last executing test programs:

3m41.509830116s ago: executing program 2 (id=3):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_VFIO_CHECK_EXTENSION(r0, 0x3b65, 0x4)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000280)='contention_end\x00', r2}, 0x18)
r3 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_ADD_MFC_PROXY(r3, 0x29, 0xd2, &(0x7f0000000600)={{0xa, 0x0, 0x2, @local}, {0xa, 0xfffd, 0x0, @empty}, 0x1, {[0x0, 0x1]}}, 0x5c)
setsockopt$MRT6_ADD_MFC_PROXY(r3, 0x29, 0xd3, &(0x7f00000000c0)={{0xa, 0x0, 0x0, @local}, {0xa, 0x0, 0x0, @empty}, 0x1, {[0x0, 0x0, 0x0, 0x0, 0x0, 0xe3]}}, 0x5c)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000440)={0x14, 0x2, 0x6, 0x201, 0x0, 0x0, {0x0, 0x0, 0x2}}, 0x14}}, 0x0)
syz_open_procfs(0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$BPF_PROG_QUERY(0x10, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
shmat(0x0, &(0x7f0000ffd000/0x2000)=nil, 0x4000)
mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0xfffffffffffffffd, 0x0)
mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
sendto$inet6(r5, 0x0, 0x0, 0x20004041, 0x0, 0x0)
connect$inet6(r5, &(0x7f0000000080)={0xa, 0x800, 0x0, @dev={0xfe, 0x80, '\x00', 0x19}, 0x7}, 0x1c)
syz_open_procfs(0x0, &(0x7f0000000000)='smaps\x00')
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000000000000000000400000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x90}, 0x0)
sendmsg$NFT_BATCH(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000500000ac4010000060a0b040000000000000000020000004c000480340001800b000100746172676574000024000280090001004d41524b000000000c00030002b51112d439c5920800024000000002140001800b0001006c6f6f6b75700000040002800900010073797a30000000000900020073797a3200000000f70007404884b24b02a8a7758a688958ed60ecfd057e10926ba77e5596b13e43cd4488e4aa68af5f7236ec205b6e4cac2a0d86c336bf07dbe861f4f57bcef92dcf818d532d4475b5daa4dadc1690f228e860bba5a0b5d9bde86862e8f7fc08f0debd4974c6fae7d737a0007ec948ac4d8714ebff6b25648fb910e0d6d07f023cf5fa4051627b9c5b69e265538f9ba683bf172a5ff815afa543c12e550a1bcc9287080c7c12cc89d216c56febb0b06134672ea6b0077c846396169475f271319988f49ec94f2996e5d0e1cb151fb223e556f10fb681d068e055eb34e5f8fc7a524ffe5f4632a6c74ad0fe0b1542497d76a5a4416c47805e001c0005800800014008000008080002"], 0x1ec}}, 0x0)

3m39.942131923s ago: executing program 2 (id=6):
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, 0x0, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000000200), 0x0, 0x1000, 0x3f2f0fde)
syz_open_dev$sndctrl(0x0, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x84042, 0x0)
ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f0000000080)={0x0, 0x4, 0x20a})
setpriority(0x2, 0x0, 0x456)

3m37.959276143s ago: executing program 2 (id=9):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
r3 = accept4$tipc(0xffffffffffffffff, &(0x7f00000001c0), &(0x7f0000000240)=0x10, 0x0)
connect$tipc(r3, &(0x7f00000002c0)=@name={0x1e, 0x2, 0x1, {{0x2, 0x3}, 0x3}}, 0x10)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b00"/14], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x2d)
r6 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r6, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040)='c:::\x00\xfdM\xab\x89\xff\xda\xc7dw2\xa1\xb2\xabuQQ\x14\x97\xc9\xfae\xc7\xa1U\xe2\xbe\"\xb9t\xa0\x0e\xfa\xdb\xf1\xa5.\xd87\xc3p\xa5l\xf8vC\xe2\xe8 \xd5-<#\x186\xe1\xbd\xc0\xc3\xb5N(vj\xa7+<:\xc4\xe00\x01\xdd \x82\x83\xed\x0e\xc4\x1d\xac\xef7\b\xd3Z5\\A\'\x18\xa2\xc3\xab\xc7`\xc3\v\xf3L\x9d[Q\x9e\x11@=\xa1\x9b\xdc\xb1\xef\xc3k<\x97L\xa0\xab\xa6\x1ce\xcd\x99\xb3m\xef\x87\xc5i^N\xbd@\x01\xc0\xb2\x88\xc3\xe2\x96T\xa3\xa5\xeb\x0f\xf2f\xb9$\xd2\x14<L\x19K\xbf\xf7\x9c\xe7 \x12+4.\xa9\xa7\xdc[\xd2\xec\xbe\x1a\xa1\x04\xd3\x9e\x92\x8a\xf7\xdb\xe7f\xdeo\xc1\xa5\xb6T\r)\x1c\xbe\x12\xd1\xef\xc2S\xcci\xc8\x0e\x00]\xe6|\xccK\xc7\r\xfa \x02\xe8\x1b\xc1\x93\xce\x02%\x86\xcb\x94K\v\xe7x\xe3\x06[/\xf9\xa8\x82\x9b\xeeF\x88\xc0f\x82\xb7T\r\x04\xbb\x10\x1d3\xa6', 0x0)
shmget$private(0x0, 0x1000, 0x4, &(0x7f0000cac000/0x1000)=nil)
fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0)
r7 = gettid()
r8 = fsmount(r6, 0x0, 0x0)
tkill(r7, 0xb)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mount(&(0x7f0000000100)=@nullb, &(0x7f0000000040)='.\x00', &(0x7f0000000300)='msdos\x00', 0x5, 0x0)
mmap$xdp(&(0x7f000097f000/0x1000)=nil, 0x1000, 0x6, 0x10, r8, 0x100000000)
r9 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r9, 0xc0d05605, &(0x7f00000000c0)={0x1, @pix={0x9, 0x8, 0x47524247, 0x3, 0x6, 0x2, 0x6, 0xa6e, 0x0, 0x4, 0x1, 0x5}})
syz_open_dev$vim2m(0x0, 0x3, 0x2)
prctl$PR_SET_MM_AUXV(0x23, 0xc, 0x0, 0x1a0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000000)={0x2, @pix_mp={0x4, 0x0, 0x33565348, 0x0, 0xa, [{0x1000, 0x7fff}, {0x83, 0x8}, {0x2, 0x9}, {0x7, 0xaed}, {0x8, 0x3}, {0xf0000000, 0x80000001}, {0x4, 0x8}, {0xa2, 0xfffffffe}], 0x3, 0xe, 0x7}})

3m37.670863015s ago: executing program 4 (id=5):
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="48000000100001040100"/20, @ANYRES32=0x0, @ANYBLOB="ffef000040000000140012800b0001006970366772650000040002801400030069703667726530"], 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x181)
syz_clone3(&(0x7f0000000e80)={0x104410000, 0x0, 0x0, 0x0, {0x17}, 0x0, 0x0, 0x0, &(0x7f0000000e40)=[0x0], 0x1}, 0x58)
rmdir(&(0x7f0000000000)='./file0\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0)
open_tree(r1, &(0x7f0000000280)='\x00', 0x89901)
r2 = signalfd(0xffffffffffffffff, 0x0, 0x0)
mkdir(&(0x7f0000000140)='./control\x00', 0x0)
close(r2)
socket$nl_xfrm(0x10, 0x3, 0x6)
inotify_init1(0x800)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x5, 0x449b}, 0x0)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000400)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r4 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x1000002, 0x4018831, 0xffffffffffffffff, 0x0)
r5 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r5, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffa000/0x3000)=nil, 0x3000}, 0x1})
syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f0000000000)="1eb3bf65654102f4af4d221c8bd458d1e7cbdaf3657d0f34e790c85bdba7931791f6d15c3e681411f7a496c0dace6a3c242f5b016f64b4ef8a9cedaf6bec340dee49474360b24cb8", 0x0, 0x48)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
fcntl$setstatus(r2, 0x4, 0x2c00)
gettid()
rt_sigtimedwait(&(0x7f0000000040)={[0x40]}, 0x0, 0x0, 0x8)

3m34.875811368s ago: executing program 2 (id=12):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000840)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in, @in6=@private2={0xfc, 0x2, '\x00', 0x1}, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xa0, 0x2e}, {0x0, 0x7, 0x0, 0x0, 0x1ff, 0x2}, {0x200, 0x0, 0x1, 0x4}, 0x0, 0x0, 0x1}}, 0xb8}, 0x1, 0x0, 0x0, 0x20044800}, 0x0)
socket$alg(0x26, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
socket$tipc(0x1e, 0x5, 0x0)
socket$tipc(0x1e, 0x5, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r1 = getpid()
socket$nl_route(0x10, 0x3, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$DRM_IOCTL_MODE_ADDFB(0xffffffffffffffff, 0xc01c64ae, 0x0)
ioctl$UI_SET_EVBIT(0xffffffffffffffff, 0x40045564, 0x13)
bind$bt_hci(0xffffffffffffffff, 0x0, 0x0)
mknod$loop(&(0x7f0000000480)='./file0\x00', 0x6000, 0x0)
lstat(&(0x7f0000000400)='./file0\x00', &(0x7f0000000440))
r4 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r4, 0x7a7, 0x0)
ioctl$IOCTL_VMCI_CTX_SET_CPT_STATE(r4, 0x7b2, 0x0)

3m32.423340027s ago: executing program 2 (id=14):
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_setup(0xd2, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x34f}, &(0x7f00000002c0), 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2, 0x0, 0xfffffffffffffffe}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x48)
getpid()
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000011c0)=[{&(0x7f0000000140)="5c00000011006bcc9e3be35c6e17aa31076b876c1d0000007ea60864160af36514001ac004000003080002000300010004000200eab556a705251e618294ff0051f60a84c9f4d4938037e786a6d0001000000e4509c5bbcd72c6c953", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x300)
r7 = dup(r1)
r8 = syz_open_dev$vim2m(&(0x7f0000000000), 0x47b, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r8, 0xc008561c, &(0x7f0000000100)={0xf0f027, 0x1})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r7, 0x0)
ioctl$SCSI_IOCTL_GET_PCI(r0, 0x5393, &(0x7f0000000000))

3m22.480320739s ago: executing program 32 (id=5):
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="48000000100001040100"/20, @ANYRES32=0x0, @ANYBLOB="ffef000040000000140012800b0001006970366772650000040002801400030069703667726530"], 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x181)
syz_clone3(&(0x7f0000000e80)={0x104410000, 0x0, 0x0, 0x0, {0x17}, 0x0, 0x0, 0x0, &(0x7f0000000e40)=[0x0], 0x1}, 0x58)
rmdir(&(0x7f0000000000)='./file0\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0)
open_tree(r1, &(0x7f0000000280)='\x00', 0x89901)
r2 = signalfd(0xffffffffffffffff, 0x0, 0x0)
mkdir(&(0x7f0000000140)='./control\x00', 0x0)
close(r2)
socket$nl_xfrm(0x10, 0x3, 0x6)
inotify_init1(0x800)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x5, 0x449b}, 0x0)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000400)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r4 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x1000002, 0x4018831, 0xffffffffffffffff, 0x0)
r5 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r5, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffa000/0x3000)=nil, 0x3000}, 0x1})
syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f0000000000)="1eb3bf65654102f4af4d221c8bd458d1e7cbdaf3657d0f34e790c85bdba7931791f6d15c3e681411f7a496c0dace6a3c242f5b016f64b4ef8a9cedaf6bec340dee49474360b24cb8", 0x0, 0x48)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
fcntl$setstatus(r2, 0x4, 0x2c00)
gettid()
rt_sigtimedwait(&(0x7f0000000040)={[0x40]}, 0x0, 0x0, 0x8)

3m16.489246197s ago: executing program 33 (id=14):
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_setup(0xd2, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x34f}, &(0x7f00000002c0), 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2, 0x0, 0xfffffffffffffffe}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x48)
getpid()
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000011c0)=[{&(0x7f0000000140)="5c00000011006bcc9e3be35c6e17aa31076b876c1d0000007ea60864160af36514001ac004000003080002000300010004000200eab556a705251e618294ff0051f60a84c9f4d4938037e786a6d0001000000e4509c5bbcd72c6c953", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x300)
r7 = dup(r1)
r8 = syz_open_dev$vim2m(&(0x7f0000000000), 0x47b, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r8, 0xc008561c, &(0x7f0000000100)={0xf0f027, 0x1})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r7, 0x0)
ioctl$SCSI_IOCTL_GET_PCI(r0, 0x5393, &(0x7f0000000000))

2m31.503695148s ago: executing program 1 (id=127):
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000340)={<r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'pim6reg\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xd0f, 0x70bd2d, 0x20, {0x60, 0x0, 0x0, r2, {}, {0x9, 0xffff}, {0xc, 0x6}}, [@TCA_RATE={0x6, 0x5, {0x80, 0x2}}]}, 0x2c}}, 0x44080)
r3 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
socket$inet6_sctp(0xa, 0x5, 0x84)
r4 = syz_open_dev$ttys(0xc, 0x2, 0x1)
ioctl$TIOCGPKT(r4, 0x40045431, &(0x7f00000001c0))
syz_genetlink_get_family_id$nl80211(0x0, r3)
r5 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r5, &(0x7f00000003c0)={0x18, 0x0, {0x2, @local, 'geneve0\x00'}}, 0x1e)
r6 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r6, &(0x7f0000000080)={0x18, 0x0, {0xfffe, @local, 'geneve0\x00'}}, 0x1e)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
r7 = socket$inet(0x2, 0x3, 0x6)
ioctl$sock_inet_SIOCSARP(r7, 0x8940, &(0x7f0000000180)={{0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x3}}, {0x6, @local}, 0x4a, {0x2, 0x4e23, @private=0xa010101}, 'ip6tnl0\x00'})
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r8 = syz_open_dev$MSR(&(0x7f0000000100), 0x0, 0x0)
read$msr(r8, &(0x7f0000002700)=""/102392, 0x18ff8)
r9 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_SET(r9, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={0x0}, 0x1, 0x0, 0x0, 0x1}, 0x0)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x10)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000140)='devtmpfs\x00', 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000001340)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000200)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})

2m28.971766873s ago: executing program 1 (id=131):
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000340)={<r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'pim6reg\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xd0f, 0x70bd2d, 0x20, {0x60, 0x0, 0x0, r2, {}, {0x9, 0xffff}, {0xc, 0x6}}, [@TCA_RATE={0x6, 0x5, {0x80, 0x2}}]}, 0x2c}}, 0x44080)
r3 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
socket$inet6_sctp(0xa, 0x5, 0x84)
r4 = syz_open_dev$ttys(0xc, 0x2, 0x1)
ioctl$TIOCGPKT(r4, 0x40045431, &(0x7f00000001c0))
syz_genetlink_get_family_id$nl80211(0x0, r3)
r5 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r5, &(0x7f00000003c0)={0x18, 0x0, {0x2, @local, 'geneve0\x00'}}, 0x1e)
r6 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r6, &(0x7f0000000080)={0x18, 0x0, {0xfffe, @local, 'geneve0\x00'}}, 0x1e)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
r7 = socket$inet(0x2, 0x3, 0x6)
ioctl$sock_inet_SIOCSARP(r7, 0x8940, &(0x7f0000000180)={{0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x3}}, {0x6, @local}, 0x4a, {0x2, 0x4e23, @private=0xa010101}, 'ip6tnl0\x00'})
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r8 = syz_open_dev$MSR(&(0x7f0000000100), 0x0, 0x0)
read$msr(r8, &(0x7f0000002700)=""/102392, 0x18ff8)
r9 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_SET(r9, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={0x0}, 0x1, 0x0, 0x0, 0x1}, 0x0)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x10)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000140)='devtmpfs\x00', 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000001340)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000200)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})

2m27.295958649s ago: executing program 1 (id=133):
mkdir(&(0x7f0000000140)='./file1\x00', 0x1a0)
syz_emit_ethernet(0x46, &(0x7f00000009c0)={@link_local, @random="cc5b77f14fdc", @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x10, 0x3a, 0xff, @dev, @mcast2, {[], @ndisc_ra}}}}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000ac0)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0x1, 0xffff}, {0x10}}}, 0x24}}, 0x20000004)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000002c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$unix(r1, &(0x7f0000000d80)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="14000000000000000100000001"], 0x18}, 0x0)
ioctl$BINDER_FREEZE(0xffffffffffffffff, 0x400c620e, &(0x7f0000000440))
recvmmsg(r2, &(0x7f0000001140), 0x700, 0x2, 0x0)
openat$uhid(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x7ff}, 0x0, &(0x7f00000003c0)={0x3ff, 0x20000, 0x0, 0x4000000000000000, 0x0, 0x0, 0x4, 0xfffffffffffffff9}, 0x0, 0x0)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280))
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)

2m25.806655546s ago: executing program 1 (id=135):
r0 = socket$packet(0x11, 0x2, 0x300)
openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=@mpls_delroute={0x1c, 0x18, 0x9, 0x0, 0x0, {0x1c, 0x14, 0x0, 0x0, 0xfe, 0x0, 0x0, 0x8}}, 0x1c}, 0x1, 0x0, 0x0, 0x8080}, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
getsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(0xffffffffffffffff, 0x84, 0x7, 0x0, 0x0)
setsockopt$bt_l2cap_L2CAP_OPTIONS(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000280)={0x7, 0x38b, 0x9, 0x0, 0x0, 0x0, 0x1}, 0xc)
r5 = syz_open_dev$vbi(&(0x7f0000000100), 0x3, 0x2)
ioctl$VIDIOC_ENUMOUTPUT(r5, 0xc0485630, &(0x7f0000000240)={0x6, "5ee0d94a6f1646ef4c87e025f92cdd9affc86859aecc1b4a2ff819ca24d92d0e", 0x1, 0x47b, 0x80, 0x10, 0x8})
r6 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r7 = fcntl$dupfd(r6, 0x0, r6)
write$sndseq(r7, &(0x7f0000000380)=[{0xff, 0x0, 0x3, 0x0, @time={0x977, 0x2}, {}, {0xfe}, @quote={{0xfd, 0x42}, 0x3}}, {0x0, 0x7, 0xff, 0x3, @time={0x8001, 0x8}, {0x8, 0x12}, {}, @addr={0x2a, 0x2}}], 0x38)
ioctl$SYNC_IOC_FILE_INFO(0xffffffffffffffff, 0x40103e05, &(0x7f0000000000)={""/32, 0x0, 0x0, 0x0, 0x0, 0x0})
prctl$PR_SET_PDEATHSIG(0x21, 0x1)
add_key(&(0x7f0000000000)='rxrpc\x00', &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffb)
getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, 0x0, 0x0)

2m23.038812859s ago: executing program 1 (id=140):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
getgid()
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="18000000240001030000000000000000010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000)
recvmmsg(r0, &(0x7f0000002c00)=[{{0x0, 0x0, 0x0}, 0x7}, {{0x0, 0x0, 0x0}, 0x10000}, {{0x0, 0x0, 0x0}, 0x1}, {{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000500)=""/176, 0xb0}, {&(0x7f0000000340)=""/257, 0x101}, {&(0x7f0000001b40)=""/4109, 0x100d}, {&(0x7f00000006c0)=""/229, 0xe5}], 0x4}, 0x6a7bc907}], 0x4, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r1 = syz_io_uring_setup(0x10c, &(0x7f00000000c0)={0x0, 0x6d89, 0x400, 0x40000, 0x115}, &(0x7f0000000400)=<r2=>0x0, &(0x7f0000000040)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000240)=@IORING_OP_CONNECT={0x10, 0x1d, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r1, 0x3529, 0xf7da, 0x2, 0x0, 0x0)
io_uring_register$IORING_REGISTER_SYNC_CANCEL(r1, 0x18, &(0x7f0000000000)={0x0, r1, 0x0, {0x27fffffffffffff, 0x8}, 0x54}, 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
inotify_add_watch(0xffffffffffffffff, 0x0, 0x40000002)
r4 = io_uring_setup(0x27e0, &(0x7f0000000000)={0x0, 0x0, 0x1000, 0x0, 0x1a4})
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r4, 0x1b, 0x20000009, r5)
syz_io_uring_setup(0x5df1, &(0x7f0000000480)={0x0, 0x7985, 0x4, 0x2, 0x300, 0x0, r4}, &(0x7f0000000140), &(0x7f00000001c0))
syz_io_uring_submit(r2, r3, &(0x7f0000000280)=@IORING_OP_MKDIRAT={0x25, 0x60, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0, 0x0, {0x0, r5}})
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x0, @fixed}, &(0x7f0000000040)=0xe, 0x40800)

2m19.900237323s ago: executing program 1 (id=145):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x39, &(0x7f0000000080)=ANY=[@ANYBLOB="00020201"], 0x18)
prctl$PR_SET_TIMERSLACK(0x1d, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=@getqdisc={0x24, 0x26, 0x402, 0x70bd26, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0xe, 0xffe0}, {0xf, 0xfff1}, {0xfff2, 0x4}}}, 0x24}}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000"], 0x0, 0x3fb, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5a3b, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r5=>0x0})
bind$can_j1939(r4, &(0x7f0000000340)={0x1d, r5, 0x0, {0x2, 0x0, 0x6}, 0xfe}, 0x18)
setsockopt$sock_int(r4, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)
sendmsg$inet(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="81b641f1f3843704b6", 0x9}], 0x1}, 0x4048081)
setsockopt$SO_J1939_FILTER(r4, 0x6b, 0x1, &(0x7f00000006c0)=[{0x2, 0x3, {0x1, 0x1, 0x3}, {0x1, 0x0, 0x4}, 0xfe}, {0x2, 0x0, {0x0, 0xff, 0x4}, {0x2}, 0xfe, 0xff}], 0x40)
sendmsg$nl_route_sched(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=@newtfilter={0x24, 0x11, 0x1, 0x70bd28, 0x0, {0x0, 0x0, 0x74, r5, {0xfffd, 0xffeb}, {0x1, 0x1}, {0xfff2, 0x3}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x4012}, 0x850)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000001100)=0x6)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB], 0x1)
ioctl$sock_SIOCGIFCONF(r6, 0x8912, &(0x7f0000000100)=@buf={0xcb, &(0x7f0000000580)="cccd0917a9851bc9ac982dea8c613087593a900003b4146d034a1e5aefd5a7ae1e055a295f95697a75ba811b266e05e2ee70968db49d5e393c8a0f5da8e1a1c74c12ae13278788ffe90d43c6d1917d0155124480fd32bbef8a13184fcc637e8f0edc5748b202550261cf2debea8b130894febbbc6572d555f284790b5339e557020b6c2492aea6d136ba6860b630432dc7d3414447364e32403e6a7e120fc7a0c0bbf5cdd4a410ae30f1b752fa8da87c8f40478c049cdbe8fa4f3b9e995a812ccc3a82ebf6fbf4c5dbf47b"})
mlock2(&(0x7f0000627000/0x3000)=nil, 0x3000, 0x0)
mlock(&(0x7f0000626000/0x5000)=nil, 0x5000)
semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000000)=[0xfff6])

2m4.680172979s ago: executing program 34 (id=145):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x39, &(0x7f0000000080)=ANY=[@ANYBLOB="00020201"], 0x18)
prctl$PR_SET_TIMERSLACK(0x1d, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=@getqdisc={0x24, 0x26, 0x402, 0x70bd26, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0xe, 0xffe0}, {0xf, 0xfff1}, {0xfff2, 0x4}}}, 0x24}}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000"], 0x0, 0x3fb, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5a3b, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r5=>0x0})
bind$can_j1939(r4, &(0x7f0000000340)={0x1d, r5, 0x0, {0x2, 0x0, 0x6}, 0xfe}, 0x18)
setsockopt$sock_int(r4, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)
sendmsg$inet(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="81b641f1f3843704b6", 0x9}], 0x1}, 0x4048081)
setsockopt$SO_J1939_FILTER(r4, 0x6b, 0x1, &(0x7f00000006c0)=[{0x2, 0x3, {0x1, 0x1, 0x3}, {0x1, 0x0, 0x4}, 0xfe}, {0x2, 0x0, {0x0, 0xff, 0x4}, {0x2}, 0xfe, 0xff}], 0x40)
sendmsg$nl_route_sched(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=@newtfilter={0x24, 0x11, 0x1, 0x70bd28, 0x0, {0x0, 0x0, 0x74, r5, {0xfffd, 0xffeb}, {0x1, 0x1}, {0xfff2, 0x3}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x4012}, 0x850)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000001100)=0x6)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB], 0x1)
ioctl$sock_SIOCGIFCONF(r6, 0x8912, &(0x7f0000000100)=@buf={0xcb, &(0x7f0000000580)="cccd0917a9851bc9ac982dea8c613087593a900003b4146d034a1e5aefd5a7ae1e055a295f95697a75ba811b266e05e2ee70968db49d5e393c8a0f5da8e1a1c74c12ae13278788ffe90d43c6d1917d0155124480fd32bbef8a13184fcc637e8f0edc5748b202550261cf2debea8b130894febbbc6572d555f284790b5339e557020b6c2492aea6d136ba6860b630432dc7d3414447364e32403e6a7e120fc7a0c0bbf5cdd4a410ae30f1b752fa8da87c8f40478c049cdbe8fa4f3b9e995a812ccc3a82ebf6fbf4c5dbf47b"})
mlock2(&(0x7f0000627000/0x3000)=nil, 0x3000, 0x0)
mlock(&(0x7f0000626000/0x5000)=nil, 0x5000)
semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000000)=[0xfff6])

25.595863386s ago: executing program 7 (id=398):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x1c1842, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000020000000c"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xd, &(0x7f0000000600)=ANY=[@ANYRES32=r2, @ANYRESHEX=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008fdff7305988eacffb6040000000000008500000001000000850000007d00000095", @ANYRES8=r1, @ANYRES64=r2, @ANYRES64=0x0], &(0x7f0000000240)='syzkaller\x00', 0xce12, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r4)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000003800000038000000030000000100000000000001"], 0x0, 0x53, 0x0, 0x0, 0x5, 0x10000, @value}, 0x28)
syz_init_net_socket$llc(0x1a, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c4159b364a4fd7013f34db173a4fdacf15229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be867a28f09c5877fc2355ecdc9c30dcb2d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff3a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb357b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50265a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3590], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r5}, 0x10)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r6 = getpid()
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r10, 0x1, 0x1a, &(0x7f0000000040)={0x2, &(0x7f0000000140)=[{0x20, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmmsg(r9, &(0x7f0000001c00), 0x0, 0x181)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xe, 0x3, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x80, 0x69, 0x11, 0x8d}, [], {0x95, 0x0, 0x5a5}}, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$packet(0x11, 0x3, 0x300)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)

22.321805284s ago: executing program 7 (id=402):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f00000001c0)={{0x1, 0x1, 0x18, r1, {0x4}}, './file0\x00'})
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xf, &(0x7f0000000400)=ANY=[@ANYRES16=0x0, @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095", @ANYRES64], &(0x7f0000001dc0)='syzkaller\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040)='c:::\x00\xfdM\xab\x89\xff\xda\xc7dw2\xa1\xb2\xabuQQ\x14\x97\xc9\xfae\xc7\xa1U\xe2\xbe\"\xb9t\xa0\x0e\xfa\xdb\xf1\xa5.\xd87\xc3p\xa5l\xf8vC\xe2\xe8 \xd5-<#\x186\xe1\xbd\xc0\xc3\xb5N(vj\xa7+<:\xc4\xe00\x01\xdd \x82\x83\xed\x0e\xc4\x1d\xac\xef7\b\xd3Z5\\A\'\x18\xa2\xc3\xab\xc7`\xc3\v\xf3L\x9d[Q\x9e\x11@=\xa1\x9b\xdc\xb1\xef\xc3k<\x97L\xa0\xab\xa6\x1ce\xcd\x99\xb3m\xef\x87\xc5i^N\xbd@\x01\xc0\xb2\x88\xc3\xe2\x96T\xa3\xa5\xeb\x0f\xf2f\xb9$\xd2\x14<L\x19K\xbf\xf7\x9c\xe7 \x12+4.\xa9\xa7\xdc[\xd2\xec\xbe\x1a\xa1\x04\xd3\x9e\x92\x8a\xf7\xdb\xe7f\xdeo\xc1\xa5\xb6T\r)\x1c\xbe\x12\xd1\xef\xc2S\xcci\xc8\x0e\x00]\xe6|\xccK\xc7\r\xfa \x02\xe8\x1b\xc1\x93\xce\x02%\x86\xcb\x94K\v\xe7x\xe3\x06[/\xf9\xa8\x82\x9b\xeeF\x88\xc0f\x82\xb7T\r\x04\xbb\x10\x1d3\xa6', 0x0)
shmget$private(0x0, 0x1000, 0x4, &(0x7f0000cac000/0x1000)=nil)
r4 = gettid()
fsmount(r3, 0x0, 0x0)
tkill(r4, 0xb)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet6_int(r5, 0x29, 0x11, 0x0, 0x0)
r6 = syz_open_dev$loop(&(0x7f0000000100), 0xf01c, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0)
write$binfmt_elf32(r7, &(0x7f00000006c0)=ANY=[@ANYBLOB="7f454c4607020002040000000000000002003e00fcffff01000038000000fb01000000080000040020000400000044006a5b00000000000000600b000000050000004000000005000000f3ffffff100000000100000003000000fcffffff0180000006000000007d56660ca91f000001000060070000000300000004000000060000e60300000004000000040000430d00000000000000de040000ffffffff080000000600000003000000570800003f491130be9b35140d77253ef9b3f66596ab4a19893ea69029a36a2b5331d5659bbc666e6c1c1488516b94ce7239bccb73e43fd5cad30b35e3c8ad"], 0x2ff)
ioctl$LOOP_CONFIGURE(r6, 0x4c0a, &(0x7f00000002c0)={r7, 0x0, {0x2a00, 0x80010000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1d, "fee8a2ab78fc5e3ed1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00"}})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x6, 0x2010, 0xffffffffffffffff, 0x180000000)
r8 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r8, 0xc0d05605, &(0x7f00000000c0)={0x1, @sdr={0x42474752, 0x89a}})

17.965011299s ago: executing program 3 (id=409):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, &(0x7f0000000000)={0x38, 0x80000000})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000300)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(des3_ede)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000006940)=[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd0}], 0x1, 0x0)
io_submit(0x0, 0x2000000000000225, &(0x7f0000001440)=[&(0x7f0000000200)={0x1000000, 0x0, 0x700000000000000, 0x0, 0xfffb, 0xffffffffffffffff, &(0x7f0000000340), 0x2d}])
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x7, 0x4401b, 0xffffffffffffffff, 0x2b73a000)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="6479eb77275569e31eefdbd3e8cf2c6e2c00"])
fspick(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)

16.622444401s ago: executing program 3 (id=411):
connect$inet(0xffffffffffffffff, 0x0, 0x0)
listen(0xffffffffffffffff, 0x8)
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, 0x0, &(0x7f0000000100))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000400)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mkdirat(0xffffffffffffff9c, &(0x7f00000021c0)='./file0\x00', 0x3a)
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0x12, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000080), 0x101400)
ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r3, 0xc0145401, &(0x7f0000000000)={0xffffffffffffffff, 0x1, 0xd16, 0x3, 0x9})

15.560940393s ago: executing program 3 (id=413):
bind$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x1000088}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_io_uring_setup(0x2ecc, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x8005, 0xab}, &(0x7f0000000300), 0x0)
r1 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000580), 0xffffffffffffffff)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL802154_CMD_NEW_SEC_DEV(r2, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f00000007c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYBLOB="010027bd7000ffdbdf251a00000004002e800c00060001"], 0x24}, 0x1, 0x0, 0x0, 0x20000040}, 0x20000800)
r3 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
setsockopt$IP_VS_SO_SET_DEL(r3, 0x0, 0x484, &(0x7f0000000340)={0x2, @rand_addr=0x64010102, 0x4e20, 0x4, 'none\x00', 0x14, 0xef6, 0x25}, 0x2c)
sendmmsg(r1, &(0x7f0000001380), 0x3fffffffffffeed, 0x0)
connect$vsock_stream(0xffffffffffffffff, &(0x7f00000003c0)={0x28, 0x0, 0xffffffff}, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'wpan0\x00', <r4=>0x0})
sendmsg$NL802154_CMD_GET_INTERFACE(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000480)=ANY=[@ANYBLOB="1c000000", @ANYRES16, @ANYBLOB="01002cbd7000fedbdf250500000008000300", @ANYRES32=r4, @ANYBLOB="588762d6"], 0x1c}, 0x1, 0x0, 0x0, 0x20048054}, 0x0)
ioctl$PPPOEIOCSFWD(0xffffffffffffffff, 0x4008b100, &(0x7f0000000380)={0x18, 0x0, {0x1, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, 'nicvf0\x00'}})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
fcntl$lock(r5, 0x7, &(0x7f0000002000))
fcntl$lock(r5, 0x24, &(0x7f0000000000)={0x1})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_STRSET_GET(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0x28, r7, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_STRSET_HEADER={0x4}, @ETHTOOL_A_STRSET_STRINGSETS={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}]}]}]}, 0x28}}, 0x0)
sendmsg$ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0x20, r7, 0x100, 0x70bd26, 0x25dfdbfd, {}, [@ETHTOOL_A_DEBUG_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x4}]}]}, 0x20}}, 0x20044040)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'wpan0\x00'})

13.748103139s ago: executing program 3 (id=418):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x101842, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000040))
ioctl$PPPIOCSACTIVE(r0, 0x40047459, &(0x7f0000000080)={0xfffffffffffffe43, 0x0})
write$tun(r0, &(0x7f00000004c0)=ANY=[], 0x3a)

13.471317481s ago: executing program 6 (id=419):
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, 0x0)
syz_open_dev$MSR(0x0, 0x400000000000, 0x0)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x4}, &(0x7f0000bbdffc))
r0 = syz_io_uring_setup(0x64e, 0x0, &(0x7f0000000cc0), &(0x7f0000000d00))
sendmmsg(0xffffffffffffffff, &(0x7f0000000300)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="180000000000000010010000"], 0x18, 0x7000000}, 0xf401}], 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f0000000100), 0x0, 0x0)
read$msr(r1, &(0x7f0000002000)=""/102400, 0x19000)
pselect6(0x40, &(0x7f0000000300)={0x8000000000010000, 0xa, 0xa6b, 0x8, 0x3, 0x1, 0xfffffffffffffffe, 0xff}, &(0x7f0000000340)={0x6, 0x9, 0x6, 0x2, 0x4, 0x5, 0xfffffffffffffc01, 0x3}, &(0x7f0000000380)={0x1, 0x100000000, 0x0, 0x419, 0x4, 0x9, 0x9e7, 0x8000000000000001}, &(0x7f00000003c0)={0x0, 0x3938700}, &(0x7f0000000480)={0x0})
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50)
r2 = socket$inet6(0xa, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'sit0\x00', <r3=>0x0})
ioctl$sock_inet6_SIOCSIFDSTADDR(r2, 0x8918, &(0x7f0000000080)={@loopback={0x0, 0xff00}, 0x0, r3})
syz_io_uring_setup(0x2a61, &(0x7f0000000380)={0x0, 0xf1e3, 0x800, 0x1, 0x1ca, 0x0, r0}, &(0x7f0000000240)=<r4=>0x0, &(0x7f00000001c0))
syz_io_uring_setup(0x88f, &(0x7f00000004c0)={0x0, 0xaee2, 0x200, 0x3, 0xbfdfeffc}, &(0x7f0000000000)=<r5=>0x0, &(0x7f0000000280)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r6, &(0x7f00000000c0)=@IORING_OP_TIMEOUT_REMOVE={0xc, 0x40, 0x0, 0x0, 0x0, 0x23456, 0x0, 0x0, 0x1})
syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
syz_open_procfs(0x0, &(0x7f0000000040)='attr/prev\x00')

13.041833104s ago: executing program 3 (id=422):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000032680)=""/102400, 0x19000)
r2 = userfaultfd(0x100800)
ioctl$UFFDIO_API(r2, 0xc018aa3f, 0x0)
ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa05, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
r3 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$UHID_CREATE(r3, &(0x7f0000000240)={0x0, {'syz0\x00', 'syz1\x00', 'syz0\x00', &(0x7f0000000040)=""/2, 0x2, 0xc990, 0x3, 0x0, 0x0, 0xc07}}, 0x11c) (fail_nth: 2)
readv(r3, &(0x7f0000000140)=[{&(0x7f0000000080)=""/155, 0x9b}], 0x1)
write$UHID_DESTROY(r3, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000440))
r4 = socket$kcm(0x29, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r4, 0x89e2, &(0x7f0000004000))
close(r4)
sendmsg$BATADV_CMD_GET_NEIGHBORS(r0, &(0x7f0000004340)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4008000}, 0x4000000)
r5 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
getpgrp(0x0)

11.440516566s ago: executing program 7 (id=424):
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, 0x0, 0x0)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x1000, 0x3f2f0fde)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='new default user:syz 00'], 0x2a, 0xfffffffffffffffc)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x84042, 0x0)
ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f0000000080)={0x0, 0x4, 0x20a})
fcntl$getownex(r1, 0x10, &(0x7f0000000300))
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f00000004c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0/../file0'}}, {@upperdir={'upperdir', 0x3d, './bus'}}, {@nfs_export_on}]})

11.409839947s ago: executing program 6 (id=425):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000002fc0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c00000d1a00010000000000000000000a0000cf"], 0x1c}}, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.swap.events\x00', 0x275a, 0x0)
mmap(&(0x7f000048a000/0x1000)=nil, 0x1000, 0x2, 0x12, r0, 0x0)
ftruncate(r0, 0xc17a)
r1 = syz_usb_connect(0x3, 0x4a, &(0x7f00000001c0)={{0x12, 0x1, 0x0, 0x6d, 0xf5, 0x71, 0x8, 0x4e2, 0x1424, 0xc7eb, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x38, 0x2, 0x96, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0xcc, 0x7, 0x0, 0x2, 0x59, 0x61, 0x5, [@cdc_ncm={{0x5}, {0x5, 0x24, 0x0, 0x6}, {0xd, 0x24, 0xf, 0x1, 0x890, 0x0, 0x7, 0x8}, {0x6, 0x24, 0x1a, 0x5, 0x11}}]}}, {{0x9, 0x4, 0x1, 0xff, 0x0, 0x6e, 0xb8, 0xc1}}]}}]}}, 0x0)
r2 = openat$sysctl(0xffffffffffffff9c, 0x0, 0x2, 0x0)
sendfile(r2, r2, 0x0, 0x3)
syz_usb_control_io$printer(r1, &(0x7f0000000000)={0x14, 0x0, &(0x7f0000000240)={0x0, 0x3, 0x1a, @string={0x1a, 0x3, "745224f2b21a07ca39c2373dd4b150ca023affbf479890a7"}}}, 0x0)
syz_usb_control_io$printer(r1, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r1, 0x0, 0x0)
syz_usb_control_io$hid(r1, &(0x7f0000000380)={0x24, &(0x7f0000000040)={0x40, 0x11, 0xfe, {0xfe, 0xb, "13bbed7265674a628cd127841e9b6cff84c2506441f1ee1d290ab92350717ee86464d97b390c6baa0aaa74d9f8b75074806dca6cd9f58bafaf6a3c9a519fa31adce0dbe85f30ea7ff0ee1f88a853f707dc69cdf77e808ede98f9b78bfccec3c9cd08fefbc958c235fda0bddd0d58dfc31f639d335dcfe4a98b70ce7774d6068cd6beec700afa6aaabd052e288c82d1857404435446df010e6781a4db6ca9521eabf875246c59bad72447b877a152fc24141e600d10bf591a1e97b2a02049368805178e04c68cea8fc908eadb044b4c865b5f2af263ea2359d2b07f03e4bc89768ef8526afa5bc0c3f3a70972944ec450406c983a02bf28365462322b"}}, &(0x7f0000000640)=ANY=[@ANYBLOB="0003e7000000e7039a2efd718b58bef05f953ad1da2f123ba64fb082bd1cf220b39ca1f8c66a9e49556e70748585e46a65239274eff082b78fe42f313b3ce7dcfc48e60857a6eb0f3235638cc4d47ecb21f3da09bf03ee2854ec48eb3d52220001921a806f13206c0465c3abf9e9d8d3bc5fa37ab6bb2a8f6364b7008a94034972875f4e60a7da4fb5215414f95d858df34bcac9e76cc483830161b33a874cdc351a2f460c6ea2df3cec5c1fe78bae6b53f8bd81d58fce2add31"], &(0x7f0000000180)=ANY=[@ANYBLOB="00224c3600000adf57468000000000000000"], &(0x7f0000000340)={0x0, 0x21, 0x9, {0x9, 0x21, 0x1000, 0x67, 0x1, {0x22, 0x419}}}}, &(0x7f0000000600)={0x2c, &(0x7f00000003c0)={0x40, 0xc, 0x65, "7841e89a18dca81c229eb4b6a251aaf0f31bbdb385ca73aa733ac5faba4d8899df8161bf1605ba2d3b5d8586d44fc84f7c206ef66f295f273c07206b805182e00a44b754baf06fc3b33922135c20cc5ebf6d377d4544bf4a36b1d99d780fb1111d77219d7c"}, &(0x7f0000000440)={0x0, 0xa, 0x1, 0x3}, &(0x7f0000000480)={0x0, 0x8, 0x1, 0xaf}, 0x0, 0x0})
syz_usb_control_io$hid(r1, 0x0, 0x0)
ftruncate(r0, 0x400)
syz_usb_control_io$cdc_ecm(r1, &(0x7f0000000500)={0x14, &(0x7f0000000280)={0x0, 0x23, 0xb4, {0xb4, 0x24, "2be9181192a778d5ee7363c4dc7c3de3340d98ef4b5033a23480589ec605e945cacc1df3777576abfed69fd030b590a4b77bbfb2d594a617cd38c0873b0fe10ec1bd90106a96940d4aa8c58661df23cf2db18dfe40a47075e887381e62d9a1d811d53e0c101b67c7d22cc1d9ae0d6f1ed5cb50207f461688da5030d223fa4ca681b48c8ec8994fc4c5f1622bb5c895298fc9f0d071bc16381a81cc3a7a39ff3be92e9f9d7eda2dab9eb02e1e4e8bd65c0d92"}}, &(0x7f00000004c0)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f0000000700)={0x1c, &(0x7f0000000540)={0x40, 0x3, 0x33, "51d971a7f421c3fd41d91ac2b5a3b33b6f1da4e6cdcdfb77398f671c8ef5c4c9ac9e07faf01906d40b5f30d2a5dd790d2e3d12"}, &(0x7f0000000580)={0x0, 0xa, 0x1, 0x2}, &(0x7f00000005c0)={0x0, 0x8, 0x1, 0xd}})
ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000040)={&(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x2})
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8b04, &(0x7f0000000000)={'wlan1\x00'})

10.436694199s ago: executing program 0 (id=426):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB="24000000210001"], 0x24}, 0x1, 0x0, 0x0, 0x4004084}, 0x0)
r0 = socket$inet6(0x10, 0x3, 0x0)
r1 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x802)
writev(r1, &(0x7f00000001c0)=[{&(0x7f0000000040)="aefdda9d240303005a90f57f07703aeff0f64eb9ee07962c220a2e11b44e65d76641cb010852f426072a", 0x2a}], 0x1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
read(r1, &(0x7f0000000240)=""/28, 0xffd2)
sendto$inet6(r0, &(0x7f0000000000)='.', 0x10a73, 0x800, 0x0, 0x4b6ae4f95a5de35b)

9.957726902s ago: executing program 7 (id=427):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f00000000c0)={0x2, 0x3, 0x0, 0x2, 0x12, 0x0, 0x0, 0x0, [@sadb_key={0x4, 0x8, 0x90, 0x0, "041f6255dd400d223296421054f011855ace"}, @sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @dev}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x9}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @mcast1}}]}, 0x90}, 0x1, 0x7}, 0x0)

9.207074216s ago: executing program 7 (id=428):
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$fou(&(0x7f0000000480), 0xffffffffffffffff)
sendmsg$FOU_CMD_ADD(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x24, r5, 0x1, 0x70bd2d, 0x0, {}, [@FOU_ATTR_TYPE={0x5, 0x4, 0x1}, @FOU_ATTR_AF={0x5, 0x2, 0xa}]}, 0x24}, 0x1, 0x0, 0x0, 0x20048091}, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x33, &(0x7f0000000000)={0x0, 0x0}, 0x10)
mount(&(0x7f0000000280)=@md0, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000000)='fusectl\x00', 0x20000, 0x0)

8.07435817s ago: executing program 7 (id=429):
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r3=>r2}, './file1\x00'})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r3, 0x40182103, &(0x7f00000000c0)={0x0, 0x3, r1, 0x6})
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
futex(&(0x7f000000cffc), 0xc, 0x1, &(0x7f0000000280)={0x77359400}, &(0x7f0000048000)=0x2, 0x0)
syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
r4 = dup(0xffffffffffffffff)
r5 = syz_open_dev$vim2m(&(0x7f00000002c0), 0x2000000f5, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r5, 0xc008561c, &(0x7f0000000400)={0xf0f016, 0x2})
write$UHID_INPUT(r4, 0x0, 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="300000003e000701fcfffffffddbdf25047c0000100036800c00020007000b00000000000c000180060006008e"], 0x30}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)
mount$tmpfs(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000080), 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="71756f74612c0076803d1ef1e21d15ecae5550b872972cd5fd8e642f1e64ccb6bbcfe6ba65a7cf4fdbc772c2977e319ff8f2cc885c06cc0d16a110373fa6cff7b62d0d527d078b3154bfe4913a1a66b19475a0a4d0c5831d8f2c3697d547a24e519af5b610225e5ed819cdd7c1676f08c149c1769b8d66861e3aeddb1cfbce19e76c1b822025d12ad2d4c98f62c117e2b3a0681f7893eeef0f20e8f7c2f8a903b3d0a783c57a9c7ac98e6c5543386319ed2da8a82aeae272314d6303856667"])
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000180), 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="746c8c3aa78c8f84251969003d7d3c992c0b05f57a19c8f4ebf19b3474616e740c00002c626ef86066646e6f3d", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',\x00'])

7.988078555s ago: executing program 5 (id=430):
r0 = syz_open_dev$radio(&(0x7f0000000000), 0xffffffffffffffff, 0x2)
ioctl$VIDIOC_S_EXT_CTRLS(r0, 0xc0205649, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
getpid()
socket$inet_udp(0x2, 0x2, 0x0)
r1 = openat(0xffffffffffffff9c, 0x0, 0x289c2, 0x1)
fremovexattr(r1, 0x0)
userfaultfd(0x801)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{0x0}, {0x0}], 0x2)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0)
r3 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000100), 0x80, 0x0)
r4 = dup(r3)
syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, 0x0}], 0x1, 0x23, 0x0, 0x0)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f0000000640)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(blowfish)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5", 0x4)

7.867998592s ago: executing program 0 (id=431):
keyctl$KEYCTL_CAPABILITIES(0x1f, &(0x7f00000001c0)=""/4096, 0x1000)

7.530309981s ago: executing program 0 (id=432):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000), 0x8502, 0x0)
write$sndseq(r1, &(0x7f00000005c0)=[{0x6, 0x0, 0x0, 0x0, @time, {0x4}, {}, @time=@time={0x7, 0xe}}, {0x0, 0x0, 0x0, 0x5, @time={0xb, 0x8}, {}, {}, @raw32={[0x0, 0x6f]}}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw8={"272be5806cd46d37ea9a65a0"}}, {0x0, 0x0, 0x0, 0x0, @time={0x8000, 0x8}, {}, {}, @result={0xbac, 0x28}}], 0x70)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="07000f00002000000000020000000000000095000000f400001db880d4f592b91f0628ca410801a86a4f0e4c9c560d1abadbbcd57cab697c3a8b950007f4010c25d89208764e33000000000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4b, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000000c0)='mmap_lock_acquire_returned\x00', r2}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='f2fs_reserve_new_blocks\x00', r2, 0x0, 0x7}, 0x18)
r3 = socket(0x10, 0x3, 0x0)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {0x0, 0x3}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}, 0x1, 0x0, 0x0, 0x80c0}, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000040)=0x14)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'syztnl2\x00', &(0x7f0000000180)={'erspan0\x00', <r7=>0x0, 0x3f, 0x40, 0x3, 0x2, {{0x1e, 0x4, 0x2, 0x28, 0x78, 0x67, 0x0, 0x1, 0x29, 0x0, @remote, @dev={0xac, 0x14, 0x14, 0x12}, {[@cipso={0x86, 0x3f, 0x1, [{0x6, 0xe, "4e55b4a2114b34cfe6fe21fa"}, {0x5, 0x2}, {0x2, 0xb, "d55d3c9973f11d6943"}, {0x0, 0x7, "729677b039"}, {0x0, 0x4, "b5aa"}, {0x7, 0xb, "8d4b54334eca025e81"}, {0x6, 0x8, "a9474d0b2b5b"}]}, @end, @end, @end, @end, @timestamp={0x44, 0x20, 0x89, 0x0, 0x5, [0xffff, 0x7, 0x4, 0x6, 0x0, 0x72, 0x3]}]}}}}})
r8 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmmsg$inet6(r8, &(0x7f0000000300)=[{{&(0x7f00000000c0)={0xa, 0x4c24, 0x5, @loopback, 0xf3c4}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000c80)=[{0x0}, {&(0x7f0000000000)="f9", 0x1}], 0x2}}, {{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000100)='Z\f', 0x2}], 0x1, &(0x7f0000001080)=ANY=[], 0x1328}}], 0x3, 0x8880)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB="4c0000006a00000128bd7008fcdbdf25000000000000000008000500", @ANYRES32=r6, @ANYBLOB='\b\a@\x00', @ANYRES32=r6, @ANYBLOB="04000900080001000000000008000a000100000008000a000000000008000500", @ANYRES32=r7, @ANYBLOB], 0x4c}, 0x1, 0x0, 0x0, 0x4}, 0x40800d4)

7.470646856s ago: executing program 5 (id=433):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
r3 = accept4$tipc(0xffffffffffffffff, &(0x7f00000001c0), &(0x7f0000000240)=0x10, 0x0)
connect$tipc(r3, &(0x7f00000002c0)=@name={0x1e, 0x2, 0x1, {{0x2, 0x3}, 0x3}}, 0x10)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b00"/14], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x2d)
r6 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r6, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040)='c:::\x00\xfdM\xab\x89\xff\xda\xc7dw2\xa1\xb2\xabuQQ\x14\x97\xc9\xfae\xc7\xa1U\xe2\xbe\"\xb9t\xa0\x0e\xfa\xdb\xf1\xa5.\xd87\xc3p\xa5l\xf8vC\xe2\xe8 \xd5-<#\x186\xe1\xbd\xc0\xc3\xb5N(vj\xa7+<:\xc4\xe00\x01\xdd \x82\x83\xed\x0e\xc4\x1d\xac\xef7\b\xd3Z5\\A\'\x18\xa2\xc3\xab\xc7`\xc3\v\xf3L\x9d[Q\x9e\x11@=\xa1\x9b\xdc\xb1\xef\xc3k<\x97L\xa0\xab\xa6\x1ce\xcd\x99\xb3m\xef\x87\xc5i^N\xbd@\x01\xc0\xb2\x88\xc3\xe2\x96T\xa3\xa5\xeb\x0f\xf2f\xb9$\xd2\x14<L\x19K\xbf\xf7\x9c\xe7 \x12+4.\xa9\xa7\xdc[\xd2\xec\xbe\x1a\xa1\x04\xd3\x9e\x92\x8a\xf7\xdb\xe7f\xdeo\xc1\xa5\xb6T\r)\x1c\xbe\x12\xd1\xef\xc2S\xcci\xc8\x0e\x00]\xe6|\xccK\xc7\r\xfa \x02\xe8\x1b\xc1\x93\xce\x02%\x86\xcb\x94K\v\xe7x\xe3\x06[/\xf9\xa8\x82\x9b\xeeF\x88\xc0f\x82\xb7T\r\x04\xbb\x10\x1d3\xa6', 0x0)
shmget$private(0x0, 0x1000, 0x4, &(0x7f0000cac000/0x1000)=nil)
fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0)
r7 = gettid()
tkill(r7, 0xb)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mount(&(0x7f0000000100)=@nullb, &(0x7f0000000040)='.\x00', &(0x7f0000000300)='msdos\x00', 0x5, 0x0)
mmap$xdp(&(0x7f000097f000/0x1000)=nil, 0x1000, 0x6, 0x10, 0xffffffffffffffff, 0x100000000)
r8 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r8, 0xc0d05605, &(0x7f00000000c0)={0x1, @pix={0x9, 0x8, 0x47524247, 0x3, 0x6, 0x2, 0x6, 0xa6e, 0x0, 0x4, 0x1, 0x5}})
syz_open_dev$vim2m(0x0, 0x3, 0x2)
prctl$PR_SET_MM_AUXV(0x23, 0xc, 0x0, 0x1a0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000000)={0x2, @pix_mp={0x4, 0x0, 0x33565348, 0x0, 0xa, [{0x1000, 0x7fff}, {0x83, 0x8}, {0x2, 0x9}, {0x7, 0xaed}, {0x8, 0x3}, {0xf0000000, 0x80000001}, {0x4, 0x8}, {0xa2, 0xfffffffe}], 0x3, 0xe, 0x7}})

6.323881563s ago: executing program 3 (id=434):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f00000001c0)={{0x1, 0x1, 0x18, r1, {0x4}}, './file0\x00'})
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xf, &(0x7f0000000400)=ANY=[@ANYRES16=0x0, @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095", @ANYRES64], &(0x7f0000001dc0)='syzkaller\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040)='c:::\x00\xfdM\xab\x89\xff\xda\xc7dw2\xa1\xb2\xabuQQ\x14\x97\xc9\xfae\xc7\xa1U\xe2\xbe\"\xb9t\xa0\x0e\xfa\xdb\xf1\xa5.\xd87\xc3p\xa5l\xf8vC\xe2\xe8 \xd5-<#\x186\xe1\xbd\xc0\xc3\xb5N(vj\xa7+<:\xc4\xe00\x01\xdd \x82\x83\xed\x0e\xc4\x1d\xac\xef7\b\xd3Z5\\A\'\x18\xa2\xc3\xab\xc7`\xc3\v\xf3L\x9d[Q\x9e\x11@=\xa1\x9b\xdc\xb1\xef\xc3k<\x97L\xa0\xab\xa6\x1ce\xcd\x99\xb3m\xef\x87\xc5i^N\xbd@\x01\xc0\xb2\x88\xc3\xe2\x96T\xa3\xa5\xeb\x0f\xf2f\xb9$\xd2\x14<L\x19K\xbf\xf7\x9c\xe7 \x12+4.\xa9\xa7\xdc[\xd2\xec\xbe\x1a\xa1\x04\xd3\x9e\x92\x8a\xf7\xdb\xe7f\xdeo\xc1\xa5\xb6T\r)\x1c\xbe\x12\xd1\xef\xc2S\xcci\xc8\x0e\x00]\xe6|\xccK\xc7\r\xfa \x02\xe8\x1b\xc1\x93\xce\x02%\x86\xcb\x94K\v\xe7x\xe3\x06[/\xf9\xa8\x82\x9b\xeeF\x88\xc0f\x82\xb7T\r\x04\xbb\x10\x1d3\xa6', 0x0)
shmget$private(0x0, 0x1000, 0x4, &(0x7f0000cac000/0x1000)=nil)
r4 = gettid()
fsmount(r3, 0x0, 0x0)
tkill(r4, 0xb)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet6_int(r5, 0x29, 0x11, 0x0, 0x0)
r6 = syz_open_dev$loop(&(0x7f0000000100), 0xf01c, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0)
write$binfmt_elf32(r7, &(0x7f00000006c0)=ANY=[@ANYBLOB="7f454c4607020002040000000000000002003e00fcffff01000038000000fb01000000080000040020000400000044006a5b00000000000000600b000000050000004000000005000000f3ffffff100000000100000003000000fcffffff0180000006000000007d56660ca91f000001000060070000000300000004000000060000e60300000004000000040000430d00000000000000de040000ffffffff080000000600000003000000570800003f491130be9b35140d77253ef9b3f66596ab4a19893ea69029a36a2b5331d5659bbc666e6c1c1488516b94ce7239bccb73e43fd5cad30b35e3c8ad"], 0x2ff)
ioctl$LOOP_CONFIGURE(r6, 0x4c0a, &(0x7f00000002c0)={r7, 0x0, {0x2a00, 0x80010000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1d, "fee8a2ab78fc5e3ed1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00"}})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x6, 0x2010, 0xffffffffffffffff, 0x180000000)
r8 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r8, 0xc0d05605, &(0x7f00000000c0)={0x1, @sdr={0x42474752, 0x89a}})

6.177316701s ago: executing program 5 (id=435):
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, 0x0)
syz_open_dev$MSR(0x0, 0x400000000000, 0x0)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x4}, &(0x7f0000bbdffc))
r0 = syz_io_uring_setup(0x64e, 0x0, &(0x7f0000000cc0), &(0x7f0000000d00))
sendmmsg(0xffffffffffffffff, &(0x7f0000000300)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="180000000000000010010000"], 0x18, 0x7000000}, 0xf401}], 0x1, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f0000000100), 0x0, 0x0)
read$msr(r1, &(0x7f0000002000)=""/102400, 0x19000)
pselect6(0x40, &(0x7f0000000300)={0x8000000000010000, 0xa, 0xa6b, 0x8, 0x3, 0x1, 0xfffffffffffffffe, 0xff}, &(0x7f0000000340)={0x6, 0x9, 0x6, 0x2, 0x4, 0x5, 0xfffffffffffffc01, 0x3}, &(0x7f0000000380)={0x1, 0x100000000, 0x0, 0x419, 0x4, 0x9, 0x9e7, 0x8000000000000001}, &(0x7f00000003c0)={0x0, 0x3938700}, &(0x7f0000000480)={0x0})
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50)
r2 = socket$inet6(0xa, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'sit0\x00', <r3=>0x0})
ioctl$sock_inet6_SIOCSIFDSTADDR(r2, 0x8918, &(0x7f0000000080)={@loopback={0x0, 0xff00}, 0x0, r3})
syz_io_uring_setup(0x2a61, &(0x7f0000000380)={0x0, 0xf1e3, 0x800, 0x1, 0x1ca, 0x0, r0}, &(0x7f0000000240)=<r4=>0x0, &(0x7f00000001c0))
syz_io_uring_setup(0x88f, &(0x7f00000004c0)={0x0, 0xaee2, 0x200, 0x3, 0xbfdfeffc}, &(0x7f0000000000)=<r5=>0x0, &(0x7f0000000280)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r6, &(0x7f00000000c0)=@IORING_OP_TIMEOUT_REMOVE={0xc, 0x40, 0x0, 0x0, 0x0, 0x23456, 0x0, 0x0, 0x1})
syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
syz_open_procfs(0x0, &(0x7f0000000040)='attr/prev\x00')

6.170145743s ago: executing program 0 (id=436):
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000340)={<r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'pim6reg\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xd0f, 0x70bd2d, 0x20, {0x60, 0x0, 0x0, r2, {}, {0x9, 0xffff}, {0xc, 0x6}}, [@TCA_RATE={0x6, 0x5, {0x80, 0x2}}]}, 0x2c}}, 0x44080)
socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
socket$inet6_sctp(0xa, 0x5, 0x84)
syz_open_dev$ttys(0xc, 0x2, 0x1)
r3 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r3, &(0x7f00000003c0)={0x18, 0x0, {0x2, @local, 'geneve0\x00'}}, 0x1e)
r4 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r4, &(0x7f0000000080)={0x18, 0x0, {0xfffe, @local, 'geneve0\x00'}}, 0x1e)
connect$pppoe(0xffffffffffffffff, &(0x7f0000000000)={0x18, 0x0, {0x4, @broadcast, 'ip6tnl0\x00'}}, 0x1e)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r5 = syz_open_dev$MSR(&(0x7f0000000100), 0x0, 0x0)
read$msr(r5, &(0x7f0000002700)=""/102392, 0x18ff8)
r6 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_SET(r6, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={0x0}, 0x1, 0x0, 0x0, 0x1}, 0x0)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x10)
mount$overlay(0x0, &(0x7f0000001340)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000200)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})

6.111965437s ago: executing program 6 (id=437):
socket$netlink(0x10, 0x3, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
timer_settime(0x0, 0x0, 0x0, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="100000002d000b02d25a806f8c6394f9101a04000a", 0x15}], 0x1}, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d80000001c0081044e81f782db44b9040a1d08030e000000e8fea4a1180015000600142603600e1208000f1000810401a80016000a0001", 0x37}], 0x1, 0x0, 0x0, 0x7400}, 0x10)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)=@in6={0xa, 0x0, 0x0, @mcast1}, 0x80, 0x0, 0x0, 0x0, 0x5c8}, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce620300fe"], 0xfe1b)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="563f00001800599c6d0eab070004000523"], 0xfe33)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xfe33)

4.726804356s ago: executing program 0 (id=438):
r0 = syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0xa382)
ioctl$LOOP_SET_STATUS(r0, 0x4c02, &(0x7f00000001c0)={0x0, {}, 0x0, {}, 0x40000004, 0x0, 0xffffffff, 0x18, "28f5c9ea1f1ae4be4111ab18d2da69bde58cd7af40fd150b70aac11c2e16bd5bba7663c435aff94793ddd7aae07ef35f17bf01933bdb6fd7ecdd91b59ca8d541", "07a9310978042a8bfe1406584a128d7469166f4f07b84819e7df4af14e1df82d", [0x6, 0x7]})

4.648594775s ago: executing program 6 (id=439):
signalfd4(0xffffffffffffffff, &(0x7f00000008c0), 0x8, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x20, &(0x7f0000000040)=0xfffffff8, 0x4)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x8000002000000, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = socket$inet6(0xa, 0x2, 0x3a)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x4e24, 0x8, @local, 0x6}, 0x32)
setsockopt$inet6_int(r3, 0x29, 0x10, &(0x7f0000000140)=0x8, 0x4)
sendto$inet6(r3, &(0x7f0000000080)="800037bbfa9ba1ce", 0xffd8, 0x0, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f0000000100)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58)
mmap(&(0x7f0000087000/0x4000)=nil, 0x4000, 0x200000d, 0x12, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f0000000000)="0000d63f9a8eecdeb60ddb0700000000", 0x20)
sendmsg$DEVLINK_CMD_PORT_UNSPLIT(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)={0x14, r4, 0x731, 0x0, 0x0, {0x38}}, 0x14}, 0x1, 0x2}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
r6 = getpid()
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x7)

4.435859109s ago: executing program 0 (id=440):
r0 = syz_usb_connect(0x0, 0x3c, &(0x7f0000000380)=ANY=[@ANYBLOB="120101000814c910be0632a2f333010203010902120001000000000904"], 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_open_dev$video4linux(&(0x7f0000000000), 0x5, 0x200)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000000000000000000049500"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10)
setfsgid(0xee00)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r5, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r5, 0x84, 0x9, &(0x7f00000003c0)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0x8a}, 0x9c)
bind$inet6(r5, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r5, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet6(r6, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c)
syz_emit_ethernet(0x42, &(0x7f0000000080)={@link_local, @broadcast, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "010700", 0xc, 0x11, 0x0, @local, @mcast2, {[], {0x0, 0xe22, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x0, 0x0, @void}}}}}}}}, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r5, 0x84, 0x9, &(0x7f00000000c0)={0x0, @in6={{0xa, 0x4e23, 0x0, @loopback}}, 0x0, 0x0, 0xffffffff, 0x0, 0x54}, 0x9c)

3.245556227s ago: executing program 6 (id=441):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x15)
bind$vsock_stream(0xffffffffffffffff, &(0x7f0000000040)={0x28, 0x0, 0x0, @hyper}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
ioctl$TCSETS(r0, 0x40204706, &(0x7f0000000040)={0x1, 0x0, 0x5, 0x0, 0x0, "3eccd8f9d20000000000001000000200000500"})

1.63638659s ago: executing program 5 (id=442):
keyctl$KEYCTL_CAPABILITIES(0x1f, &(0x7f00000001c0)=""/4096, 0x1000)

1.427481829s ago: executing program 5 (id=443):
r0 = syz_open_dev$radio(&(0x7f0000000000), 0xffffffffffffffff, 0x2)
ioctl$VIDIOC_S_EXT_CTRLS(r0, 0xc0205649, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
getpid()
socket$inet_udp(0x2, 0x2, 0x0)
r1 = openat(0xffffffffffffff9c, 0x0, 0x289c2, 0x1)
fremovexattr(r1, 0x0)
userfaultfd(0x801)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)}, {0x0}], 0x2)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0)
r3 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000100), 0x80, 0x0)
r4 = dup(r3)
syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, 0x0}], 0x1, 0x23, 0x0, 0x0)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f0000000640)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(blowfish)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5", 0x4)

791.24192ms ago: executing program 6 (id=444):
r0 = socket$key(0xf, 0x3, 0x2)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r1}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000180), 0x101000, 0x0)
sendmsg$key(r0, &(0x7f0000000000)={0x0, 0x3, &(0x7f0000000080)={&(0x7f00000003c0)={0x2, 0x14, 0x0, 0x9, 0xb, 0x0, 0x70bd2a, 0xfffffffe, [@sadb_address={0x3, 0x7, 0x0, 0x0, 0xe, @in={0x2, 0x0, @multicast1=0xe0000009}}, @sadb_sa={0x2, 0x1, 0x10000, 0x4, 0x0, 0x0, 0x2, 0x40000001}, @sadb_lifetime={0x4, 0x4, 0x6021, 0xfff, 0x8, 0x8}]}, 0x58}}, 0x14) (fail_nth: 2)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[], 0x24}, 0x1, 0x0, 0x0, 0x4004020}, 0x20004080)

0s ago: executing program 5 (id=445):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000700), 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE(r1, 0xc08c5336, &(0x7f0000000000)={0x1, 0x2, 0x0, 'queue0\x00', 0x3}) (fail_nth: 2)

kernel console output (not intermixed with test programs):

ered blocking state
[  128.830542][ T6059] bridge0: port 1(bridge_slave_0) entered disabled state
[  128.844548][ T6059] bridge_slave_0: entered allmulticast mode
[  128.856725][ T6059] bridge_slave_0: entered promiscuous mode
[  128.902107][ T6059] bridge0: port 2(bridge_slave_1) entered blocking state
[  128.913806][ T6059] bridge0: port 2(bridge_slave_1) entered disabled state
[  128.923975][ T6059] bridge_slave_1: entered allmulticast mode
[  128.950492][ T6059] bridge_slave_1: entered promiscuous mode
[  129.155527][ T5838] Bluetooth: hci5: command tx timeout
[  129.322345][ T6059] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  129.362629][ T6059] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  129.924457][ T6059] team0: Port device team_slave_0 added
[  130.214504][ T6059] team0: Port device team_slave_1 added
[  130.312682][ T6141] openvswitch: netlink: Actions may not be safe on all matching packets
[  131.126152][ T5838] Bluetooth: hci1: command tx timeout
[  131.290974][ T2956] bridge_slave_1: left allmulticast mode
[  131.324153][ T6144] overlayfs: workdir and upperdir must be separate subtrees
[  131.343545][ T2956] bridge_slave_1: left promiscuous mode
[  131.385002][ T2956] bridge0: port 2(bridge_slave_1) entered disabled state
[  131.677362][ T2956] bridge_slave_0: left allmulticast mode
[  131.683113][ T2956] bridge_slave_0: left promiscuous mode
[  131.696102][ T2956] bridge0: port 1(bridge_slave_0) entered disabled state
[  131.818232][ T6155] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  132.849509][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  132.867860][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  133.261444][ T6164] loop8: detected capacity change from 0 to 1
[  133.306825][ T5838] Bluetooth: hci1: command tx timeout
[  133.974814][ T6166] QAT: Invalid ioctl 1075883590
[  133.997351][ T6164] Dev loop8: unable to read RDB block 1
[  134.002998][ T6164]  loop8: unable to read partition table
[  134.009619][ T6164] loop8: partition table beyond EOD, truncated
[  134.017156][ T6164] loop_reread_partitions: partition scan of loop8 (þ被xü^>Ñà– ) failed (rc=-5)
[  134.121536][ T6166] QAT: Invalid ioctl 1075883590
[  134.242774][ T6166] QAT: Invalid ioctl 1075883590
[  134.297997][ T6166] QAT: Invalid ioctl 1075883590
[  134.313038][ T6166] QAT: Invalid ioctl 1075883590
[  134.331923][ T6166] QAT: Invalid ioctl 1075883590
[  134.338983][ T6166] QAT: Invalid ioctl 1075883590
[  134.357314][ T6166] QAT: Invalid ioctl 1075883590
[  134.362280][ T6166] QAT: Invalid ioctl 1075883590
[  134.370125][ T6166] QAT: Invalid ioctl 1075883590
[  135.412661][ T6186] netlink: 56 bytes leftover after parsing attributes in process `syz.1.58'.
[  135.603348][ T6186] netlink: 8 bytes leftover after parsing attributes in process `syz.1.58'.
[  136.037131][ T5838] Bluetooth: hci1: command tx timeout
[  136.066147][ T6193] netlink: 'syz.0.61': attribute type 1 has an invalid length.
[  136.142728][ T6193] netlink: 'syz.0.61': attribute type 4 has an invalid length.
[  136.266137][ T6193] netlink: 15334 bytes leftover after parsing attributes in process `syz.0.61'.
[  136.479798][ T6193] loop7: detected capacity change from 0 to 7
[  136.561950][ T5836] Dev loop7: unable to read RDB block 7
[  136.609915][ T5836]  loop7: unable to read partition table
[  136.650719][ T5836] loop7: partition table beyond EOD, truncated
[  137.648155][ T2956] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  137.670699][ T2956] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  137.685168][ T2956] bond0 (unregistering): Released all slaves
[  137.729494][ T6059] batman_adv: batadv0: Adding interface: batadv_slave_0
[  137.745096][ T6059] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  137.810004][ T6059] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  137.841791][ T6059] batman_adv: batadv0: Adding interface: batadv_slave_1
[  137.858016][ T6059] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  137.885863][ T6059] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  138.248911][ T6209] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  140.942144][ T6232] netlink: 12 bytes leftover after parsing attributes in process `syz.1.71'.
[  141.006429][ T6059] hsr_slave_0: entered promiscuous mode
[  141.041158][ T6059] hsr_slave_1: entered promiscuous mode
[  141.053982][ T6059] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  141.082944][ T6059] Cannot create hsr debugfs directory
[  141.142717][ T6231] bridge_slave_0: left allmulticast mode
[  141.164117][ T6231] bridge_slave_0: left promiscuous mode
[  141.183636][ T6231] bridge0: port 1(bridge_slave_0) entered disabled state
[  141.247682][ T6231] bridge_slave_1: left allmulticast mode
[  141.253406][ T6231] bridge_slave_1: left promiscuous mode
[  141.300648][ T6231] bridge0: port 2(bridge_slave_1) entered disabled state
[  141.394288][ T6231] bond0: (slave bond_slave_0): Releasing backup interface
[  141.521911][ T6245] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  142.019090][ T6231] bond0: (slave bond_slave_1): Releasing backup interface
[  142.217969][ T6231] team0: Port device team_slave_0 removed
[  142.348847][ T6231] team0: Port device team_slave_1 removed
[  142.428878][ T6231] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  142.473936][ T6231] batman_adv: batadv0: Removing interface: batadv_slave_0
[  142.490333][ T6231] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  142.508681][ T6231] batman_adv: batadv0: Removing interface: batadv_slave_1
[  142.663293][ T6231] syz.1.71 (6231) used greatest stack depth: 20296 bytes left
[  142.740918][ T6097] chnl_net:caif_netlink_parms(): no params data found
[  142.800249][ T6261] syz.1.78 uses obsolete (PF_INET,SOCK_PACKET)
[  142.907463][ T2956] hsr_slave_0: left promiscuous mode
[  142.970484][ T2956] hsr_slave_1: left promiscuous mode
[  143.012167][ T2956] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  143.044875][ T2956] batman_adv: batadv0: Removing interface: batadv_slave_0
[  143.064779][ T6265] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  143.482266][ T2956] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  143.515391][ T2956] batman_adv: batadv0: Removing interface: batadv_slave_1
[  143.608695][ T2956] veth1_macvtap: left promiscuous mode
[  143.614594][ T2956] veth0_macvtap: left promiscuous mode
[  143.653248][ T2956] veth1_vlan: left promiscuous mode
[  143.696963][ T2956] veth0_vlan: left promiscuous mode
[  143.715496][    T9] usb 2-1: new full-speed USB device number 2 using dummy_hcd
[  144.722254][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  144.740595][    T9] usb 2-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[  144.751464][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  144.781712][    T9] usb 2-1: config 0 descriptor??
[  144.804483][ T6265] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  145.321058][ T6286] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  145.733387][    T9] elan 0003:04F3:0755.0001: hidraw0: USB HID v1.01 Device [HID 04f3:0755] on usb-dummy_hcd.1-1/input0
[  146.253354][ T2956] team0 (unregistering): Port device team_slave_1 removed
[  146.343238][ T6289] overlayfs: overlapping lowerdir path
[  146.374302][ T2956] team0 (unregistering): Port device team_slave_0 removed
[  146.520205][ T6295] overlayfs: workdir and upperdir must be separate subtrees
[  146.896663][ T5880] usb 2-1: reset full-speed USB device number 2 using dummy_hcd
[  147.136921][ T6302] adf_ctl_ioctl: 15 callbacks suppressed
[  147.136936][ T6302] QAT: Invalid ioctl 1075883590
[  147.148275][ T6302] QAT: Invalid ioctl 1075883590
[  147.153763][ T6302] QAT: Invalid ioctl 1075883590
[  147.159400][ T6302] QAT: Invalid ioctl 1075883590
[  147.165955][ T6302] QAT: Invalid ioctl 1075883590
[  147.171423][ T6302] QAT: Invalid ioctl 1075883590
[  147.176891][ T6302] QAT: Invalid ioctl 1075883590
[  147.182353][ T6302] QAT: Invalid ioctl 1075883590
[  147.199139][ T6302] QAT: Invalid ioctl 1075883590
[  147.204872][ T6302] QAT: Invalid ioctl 1075883590
[  147.393659][ T6305] process 'syz.3.89' launched './file1' with NULL argv: empty string added
[  147.890261][ T5878] usb 2-1: USB disconnect, device number 2
[  148.242211][ T6319] FAULT_INJECTION: forcing a failure.
[  148.242211][ T6319] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  148.255931][ T6319] CPU: 1 UID: 0 PID: 6319 Comm: syz.1.91 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[  148.255958][ T6319] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  148.255977][ T6319] Call Trace:
[  148.255985][ T6319]  <TASK>
[  148.255997][ T6319]  dump_stack_lvl+0x189/0x250
[  148.256034][ T6319]  ? __lock_acquire+0xaac/0xd20
[  148.256064][ T6319]  ? __pfx_dump_stack_lvl+0x10/0x10
[  148.256090][ T6319]  ? __pfx__printk+0x10/0x10
[  148.256120][ T6319]  ? __might_fault+0xb0/0x130
[  148.256160][ T6319]  should_fail_ex+0x414/0x560
[  148.256186][ T6319]  _copy_from_user+0x2d/0xb0
[  148.256215][ T6319]  ___sys_sendmsg+0x158/0x2a0
[  148.256245][ T6319]  ? __pfx____sys_sendmsg+0x10/0x10
[  148.256317][ T6319]  ? __might_fault+0xb0/0x130
[  148.256352][ T6319]  __sys_sendmmsg+0x227/0x430
[  148.256385][ T6319]  ? __pfx___sys_sendmmsg+0x10/0x10
[  148.256422][ T6319]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  148.256468][ T6319]  ? ksys_write+0x1f0/0x250
[  148.256494][ T6319]  ? rcu_is_watching+0x15/0xb0
[  148.256534][ T6319]  __x64_sys_sendmmsg+0xa0/0xc0
[  148.256564][ T6319]  do_syscall_64+0xf6/0x210
[  148.256591][ T6319]  ? clear_bhb_loop+0x60/0xb0
[  148.256615][ T6319]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  148.256634][ T6319] RIP: 0033:0x7fa49c18e969
[  148.256660][ T6319] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  148.256676][ T6319] RSP: 002b:00007fa49d05e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  148.256697][ T6319] RAX: ffffffffffffffda RBX: 00007fa49c3b5fa0 RCX: 00007fa49c18e969
[  148.256712][ T6319] RDX: 0000000000000002 RSI: 000020000000a400 RDI: 0000000000000004
[  148.256724][ T6319] RBP: 00007fa49d05e090 R08: 0000000000000000 R09: 0000000000000000
[  148.256736][ T6319] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  148.256746][ T6319] R13: 0000000000000000 R14: 00007fa49c3b5fa0 R15: 00007ffd8917e588
[  148.256777][ T6319]  </TASK>
[  149.705072][ T6338] netlink: 56 bytes leftover after parsing attributes in process `syz.3.94'.
[  149.721358][ T6338] netlink: 8 bytes leftover after parsing attributes in process `syz.3.94'.
[  149.758245][   T30] audit: type=1326 audit(1747699510.117:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6340 comm="syz.1.96" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa49c18e969 code=0x7ffc0000
[  149.812106][   T30] audit: type=1326 audit(1747699510.167:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6340 comm="syz.1.96" exe="/root/syz-executor" sig=0 arch=c000003e syscall=104 compat=0 ip=0x7fa49c18e969 code=0x7ffc0000
[  149.964923][   T30] audit: type=1326 audit(1747699510.167:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6340 comm="syz.1.96" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa49c18e969 code=0x7ffc0000
[  150.023772][ T6097] bridge0: port 1(bridge_slave_0) entered blocking state
[  150.116716][ T6097] bridge0: port 1(bridge_slave_0) entered disabled state
[  150.150969][   T30] audit: type=1326 audit(1747699510.177:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6340 comm="syz.1.96" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fa49c18e969 code=0x7ffc0000
[  150.204686][ T6097] bridge_slave_0: entered allmulticast mode
[  150.229683][ T6097] bridge_slave_0: entered promiscuous mode
[  150.289302][   T30] audit: type=1326 audit(1747699510.377:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6340 comm="syz.1.96" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa49c18e969 code=0x7ffc0000
[  150.318571][ T6097] bridge0: port 2(bridge_slave_1) entered blocking state
[  150.351602][ T6097] bridge0: port 2(bridge_slave_1) entered disabled state
[  150.391051][ T6097] bridge_slave_1: entered allmulticast mode
[  150.448293][ T6097] bridge_slave_1: entered promiscuous mode
[  150.449285][   T30] audit: type=1326 audit(1747699510.387:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6340 comm="syz.1.96" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa49c18e969 code=0x7ffc0000
[  150.859935][ T6097] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  150.963936][ T6097] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  151.077301][   T30] audit: type=1326 audit(1747699511.437:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6340 comm="syz.1.96" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7fa49c18e969 code=0x7ffc0000
[  151.310369][   T30] audit: type=1326 audit(1747699511.447:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6340 comm="syz.1.96" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa49c18e969 code=0x7ffc0000
[  151.566815][ T6354] overlayfs: overlapping lowerdir path
[  151.624903][   T30] audit: type=1326 audit(1747699511.447:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6340 comm="syz.1.96" exe="/root/syz-executor" sig=0 arch=c000003e syscall=299 compat=0 ip=0x7fa49c18e969 code=0x7ffc0000
[  151.823131][   T30] audit: type=1326 audit(1747699511.447:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6340 comm="syz.1.96" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa49c18e969 code=0x7ffc0000
[  152.009385][ T6097] team0: Port device team_slave_0 added
[  152.413344][ T6370] loop8: detected capacity change from 0 to 1
[  152.438182][ T6370] Dev loop8: unable to read RDB block 1
[  152.443994][ T6370]  loop8: unable to read partition table
[  152.451313][ T6370] loop8: partition table beyond EOD, truncated
[  152.458120][ T6370] loop_reread_partitions: partition scan of loop8 (þ被xü^>Ñà– ) failed (rc=-5)
[  153.126709][ T6371] adf_ctl_ioctl: 15 callbacks suppressed
[  153.132494][ T6371] QAT: Invalid ioctl 1075883590
[  153.138104][ T6371] QAT: Invalid ioctl 1075883590
[  153.143356][ T6371] QAT: Invalid ioctl 1075883590
[  153.149225][ T6371] QAT: Invalid ioctl 1075883590
[  153.154563][ T6371] QAT: Invalid ioctl 1075883590
[  153.160047][ T6371] QAT: Invalid ioctl 1075883590
[  153.168121][ T6371] QAT: Invalid ioctl 1075883590
[  153.173495][ T6371] QAT: Invalid ioctl 1075883590
[  153.178955][ T6371] QAT: Invalid ioctl 1075883590
[  153.184314][ T6371] QAT: Invalid ioctl 1075883590
[  153.580568][ T6097] team0: Port device team_slave_1 added
[  154.592477][ T6059] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  154.642815][ T6373] netlink: 56 bytes leftover after parsing attributes in process `syz.0.100'.
[  154.686532][ T6373] netlink: 8 bytes leftover after parsing attributes in process `syz.0.100'.
[  154.750757][ T2956] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  154.760160][ T6389] loop6: detected capacity change from 0 to 63
[  154.911349][ T5836] Buffer I/O error on dev loop6, logical block 0, async page read
[  154.931519][ T5836] Buffer I/O error on dev loop6, logical block 0, async page read
[  154.943846][ T5836] Buffer I/O error on dev loop6, logical block 0, async page read
[  154.957799][ T5836] Buffer I/O error on dev loop6, logical block 0, async page read
[  154.974695][ T5836] Buffer I/O error on dev loop6, logical block 0, async page read
[  154.983556][ T5836] Buffer I/O error on dev loop6, logical block 0, async page read
[  154.996961][ T5836] Buffer I/O error on dev loop6, logical block 3, async page read
[  155.108562][ T6059] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  155.143939][ T6059] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  155.185156][ T6059] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  155.489742][ T2956] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  155.862908][ T6097] batman_adv: batadv0: Adding interface: batadv_slave_0
[  156.015823][ T6097] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  156.063922][ T6097] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  156.100620][ T6097] batman_adv: batadv0: Adding interface: batadv_slave_1
[  156.387572][ T6399] loop8: detected capacity change from 0 to 1
[  156.419634][ T6399] Dev loop8: unable to read RDB block 1
[  156.425649][ T6399]  loop8: unable to read partition table
[  156.432515][ T6399] loop8: partition table beyond EOD, truncated
[  156.438864][ T6399] loop_reread_partitions: partition scan of loop8 (þ被xü^>Ñà– ) failed (rc=-5)
[  156.492629][ T5878] libceph: connect (1)[c::]:6789 error -101
[  156.503580][ T6097] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  156.744071][ T6097] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  156.805328][ T5878] libceph: mon0 (1)[c::]:6789 connect error
[  156.811405][ T6398] ceph: No mds server is up or the cluster is laggy
[  157.151696][ T2956] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  157.560678][ T6409] openvswitch: netlink: Actions may not be safe on all matching packets
[  157.661841][ T6097] hsr_slave_0: entered promiscuous mode
[  157.680364][ T6097] hsr_slave_1: entered promiscuous mode
[  158.667724][ T5878] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  159.407964][ T2956] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  159.525363][ T5878] usb 4-1: Using ep0 maxpacket: 32
[  159.542244][ T5878] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  159.595373][ T5878] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  159.611051][ T5878] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  159.635446][ T5878] usb 4-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice= 0.00
[  159.648779][   T30] kauditd_printk_skb: 9 callbacks suppressed
[  159.648802][   T30] audit: type=1326 audit(1747699520.027:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6426 comm="syz.1.114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa49c18e969 code=0x7ffc0000
[  159.679447][   T30] audit: type=1326 audit(1747699520.057:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6426 comm="syz.1.114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=104 compat=0 ip=0x7fa49c18e969 code=0x7ffc0000
[  159.686639][ T5878] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  159.743098][   T30] audit: type=1326 audit(1747699520.057:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6426 comm="syz.1.114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa49c18e969 code=0x7ffc0000
[  159.780612][ T5878] usb 4-1: config 0 descriptor??
[  159.809195][   T30] audit: type=1326 audit(1747699520.057:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6426 comm="syz.1.114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fa49c18e969 code=0x7ffc0000
[  159.858682][   T30] audit: type=1326 audit(1747699520.147:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6426 comm="syz.1.114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa49c18e969 code=0x7ffc0000
[  159.910217][   T30] audit: type=1326 audit(1747699520.147:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6426 comm="syz.1.114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa49c18e969 code=0x7ffc0000
[  159.939089][   T30] audit: type=1326 audit(1747699520.167:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6426 comm="syz.1.114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa49c18e969 code=0x7ffc0000
[  159.964187][ T6433] sg_write: data in/out 2387/14 bytes for SCSI command 0x8-- guessing data in;
[  159.964187][ T6433]    program syz.0.113 not setting count and/or reply_len properly
[  160.075603][   T30] audit: type=1326 audit(1747699520.167:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6426 comm="syz.1.114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa49c18e969 code=0x7ffc0000
[  160.143738][   T30] audit: type=1326 audit(1747699520.167:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6426 comm="syz.1.114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7fa49c18e969 code=0x7ffc0000
[  160.222063][ T5878] hid (null): invalid report_size 822751293
[  160.243036][   T30] audit: type=1326 audit(1747699520.167:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6426 comm="syz.1.114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fa49c18e9a3 code=0x7ffc0000
[  160.264535][ T5878] hid (null): usage index exceeded
[  160.296549][ T5878] hid (null): invalid report_size 27745
[  160.310347][ T2956] bridge_slave_1: left allmulticast mode
[  160.310474][ T5878] hid (null): invalid report_size 29285
[  160.327748][ T2956] bridge_slave_1: left promiscuous mode
[  160.354791][ T2956] bridge0: port 2(bridge_slave_1) entered disabled state
[  160.384008][ T2956] bridge_slave_0: left allmulticast mode
[  160.401095][ T2956] bridge_slave_0: left promiscuous mode
[  160.422666][ T2956] bridge0: port 1(bridge_slave_0) entered disabled state
[  160.432641][ T5878] input: HID 0458:5011 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0458:5011.0002/input/input6
[  160.601254][ T5878] input: HID 0458:5011 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0458:5011.0002/input/input7
[  160.878016][ T5878] kye 0003:0458:5011.0002: input,hiddev0,hidraw0: USB HID v0.00 Mouse [HID 0458:5011] on usb-dummy_hcd.3-1/input0
[  160.975587][ T5878] usb 4-1: USB disconnect, device number 3
[  161.677103][ T6443] fido_id[6443]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/4-1/report_descriptor': No such file or directory
[  161.829607][ T6451] loop6: detected capacity change from 0 to 63
[  161.938099][ T5942] Buffer I/O error on dev loop6, logical block 0, async page read
[  161.977480][ T5942] Buffer I/O error on dev loop6, logical block 0, async page read
[  161.989788][ T5942] Buffer I/O error on dev loop6, logical block 0, async page read
[  161.998791][ T5942] Buffer I/O error on dev loop6, logical block 0, async page read
[  162.009473][ T5942] Buffer I/O error on dev loop6, logical block 0, async page read
[  162.037927][ T5942] Buffer I/O error on dev loop6, logical block 0, async page read
[  162.066275][ T5942] Buffer I/O error on dev loop6, logical block 3, async page read
[  162.360883][ T2956] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  162.373784][ T2956] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  162.387630][ T2956] bond0 (unregistering): Released all slaves
[  162.446149][ T6097] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  162.530677][ T6059] 8021q: adding VLAN 0 to HW filter on device bond0
[  162.571677][ T6097] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  162.599980][ T6097] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  163.045087][ T6468] openvswitch: netlink: Actions may not be safe on all matching packets
[  163.418901][ T6097] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  164.312807][ T6486] binder: BINDER_SET_CONTEXT_MGR already set
[  164.359518][ T6486] binder: 6480:6486 ioctl 4018620d 200000000040 returned -16
[  164.370607][ T6487] binder: 6480:6487 ioctl c0306201 200000000640 returned -14
[  164.929476][ T6059] 8021q: adding VLAN 0 to HW filter on device team0
[  165.545086][ T2956] hsr_slave_0: left promiscuous mode
[  165.567148][ T2956] hsr_slave_1: left promiscuous mode
[  165.586379][ T2956] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  165.593855][ T2956] batman_adv: batadv0: Removing interface: batadv_slave_0
[  165.603228][ T2956] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  165.631683][ T2956] batman_adv: batadv0: Removing interface: batadv_slave_1
[  165.697883][ T2956] veth1_macvtap: left promiscuous mode
[  165.721596][ T2956] veth0_macvtap: left promiscuous mode
[  165.737926][ T2956] veth1_vlan: left promiscuous mode
[  165.746890][ T2956] veth0_vlan: left promiscuous mode
[  167.008898][ T6512] sg_write: data in/out 2387/14 bytes for SCSI command 0x8-- guessing data in;
[  167.008898][ T6512]    program syz.0.126 not setting count and/or reply_len properly
[  167.364189][ T2956] team0 (unregistering): Port device team_slave_1 removed
[  167.405071][ T2956] team0 (unregistering): Port device team_slave_0 removed
[  167.766916][ T6059] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  167.777451][ T6059] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  167.853172][ T1130] bridge0: port 1(bridge_slave_0) entered blocking state
[  167.860514][ T1130] bridge0: port 1(bridge_slave_0) entered forwarding state
[  167.897631][ T1130] bridge0: port 2(bridge_slave_1) entered blocking state
[  167.904830][ T1130] bridge0: port 2(bridge_slave_1) entered forwarding state
[  167.945725][ T6516] loop6: detected capacity change from 0 to 63
[  168.002682][ T5837] Buffer I/O error on dev loop6, logical block 0, async page read
[  168.029444][ T5837] Buffer I/O error on dev loop6, logical block 0, async page read
[  168.098363][ T5837] Buffer I/O error on dev loop6, logical block 0, async page read
[  168.116064][ T5837] Buffer I/O error on dev loop6, logical block 0, async page read
[  168.124711][ T5837] Buffer I/O error on dev loop6, logical block 0, async page read
[  168.204303][ T5837] Buffer I/O error on dev loop6, logical block 0, async page read
[  168.239790][ T5837] Buffer I/O error on dev loop6, logical block 3, async page read
[  168.276459][ T6097] 8021q: adding VLAN 0 to HW filter on device bond0
[  168.850249][ T6097] 8021q: adding VLAN 0 to HW filter on device team0
[  169.438984][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  169.446203][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  169.628875][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  169.636117][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  169.890453][ T6059] 8021q: adding VLAN 0 to HW filter on device batadv0
[  169.984547][ T6539] openvswitch: netlink: Actions may not be safe on all matching packets
[  171.376619][ T6547] netlink: 56 bytes leftover after parsing attributes in process `syz.3.134'.
[  171.611735][ T6547] netlink: 8 bytes leftover after parsing attributes in process `syz.3.134'.
[  171.713437][ T6561] sg_write: data in/out 2387/14 bytes for SCSI command 0x8-- guessing data in;
[  171.713437][ T6561]    program syz.1.135 not setting count and/or reply_len properly
[  172.095643][ T6059] veth0_vlan: entered promiscuous mode
[  172.143547][ T6059] veth1_vlan: entered promiscuous mode
[  172.283785][ T6059] veth0_macvtap: entered promiscuous mode
[  172.330569][ T6059] veth1_macvtap: entered promiscuous mode
[  172.403651][ T6059] batman_adv: batadv0: Interface activated: batadv_slave_0
[  172.450612][ T6059] batman_adv: batadv0: Interface activated: batadv_slave_1
[  172.534384][ T6059] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  172.554019][ T6059] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  172.575153][ T6059] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  172.594165][ T6059] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  172.651111][ T6097] 8021q: adding VLAN 0 to HW filter on device batadv0
[  172.860608][ T1130] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  172.895300][ T1130] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  173.040287][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  173.287868][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  173.410336][ T6585] sg_write: data in/out 2387/14 bytes for SCSI command 0x8-- guessing data in;
[  173.410336][ T6585]    program syz.3.137 not setting count and/or reply_len properly
[  174.208972][ T6097] veth0_vlan: entered promiscuous mode
[  174.269370][   T30] kauditd_printk_skb: 34 callbacks suppressed
[  174.269387][   T30] audit: type=1326 audit(1747699534.637:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6593 comm="syz.1.140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa49c18e969 code=0x7ffc0000
[  174.310875][ T6097] veth1_vlan: entered promiscuous mode
[  174.696896][   T30] audit: type=1326 audit(1747699534.637:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6593 comm="syz.1.140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa49c18e969 code=0x7ffc0000
[  174.771334][ T6610] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  175.270182][   T30] audit: type=1326 audit(1747699534.637:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6593 comm="syz.1.140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=104 compat=0 ip=0x7fa49c18e969 code=0x7ffc0000
[  175.328828][ T6097] veth0_macvtap: entered promiscuous mode
[  175.371193][   T30] audit: type=1326 audit(1747699534.637:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6593 comm="syz.1.140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa49c18e969 code=0x7ffc0000
[  175.394410][   T30] audit: type=1326 audit(1747699534.637:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6593 comm="syz.1.140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa49c18e969 code=0x7ffc0000
[  176.453765][   T30] audit: type=1326 audit(1747699534.637:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6593 comm="syz.1.140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fa49c18e969 code=0x7ffc0000
[  176.475405][   T30] audit: type=1326 audit(1747699534.637:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6593 comm="syz.1.140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa49c18e969 code=0x7ffc0000
[  176.496913][   T30] audit: type=1326 audit(1747699534.637:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6593 comm="syz.1.140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa49c18e969 code=0x7ffc0000
[  176.525396][   T30] audit: type=1326 audit(1747699534.677:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6593 comm="syz.1.140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=299 compat=0 ip=0x7fa49c18e969 code=0x7ffc0000
[  176.534115][ T6097] veth1_macvtap: entered promiscuous mode
[  176.546838][   T30] audit: type=1326 audit(1747699535.247:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6593 comm="syz.1.140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa49c18e969 code=0x7ffc0000
[  176.824437][ T6097] batman_adv: batadv0: Interface activated: batadv_slave_0
[  176.915866][ T6097] batman_adv: batadv0: Interface activated: batadv_slave_1
[  177.177347][ T6097] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  177.186594][ T6097] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  177.200767][ T6097] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  177.211881][ T6097] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  177.675699][ T6625] netlink: 56 bytes leftover after parsing attributes in process `syz.0.144'.
[  177.686508][ T6625] netlink: 8 bytes leftover after parsing attributes in process `syz.0.144'.
[  178.493013][ T6629] netlink: 4 bytes leftover after parsing attributes in process `syz.1.145'.
[  178.889952][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  179.042178][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  179.082817][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  179.091522][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  179.395201][ T6648] sg_write: data in/out 2387/14 bytes for SCSI command 0x8-- guessing data in;
[  179.395201][ T6648]    program syz.0.147 not setting count and/or reply_len properly
[  180.093544][ T6649] openvswitch: netlink: Actions may not be safe on all matching packets
[  180.751137][ T6657] FAT-fs (nullb0): bogus number of reserved sectors
[  180.757981][ T6657] FAT-fs (nullb0): Can't find a valid FAT filesystem
[  181.168173][ T5877] libceph: connect (1)[c::]:6789 error -101
[  181.183767][ T6656] ceph: No mds server is up or the cluster is laggy
[  181.243483][ T5877] libceph: mon0 (1)[c::]:6789 connect error
[  182.219679][ T6678] adf_ctl_ioctl: 40 callbacks suppressed
[  182.219694][ T6678] QAT: Invalid ioctl 1075883590
[  182.250049][ T6678] QAT: Invalid ioctl 1075883590
[  182.465524][ T6678] QAT: Invalid ioctl 1075883590
[  182.527224][ T6678] QAT: Invalid ioctl 1075883590
[  182.545696][ T6678] QAT: Invalid ioctl 1075883590
[  182.558210][ T6678] QAT: Invalid ioctl 1075883590
[  182.577684][ T6678] QAT: Invalid ioctl 1075883590
[  182.617107][ T6678] QAT: Invalid ioctl 1075883590
[  182.647100][ T6678] QAT: Invalid ioctl 1075883590
[  182.652086][ T6678] QAT: Invalid ioctl 1075883590
[  183.801911][ T6698] openvswitch: netlink: Actions may not be safe on all matching packets
[  185.415352][   T59] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  185.721204][ T6714] sg_write: data in/out 2387/14 bytes for SCSI command 0x8-- guessing data in;
[  185.721204][ T6714]    program syz.6.157 not setting count and/or reply_len properly
[  185.880083][   T59] usb 1-1: device descriptor read/64, error -71
[  186.125600][   T59] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  186.130992][ T6729] netlink: 56 bytes leftover after parsing attributes in process `syz.5.156'.
[  186.193708][ T6729] netlink: 8 bytes leftover after parsing attributes in process `syz.5.156'.
[  186.295427][   T59] usb 1-1: device descriptor read/64, error -71
[  186.419862][   T59] usb usb1-port1: attempt power cycle
[  187.005348][   T59] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  187.275857][   T59] usb 1-1: device not accepting address 4, error -71
[  187.357812][ T5823] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  187.535508][ T5823] usb 6-1: Using ep0 maxpacket: 32
[  188.572083][ T6764] FAULT_INJECTION: forcing a failure.
[  188.572083][ T6764] name failslab, interval 1, probability 0, space 0, times 0
[  188.584977][ T6764] CPU: 0 UID: 0 PID: 6764 Comm: syz.6.164 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[  188.585003][ T6764] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  188.585016][ T6764] Call Trace:
[  188.585024][ T6764]  <TASK>
[  188.585032][ T6764]  dump_stack_lvl+0x189/0x250
[  188.585068][ T6764]  ? __pfx_dump_stack_lvl+0x10/0x10
[  188.585096][ T6764]  ? __pfx__printk+0x10/0x10
[  188.585133][ T6764]  ? __pfx___might_resched+0x10/0x10
[  188.585164][ T6764]  ? fs_reclaim_acquire+0x7d/0x100
[  188.585191][ T6764]  should_fail_ex+0x414/0x560
[  188.585218][ T6764]  should_failslab+0xa8/0x100
[  188.585243][ T6764]  kmem_cache_alloc_noprof+0x73/0x3c0
[  188.585272][ T6764]  ? sk_prot_alloc+0x57/0x220
[  188.585301][ T6764]  sk_prot_alloc+0x57/0x220
[  188.585325][ T6764]  ? sk_alloc+0x24/0x370
[  188.585352][ T6764]  sk_alloc+0x3a/0x370
[  188.585381][ T6764]  unix_create1+0xb0/0x790
[  188.585411][ T6764]  unix_create+0x154/0x200
[  188.585435][ T6764]  __sock_create+0x4b3/0x9f0
[  188.585466][ T6764]  __sys_socketpair+0x1c5/0x560
[  188.585496][ T6764]  __x64_sys_socketpair+0x9b/0xb0
[  188.585521][ T6764]  do_syscall_64+0xf6/0x210
[  188.585549][ T6764]  ? clear_bhb_loop+0x60/0xb0
[  188.585574][ T6764]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  188.585594][ T6764] RIP: 0033:0x7f35a77908ba
[  188.585612][ T6764] Code: 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 49 89 ca b8 35 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  188.585628][ T6764] RSP: 002b:00007f35a860ff78 EFLAGS: 00000246 ORIG_RAX: 0000000000000035
[  188.585649][ T6764] RAX: ffffffffffffffda RBX: 00007f35a79b6000 RCX: 00007f35a77908ba
[  188.585664][ T6764] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000001
[  188.585675][ T6764] RBP: 00007f35a8610090 R08: 0000000000000000 R09: 0000000000000000
[  188.585687][ T6764] R10: 00007f35a860ff98 R11: 0000000000000246 R12: 0000000000000001
[  188.585700][ T6764] R13: 0000000000000001 R14: 00007f35a79b6080 R15: 00007ffefcce3b38
[  188.585731][ T6764]  </TASK>
[  189.371197][ T5823] usb 6-1: config index 0 descriptor too short (expected 156, got 27)
[  189.527952][ T5823] usb 6-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  189.543316][ T5823] usb 6-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  189.554820][ T5823] usb 6-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  189.568948][ T5823] usb 6-1: config 0 interface 0 has no altsetting 0
[  189.589013][ T5823] usb 6-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  189.599566][ T5823] usb 6-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  189.609776][ T5823] usb 6-1: Product: syz
[  189.614074][ T5823] usb 6-1: Manufacturer: syz
[  189.620346][ T5823] usb 6-1: SerialNumber: syz
[  189.636905][ T5823] usb 6-1: config 0 descriptor??
[  189.705099][ T5823] ldusb 6-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  189.733081][ T6773] openvswitch: netlink: Actions may not be safe on all matching packets
[  189.770428][ T5823] ldusb 6-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  189.995938][ T5823] usb 6-1: USB disconnect, device number 2
[  190.062650][ T5823] ldusb 6-1:0.0: LD USB Device #0 now disconnected
[  191.812954][ T6796] loop8: detected capacity change from 0 to 1
[  191.998256][ T6796] Dev loop8: unable to read RDB block 1
[  192.004118][ T6796]  loop8: unable to read partition table
[  192.010144][ T6796] loop8: partition table beyond EOD, truncated
[  192.016422][ T6796] loop_reread_partitions: partition scan of loop8 (þ被xü^>Ñà– ) failed (rc=-5)
[  192.066879][    T9] libceph: connect (1)[c::]:6789 error -101
[  192.073025][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  192.191866][ T6795] ceph: No mds server is up or the cluster is laggy
[  192.346896][   T10] libceph: connect (1)[c::]:6789 error -101
[  192.356212][   T10] libceph: mon0 (1)[c::]:6789 connect error
[  193.185594][ T6818] sg_write: data in/out 2387/14 bytes for SCSI command 0x8-- guessing data in;
[  193.185594][ T6818]    program syz.5.172 not setting count and/or reply_len properly
[  194.281995][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  194.291555][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  195.319877][ T5131] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  195.328894][ T5131] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  195.339935][ T5131] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  195.348218][ T5131] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  195.358225][ T5131] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  197.449934][ T5131] Bluetooth: hci2: command tx timeout
[  197.478442][ T6857] workqueue: Failed to create a rescuer kthread for wq "ceph-watch-notify": -EINTR
[  197.574728][ T6829] chnl_net:caif_netlink_parms(): no params data found
[  198.983128][ T6877] adf_ctl_ioctl: 15 callbacks suppressed
[  198.983142][ T6877] QAT: Invalid ioctl 1075883590
[  199.088106][ T6877] QAT: Invalid ioctl 1075883590
[  199.134127][ T6877] QAT: Invalid ioctl 1075883590
[  199.143716][ T6829] bridge0: port 1(bridge_slave_0) entered blocking state
[  199.155793][ T6877] QAT: Invalid ioctl 1075883590
[  199.165428][ T6829] bridge0: port 1(bridge_slave_0) entered disabled state
[  199.176696][ T6829] bridge_slave_0: entered allmulticast mode
[  199.189970][ T6829] bridge_slave_0: entered promiscuous mode
[  199.352031][ T6829] bridge0: port 2(bridge_slave_1) entered blocking state
[  199.365715][ T6829] bridge0: port 2(bridge_slave_1) entered disabled state
[  199.372909][ T6829] bridge_slave_1: entered allmulticast mode
[  199.381513][ T6829] bridge_slave_1: entered promiscuous mode
[  199.396208][ T6877] QAT: Invalid ioctl 1075883590
[  199.476228][ T5131] Bluetooth: hci2: command tx timeout
[  199.498871][ T6883] openvswitch: netlink: Actions may not be safe on all matching packets
[  200.207081][ T6877] QAT: Invalid ioctl 1075883590
[  200.212031][ T6877] QAT: Invalid ioctl 1075883590
[  200.274046][ T6877] QAT: Invalid ioctl 1075883590
[  200.543312][ T6829] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  200.721820][ T6829] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  200.798954][ T6897] sg_write: data in/out 2387/14 bytes for SCSI command 0x8-- guessing data in;
[  200.798954][ T6897]    program syz.3.184 not setting count and/or reply_len properly
[  201.555799][ T5131] Bluetooth: hci2: command tx timeout
[  202.293352][ T6829] team0: Port device team_slave_0 added
[  202.320758][ T6829] team0: Port device team_slave_1 added
[  202.573679][ T6829] batman_adv: batadv0: Adding interface: batadv_slave_0
[  202.578385][ T6904] afs: Unknown parameter 'dynÇÀ'
[  202.590680][ T6829] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  202.597957][ T6904] overlayfs: overlapping lowerdir path
[  203.795369][ T5131] Bluetooth: hci2: command tx timeout
[  203.826620][ T6829] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  204.013216][ T6829] batman_adv: batadv0: Adding interface: batadv_slave_1
[  204.085345][ T6829] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  204.179563][ T6829] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  205.055816][ T6932] openvswitch: netlink: Actions may not be safe on all matching packets
[  206.754409][ T6829] hsr_slave_0: entered promiscuous mode
[  206.867175][ T6829] hsr_slave_1: entered promiscuous mode
[  206.916456][ T6829] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  206.925123][ T6829] Cannot create hsr debugfs directory
[  208.597248][ T6983] sg_write: data in/out 2387/14 bytes for SCSI command 0x8-- guessing data in;
[  208.597248][ T6983]    program syz.0.197 not setting count and/or reply_len properly
[  211.118056][ T7003] netlink: 'syz.3.207': attribute type 2 has an invalid length.
[  211.455552][ T7003] netlink: 164 bytes leftover after parsing attributes in process `syz.3.207'.
[  211.876082][ T5831] Bluetooth: hci4: command 0x0406 tx timeout
[  211.882961][ T5831] Bluetooth: hci0: command 0x0406 tx timeout
[  211.885367][ T5830] Bluetooth: hci3: command 0x0406 tx timeout
[  211.910682][ T6829] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  211.973131][ T6829] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  212.138919][ T6829] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  212.140879][ T7014] netlink: 8 bytes leftover after parsing attributes in process `syz.6.210'.
[  213.830597][ T7014] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[  213.844086][ T6829] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  218.154167][ T6829] 8021q: adding VLAN 0 to HW filter on device bond0
[  218.450757][ T7084] overlayfs: failed to resolve 'appraise': -2
[  218.540290][ T6829] 8021q: adding VLAN 0 to HW filter on device team0
[  218.608679][ T7082] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  218.751400][ T6800] bridge0: port 1(bridge_slave_0) entered blocking state
[  218.758672][ T6800] bridge0: port 1(bridge_slave_0) entered forwarding state
[  219.075577][ T6800] bridge0: port 2(bridge_slave_1) entered blocking state
[  219.082907][ T6800] bridge0: port 2(bridge_slave_1) entered forwarding state
[  219.313838][ T6829] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  219.540336][ T6829] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  221.699248][ T7125] netlink: 16 bytes leftover after parsing attributes in process `syz.6.231'.
[  223.403555][ T6829] 8021q: adding VLAN 0 to HW filter on device batadv0
[  225.854831][ T7152] =======================================================
[  225.854831][ T7152] WARNING: The mand mount option has been deprecated and
[  225.854831][ T7152]          and is ignored by this kernel. Remove the mand
[  225.854831][ T7152]          option from the mount to silence this warning.
[  225.854831][ T7152] =======================================================
[  226.052543][ T7146] netlink: 28 bytes leftover after parsing attributes in process `syz.0.237'.
[  226.116625][ T7146] netlink: 28 bytes leftover after parsing attributes in process `syz.0.237'.
[  226.334813][ T7146] team0: entered promiscuous mode
[  226.392815][ T7146] team_slave_0: entered promiscuous mode
[  226.413611][ T7146] team_slave_1: entered promiscuous mode
[  226.438806][ T7146] bridge0: entered promiscuous mode
[  226.844144][ T7170] netlink: 16 bytes leftover after parsing attributes in process `syz.0.243'.
[  228.569151][ T6829] veth0_vlan: entered promiscuous mode
[  228.592029][ T6829] veth1_vlan: entered promiscuous mode
[  229.700068][ T6829] veth0_macvtap: entered promiscuous mode
[  229.749388][ T6829] veth1_macvtap: entered promiscuous mode
[  229.832566][ T6829] batman_adv: batadv0: Interface activated: batadv_slave_0
[  230.642655][ T7193] netlink: 28 bytes leftover after parsing attributes in process `syz.3.248'.
[  230.874654][ T7193] netlink: 28 bytes leftover after parsing attributes in process `syz.3.248'.
[  230.896645][ T7193] gretap0: entered promiscuous mode
[  230.924482][ T7193] gretap0: left promiscuous mode
[  231.024542][ T6829] batman_adv: batadv0: Interface activated: batadv_slave_1
[  231.168112][ T6829] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  231.201493][ T6829] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  231.245387][ T7200] syz.5.249 (7200) used greatest stack depth: 20184 bytes left
[  231.258736][ T6829] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  231.296913][ T6829] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  231.432846][ T7214] netlink: zone id is out of range
[  231.470934][ T7214] netlink: zone id is out of range
[  231.691177][   T30] kauditd_printk_skb: 13 callbacks suppressed
[  231.691195][   T30] audit: type=1804 audit(1747699592.067:90): pid=7217 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.0.254" name="/newroot/68/file0/file0" dev="ramfs" ino=12951 res=1 errno=0
[  232.789414][ T7215] netlink: 'syz.0.254': attribute type 3 has an invalid length.
[  232.797234][ T7215] netlink: 236 bytes leftover after parsing attributes in process `syz.0.254'.
[  233.007957][ T7230] netlink: 8 bytes leftover after parsing attributes in process `syz.6.256'.
[  233.623590][ T7230] bridge0: port 3(vlan2) entered blocking state
[  233.630001][ T7230] bridge0: port 3(vlan2) entered disabled state
[  233.637220][ T7230] vlan2: entered allmulticast mode
[  233.642362][ T7230] bridge0: entered allmulticast mode
[  233.673047][ T7230] vlan2: left allmulticast mode
[  233.678067][ T7230] bridge0: left allmulticast mode
[  233.873837][   T68] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  234.014135][   T68] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  234.140697][ T6416] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  234.173281][ T6416] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  234.345480][ T5878] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  235.066423][   T59] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  235.225344][ T5878] usb 6-1: Using ep0 maxpacket: 32
[  235.256433][ T5878] usb 6-1: config 0 has an invalid interface number: 184 but max is 0
[  235.264825][ T5878] usb 6-1: config 0 has no interface number 0
[  235.271379][ T5878] usb 6-1: config 0 interface 184 has no altsetting 0
[  235.402667][   T59] usb 4-1: Using ep0 maxpacket: 8
[  235.450587][   T59] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  235.533547][ T5878] usb 6-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  235.535396][   T59] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  235.567041][ T5878] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  235.668234][   T59] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  235.946077][ T5878] usb 6-1: Product: syz
[  235.950306][ T5878] usb 6-1: Manufacturer: syz
[  235.954929][ T5878] usb 6-1: SerialNumber: syz
[  236.087696][   T59] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  236.101911][   T59] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  236.112147][   T59] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  236.184621][ T5878] usb 6-1: config 0 descriptor??
[  237.181897][   T59] usb 4-1: usb_control_msg returned -32
[  237.233299][   T59] usbtmc 4-1:16.0: can't read capabilities
[  237.337852][   T59] usb 4-1: USB disconnect, device number 4
[  239.414982][ T7284] netlink: 12 bytes leftover after parsing attributes in process `syz.3.269'.
[  241.867868][ T5878] usb 6-1: can't set config #0, error -110
[  243.155992][ T7316] ptrace attach of "./syz-executor exec"[6829] was attempted by "./syz-executor exec"[7316]
[  243.260779][ T7314] overlayfs: overlapping lowerdir path
[  243.426547][ T7318] netlink: 8 bytes leftover after parsing attributes in process `syz.0.277'.
[  243.454868][ T5877] usb 6-1: USB disconnect, device number 3
[  245.344817][ T7344] netlink: 12 bytes leftover after parsing attributes in process `syz.0.285'.
[  247.187767][ T7361] FAULT_INJECTION: forcing a failure.
[  247.187767][ T7361] name failslab, interval 1, probability 0, space 0, times 0
[  247.225345][ T7361] CPU: 1 UID: 0 PID: 7361 Comm: syz.5.289 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[  247.225374][ T7361] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  247.225397][ T7361] Call Trace:
[  247.225405][ T7361]  <TASK>
[  247.225415][ T7361]  dump_stack_lvl+0x189/0x250
[  247.225451][ T7361]  ? __pfx_dump_stack_lvl+0x10/0x10
[  247.225483][ T7361]  ? __pfx__printk+0x10/0x10
[  247.225513][ T7361]  ? __pfx___might_resched+0x10/0x10
[  247.225537][ T7361]  ? fs_reclaim_acquire+0x7d/0x100
[  247.225559][ T7361]  should_fail_ex+0x414/0x560
[  247.225580][ T7361]  should_failslab+0xa8/0x100
[  247.225597][ T7361]  __kmalloc_noprof+0xcb/0x4f0
[  247.225620][ T7361]  ? kfree+0x4d/0x440
[  247.225640][ T7361]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  247.225666][ T7361]  tomoyo_realpath_from_path+0xe3/0x5d0
[  247.225689][ T7361]  ? tomoyo_domain+0xda/0x130
[  247.225718][ T7361]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  247.225736][ T7361]  tomoyo_path_number_perm+0x1e8/0x5a0
[  247.225756][ T7361]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  247.225788][ T7361]  ? __lock_acquire+0xaac/0xd20
[  247.225825][ T7361]  ? __fget_files+0x2a/0x420
[  247.225844][ T7361]  ? __fget_files+0x3a0/0x420
[  247.225857][ T7361]  ? __fget_files+0x2a/0x420
[  247.225874][ T7361]  security_file_ioctl+0xcb/0x2d0
[  247.225895][ T7361]  __se_sys_ioctl+0x47/0x170
[  247.225919][ T7361]  do_syscall_64+0xf6/0x210
[  247.225941][ T7361]  ? clear_bhb_loop+0x60/0xb0
[  247.225961][ T7361]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  247.225976][ T7361] RIP: 0033:0x7f15f3d8e969
[  247.225991][ T7361] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  247.226004][ T7361] RSP: 002b:00007f15f4b48038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  247.226021][ T7361] RAX: ffffffffffffffda RBX: 00007f15f3fb5fa0 RCX: 00007f15f3d8e969
[  247.226032][ T7361] RDX: 0000000000000000 RSI: 00000000000007b2 RDI: 0000000000000003
[  247.226041][ T7361] RBP: 00007f15f4b48090 R08: 0000000000000000 R09: 0000000000000000
[  247.226051][ T7361] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  247.226060][ T7361] R13: 0000000000000000 R14: 00007f15f3fb5fa0 R15: 00007ffcdf67b728
[  247.226088][ T7361]  </TASK>
[  247.560594][ T7361] ERROR: Out of memory at tomoyo_realpath_from_path.
[  247.635574][ T5839] Bluetooth: hci5: command 0x0406 tx timeout
[  248.521549][ T7374] FAULT_INJECTION: forcing a failure.
[  248.521549][ T7374] name failslab, interval 1, probability 0, space 0, times 0
[  248.544691][ T7374] CPU: 0 UID: 0 PID: 7374 Comm: syz.5.292 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[  248.544720][ T7374] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  248.544732][ T7374] Call Trace:
[  248.544740][ T7374]  <TASK>
[  248.544748][ T7374]  dump_stack_lvl+0x189/0x250
[  248.544784][ T7374]  ? __pfx_dump_stack_lvl+0x10/0x10
[  248.544811][ T7374]  ? __pfx__printk+0x10/0x10
[  248.544848][ T7374]  ? __pfx___might_resched+0x10/0x10
[  248.544884][ T7374]  should_fail_ex+0x414/0x560
[  248.544910][ T7374]  should_failslab+0xa8/0x100
[  248.544931][ T7374]  __kmalloc_noprof+0xcb/0x4f0
[  248.544960][ T7374]  ? ima_alloc_init_template+0x93/0x6f0
[  248.544992][ T7374]  ima_alloc_init_template+0x93/0x6f0
[  248.545027][ T7374]  ima_store_measurement+0x1b7/0x640
[  248.545062][ T7374]  ? release_dentry_name_snapshot+0x42/0xb0
[  248.545082][ T7374]  ? __pfx_ima_store_measurement+0x10/0x10
[  248.545107][ T7374]  ? ima_d_path+0x1f1/0x250
[  248.545154][ T7374]  process_measurement+0x11eb/0x1a40
[  248.545179][ T7374]  ? __lock_acquire+0xaac/0xd20
[  248.545224][ T7374]  ? __pfx_process_measurement+0x10/0x10
[  248.545289][ T7374]  ? rcu_read_lock_any_held+0xb3/0x120
[  248.545333][ T7374]  ima_file_mmap+0x1a2/0x1f0
[  248.545357][ T7374]  ? __pfx_ima_file_mmap+0x10/0x10
[  248.545381][ T7374]  ? ksys_write+0x1cb/0x250
[  248.545418][ T7374]  security_mmap_file+0x7a4/0xa60
[  248.545445][ T7374]  vm_mmap_pgoff+0x12c/0x4c0
[  248.545480][ T7374]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  248.545509][ T7374]  ? __fget_files+0x2a/0x420
[  248.545529][ T7374]  ? __fget_files+0x2a/0x420
[  248.545546][ T7374]  ? __fget_files+0x2a/0x420
[  248.545567][ T7374]  ksys_mmap_pgoff+0x51f/0x760
[  248.545618][ T7374]  do_syscall_64+0xf6/0x210
[  248.545646][ T7374]  ? clear_bhb_loop+0x60/0xb0
[  248.545670][ T7374]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  248.545689][ T7374] RIP: 0033:0x7f15f3d8e969
[  248.545707][ T7374] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  248.545723][ T7374] RSP: 002b:00007f15f4b48038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  248.545743][ T7374] RAX: ffffffffffffffda RBX: 00007f15f3fb5fa0 RCX: 00007f15f3d8e969
[  248.545758][ T7374] RDX: 0000000000000004 RSI: 0000000000001000 RDI: 0000200000001000
[  248.545770][ T7374] RBP: 00007f15f4b48090 R08: 0000000000000003 R09: 0000000000000000
[  248.545782][ T7374] R10: 0000000000000011 R11: 0000000000000246 R12: 0000000000000001
[  248.545794][ T7374] R13: 0000000000000000 R14: 00007f15f3fb5fa0 R15: 00007ffcdf67b728
[  248.545825][ T7374]  </TASK>
[  248.555612][ T5877] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  248.627584][   T30] audit: type=1804 audit(1747699608.997:91): pid=7374 uid=0 auid=4294967295 ses=4294967295 subj=_ op=add_template_measure cause=ENOMEM comm="syz.5.292" name=6D656D66643AF375099F9138C07564B06C20FDD703 dev="tmpfs" ino=1077 res=0 errno=0
[  249.047329][ T5877] usb 7-1: config 0 has an invalid interface number: 230 but max is 0
[  249.065269][ T5877] usb 7-1: config 0 has no interface number 0
[  249.078542][ T5877] usb 7-1: New USB device found, idVendor=05da, idProduct=00a3, bcdDevice=83.43
[  249.096762][ T5877] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  249.145625][ T5877] usb 7-1: Product: syz
[  249.149861][ T5877] usb 7-1: Manufacturer: syz
[  249.164815][ T5877] usb 7-1: SerialNumber: syz
[  249.303088][ T5877] usb 7-1: config 0 descriptor??
[  249.381152][ T5877] microtek usb (rev 0.4.3): expecting 3 got 0 endpoints! Bailing out.
[  250.604491][ T7401] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  250.625086][   T30] audit: type=1326 audit(1747699610.977:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7394 comm="syz.5.299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15f3d8e969 code=0x7ffc0000
[  250.645812][ T7401] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  250.715065][   T30] audit: type=1326 audit(1747699610.977:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7394 comm="syz.5.299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=200 compat=0 ip=0x7f15f3d8e969 code=0x7ffc0000
[  250.826901][ T7406] netlink: 12 bytes leftover after parsing attributes in process `syz.7.300'.
[  251.620669][   T30] audit: type=1326 audit(1747699610.977:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7394 comm="syz.5.299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15f3d8e969 code=0x7ffc0000
[  251.653518][   T30] audit: type=1326 audit(1747699610.997:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7394 comm="syz.5.299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f15f3d8e969 code=0x7ffc0000
[  251.676303][   T30] audit: type=1326 audit(1747699610.997:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7394 comm="syz.5.299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15f3d8e969 code=0x7ffc0000
[  251.697999][   T30] audit: type=1326 audit(1747699610.997:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7394 comm="syz.5.299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7f15f3d8e969 code=0x7ffc0000
[  251.787972][ T5877] usb 7-1: USB disconnect, device number 2
[  252.772638][ T7419] vivid-000: kernel_thread() failed
[  252.890546][ T5131] Bluetooth: hci1: command 0x0406 tx timeout
[  253.190606][ T7409] sctp: failed to load transform for md5: -2
[  253.400705][ T5881] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[  254.121505][ T5881] usb 8-1: Using ep0 maxpacket: 32
[  254.164139][ T5881] usb 8-1: config 0 interface 0 altsetting 3 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  254.415301][ T5881] usb 8-1: config 0 interface 0 altsetting 3 endpoint 0x81 has invalid wMaxPacketSize 0
[  254.615301][ T5881] usb 8-1: config 0 interface 0 has no altsetting 0
[  254.635153][ T5881] usb 8-1: New USB device found, idVendor=1b96, idProduct=0012, bcdDevice= 0.00
[  254.680085][ T5881] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  254.718331][ T5881] usb 8-1: config 0 descriptor??
[  254.763013][ T7447] FAULT_INJECTION: forcing a failure.
[  254.763013][ T7447] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  254.824958][ T7447] CPU: 1 UID: 0 PID: 7447 Comm: syz.0.309 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[  254.824987][ T7447] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  254.825000][ T7447] Call Trace:
[  254.825008][ T7447]  <TASK>
[  254.825016][ T7447]  dump_stack_lvl+0x189/0x250
[  254.825055][ T7447]  ? __lock_acquire+0xaac/0xd20
[  254.825086][ T7447]  ? __pfx_dump_stack_lvl+0x10/0x10
[  254.825113][ T7447]  ? __pfx__printk+0x10/0x10
[  254.825144][ T7447]  ? __might_fault+0xb0/0x130
[  254.825186][ T7447]  should_fail_ex+0x414/0x560
[  254.825215][ T7447]  _copy_from_iter+0x1db/0x15a0
[  254.825248][ T7447]  ? trace_kmem_cache_alloc+0x1f/0xc0
[  254.825275][ T7447]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  254.825307][ T7447]  ? __pfx__copy_from_iter+0x10/0x10
[  254.825333][ T7447]  ? __build_skb_around+0x257/0x3e0
[  254.825363][ T7447]  ? netlink_sendmsg+0x642/0xb30
[  254.825385][ T7447]  ? skb_put+0x11b/0x210
[  254.825414][ T7447]  netlink_sendmsg+0x6b2/0xb30
[  254.825436][ T7447]  ? is_bpf_text_address+0x26/0x2b0
[  254.825472][ T7447]  ? __pfx_netlink_sendmsg+0x10/0x10
[  254.825504][ T7447]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  254.825525][ T7447]  ? __pfx_netlink_sendmsg+0x10/0x10
[  254.825549][ T7447]  __sock_sendmsg+0x219/0x270
[  254.825573][ T7447]  ____sys_sendmsg+0x505/0x830
[  254.825607][ T7447]  ? __pfx_____sys_sendmsg+0x10/0x10
[  254.825643][ T7447]  ? import_iovec+0x74/0xa0
[  254.825675][ T7447]  ___sys_sendmsg+0x21f/0x2a0
[  254.825705][ T7447]  ? __pfx____sys_sendmsg+0x10/0x10
[  254.825770][ T7447]  ? __fget_files+0x2a/0x420
[  254.825787][ T7447]  ? __fget_files+0x3a0/0x420
[  254.825817][ T7447]  __x64_sys_sendmsg+0x19b/0x260
[  254.825847][ T7447]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  254.825893][ T7447]  ? do_syscall_64+0xba/0x210
[  254.825923][ T7447]  do_syscall_64+0xf6/0x210
[  254.825950][ T7447]  ? clear_bhb_loop+0x60/0xb0
[  254.825975][ T7447]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  254.825994][ T7447] RIP: 0033:0x7fdf1e38e969
[  254.826011][ T7447] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  254.826027][ T7447] RSP: 002b:00007fdf1f1e9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  254.826054][ T7447] RAX: ffffffffffffffda RBX: 00007fdf1e5b5fa0 RCX: 00007fdf1e38e969
[  254.826069][ T7447] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000000003
[  254.826081][ T7447] RBP: 00007fdf1f1e9090 R08: 0000000000000000 R09: 0000000000000000
[  254.826093][ T7447] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  254.826105][ T7447] R13: 0000000000000000 R14: 00007fdf1e5b5fa0 R15: 00007ffe67baa488
[  254.826135][ T7447]  </TASK>
[  255.297167][ T5881] ntrig 0003:1B96:0012.0003: unknown main item tag 0x0
[  255.304127][ T5881] ntrig 0003:1B96:0012.0003: item fetching failed at offset 4/5
[  255.377676][ T5881] ntrig 0003:1B96:0012.0003: parse failed
[  255.383573][ T5881] ntrig 0003:1B96:0012.0003: probe with driver ntrig failed with error -22
[  255.426072][ T5877] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  255.561645][ T5881] usb 8-1: USB disconnect, device number 2
[  255.575407][ T5877] usb 7-1: device descriptor read/64, error -71
[  255.720798][ T7460] loop6: detected capacity change from 0 to 63
[  255.729619][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  255.737040][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  255.909212][ T5877] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  256.064014][ T5837] Buffer I/O error on dev loop6, logical block 0, async page read
[  256.089717][ T5837] Buffer I/O error on dev loop6, logical block 0, async page read
[  256.169870][ T5837] Buffer I/O error on dev loop6, logical block 0, async page read
[  256.185382][ T5877] usb 7-1: device descriptor read/64, error -71
[  256.238870][ T5837] Buffer I/O error on dev loop6, logical block 0, async page read
[  256.262177][ T5837] Buffer I/O error on dev loop6, logical block 0, async page read
[  256.282281][ T5837] Buffer I/O error on dev loop6, logical block 0, async page read
[  256.305684][ T5877] usb usb7-port1: attempt power cycle
[  256.376666][ T5837] Buffer I/O error on dev loop6, logical block 3, async page read
[  256.871894][ T7477] netlink: 'syz.3.312': attribute type 1 has an invalid length.
[  256.909260][ T7477] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  256.960101][ T7477] netlink: 'syz.3.312': attribute type 1 has an invalid length.
[  257.314944][ T7478] bond1: (slave gretap1): making interface the new active one
[  257.327899][ T7478] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  257.513805][ T7476] netlink: 16 bytes leftover after parsing attributes in process `syz.3.312'.
[  257.871554][ T7478] syz.3.312 (7478) used greatest stack depth: 20008 bytes left
[  258.900308][ T7493] FAT-fs (nullb0): bogus number of reserved sectors
[  258.907043][ T7493] FAT-fs (nullb0): Can't find a valid FAT filesystem
[  259.342894][ T7492] workqueue: Failed to create a rescuer kthread for wq "ceph-completion": -EINTR
[  260.259780][ T7516] FAT-fs (nullb0): bogus number of reserved sectors
[  260.276494][ T7516] FAT-fs (nullb0): Can't find a valid FAT filesystem
[  260.717683][ T5880] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  260.747214][ T7515] workqueue: Failed to create a rescuer kthread for wq "ceph-watch-notify": -EINTR
[  260.927111][ T5880] usb 4-1: Using ep0 maxpacket: 8
[  261.202212][ T5880] usb 4-1: config 168 descriptor has 1 excess byte, ignoring
[  261.255320][ T5880] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  261.376976][ T5880] usb 4-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  261.783382][ T5880] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  262.254331][ T5880] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  262.316678][ T5880] usb 4-1: config 168 descriptor has 1 excess byte, ignoring
[  262.511889][ T5880] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  262.531828][ T5880] usb 4-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  262.595349][ T5880] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  262.625471][ T5878] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  262.646423][ T5880] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  262.925176][ T7536] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  263.506325][ T5880] usb 4-1: unable to read config index 2 descriptor/start: -71
[  263.514077][ T5880] usb 4-1: can't read configurations, error -71
[  263.603079][ T7542] FAULT_INJECTION: forcing a failure.
[  263.603079][ T7542] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  263.617241][ T5878] usb 7-1: device descriptor read/64, error -71
[  263.684328][ T7542] CPU: 1 UID: 0 PID: 7542 Comm: syz.5.326 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[  263.684357][ T7542] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  263.684370][ T7542] Call Trace:
[  263.684377][ T7542]  <TASK>
[  263.684386][ T7542]  dump_stack_lvl+0x189/0x250
[  263.684417][ T7542]  ? __lock_acquire+0xaac/0xd20
[  263.684447][ T7542]  ? __pfx_dump_stack_lvl+0x10/0x10
[  263.684473][ T7542]  ? __pfx__printk+0x10/0x10
[  263.684504][ T7542]  ? __might_fault+0xb0/0x130
[  263.684547][ T7542]  should_fail_ex+0x414/0x560
[  263.684574][ T7542]  _copy_from_iter+0x1db/0x15a0
[  263.684608][ T7542]  ? trace_kmem_cache_alloc+0x1f/0xc0
[  263.684635][ T7542]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  263.684667][ T7542]  ? __pfx__copy_from_iter+0x10/0x10
[  263.684694][ T7542]  ? __build_skb_around+0x257/0x3e0
[  263.684724][ T7542]  ? netlink_sendmsg+0x642/0xb30
[  263.684745][ T7542]  ? skb_put+0x11b/0x210
[  263.684774][ T7542]  netlink_sendmsg+0x6b2/0xb30
[  263.684796][ T7542]  ? is_bpf_text_address+0x26/0x2b0
[  263.684833][ T7542]  ? __pfx_netlink_sendmsg+0x10/0x10
[  263.684864][ T7542]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  263.684885][ T7542]  ? __pfx_netlink_sendmsg+0x10/0x10
[  263.684910][ T7542]  __sock_sendmsg+0x219/0x270
[  263.684933][ T7542]  ____sys_sendmsg+0x505/0x830
[  263.684967][ T7542]  ? __pfx_____sys_sendmsg+0x10/0x10
[  263.685004][ T7542]  ? import_iovec+0x74/0xa0
[  263.685035][ T7542]  ___sys_sendmsg+0x21f/0x2a0
[  263.685064][ T7542]  ? __pfx____sys_sendmsg+0x10/0x10
[  263.685130][ T7542]  ? __fget_files+0x2a/0x420
[  263.685147][ T7542]  ? __fget_files+0x3a0/0x420
[  263.685184][ T7542]  __x64_sys_sendmsg+0x19b/0x260
[  263.685217][ T7542]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  263.685262][ T7542]  ? do_syscall_64+0xba/0x210
[  263.685293][ T7542]  do_syscall_64+0xf6/0x210
[  263.685319][ T7542]  ? clear_bhb_loop+0x60/0xb0
[  263.685343][ T7542]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  263.685363][ T7542] RIP: 0033:0x7f15f3d8e969
[  263.685380][ T7542] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  263.685396][ T7542] RSP: 002b:00007f15f4b48038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  263.685418][ T7542] RAX: ffffffffffffffda RBX: 00007f15f3fb5fa0 RCX: 00007f15f3d8e969
[  263.685432][ T7542] RDX: 0000000000000800 RSI: 0000200000000380 RDI: 0000000000000003
[  263.685445][ T7542] RBP: 00007f15f4b48090 R08: 0000000000000000 R09: 0000000000000000
[  263.685457][ T7542] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  263.685468][ T7542] R13: 0000000000000000 R14: 00007f15f3fb5fa0 R15: 00007ffcdf67b728
[  263.685499][ T7542]  </TASK>
[  264.095376][ T5878] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  265.475304][ T5878] usb 7-1: device descriptor read/64, error -71
[  265.511872][ T5881] libceph: connect (1)[c::]:6789 error -101
[  265.639892][ T7559] FAT-fs (nullb0): bogus number of reserved sectors
[  265.646633][ T7559] FAT-fs (nullb0): Can't find a valid FAT filesystem
[  265.862978][ T7552] ceph: No mds server is up or the cluster is laggy
[  265.981752][ T5878] usb usb7-port1: attempt power cycle
[  266.005477][ T5881] libceph: mon0 (1)[c::]:6789 connect error
[  266.121348][   T30] audit: type=1326 audit(1747699626.487:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7562 comm="syz.0.329" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf1e38e969 code=0x7ffc0000
[  266.166256][   T30] audit: type=1326 audit(1747699626.487:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7562 comm="syz.0.329" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf1e38e969 code=0x7ffc0000
[  266.452067][   T30] audit: type=1326 audit(1747699626.487:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7562 comm="syz.0.329" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fdf1e32ab39 code=0x7ffc0000
[  266.452118][   T30] audit: type=1326 audit(1747699626.487:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7562 comm="syz.0.329" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fdf1e32ab39 code=0x7ffc0000
[  266.452160][   T30] audit: type=1326 audit(1747699626.487:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7562 comm="syz.0.329" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fdf1e32ab39 code=0x7ffc0000
[  266.452201][   T30] audit: type=1326 audit(1747699626.487:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7562 comm="syz.0.329" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf1e38e969 code=0x7ffc0000
[  266.452244][   T30] audit: type=1326 audit(1747699626.497:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7562 comm="syz.0.329" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fdf1e32ab39 code=0x7ffc0000
[  266.452288][   T30] audit: type=1326 audit(1747699626.497:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7562 comm="syz.0.329" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fdf1e32ab39 code=0x7ffc0000
[  266.452330][   T30] audit: type=1326 audit(1747699626.497:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7562 comm="syz.0.329" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf1e38e969 code=0x7ffc0000
[  266.452371][   T30] audit: type=1326 audit(1747699626.497:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7562 comm="syz.0.329" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fdf1e32ab39 code=0x7ffc0000
[  267.366068][   T10] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  267.681274][   T10] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  267.681308][   T10] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  267.681329][   T10] usb 6-1: Product: syz
[  267.681345][   T10] usb 6-1: Manufacturer: syz
[  267.681362][   T10] usb 6-1: SerialNumber: syz
[  267.756199][ T7583] netlink: ct family unspecified
[  267.756384][ T7583] openvswitch: netlink: Actions may not be safe on all matching packets
[  267.758574][ T7583] netlink: 'syz.6.336': attribute type 21 has an invalid length.
[  268.108646][   T10] usb 6-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  268.256965][   T10] usb 6-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  268.297950][ T7591] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  268.688643][ T7600] FAULT_INJECTION: forcing a failure.
[  268.688643][ T7600] name failslab, interval 1, probability 0, space 0, times 0
[  268.688687][ T7600] CPU: 1 UID: 0 PID: 7600 Comm: syz.6.340 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[  268.688710][ T7600] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  268.688721][ T7600] Call Trace:
[  268.688730][ T7600]  <TASK>
[  268.688738][ T7600]  dump_stack_lvl+0x189/0x250
[  268.688774][ T7600]  ? __pfx_dump_stack_lvl+0x10/0x10
[  268.688802][ T7600]  ? __pfx__printk+0x10/0x10
[  268.688839][ T7600]  ? __pfx___might_resched+0x10/0x10
[  268.688869][ T7600]  ? fs_reclaim_acquire+0x7d/0x100
[  268.688897][ T7600]  should_fail_ex+0x414/0x560
[  268.688924][ T7600]  should_failslab+0xa8/0x100
[  268.688945][ T7600]  __kmalloc_noprof+0xcb/0x4f0
[  268.688973][ T7600]  ? kfree+0x4d/0x440
[  268.688998][ T7600]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  268.689032][ T7600]  tomoyo_realpath_from_path+0xe3/0x5d0
[  268.689061][ T7600]  ? tomoyo_domain+0xda/0x130
[  268.689096][ T7600]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  268.689119][ T7600]  tomoyo_path_number_perm+0x1e8/0x5a0
[  268.689144][ T7600]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  268.689186][ T7600]  ? __lock_acquire+0xaac/0xd20
[  268.689233][ T7600]  ? __fget_files+0x2a/0x420
[  268.689258][ T7600]  ? __fget_files+0x3a0/0x420
[  268.689275][ T7600]  ? __fget_files+0x2a/0x420
[  268.689298][ T7600]  security_file_ioctl+0xcb/0x2d0
[  268.689325][ T7600]  __se_sys_ioctl+0x47/0x170
[  268.689353][ T7600]  do_syscall_64+0xf6/0x210
[  268.689381][ T7600]  ? clear_bhb_loop+0x60/0xb0
[  268.689407][ T7600]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  268.689427][ T7600] RIP: 0033:0x7f35a778e969
[  268.689444][ T7600] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  268.689461][ T7600] RSP: 002b:00007f35a8631038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  268.689482][ T7600] RAX: ffffffffffffffda RBX: 00007f35a79b5fa0 RCX: 00007f35a778e969
[  268.689496][ T7600] RDX: 00002000000000c0 RSI: 0000000080045503 RDI: 0000000000000003
[  268.689509][ T7600] RBP: 00007f35a8631090 R08: 0000000000000000 R09: 0000000000000000
[  268.689522][ T7600] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  268.689539][ T7600] R13: 0000000000000000 R14: 00007f35a79b5fa0 R15: 00007ffefcce3b38
[  268.689570][ T7600]  </TASK>
[  268.689578][ T7600] ERROR: Out of memory at tomoyo_realpath_from_path.
[  269.252167][ T7607] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  271.227241][   T10] ath9k_htc 6-1:1.0: ath9k_htc: Target is unresponsive
[  271.227607][   T10] ath9k_htc: Failed to initialize the device
[  271.688964][ T7612] FAT-fs (nullb0): bogus number of reserved sectors
[  271.688999][ T7612] FAT-fs (nullb0): Can't find a valid FAT filesystem
[  271.966312][ T5912] libceph: connect (1)[c::]:6789 error -101
[  271.966657][ T5912] libceph: mon0 (1)[c::]:6789 connect error
[  271.996657][ T5878] usb 6-1: USB disconnect, device number 4
[  272.007201][    C0] sched: DL replenish lagged too much
[  272.025370][ T5878] usb 6-1: ath9k_htc: USB layer deinitialized
[  272.169986][ T7609] ceph: No mds server is up or the cluster is laggy
[  272.225707][ T5912] libceph: connect (1)[c::]:6789 error -101
[  272.626638][ T5912] libceph: mon0 (1)[c::]:6789 connect error
[  273.589629][ T7636] FAT-fs (nullb0): bogus number of reserved sectors
[  273.597475][ T7636] FAT-fs (nullb0): Can't find a valid FAT filesystem
[  273.994436][ T7635] workqueue: Failed to create a rescuer kthread for wq "ceph-watch-notify": -EINTR
[  275.184692][ T7649] QAT: Invalid ioctl 1075883590
[  275.195362][   T10] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  275.207302][ T7649] QAT: Invalid ioctl 1075883590
[  275.212689][ T7649] QAT: Invalid ioctl 1075883590
[  275.218259][ T7649] QAT: Invalid ioctl 1075883590
[  275.223685][ T7649] QAT: Invalid ioctl 1075883590
[  275.229779][ T7649] QAT: Invalid ioctl 1075883590
[  275.235104][ T7649] QAT: Invalid ioctl 1075883590
[  275.241060][ T7649] QAT: Invalid ioctl 1075883590
[  275.246531][ T7649] QAT: Invalid ioctl 1075883590
[  275.251908][ T7649] QAT: Invalid ioctl 1075883590
[  276.133137][ T7654] netlink: 8 bytes leftover after parsing attributes in process `syz.7.351'.
[  276.186359][ T7655] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  276.842652][ T7664] FAULT_INJECTION: forcing a failure.
[  276.842652][ T7664] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  276.855835][ T7664] CPU: 1 UID: 0 PID: 7664 Comm: syz.5.354 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[  276.855860][ T7664] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  276.855872][ T7664] Call Trace:
[  276.855881][ T7664]  <TASK>
[  276.855891][ T7664]  dump_stack_lvl+0x189/0x250
[  276.855921][ T7664]  ? __lock_acquire+0xaac/0xd20
[  276.855951][ T7664]  ? __pfx_dump_stack_lvl+0x10/0x10
[  276.855979][ T7664]  ? __pfx__printk+0x10/0x10
[  276.856010][ T7664]  ? __might_fault+0xb0/0x130
[  276.856053][ T7664]  should_fail_ex+0x414/0x560
[  276.856080][ T7664]  _copy_from_user+0x2d/0xb0
[  276.856110][ T7664]  do_ip6t_set_ctl+0x69f/0xce0
[  276.856144][ T7664]  ? rcu_is_watching+0x15/0xb0
[  276.856173][ T7664]  ? __pfx_do_ip6t_set_ctl+0x10/0x10
[  276.856219][ T7664]  ? __pfx___mutex_lock+0x10/0x10
[  276.856247][ T7664]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  276.856293][ T7664]  nf_setsockopt+0x26c/0x290
[  276.856320][ T7664]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  276.856346][ T7664]  do_sock_setsockopt+0x257/0x3e0
[  276.856376][ T7664]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  276.856400][ T7664]  ? __fget_files+0x2a/0x420
[  276.856423][ T7664]  ? __fget_files+0x3a0/0x420
[  276.856440][ T7664]  ? __fget_files+0x2a/0x420
[  276.856468][ T7664]  __x64_sys_setsockopt+0x18b/0x220
[  276.856501][ T7664]  do_syscall_64+0xf6/0x210
[  276.856528][ T7664]  ? asm_sysvec_call_function_single+0x1a/0x20
[  276.856549][ T7664]  ? clear_bhb_loop+0x60/0xb0
[  276.856573][ T7664]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  276.856592][ T7664] RIP: 0033:0x7f15f3d8e969
[  276.856610][ T7664] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  276.856627][ T7664] RSP: 002b:00007f15f1bf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  276.856648][ T7664] RAX: ffffffffffffffda RBX: 00007f15f3fb6160 RCX: 00007f15f3d8e969
[  276.856662][ T7664] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000005
[  276.856674][ T7664] RBP: 00007f15f1bf6090 R08: 0000000000000518 R09: 0000000000000000
[  276.856686][ T7664] R10: 0000200000000600 R11: 0000000000000246 R12: 0000000000000001
[  276.856699][ T7664] R13: 0000000000000000 R14: 00007f15f3fb6160 R15: 00007ffcdf67b728
[  276.856736][ T7664]  </TASK>
[  277.565783][ T7670] capability: warning: `syz.5.355' uses deprecated v2 capabilities in a way that may be insecure
[  277.625341][ T5912] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  277.662421][ T7673] fuse: Unknown parameter 'Sootmode'
[  277.751990][ T7674] netlink: 'syz.3.353': attribute type 29 has an invalid length.
[  277.775466][ T5912] usb 7-1: device descriptor read/64, error -71
[  277.812486][ T7677] netlink: 'syz.3.353': attribute type 29 has an invalid length.
[  277.826552][ T7668] netlink: 500 bytes leftover after parsing attributes in process `syz.3.353'.
[  278.055777][ T5912] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  278.116653][ T7685] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  278.375524][ T5912] usb 7-1: device descriptor read/64, error -71
[  278.647646][ T5912] usb usb7-port1: attempt power cycle
[  279.105855][ T5912] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  279.164001][ T5912] usb 7-1: device descriptor read/8, error -71
[  279.233043][ T7699] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  279.537313][ T5912] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[  279.846403][ T5912] usb 7-1: device not accepting address 12, error -71
[  280.287592][ T5878] libceph: connect (1)[c::]:6789 error -101
[  280.293670][ T5878] libceph: mon0 (1)[c::]:6789 connect error
[  280.360556][ T5912] usb usb7-port1: unable to enumerate USB device
[  280.446608][ T7707] ceph: No mds server is up or the cluster is laggy
[  280.548884][ T7717] debugfs: Directory 'ttyS3' with parent 'caif_serial' already present!
[  280.569997][ T7719] netlink: 328 bytes leftover after parsing attributes in process `syz.0.367'.
[  280.695619][ T5906] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[  280.897137][ T5906] usb 8-1: Using ep0 maxpacket: 16
[  280.928250][ T5906] usb 8-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  280.970916][ T5906] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  281.005684][ T5906] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 3
[  281.131020][ T5906] usb 8-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  281.249813][ T5906] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  281.394456][ T5906] usb 8-1: Product: syz
[  281.431429][ T5906] usb 8-1: Manufacturer: syz
[  281.505649][ T5906] usb 8-1: SerialNumber: syz
[  281.902771][ T7714] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  281.974002][ T7742] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  282.675824][ T7714] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  282.869770][ T7746] netlink: 40 bytes leftover after parsing attributes in process `syz.5.374'.
[  282.955577][ T5906] usb 8-1: 0:2 : does not exist
[  283.445739][ T5906] usb 8-1: USB disconnect, device number 3
[  284.591142][ T5836] udevd[5836]: error opening ATTR{/sys/devices/platform/dummy_hcd.7/usb8/8-1/8-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  285.292009][ T7774] FAULT_INJECTION: forcing a failure.
[  285.292009][ T7774] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  285.338782][ T5878] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  285.345459][ T7774] CPU: 1 UID: 0 PID: 7774 Comm: syz.5.379 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[  285.345490][ T7774] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  285.345503][ T7774] Call Trace:
[  285.345512][ T7774]  <TASK>
[  285.345521][ T7774]  dump_stack_lvl+0x189/0x250
[  285.345554][ T7774]  ? __lock_acquire+0xaac/0xd20
[  285.345591][ T7774]  ? __pfx_dump_stack_lvl+0x10/0x10
[  285.345619][ T7774]  ? __pfx__printk+0x10/0x10
[  285.345651][ T7774]  ? __might_fault+0xb0/0x130
[  285.345697][ T7774]  should_fail_ex+0x414/0x560
[  285.345725][ T7774]  _copy_from_iter+0x1db/0x15a0
[  285.345761][ T7774]  ? trace_kmem_cache_alloc+0x1f/0xc0
[  285.345790][ T7774]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  285.345823][ T7774]  ? __pfx__copy_from_iter+0x10/0x10
[  285.345852][ T7774]  ? __build_skb_around+0x257/0x3e0
[  285.345884][ T7774]  ? netlink_sendmsg+0x642/0xb30
[  285.345906][ T7774]  ? skb_put+0x11b/0x210
[  285.345937][ T7774]  netlink_sendmsg+0x6b2/0xb30
[  285.345960][ T7774]  ? is_bpf_text_address+0x26/0x2b0
[  285.345999][ T7774]  ? __pfx_netlink_sendmsg+0x10/0x10
[  285.346032][ T7774]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  285.346055][ T7774]  ? __pfx_netlink_sendmsg+0x10/0x10
[  285.346081][ T7774]  __sock_sendmsg+0x219/0x270
[  285.346106][ T7774]  ____sys_sendmsg+0x505/0x830
[  285.346148][ T7774]  ? __pfx_____sys_sendmsg+0x10/0x10
[  285.346188][ T7774]  ? import_iovec+0x74/0xa0
[  285.346221][ T7774]  ___sys_sendmsg+0x21f/0x2a0
[  285.346253][ T7774]  ? __pfx____sys_sendmsg+0x10/0x10
[  285.346317][ T7774]  ? __fget_files+0x2a/0x420
[  285.346335][ T7774]  ? __fget_files+0x3a0/0x420
[  285.346363][ T7774]  __x64_sys_sendmsg+0x19b/0x260
[  285.346392][ T7774]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  285.346438][ T7774]  ? do_syscall_64+0xba/0x210
[  285.346468][ T7774]  do_syscall_64+0xf6/0x210
[  285.346495][ T7774]  ? clear_bhb_loop+0x60/0xb0
[  285.346519][ T7774]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  285.346537][ T7774] RIP: 0033:0x7f15f3d8e969
[  285.346554][ T7774] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  285.346571][ T7774] RSP: 002b:00007f15f4b27038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  285.346591][ T7774] RAX: ffffffffffffffda RBX: 00007f15f3fb6080 RCX: 00007f15f3d8e969
[  285.346607][ T7774] RDX: 0000000004000800 RSI: 00002000000003c0 RDI: 0000000000000008
[  285.346621][ T7774] RBP: 00007f15f4b27090 R08: 0000000000000000 R09: 0000000000000000
[  285.346634][ T7774] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  285.346646][ T7774] R13: 0000000000000000 R14: 00007f15f3fb6080 R15: 00007ffcdf67b728
[  285.346680][ T7774]  </TASK>
[  285.822853][ T5878] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[  285.881818][ T5878] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0
[  285.914351][ T5878] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  285.952570][ T5878] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0
[  286.013244][ T5878] usb 8-1: New USB device found, idVendor=2040, idProduct=4920, bcdDevice=4d.8b
[  286.448405][ T5878] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  286.592879][ T5878] usb 8-1: config 0 descriptor??
[  286.736477][ T7786] netlink: 32 bytes leftover after parsing attributes in process `syz.6.382'.
[  286.991619][ T5878] usb 8-1: USB disconnect, device number 4
[  287.015274][ T5906] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  287.279398][ T5906] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  287.438131][ T5906] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  287.612544][ T5906] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  287.654567][ T5906] usb 1-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=69.cf
[  287.693794][ T7814] overlayfs: workdir and upperdir must be separate subtrees
[  287.754112][ T5906] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  287.805833][ T5906] usb 1-1: Product: syz
[  287.806527][ T7816] xt_TCPMSS: Only works on TCP SYN packets
[  287.810093][ T5906] usb 1-1: Manufacturer: syz
[  287.845273][ T5906] usb 1-1: SerialNumber: syz
[  287.906538][ T5906] usb 1-1: config 0 descriptor??
[  287.915981][ T7802] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  287.979495][ T5906] usb 1-1: Found UVC 0.00 device syz (18ec:3288)
[  287.999093][ T5906] usb 1-1: No valid video chain found.
[  288.922973][ T7823] warning: `syz.5.391' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  289.030038][ T7823] netlink: 'syz.5.391': attribute type 10 has an invalid length.
[  289.639576][ T5912] usb 1-1: USB disconnect, device number 6
[  289.729138][ T7823] team0: Port device wlan1 added
[  289.792317][ T7840] FAULT_INJECTION: forcing a failure.
[  289.792317][ T7840] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  289.974784][ T7840] CPU: 0 UID: 0 PID: 7840 Comm: syz.7.395 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[  289.974813][ T7840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  289.974825][ T7840] Call Trace:
[  289.974834][ T7840]  <TASK>
[  289.974842][ T7840]  dump_stack_lvl+0x189/0x250
[  289.974873][ T7840]  ? __lock_acquire+0xaac/0xd20
[  289.974903][ T7840]  ? __pfx_dump_stack_lvl+0x10/0x10
[  289.974930][ T7840]  ? __pfx__printk+0x10/0x10
[  289.974961][ T7840]  ? __might_fault+0xb0/0x130
[  289.975004][ T7840]  should_fail_ex+0x414/0x560
[  289.975030][ T7840]  _copy_from_iter+0x1db/0x15a0
[  289.975064][ T7840]  ? trace_kmem_cache_alloc+0x1f/0xc0
[  289.975092][ T7840]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  289.975124][ T7840]  ? __pfx__copy_from_iter+0x10/0x10
[  289.975151][ T7840]  ? __build_skb_around+0x257/0x3e0
[  289.975180][ T7840]  ? netlink_sendmsg+0x642/0xb30
[  289.975205][ T7840]  ? skb_put+0x11b/0x210
[  289.975233][ T7840]  netlink_sendmsg+0x6b2/0xb30
[  289.975254][ T7840]  ? is_bpf_text_address+0x26/0x2b0
[  289.975289][ T7840]  ? __pfx_netlink_sendmsg+0x10/0x10
[  289.975322][ T7840]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  289.975343][ T7840]  ? __pfx_netlink_sendmsg+0x10/0x10
[  289.975367][ T7840]  __sock_sendmsg+0x219/0x270
[  289.975391][ T7840]  ____sys_sendmsg+0x505/0x830
[  289.975425][ T7840]  ? __pfx_____sys_sendmsg+0x10/0x10
[  289.975462][ T7840]  ? import_iovec+0x74/0xa0
[  289.975494][ T7840]  ___sys_sendmsg+0x21f/0x2a0
[  289.975531][ T7840]  ? __pfx____sys_sendmsg+0x10/0x10
[  289.975596][ T7840]  ? __fget_files+0x2a/0x420
[  289.975614][ T7840]  ? __fget_files+0x3a0/0x420
[  289.975643][ T7840]  __x64_sys_sendmsg+0x19b/0x260
[  289.975673][ T7840]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  289.975719][ T7840]  ? do_syscall_64+0xba/0x210
[  289.975749][ T7840]  do_syscall_64+0xf6/0x210
[  289.975776][ T7840]  ? clear_bhb_loop+0x60/0xb0
[  289.975801][ T7840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  289.975820][ T7840] RIP: 0033:0x7f00a678e969
[  289.975838][ T7840] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  289.975854][ T7840] RSP: 002b:00007f00a762a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  289.975875][ T7840] RAX: ffffffffffffffda RBX: 00007f00a69b5fa0 RCX: 00007f00a678e969
[  289.975890][ T7840] RDX: 0000000000000850 RSI: 00002000000002c0 RDI: 0000000000000003
[  289.975902][ T7840] RBP: 00007f00a762a090 R08: 0000000000000000 R09: 0000000000000000
[  289.975914][ T7840] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  289.975926][ T7840] R13: 0000000000000000 R14: 00007f00a69b5fa0 R15: 00007ffd1e095e68
[  289.975956][ T7840]  </TASK>
[  290.041386][    C1] vcan0: j1939_tp_rxtimer: 0xffff8880308ac800: rx timeout, send abort
[  290.107879][ T7844] tmpfs: Group quota block hardlimit too large.
[  290.541517][    C1] vcan0: j1939_tp_rxtimer: 0xffff88803178b400: rx timeout, send abort
[  290.609529][    C1] vcan0: j1939_tp_rxtimer: 0xffff8880308ac800: abort rx timeout. Force session deactivation
[  291.049795][    C1] vcan0: j1939_tp_rxtimer: 0xffff88803178b400: abort rx timeout. Force session deactivation
[  291.239357][ T7848] tmpfs: Group quota block hardlimit too large.
[  291.876686][ T2956] wlan1: Trigger new scan to find an IBSS to join
[  292.983183][ T7857] lo speed is unknown, defaulting to 1000
[  292.992393][ T7857] lo speed is unknown, defaulting to 1000
[  293.000063][ T7857] lo speed is unknown, defaulting to 1000
[  293.141418][ T7857] infiniband syz0: set active
[  293.147823][ T7857] infiniband syz0: added lo
[  293.435607][ T7860] netlink: 'syz.0.399': attribute type 1 has an invalid length.
[  293.443421][ T7860] netlink: 224 bytes leftover after parsing attributes in process `syz.0.399'.
[  293.634147][ T7857] workqueue: Failed to create a rescuer kthread for wq "ib_mad1": -EINTR
[  293.637958][ T7857] infiniband syz0: Couldn't open port 1
[  293.683624][    T9] lo speed is unknown, defaulting to 1000
[  294.738468][ T7857] RDS/IB: syz0: added
[  294.743052][ T7857] smc: adding ib device syz0 with port count 1
[  294.749557][ T7857] smc:    ib device syz0 port 1 has pnetid 
[  294.803923][ T7857] lo speed is unknown, defaulting to 1000
[  294.973198][ T7857] lo speed is unknown, defaulting to 1000
[  295.126786][ T7857] lo speed is unknown, defaulting to 1000
[  295.278000][ T7857] lo speed is unknown, defaulting to 1000
[  295.432471][ T7857] lo speed is unknown, defaulting to 1000
[  295.585234][ T7857] lo speed is unknown, defaulting to 1000
[  295.735413][    T9] lo speed is unknown, defaulting to 1000
[  296.137348][ T7867] input: syz1 as /devices/virtual/input/input10
[  296.716215][ T7879] FAT-fs (nullb0): bogus number of reserved sectors
[  296.722937][ T7879] FAT-fs (nullb0): Can't find a valid FAT filesystem
[  296.954106][   T10] libceph: connect (1)[c::]:6789 error -101
[  297.096497][ T7878] ceph: No mds server is up or the cluster is laggy
[  297.124092][   T10] libceph: mon0 (1)[c::]:6789 connect error
[  297.198549][ T7884] loop8: detected capacity change from 0 to 1
[  298.219601][ T7889] netlink: 68 bytes leftover after parsing attributes in process `syz.0.404'.
[  298.524337][ T7884] Dev loop8: unable to read RDB block 1
[  298.838212][ T7892] wlan1: Trigger new scan to find an IBSS to join
[  298.885014][ T7897] netdevsim netdevsim6 netdevsim0: entered promiscuous mode
[  299.010781][ T7884]  loop8: unable to read partition table
[  299.039327][ T7897] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  299.064118][ T7886] syz.7.402: vmalloc error: size 16777216, failed to allocated page array size 32768, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  299.083319][ T7884] loop8: partition table beyond EOD, truncated
[  299.113517][ T7884] loop_reread_partitions: partition scan of loop8 (þ被xü^>Ñà– ) failed (rc=-5)
[  299.181274][ T7897] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  299.206006][ T7906] netlink: 12 bytes leftover after parsing attributes in process `syz.0.408'.
[  299.246148][ T2993] Bluetooth: hci6: Frame reassembly failed (-84)
[  299.332186][ T7886] CPU: 0 UID: 0 PID: 7886 Comm: syz.7.402 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[  299.332216][ T7886] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  299.332228][ T7886] Call Trace:
[  299.332236][ T7886]  <TASK>
[  299.332245][ T7886]  dump_stack_lvl+0x189/0x250
[  299.332281][ T7886]  ? __pfx_dump_stack_lvl+0x10/0x10
[  299.332307][ T7886]  ? __pfx__printk+0x10/0x10
[  299.332336][ T7886]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  299.332368][ T7886]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  299.332400][ T7886]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[  299.332433][ T7886]  warn_alloc+0x214/0x310
[  299.332462][ T7886]  ? __pfx_warn_alloc+0x10/0x10
[  299.332494][ T7886]  ? __get_vm_area_node+0x28f/0x300
[  299.332523][ T7886]  __vmalloc_node_range_noprof+0x5f2/0x12c0
[  299.332547][ T7886]  ? __asan_memset+0x22/0x50
[  299.332593][ T7886]  ? __mutex_lock+0x330/0xe80
[  299.332633][ T7886]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  299.332653][ T7886]  ? __kasan_kmalloc_large+0x1a/0xa0
[  299.332686][ T7886]  ? rcu_is_watching+0x15/0xb0
[  299.332717][ T7886]  ? __v4l2_ctrl_modify_dimensions+0x443/0xb90
[  299.332748][ T7886]  ? __v4l2_ctrl_modify_dimensions+0x443/0xb90
[  299.332777][ T7886]  __kvmalloc_node_noprof+0x3a0/0x5e0
[  299.332798][ T7886]  ? __v4l2_ctrl_modify_dimensions+0x443/0xb90
[  299.332837][ T7886]  __v4l2_ctrl_modify_dimensions+0x443/0xb90
[  299.332871][ T7886]  ? tpg_update_mv_step+0x2b1/0x520
[  299.332900][ T7886]  vivid_update_format_cap+0x134e/0x20e0
[  299.332944][ T7886]  ? __pfx_vivid_update_format_cap+0x10/0x10
[  299.332973][ T7886]  ? vivid_get_format+0x2ad/0x2e0
[  299.333005][ T7886]  vivid_s_fmt_vid_cap+0x278b/0x57b0
[  299.333035][ T7886]  ? __lock_acquire+0xaac/0xd20
[  299.333071][ T7886]  ? __mutex_trylock_common+0x153/0x260
[  299.333100][ T7886]  ? __asan_memset+0x22/0x50
[  299.333132][ T7886]  fmt_sp2mp_func+0xcc/0x400
[  299.333157][ T7886]  ? __pfx_vivid_s_fmt_vid_cap+0x10/0x10
[  299.333186][ T7886]  ? __pfx_fmt_sp2mp_func+0x10/0x10
[  299.333245][ T7886]  ? v4l_sanitize_format+0x5d6/0x9f0
[  299.333273][ T7886]  ? video_devdata+0x6b/0xd0
[  299.333298][ T7886]  ? vidioc_s_fmt_vid_cap+0x8c/0xc0
[  299.333332][ T7886]  v4l_s_fmt+0x641/0xbf0
[  299.333368][ T7886]  __video_do_ioctl+0xc98/0xdb0
[  299.333408][ T7886]  ? __pfx___video_do_ioctl+0x10/0x10
[  299.333455][ T7886]  video_usercopy+0x86e/0x14f0
[  299.333495][ T7886]  ? __pfx___video_do_ioctl+0x10/0x10
[  299.333525][ T7886]  ? __pfx_video_usercopy+0x10/0x10
[  299.333551][ T7886]  ? smack_file_ioctl+0x2a9/0x340
[  299.333591][ T7886]  ? __fget_files+0x3a0/0x420
[  299.333623][ T7886]  v4l2_ioctl+0x18d/0x1e0
[  299.333654][ T7886]  ? __pfx_v4l2_ioctl+0x10/0x10
[  299.333682][ T7886]  __se_sys_ioctl+0xf9/0x170
[  299.333713][ T7886]  do_syscall_64+0xf6/0x210
[  299.333742][ T7886]  ? clear_bhb_loop+0x60/0xb0
[  299.333769][ T7886]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  299.333789][ T7886] RIP: 0033:0x7f00a678e969
[  299.333807][ T7886] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  299.333826][ T7886] RSP: 002b:00007f00a75c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  299.333848][ T7886] RAX: ffffffffffffffda RBX: 00007f00a69b6240 RCX: 00007f00a678e969
[  299.333864][ T7886] RDX: 00002000000000c0 RSI: 00000000c0d05605 RDI: 000000000000000a
[  299.333877][ T7886] RBP: 00007f00a6810ab1 R08: 0000000000000000 R09: 0000000000000000
[  299.333891][ T7886] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  299.333904][ T7886] R13: 0000000000000000 R14: 00007f00a69b6240 R15: 00007ffd1e095e68
[  299.333936][ T7886]  </TASK>
[  299.689405][ T7886] Mem-Info:
[  299.705285][ T7886] active_anon:283 inactive_anon:12272 isolated_anon:0
[  299.705285][ T7886]  active_file:5635 inactive_file:36184 isolated_file:0
[  299.705285][ T7886]  unevictable:768 dirty:102 writeback:24
[  299.705285][ T7886]  slab_reclaimable:10495 slab_unreclaimable:105477
[  299.705285][ T7886]  mapped:41297 shmem:6307 pagetables:1396
[  299.705285][ T7886]  sec_pagetables:0 bounce:0
[  299.705285][ T7886]  kernel_misc_reclaimable:0
[  299.705285][ T7886]  free:1316500 free_pcp:478 free_cma:0
[  299.773838][ T7886] Node 0 active_anon:1132kB inactive_anon:49188kB active_file:22336kB inactive_file:144736kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:165188kB dirty:408kB writeback:96kB shmem:23692kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12156kB pagetables:5584kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  299.896599][ T7886] Node 1 active_anon:0kB inactive_anon:0kB active_file:204kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:8kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  299.942252][ T7886] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  300.038153][ T7886] lowmem_reserve[]: 0 2504 2504 2504 2504
[  300.157515][ T7886] Node 0 DMA32 free:1344696kB boost:0kB min:34304kB low:42880kB high:51456kB reserved_highatomic:0KB active_anon:1128kB inactive_anon:49448kB active_file:22240kB inactive_file:144724kB unevictable:1536kB writepending:412kB present:3129332kB managed:2564568kB mlocked:0kB bounce:0kB free_pcp:1808kB local_pcp:1092kB free_cma:0kB
[  300.196673][ T7886] lowmem_reserve[]: 0 0 0 0 0
[  300.336308][ T7886] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB active_anon:4kB inactive_anon:4kB active_file:92kB inactive_file:12kB unevictable:0kB writepending:0kB present:1048580kB managed:112kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  300.395338][ T5906] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[  300.410408][ T1138] wlan1: Creating new IBSS network, BSSID 9a:df:14:84:7b:e8
[  300.503073][ T7886] lowmem_reserve[]: 0 0 0 0 0
[  300.513563][ T7886] Node 1 Normal free:3906480kB boost:0kB min:55592kB low:69488kB high:83384kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:204kB inactive_file:0kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  300.574727][ T7886] lowmem_reserve[]: 0 0 0 0 0
[  300.579906][ T7886] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  300.593063][ T7886] Node 0 DMA32: 16*4kB (ME) 5*8kB (E) 1*16kB (M) 112*32kB (UME) 190*64kB (UME) 48*128kB (UME) 17*256kB (ME) 10*512kB (M) 4*1024kB (UM) 5*2048kB (UME) 317*4096kB (UM) = 1344248kB
[  300.611318][ T7886] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  300.625160][ T7886] Node 1 Normal: 224*4kB (UE) 50*8kB (UME) 38*16kB (UME) 208*32kB (UME) 93*64kB (UME) 32*128kB (UME) 13*256kB (UME) 9*512kB (UM) 5*1024kB (UME) 2*2048kB (UE) 945*4096kB (M) = 3906480kB
[  300.643944][ T7886] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  300.653681][ T7886] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  300.663072][ T7886] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  300.681735][ T7886] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  300.692564][ T7886] 49446 total pagecache pages
[  300.702995][ T7886] 0 pages in swap cache
[  300.711999][ T7886] Free swap  = 124996kB
[  300.721041][ T7886] Total swap = 124996kB
[  300.735088][ T7886] 2097051 pages RAM
[  300.742770][ T7886] 0 pages HighMem/MovableOnly
[  300.755259][ T7886] 424250 pages reserved
[  300.762116][ T7886] 0 pages cma reserved
[  300.802597][ T5906] usb 7-1: device descriptor read/64, error -71
[  301.256164][ T5131] Bluetooth: hci6: command 0x1003 tx timeout
[  301.285979][ T5839] Bluetooth: hci6: Opcode 0x1003 failed: -110
[  301.545340][ T5906] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[  301.650079][ T7925] FAULT_INJECTION: forcing a failure.
[  301.650079][ T7925] name failslab, interval 1, probability 0, space 0, times 0
[  301.725518][ T5906] usb 7-1: device descriptor read/64, error -71
[  301.747787][ T7925] CPU: 1 UID: 0 PID: 7925 Comm: syz.0.412 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[  301.747817][ T7925] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  301.747830][ T7925] Call Trace:
[  301.747839][ T7925]  <TASK>
[  301.747848][ T7925]  dump_stack_lvl+0x189/0x250
[  301.747885][ T7925]  ? __pfx_dump_stack_lvl+0x10/0x10
[  301.747913][ T7925]  ? __pfx__printk+0x10/0x10
[  301.747947][ T7925]  ? __pfx___might_resched+0x10/0x10
[  301.747979][ T7925]  ? fs_reclaim_acquire+0x7d/0x100
[  301.748008][ T7925]  should_fail_ex+0x414/0x560
[  301.748036][ T7925]  should_failslab+0xa8/0x100
[  301.748058][ T7925]  __kmalloc_noprof+0xcb/0x4f0
[  301.748088][ T7925]  ? tomoyo_encode+0x28b/0x550
[  301.748121][ T7925]  tomoyo_encode+0x28b/0x550
[  301.748154][ T7925]  tomoyo_realpath_from_path+0x58d/0x5d0
[  301.748185][ T7925]  ? tomoyo_domain+0xda/0x130
[  301.748220][ T7925]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  301.748243][ T7925]  tomoyo_path_number_perm+0x1e8/0x5a0
[  301.748269][ T7925]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  301.748311][ T7925]  ? __lock_acquire+0xaac/0xd20
[  301.748377][ T7925]  ? __fget_files+0x2a/0x420
[  301.748402][ T7925]  ? __fget_files+0x3a0/0x420
[  301.748419][ T7925]  ? __fget_files+0x2a/0x420
[  301.748442][ T7925]  security_file_ioctl+0xcb/0x2d0
[  301.748469][ T7925]  __se_sys_ioctl+0x47/0x170
[  301.748499][ T7925]  do_syscall_64+0xf6/0x210
[  301.748527][ T7925]  ? clear_bhb_loop+0x60/0xb0
[  301.748552][ T7925]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  301.748572][ T7925] RIP: 0033:0x7fdf1e38e969
[  301.748589][ T7925] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  301.748605][ T7925] RSP: 002b:00007fdf1f1e9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  301.748633][ T7925] RAX: ffffffffffffffda RBX: 00007fdf1e5b5fa0 RCX: 00007fdf1e38e969
[  301.748648][ T7925] RDX: 0000200000000740 RSI: 00000000000089f3 RDI: 0000000000000003
[  301.748661][ T7925] RBP: 00007fdf1f1e9090 R08: 0000000000000000 R09: 0000000000000000
[  301.748674][ T7925] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  301.748686][ T7925] R13: 0000000000000000 R14: 00007fdf1e5b5fa0 R15: 00007ffe67baa488
[  301.748718][ T7925]  </TASK>
[  301.748934][ T7925] ERROR: Out of memory at tomoyo_realpath_from_path.
[  303.095471][ T5906] usb usb7-port1: attempt power cycle
[  303.382418][ T7938] adf_ctl_ioctl: 15 callbacks suppressed
[  303.382432][ T7938] QAT: Invalid ioctl 1075883590
[  303.393841][ T7938] QAT: Invalid ioctl 1075883590
[  303.399068][ T7938] QAT: Invalid ioctl 1075883590
[  303.403974][ T7938] QAT: Invalid ioctl 1075883590
[  303.408927][ T7938] QAT: Invalid ioctl 1075883590
[  303.413823][ T7938] QAT: Invalid ioctl 1075883590
[  303.418830][ T7938] QAT: Invalid ioctl 1075883590
[  303.423726][ T7938] QAT: Invalid ioctl 1075883590
[  303.428673][ T7938] QAT: Invalid ioctl 1075883590
[  303.433580][ T7938] QAT: Invalid ioctl 1075883590
[  304.118951][ T7956] tmpfs: Group quota block hardlimit too large.
[  305.334933][ T7960] FAULT_INJECTION: forcing a failure.
[  305.334933][ T7960] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  305.348651][ T7960] CPU: 0 UID: 0 PID: 7960 Comm: syz.3.422 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[  305.348678][ T7960] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  305.348688][ T7960] Call Trace:
[  305.348694][ T7960]  <TASK>
[  305.348700][ T7960]  dump_stack_lvl+0x189/0x250
[  305.348722][ T7960]  ? __lock_acquire+0xaac/0xd20
[  305.348744][ T7960]  ? __pfx_dump_stack_lvl+0x10/0x10
[  305.348763][ T7960]  ? __pfx__printk+0x10/0x10
[  305.348786][ T7960]  ? __might_fault+0xb0/0x130
[  305.348818][ T7960]  should_fail_ex+0x414/0x560
[  305.348836][ T7960]  _copy_from_user+0x2d/0xb0
[  305.348858][ T7960]  uhid_dev_create+0x104/0x520
[  305.348875][ T7960]  ? __pfx_uhid_dev_create+0x10/0x10
[  305.348921][ T7960]  uhid_char_write+0x80b/0xd10
[  305.348934][ T7960]  ? vfs_write+0x261/0xa90
[  305.348956][ T7960]  ? __pfx_uhid_char_write+0x10/0x10
[  305.348972][ T7960]  vfs_write+0x27e/0xa90
[  305.348998][ T7960]  ? __pfx_vfs_write+0x10/0x10
[  305.349020][ T7960]  ? __fget_files+0x2a/0x420
[  305.349035][ T7960]  ? __fget_files+0x2a/0x420
[  305.349058][ T7960]  ? __fget_files+0x3a0/0x420
[  305.349070][ T7960]  ? __fget_files+0x2a/0x420
[  305.349089][ T7960]  ksys_write+0x145/0x250
[  305.349112][ T7960]  ? __pfx_ksys_write+0x10/0x10
[  305.349136][ T7960]  ? do_syscall_64+0xba/0x210
[  305.349159][ T7960]  do_syscall_64+0xf6/0x210
[  305.349178][ T7960]  ? asm_sysvec_call_function_single+0x1a/0x20
[  305.349193][ T7960]  ? clear_bhb_loop+0x60/0xb0
[  305.349210][ T7960]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  305.349224][ T7960] RIP: 0033:0x7fe99858e969
[  305.349237][ T7960] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  305.349249][ T7960] RSP: 002b:00007fe9963d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  305.349265][ T7960] RAX: ffffffffffffffda RBX: 00007fe9987b6080 RCX: 00007fe99858e969
[  305.349276][ T7960] RDX: 000000000000011c RSI: 0000200000000240 RDI: 0000000000000005
[  305.349285][ T7960] RBP: 00007fe9963d5090 R08: 0000000000000000 R09: 0000000000000000
[  305.349294][ T7960] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  305.349303][ T7960] R13: 0000000000000000 R14: 00007fe9987b6080 R15: 00007fffeb36c6c8
[  305.349325][ T7960]  </TASK>
[  306.025456][    T9] usb 7-1: new high-speed USB device number 16 using dummy_hcd
[  306.201784][    T9] usb 7-1: Using ep0 maxpacket: 8
[  306.667682][ T7975] overlayfs: workdir and upperdir must be separate subtrees
[  306.685635][    T9] usb 7-1: config 150 has an invalid interface number: 204 but max is 1
[  306.694083][    T9] usb 7-1: config 150 has no interface number 0
[  306.745364][    T9] usb 7-1: config 150 interface 204 has no altsetting 0
[  306.762459][    T9] usb 7-1: config 150 interface 1 has no altsetting 0
[  306.836685][    T9] usb 7-1: New USB device found, idVendor=04e2, idProduct=1424, bcdDevice=c7.eb
[  306.869716][    T9] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  306.902389][    T9] usb 7-1: Product: syz
[  306.913141][    T9] usb 7-1: Manufacturer: syz
[  306.954956][    T9] usb 7-1: SerialNumber: syz
[  307.194305][    T9] xr_serial 7-1:150.204: xr_serial converter detected
[  307.991982][    T9] usb 7-1: xr_serial converter now attached to ttyUSB0
[  309.433918][ T8006] adf_ctl_ioctl: 15 callbacks suppressed
[  309.433953][ T8006] QAT: Invalid ioctl 1075883590
[  309.444662][ T8006] QAT: Invalid ioctl 1075883590
[  309.449642][ T8006] QAT: Invalid ioctl 1075883590
[  309.454575][ T8006] QAT: Invalid ioctl 1075883590
[  309.459528][ T8006] QAT: Invalid ioctl 1075883590
[  309.464427][ T8006] QAT: Invalid ioctl 1075883590
[  309.469352][ T8006] QAT: Invalid ioctl 1075883590
[  309.474282][ T8006] QAT: Invalid ioctl 1075883590
[  309.479356][ T8006] QAT: Invalid ioctl 1075883590
[  309.484272][ T8006] QAT: Invalid ioctl 1075883590
[  309.691226][ T8009] openvswitch: netlink: Actions may not be safe on all matching packets
[  309.796654][ T8013] dlm: no local IP address has been set
[  309.802508][ T8013] dlm: cannot start dlm midcomms -107
[  309.990687][ T8011] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  310.217058][ T8019] FAT-fs (nullb0): bogus number of reserved sectors
[  310.223770][ T8019] FAT-fs (nullb0): Can't find a valid FAT filesystem
[  310.251650][ T5879] libceph: connect (1)[c::]:6789 error -101
[  310.302296][ T5879] libceph: mon0 (1)[c::]:6789 connect error
[  310.692837][ T8016] ceph: No mds server is up or the cluster is laggy
[  310.735751][ T5879] libceph: connect (1)[c::]:6789 error -101
[  310.753035][ T5879] libceph: mon0 (1)[c::]:6789 connect error
[  310.920169][ T5906] usb 7-1: USB disconnect, device number 16
[  311.094689][ T5906] xr_serial ttyUSB0: xr_serial converter now disconnected from ttyUSB0
[  311.153392][ T5906] xr_serial 7-1:150.204: device disconnected
[  311.419078][ T8035] netlink: 'syz.6.437': attribute type 1 has an invalid length.
[  311.427628][ T8035] netlink: 'syz.6.437': attribute type 4 has an invalid length.
[  311.436469][ T8035] netlink: 9462 bytes leftover after parsing attributes in process `syz.6.437'.
[  312.120319][ T8038] loop8: detected capacity change from 0 to 1
[  312.147329][ T8034] overlayfs: overlapping lowerdir path
[  312.168520][ T5836] Dev loop8: unable to read RDB block 1
[  312.230562][ T5836]  loop8: unable to read partition table
[  312.278014][ T5836] loop8: partition table beyond EOD, truncated
[  312.506319][ T8038] Dev loop8: unable to read RDB block 1
[  312.542460][ T8039] warn_alloc: 1 callbacks suppressed
[  312.542481][ T8039] syz.3.434: vmalloc error: size 16777216, failed to allocated page array size 32768, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null)
[  312.583048][ T8038]  loop8: unable to read partition table
[  312.664550][ T8038] loop8: partition table beyond EOD, truncated
[  313.183908][ T8038] loop_reread_partitions: partition scan of loop8 (þ被xü^>Ñà– ) failed (rc=-5)
[  313.251167][ T8039] ,cpuset=/,mems_allowed=0-1
[  313.358403][ T8039] CPU: 1 UID: 0 PID: 8039 Comm: syz.3.434 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[  313.358436][ T8039] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  313.358450][ T8039] Call Trace:
[  313.358459][ T8039]  <TASK>
[  313.358468][ T8039]  dump_stack_lvl+0x189/0x250
[  313.358505][ T8039]  ? __pfx_rcu_read_unlock_special+0x10/0x10
[  313.358533][ T8039]  ? __pfx_dump_stack_lvl+0x10/0x10
[  313.358562][ T8039]  ? __pfx__printk+0x10/0x10
[  313.358608][ T8039]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  313.358654][ T8039]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  313.358699][ T8039]  warn_alloc+0x214/0x310
[  313.358733][ T8039]  ? __pfx_warn_alloc+0x10/0x10
[  313.358771][ T8039]  ? __get_vm_area_node+0x28f/0x300
[  313.358800][ T8039]  __vmalloc_node_range_noprof+0x5f2/0x12c0
[  313.358825][ T8039]  ? __asan_memset+0x22/0x50
[  313.358873][ T8039]  ? __mutex_lock+0x330/0xe80
[  313.358903][ T8039]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  313.358930][ T8039]  ? __kasan_kmalloc_large+0x1a/0xa0
[  313.358964][ T8039]  ? rcu_is_watching+0x15/0xb0
[  313.358996][ T8039]  ? __v4l2_ctrl_modify_dimensions+0x443/0xb90
[  313.359028][ T8039]  ? __v4l2_ctrl_modify_dimensions+0x443/0xb90
[  313.359057][ T8039]  __kvmalloc_node_noprof+0x3a0/0x5e0
[  313.359078][ T8039]  ? __v4l2_ctrl_modify_dimensions+0x443/0xb90
[  313.359119][ T8039]  __v4l2_ctrl_modify_dimensions+0x443/0xb90
[  313.359154][ T8039]  ? tpg_update_mv_step+0x2b1/0x520
[  313.359183][ T8039]  vivid_update_format_cap+0x134e/0x20e0
[  313.359228][ T8039]  ? __pfx_vivid_update_format_cap+0x10/0x10
[  313.359258][ T8039]  ? vivid_get_format+0x2ad/0x2e0
[  313.359292][ T8039]  vivid_s_fmt_vid_cap+0x278b/0x57b0
[  313.359329][ T8039]  ? __lock_acquire+0xaac/0xd20
[  313.359364][ T8039]  ? __mutex_trylock_common+0x153/0x260
[  313.359392][ T8039]  ? __asan_memset+0x22/0x50
[  313.359425][ T8039]  fmt_sp2mp_func+0xcc/0x400
[  313.359451][ T8039]  ? __pfx_vivid_s_fmt_vid_cap+0x10/0x10
[  313.359481][ T8039]  ? __pfx_fmt_sp2mp_func+0x10/0x10
[  313.359537][ T8039]  ? v4l_sanitize_format+0x5d6/0x9f0
[  313.359564][ T8039]  ? video_devdata+0x6b/0xd0
[  313.359590][ T8039]  ? vidioc_s_fmt_vid_cap+0x8c/0xc0
[  313.359629][ T8039]  v4l_s_fmt+0x641/0xbf0
[  313.359666][ T8039]  __video_do_ioctl+0xc98/0xdb0
[  313.359708][ T8039]  ? __pfx___video_do_ioctl+0x10/0x10
[  313.359754][ T8039]  video_usercopy+0x86e/0x14f0
[  313.359796][ T8039]  ? __pfx___video_do_ioctl+0x10/0x10
[  313.359827][ T8039]  ? __pfx_video_usercopy+0x10/0x10
[  313.359853][ T8039]  ? smack_file_ioctl+0x2a9/0x340
[  313.359894][ T8039]  ? __fget_files+0x3a0/0x420
[  313.359918][ T8039]  v4l2_ioctl+0x18d/0x1e0
[  313.359948][ T8039]  ? __pfx_v4l2_ioctl+0x10/0x10
[  313.359977][ T8039]  __se_sys_ioctl+0xf9/0x170
[  313.360008][ T8039]  do_syscall_64+0xf6/0x210
[  313.360038][ T8039]  ? clear_bhb_loop+0x60/0xb0
[  313.360064][ T8039]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  313.360084][ T8039] RIP: 0033:0x7fe99858e969
[  313.360104][ T8039] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  313.360122][ T8039] RSP: 002b:00007fe995f91038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  313.360146][ T8039] RAX: ffffffffffffffda RBX: 00007fe9987b6240 RCX: 00007fe99858e969
[  313.360162][ T8039] RDX: 00002000000000c0 RSI: 00000000c0d05605 RDI: 000000000000000a
[  313.360175][ T8039] RBP: 00007fe998610ab1 R08: 0000000000000000 R09: 0000000000000000
[  313.360188][ T8039] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  313.360201][ T8039] R13: 0000000000000000 R14: 00007fe9987b6240 R15: 00007fffeb36c6c8
[  313.360235][ T8039]  </TASK>
[  313.360835][ T8039] Mem-Info:
[  313.750544][ T8039] active_anon:286 inactive_anon:13520 isolated_anon:0
[  313.750544][ T8039]  active_file:5642 inactive_file:36247 isolated_file:0
[  313.750544][ T8039]  unevictable:768 dirty:261 writeback:0
[  313.750544][ T8039]  slab_reclaimable:10515 slab_unreclaimable:105918
[  313.750544][ T8039]  mapped:43857 shmem:7362 pagetables:1457
[  313.750544][ T8039]  sec_pagetables:0 bounce:0
[  313.750544][ T8039]  kernel_misc_reclaimable:0
[  313.750544][ T8039]  free:1313340 free_pcp:407 free_cma:0
[  313.796390][    T9] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  313.927378][ T8039] Node 0 active_anon:1148kB inactive_anon:54276kB active_file:22372kB inactive_file:144988kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:175984kB dirty:1048kB writeback:0kB shmem:28392kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12088kB pagetables:5668kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  313.965516][    T9] usb 1-1: Using ep0 maxpacket: 16
[  313.992448][    T9] usb 1-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3
[  314.016575][ T8039] Node 1 active_anon:0kB inactive_anon:0kB active_file:204kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  314.055264][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  314.071267][    T9] usb 1-1: Product: syz
[  314.077912][    T9] usb 1-1: Manufacturer: syz
[  314.105707][    T9] usb 1-1: SerialNumber: syz
[  314.121135][    T9] usb 1-1: config 0 descriptor??
[  314.454584][ T8039] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  314.559115][    T9] dvb-usb: found a 'AME DTV-5100 USB2.0 DVB-T' in warm state.
[  314.608643][ T8039] lowmem_reserve[]: 0 2504 2504 2504 2504
[  314.647670][ T8039] Node 0 DMA32 free:1329668kB boost:0kB min:34304kB low:42880kB high:51456kB reserved_highatomic:0KB active_anon:1144kB inactive_anon:55672kB active_file:22280kB inactive_file:144976kB unevictable:1536kB writepending:1048kB present:3129332kB managed:2564568kB mlocked:0kB bounce:0kB free_pcp:1008kB local_pcp:760kB free_cma:0kB
[  314.683893][    T9] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  314.771823][    T9] dvbdev: DVB: registering new adapter (AME DTV-5100 USB2.0 DVB-T)
[  314.787296][ T8039] lowmem_reserve[]: 0 0 0 0 0
[  314.810224][    T9] usb 1-1: media controller created
[  314.879326][ T8039] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB active_anon:4kB inactive_anon:4kB active_file:92kB inactive_file:12kB unevictable:0kB writepending:0kB present:1048580kB managed:112kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  314.987191][    T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  315.052708][ T8039] lowmem_reserve[]: 0 0 0 0 0
[  315.103527][ T8039] Node 1 Normal free:3906480kB boost:0kB min:55592kB low:69488kB high:83384kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:204kB inactive_file:0kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  315.386406][ T8039] lowmem_reserve[]: 0 0 0 0 0
[  315.391231][ T8039] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  315.509297][ T8039] Node 0 DMA32: 16*4kB (UE) 7*8kB (ME) 1*16kB (E) 15*32kB (UE) 7*64kB (UME) 2*128kB (UE) 3*256kB (ME) 10*512kB (M) 5*1024kB (UM) 4*2048kB (ME) 317*4096kB (UM) = 1318952kB
[  315.639888][ T8039] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  315.734419][ T8039] Node 1 Normal: 225*4kB (UE) 50*8kB (UME) 38*16kB (UME) 208*32kB (UME) 93*64kB (UME) 32*128kB (UME) 13*256kB (UME) 9*512kB (UM) 5*1024kB (UME) 2*2048kB (UE) 945*4096kB (M) = 3906484kB
[  315.763286][    T9] zl10353_read_register: readreg error (reg=127, ret==0)
[  315.792208][    T9] dvb-usb: no frontend was attached by 'AME DTV-5100 USB2.0 DVB-T'
[  315.815418][ T8039] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  315.821308][    T9] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully initialized and connected.
[  315.844155][ T8069] adf_ctl_ioctl: 15 callbacks suppressed
[  315.844169][ T8069] QAT: Invalid ioctl 1075883590
[  315.855819][ T8069] QAT: Invalid ioctl 1075883590
[  315.860910][ T8069] QAT: Invalid ioctl 1075883590
[  315.866283][ T8069] QAT: Invalid ioctl 1075883590
[  315.871207][ T8069] QAT: Invalid ioctl 1075883590
[  315.876348][ T8069] QAT: Invalid ioctl 1075883590
[  315.882410][ T8069] QAT: Invalid ioctl 1075883590
[  315.887469][ T8069] QAT: Invalid ioctl 1075883590
[  315.892469][ T8069] QAT: Invalid ioctl 1075883590
[  315.897430][ T8069] QAT: Invalid ioctl 1075883590
[  315.967385][ T8039] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  316.033690][ T8039] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  316.215460][ T8039] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  316.337896][ T8039] 52749 total pagecache pages
[  316.369464][ T8039] 1 pages in swap cache
[  316.414037][ T8039] Free swap  = 124336kB
[  316.422757][ T8039] Total swap = 124996kB
[  316.430575][ T8039] 2097051 pages RAM
[  316.434586][ T8039] 0 pages HighMem/MovableOnly
[  316.444862][ T8039] 424250 pages reserved
[  316.453584][ T8039] 0 pages cma reserved
[  316.684359][ T8082] FAULT_INJECTION: forcing a failure.
[  316.684359][ T8082] name failslab, interval 1, probability 0, space 0, times 0
[  316.698431][ T8082] CPU: 0 UID: 0 PID: 8082 Comm: syz.6.444 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[  316.698460][ T8082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  316.698473][ T8082] Call Trace:
[  316.698481][ T8082]  <TASK>
[  316.698489][ T8082]  dump_stack_lvl+0x189/0x250
[  316.698526][ T8082]  ? __pfx_dump_stack_lvl+0x10/0x10
[  316.698554][ T8082]  ? __pfx__printk+0x10/0x10
[  316.698592][ T8082]  ? __pfx___might_resched+0x10/0x10
[  316.698628][ T8082]  should_fail_ex+0x414/0x560
[  316.698654][ T8082]  should_failslab+0xa8/0x100
[  316.698675][ T8082]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  316.698708][ T8082]  ? __alloc_skb+0x112/0x2d0
[  316.698737][ T8082]  __alloc_skb+0x112/0x2d0
[  316.698767][ T8082]  pfkey_sendmsg+0x1dd/0x1090
[  316.698795][ T8082]  ? smack_socket_sendmsg+0xd4/0x520
[  316.698822][ T8082]  ? smack_socket_sendmsg+0x1a7/0x520
[  316.698851][ T8082]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  316.698872][ T8082]  ? __pfx___schedule+0x10/0x10
[  316.698903][ T8082]  ? __lock_acquire+0xaac/0xd20
[  316.698935][ T8082]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x300
[  316.698975][ T8082]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  316.698998][ T8082]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  316.699019][ T8082]  __sock_sendmsg+0x219/0x270
[  316.699043][ T8082]  ____sys_sendmsg+0x505/0x830
[  316.699078][ T8082]  ? __pfx_____sys_sendmsg+0x10/0x10
[  316.699115][ T8082]  ? import_iovec+0x74/0xa0
[  316.699148][ T8082]  ___sys_sendmsg+0x21f/0x2a0
[  316.699179][ T8082]  ? __pfx____sys_sendmsg+0x10/0x10
[  316.699253][ T8082]  ? __fget_files+0x2a/0x420
[  316.699271][ T8082]  ? __fget_files+0x3a0/0x420
[  316.699301][ T8082]  __x64_sys_sendmsg+0x19b/0x260
[  316.699333][ T8082]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  316.699378][ T8082]  ? do_syscall_64+0xba/0x210
[  316.699410][ T8082]  do_syscall_64+0xf6/0x210
[  316.699437][ T8082]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  316.699456][ T8082]  ? clear_bhb_loop+0x60/0xb0
[  316.699481][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  316.699501][ T8082] RIP: 0033:0x7f35a778e969
[  316.699518][ T8082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  316.699537][ T8082] RSP: 002b:00007f35a85ef038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  316.699558][ T8082] RAX: ffffffffffffffda RBX: 00007f35a79b6160 RCX: 00007f35a778e969
[  316.699573][ T8082] RDX: 0000000000000014 RSI: 0000200000000000 RDI: 0000000000000003
[  316.699586][ T8082] RBP: 00007f35a85ef090 R08: 0000000000000000 R09: 0000000000000000
[  316.699599][ T8082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  316.699611][ T8082] R13: 0000000000000000 R14: 00007f35a79b6160 R15: 00007ffefcce3b38
[  316.699643][ T8082]  </TASK>
[  317.163223][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  319.239400][ T5839] Bluetooth: hci2: command 0x0406 tx timeout
[  422.185187][    C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  422.192191][    C0] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P8001/1:b..l
[  422.200551][    C0] rcu: 	(detected by 0, t=10502 jiffies, g=23069, q=781 ncpus=2)
[  422.208296][    C0] task:syz.7.429       state:R  running task     stack:24280 pid:8001  tgid:8001  ppid:6829   task_flags:0x40044c flags:0x00004006
[  422.222544][    C0] Call Trace:
[  422.225874][    C0]  <TASK>
[  422.228850][    C0]  __schedule+0x168f/0x4c70
[  422.233403][    C0]  ? preempt_schedule_irq+0xb5/0x150
[  422.238721][    C0]  ? __pfx___schedule+0x10/0x10
[  422.243606][    C0]  ? is_bpf_text_address+0x26/0x2b0
[  422.248852][    C0]  ? preempt_schedule_irq+0xaa/0x150
[  422.254162][    C0]  preempt_schedule_irq+0xb5/0x150
[  422.259301][    C0]  ? __pfx_preempt_schedule_irq+0x10/0x10
[  422.265045][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  422.271248][    C0]  ? rcu_irq_exit_check_preempt+0xdf/0x210
[  422.277265][    C0]  irqentry_exit+0x6f/0x90
[  422.281711][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  422.287732][    C0] RIP: 0010:lock_acquire+0x175/0x360
[  422.293090][    C0] Code: 00 00 00 00 9c 8f 44 24 30 f7 44 24 30 00 02 00 00 0f 85 cd 00 00 00 f7 44 24 08 00 02 00 00 74 01 fb 65 48 8b 05 6b 60 d4 10 <48> 3b 44 24 58 0f 85 f2 00 00 00 48 83 c4 60 5b 41 5c 41 5d 41 5e
[  422.312815][    C0] RSP: 0018:ffffc90003aeed18 EFLAGS: 00000206
[  422.318928][    C0] RAX: 271698b120e8a300 RBX: 0000000000000000 RCX: 271698b120e8a300
[  422.326958][    C0] RDX: 0000000000000001 RSI: ffffffff8d9245d7 RDI: ffffffff8bc11fc0
[  422.335398][    C0] RBP: ffffffff8171ca05 R08: 0000000000000000 R09: 0000000000000000
[  422.343402][    C0] R10: 0000000000000000 R11: ffffffff8171ca05 R12: 0000000000000002
[  422.351397][    C0] R13: ffffffff8df3dee0 R14: 0000000000000000 R15: 0000000000000246
[  422.359397][    C0]  ? unwind_next_frame+0xa5/0x2390
[  422.364541][    C0]  ? unwind_next_frame+0xa5/0x2390
[  422.369699][    C0]  ? unwind_next_frame+0xa5/0x2390
[  422.374842][    C0]  ? get_signal+0x125e/0x1310
[  422.379640][    C0]  ? unwind_next_frame+0xa5/0x2390
[  422.384767][    C0]  unwind_next_frame+0xc2/0x2390
[  422.389724][    C0]  ? unwind_next_frame+0xa5/0x2390
[  422.394862][    C0]  ? unwind_next_frame+0xa5/0x2390
[  422.400000][    C0]  ? do_group_exit+0x21c/0x2d0
[  422.404794][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  422.410967][    C0]  arch_stack_walk+0x11c/0x150
[  422.415761][    C0]  ? get_signal+0x125e/0x1310
[  422.420470][    C0]  stack_trace_save+0x9c/0xe0
[  422.425170][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[  422.430578][    C0]  save_stack+0xf7/0x1f0
[  422.434851][    C0]  ? __pfx_save_stack+0x10/0x10
[  422.439728][    C0]  ? free_unref_folios+0xb70/0x1490
[  422.444941][    C0]  ? folios_put_refs+0x559/0x640
[  422.449896][    C0]  ? shmem_undo_range+0x49e/0x14b0
[  422.455036][    C0]  ? shmem_evict_inode+0x272/0xa70
[  422.460172][    C0]  ? evict+0x501/0x9c0
[  422.464263][    C0]  ? __dentry_kill+0x209/0x660
[  422.469043][    C0]  ? dput+0x19f/0x2b0
[  422.473042][    C0]  ? __fput+0x68e/0xa70
[  422.477227][    C0]  ? task_work_run+0x1d4/0x260
[  422.482023][    C0]  ? do_exit+0x8d6/0x2550
[  422.486372][    C0]  ? do_group_exit+0x21c/0x2d0
[  422.491156][    C0]  ? get_signal+0x125e/0x1310
[  422.495867][    C0]  ? page_ext_put+0x97/0xc0
[  422.500410][    C0]  __reset_page_owner+0x71/0x1f0
[  422.505380][    C0]  free_unref_folios+0xb70/0x1490
[  422.510449][    C0]  folios_put_refs+0x559/0x640
[  422.515247][    C0]  ? __pfx_folios_put_refs+0x10/0x10
[  422.520565][    C0]  ? folio_batch_remove_exceptionals+0x18c/0x1f0
[  422.526920][    C0]  shmem_undo_range+0x49e/0x14b0
[  422.531987][    C0]  ? __lock_acquire+0xaac/0xd20
[  422.536869][    C0]  ? __pfx_shmem_undo_range+0x10/0x10
[  422.542311][    C0]  ? __lock_acquire+0xaac/0xd20
[  422.547229][    C0]  ? percpu_counter_add_batch+0xea/0x1e0
[  422.552902][    C0]  shmem_evict_inode+0x272/0xa70
[  422.557873][    C0]  ? inode_wait_for_writeback+0xf9/0x290
[  422.563531][    C0]  ? __pfx_shmem_evict_inode+0x10/0x10
[  422.569013][    C0]  ? __pfx_inode_wait_for_writeback+0x10/0x10
[  422.575113][    C0]  ? do_raw_spin_unlock+0x122/0x240
[  422.580334][    C0]  ? __pfx_shmem_evict_inode+0x10/0x10
[  422.585852][    C0]  evict+0x501/0x9c0
[  422.589779][    C0]  ? __pfx_evict+0x10/0x10
[  422.594223][    C0]  ? do_raw_spin_unlock+0x122/0x240
[  422.599446][    C0]  ? _raw_spin_unlock+0x28/0x50
[  422.604326][    C0]  ? iput+0x6d8/0x9d0
[  422.608333][    C0]  __dentry_kill+0x209/0x660
[  422.612941][    C0]  ? dput+0x37/0x2b0
[  422.616859][    C0]  dput+0x19f/0x2b0
[  422.620690][    C0]  __fput+0x68e/0xa70
[  422.624705][    C0]  task_work_run+0x1d4/0x260
[  422.629330][    C0]  ? __pfx_task_work_run+0x10/0x10
[  422.634476][    C0]  do_exit+0x8d6/0x2550
[  422.638780][    C0]  ? do_raw_spin_lock+0x121/0x290
[  422.643857][    C0]  ? __pfx_do_exit+0x10/0x10
[  422.648487][    C0]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  422.653915][    C0]  do_group_exit+0x21c/0x2d0
[  422.658560][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  422.663809][    C0]  get_signal+0x125e/0x1310
[  422.668385][    C0]  arch_do_signal_or_restart+0x95/0x780
[  422.673980][    C0]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  422.680204][    C0]  ? local_irq_enable_exit_to_user+0x5/0x10
[  422.686171][    C0]  syscall_exit_to_user_mode+0x8b/0x120
[  422.691790][    C0]  do_syscall_64+0x103/0x210
[  422.696441][    C0]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  422.702113][    C0]  ? clear_bhb_loop+0x60/0xb0
[  422.706823][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  422.712740][    C0] RIP: 0033:0x7f00a678e969
[  422.717192][    C0] RSP: 002b:00007ffd1e095fc8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  422.725637][    C0] RAX: 0000000000000000 RBX: 00007f00a69b7ba0 RCX: 00007f00a678e969
[  422.733624][    C0] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  422.741612][    C0] RBP: 00007f00a69b7ba0 R08: 000000000000300c R09: 0000001b1e0962bf
[  422.749604][    C0] R10: 00007f00a69b7ac0 R11: 0000000000000246 R12: 000000000004c3aa
[  422.757598][    C0] R13: 00007f00a69b6160 R14: ffffffffffffffff R15: 00007ffd1e0960e0
[  422.765610][    C0]  </TASK>
[  422.768648][    C0] rcu: rcu_preempt kthread timer wakeup didn't happen for 10557 jiffies! g23069 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402
[  422.781184][    C0] rcu: 	Possible timer handling issue on cpu=1 timer-softirq=18170
[  422.789187][    C0] rcu: rcu_preempt kthread starved for 10558 jiffies! g23069 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 ->cpu=1
[  422.800613][    C0] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  422.810612][    C0] rcu: RCU grace-period kthread stack dump:
[  422.816518][    C0] task:rcu_preempt     state:I stack:27304 pid:16    tgid:16    ppid:2      task_flags:0x208040 flags:0x00004000
[  422.828540][    C0] Call Trace:
[  422.831858][    C0]  <TASK>
[  422.834823][    C0]  __schedule+0x168f/0x4c70
[  422.839371][    C0]  ? do_raw_spin_unlock+0x122/0x240
[  422.844605][    C0]  ? schedule+0x165/0x360
[  422.848965][    C0]  ? __pfx___schedule+0x10/0x10
[  422.853857][    C0]  ? schedule+0x91/0x360
[  422.858130][    C0]  schedule+0x165/0x360
[  422.862315][    C0]  schedule_timeout+0x12b/0x270
[  422.867190][    C0]  ? __pfx_schedule_timeout+0x10/0x10
[  422.872585][    C0]  ? __pfx_process_timeout+0x10/0x10
[  422.877897][    C0]  ? prepare_to_swait_event+0x341/0x380
[  422.883476][    C0]  rcu_gp_fqs_loop+0x301/0x1540
[  422.888354][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  422.893586][    C0]  ? __pfx_rcu_gp_init+0x10/0x10
[  422.898560][    C0]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[  422.903958][    C0]  ? _raw_spin_unlock_irq+0x2e/0x50
[  422.909188][    C0]  ? finish_swait+0xcd/0x1f0
[  422.913801][    C0]  rcu_gp_kthread+0x99/0x390
[  422.918419][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  422.923643][    C0]  ? __kthread_parkme+0x7b/0x200
[  422.928604][    C0]  ? __kthread_parkme+0x1a1/0x200
[  422.933656][    C0]  kthread+0x711/0x8a0
[  422.937753][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  422.942979][    C0]  ? __pfx_kthread+0x10/0x10
[  422.947616][    C0]  ? __pfx_kthread+0x10/0x10
[  422.952279][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  422.958126][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  422.964234][    C0]  ? __pfx_kthread+0x10/0x10
[  422.968852][    C0]  ret_from_fork+0x4b/0x80
[  422.973464][    C0]  ? __pfx_kthread+0x10/0x10
[  422.978093][    C0]  ret_from_fork_asm+0x1a/0x30
[  422.982905][    C0]  </TASK>
[  422.985956][    C0] rcu: Stack dump where RCU GP kthread last ran:
[  422.992304][    C0] Sending NMI from CPU 0 to CPUs 1:
[  422.997536][    C1] NMI backtrace for cpu 1
[  422.997559][    C1] CPU: 1 UID: 0 PID: 1301 Comm: aoe_tx0 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[  422.997589][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  422.997604][    C1] RIP: 0010:check_preemption_disabled+0x1e/0x120
[  422.997633][    C1] Code: 90 90 90 90 90 90 90 90 90 90 90 90 55 41 57 41 56 53 48 83 ec 10 65 48 8b 05 4e 0e 23 07 48 89 44 24 08 65 8b 05 56 0e 23 07 <65> 8b 0d 4b 0e 23 07 f7 c1 ff ff ff 7f 74 23 65 48 8b 0d 2b 0e 23
[  422.997649][    C1] RSP: 0018:ffffc9000418f6f0 EFLAGS: 00000086
[  422.997664][    C1] RAX: 0000000000000001 RBX: ffffffff8b51f772 RCX: 0000000000000000
[  422.997676][    C1] RDX: ffff888027265a00 RSI: ffffffff8d78ae75 RDI: ffffffff8bc11fc0
[  422.997689][    C1] RBP: ffffc9000418f7e0 R08: ffff888023fc0f87 R09: 1ffff110047f81f0
[  422.997702][    C1] R10: dffffc0000000000 R11: ffffed10047f81f1 R12: dffffc0000000000
[  422.997714][    C1] R13: dffffc0000000000 R14: 0000000000000a02 R15: 1ffff92000831eec
[  422.997727][    C1] FS:  0000000000000000(0000) GS:ffff8881261f6000(0000) knlGS:0000000000000000
[  422.997741][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  422.997752][    C1] CR2: 00007f1e0898e368 CR3: 000000007b606000 CR4: 00000000003526f0
[  422.997768][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  422.997778][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  422.997788][    C1] Call Trace:
[  422.997796][    C1]  <TASK>
[  422.997804][    C1]  ? _raw_spin_lock_irqsave+0x82/0xf0
[  422.997823][    C1]  lockdep_hardirqs_off+0xab/0x110
[  422.997844][    C1]  ? _raw_spin_lock_irqsave+0x82/0xf0
[  422.997861][    C1]  trace_hardirqs_off+0x12/0x40
[  422.997880][    C1]  _raw_spin_lock_irqsave+0x82/0xf0
[  422.997899][    C1]  ? __pfx__raw_spin_lock_irqsave+0x10/0x10
[  422.997922][    C1]  uart_write_room+0xf0/0x840
[  422.997939][    C1]  ? skb_pull+0xc1/0x1d0
[  422.997966][    C1]  handle_tx+0x163/0x610
[  422.997993][    C1]  dev_hard_start_xmit+0x302/0x880
[  422.998026][    C1]  __dev_queue_xmit+0x1adf/0x3a70
[  422.998057][    C1]  ? __dev_queue_xmit+0x27e/0x3a70
[  422.998081][    C1]  ? __pv_queued_spin_lock_slowpath+0xa05/0xb60
[  422.998105][    C1]  ? trace_sched_exit_tp+0x38/0x120
[  422.998130][    C1]  ? __pfx___dev_queue_xmit+0x10/0x10
[  422.998154][    C1]  ? __lock_acquire+0xaac/0xd20
[  422.998181][    C1]  ? do_raw_spin_lock+0x121/0x290
[  422.998214][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  422.998232][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  422.998253][    C1]  tx+0x6b/0x190
[  422.998276][    C1]  ? __pfx_tx+0x10/0x10
[  422.998296][    C1]  kthread+0x1cd/0x3e0
[  422.998321][    C1]  ? __pfx_kthread+0x10/0x10
[  422.998340][    C1]  ? __pfx_default_wake_function+0x10/0x10
[  422.998363][    C1]  ? __kthread_parkme+0x7b/0x200
[  422.998379][    C1]  ? __kthread_parkme+0x1a1/0x200
[  422.998399][    C1]  kthread+0x711/0x8a0
[  422.998424][    C1]  ? __pfx_kthread+0x10/0x10
[  422.998443][    C1]  ? __pfx_kthread+0x10/0x10
[  422.998461][    C1]  ? __pfx_kthread+0x10/0x10
[  422.998479][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  422.998497][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  422.998517][    C1]  ? __pfx_kthread+0x10/0x10
[  422.998534][    C1]  ret_from_fork+0x4b/0x80
[  422.998550][    C1]  ? __pfx_kthread+0x10/0x10
[  422.998567][    C1]  ret_from_fork_asm+0x1a/0x30
[  422.998601][    C1]  </TASK>