213377][ T7445] usb 1-1: config 0 descriptor??
[  255.592159][ T7445] dvb_usb_rtl28xxu 1-1:0.0: chip type detection failed -110
[  255.609810][ T7445] dvb_usb_rtl28xxu 1-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -110
[  256.005960][ T7860] 9pnet: Could not find request transport: xen
[  256.015300][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  256.024523][ T7865] usb usb1: usbfs: process 7865 (syz.1.463) did not claim interface 0 before use
[  256.338364][ T7873] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  256.358686][ T7873] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  256.680072][ T5236] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  256.855840][ T5236] usb 2-1: Using ep0 maxpacket: 8
[  256.922338][ T5236] usb 2-1: no configurations
[  256.983815][ T5236] usb 2-1: can't read configurations, error -22
[  257.309804][ T5236] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  257.529569][ T5925] usb 1-1: USB disconnect, device number 17
[  257.619731][ T5236] usb 2-1: Using ep0 maxpacket: 8
[  257.630270][ T5236] usb 2-1: no configurations
[  257.634988][ T5236] usb 2-1: can't read configurations, error -22
[  257.871498][ T5236] usb usb2-port1: attempt power cycle
[  258.340657][ T7525] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[  258.359878][ T5236] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  258.390561][ T5236] usb 2-1: Using ep0 maxpacket: 8
[  258.397418][ T5236] usb 2-1: no configurations
[  258.405314][ T5236] usb 2-1: can't read configurations, error -22
[  258.487687][ T7896] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  258.508678][ T7525] usb 3-1: Using ep0 maxpacket: 32
[  258.570012][ T5925] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  258.652887][ T7525] usb 3-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed
[  258.732803][ T7525] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  258.769974][ T5925] usb 1-1: Using ep0 maxpacket: 8
[  258.841378][ T5925] usb 1-1: unable to read config index 0 descriptor/start: -61
[  258.866369][ T7525] usb 3-1: Product: syz
[  258.903837][ T7525] usb 3-1: Manufacturer: syz
[  258.923691][ T5925] usb 1-1: can't read configurations, error -61
[  258.969447][ T7525] usb 3-1: SerialNumber: syz
[  259.062854][ T7525] usb 3-1: config 0 descriptor??
[  259.099889][ T5236] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[  259.119831][ T5925] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  259.127961][ T5236] usb 2-1: Using ep0 maxpacket: 8
[  259.134336][ T5236] usb 2-1: no configurations
[  259.138996][ T5236] usb 2-1: can't read configurations, error -22
[  259.160092][ T5236] usb usb2-port1: unable to enumerate USB device
[  259.319948][ T5925] usb 1-1: Using ep0 maxpacket: 8
[  259.351613][ T5925] usb 1-1: unable to read config index 0 descriptor/start: -61
[  259.359317][ T5925] usb 1-1: can't read configurations, error -61
[  259.366223][ T5925] usb usb1-port1: attempt power cycle
[  259.367949][ T7901] FAULT_INJECTION: forcing a failure.
[  259.367949][ T7901] name failslab, interval 1, probability 0, space 0, times 0
[  259.393839][ T7901] CPU: 1 UID: 0 PID: 7901 Comm: syz.1.474 Not tainted 6.12.0-syzkaller-10740-g509f806f7f70 #0
[  259.404147][ T7901] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  259.414235][ T7901] Call Trace:
[  259.417780][ T7901]  <TASK>
[  259.420745][ T7901]  dump_stack_lvl+0x241/0x360
[  259.425554][ T7901]  ? __pfx_dump_stack_lvl+0x10/0x10
[  259.430891][ T7901]  ? __pfx__printk+0x10/0x10
[  259.435525][ T7901]  ? kmem_cache_alloc_noprof+0x48/0x380
[  259.441105][ T7901]  ? __pfx___might_resched+0x10/0x10
[  259.446439][ T7901]  should_fail_ex+0x3b0/0x4e0
[  259.451161][ T7901]  should_failslab+0xac/0x100
[  259.455871][ T7901]  ? ovs_flow_alloc+0x24/0x1e0
[  259.460691][ T7901]  kmem_cache_alloc_noprof+0x70/0x380
[  259.466200][ T7901]  ovs_flow_alloc+0x24/0x1e0
[  259.470830][ T7901]  ovs_flow_cmd_new+0x225/0xe00
[  259.475753][ T7901]  ? __pfx_ovs_flow_cmd_new+0x10/0x10
[  259.481212][ T7901]  ? __nla_parse+0x40/0x60
[  259.485666][ T7901]  ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290
[  259.492041][ T7901]  genl_rcv_msg+0xb14/0xec0
[  259.496682][ T7901]  ? __pfx_genl_rcv_msg+0x10/0x10
[  259.501863][ T7901]  ? __pfx_lock_acquire+0x10/0x10
[  259.506919][ T7901]  ? __pfx_ovs_flow_cmd_new+0x10/0x10
[  259.512331][ T7901]  ? __pfx___might_resched+0x10/0x10
[  259.517866][ T7901]  netlink_rcv_skb+0x1e3/0x430
[  259.522671][ T7901]  ? __pfx_genl_rcv_msg+0x10/0x10
[  259.527778][ T7901]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  259.533116][ T7901]  ? __netlink_deliver_tap+0x7aa/0x7f0
[  259.538722][ T7901]  genl_rcv+0x28/0x40
[  259.542845][ T7901]  netlink_unicast+0x7f6/0x990
[  259.547681][ T7901]  ? __pfx_netlink_unicast+0x10/0x10
[  259.553025][ T7901]  ? __virt_addr_valid+0x183/0x530
[  259.558284][ T7901]  ? __check_object_size+0x48e/0x900
[  259.563624][ T7901]  netlink_sendmsg+0x8e4/0xcb0
[  259.568535][ T7901]  ? __pfx_netlink_sendmsg+0x10/0x10
[  259.573882][ T7901]  ? __pfx_netlink_sendmsg+0x10/0x10
[  259.579210][ T7901]  __sock_sendmsg+0x221/0x270
[  259.583943][ T7901]  ____sys_sendmsg+0x52a/0x7e0
[  259.588733][ T7901]  ? __pfx_____sys_sendmsg+0x10/0x10
[  259.594052][ T7901]  ? __fget_files+0x2a/0x410
[  259.598686][ T7901]  ? __fget_files+0x2a/0x410
[  259.603317][ T7901]  __sys_sendmsg+0x269/0x350
[  259.607937][ T7901]  ? __pfx_lock_release+0x10/0x10
[  259.613008][ T7901]  ? __pfx___sys_sendmsg+0x10/0x10
[  259.618190][ T7901]  ? __pfx_vfs_write+0x10/0x10
[  259.623017][ T7901]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  259.629392][ T7901]  ? do_syscall_64+0x100/0x230
[  259.634206][ T7901]  ? do_syscall_64+0xb6/0x230
[  259.638927][ T7901]  do_syscall_64+0xf3/0x230
[  259.643460][ T7901]  ? clear_bhb_loop+0x35/0x90
[  259.648180][ T7901]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  259.654096][ T7901] RIP: 0033:0x7f90ac380849
[  259.658540][ T7901] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  259.678177][ T7901] RSP: 002b:00007f90ad15d058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  259.686649][ T7901] RAX: ffffffffffffffda RBX: 00007f90ac545fa0 RCX: 00007f90ac380849
[  259.694638][ T7901] RDX: 000000000000c000 RSI: 00000000200000c0 RDI: 0000000000000003
[  259.702621][ T7901] RBP: 00007f90ad15d0a0 R08: 0000000000000000 R09: 0000000000000000
[  259.710621][ T7901] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  259.718741][ T7901] R13: 0000000000000000 R14: 00007f90ac545fa0 R15: 00007fffb5a302d8
[  259.726736][ T7901]  </TASK>
[  259.731461][ T5925] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  259.760522][ T5925] usb 1-1: Using ep0 maxpacket: 8
[  259.768264][ T5925] usb 1-1: unable to read config index 0 descriptor/start: -61
[  259.776318][ T5925] usb 1-1: can't read configurations, error -61
[  259.796176][ T7525] (unnamed net_device) (uninitialized): Assigned a random MAC address: b2:0a:85:07:14:34
[  259.798104][ T7886] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  259.817726][ T7525] rtl8150 3-1:0.0: eth1: rtl8150 is detected
[  259.860082][ T7886] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  259.926944][ T7886] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  259.933524][ T5925] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  259.960922][ T5925] usb 1-1: Using ep0 maxpacket: 8
[  259.968536][ T5925] usb 1-1: unable to read config index 0 descriptor/start: -61
[  259.976753][ T5925] usb 1-1: can't read configurations, error -61
[  259.984038][ T5925] usb usb1-port1: unable to enumerate USB device
[  259.994591][ T7886] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  260.026059][ T5895] usb 3-1: USB disconnect, device number 26
[  260.510043][ T7525] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  261.525003][ T7949] netlink: 428 bytes leftover after parsing attributes in process `syz.2.481'.
[  261.601063][ T7949] netlink: 64 bytes leftover after parsing attributes in process `syz.2.481'.
[  261.649940][ T7525] usb 6-1: device descriptor read/64, error -71
[  261.924631][ T7961] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  262.800634][ T7525] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  262.935875][ T7525] usb 6-1: device descriptor read/64, error -71
[  263.019799][ T5923] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[  263.052422][ T7525] usb usb6-port1: attempt power cycle
[  263.369788][ T5923] usb 3-1: Using ep0 maxpacket: 8
[  263.424876][ T5923] usb 3-1: no configurations
[  263.456901][ T5923] usb 3-1: can't read configurations, error -22
[  264.010008][ T5923] usb 3-1: new high-speed USB device number 28 using dummy_hcd
[  264.107687][ T7981] FAULT_INJECTION: forcing a failure.
[  264.107687][ T7981] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  264.149036][ T7979] netlink: 16 bytes leftover after parsing attributes in process `syz.5.488'.
[  264.196129][ T7985] overlayfs: failed to resolve './file0': -2
[  264.223186][ T7981] CPU: 1 UID: 0 PID: 7981 Comm: syz.3.487 Not tainted 6.12.0-syzkaller-10740-g509f806f7f70 #0
[  264.233489][ T7981] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  264.243577][ T7981] Call Trace:
[  264.246873][ T7981]  <TASK>
[  264.249819][ T7981]  dump_stack_lvl+0x241/0x360
[  264.254692][ T7981]  ? __pfx_dump_stack_lvl+0x10/0x10
[  264.259911][ T7981]  ? __pfx__printk+0x10/0x10
[  264.264795][ T7981]  ? __pfx_lock_release+0x10/0x10
[  264.269862][ T7981]  should_fail_ex+0x3b0/0x4e0
[  264.274569][ T7981]  _copy_from_user+0x2f/0xc0
[  264.279195][ T7981]  copy_msghdr_from_user+0xae/0x680
[  264.284418][ T7981]  ? __pfx___might_resched+0x10/0x10
[  264.289733][ T7981]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  264.295564][ T7981]  ? __fget_files+0x2a/0x410
[  264.300190][ T7981]  ? __sys_sendmmsg+0x392/0x720
[  264.305064][ T7981]  ? __might_fault+0xaa/0x120
[  264.309767][ T7981]  __sys_sendmmsg+0x32b/0x720
[  264.314476][ T7981]  ? __pfx___sys_sendmmsg+0x10/0x10
[  264.319699][ T7981]  ? __pfx_lock_release+0x10/0x10
[  264.324741][ T7981]  ? kstrtouint_from_user+0x128/0x190
[  264.330172][ T7981]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  264.336096][ T7981]  ? ksys_write+0x22a/0x2b0
[  264.339800][ T5923] usb 3-1: Using ep0 maxpacket: 8
[  264.340641][ T7981]  ? __pfx_lock_release+0x10/0x10
[  264.346322][ T5923] usb 3-1: no configurations
[  264.350669][ T7981]  ? vfs_write+0x730/0xd30
[  264.350707][ T7981]  ? __mutex_unlock_slowpath+0x21e/0x790
[  264.350746][ T7981]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  264.350766][ T7981]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  264.350785][ T7981]  ? do_syscall_64+0x100/0x230
[  264.350807][ T7981]  __x64_sys_sendmmsg+0xa0/0xb0
[  264.350832][ T7981]  do_syscall_64+0xf3/0x230
[  264.350851][ T7981]  ? clear_bhb_loop+0x35/0x90
[  264.350873][ T7981]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  264.373870][ T5923] usb 3-1: can't read configurations, error -22
[  264.378430][ T7981] RIP: 0033:0x7f04e2d80849
[  264.387771][ T5923] usb usb3-port1: attempt power cycle
[  264.388023][ T7981] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  264.438800][ T7981] RSP: 002b:00007f04e3bb5058 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  264.447340][ T7981] RAX: ffffffffffffffda RBX: 00007f04e2f45fa0 RCX: 00007f04e2d80849
[  264.455371][ T7981] RDX: 000000000000fdef RSI: 00000000200020c0 RDI: 0000000000000004
[  264.463396][ T7981] RBP: 00007f04e3bb50a0 R08: 0000000000000000 R09: 0000000000000000
[  264.471406][ T7981] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  264.479410][ T7981] R13: 0000000000000000 R14: 00007f04e2f45fa0 R15: 00007ffefc1c90d8
[  264.487431][ T7981]  </TASK>
[  264.557330][ T7989] input: syz0 as /devices/virtual/input/input8
[  264.819862][ T5923] usb 3-1: new high-speed USB device number 29 using dummy_hcd
[  265.856880][ T5923] usb 3-1: device not accepting address 29, error -71
[  266.169545][ T8014] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  266.198084][ T5895] usb 4-1: new high-speed USB device number 25 using dummy_hcd
[  267.278327][ T5925] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  267.331541][ T5895] usb 4-1: Using ep0 maxpacket: 32
[  267.360130][ T5895] usb 4-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed
[  267.369228][ T5895] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  267.382887][ T5895] usb 4-1: Product: syz
[  267.387139][ T5895] usb 4-1: Manufacturer: syz
[  267.394318][ T5895] usb 4-1: SerialNumber: syz
[  267.450216][ T5925] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  267.463204][ T5925] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  267.474809][ T5925] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[  267.486056][ T5925] usb 6-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  267.875651][ T5925] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  267.952092][ T5895] usb 4-1: config 0 descriptor??
[  267.962519][ T5925] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  267.970771][ T5925] usb 6-1: Product: syz
[  267.974966][ T5925] usb 6-1: Manufacturer: syz
[  267.985077][ T5925] cdc_wdm 6-1:1.0: probe with driver cdc_wdm failed with error -22
[  268.018178][   T54] Bluetooth: hci5: command 0x0405 tx timeout
[  268.061755][ T5895] usb 4-1: can't set config #0, error -71
[  268.078066][ T5895] usb 4-1: USB disconnect, device number 25
[  268.230120][ T7445] usb 6-1: USB disconnect, device number 12
[  269.650009][ T8042] netlink: 12 bytes leftover after parsing attributes in process `syz.2.499'.
[  270.630190][ T5895] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[  270.823243][ T5895] usb 4-1: Using ep0 maxpacket: 8
[  270.844245][ T5895] usb 4-1: no configurations
[  270.857558][ T5895] usb 4-1: can't read configurations, error -22
[  270.990968][ T8058] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  271.947692][ T5895] usb 4-1: new high-speed USB device number 27 using dummy_hcd
[  273.069844][ T5895] usb 4-1: Using ep0 maxpacket: 8
[  273.076936][ T5895] usb 4-1: no configurations
[  273.082154][ T5895] usb 4-1: can't read configurations, error -22
[  273.088791][ T5895] usb usb4-port1: attempt power cycle
[  273.109828][ T7445] usb 3-1: new high-speed USB device number 31 using dummy_hcd
[  273.772990][ T5861] Bluetooth: hci5: command 0x0405 tx timeout
[  274.100019][ T5895] usb 4-1: new high-speed USB device number 28 using dummy_hcd
[  274.116029][   T29] kauditd_printk_skb: 2 callbacks suppressed
[  274.116047][   T29] audit: type=1326 audit(1732946980.289:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8089 comm="syz.5.517" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fdf56b80849 code=0x0
[  274.143326][ T7445] usb 3-1: Using ep0 maxpacket: 32
[  274.160524][ T7445] usb 3-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed
[  274.178932][ T7445] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  274.326230][ T5895] usb 4-1: device not accepting address 28, error -71
[  274.527075][ T7445] usb 3-1: Product: syz
[  274.707071][ T7445] usb 3-1: Manufacturer: syz
[  275.198713][ T8099] vlan2: entered promiscuous mode
[  275.251141][ T8099] batman_adv: batadv0: Adding interface: vlan2
[  275.302850][ T8099] batman_adv: batadv0: The MTU of interface vlan2 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  275.350729][ T7445] usb 3-1: SerialNumber: syz
[  275.357583][ T7445] usb 3-1: config 0 descriptor??
[  275.363050][ T7445] usb 3-1: can't set config #0, error -71
[  275.370271][ T7445] usb 3-1: USB disconnect, device number 31
[  275.396947][ T8099] batman_adv: batadv0: Not using interface vlan2 (retrying later): interface not active
[  276.711014][ T8117] team0: No ports can be present during mode change
[  276.842710][ T7525] IPVS: starting estimator thread 0...
[  277.357848][ T8124] IPVS: using max 27 ests per chain, 64800 per kthread
[  278.507204][ T7525] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  278.532019][ T8150] netlink: 24 bytes leftover after parsing attributes in process `syz.3.532'.
[  279.110026][ T7525] usb 6-1: Using ep0 maxpacket: 16
[  279.123837][ T8162] netlink: 104 bytes leftover after parsing attributes in process `syz.0.535'.
[  279.154444][ T7525] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  279.165760][ T7525] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  279.175727][ T7525] usb 6-1: New USB device found, idVendor=1b96, idProduct=0008, bcdDevice= 0.00
[  279.185607][ T7525] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  279.208231][ T7525] usb 6-1: config 0 descriptor??
[  279.278213][ T8166] mkiss: ax0: crc mode is auto.
[  280.523188][ T7525] ntrig 0003:1B96:0008.0003: hidraw0: USB HID v0.00 Device [HID 1b96:0008] on usb-dummy_hcd.5-1/input0
[  280.548779][ T5896] usb 4-1: new full-speed USB device number 30 using dummy_hcd
[  280.688442][ T7525] ntrig 0003:1B96:0008.0003: Firmware version: 2.13.12.1.7 (35a5 3780)
[  280.753370][ T7525] usb 6-1: USB disconnect, device number 13
[  281.051386][ T5896] usb 4-1: New USB device found, idVendor=056e, idProduct=4010, bcdDevice=20.1c
[  281.074574][ T5896] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  281.467598][ T5896] usb 4-1: config 0 descriptor??
[  281.936261][ T8189] dummy0: entered promiscuous mode
[  281.942400][ T8189] macsec1: entered promiscuous mode
[  281.948472][ T8189] macsec1: entered allmulticast mode
[  281.957771][ T8189] dummy0: entered allmulticast mode
[  281.983912][ T8189] dummy0: left allmulticast mode
[  281.999444][ T8189] dummy0: left promiscuous mode
[  282.023345][ T5896] pegasus 4-1:0.0: probe with driver pegasus failed with error -32
[  282.485945][ T8206] ubi0: attaching mtd0
[  282.521089][ T8206] ubi0: scanning is finished
[  282.529721][ T8206] ubi0: empty MTD device detected
[  282.698726][ T8206] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB)
[  282.714458][ T8206] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  282.731251][ T8206] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1
[  282.741615][ T8206] ubi0: VID header offset: 64 (aligned 64), data offset: 128
[  282.749965][ T8206] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  282.757315][ T8206] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23
[  282.803632][ T8206] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 1100023478
[  282.868774][    T8] usb 4-1: USB disconnect, device number 30
[  282.909977][ T8206] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  282.921990][ T8210] ubi0: background thread "ubi_bgt0d" started, PID 8210
[  283.022697][ T8214] mkiss: ax0: crc mode is auto.
[  284.260288][ T8228] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  284.279816][    T8] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  284.570053][    T8] usb 6-1: Using ep0 maxpacket: 8
[  284.607030][    T8] usb 6-1: no configurations
[  284.613697][    T8] usb 6-1: can't read configurations, error -22
[  284.769987][    T8] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  285.369837][    C1] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  285.584700][ T8233] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  285.645092][    T8] usb 6-1: Using ep0 maxpacket: 8
[  285.655967][    T8] usb 6-1: no configurations
[  285.662364][    T8] usb 6-1: can't read configurations, error -22
[  285.673801][    T8] usb usb6-port1: attempt power cycle
[  286.163077][    T8] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  286.191934][    T8] usb 6-1: Using ep0 maxpacket: 8
[  286.197675][    T8] usb 6-1: no configurations
[  286.202768][    T8] usb 6-1: can't read configurations, error -22
[  286.276591][ T8251] FAULT_INJECTION: forcing a failure.
[  286.276591][ T8251] name failslab, interval 1, probability 0, space 0, times 0
[  286.289618][ T8251] CPU: 0 UID: 0 PID: 8251 Comm: syz.1.557 Not tainted 6.12.0-syzkaller-10740-g509f806f7f70 #0
[  286.299891][ T8251] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  286.309974][ T8251] Call Trace:
[  286.313263][ T8251]  <TASK>
[  286.316199][ T8251]  dump_stack_lvl+0x241/0x360
[  286.320895][ T8251]  ? __pfx_dump_stack_lvl+0x10/0x10
[  286.326112][ T8251]  ? __pfx__printk+0x10/0x10
[  286.330720][ T8251]  ? kmem_cache_alloc_node_noprof+0x4f/0x380
[  286.336718][ T8251]  ? __pfx___might_resched+0x10/0x10
[  286.342038][ T8251]  should_fail_ex+0x3b0/0x4e0
[  286.346758][ T8251]  should_failslab+0xac/0x100
[  286.351460][ T8251]  kmem_cache_alloc_node_noprof+0x77/0x380
[  286.357290][ T8251]  ? __alloc_skb+0x1c3/0x440
[  286.361902][ T8251]  __alloc_skb+0x1c3/0x440
[  286.366331][ T8251]  ? validate_chain+0x11e/0x5920
[  286.371286][ T8251]  ? __pfx___alloc_skb+0x10/0x10
[  286.376241][ T8251]  ? reacquire_held_locks+0x5c0/0x690
[  286.381637][ T8251]  ? __pfx_lock_release+0x10/0x10
[  286.386688][ T8251]  alloc_skb_with_frags+0xc3/0x820
[  286.391829][ T8251]  ? mark_lock+0x9a/0x360
[  286.396177][ T8251]  ? __pfx_validate_chain+0x10/0x10
[  286.401393][ T8251]  ? __lock_acquire+0x1397/0x2100
[  286.406435][ T8251]  sock_alloc_send_pskb+0x91a/0xa60
[  286.411670][ T8251]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  286.417416][ T8251]  ? smack_socket_sendmsg+0x178/0x540
[  286.422815][ T8251]  ? __pfx_smack_socket_sendmsg+0x10/0x10
[  286.428564][ T8251]  ? tomoyo_socket_sendmsg_permission+0x288/0x420
[  286.435009][ T8251]  hci_sock_sendmsg+0x22b/0x11c0
[  286.439975][ T8251]  ? __pfx_tomoyo_socket_sendmsg_permission+0x10/0x10
[  286.446766][ T8251]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[  286.452168][ T8251]  ? get_pid_task+0x23/0x1f0
[  286.456781][ T8251]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[  286.462179][ T8251]  __sock_sendmsg+0x221/0x270
[  286.466881][ T8251]  sock_write_iter+0x2d7/0x3f0
[  286.471663][ T8251]  ? __pfx_sock_write_iter+0x10/0x10
[  286.476982][ T8251]  ? bpf_lsm_file_permission+0x9/0x10
[  286.482371][ T8251]  ? security_file_permission+0x74/0x280
[  286.488030][ T8251]  vfs_write+0xaeb/0xd30
[  286.492305][ T8251]  ? __pfx_sock_write_iter+0x10/0x10
[  286.497645][ T8251]  ? __pfx_vfs_write+0x10/0x10
[  286.502439][ T8251]  ? __fget_files+0x2a/0x410
[  286.507050][ T8251]  ? __fget_files+0x2a/0x410
[  286.511669][ T8251]  ksys_write+0x18f/0x2b0
[  286.516024][ T8251]  ? __pfx_ksys_write+0x10/0x10
[  286.520896][ T8251]  ? do_syscall_64+0x100/0x230
[  286.525685][ T8251]  ? do_syscall_64+0xb6/0x230
[  286.530385][ T8251]  do_syscall_64+0xf3/0x230
[  286.534947][ T8251]  ? clear_bhb_loop+0x35/0x90
[  286.539650][ T8251]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  286.545565][ T8251] RIP: 0033:0x7f90ac380849
[  286.549997][ T8251] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  286.569633][ T8251] RSP: 002b:00007f90ad11b058 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  286.578074][ T8251] RAX: ffffffffffffffda RBX: 00007f90ac546160 RCX: 00007f90ac380849
[  286.586064][ T8251] RDX: 0000000000000007 RSI: 0000000020000040 RDI: 0000000000000005
[  286.594060][ T8251] RBP: 00007f90ad11b0a0 R08: 0000000000000000 R09: 0000000000000000
[  286.602055][ T8251] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  286.610041][ T8251] R13: 0000000000000000 R14: 00007f90ac546160 R15: 00007fffb5a302d8
[  286.618047][ T8251]  </TASK>
[  286.689873][    T8] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[  286.710453][    T8] usb 6-1: Using ep0 maxpacket: 8
[  286.717657][    T8] usb 6-1: no configurations
[  286.732361][    T8] usb 6-1: can't read configurations, error -22
[  286.745132][    T8] usb usb6-port1: unable to enumerate USB device
[  287.099764][ T5895] usb 3-1: new high-speed USB device number 32 using dummy_hcd
[  287.404014][ T8264] mkiss: ax0: crc mode is auto.
[  287.469742][ T5895] usb 3-1: Using ep0 maxpacket: 32
[  287.505729][ T5895] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  287.885584][ T5895] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  288.228892][ T5895] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  288.240209][ T5895] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  288.249284][ T5895] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  288.364170][ T5895] usb 3-1: config 0 descriptor??
[  288.372774][ T8247] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  288.594399][ T5895] hub 3-1:0.0: USB hub found
[  290.273123][ T5895] hub 3-1:0.0: config failed, can't read hub descriptor (err -22)
[  290.284688][ T5895] usbhid 3-1:0.0: can't add hid device: -71
[  290.298968][ T5895] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  290.356915][ T5895] usb 3-1: USB disconnect, device number 32
[  291.976685][ T8306] mkiss: ax0: crc mode is auto.
[  292.387676][ T8317] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  297.444709][ T8363] (syz.2.585,8363,1):ocfs2_fill_super:990 ERROR: superblock probe failed!
[  297.453732][ T8363] (syz.2.585,8363,1):ocfs2_fill_super:1178 ERROR: status = -22
[  298.316251][ T8372] mkiss: ax0: crc mode is auto.
[  299.819746][ T7445] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[  300.115933][ T7445] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  300.159762][ T7445] usb 6-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  300.319608][ T7445] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[  300.477078][ T7445] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  300.731042][ T7445] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  300.784820][ T7445] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  300.835314][ T8417] netlink: 'syz.1.601': attribute type 1 has an invalid length.
[  300.859041][ T7445] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  300.881109][ T7445] usb 6-1: Product: syz
[  300.908720][ T7445] usb 6-1: Manufacturer: syz
[  300.923376][ T8417] netlink: 224 bytes leftover after parsing attributes in process `syz.1.601'.
[  301.053495][ T7445] cdc_wdm 6-1:1.0: skipping garbage
[  301.094109][ T7445] cdc_wdm 6-1:1.0: skipping garbage
[  301.109178][ T8417] FAULT_INJECTION: forcing a failure.
[  301.109178][ T8417] name failslab, interval 1, probability 0, space 0, times 0
[  301.169884][ T8417] CPU: 0 UID: 0 PID: 8417 Comm: syz.1.601 Not tainted 6.12.0-syzkaller-10740-g509f806f7f70 #0
[  301.180194][ T8417] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  301.182638][ T7445] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  301.190254][ T8417] Call Trace:
[  301.190298][ T8417]  <TASK>
[  301.190309][ T8417]  dump_stack_lvl+0x241/0x360
[  301.207123][ T8417]  ? __pfx_dump_stack_lvl+0x10/0x10
[  301.212352][ T8417]  ? __pfx__printk+0x10/0x10
[  301.216981][ T8417]  ? __kmalloc_cache_node_noprof+0x47/0x3a0
[  301.222904][ T8417]  ? __pfx___might_resched+0x10/0x10
[  301.228227][ T8417]  ? lockdep_init_map_type+0xa1/0x910
[  301.233637][ T8417]  should_fail_ex+0x3b0/0x4e0
[  301.238173][ T7445] cdc_wdm 6-1:1.0: Unknown control protocol
[  301.238340][ T8417]  should_failslab+0xac/0x100
[  301.248918][ T8417]  ? __alloc_workqueue+0x709/0x1f20
[  301.254143][ T8417]  __kmalloc_cache_node_noprof+0x6f/0x3a0
[  301.259897][ T8417]  __alloc_workqueue+0x709/0x1f20
[  301.264961][ T8417]  ? hwsim_add_one+0x34c/0x11d0
[  301.269849][ T8417]  ? genl_rcv+0x28/0x40
[  301.274132][ T8417]  ? __sock_sendmsg+0x221/0x270
[  301.279025][ T8417]  alloc_workqueue+0xd6/0x210
[  301.283745][ T8417]  ? __pfx_alloc_workqueue+0x10/0x10
[  301.289073][ T8417]  ieee802154_register_hw+0x125/0x8d0
[  301.294485][ T8417]  ? __pfx_ieee802154_register_hw+0x10/0x10
[  301.300419][ T8417]  ? __kasan_kmalloc+0x98/0xb0
[  301.305233][ T8417]  ? __kmalloc_cache_noprof+0x243/0x390
[  301.310817][ T8417]  ? hwsim_add_one+0x34c/0x11d0
[  301.315722][ T8417]  hwsim_add_one+0x489/0x11d0
[  301.320451][ T8417]  genl_rcv_msg+0xb14/0xec0
[  301.325033][ T8417]  ? __pfx_genl_rcv_msg+0x10/0x10
[  301.330640][ T8417]  ? __pfx_lock_acquire+0x10/0x10
[  301.335688][ T8417]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  301.341463][ T8417]  ? __pfx___might_resched+0x10/0x10
[  301.346802][ T8417]  netlink_rcv_skb+0x1e3/0x430
[  301.351604][ T8417]  ? __pfx_genl_rcv_msg+0x10/0x10
[  301.356678][ T8417]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  301.362022][ T8417]  genl_rcv+0x28/0x40
[  301.366018][ T8417]  netlink_unicast+0x7f6/0x990
[  301.370780][ T8417]  ? __pfx_netlink_unicast+0x10/0x10
[  301.376055][ T8417]  ? __virt_addr_valid+0x183/0x530
[  301.381180][ T8417]  ? __check_object_size+0x48e/0x900
[  301.386516][ T8417]  netlink_sendmsg+0x8e4/0xcb0
[  301.391325][ T8417]  ? __pfx_netlink_sendmsg+0x10/0x10
[  301.396734][ T8417]  ? __pfx_netlink_sendmsg+0x10/0x10
[  301.402040][ T8417]  __sock_sendmsg+0x221/0x270
[  301.406755][ T8417]  ____sys_sendmsg+0x52a/0x7e0
[  301.411557][ T8417]  ? __pfx_____sys_sendmsg+0x10/0x10
[  301.416874][ T8417]  ? __fget_files+0x2a/0x410
[  301.421487][ T8417]  ? __fget_files+0x2a/0x410
[  301.426112][ T8417]  __sys_sendmsg+0x269/0x350
[  301.430711][ T8417]  ? __pfx_lock_release+0x10/0x10
[  301.436195][ T8417]  ? __pfx___sys_sendmsg+0x10/0x10
[  301.441323][ T8417]  ? __pfx_vfs_write+0x10/0x10
[  301.446092][ T8417]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  301.452436][ T8417]  ? do_syscall_64+0x100/0x230
[  301.457192][ T8417]  ? do_syscall_64+0xb6/0x230
[  301.461864][ T8417]  do_syscall_64+0xf3/0x230
[  301.466354][ T8417]  ? clear_bhb_loop+0x35/0x90
[  301.471022][ T8417]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  301.476917][ T8417] RIP: 0033:0x7f90ac380849
[  301.481335][ T8417] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  301.500963][ T8417] RSP: 002b:00007f90ad15d058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  301.509391][ T8417] RAX: ffffffffffffffda RBX: 00007f90ac545fa0 RCX: 00007f90ac380849
[  301.517361][ T8417] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000004
[  301.525327][ T8417] RBP: 00007f90ad15d0a0 R08: 0000000000000000 R09: 0000000000000000
[  301.533306][ T8417] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  301.541547][ T8417] R13: 0000000000000000 R14: 00007f90ac545fa0 R15: 00007fffb5a302d8
[  301.549521][ T8417]  </TASK>
[  301.755696][ T5896] usb 6-1: USB disconnect, device number 18
[  303.437890][ T8450] netlink: 'syz.0.611': attribute type 1 has an invalid length.
[  303.508496][ T8450] netlink: 224 bytes leftover after parsing attributes in process `syz.0.611'.
[  306.611222][ T8480] netlink: 64 bytes leftover after parsing attributes in process `syz.3.615'.
[  308.961292][ T8503] netlink: 64 bytes leftover after parsing attributes in process `syz.5.625'.
[  308.984102][ T8498] x_tables: ip_tables: TCPOPTSTRIP target: only valid in mangle table, not raw
[  313.353782][ T8546] netlink: 8 bytes leftover after parsing attributes in process `syz.0.636'.
[  313.370976][ T8546] netlink: 16 bytes leftover after parsing attributes in process `syz.0.636'.
[  314.199838][ T5896] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[  314.787292][ T8542] bpf: Bad value for 'gid'
[  314.890580][ T5896] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  314.965556][ T5896] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  315.008585][ T5896] usb 1-1: New USB device found, idVendor=18b1, idProduct=0037, bcdDevice= 0.00
[  315.049778][ T5896] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  315.067072][ T5896] usb 1-1: config 0 descriptor??
[  315.462253][ T8575] openvswitch: netlink: Message has 1275 unknown bytes.
[  315.497049][ T8575] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  315.674069][ T5896] petalynx 0003:18B1:0037.0004: unknown main item tag 0xd
[  315.681544][ T5896] petalynx 0003:18B1:0037.0004: unexpected long global item
[  315.689358][ T5896] petalynx 0003:18B1:0037.0004: parse failed
[  315.701754][ T5896] petalynx 0003:18B1:0037.0004: probe with driver petalynx failed with error -22
[  315.790464][    T8] usb 6-1: new high-speed USB device number 19 using dummy_hcd
[  315.917338][ T8546] binder: 8545:8546 ioctl 8924 20000580 returned -22
[  315.940485][ T7525] usb 1-1: USB disconnect, device number 23
[  315.959970][    T8] usb 6-1: Using ep0 maxpacket: 8
[  315.965885][    T8] usb 6-1: too many configurations: 157, using maximum allowed: 8
[  315.981594][    T8] usb 6-1: unable to read config index 0 descriptor/start: -61
[  315.997828][    T8] usb 6-1: can't read configurations, error -61
[  316.293458][    T8] usb 6-1: new high-speed USB device number 20 using dummy_hcd
[  316.924202][ T8590] sch_tbf: burst 274 is lower than device lo mtu (65550) !
[  317.028860][    T8] usb 6-1: Using ep0 maxpacket: 8
[  317.042472][    T8] usb 6-1: too many configurations: 157, using maximum allowed: 8
[  317.052211][    T8] usb 6-1: unable to read config index 0 descriptor/start: -61
[  317.059974][    T8] usb 6-1: can't read configurations, error -61
[  317.066598][    T8] usb usb6-port1: attempt power cycle
[  317.560671][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  318.037024][    T8] usb 6-1: new high-speed USB device number 21 using dummy_hcd
[  318.060302][    T8] usb 6-1: Using ep0 maxpacket: 8
[  318.066115][    T8] usb 6-1: too many configurations: 157, using maximum allowed: 8
[  318.076352][    T8] usb 6-1: unable to read config index 0 descriptor/start: -61
[  318.084474][    T8] usb 6-1: can't read configurations, error -61
[  319.609085][ T8618] netlink: 'syz.5.653': attribute type 21 has an invalid length.
[  319.616998][ T8618] netlink: 156 bytes leftover after parsing attributes in process `syz.5.653'.
[  321.579944][ T8630] FAULT_INJECTION: forcing a failure.
[  321.579944][ T8630] name failslab, interval 1, probability 0, space 0, times 0
[  321.647625][ T8630] CPU: 1 UID: 0 PID: 8630 Comm: syz.3.658 Not tainted 6.12.0-syzkaller-10740-g509f806f7f70 #0
[  321.657923][ T8630] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  321.668000][ T8630] Call Trace:
[  321.671270][ T8630]  <TASK>
[  321.674291][ T8630]  dump_stack_lvl+0x241/0x360
[  321.678980][ T8630]  ? __pfx_dump_stack_lvl+0x10/0x10
[  321.684182][ T8630]  ? __pfx__printk+0x10/0x10
[  321.688786][ T8630]  should_fail_ex+0x3b0/0x4e0
[  321.693466][ T8630]  should_failslab+0xac/0x100
[  321.698144][ T8630]  kmem_cache_alloc_node_noprof+0x77/0x380
[  321.703964][ T8630]  ? __alloc_skb+0x1c3/0x440
[  321.708565][ T8630]  ? rcu_is_watching+0x15/0xb0
[  321.713342][ T8630]  __alloc_skb+0x1c3/0x440
[  321.717795][ T8630]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  321.723785][ T8630]  ? __pfx___alloc_skb+0x10/0x10
[  321.728738][ T8630]  ? hci_sock_sendmsg+0x617/0x11c0
[  321.733865][ T8630]  ? __pfx___mutex_lock+0x10/0x10
[  321.738902][ T8630]  hci_mgmt_cmd+0x1c1/0x11d0
[  321.743512][ T8630]  hci_sock_sendmsg+0x7b8/0x11c0
[  321.748446][ T8630]  ? __pfx_tomoyo_socket_sendmsg_permission+0x10/0x10
[  321.755219][ T8630]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[  321.760606][ T8630]  ? get_pid_task+0x23/0x1f0
[  321.765196][ T8630]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[  321.770576][ T8630]  __sock_sendmsg+0x221/0x270
[  321.775291][ T8630]  sock_write_iter+0x2d7/0x3f0
[  321.780079][ T8630]  ? __pfx_sock_write_iter+0x10/0x10
[  321.785379][ T8630]  ? bpf_lsm_file_permission+0x9/0x10
[  321.790759][ T8630]  ? security_file_permission+0x74/0x280
[  321.796394][ T8630]  vfs_write+0xaeb/0xd30
[  321.800655][ T8630]  ? __pfx_sock_write_iter+0x10/0x10
[  321.805958][ T8630]  ? __pfx_vfs_write+0x10/0x10
[  321.810719][ T8630]  ? __fget_files+0x2a/0x410
[  321.815306][ T8630]  ? __fget_files+0x2a/0x410
[  321.819910][ T8630]  ksys_write+0x18f/0x2b0
[  321.824256][ T8630]  ? __pfx_ksys_write+0x10/0x10
[  321.829118][ T8630]  ? do_syscall_64+0x100/0x230
[  321.833904][ T8630]  ? do_syscall_64+0xb6/0x230
[  321.838594][ T8630]  do_syscall_64+0xf3/0x230
[  321.843112][ T8630]  ? clear_bhb_loop+0x35/0x90
[  321.847803][ T8630]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  321.853703][ T8630] RIP: 0033:0x7f04e2d80849
[  321.858554][ T8630] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  321.878167][ T8630] RSP: 002b:00007f04e3bb5058 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  321.886598][ T8630] RAX: ffffffffffffffda RBX: 00007f04e2f45fa0 RCX: 00007f04e2d80849
[  321.894573][ T8630] RDX: 0000000000000006 RSI: 0000000020000300 RDI: 0000000000000004
[  321.902547][ T8630] RBP: 00007f04e3bb50a0 R08: 0000000000000000 R09: 0000000000000000
[  321.910549][ T8630] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  321.918543][ T8630] R13: 0000000000000000 R14: 00007f04e2f45fa0 R15: 00007ffefc1c90d8
[  321.926563][ T8630]  </TASK>
[  322.530023][ T8630] Bluetooth: MGMT ver 1.23
[  323.707234][ T8649] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  324.047846][ T8649] batadv_slave_0: entered promiscuous mode
[  324.689668][    C0] hrtimer: interrupt took 39379 ns
[  325.222968][ T8677] netlink: 'syz.2.670': attribute type 21 has an invalid length.
[  325.223206][ T8677] netlink: 156 bytes leftover after parsing attributes in process `syz.2.670'.
[  329.217907][   T29] audit: type=1326 audit(1732947035.389:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8708 comm="syz.3.680" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f04e2d80849 code=0x7ffc0000
[  329.660088][   T29] audit: type=1326 audit(1732947035.389:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8708 comm="syz.3.680" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f04e2d80849 code=0x7ffc0000
[  329.808723][   T29] audit: type=1326 audit(1732947035.389:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8708 comm="syz.3.680" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f04e2d80849 code=0x7ffc0000
[  329.981163][   T29] audit: type=1326 audit(1732947035.389:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8708 comm="syz.3.680" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f04e2d80849 code=0x7ffc0000
[  330.991151][   T29] audit: type=1326 audit(1732947035.389:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8708 comm="syz.3.680" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f04e2d80849 code=0x7ffc0000
[  331.246256][   T29] audit: type=1326 audit(1732947035.389:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8708 comm="syz.3.680" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f04e2d80849 code=0x7ffc0000
[  331.969889][   T29] audit: type=1326 audit(1732947035.389:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8708 comm="syz.3.680" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f04e2d80849 code=0x7ffc0000
[  331.996631][   T29] audit: type=1326 audit(1732947035.389:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8708 comm="syz.3.680" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f04e2d80849 code=0x7ffc0000
[  332.017959][    C0] vkms_vblank_simulate: vblank timer overrun
[  332.031820][   T29] audit: type=1326 audit(1732947035.389:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8708 comm="syz.3.680" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f04e2d80849 code=0x7ffc0000
[  332.053155][    C0] vkms_vblank_simulate: vblank timer overrun
[  332.059924][   T29] audit: type=1326 audit(1732947035.899:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8708 comm="syz.3.680" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f04e2d80849 code=0x7ffc0000
[  332.060281][ T7445] usb 4-1: new high-speed USB device number 31 using dummy_hcd
[  332.511627][ T7445] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[  332.528186][ T7445] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[  332.556228][ T7445] usb 4-1: New USB device found, idVendor=2040, idProduct=1605, bcdDevice= a.94
[  332.567847][ T7445] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  333.502709][ T5894] usb 6-1: new high-speed USB device number 23 using dummy_hcd
[  333.556021][ T7445] usb 4-1: config 0 descriptor??
[  333.601313][ T8741] FAULT_INJECTION: forcing a failure.
[  333.601313][ T8741] name failslab, interval 1, probability 0, space 0, times 0
[  333.614257][ T8741] CPU: 1 UID: 0 PID: 8741 Comm: syz.1.686 Not tainted 6.12.0-syzkaller-10740-g509f806f7f70 #0
[  333.624541][ T8741] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  333.634629][ T8741] Call Trace:
[  333.637929][ T8741]  <TASK>
[  333.640884][ T8741]  dump_stack_lvl+0x241/0x360
[  333.645574][ T8741]  ? __pfx_dump_stack_lvl+0x10/0x10
[  333.650764][ T8741]  ? __pfx__printk+0x10/0x10
[  333.655352][ T8741]  ? __kmalloc_node_noprof+0xb9/0x4d0
[  333.660730][ T8741]  ? __pfx___might_resched+0x10/0x10
[  333.666039][ T8741]  should_fail_ex+0x3b0/0x4e0
[  333.670736][ T8741]  should_failslab+0xac/0x100
[  333.675451][ T8741]  __kmalloc_node_noprof+0xe1/0x4d0
[  333.680685][ T8741]  ? __kvmalloc_node_noprof+0x72/0x190
[  333.686185][ T8741]  __kvmalloc_node_noprof+0x72/0x190
[  333.691504][ T8741]  rhashtable_init_noprof+0x534/0xa60
[  333.696919][ T8741]  nf_flow_table_init+0x18e/0x2b0
[  333.701976][ T8741]  nf_tables_newflowtable+0x130a/0x2480
[  333.707561][ T8741]  ? __pfx_nf_tables_newflowtable+0x10/0x10
[  333.713487][ T8741]  ? nfnl_pernet+0x23/0x240
[  333.718026][ T8741]  ? __pfx_lock_release+0x10/0x10
[  333.723099][ T8741]  ? __nla_parse+0x40/0x60
[  333.727556][ T8741]  nfnetlink_rcv+0x14e3/0x2ab0
[  333.732375][ T8741]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  333.737513][ T8741]  ? netlink_deliver_tap+0x2e/0x1b0
[  333.742702][ T8741]  ? skb_clone+0x240/0x390
[  333.747120][ T8741]  ? __pfx_lock_release+0x10/0x10
[  333.752165][ T8741]  ? netlink_deliver_tap+0x2e/0x1b0
[  333.757380][ T8741]  netlink_unicast+0x7f6/0x990
[  333.762189][ T8741]  ? __pfx_netlink_unicast+0x10/0x10
[  333.767516][ T8741]  ? __virt_addr_valid+0x183/0x530
[  333.772669][ T8741]  ? __check_object_size+0x48e/0x900
[  333.777989][ T8741]  netlink_sendmsg+0x8e4/0xcb0
[  333.782790][ T8741]  ? __pfx_netlink_sendmsg+0x10/0x10
[  333.788110][ T8741]  ? __pfx_netlink_sendmsg+0x10/0x10
[  333.793415][ T8741]  __sock_sendmsg+0x221/0x270
[  333.798123][ T8741]  ____sys_sendmsg+0x52a/0x7e0
[  333.802924][ T8741]  ? __pfx_____sys_sendmsg+0x10/0x10
[  333.808231][ T8741]  ? __fget_files+0x2a/0x410
[  333.812856][ T8741]  ? __fget_files+0x2a/0x410
[  333.817480][ T8741]  __sys_sendmsg+0x269/0x350
[  333.822111][ T8741]  ? __pfx_lock_release+0x10/0x10
[  333.827162][ T8741]  ? __pfx___sys_sendmsg+0x10/0x10
[  333.832293][ T8741]  ? __pfx_vfs_write+0x10/0x10
[  333.837070][ T8741]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  333.843417][ T8741]  ? do_syscall_64+0x100/0x230
[  333.848190][ T8741]  ? do_syscall_64+0xb6/0x230
[  333.852859][ T8741]  do_syscall_64+0xf3/0x230
[  333.857356][ T8741]  ? clear_bhb_loop+0x35/0x90
[  333.862026][ T8741]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  333.867918][ T8741] RIP: 0033:0x7f90ac380849
[  333.872339][ T8741] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  333.891970][ T8741] RSP: 002b:00007f90ad15d058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  333.900428][ T8741] RAX: ffffffffffffffda RBX: 00007f90ac545fa0 RCX: 00007f90ac380849
[  333.908399][ T8741] RDX: 0000000000000000 RSI: 0000000020000600 RDI: 0000000000000003
[  333.916360][ T8741] RBP: 00007f90ad15d0a0 R08: 0000000000000000 R09: 0000000000000000
[  333.924331][ T8741] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  333.932297][ T8741] R13: 0000000000000000 R14: 00007f90ac545fa0 R15: 00007fffb5a302d8
[  333.940822][ T8741]  </TASK>
[  333.946646][ T8741] netlink: 60 bytes leftover after parsing attributes in process `syz.1.686'.
[  333.956984][ T7445] usb 4-1: can't set config #0, error -71
[  334.080550][ T5894] usb 6-1: Using ep0 maxpacket: 16
[  334.138409][ T7445] usb 4-1: USB disconnect, device number 31
[  334.146884][ T5894] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  334.158396][ T5894] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  334.170531][ T7525] kernel write not supported for file /569/projid_map (pid: 7525 comm: kworker/0:7)
[  334.179778][ T5894] usb 6-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 0.00
[  334.239910][ T5894] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  334.461601][ T5894] usb 6-1: config 0 descriptor??
[  335.462779][ T5894] input: PXRC Flight Controller Adapter as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/input/input10
[  335.821820][ T5894] usb 6-1: USB disconnect, device number 23
[  335.869212][ T5202] pxrc 6-1:0.0: pxrc_open - usb_submit_urb failed, error: -19
[  336.496782][ T8782] Illegal XDP return value 4294967274 on prog  (id 100) dev syz_tun, expect packet loss!
[  337.264456][ T8801] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  338.152754][ T8813] sch_tbf: burst 274 is lower than device lo mtu (65550) !
[  341.296711][   T29] kauditd_printk_skb: 46 callbacks suppressed
[  341.296733][   T29] audit: type=1804 audit(1732947047.469:71): pid=8837 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.1.714" name="/newroot/137/bus/bus" dev="overlay" ino=762 res=1 errno=0
[  341.419930][ T8847] FAULT_INJECTION: forcing a failure.
[  341.419930][ T8847] name failslab, interval 1, probability 0, space 0, times 0
[  341.432755][ T8847] CPU: 1 UID: 0 PID: 8847 Comm: syz.5.716 Not tainted 6.12.0-syzkaller-10740-g509f806f7f70 #0
[  341.443013][ T8847] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  341.453090][ T8847] Call Trace:
[  341.456385][ T8847]  <TASK>
[  341.459332][ T8847]  dump_stack_lvl+0x241/0x360
[  341.464027][ T8847]  ? __pfx_dump_stack_lvl+0x10/0x10
[  341.469237][ T8847]  ? __pfx__printk+0x10/0x10
[  341.473846][ T8847]  ? __kmalloc_cache_noprof+0x48/0x390
[  341.479319][ T8847]  ? __pfx___might_resched+0x10/0x10
[  341.484625][ T8847]  should_fail_ex+0x3b0/0x4e0
[  341.489335][ T8847]  should_failslab+0xac/0x100
[  341.489955][ T7525] usb 3-1: new high-speed USB device number 33 using dummy_hcd
[  341.494017][ T8847]  __kmalloc_cache_noprof+0x70/0x390
[  341.506859][ T8847]  ? ovl_init_fs_context+0x11d/0x4f0
[  341.512173][ T8847]  ovl_init_fs_context+0x11d/0x4f0
[  341.517313][ T8847]  alloc_fs_context+0x68a/0x800
[  341.522189][ T8847]  do_new_mount+0x160/0xb40
[  341.526713][ T8847]  ? __pfx_do_new_mount+0x10/0x10
[  341.531764][ T8847]  __se_sys_mount+0x2d6/0x3c0
[  341.536462][ T8847]  ? __pfx___se_sys_mount+0x10/0x10
[  341.541680][ T8847]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  341.548031][ T8847]  ? __x64_sys_mount+0x20/0xc0
[  341.552821][ T8847]  do_syscall_64+0xf3/0x230
[  341.557343][ T8847]  ? clear_bhb_loop+0x35/0x90
[  341.562040][ T8847]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  341.567945][ T8847] RIP: 0033:0x7fdf56b80849
[  341.572377][ T8847] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  341.592004][ T8847] RSP: 002b:00007fdf549f6058 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  341.600442][ T8847] RAX: ffffffffffffffda RBX: 00007fdf56d46160 RCX: 00007fdf56b80849
[  341.608434][ T8847] RDX: 0000000020000080 RSI: 00000000200000c0 RDI: 0000000000000000
[  341.616422][ T8847] RBP: 00007fdf549f60a0 R08: 0000000020000900 R09: 0000000000000000
[  341.624408][ T8847] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  341.632398][ T8847] R13: 0000000000000000 R14: 00007fdf56d46160 R15: 00007ffcfa3da7b8
[  341.640405][ T8847]  </TASK>
[  342.520061][ T7525] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  342.530430][ T7525] usb 3-1: config 0 interface 0 altsetting 129 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  342.541603][ T7525] usb 3-1: config 0 interface 0 altsetting 129 endpoint 0x81 has invalid wMaxPacketSize 0
[  342.551609][ T7525] usb 3-1: config 0 interface 0 has no altsetting 0
[  342.615068][ T7525] usb 3-1: New USB device found, idVendor=0c12, idProduct=0005, bcdDevice= 0.00
[  342.624266][ T7525] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  342.635905][ T7525] usb 3-1: config 0 descriptor??
[  342.795651][ T8867] FAULT_INJECTION: forcing a failure.
[  342.795651][ T8867] name failslab, interval 1, probability 0, space 0, times 0
[  342.809500][ T8867] CPU: 0 UID: 0 PID: 8867 Comm: syz.1.722 Not tainted 6.12.0-syzkaller-10740-g509f806f7f70 #0
[  342.819796][ T8867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  342.829874][ T8867] Call Trace:
[  342.833243][ T8867]  <TASK>
[  342.836291][ T8867]  dump_stack_lvl+0x241/0x360
[  342.840981][ T8867]  ? __pfx_dump_stack_lvl+0x10/0x10
[  342.846267][ T8867]  ? __pfx__printk+0x10/0x10
[  342.850863][ T8867]  ? fs_reclaim_acquire+0x93/0x130
[  342.855985][ T8867]  ? __pfx___might_resched+0x10/0x10
[  342.861273][ T8867]  ? lockdep_init_map_type+0xa1/0x910
[  342.866649][ T8867]  should_fail_ex+0x3b0/0x4e0
[  342.871338][ T8867]  should_failslab+0xac/0x100
[  342.876020][ T8867]  ? security_inode_alloc+0x37/0x310
[  342.881312][ T8867]  kmem_cache_alloc_noprof+0x70/0x380
[  342.886692][ T8867]  security_inode_alloc+0x37/0x310
[  342.891818][ T8867]  inode_init_always_gfp+0xa0f/0xd90
[  342.897102][ T8867]  ? __pfx_sock_alloc_inode+0x10/0x10
[  342.902489][ T8867]  alloc_inode+0x9f/0x1a0
[  342.906819][ T8867]  do_accept+0x130/0x6d0
[  342.911059][ T8867]  ? __pfx_do_accept+0x10/0x10
[  342.915833][ T8867]  io_accept+0x315/0x920
[  342.920089][ T8867]  ? __pfx_io_accept+0x10/0x10
[  342.924857][ T8867]  ? io_file_get_normal+0x10d/0x310
[  342.930059][ T8867]  io_issue_sqe+0x3e2/0x13d0
[  342.934661][ T8867]  ? __pfx_io_issue_sqe+0x10/0x10
[  342.939695][ T8867]  io_submit_sqes+0xa75/0x1d60
[  342.944481][ T8867]  __se_sys_io_uring_enter+0x2c8/0x31f0
[  342.950032][ T8867]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  342.955922][ T8867]  ? ksys_write+0x22a/0x2b0
[  342.960436][ T8867]  ? __pfx_lock_release+0x10/0x10
[  342.965505][ T8867]  ? vfs_write+0x730/0xd30
[  342.969942][ T8867]  ? __pfx___se_sys_io_uring_enter+0x10/0x10
[  342.975938][ T8867]  ? __mutex_unlock_slowpath+0x21e/0x790
[  342.981603][ T8867]  ? __pfx_vfs_write+0x10/0x10
[  342.986381][ T8867]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  342.992362][ T8867]  ? __fget_files+0x2a/0x410
[  342.996952][ T8867]  ? __fget_files+0x2a/0x410
[  343.001549][ T8867]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  343.007527][ T8867]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  343.013937][ T8867]  ? do_syscall_64+0x100/0x230
[  343.018696][ T8867]  ? __x64_sys_io_uring_enter+0x21/0xf0
[  343.024244][ T8867]  do_syscall_64+0xf3/0x230
[  343.028743][ T8867]  ? clear_bhb_loop+0x35/0x90
[  343.033425][ T8867]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  343.039311][ T8867] RIP: 0033:0x7f90ac380849
[  343.043726][ T8867] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  343.063342][ T8867] RSP: 002b:00007f90ad15d058 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  343.071763][ T8867] RAX: ffffffffffffffda RBX: 00007f90ac545fa0 RCX: 00007f90ac380849
[  343.081211][ T8867] RDX: 0000000000000000 RSI: 0000000000000a3d RDI: 0000000000000004
[  343.089222][ T8867] RBP: 00007f90ad15d0a0 R08: 0000000000000000 R09: 0000000000000000
[  343.097204][ T8867] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  343.105181][ T8867] R13: 0000000000000000 R14: 00007f90ac545fa0 R15: 00007fffb5a302d8
[  343.113183][ T8867]  </TASK>
[  343.116372][    C0] vkms_vblank_simulate: vblank timer overrun
[  343.409924][ T7525] usbhid 3-1:0.0: can't add hid device: -71
[  343.416449][ T7525] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  343.469613][ T7525] usb 3-1: USB disconnect, device number 33
[  344.062426][ T8887] sch_tbf: burst 274 is lower than device lo mtu (65550) !
[  344.210861][ T8890] netlink: 'syz.0.725': attribute type 21 has an invalid length.
[  344.218756][ T8890] netlink: 156 bytes leftover after parsing attributes in process `syz.0.725'.
[  344.231500][ T8892] overlay: ./file0 is not a directory
[  344.479750][ T5894] usb 3-1: new high-speed USB device number 34 using dummy_hcd
[  344.658141][ T5894] usb 3-1: Using ep0 maxpacket: 16
[  344.754606][ T5894] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  344.777382][ T5894] usb 3-1: config 0 has no interfaces?
[  344.789205][ T5894] usb 3-1: New USB device found, idVendor=1a0a, idProduct=0103, bcdDevice=b3.67
[  344.908477][ T5894] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  344.975140][ T5894] usb 3-1: Product: syz
[  345.016816][ T5894] usb 3-1: Manufacturer: syz
[  345.058070][ T5894] usb 3-1: SerialNumber: syz
[  345.085291][ T5894] usb 3-1: config 0 descriptor??
[  345.740206][ T5894] usb 3-1: USB disconnect, device number 34
[  347.645619][ T8929] netlink: 4 bytes leftover after parsing attributes in process `syz.1.740'.
[  347.815274][ T8906] netlink: 24 bytes leftover after parsing attributes in process `syz.3.733'.
[  347.829274][ T8932] netlink: set zone limit has 8 unknown bytes
[  347.841862][ T8906] netlink: 56 bytes leftover after parsing attributes in process `syz.3.733'.
[  348.199329][ T8940] nbd: nbd5 already in use
[  348.243615][ T8940] block nbd5: not configured, cannot reconfigure
[  349.309216][ T8961] 9pnet_virtio: no channels available for device syz
[  349.324056][ T8961] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  349.332251][ T8961] overlayfs: failed to set xattr on upper
[  349.338038][ T8961] overlayfs: ...falling back to redirect_dir=nofollow.
[  349.344992][ T8961] overlayfs: ...falling back to index=off.
[  349.350917][ T8961] overlayfs: ...falling back to uuid=null.
[  349.800245][ T8962] 9pnet_virtio: no channels available for device syz
[  349.912712][ T8967] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on
[  350.203936][ T7525] usb 4-1: new high-speed USB device number 32 using dummy_hcd
[  350.379936][ T7525] usb 4-1: Using ep0 maxpacket: 8
[  350.396795][ T7525] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  350.430098][ T7525] usb 4-1: config 0 has no interface number 0
[  350.440118][ T7525] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  350.471713][ T7525] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  350.500924][ T7525] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  350.530239][ T7525] usb 4-1: config 0 descriptor??
[  350.562611][ T7525] iowarrior 4-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  350.773265][ T7525] usb 4-1: USB disconnect, device number 32
[  350.784502][ T7525] iowarrior 4-1:0.1: I/O-Warror #0 now disconnected
[  378.892683][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  440.335482][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  501.771538][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  506.901637][   T30] INFO: task syz.5.756:8976 blocked for more than 143 seconds.
[  506.909244][   T30]       Not tainted 6.12.0-syzkaller-10740-g509f806f7f70 #0
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  506.949774][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  506.958650][   T30] task:syz.5.756       state:D stack:23480 pid:8976  tgid:8975  ppid:6824   flags:0x00004004
[  506.985092][   T30] Call Trace:
[  506.988421][   T30]  <TASK>
[  507.029425][   T30]  __schedule+0x17fb/0x4be0
[  507.050829][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  507.056885][   T30]  ? __pfx___schedule+0x10/0x10
[  507.101792][   T30]  ? __pfx_lock_release+0x10/0x10
[  507.106890][   T30]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  507.119748][   T30]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  507.126128][   T30]  ? schedule+0x90/0x320
[  507.140779][   T30]  schedule+0x14b/0x320
[  507.144990][   T30]  schedule_preempt_disabled+0x13/0x30
[  507.157621][   T30]  __mutex_lock+0x7e7/0xee0
[  507.163683][   T30]  ? __mutex_lock+0x5ef/0xee0
[  507.168392][   T30]  ? lock_system_sleep+0x60/0xa0
[  507.179455][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  507.186242][   T30]  ? kasan_quarantine_put+0xdc/0x230
[  507.198552][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  507.205231][   T30]  ? resume_store+0x3b1/0x710
[  507.215753][   T30]  lock_system_sleep+0x60/0xa0
[  507.221967][   T30]  resume_store+0x3b6/0x710
[  507.226511][   T30]  ? __pfx_resume_store+0x10/0x10
[  507.238937][   T30]  ? sysfs_kf_write+0x182/0x2a0
[  507.245316][   T30]  ? __pfx_sysfs_kf_write+0x10/0x10
[  507.256379][   T30]  kernfs_fop_write_iter+0x3a0/0x500
[  507.264587][   T30]  iter_file_splice_write+0xbfa/0x1510
[  507.276061][   T30]  ? __pfx_iter_file_splice_write+0x10/0x10
[  507.283442][   T30]  ? rcu_read_lock_any_held+0xb7/0x160
[  507.288956][   T30]  ? __pfx_iter_file_splice_write+0x10/0x10
[  507.300467][   T30]  direct_splice_actor+0x11b/0x220
[  507.305632][   T30]  splice_direct_to_actor+0x586/0xc80
[  507.317066][   T30]  ? __pfx_direct_splice_actor+0x10/0x10
[  507.323051][   T30]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  507.328966][   T30]  ? __fget_files+0x2a/0x410
[  507.339696][   T30]  ? __pfx_lock_release+0x10/0x10
[  507.344770][   T30]  do_splice_direct+0x289/0x3e0
[  507.356325][   T30]  ? __pfx_do_splice_direct+0x10/0x10
[  507.361769][   T30]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  507.367694][   T30]  ? rw_verify_area+0x1c3/0x6f0
[  507.373355][   T30]  do_sendfile+0x564/0x8a0
[  507.377817][   T30]  ? __pfx_do_sendfile+0x10/0x10
[  507.383230][   T30]  ? do_ftruncate+0x4a5/0x580
[  507.387953][   T30]  __se_sys_sendfile64+0x17c/0x1e0
[  507.393516][   T30]  ? __pfx___se_sys_sendfile64+0x10/0x10
[  507.399180][   T30]  ? do_syscall_64+0x100/0x230
[  507.404012][   T30]  ? do_syscall_64+0xb6/0x230
[  507.408703][   T30]  do_syscall_64+0xf3/0x230
[  507.413406][   T30]  ? clear_bhb_loop+0x35/0x90
[  507.418114][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  507.424095][   T30] RIP: 0033:0x7fdf56b80849
[  507.428527][   T30] RSP: 002b:00007fdf578d8058 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  507.437775][   T30] RAX: ffffffffffffffda RBX: 00007fdf56d45fa0 RCX: 00007fdf56b80849
[  507.445808][   T30] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 0000000000000008
[  507.453918][   T30] RBP: 00007fdf56bf3986 R08: 0000000000000000 R09: 0000000000000000
[  507.461986][   T30] R10: 00008000fffffffe R11: 0000000000000246 R12: 0000000000000000
[  507.470379][   T30] R13: 0000000000000000 R14: 00007fdf56d45fa0 R15: 00007ffcfa3da7b8
[  507.478375][   T30]  </TASK>
[  507.481920][   T30] INFO: task syz.5.756:8981 blocked for more than 143 seconds.
[  507.489476][   T30]       Not tainted 6.12.0-syzkaller-10740-g509f806f7f70 #0
[  507.497034][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  507.506678][   T30] task:syz.5.756       state:D stack:27128 pid:8981  tgid:8975  ppid:6824   flags:0x00000004
[  507.516892][   T30] Call Trace:
[  507.520242][   T30]  <TASK>
[  507.523197][   T30]  __schedule+0x17fb/0x4be0
[  507.527730][   T30]  ? __pfx___schedule+0x10/0x10
[  507.532737][   T30]  ? __pfx_lock_release+0x10/0x10
[  507.538307][   T30]  ? _raw_spin_unlock_irqrestore+0x8f/0x140
[  507.544294][   T30]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  507.550284][   T30]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  507.556641][   T30]  ? schedule+0x90/0x320
[  507.560974][   T30]  schedule+0x14b/0x320
[  507.565156][   T30]  schedule_preempt_disabled+0x13/0x30
[  507.571328][   T30]  __mutex_lock+0x7e7/0xee0
[  507.575865][   T30]  ? __mutex_lock+0x5ef/0xee0
[  507.580665][   T30]  ? lock_system_sleep+0x60/0xa0
[  507.585616][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  507.590708][   T30]  ? misc_open+0x54/0x340
[  507.595065][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  507.600129][   T30]  ? chrdev_open+0x36e/0x600
[  507.604802][   T30]  lock_system_sleep+0x60/0xa0
[  507.609591][   T30]  ? __pfx_snapshot_open+0x10/0x10
[  507.614808][   T30]  snapshot_open+0x27/0x280
[  507.619322][   T30]  ? __pfx_snapshot_open+0x10/0x10
[  507.624501][   T30]  misc_open+0x2cc/0x340
[  507.628761][   T30]  chrdev_open+0x521/0x600
[  507.633251][   T30]  ? __pfx_chrdev_open+0x10/0x10
[  507.638957][   T30]  ? do_raw_spin_unlock+0x13c/0x8b0
[  507.644361][   T30]  ? __pfx_chrdev_open+0x10/0x10
[  507.649319][   T30]  do_dentry_open+0xbe1/0x1b70
[  507.654201][   T30]  vfs_open+0x3e/0x330
[  507.658286][   T30]  path_openat+0x2c84/0x3590
[  507.662943][   T30]  ? __pfx_path_openat+0x10/0x10
[  507.667903][   T30]  do_filp_open+0x27f/0x4e0
[  507.672486][   T30]  ? __pfx_do_filp_open+0x10/0x10
[  507.677525][   T30]  ? do_raw_spin_lock+0x14f/0x370
[  507.682831][   T30]  do_sys_openat2+0x13e/0x1d0
[  507.687570][   T30]  ? __pfx_do_sys_openat2+0x10/0x10
[  507.692909][   T30]  __x64_sys_openat+0x247/0x2a0
[  507.697794][   T30]  ? __pfx___x64_sys_openat+0x10/0x10
[  507.703231][   T30]  ? exc_page_fault+0x590/0x8b0
[  507.708079][   T30]  ? do_syscall_64+0xb6/0x230
[  507.712804][   T30]  do_syscall_64+0xf3/0x230
[  507.717318][   T30]  ? clear_bhb_loop+0x35/0x90
[  507.722061][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  507.727969][   T30] RIP: 0033:0x7fdf56b80849
[  507.732503][   T30] RSP: 002b:00007fdf578b7058 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  507.741686][   T30] RAX: ffffffffffffffda RBX: 00007fdf56d46080 RCX: 00007fdf56b80849
[  507.749770][   T30] RDX: 0000000000040281 RSI: 0000000020000080 RDI: ffffffffffffff9c
[  507.757765][   T30] RBP: 00007fdf56bf3986 R08: 0000000000000000 R09: 0000000000000000
[  507.765818][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  507.773945][   T30] R13: 0000000000000001 R14: 00007fdf56d46080 R15: 00007ffcfa3da7b8
[  507.782029][   T30]  </TASK>
[  507.785073][   T30] INFO: task syz.0.760:8990 blocked for more than 144 seconds.
[  507.792721][   T30]       Not tainted 6.12.0-syzkaller-10740-g509f806f7f70 #0
[  507.800075][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  507.808751][   T30] task:syz.0.760       state:D stack:26160 pid:8990  tgid:8987  ppid:5841   flags:0x00004004
[  507.819060][   T30] Call Trace:
[  507.822433][   T30]  <TASK>
[  507.825390][   T30]  __schedule+0x17fb/0x4be0
[  507.830034][   T30]  ? __pfx___schedule+0x10/0x10
[  507.834928][   T30]  ? __pfx_lock_release+0x10/0x10
[  507.840017][   T30]  ? _raw_spin_unlock_irqrestore+0x8f/0x140
[  507.846693][   T30]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  507.853380][   T30]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  507.860239][   T30]  ? schedule+0x90/0x320
[  507.864528][   T30]  schedule+0x14b/0x320
[  507.868702][   T30]  schedule_preempt_disabled+0x13/0x30
[  507.874260][   T30]  __mutex_lock+0x7e7/0xee0
[  507.878782][   T30]  ? __mutex_lock+0x5ef/0xee0
[  507.883524][   T30]  ? misc_open+0x54/0x340
[  507.887867][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  507.892994][   T30]  ? preempt_schedule_common+0x84/0xd0
[  507.898473][   T30]  ? preempt_schedule+0xe1/0xf0
[  507.903414][   T30]  ? kobject_get_unless_zero+0x22d/0x330
[  507.909068][   T30]  misc_open+0x54/0x340
[  507.913280][   T30]  chrdev_open+0x521/0x600
[  507.917723][   T30]  ? __pfx_chrdev_open+0x10/0x10
[  507.922729][   T30]  ? do_raw_spin_unlock+0x13c/0x8b0
[  507.927947][   T30]  ? __pfx_chrdev_open+0x10/0x10
[  507.933412][   T30]  do_dentry_open+0xbe1/0x1b70
[  507.938238][   T30]  vfs_open+0x3e/0x330
[  507.942495][   T30]  path_openat+0x2c84/0x3590
[  507.947669][   T30]  ? __pfx_path_openat+0x10/0x10
[  507.952760][   T30]  do_filp_open+0x27f/0x4e0
[  507.957298][   T30]  ? __pfx_do_filp_open+0x10/0x10
[  507.962395][   T30]  ? do_raw_spin_lock+0x14f/0x370
[  507.967500][   T30]  do_sys_openat2+0x13e/0x1d0
[  507.972293][   T30]  ? __pfx_do_sys_openat2+0x10/0x10
[  507.977529][   T30]  __x64_sys_openat+0x247/0x2a0
[  507.982497][   T30]  ? __pfx___x64_sys_openat+0x10/0x10
[  507.987889][   T30]  ? do_syscall_64+0x100/0x230
[  507.992720][   T30]  ? do_syscall_64+0xb6/0x230
[  507.997410][   T30]  do_syscall_64+0xf3/0x230
[  508.001986][   T30]  ? clear_bhb_loop+0x35/0x90
[  508.006681][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  508.012672][   T30] RIP: 0033:0x7fe851f80849
[  508.017100][   T30] RSP: 002b:00007fe852cd9058 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  508.025590][   T30] RAX: ffffffffffffffda RBX: 00007fe852146160 RCX: 00007fe851f80849
[  508.033604][   T30] RDX: 0000000000040241 RSI: 00000000200000c0 RDI: ffffffffffffff9c
[  508.041648][   T30] RBP: 00007fe851ff3986 R08: 0000000000000000 R09: 0000000000000000
[  508.050782][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  508.058777][   T30] R13: 0000000000000000 R14: 00007fe852146160 R15: 00007fff131f46f8
[  508.066855][   T30]  </TASK>
[  508.070985][   T30] INFO: task syz.2.764:9004 blocked for more than 144 seconds.
[  508.078564][   T30]       Not tainted 6.12.0-syzkaller-10740-g509f806f7f70 #0
[  508.086126][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  508.094878][   T30] task:syz.2.764       state:D stack:26192 pid:9004  tgid:8998  ppid:5844   flags:0x00004004
[  508.105274][   T30] Call Trace:
[  508.108563][   T30]  <TASK>
[  508.111586][   T30]  __schedule+0x17fb/0x4be0
[  508.116129][   T30]  ? __pfx___schedule+0x10/0x10
[  508.121321][   T30]  ? __pfx_lock_release+0x10/0x10
[  508.126366][   T30]  ? preempt_count_sub+0x67/0x170
[  508.131502][   T30]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  508.137416][   T30]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  508.143914][   T30]  ? schedule+0x90/0x320
[  508.148180][   T30]  schedule+0x14b/0x320
[  508.153370][   T30]  schedule_preempt_disabled+0x13/0x30
[  508.158855][   T30]  __mutex_lock+0x7e7/0xee0
[  508.163521][   T30]  ? __mutex_lock+0x5ef/0xee0
[  508.168217][   T30]  ? misc_open+0x54/0x340
[  508.172729][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  508.177773][   T30]  ? preempt_schedule_common+0x84/0xd0
[  508.183402][   T30]  ? preempt_schedule+0xe1/0xf0
[  508.188275][   T30]  ? kobject_get_unless_zero+0x22d/0x330
[  508.194018][   T30]  misc_open+0x54/0x340
[  508.198197][   T30]  chrdev_open+0x521/0x600
[  508.202774][   T30]  ? __pfx_chrdev_open+0x10/0x10
[  508.207728][   T30]  ? do_raw_spin_unlock+0x13c/0x8b0
[  508.213022][   T30]  ? __pfx_chrdev_open+0x10/0x10
[  508.217973][   T30]  do_dentry_open+0xbe1/0x1b70
[  508.222936][   T30]  vfs_open+0x3e/0x330
[  508.227038][   T30]  path_openat+0x2c84/0x3590
[  508.231967][   T30]  ? __pfx_path_openat+0x10/0x10
[  508.236943][   T30]  do_filp_open+0x27f/0x4e0
[  508.241602][   T30]  ? __pfx_do_filp_open+0x10/0x10
[  508.246660][   T30]  ? do_raw_spin_lock+0x14f/0x370
[  508.251851][   T30]  do_sys_openat2+0x13e/0x1d0
[  508.257118][   T30]  ? __pfx_do_sys_openat2+0x10/0x10
[  508.262510][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  508.268521][   T30]  __x64_sys_openat+0x247/0x2a0
[  508.273476][   T30]  ? __pfx___x64_sys_openat+0x10/0x10
[  508.278868][   T30]  ? do_syscall_64+0x100/0x230
[  508.283799][   T30]  ? do_syscall_64+0xb6/0x230
[  508.288503][   T30]  do_syscall_64+0xf3/0x230
[  508.293153][   T30]  ? clear_bhb_loop+0x35/0x90
[  508.297855][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  508.303890][   T30] RIP: 0033:0x7f8ba4580849
[  508.308318][   T30] RSP: 002b:00007f8ba23d5058 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  508.316850][   T30] RAX: ffffffffffffffda RBX: 00007f8ba4746160 RCX: 00007f8ba4580849
[  508.324948][   T30] RDX: 0000000000000000 RSI: 0000000020000100 RDI: ffffffffffffff9c
[  508.332987][   T30] RBP: 00007f8ba45f3986 R08: 0000000000000000 R09: 0000000000000000
[  508.341312][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  508.349302][   T30] R13: 0000000000000000 R14: 00007f8ba4746160 R15: 00007ffe108e2d28
[  508.358093][   T30]  </TASK>
[  508.361297][   T30] INFO: task syz.3.765:9007 blocked for more than 144 seconds.
[  508.368872][   T30]       Not tainted 6.12.0-syzkaller-10740-g509f806f7f70 #0
[  508.376232][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  508.385072][   T30] task:syz.3.765       state:D stack:23184 pid:9007  tgid:9006  ppid:5843   flags:0x00000004
[  508.395393][   T30] Call Trace:
[  508.398686][   T30]  <TASK>
[  508.401791][   T30]  __schedule+0x17fb/0x4be0
[  508.406336][   T30]  ? __pfx___schedule+0x10/0x10
[  508.411356][   T30]  ? __pfx_lock_release+0x10/0x10
[  508.416403][   T30]  ? _raw_spin_unlock_irqrestore+0x8f/0x140
[  508.422445][   T30]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  508.428361][   T30]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  508.434815][   T30]  ? schedule+0x90/0x320
[  508.439081][   T30]  schedule+0x14b/0x320
[  508.443404][   T30]  schedule_preempt_disabled+0x13/0x30
[  508.448886][   T30]  __mutex_lock+0x7e7/0xee0
[  508.453636][   T30]  ? __mutex_lock+0x5ef/0xee0
[  508.458971][   T30]  ? misc_open+0x54/0x340
[  508.463479][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  508.468524][   T30]  ? chrdev_open+0xfb/0x600
[  508.473148][   T30]  ? kobject_get_unless_zero+0x22d/0x330
[  508.478803][   T30]  misc_open+0x54/0x340
[  508.483128][   T30]  chrdev_open+0x521/0x600
[  508.487564][   T30]  ? __pfx_chrdev_open+0x10/0x10
[  508.493058][   T30]  ? do_raw_spin_unlock+0x13c/0x8b0
[  508.498289][   T30]  ? __pfx_chrdev_open+0x10/0x10
[  508.503389][   T30]  do_dentry_open+0xbe1/0x1b70
[  508.508198][   T30]  vfs_open+0x3e/0x330
[  508.512426][   T30]  path_openat+0x2c84/0x3590
[  508.517054][   T30]  ? __pfx_path_openat+0x10/0x10
[  508.522151][   T30]  do_filp_open+0x27f/0x4e0
[  508.526679][   T30]  ? __pfx_do_filp_open+0x10/0x10
[  508.531768][   T30]  ? do_raw_spin_lock+0x14f/0x370
[  508.536830][   T30]  do_sys_openat2+0x13e/0x1d0
[  508.541675][   T30]  ? __pfx_do_sys_openat2+0x10/0x10
[  508.546899][   T30]  __x64_sys_openat+0x247/0x2a0
[  508.551865][   T30]  ? __pfx___x64_sys_openat+0x10/0x10
[  508.557259][   T30]  ? exc_page_fault+0x590/0x8b0
[  508.563156][   T30]  ? do_syscall_64+0xb6/0x230
[  508.567864][   T30]  do_syscall_64+0xf3/0x230
[  508.572494][   T30]  ? clear_bhb_loop+0x35/0x90
[  508.577194][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  508.583226][   T30] RIP: 0033:0x7f04e2d7f1b0
[  508.587654][   T30] RSP: 002b:00007f04e3bb2f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  508.596202][   T30] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f04e2d7f1b0
[  508.604289][   T30] RDX: 0000000000000002 RSI: 00007f04e2df371c RDI: 00000000ffffff9c
[  508.612322][   T30] RBP: 00007f04e2df371c R08: 0000000000000000 R09: 0000000000000000
[  508.620453][   T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  508.628451][   T30] R13: 0000000000000024 R14: 0000000020000600 R15: 00007ffefc1c90d8
[  508.636564][   T30]  </TASK>
[  508.639815][   T30] INFO: task syz.1.766:9009 blocked for more than 145 seconds.
[  508.647385][   T30]       Not tainted 6.12.0-syzkaller-10740-g509f806f7f70 #0
[  508.654759][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  508.664098][   T30] task:syz.1.766       state:D stack:23792 pid:9009  tgid:9008  ppid:5840   flags:0x00000204
[  508.674566][   T30] Call Trace:
[  508.677869][   T30]  <TASK>
[  508.680947][   T30]  __schedule+0x17fb/0x4be0
[  508.685488][   T30]  ? __pfx___schedule+0x10/0x10
[  508.690422][   T30]  ? __pfx_lock_release+0x10/0x10
[  508.695479][   T30]  ? _raw_spin_unlock_irqrestore+0x8f/0x140
[  508.701525][   T30]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  508.707454][   T30]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  508.713904][   T30]  ? schedule+0x90/0x320
[  508.718172][   T30]  schedule+0x14b/0x320
[  508.722493][   T30]  schedule_preempt_disabled+0x13/0x30
[  508.727966][   T30]  __mutex_lock+0x7e7/0xee0
[  508.732560][   T30]  ? __mutex_lock+0x5ef/0xee0
[  508.737258][   T30]  ? misc_open+0x54/0x340
[  508.741772][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  508.746819][   T30]  ? chrdev_open+0xfb/0x600
[  508.751436][   T30]  ? kobject_get_unless_zero+0x22d/0x330
[  508.757087][   T30]  misc_open+0x54/0x340
[  508.761412][   T30]  chrdev_open+0x521/0x600
[  508.766564][   T30]  ? __pfx_chrdev_open+0x10/0x10
[  508.771602][   T30]  ? do_raw_spin_unlock+0x13c/0x8b0
[  508.776837][   T30]  ? __pfx_chrdev_open+0x10/0x10
[  508.782089][   T30]  do_dentry_open+0xbe1/0x1b70
[  508.786885][   T30]  vfs_open+0x3e/0x330
[  508.791060][   T30]  path_openat+0x2c84/0x3590
[  508.795683][   T30]  ? __pfx_path_openat+0x10/0x10
[  508.800852][   T30]  do_filp_open+0x27f/0x4e0
[  508.805377][   T30]  ? __pfx_do_filp_open+0x10/0x10
[  508.815100][   T30]  ? do_raw_spin_lock+0x14f/0x370
[  508.820559][   T30]  do_sys_openat2+0x13e/0x1d0
[  508.825278][   T30]  ? __pfx_do_sys_openat2+0x10/0x10
[  508.830612][   T30]  __x64_sys_openat+0x247/0x2a0
[  508.835483][   T30]  ? __pfx___x64_sys_openat+0x10/0x10
[  508.841045][   T30]  ? do_syscall_64+0x100/0x230
[  508.845826][   T30]  ? do_syscall_64+0xb6/0x230
[  508.850605][   T30]  do_syscall_64+0xf3/0x230
[  508.855128][   T30]  ? clear_bhb_loop+0x35/0x90
[  508.859976][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  508.865896][   T30] RIP: 0033:0x7f90ac380849
[  508.871110][   T30] RSP: 002b:00007f90ad15d058 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  508.879558][   T30] RAX: ffffffffffffffda RBX: 00007f90ac545fa0 RCX: 00007f90ac380849
[  508.887687][   T30] RDX: 0000000000000602 RSI: 00000000200000c0 RDI: ffffffffffffff9c
[  508.896144][   T30] RBP: 00007f90ac3f3986 R08: 0000000000000000 R09: 0000000000000000
[  508.904422][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  508.912521][   T30] R13: 0000000000000000 R14: 00007f90ac545fa0 R15: 00007fffb5a302d8
[  508.920680][   T30]  </TASK>
[  508.923736][   T30] 
[  508.923736][   T30] Showing all locks held in the system:
[  508.931527][   T30] 1 lock held by khungtaskd/30:
[  508.936398][   T30]  #0: ffffffff8e93c560 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x55/0x2a0
[  508.946479][   T30] 1 lock held by klogd/5206:
[  508.951130][   T30]  #0: ffff8880b873e758 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140
[  508.961233][   T30] 2 locks held by getty/5604:
[  508.965925][   T30]  #0: ffff88814d4330a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  508.976551][   T30]  #1: ffffc900032fb2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x6a6/0x1e00
[  508.986958][   T30] 5 locks held by syz.4.161/6648:
[  508.992141][   T30]  #0: ffff888025bc70b8 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x254/0x320
[  509.001591][   T30]  #1: ffff888035490420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x225/0xd30
[  509.010889][   T30]  #2: ffff88804f2da888 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x1ea/0x500
[  509.021179][   T30]  #3: ffff888140ed7788 (kn->active#60){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20e/0x500
[  509.031315][   T30]  #4: ffffffff8e7ef5c8 (system_transition_mutex){+.+.}-{4:4}, at: software_resume+0x45/0x3d0
[  509.041793][   T30] 5 locks held by kworker/u8:13/7890:
[  509.047184][   T30]  #0: ffff8880b873e758 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140
[  509.057187][   T30]  #1: ffff8880b8728948 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x387/0x7a0
[  509.068740][   T30]  #2: ffffffff9a6071a8 (&obj_hash[i].lock){-.-.}-{2:2}, at: debug_object_deactivate+0x158/0x390
[  509.080132][   T30]  #3: ffffffff9a6a1d38 (&obj_hash[i].lock){-.-.}-{2:2}, at: debug_object_activate+0x17f/0x580
[  509.090623][   T30]  #4: ffffffff9a67ef80 (&obj_hash[i].lock){-.-.}-{2:2}, at: debug_check_no_obj_freed+0x234/0x580
[  509.101389][   T30] 4 locks held by syz.5.756/8976:
[  509.106404][   T30]  #0: ffff888035490420 (sb_writers#8){.+.+}-{0:0}, at: direct_splice_actor+0x49/0x220
[  509.116299][   T30]  #1: ffff88804f676088 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x1ea/0x500
[  509.126214][   T30]  #2: ffff888140ed7788 (kn->active#60){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20e/0x500
[  509.136366][   T30]  #3: ffffffff8e7ef5c8 (system_transition_mutex){+.+.}-{4:4}, at: lock_system_sleep+0x60/0xa0
[  509.146877][   T30] 2 locks held by syz.5.756/8981:
[  509.151952][   T30]  #0: ffffffff8f18d5c8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x54/0x340
[  509.160596][   T30]  #1: ffffffff8e7ef5c8 (system_transition_mutex){+.+.}-{4:4}, at: lock_system_sleep+0x60/0xa0
[  509.171080][   T30] 1 lock held by syz.0.760/8990:
[  509.176760][   T30]  #0: ffffffff8f18d5c8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x54/0x340
[  509.185417][   T30] 1 lock held by syz.2.764/9004:
[  509.190384][   T30]  #0: ffffffff8f18d5c8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x54/0x340
[  509.198825][   T30] 1 lock held by syz.3.765/9007:
[  509.203907][   T30]  #0: ffffffff8f18d5c8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x54/0x340
[  509.212570][   T30] 1 lock held by syz.1.766/9009:
[  509.217514][   T30]  #0: ffffffff8f18d5c8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x54/0x340
[  509.226295][   T30] 1 lock held by syz-executor/9013:
[  509.231545][   T30]  #0: ffffffff8f18d5c8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x54/0x340
[  509.240163][   T30] 1 lock held by syz-executor/9015:
[  509.245367][   T30]  #0: ffffffff8f18d5c8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x54/0x340
[  509.253879][   T30] 1 lock held by syz-executor/9017:
[  509.259085][   T30]  #0: ffffffff8f18d5c8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x54/0x340
[  509.267689][   T30] 1 lock held by syz-executor/9019:
[  509.272954][   T30]  #0: ffffffff8f18d5c8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x54/0x340
[  509.282219][   T30] 1 lock held by syz-executor/9021:
[  509.287442][   T30]  #0: ffffffff8f18d5c8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x54/0x340
[  509.295949][   T30] 1 lock held by syz-executor/9027:
[  509.301299][   T30]  #0: ffffffff8f18d5c8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x54/0x340
[  509.309915][   T30] 1 lock held by syz-executor/9029:
[  509.315131][   T30]  #0: ffffffff8f18d5c8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x54/0x340
[  509.323805][   T30] 1 lock held by syz-executor/9031:
[  509.329011][   T30]  #0: ffffffff8f18d5c8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x54/0x340
[  509.337678][   T30] 1 lock held by syz-executor/9033:
[  509.342983][   T30]  #0: ffffffff8f18d5c8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x54/0x340
[  509.351525][   T30] 1 lock held by syz-executor/9035:
[  509.356729][   T30]  #0: ffffffff8f18d5c8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x54/0x340
[  509.365316][   T30] 1 lock held by syz-executor/9039:
[  509.370589][   T30]  #0: ffffffff8f18d5c8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x54/0x340
[  509.379969][   T30] 1 lock held by syz-executor/9041:
[  509.385191][   T30]  #0: ffffffff8f18d5c8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x54/0x340
[  509.393714][   T30] 1 lock held by syz-executor/9043:
[  509.398896][   T30]  #0: ffffffff8f18d5c8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x54/0x340
[  509.407542][   T30] 1 lock held by syz-executor/9045:
[  509.412830][   T30]  #0: ffffffff8f18d5c8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x54/0x340
[  509.421472][   T30] 1 lock held by syz-executor/9047:
[  509.426681][   T30]  #0: ffffffff8f18d5c8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x54/0x340
[  509.435258][   T30] 
[  509.437601][   T30] =============================================
[  509.437601][   T30] 
[  509.446331][   T30] NMI backtrace for cpu 0
[  509.450673][   T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-syzkaller-10740-g509f806f7f70 #0
[  509.460818][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  509.470868][   T30] Call Trace:
[  509.474141][   T30]  <TASK>
[  509.477067][   T30]  dump_stack_lvl+0x241/0x360
[  509.481756][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  509.486961][   T30]  ? __pfx__printk+0x10/0x10
[  509.491562][   T30]  nmi_cpu_backtrace+0x49c/0x4d0
[  509.496506][   T30]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  509.501969][   T30]  ? _printk+0xd5/0x120
[  509.506126][   T30]  ? __pfx__printk+0x10/0x10
[  509.510715][   T30]  ? __wake_up_klogd+0xcc/0x110
[  509.515569][   T30]  ? __pfx__printk+0x10/0x10
[  509.520161][   T30]  ? __rcu_read_unlock+0xa1/0x110
[  509.525185][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  509.531164][   T30]  nmi_trigger_cpumask_backtrace+0x198/0x320
[  509.537143][   T30]  watchdog+0xff6/0x1040
[  509.541383][   T30]  ? watchdog+0x1ea/0x1040
[  509.545797][   T30]  ? __pfx_watchdog+0x10/0x10
[  509.550470][   T30]  kthread+0x2f0/0x390
[  509.554537][   T30]  ? __pfx_watchdog+0x10/0x10
[  509.559212][   T30]  ? __pfx_kthread+0x10/0x10
[  509.563800][   T30]  ret_from_fork+0x4b/0x80
[  509.568212][   T30]  ? __pfx_kthread+0x10/0x10
[  509.572797][   T30]  ret_from_fork_asm+0x1a/0x30
[  509.577571][   T30]  </TASK>
[  509.581514][   T30] Sending NMI from CPU 0 to CPUs 1:
[  509.587483][    C1] NMI backtrace for cpu 1
[  509.587499][    C1] CPU: 1 UID: 0 PID: 1107 Comm: kworker/u8:7 Not tainted 6.12.0-syzkaller-10740-g509f806f7f70 #0
[  509.587518][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  509.587529][    C1] Workqueue: bat_events batadv_nc_worker
[  509.587553][    C1] RIP: 0010:__lock_acquire+0x572/0x2100
[  509.587573][    C1] Code: c7 20 d8 0a 8c 48 c7 c6 20 db 0a 8c e8 57 62 e5 ff 48 ba 00 00 00 00 00 fc ff df 90 0f 0b 90 90 90 31 db 48 81 c3 c4 00 00 00 <48> 89 d8 48 c1 e8 03 0f b6 04 10 84 c0 0f 85 f8 12 00 00 0f b6 2b
[  509.587587][    C1] RSP: 0018:ffffc90003f9f8f0 EFLAGS: 00000086
[  509.587601][    C1] RAX: 00000000000019c8 RBX: ffffffff93c681cc RCX: ffffffff8171258c
[  509.587613][    C1] RDX: dffffc0000000000 RSI: 0000000000000008 RDI: ffffffff942ee880
[  509.587625][    C1] RBP: 0000000000020021 R08: ffffffff942ee887 R09: 1ffffffff285dd10
[  509.587637][    C1] R10: dffffc0000000000 R11: fffffbfff285dd11 R12: ffff88802750e4c4
[  509.587650][    C1] R13: 000000000000000a R14: 1ffff11004ea1caa R15: ffff88802750e550
[  509.587662][    C1] FS:  0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[  509.587676][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  509.587687][    C1] CR2: 000055e71a8f3f50 CR3: 000000000e738000 CR4: 00000000003526f0
[  509.587703][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  509.587712][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  509.587722][    C1] Call Trace:
[  509.587728][    C1]  <NMI>
[  509.587736][    C1]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[  509.587755][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  509.587772][    C1]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  509.587797][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  509.587820][    C1]  ? nmi_handle+0x14f/0x5a0
[  509.587837][    C1]  ? nmi_handle+0x2a/0x5a0
[  509.587854][    C1]  ? __lock_acquire+0x572/0x2100
[  509.587870][    C1]  ? default_do_nmi+0x63/0x160
[  509.587890][    C1]  ? exc_nmi+0x123/0x1f0
[  509.587908][    C1]  ? end_repeat_nmi+0xf/0x53
[  509.587929][    C1]  ? __lock_acquire+0x4ac/0x2100
[  509.587946][    C1]  ? __lock_acquire+0x572/0x2100
[  509.587962][    C1]  ? __lock_acquire+0x572/0x2100
[  509.587979][    C1]  ? __lock_acquire+0x572/0x2100
[  509.587995][    C1]  </NMI>
[  509.588000][    C1]  <TASK>
[  509.588012][    C1]  lock_acquire+0x1ed/0x550
[  509.588027][    C1]  ? batadv_nc_worker+0xcb/0x610
[  509.588047][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  509.588063][    C1]  ? batadv_nc_worker+0xcb/0x610
[  509.588080][    C1]  ? __pfx_lock_release+0x10/0x10
[  509.588098][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  509.588118][    C1]  batadv_nc_worker+0xec/0x610
[  509.588134][    C1]  ? batadv_nc_worker+0xcb/0x610
[  509.588150][    C1]  ? batadv_nc_worker+0xcb/0x610
[  509.588167][    C1]  ? process_scheduled_works+0x976/0x1840
[  509.588191][    C1]  process_scheduled_works+0xa66/0x1840
[  509.588223][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[  509.588249][    C1]  ? assign_work+0x364/0x3d0
[  509.588278][    C1]  worker_thread+0x870/0xd30
[  509.588298][    C1]  ? __kthread_parkme+0x169/0x1d0
[  509.588315][    C1]  ? __pfx_worker_thread+0x10/0x10
[  509.588329][    C1]  kthread+0x2f0/0x390
[  509.588345][    C1]  ? __pfx_worker_thread+0x10/0x10
[  509.588360][    C1]  ? __pfx_kthread+0x10/0x10
[  509.588377][    C1]  ret_from_fork+0x4b/0x80
[  509.588392][    C1]  ? __pfx_kthread+0x10/0x10
[  509.588409][    C1]  ret_from_fork_asm+0x1a/0x30
[  509.588435][    C1]  </TASK>
[  509.589592][   T30] Kernel panic - not syncing: hung_task: blocked tasks
[  509.928738][   T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-syzkaller-10740-g509f806f7f70 #0
[  509.938903][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  509.948957][   T30] Call Trace:
[  509.952240][   T30]  <TASK>
[  509.955174][   T30]  dump_stack_lvl+0x241/0x360
[  509.959855][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  509.965046][   T30]  ? __pfx__printk+0x10/0x10
[  509.969633][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  509.975622][   T30]  ? vscnprintf+0x5d/0x90
[  509.979947][   T30]  panic+0x349/0x880
[  509.983843][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  509.990028][   T30]  ? __pfx_panic+0x10/0x10
[  509.994447][   T30]  ? tick_nohz_tick_stopped+0x82/0xb0
[  509.999830][   T30]  ? __irq_work_queue_local+0x137/0x410
[  510.005381][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[  510.010759][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  510.016905][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d4/0x320
[  510.023054][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d9/0x320
[  510.029206][   T30]  watchdog+0x1035/0x1040
[  510.033534][   T30]  ? watchdog+0x1ea/0x1040
[  510.037949][   T30]  ? __pfx_watchdog+0x10/0x10
[  510.042623][   T30]  kthread+0x2f0/0x390
[  510.046698][   T30]  ? __pfx_watchdog+0x10/0x10
[  510.051371][   T30]  ? __pfx_kthread+0x10/0x10
[  510.055954][   T30]  ret_from_fork+0x4b/0x80
[  510.060364][   T30]  ? __pfx_kthread+0x10/0x10
[  510.064950][   T30]  ret_from_fork_asm+0x1a/0x30
[  510.069720][   T30]  </TASK>
[  510.072990][   T30] Kernel Offset: disabled
[  510.077332][   T30] Rebooting in 86400 seconds..