last executing test programs:

57.51547948s ago: executing program 3 (id=448):
syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
r0 = socket$kcm(0x2, 0x5, 0x84)
setsockopt$sock_attach_bpf(r0, 0x84, 0x17, &(0x7f0000000000), 0x10)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r1)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
ptrace(0x10, r1)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$PPPIOCSPASS(0xffffffffffffffff, 0x40107447, &(0x7f0000000280)={0x2, &(0x7f00000001c0)=[{0x5, 0x2, 0x8, 0x1}, {0x7, 0xd1, 0x7a, 0x3}]})
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000580)=ANY=[@ANYBLOB="78000000130002002cbd7000fbdbdf2500000000", @ANYRES16=r0, @ANYRES64=r1, @ANYRESDEC=r0], 0x78}, 0x1, 0x0, 0x0, 0x1}, 0x0)
socket$inet6(0xa, 0x1, 0x0)
close(0x3)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x41, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3, 0x0, 0xfffffffffffffffe}, 0x18)
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000005c0)=ANY=[], 0x644}, 0x1, 0x0, 0x0, 0x48101}, 0x4004041)
r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000001200)=ANY=[@ANYBLOB="68030000140001"], 0x368}], 0x1}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffd}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')

57.002945845s ago: executing program 2 (id=451):
prlimit64(0x0, 0xe, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
syz_emit_ethernet(0x32, &(0x7f0000000000)={@random="93fc85ff30d2", @random="2ecafcc67af2", @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x2f, 0x0, @rand_addr, @multicast1}, {0x3200, 0x88be, 0x10, 0x0, @gue={{0x1, 0x0, 0x0, 0x0, 0x100, @void}, "f439992d"}}}}}}, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
wait4(0xffffffffffffffff, 0x0, 0x8, 0x0)
pselect6(0x0, 0x0, 0x0, &(0x7f0000000400)={0x1, 0x5, 0xffffffff, 0x30000, 0x80000001, 0x8, 0x4, 0x5e5e}, &(0x7f0000000480), 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0)
clock_getres(0x2, 0x0)

56.386895773s ago: executing program 2 (id=454):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000002c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
socket$alg(0x26, 0x5, 0x0)
landlock_create_ruleset(&(0x7f0000000080)={0x4190, 0x1, 0x2}, 0x18, 0x0)
r0 = creat(&(0x7f0000000340)='./file0\x00', 0x14)
read$FUSE(r0, &(0x7f00000003c0)={0x2020, 0x0, 0x0, <r1=>0x0}, 0x2020)
mount$binder(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x4000, &(0x7f0000000100)={[{@stats}], [{@func={'func', 0x3d, 'FIRMWARE_CHECK'}}, {@smackfstransmute={'smackfstransmute', 0x3d, '^+'}}, {@obj_type}, {@fowner_lt={'fowner<', r1}}, {@smackfsfloor={'smackfsfloor', 0x3d, 'wfdno'}}, {@smackfstransmute={'smackfstransmute', 0x3d, '.]}'}}, {@dont_appraise}, {@obj_user}]})
r2 = syz_usb_connect$printer(0x0, 0x2d, &(0x7f00000000c0)=ANY=[@ANYBLOB="12011b0000f300402505a8a4410001020b0109021b00010100c00009040000020701010009050102"], 0x0)
syz_usb_control_io$printer(r2, 0x0, &(0x7f00000011c0)={0x34, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001180)={0x20, 0x0, 0x1}})
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/crypto\x00', 0x0, 0x0)
close(r3)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
r4 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000ac0), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r4, 0xc0285700, &(0x7f0000000b00)={0x4, "abacd211119ca94c63377526aeb5ab2c7b9ca5fa07558139ede6dc06270ee042", <r5=>0xffffffffffffffff})
ioctl$SYNC_IOC_MERGE(r5, 0x541b, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000000)={0xffffffffffffffff, 0x6, 0x7})
write$P9_RVERSION(r3, &(0x7f0000000540)={0x15, 0x65, 0xffff, 0x600000, 0x8, '9P2000.L'}, 0x15)
execve(0x0, 0x0, 0x0)

51.843545541s ago: executing program 2 (id=456):
syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="120100001d906e20501dc6609b620103000109021b0001000010000904f7000176246700090582020002"], 0x0)
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000004c0)={'vcan0\x00'})
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$alg(0x26, 0x5, 0x0)
unshare(0x20020680)
r2 = syz_io_uring_setup(0x10b, &(0x7f00000000c0)={0x0, 0x0, 0x80, 0x1, 0x2000008}, &(0x7f0000000240)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_LINKAT={0x27, 0x50, 0x0, 0xffffffffffffffff, &(0x7f0000000340)='./file0/../file0\x00', &(0x7f0000000380)='./file0/../file0\x00', 0xffffffffffffffff, 0x0, 0x1})
io_uring_enter(r2, 0x47f9, 0x0, 0x0, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x35, 0x4, 0x2}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r7}, &(0x7f0000000040), &(0x7f0000000140)=r6}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r7, <r8=>0xffffffffffffffff}, &(0x7f0000000080), &(0x7f0000000380)=r5}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000300)={r8, &(0x7f00000001c0), &(0x7f0000000400)=""/198}, 0x20)
r9 = socket$inet_icmp(0x2, 0x2, 0x1)
setsockopt$IPT_SO_SET_ADD_COUNTERS(r9, 0x0, 0x41, &(0x7f00000001c0)={'raw\x00', 0x4, [{}, {}, {}, {}]}, 0x68)
clock_gettime(0x0, &(0x7f0000000000))
r10 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
preadv(r10, &(0x7f0000000180)=[{&(0x7f0000000080)=""/181, 0xb5}], 0x1, 0x1ff, 0x8)

51.679593913s ago: executing program 4 (id=457):
symlinkat(&(0x7f0000001040)='./cgroup\x00', 0xffffffffffffffff, &(0x7f00000003c0)='./file0\x00')
r0 = memfd_create(&(0x7f0000000180)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xecz\xabq\x95t*T9\xa9\b X \x04\"\x17\xbf\xcb\xccF\xda\xcf\xdd^\xa0\x15\xc0\xcb^h>\x1b\xb5d\xc7\x7f0\x9a&\xb0\x12#\x9c`\xa6\xed\x05\x95g\a\xccYb\xaf\xe9\xb6G?\x9f\xf5\xfe\xc1\xc0JJ\xc8\xd9d\x80\x13\x8fX\xb4\x19\xc4\\\xcb\x89-)\x90\x01\v\xac^\xdbBQ|\xaej;\x92\\\xf8u\x19Y\xee\x99EI\xf1t\xadn<\x9b\xc9\x87\xd0\xa7\x1a\x81\xb9\xc87sq\xd7\x15\xd6\x91O\x9c\x99!9>\xff\xa8\xfa\xe6=d\xcf\xca\xa9\xc61!\xc6P\x13\xd0\x88gZ\xbe\xdfl\xfa\xff\xb0m;d07tx\xbb\xabd\xe5\x16\xc4\xae\xf0', 0x0)
write$binfmt_script(r0, &(0x7f0000000a40)={'#! ', './file0'}, 0xb)
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000580)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000001a40)=""/102392, 0x18ff8)
r2 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$SIOCX25SFACILITIES(r2, 0x89e3, 0x0)
gettid()
openat$kvm(0xffffffffffffff9c, 0x0, 0x400, 0x0)
r3 = syz_open_dev$vim2m(&(0x7f0000000000), 0x800, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r3, 0xc008561c, &(0x7f0000000040)={0xf0f024})
r4 = syz_open_dev$video(&(0x7f0000000440), 0x8, 0x0)
ioctl$VIDIOC_S_SELECTION(r4, 0xc040565f, &(0x7f0000000940)={0xa, 0x0, 0x7, {0x8000, 0x1000, 0x4, 0x86c}})
ioctl$vim2m_VIDIOC_S_FMT(r3, 0xc0d05605, &(0x7f0000000100)={0x2, @vbi={0x9, 0x7, 0x7ffffffd, 0x4f565559, [0x1000, 0x1000007], [0x9, 0xffb], 0x108}})
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_CTHELPER_GET(r5, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={0x0}, 0x18)
prctl$PR_SET_NAME(0xf, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x8000)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xa, 0x4, &(0x7f0000000300)=ANY=[@ANYBLOB="1802000000000000000016000000000085000000ab00000095000000000000002fd4ccc6ceec348140d4dbf0b996899f303391d00351687938a771ce61113af188d60d392191a273a4fbea07aacdc9f3d87ca5ad212ec95b743df7f79226fe4caac3ebcc28d7d73d3366444df2252ced8e358d15a404400b6b5e325d3ecb99837680dccc89af8dcbd5"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
execveat(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
r6 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000280)='contention_end\x00', r6}, 0x10)
connect$802154_dgram(0xffffffffffffffff, &(0x7f0000000080)={0x24, @none={0x0, 0x2}}, 0x14)

51.005467723s ago: executing program 4 (id=460):
r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000040))
r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
r2 = syz_open_dev$sndpcmp(&(0x7f0000000200), 0x0, 0xa2c65)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000500)={0x0, 0xfffffffffffffd83, 0xfa00, {0x0, 0x0}}, 0xfdbc)
ioctl$SNDRV_PCM_IOCTL_SW_PARAMS(r2, 0xc0884113, &(0x7f0000000240)={0xfffffffe, 0x0, 0x0, 0x10001, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xfffffffe, 0x2})
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r5, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r7 = syz_open_dev$sndpcmc(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_DRAIN(r7, 0x80044100, 0xf0ff1f00000000)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r6, @ANYBLOB="01000000020000001c0012000c000100626f6e64000000000c0002000800010005"], 0x3c}}, 0x0)
sendmsg$nl_route(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=ANY=[@ANYBLOB="5400000010001fff29bd70008000000000000000", @ANYRES32=0x0, @ANYBLOB="00000000003f00002c0012800b00010067726574617000001c000280060010004e20000006000e000100000008000700ac1414aa08000a00", @ANYRES32=r6, @ANYBLOB], 0x54}}, 0x0)
openat$iommufd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sendmmsg$alg(r5, &(0x7f0000002d80)=[{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000340)="ad11de408ebcb91644cd5a128bbc8b4f2301c3d72f959e6242e208", 0x1b}], 0x1, &(0x7f0000000400)=[@assoc={0x18, 0x117, 0x4, 0x6}, @assoc={0x18, 0x117, 0x4, 0x3ff}, @assoc={0x18, 0x117, 0x4, 0x6}, @assoc={0x18, 0x117, 0x4, 0x8}, @assoc={0x18, 0x117, 0x4, 0x5}], 0x78}, {0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000540)="200ec9a956cd6f13414644104b72fc9a62093b0312909ad96e6f2bae43ef4588049b7a4e9a08abd748123935cc4e4ed3569ebd4e9302d167cae88f3b94ed3d59ebe5b0bc4a0bd5c4f642750c29ea07bb5a89b4e59d0c4bbb8d5d649ae46364b0a22e002e7f5778bd8d2f6cdc847c43b011837d1ecbfb1758483411b0acb538f1f2a6b8b3f0f50029aba1300e", 0x8c}, {&(0x7f0000000600)="b9638d713e7d51fe3ae84a9e54ac95b100a7e964cd6838742b8e3a35dd96ae6e63915fe0ffd1cc8b756d8094314ebb86cc2ec556ee0cfa9f999a9082d4161d5b615910b3bd50d9409a683d0180d5f5d858c1c568de69592691c22bb5e3ae278868d858ad95c8344750e869126fd1fa88916efa0174ae0a02dbada6b1a9a70b81c8c517e09f09cb70602cb0bdf972c5034c607f5eb6663886fd40a45a64", 0x9d}, {&(0x7f0000000b40)="57f2cbbce1055f2d4e6f2567ef11f2bc6602b26a9fccf82ff183141dd52fc0c7bf5eb882aab92fabada1478e4ad49048ea40c16bcae0498f8a36f181dd3190f65156c2a77d9158aa9fab6e2fdc82730e3369f385b747db51a815db63f530cebdfbf34e0d7bced19df7fb2ee296d58faff6bafd04b3e59c147b497a051e7b0ec03f51049960a7a64529a4dc174cd0c215977dd6d9f151e25c7d90a03fc9ee9920ad082465bb18ae7a607cd7012bcc94822c02d9103bdc9e3745e50f6e5f45b651c914b4985d246b33d1fceb081a019e8aadff393432174fd71b94932027c4e790ee1ceb9972e3370b337f860fcd57b8e9c25782d1f7e3d726830116009bc94989db7cf51dc0f9484082ea47913daaf88ffc6b67c6dfc5e12fc2a129f5106316d1b043c142d1aabecd3bef0017641fab4ce8cd2761d8772842edf3e558dabdd12baaf47bc47e5a7b23fdfa619fc5cd7619fbecd01142853c30f2b1e4a3fc2bd14764d1264219b918431b90a416f7e26d28a9e0a40a5886a495943a713b0c81dd4b0a806ee3a2c03158a2d8ad15ea81dfbe636d523318b72063d35910b99bc91473261bfbf5a4ec693ba5b1a250eb7e278a1254c0d756b019d72601ade69e186a4de5ba74178e8ddbd8209084641af5f7b6f9b2798201969996c10b32c89fc970011b0ddf3906fea2c5449b28c56ee24bb3bfb473daa56c83d0a5c3025a25eab21a43d20a4021d124718ec10396d591a1a24ba0e4d487191fd902ad9f2a40643361685419fc8e140c32172cb499c70aeca73faa4535f1dcac997ae1a0aabe6fa07412ffaec76aa4e8896e9db0dfcaa0c01e8b2a52322bb7e07963a155c5296788ce0bc6a8b117a1b38b9f1819d3b5eee83749173bc60f11e909c630ae7a45b7aa2c8662634ec487325136dcc9bb109dc9c88bcbec39c3eb4fbb8e935a8b467a7830142614cfc47161bf0e4189ed3c0fd747dc1aa1b23c803d115080149781ba3c227d61623ba6274e11d355e443bc2dc86108e3bf28fd2ba156229b95a3df28b63607fe4bd929a7dbc23a9e237f9962de077ef2e7d08ae95b1f56e5daf1b30702f9bce31a2ef254e6e34d7dc42d27b96ddf1d1ce3461cc0086a579d2f63dc8ce26bb6ff3842f9f24cf0d6edb6ba2cdeefe160a2884c14deeb28c6ab4cdb5dae9bdbc42b44b71828e8df1800f06d01775863cb94d0a6ab41ca6b8a859e4ca9142a9b9a8147122c74f76363aa32927021f7843a738c8876f8d1752cc90d2a37cbc0987b0a590d70cddf24f8c6471299f10492faaec33bc6ecc91f451c34a478e1c873bc07906a933f0e4cb6ef331f58bd93741de438565400a15471f3e585180d563c18035cba6c55c359a1f5960b7aefe2e603226bbbc24abce24b4491f1c49a78d2e177c661e82e83442ed0b07f25bee719a35a3164904a0aae1b4b57bf48add605237ae88bbdf32400d0f835c670db92154e7cba70df0c2c0ce5fa6363469207539a923472d3f79829fadb014958d342dc1d2f813ad992890efc08b656839cdf0bee40db8f4ab6a430c3ee71bbbda9625a8f3705ea249bf88da21b5b1658b3929b35d6d5f277cfb3582c8e1b74dd4bb7753c7f55ce2c4b4dfa1003d572f7a48260d953701b9c832be8a2e063d43524730043c13f4aea1c665a06997006823a651691a9752edfae7638bdf5fbff4439ff539e0f39bc2274b872ed0bb45c87e18c9f3ac5964ff8088b416c8ac79b7301459f5354c96ccc555e8a89506fdbc3241b684866702f42f49bf3be1400a18e8d62039ecdb08a4c37ea11d7895cf7f99deffb3fb829f5d5f20919f0a43893ce20f4b31fc42c240cfa047580e58fb681acfd1076b0b860972d1dff61c93d1f900ef3103659ba319d754ebbc48f7fe1720e094ada6808abe1b454c4ac20874fb962a45efed5106678a5d6fa159ee024c3c0a21e3ea965f83e0b7f450a674883cfc592afb8191df2b27f390af65cf1f700c0b66d7475c24ec1783c24e8c7bd0150e685e302629f84f988abf194efbcc183d0ff372c88795873d2fc7f5bf607727dda9d31ab62502070aa1a01be5b42a5146fd59ad5e522653019d71b1d209e257e7f66c612c74e0c48c97db80b79b4fe67349ac0a9ad613a39ab7a5751d16309ccc7b616160ca2361c0c13e00ff3b8798356011f0b2f3844c95b83a0000ba9b5b58d110ce0770f7ef677467b0cd62951a0245c0db67c7e987ad054a66a17f109a563930132e26b7aab54106844f2ba02b909e1d487fdbaa36021b97d8b750fa4a05a28ada50bcd99f5ec63700f03dfd0fd8f67c7d8e661cd5a9ca6a7f24b6550ff55d6f09bf81a45046a1864406eca8f15d7192c42ed8bf1e94ba933e6f8a549cb439cd49df6af9be14a87392d9f1d419e30f27323def1ea3a9db96fe005aa796ae52a8f6e31729ef46b609f9ab60d60250f76d3088054c7ef2302478fd9d01ff1cbe4121a2bb44eb17e14e81ff29395c901e03f1a82e2eb9073b220996e4ee923da35de82e9f74b56a00680f0c2d7e54332de48c08c3a82e59345d0d60bf3fdb382aa9f2e44eb5ab882cd71acb5683096412c4cd276c7078682b9b306d4719d52e5c3af617fe84beed85addf7daf2b42ec1ccdc67a212ae6e4747cf7c459449901c0d7fa2388807da4a329106e76c084290566865cf01a38cff0554144797adf0f142878b050b6dc85f11278c8202e6fdfd664da15359b173216a7a2e7d8e5b9e08e75085fd1f296738066dc365d91858d48e763da5a29150350f3359b5efd6a3428ef049344469901198ce0ec12a6e3a0d046839d42ab0a973b16a06e339dd26b8bf2fec25730747292ef9a380d1d1dfa7395987dc7a76c7eea2fcafdcf4e37c4fe4e2a1ba06dc733b65460f5530d1ba22116166fc416b1e531f6176f83454c0e1648aab10acab2cff94032c18b0086c881d7f8551aa1b74909dea924adae6b0fc083f1421830fd0043ac42dbbd3d8d2eca66d5cc3b922f7682facae5be3bf7ce5d8e3e809d92fba822857c335be179f913b18afdb7c51625eea339caf9c2296539c36e0744df71ad37b122a3e9837d14dfff9030a9e853e1c057c3e7d8ca84a91fe982f0dce0506838aae6de97f47647fdd6f4d40a07f4a20b592e2d2097a73808133820a3f987db4a61e373985ec660b0967d6aa029f0536b88b1a73122ac410fe9f6153192f1bc2d7f2d8d1724fb43fe5011c78175d52f05c14f149ca9c147b7cd65037785bc14e27cf9bcc1e92146ec207c093a4417a2dab454cbacf9ab7e5b28093d89a35d67ef2b9188458596437b46c0b00d89cce2f4724ddfd38a2d3519a38ab3a9f5c9a8978bcdd25dfa4e7903c22c1f60c13828325d4337ba4f6b207ca2956540f10c2fde8206e854127f25b2e996f238bbec2ff53ff62b632729a49316a5d9a3635d42fd096e904e03363c2a06fada77cd47ad48681e69cdceb1d95fc6078ec568c5d99fafd573132ba6a166d663b42bb3d4c4e5307f401320f6471ff80a7d5477bc97db2bb7a4fdb4c0ac9e9e70284adcc988308bb66cee676dea992956de118cafe175d440d1c5a0f282a5d9ff3bb058c51853d066f662c10589c8f6bff3ca17e95595e207acb622371a3f2b97cf3c8c890d08281848aa3c1d5a35f0c3b05fc355212fbb907772909a7bc4eeb55bd8944a888e9f99d52617e122367a1927e071fc5fc28eaa5aece17490cab221525b1664a3c852799d2085cf3cc73deddc8d3804fe7ca3529634d5f19c469312597bf2d64e15f5f19a2da010856e5d9aa1bceb8be57037f1813bf9efab8c9b7bb07b6abc5721a62e1c4eb91306c01b49130b64cd9b599b33cb975aed8c4025923320e4df58d45a9583bf0aea042f9566f147175bf74a5163cb319d1a1a089ae5c2427a9dab4b14f6b177171a0a6ffc95b507cc89f139633f9ff06b8c3dda295a00b6656e704949cc299c5a4a126c28cacc2c00b10db34aaefefae9190360bddab9fbbec9e4aec40f28445d5a4f3d775c3bb8b457c37efb9ba0a770accdf0a36b63da4026b0a9d162d19a1ed19a65caf3f6eeca406807bc2ca0fa115bef7258419a9db5a0f221119336f4be393c5e2fb5a8d8072b4710c21f4b7651dcab6d43371810a4dadfb2d16eff9fe0544cb44fc09bfcc96ac569b77e372fc3e39bdc3f0d982b89de7057be07c50b592ef95f074f25b6350343e2ef787c068d3216d8fc3ab9e4438d0fe89cd2fe1b028b6a3ed58ae3243d04addaeb32f9962e30acedc687afbd33475127308cd6e25b31bd30be6499259fbd9ab4b9a544b4bd5334016ad70d725f69c26947cd0d6ea234dc03d1b82f698c4f0e201ebcdf4542fbb0e8dfdcf67ff0c5a63e228ac22ff13028fb6b3b2f31b856a51066790cdd04f9e8ddadaf9718823c985f25588a18055b35f757717cf08a319c94fab338829ca177645506b44fb3d294386ea29f720fab24d6224c0bb2770b46d428be49693bd86867f5eee2256114337f391ac98793ac02ac210396db65d60a9b4348e1902a6c192b799ba9203751f955038ca44f10e61a05e556fe1a17d9a0ff0208f4b67ff9f9ab80599a3c1ae8dba66c8c9901c5c9f954b6c8c7e1e94209a33b3317d40c9ec1fd412f06e60a8b2aa3dc756099b6b3aefa8868449b3918c78928b1c8c0d206be48bc6eeff3e1f6df30d2c5e3fdc7b4235f5a7de2624feab36dad0364584c2e7501a614e90438d52358b5a26bea3f571b465fc1240ddbe81ff7a1edcc5f4a1b38c3e13d7da9cf5391ba0717e013e70f69e56362b753a28365fb9eb548e59433256f415837e26f0a7ae651145f82ccaf0d903f2122b500c195dee76dad788b030bd2b0ec37ba8c6bba0ae340f2a6b37b05efb431a7a68d24832f1ad9b23a34619ca60794dde6f2267fdc0e24d30061b4c1e42f608a7360af59a571b486b5aaf06862578fe4a3bb19fab282390da2efbc5829612931916761f99db5a802eade71373c8bcee96cbcc8f4db123ac2f828494311bddd2bc050cff4d2120395248d528fde082093ce69a9708580fdcd21ffdb55c597d215250725d9cea95edc712fee9d1f8a045225ff4fd35030ab1e66d3a65d5a9c89491618e6b00e9baf489a1adc44e1cdff8e57553d1f508488d01790f75be7387a530d576a085b5f4bdcad772b00d4bc60d506bd74ecbdc89c13fb2a7047071760c1b4316d2a99933069927e7d97dd7d25a1138aa70fb869a99daeb8b40e771dd01df011217c1073f02df790ac48a38f5b4a29d32583a87794f1c7856a58e427848568189ecb7a9f36a77fa1d92926ead3b04e5604e7c85801268660cfd68aae53425bbf01fe2360db92497b48144e18535e92b59ad132b88f3fa686e11d683022aa5f32b7644823f3caed644174bcbd570d63224a14f86eb652b61a97687524f63aab981aa8728e75a43d2bf986e62f221e300dd2cc365b4260a24b293343d841e64b77f8f30e83487f2af5a5939e89937f43a1338a8c73fc490f4db9c6cd4a129ac7701cc638124d49a21e5f400856187e34f4369aeb214349a4519a7a5b42aed324f170d299b12cf46019af71ed1bf0750a8954c5e04c0f1aa8f999c3f7ae91337d0baaaea1a62608d7b9e177efa48b89ed43b2db8338641404f70a81bc0636beecad4911226dc08a860abad9aa4c5f66f47293752c9eeeb9741ebf7968480d98b10febd3cf360589b1996ca28766e61dcec7690ce174638255b47127d88fcff9ebc738c9ec1c6ab964082397250d1e19ac85b293627cf6f43ca23635942d37ca7e127bff96acf57c0da67309bff51", 0x1000}, {&(0x7f0000001b40)="592cd3abb9c2883f98412e81f50c38592077081ee5e3d4f237265cf12c1bea3147cc405495640a77448b7517ba563c0039615ac901920c651dd97deedddd10470f0925725df7f497d7414e7ea7b3d856ade054449fdc47992feaa046fa4d4c274c4c10334df93d81676fa0e6655168de13953519f949935753e7b91f73cf898ba1afb232a763da9df05d8a06a0788e1475c0e3adf15018b3007df4e2ceb4d7c5199f6d9ce81bbb50641b1e11b0e1398519d3d185d088137e1b69cf69de92123680fa44d68c3a4326597e3b06774d62ee0338980d1925b12f20d24b733c9f9cd014ae131810e324ede6117bea98286224b412d22a914669605db5d1077dd762072fa4457a7d37bdcdd8cfdb803477558f7c3c63e065dd5a3cc0dd23b3b6de37910633a29111df4c42040eaa5f1cd10e16a78b4e8091443a4f8e90564b87918861a288e8462e2cf3b6dba42ccc52889791f196320ccca1c9b32f46a340a08ab4b6837045086baa00fa2d632825655f04cbb67d3545ba3fa997daa1583a1e5a8b7b17bb5d74dd893e6ff4bfbc5a4820468b570430d7074285bf92f1e2ec8e84c8d17d2473f8e28b96325ba6311ecf0103eed3423b806b2e1d554783edde180089cfd178d891777a17ac1a5ae4b87d1663cce16b14a6371ab5e23ed87983bf15229d1bbc6c1f4e5a7521d83b92afde2b6a716126d4f020b844d09a80b541e0086f8c5b07dcc11628885558f33952e009e860c56b97a5d21851549801464ae11063cb204a53a9188a39a24f3e651fb3559aab1ea5f4693da820ce7b765e7c40b69a693fdeb21eefd40e5db2e8d22ac72f72b0209bf3b79eef075ae776a47d66f2e5f1bdc442eccf54e061f55ec7994dd8e4d42d8c8f2beb3f9c38208a5555414f904b98f7d1caa9c5b6ee2250b813905a5bc4dd72855f07eaee5b4871ae9a37586756957c778ecffcd95c01e0708aa066da75b2d16812d42925c51dfced2c6c1b28503be476887aa8b084c5e86a532f80df9d640691d1db0bd16a94d379578807a1047b939dbc0a11b8a63fc9df19fc4d2a985eff695d6f670d769fcc1d6163b5f18310cfc2bc0cdc08a9ecb89166221a8d89602d8dac4929a7a4be275d17e5f240685a094224df163eaad3d307be9744fe6704b9586dcecaba5a749bb1a1be4f25af5931bd044d629506dff760f7a5a3da4e7c1209446559346c1383ef50022a37a154661570ee5bbce02ac2f7d8f5bb81612d20a5a7ca2991a13e19127e77856aeb08d01da00b3882a047cbe971274f6538d7e777620fe414457e799b40a418bcfd4dc5b8b38cfaa0ca00753e0123cee959ecc889432f98b009a3a5211014541d5ee6f7dad3bdd52452294521528b70e7dfcd702930c8243f8b261e2288aebbfcf759c27b6e5a1a7ac62a502ec177cf92f909ac6ba5fe8fd14b9822b56e9ec41fa7bcd1f74be90699691dd0ebed6267a3c4c64c502eeb2932502cd996aa67ace95f0138bf042660d6c2fea2e0da2e48bf21d46fb0793e95f97c834c57c7d4bae21a2370d8a6c744ec9295074a8fcd29c187d62e22debd91322f87953941ff142f365659d31f6ceeae8c604cd6d05aea8afc0deb0be8883fb054e1700dd8e85887a2ac80c9be3204cce1dfa339c5d312318890fc395b492b06fe17a5482928c1b9a5168a0667361e42c62e51a3636f17c8dd99417c56a394548740a4f2a4f309c0a61d2fb4599810faa5686a3e6ee9f9294aea7522c613590e45dc7e9b62a11bbc80d69f3bd3f57f1262dbde31b3e3097fd969de2182584975c337d9eb651adf252775803a3aa1d8ecd32b08ac55d5793ad17925e4cc750ecbb6650afd57098ab7dfa93cd5cad69baef839962dc62a464a4e6692099b10f8ca6a9678f968e1cf4c3ab5712cba8bf73b394662665414fe5241198dcd470dd5ba8b5fb368ae44beadd25698eb2ebac63a1ee818fc5b5c8c9e8f64e3051d4914926db4bd64bbc39a53e5064f0feaffc7ea8328e92fa51de7bf8b5b04ed9888ec5e407d9145f815f8c18aba4d0186bdde32e6f5779cedcd030f36b81fce6bc06b8a55491da2a58da6b91d43afb16ab25f747e4a387ce75f756bedc7c3d67f832ab139bf7ae8b6f454e4311b08152dfe96fa5510c6f0c2b2075394684d014ab80ac591dc761fd6cc9f07cd9e2292ad7df913753975da0e34033812f0ffc46ad351e28f784d19c1aaf2d720c954f9a1a19960f4fc875c88c8f06a854fd36d9dee1626d4165b1edb81273ea310e10163b58abef5bbc439713774c955e720172b4a5d42d45bfbd1041934a60f1211d8b64da73ed85c4aa0ca16e883731ea6c7d757ec1667f87fc3630846eca0c823e82b7d1fd6900f9498920382bc2755b7c94e7ff8446ed080b0035fff01e3fb33abb5dd757ef447c8211221d67f97b9dd2bbe18ef0eb97c2eb89b02fc3a658f8c3f3b5a6ff8eaa21feefc9017a3c6084e983aaa63b355ef57106540e617176e918109834f0c91ddf83fbbc825dc742d54635f59059411fa58f019836cad6a1e6eb43869fad0f3e27fd98fed947ca10e1a783541d181541a2b1ace18f4aa5641a5585d7acef74afab7bc02bad33cc295ec1b0cfbafde3d7397eafea4847140248ba6631d017902b3470e01e50100a78232645aac2b4ef6cea72a53515d9c3fd6225bb80436306edc0851a67d53051f34f7dd4ec4195da3e259a2aa55cec72cb0f3719e7306e44ffd2645edaa52945233d1bef823488a6c0809fd7a6250bd719982715546bb318ad036d4c502b2401b70c97bb98a9800dea7b07665d1cea8d630a40be684530ef7d2788a1528a08c9e4994a98850ecddaca806dbb297e4fdaa151838970295e7dc3e1efc2e4c0072731c5c2a0af6e18f892222f055b489b097c22fdb203d8bec8a899746bd1c93a2668aedda75a4f350191185256636a6b1bf51c0852b94b550cc8c9613794383e272191824db882b07b6c4e26db0579f0458cbab1a1aa2f605ef0464599c06f818d98e26d65f6de2925578d21edaa0eccf9ec914dfe254c0a0876ca8b65f57896f8c3e9a8c2f09e6c5a8bcf6cafc985574cf742d997ee8250e592b3ee26b9abf5317ff1e9160b59adafaab1c01c714e8f6a53334357383e23d4631427b35ee2ba6a492b0adbbb2898f8d86a13aeef9a8c1532c497fc960c9705d28487b8d4e5442c77df77b63d29aba067695db935b144055c131c027a8267dec414199df35540b5361df67b8904703b75cef225c2e4ee36da6c811078075d5d7514335112b34216974ededf4104c4568b9423348ba57f931f2c92934e59cdef239ff81b57ed96cba0de9fb2f8e480b40249dfc54605b9a50039b21a72a94bde4af049e35d6331332ac2e0a732037070048f47ddd08b3623747435e3f593ed575d551610b6f1c8ddeb9424921b3d514bab38676ce5402dfb03197f806fd0130bf6078f884cfd51709bb903a942ec66382f1153d86ef0c0077a3a682ae612e9c8d42ba1de6c9158f78d7988fe19ed1d80bee5b96cc928a6b7cc6ee68b1f2e2f86c95d748b842fec8f54a099744e2be6d52b6cbf2d05b1680f2bbee96ee69b7eab72cbc8385e6ef6673268029e36f339386f63ebbfb2ff2c5a5d5d334ae73c1d2d4ee31b4240e6f69533622819ca080537d87c8a906e0d40a510e80d471471e4317e144575ce947f542c59c527921c24987f815b219997c8482d34681fec576244a5e20cb4854d2ceb7ac2ea51789ba1edf079f5953bf87cbd561884f48ff0cc191978eb19a70ab19ed2421b90233a957e6fafab897b221dcde9e3e6dded704a1a151c700ba513674f9c85573803204b7f4a2cd294f24d42de2b5d5aadd8b34b667e64bb2437e08e58e9d7905f091f38314606095bed398b4598cb77ae3a23f5944b4a4baee550217aa17531d7297b88bb4625fd3e00db6ce3c22e3887f6af118989199368d90af2e80114c4f4b8844b295d32e84976edc959aa85bf3acc6ac7ac4c97173a927d5975855828ee637034e5876291fadccd0c2969cb6ebe26510de7bc60256f85a229c874989e3a60c0124baacbdd7b2712a9cb77386c3fba09eaf8ac892f4e76da5cfe5613afe1145c82d8139807dfa963740757fbe35258c5f9170233cb18587e0f140c34f7c609444757bd3cbd66bf16adc0cb74e569e9f119b91e67cb037711fdce9c89a6efc27e244c53e4d1b6015ec877894eafd9e15f0e967f9410300833707da11c049ca149334fe5b6328bbf7e13f2dd2fcb95f2e66685966c16c04db60766d9bd6d82eb9b7fa0dca2a720ff035b248410f5a1a74c878eb2d5be4a3b524c089cc5d78b646cd7309adcf20269a9027d12793fbb07924d2f44ff1144dadfe546c33383d927e9eb86920603e063492525e46be3481c92f70e430bee161ac95c50d9f34facea0d2639547b9d3b20edb145776df784d5ef7b951763043bda2d89ec2379d6a322f3425a6c9838d23da334aa4b996e972d2179c1cb2eea58c69008a7797015bd6a6e0dc1939cc43915a9232ffc097c1c47ed85c56bf2a27bfb2e7aca2a809c87761e89894a798954ab3f6a1af30499833724c2ca3e60a967033e4a434a63a02865833cff0065294c3874f0d6962600849d7d624cc8c0dfd996610ce644f8bffec08864d63531f591e26b73f15ac09b5af335b584cd4cbe5c445642f7b9eb58f8d1e2cbc1ab956ab0878e207755f773a03ebfc345a5460129f2f801fc54b2c838ca4fd393255e4afe7e56157e123ae1cdfd1d8e26c0ddb4e94084b3d6ab16331cc3954e4d343049eef177ad2e8f128b464bfb86bf52e7e4763613c5c25a4c52a0191108c8c7ffbc8b19a3773461e2b4a30dfaaf9ee183c2db5f9718ba027477c207621701245d19b715c2c96272e82e4c0e6855ca31c8fc59db3f6197c89a43ecec5a392091496dd99e94f9e20286b056815117361269b8002f082dc03ea2e5adefba0cd662464052da7745923f3dc608fe5eaa4f32db8d81ca47890d1b8dfc09d8e4c51f7976278ef03421d85b3a52a9efda41833df0456cb3d02a107af1a05dd927820979af02cfbb0cddcc3669c53a57d0893b55cbc562f407fbc1835a9414e961ffa90bd7d1b09806eadf1c1048cb2f30c56a0f4c1e98b485bcef3b8fbddd596cbe5ad9780ea3ecabb947e790b7ea594b140112f28a75314d7049f4569dffa3233c218c44ea4e1f4880e83b9a075a4266305dc7e944875afefa4a67f5bbdc8ce9713194e564362484cd0d25e5bc84650e605a0d027324806213a365b285084934a1aa35cef41d379c84e905b02f29dc57ef4093957547f718711d6be929e359d3bb83ce5b4bf5a363a269599d3a12df698bc8054c9f06e2d32ecf0254eb2076fc204ddc0704932aed677506979a33f75eaa31022bf222bd6b0e5c58f7b1d8c879639bfcc744e09c2dfb2d150484e7829be1b07a230605fdf540182fe6923acd84cf99908f17fde7f4ee81f793ef21924bbeb869dbb17811a4fd3fd7dc0f094384070aabf4ee0104287707afc6eab1030ef18ba787c4430a2f936323309999dd151ccf968db301f361b4d63167f6dcaf7678d1678d7edd361144d59b03d2c1aa25f965ac12d7c2dd607d1c7559b3b8ea1b10421f49ceb4bad85b682369027029a35ba49a46e164ac2d80a2b5e108d103dfe3f4821a453a310d5eef255860383ae520b73040109efb7e4ce300108c37ee09629d079126ab9ccc1db4edd16f4174e66aa0252f03a4d9bc45a1a73090e988ccb65206c850efd29c85201f5a84768e207f3b7a7ff580c7a75d10e", 0x1000}], 0x4, 0x0, 0x0, 0x20000090}, {0x0, 0x0, &(0x7f0000000a40)=[{&(0x7f00000006c0)="274a19f7253f6ca75e08d43878f45e5ef809977c3f2651e10d24560f1fa1fe3adb806576b283e916ab1ac437d486a3a75fee3950744fae15191d13e48e2095024b3d885186b2aba477f5fd7fbc9dce87ae16a5640628b5bf0b709ff234830c58ce04e9f2f74b9494e16e420f050f5d3cef2027f8ff8a1cabb8c489a5fa89c33270d25a865e9ba1dedbb5064104308eb435bbb3db46e9714bc22a22c77750953e0ac043ff170497c685482c", 0xab}, {&(0x7f0000000780)="92cb2a29e7b32f8a084c76b8de5b8b4d8bbed19115f3af7827bc74b2059d943aa9a65c45fd54067a298538416ed5fbb642c48ea2e2a66fc210ae5987c57758ae03e7450de7d6112d0ffc7eca948c4b90a1d0ca816e5636dd141aa7ad79b3337b70a1d81de2d57879085c168b3bc0299e42106568cb9b5aff979b13bcfbce60881ba179506a0986d4430c4281cba9fd6402c033e685720f40c3fc1fdcfcc6b6df69e37b75fca459", 0xa7}, {&(0x7f00000004c0)="04574afe02bb06f13387629e", 0xc}, {&(0x7f0000000840)="359d8abe8812adc1ff71f3bfd5799507ab15fbbd160c82cf4d", 0x19}, {&(0x7f0000000880)="97a3bed8fcbcfb4cfa20f7f86f43a1c27241d718e60f7eae3d7438392751070c7fd4aec5a26bf8456f2a8ed002080227d11690db849ae75c79780ae4bfe5cd897d0ef1b7847a4dbfaf23e0e9c74d72421915a41412082238bb1fcacad1a8f77ab8", 0x61}, {&(0x7f0000000900)="3fcffb1a79005ac6d0d4cba122ef916664516a5db36aae35066bf35ff34a152e18eb35ae62bc4d98644eaa179727b0ef7ed3746f5401109165b827838cd8ca6943a9b15095da9da851a9f13331bcc685a5983d844ecf5531620a5b585ec02ed49c18bdf79db82ef9e6f3d1e07dd26a8d3b3bab7adf63b68a902e946d21e3c5d04014d890c3f36019fffaca04a2c550f02759f39ade2910e79c7fd769725962abb2c6da33929daf2a2e3c0b78d5e651d4f21acfe0db1bb5fa43acccf34825ec7b90dc0cfd6bdb43bfe83df76c13a8896ed0130beb79f237e69e07f2f41f1daa24bcf3ddf76289d646d4", 0xe9}, {&(0x7f0000002b40)="88082b9c704804f2ba39e7135a99a8f8a1b5b783f0c70f643cebad7f008d5bd2c0a10ff6ab69f2c292c99598d19018cbb9268658ecad7d89b65bfd7a602f53a78f7d5262a5d0c99139b0480c6af5639ec6104e6d6430d811048eaab7eeaab67b8907014fa28518864b4b1d6136f48c98a2f3cd75de2d5eb5ddfcd23d7770f232698bcf2a5266ac4a422d59ffc4676128175ae68435e9b45eae5ad45863ad106ae59bec22e6cc5099ba6236717f67c6665ea25deb04e355c2fb6744b261edeae0f0479c6eee34", 0xc6}, {&(0x7f0000000a00)="f69f705d14c17e8716aa4ef3ce179696ba849975b9a9714c7207f880e7270bff26e135f26fa0966a23c2bf0b5bd193fd", 0x30}], 0x8, &(0x7f0000002c40)=[@iv={0xe0, 0x117, 0x2, 0xc6, "c76db424563ab8b0f404e5592418fb40a46947e027596c95ff12b1315657fc5b1b3a78cd9e926e764cd87425d4d1079adba66f67b162a4af61ec209998a0d3b8eae14a020bf2d40af701c040bc602db8d1b58035d6ddf29079b41a991059dc387db36b24607586699430ce597c5fe6246f1934f1411f9d9f9287a511ee360296ae87345a31c6488b111f8c31d8a86ad0e67d7fbae81588140f0690c6bd4d6f7ef94fc74a6458aa580860bfec39118a319c42af052fcb981de573570a881b709af72325280384"}, @assoc={0x18, 0x117, 0x4, 0xff}, @op={0x18, 0x117, 0x3, 0x1}], 0x110, 0x4008000}], 0x3, 0x20000004)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r8 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r8, &(0x7f0000019680)=""/102392, 0x18ff8)
r9 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r9, &(0x7f0000000040)={0x1f, @fixed}, 0x8)
listen(r9, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x42031, 0xffffffffffffffff, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$netlink(0x10, 0x3, 0x4)

50.916805444s ago: executing program 3 (id=461):
bpf$BPF_PROG_ATTACH(0x8, 0x0, 0x20)
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r2}, 0x18)
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r3, &(0x7f0000000140)={0x28, 0x0, 0x2000, @host}, 0x10)

50.36069643s ago: executing program 3 (id=464):
prlimit64(0x0, 0xe, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
syz_emit_ethernet(0x32, &(0x7f0000000000)={@random="93fc85ff30d2", @random="2ecafcc67af2", @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x2f, 0x0, @rand_addr, @multicast1}, {0x3200, 0x88be, 0x10, 0x0, @gue={{0x1, 0x0, 0x0, 0x0, 0x100, @void}, "f439992d"}}}}}}, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
wait4(0xffffffffffffffff, 0x0, 0x8, 0x0)
pselect6(0x0, 0x0, 0x0, &(0x7f0000000400)={0x1, 0x5, 0xffffffff, 0x30000, 0x80000001, 0x8, 0x4, 0x5e5e}, &(0x7f0000000480), 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0)
clock_getres(0x2, 0x0)

46.2907334s ago: executing program 0 (id=465):
r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x100)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
r3 = syz_open_procfs(0x0, &(0x7f0000002400)='net/netstat\x00')
read$FUSE(r3, 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x10, &(0x7f0000000040)=ANY=[], 0x0, 0x4, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r0, 0xc018937c, &(0x7f0000000280)={{0x1, 0x1, 0x18, r4, {0x4}}, './file0\x00'})
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nbd(&(0x7f0000001840), r5)
sendmsg$NBD_CMD_CONNECT(r5, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x40800)
r6 = open$dir(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdirat(r6, &(0x7f0000000080)='./file1\x00', 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000180)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}]})
chdir(&(0x7f0000000380)='./bus\x00')
r7 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x101042, 0x0)
io_submit(0x0, 0x3, &(0x7f00000002c0)=[&(0x7f0000000280)={0xffffff7f00000000, 0x0, 0x0, 0x1, 0x0, r7, &(0x7f0000000140)='i', 0x1, 0x10000000000000}])

45.63125889s ago: executing program 0 (id=466):
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
lseek(0xffffffffffffffff, 0x100000000, 0x4)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000002c0), 0x7e00, 0x0)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb=0x26, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x0, 0x5}, 0x8}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001240)={0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f00000002c0), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
socket$netlink(0x10, 0x3, 0x12)
r1 = getpid()
prlimit64(r1, 0xe, &(0x7f0000000000)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="44100003040000000000000000000100c1", @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800b00010062726964676500001400028005002b000300000005002a0000000000"], 0x44}, 0x1, 0xffffffea, 0x0, 0x4004}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
preadv2(0xffffffffffffffff, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_LIST(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c0000000706010800000000000010000a00000405000100070000"], 0x1c}, 0x1, 0x0, 0x0, 0x20000005}, 0x80)
socket$nl_route(0x10, 0x3, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000020000000000000080000000950000000000000018180000", @ANYRES32, @ANYBLOB="00000000000000000000000010ffffff00b15b84000000000000001812f70d", @ANYRES32=0x1, @ANYBLOB="0000000000000000b703000000000000850000000c000000"], &(0x7f0000000080)='syzkaller\x00', 0x3, 0x29, &(0x7f00000000c0)=""/41, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000100)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000140)={0x2, 0xa, 0x6, 0x9}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000000180)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x1], &(0x7f00000001c0)=[{0x3, 0x1, 0x6, 0x3}, {0x2, 0x6, 0x5, 0x5}], 0x10, 0xffff}, 0x94)
fsopen(&(0x7f00000001c0)='jffs2\x00', 0x0)

45.452752819s ago: executing program 2 (id=467):
syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="120100001d906e20501dc6609b620103000109021b0001000010000904f7000176246700090582020002"], 0x0)
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000004c0)={'vcan0\x00', <r1=>0x0})
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$alg(0x26, 0x5, 0x0)
unshare(0x20020680)
r3 = syz_io_uring_setup(0x10b, &(0x7f00000000c0)={0x0, 0x0, 0x80, 0x1, 0x2000008}, &(0x7f0000000240)=<r4=>0x0, &(0x7f0000000280)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_LINKAT={0x27, 0x50, 0x0, 0xffffffffffffffff, &(0x7f0000000340)='./file0/../file0\x00', &(0x7f0000000380)='./file0/../file0\x00', 0xffffffffffffffff, 0x0, 0x1})
io_uring_enter(r3, 0x47f9, 0x0, 0x0, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{}, &(0x7f0000000040), &(0x7f0000000140)=r7}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{0xffffffffffffffff, <r8=>0xffffffffffffffff}, &(0x7f0000000080), &(0x7f0000000380)=r6}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000300)={r8, &(0x7f00000001c0), &(0x7f0000000400)=""/198}, 0x20)
connect$can_bcm(r0, &(0x7f00000000c0)={0x1d, r1}, 0x10)
socket$inet_icmp(0x2, 0x2, 0x1)
preadv(0xffffffffffffffff, &(0x7f0000000180)=[{&(0x7f0000000080)=""/181, 0xb5}], 0x1, 0x1ff, 0x8)

45.401566801s ago: executing program 4 (id=468):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
dup(r2)
syz_open_dev$admmidi(&(0x7f0000000140), 0x20, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r5 = socket$netlink(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c000000020385000000000000000000000000000800010001000000"], 0x1c}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'veth0_vlan\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x0, {0x0, 0x0, 0x0, r7}}, 0x24}}, 0x0)

45.120414999s ago: executing program 3 (id=470):
symlinkat(&(0x7f0000001040)='./cgroup\x00', 0xffffffffffffffff, &(0x7f00000003c0)='./file0\x00')
r0 = memfd_create(&(0x7f0000000180)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xecz\xabq\x95t*T9\xa9\b X \x04\"\x17\xbf\xcb\xccF\xda\xcf\xdd^\xa0\x15\xc0\xcb^h>\x1b\xb5d\xc7\x7f0\x9a&\xb0\x12#\x9c`\xa6\xed\x05\x95g\a\xccYb\xaf\xe9\xb6G?\x9f\xf5\xfe\xc1\xc0JJ\xc8\xd9d\x80\x13\x8fX\xb4\x19\xc4\\\xcb\x89-)\x90\x01\v\xac^\xdbBQ|\xaej;\x92\\\xf8u\x19Y\xee\x99EI\xf1t\xadn<\x9b\xc9\x87\xd0\xa7\x1a\x81\xb9\xc87sq\xd7\x15\xd6\x91O\x9c\x99!9>\xff\xa8\xfa\xe6=d\xcf\xca\xa9\xc61!\xc6P\x13\xd0\x88gZ\xbe\xdfl\xfa\xff\xb0m;d07tx\xbb\xabd\xe5\x16\xc4\xae\xf0', 0x0)
write$binfmt_script(r0, &(0x7f0000000a40)={'#! ', './file0'}, 0xb)
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000580)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000001a40)=""/102392, 0x18ff8)
r2 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$SIOCX25SFACILITIES(r2, 0x89e3, 0x0)
gettid()
openat$kvm(0xffffffffffffff9c, 0x0, 0x400, 0x0)
r3 = syz_open_dev$vim2m(&(0x7f0000000000), 0x800, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r3, 0xc008561c, &(0x7f0000000040)={0xf0f024})
r4 = syz_open_dev$video(&(0x7f0000000440), 0x8, 0x0)
ioctl$VIDIOC_S_SELECTION(r4, 0xc040565f, &(0x7f0000000940)={0xa, 0x0, 0x7, {0x8000, 0x1000, 0x4, 0x86c}})
ioctl$vim2m_VIDIOC_S_FMT(r3, 0xc0d05605, &(0x7f0000000100)={0x2, @vbi={0x9, 0x7, 0x7ffffffd, 0x4f565559, [0x1000, 0x1000007], [0x9, 0xffb], 0x108}})
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_CTHELPER_GET(r5, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={0x0}, 0x18)
prctl$PR_SET_NAME(0xf, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x8000)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xa, 0x4, &(0x7f0000000300)=ANY=[@ANYBLOB="1802000000000000000016000000000085000000ab00000095000000000000002fd4ccc6ceec348140d4dbf0b996899f303391d00351687938a771ce61113af188d60d392191a273a4fbea07aacdc9f3d87ca5ad212ec95b743df7f79226fe4caac3ebcc28d7d73d3366444df2252ced8e358d15a404400b6b5e325d3ecb99837680dccc89af8dcbd5"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
execveat(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
r6 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000280)='contention_end\x00', r6}, 0x10)
connect$802154_dgram(0xffffffffffffffff, &(0x7f0000000080)={0x24, @none={0x0, 0x2}}, 0x14)

44.31071211s ago: executing program 3 (id=472):
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x88}, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a300000dd000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001380)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x8}}, [@NFT_MSG_NEWRULE={0x2c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x452369c81ff10127}}}, 0x54}}, 0x0)
connect$rose(r0, &(0x7f0000000040)=@short={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, 0x1, @default}, 0x1c)
connect$rose(r0, &(0x7f0000000100)=@full={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x0, [@null, @null, @default, @default, @bcast, @null]}, 0x40)

44.036970466s ago: executing program 1 (id=474):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$inet6_IPV6_RTHDRDSTOPTS(r0, 0x29, 0x37, &(0x7f0000000000)={0x6, 0x0, '\x00', [@padn]}, 0x10)
sendmsg$nl_xfrm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xfc, 0x19, 0x1, 0x70bd2b, 0x4, {{@in6=@loopback, @in=@rand_addr=0x64010105, 0x0, 0x0, 0x0, 0x81f, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xc, 0x0, 0x200000, 0x20000000, 0xffffffffffffffff}, {0x0, 0xa00, 0x407ffffffffffe, 0x820000000000002}, 0x0, 0x0, 0x1}, [@tmpl={0x44, 0x5, [{{@in=@empty, 0x0, 0x3c}, 0x2, @in=@multicast1, 0x6, 0x4, 0x3}]}]}, 0xfc}, 0x1, 0x0, 0x0, 0x1}, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0x398, @empty}, 0x1c)

43.966119687s ago: executing program 1 (id=475):
sendmsg$NFT_MSG_GETRULE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000540)=ANY=[@ANYBLOB="78000000070a010300f40652820000000a0000060900010073797a3100000000585b206a8199cd00048054000180090001006d657461000000004400028008000140000000a36dd6e0400000000f00140800014000000003080003400000000b08000140000000150800024000000001080002"], 0x78}, 0x1, 0x0, 0x0, 0x40080}, 0x4000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), r0)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r0, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000580)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000040200f2c8dc1b000000180001801400020073797a5f74756e0000000000000000000c000280"], 0x38}, 0x1, 0x0, 0x0, 0x20000844}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000140)=ANY=[@ANYBLOB="61158c000000000061134c0000000000bfa00000000000000705000008004ef02d3501000000000095000000000000006916000000000000bf67000000000000350605000fff07206706000004000000160302000ee60060bf500000000000000f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9d0cc7d3b4814261bdb94a050000a28a404be266df76965947c73c00c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b540dcfc7ad0500c4063b3b8754c0686cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44e2a2235c8ac86d8a297dff0445a15f21dce431e567238809000000000000000ae2fb494059bba8e3b680324a188090eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb40000000000000000000000000040007abf9c20d89cbc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000007b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eb29000000000000003cc3aa39ee4b1386bab561cda886fa64ffffff7f473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d632bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59801fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db88aa3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d00000000d3114dbc7e2bf2402a75fd7a5573336004088000000000000000fb38c7f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0a4da65396174b4563d54b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2b517dc4a29b9cba8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf73400000000000000cc308e936d7637e07c4a2a3bc87b0da23c00d9ef418cf19e7a8c4c328be0ce91798adc2dca8710d5c617df01f82a73f6bd61d1f5b2a443faa9bda0577383dc18402cde8bf777b2eaa45c940aabc86b94f8cbde4d470667bee722a6a2af483ad0d3415ed0f9db009acaba9eaea90000d154ba10a8e51489a614e69722bac30000000000000000000000000000c5dfd188ff555285b9743d3aac000583f42d168613151d681a2f71373f20d92c9048407c91fabecfe8a10300004d127edab14ba61ba1cfc4336324c86f3dcb43e9a58208077e90f6ec1c7ac756f61dcc372cdd30b82507489f0bbfbd3c3f21752e81319c0161e154ceb16e00bc7f5a6962dff317f4d014786e432817064874d69a39cb0da31bcc5f81894d8a80756447322207b4007dff12eb95066cc6bc256f0a12282224bb031bbee6d23cef7074f6d718b06ca80b57aa183dd0c39e9d8547c666b6764a3c7dd62a94eee45881441f2b89b4c67aa9882281393954972046974f18df232cd7fca610e33f51c2d062020f403d85ff36c26e2f6bd1d82f4d3ceb3472d9a77e0057a3bfe697d9ab7585f4a1b381343d2cf855689232f4fc5135790662dc1419a365b5b11df7216652b5703f31e078ecdefe8e6bfc45a9980a7a8de863e3477dd47d0f11611ca92d89641a183c8f629f17cfc28fde209a793d9c0cdde3bb3f82670d33396982988b9f5207a732908fdf1506f307ccae47a69319ee2242272e4f7ceb7a40e49a21ce6405af3ecb3381bf0668749c81fc6c2d97e68a693e3e622af52e572f4fa7b20d5c72cf5ff8016461130a46803de45029489921a48bd7688dd593e4a3e9803263ecbd8ae8570293508ebe5fabc1842cbc01ae8fabbf41820c31b7bb83a3439d4540f839ed5c23828a33d7645baa1ec32bb7aa8a786bb0997ccf6bba0a2cf6ef2157a63974d5e525a3f3f7f993ea9e82732ccc2e12c631012175d5d474bef818bdf8f27a7e563684a225dee6ca5f5ff18a89ac6c627ff0e0e4769b6fbcfc847b20960704a4b13e962333bddb966de8bcade6f6bd3915a580ddec2e1bd88fbfdb749789cdc946822212f1cbacb03ba8d3e51e48ccdae20a43bf79ca0131b830620a97877242989e78dfec1d6df5f97ca5cddece50d0cae5d6eabbc1913aa3660e0b00000000000000000000004000bc16b71cb118d93461aa2914d6e454ef05c41beab7382787ba46b68c8d8b35da9fb58b259b4447b59c667ddcac0bb2d066eb0579be84bdca8ed5d693411b7e5b21efaceddacef03daa9772f2715b5613ae0d88f8d109e36f8b8871b646d9ebbcc25d527ad3f828c92cb6597f82ed4d496a519007781be0c7cac07fc508a585f415ef81a887475286df80fb6ff9c6524d0e22d50f88ca15545bc688063b04eb8e0248aca60b9983dd5966216499ccfc0551f6e0323859ae64f55e4d496a695f8e6382aa714b92f95dcfd0b456d9ce7a24f736e4009ef64230e8f83f8283a4cc5f178d4698b94ccd8d0e0e3e2e35e1a7ac0cb3ee52013e8c2802d2f89b3f708fb53c17c3e4fbe0326ee510c4317b5f5f1eb34ca8441c23755acfc469909b16fba134de01d484c1b380622d37"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x37de6c8a68769c38}, 0x48)
r2 = socket(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f00000003c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x398, 0x1c0, 0x178, 0xc, 0x0, 0x178, 0x2c8, 0x258, 0x258, 0x2c8, 0x258, 0x3, 0x0, {[{{@ipv6={@loopback={0x1f0}, @mcast2, [], [], 'team_slave_0\x00', 'netpci0\x00'}, 0x0, 0x190, 0x1c0, 0x0, {}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'kmp\x00', "fc6b061134c5d5c8465af5f5caa5bd6c0dde77ff83daa984c0d76167e0608dcaa2caff7bd9c5923cccd5b483df8124249f91b8c3c2cea9bed64dc935a975401a68e34a04c1f15e50050729ba985e8c1576994e350d93a782668d4d51a1bc76bba1fde09794922ae65a804c56f092e430ebb8fa892d671c8c8035cae06810f8c6", 0x20}}, @common=@unspec=@addrtype1={{0x28}, {0x0, 0x0, 0x8}}]}, @common=@inet=@SET2={0x30}}, {{@ipv6={@private1, @mcast1, [], [], 'wg2\x00', 'hsr0\x00'}, 0x0, 0xd0, 0x108, 0x0, {}, [@common=@icmp6={{0x28}, {0x0, "08db"}}]}, @common=@inet=@SET3={0x38}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3f8)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_PMKSA(r2, &(0x7f0000000c00)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000bc0)={&(0x7f0000000cc0)=ANY=[@ANYBLOB="4c000000354bda19ad4445f288e1db1eff76f52f05a4a7df7e9e202d4abe06f73703836971c457a93420f5d3c356fda0d631749b11ad9d897f78c2383bb2fd3b6261ccb6a8adc92df70fa742bb2c6072f47b7387999b9114b2b9ec07942ed165a559acd7bd577a742eeb0ccbd086779c75f95d89966708110f1369fcd6d87d3472ddf505", @ANYRES16=0x0, @ANYBLOB="00012cbd7000fddbdf253400000008000300", @ANYRES32=r3, @ANYBLOB="0c00990009000000530000001400fe00ce263a2de01b3ad6fa4c1d0cd4fa26fc0f003400328e67684a0f6f02f00c5700"], 0x4c}, 0x1, 0x0, 0x0, 0x4000805}, 0x4000000)

41.885882263s ago: executing program 0 (id=476):
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000100)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x20, 0x20, 0x2, [@func_proto, @func_proto={0x0, 0x1, 0x0, 0xd, 0x0, [{}]}]}}, &(0x7f0000000f40)=""/4089, 0x3a, 0xff9, 0xa}, 0x1f)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$bpf(0x0, &(0x7f0000000500)='./file0\x00', &(0x7f0000000540), 0x80, &(0x7f0000000800)={[], [{@smackfstransmute={'smackfstransmute', 0x3d, '^'}}]})
r0 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ff1000/0xf000)=nil, 0xf000, 0x2000002, 0x1010, 0xffffffffffffffff, 0x8000000)
r1 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee1, 0x0, 0x2, 0xbfdffffc}, &(0x7f0000000000), &(0x7f0000000280))
io_uring_enter(r1, 0x47f6, 0x0, 0x2, 0x0, 0x0)
r2 = mmap$IORING_OFF_SQES(&(0x7f0000ff6000/0x1000)=nil, 0x1000, 0x8, 0x10010, r1, 0x10000000)
r3 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(r0, r2, &(0x7f00000000c0)=@IORING_OP_MKDIRAT={0x25, 0x8, 0x0, r3, 0x0, &(0x7f0000000080)='./file0\x00', 0x34, 0x0, 0x0, {0x0, r4}})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r5=>0xffffffffffffffff})
connect$unix(r5, &(0x7f0000000200)=@abs={0x1, 0x0, 0x4e22}, 0x6e)

41.779711528s ago: executing program 4 (id=477):
r0 = openat$sysctl(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/sys/net/ipv4/tcp_recovery\x00', 0x1, 0x0)
unshare(0x8040600)
syz_open_dev$sg(0x0, 0x0, 0x0)
r1 = syz_open_dev$loop(&(0x7f00000000c0), 0x41054c3b7, 0x250883)
r2 = syz_open_dev$evdev(&(0x7f0000000080), 0x2, 0x842)
ioctl$EVIOCGBITSND(r2, 0x40044591, 0x0)
mount$9p_fd(0x0, &(0x7f0000000340)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB="2c776664016fbd", @ANYRESHEX=r2, @ANYBLOB=',\x00'])
sendmsg$MPTCP_PM_CMD_SUBFLOW_CREATE(0xffffffffffffffff, 0x0, 0x20040004)
ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000140)={'\x00', 0xfff8, 0x7f, 0x10000, 0x0, 0x6})
ioctl$BLKTRACETEARDOWN(r1, 0x1276, 0x0)
r3 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x401)
r4 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f0000000480)={0x56, 0xfffe, 0x0, {0x0, 0x1}, {0x80, 0x2}, @const={0x0, {0x1000, 0x0, 0xfffb}}})
write$char_usb(r4, &(0x7f0000000040)="e2", 0x2250)
syz_open_dev$dri(&(0x7f0000000080), 0x1ff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$MSR(&(0x7f0000000100), 0x0, 0x0)
read$msr(r5, &(0x7f0000032680)=""/102400, 0x19000)
prctl$PR_SET_THP_DISABLE(0x44, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_FASTOPEN_KEY(r6, 0x6, 0x21, &(0x7f0000000180)="e4d79b3b828024b59aa49c257addff4e", 0x20)
getsockopt$inet6_tcp_buf(r6, 0x6, 0x21, 0x0, &(0x7f0000000140))
recvmmsg(0xffffffffffffffff, &(0x7f0000000b00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40010161, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount(&(0x7f0000000000)=@nbd={'/dev/nbd', 0x0}, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000380)='rpc_pipefs\x00', 0x18642, 0x0)
ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000b40)={'\x00', 0x803, 0x533, 0xc, 0xfffffffffffffffd, 0x59c, 0xffffffffffffffff})
pwrite64(r0, 0x0, 0x0, 0x2)

41.728810712s ago: executing program 1 (id=478):
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x7, 0x0, 0x0, 0x0, 0x4}, 0x94)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f0000000100)={0xfffffffd, 0x5, 0x0, 'queue0\x00', 0x5})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x18, 0x3, &(0x7f0000000940)=ANY=[@ANYBLOB="1800000008000000000000000000000095"], &(0x7f0000000240)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='contention_end\x00', r0}, 0x10)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8b05, &(0x7f00000004c0)={'wlan0\x00'})

41.655480851s ago: executing program 1 (id=479):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f00000000c0)='GPL\x00', 0x3}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r0}, 0x10)
r1 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x100000a, 0x5d032, 0xffffffffffffffff, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x0, &(0x7f0000000340), 0xc06620, 0x4)

41.027778433s ago: executing program 0 (id=480):
prlimit64(0x0, 0xe, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
syz_emit_ethernet(0x32, &(0x7f0000000000)={@random="93fc85ff30d2", @random="2ecafcc67af2", @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x2f, 0x0, @rand_addr, @multicast1}, {0x3200, 0x88be, 0x10, 0x0, @gue={{0x1, 0x0, 0x0, 0x0, 0x100, @void}, "f439992d"}}}}}}, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
wait4(0xffffffffffffffff, 0x0, 0x8, 0x0)
pselect6(0x0, 0x0, 0x0, &(0x7f0000000400)={0x1, 0x5, 0xffffffff, 0x30000, 0x80000001, 0x8, 0x4, 0x5e5e}, &(0x7f0000000480), 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0)
clock_getres(0x2, 0x0)

40.932560463s ago: executing program 4 (id=481):
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
lseek(0xffffffffffffffff, 0x100000000, 0x4)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000002c0), 0x7e00, 0x0)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000340)={'syztnl2\x00', 0x0})
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb=0x26, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x0, 0x5}, 0x8}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001240)={0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f00000002c0), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
socket$netlink(0x10, 0x3, 0x12)
r1 = getpid()
prlimit64(r1, 0xe, &(0x7f0000000000)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="44100003040000000000000000000100c1", @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800b00010062726964676500001400028005002b000300000005002a0000000000"], 0x44}, 0x1, 0xffffffea, 0x0, 0x4004}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
preadv2(0xffffffffffffffff, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_LIST(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c0000000706010800000000000010000a00000405000100070000"], 0x1c}, 0x1, 0x0, 0x0, 0x20000005}, 0x80)
socket$nl_route(0x10, 0x3, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000020000000000000080000000950000000000000018180000", @ANYRES32, @ANYBLOB="00000000000000000000000010ffffff00b15b84000000000000001812f70d", @ANYRES32=0x1, @ANYBLOB="0000000000000000b703000000000000850000000c000000"], &(0x7f0000000080)='syzkaller\x00', 0x3, 0x29, &(0x7f00000000c0)=""/41, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000100)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000140)={0x2, 0xa, 0x6, 0x9}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000000180)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x1], &(0x7f00000001c0)=[{0x3, 0x1, 0x6, 0x3}, {0x2, 0x6, 0x5, 0x5}], 0x10, 0xffff}, 0x94)
fsopen(&(0x7f00000001c0)='jffs2\x00', 0x0)

40.433871341s ago: executing program 1 (id=482):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000340)=@deltaction={0x29c, 0x31, 0x2, 0x70bd2b, 0x25dfdbfb, {}, [@TCA_ACT_TAB={0x8c, 0x1, [{0x10, 0xa, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'csum\x00'}}, {0x10, 0x1b, 0x0, 0x0, @TCA_ACT_KIND={0xa, 0x1, 'pedit\x00'}}, {0x10, 0x14, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'vlan\x00'}}, {0x10, 0x1b, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'mirred\x00'}}, {0xc, 0x6, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x9}}, {0x14, 0x2, 0x0, 0x0, @TCA_ACT_KIND={0xf, 0x1, 'tunnel_key\x00'}}, {0xc, 0x3, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ipt\x00'}}, {0x10, 0x17, 0x0, 0x0, @TCA_ACT_KIND={0xa, 0x1, 'pedit\x00'}}, {0xc, 0x1e, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x80000001}}]}, @TCA_ACT_TAB={0x1c, 0x1, [{0xc, 0x13, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xff}}, {0xc, 0x1b, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ipt\x00'}}]}, @TCA_ACT_TAB={0x10, 0x1, [{0xc, 0x1c, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ipt\x00'}}]}, @TCA_ACT_TAB={0x7c, 0x1, [{0xc, 0x13, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x1}}, {0xc, 0x1a, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x1}}, {0xc, 0xf, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x7}}, {0xc, 0x1c, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x161f}}, {0x10, 0x19, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'skbmod\x00'}}, {0xc, 0x19, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x4}}, {0xc, 0x6, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x80000}}, {0x10, 0x20, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'sample\x00'}}, {0x10, 0x11, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'csum\x00'}}]}, @TCA_ACT_TAB={0x5c, 0x1, [{0xc, 0x3, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x81}}, {0xc, 0x13, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x5}}, {0xc, 0x1e, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x6}}, {0xc, 0xc, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x6}}, {0xc, 0x1c, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ife\x00'}}, {0xc, 0x14, 0x0, 0x0, @TCA_ACT_KIND={0x7, 0x1, 'xt\x00'}}, {0x10, 0x8, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'csum\x00'}}]}, @TCA_ACT_TAB={0x40, 0x1, [{0xc, 0x1c, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x1c0}}, {0xc, 0x6, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x5}}, {0xc, 0x2, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x7ff}}, {0xc, 0xd, 0x0, 0x0, @TCA_ACT_KIND={0x7, 0x1, 'xt\x00'}}, {0xc, 0x7, 0x0, 0x0, @TCA_ACT_INDEX={0x8}}]}, @TCA_ACT_TAB={0x28, 0x1, [{0xc, 0x0, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x40}}, {0xc, 0x1, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'nat\x00'}}, {0xc, 0x16, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x8}}]}, @TCA_ACT_TAB={0x40, 0x1, [{0xc, 0x14, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x2}}, {0x10, 0x20, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'sample\x00'}}, {0x10, 0x15, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'gact\x00'}}, {0x10, 0xb, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'skbmod\x00'}}]}, @TCA_ACT_TAB={0x50, 0x1, [{0x10, 0x6, 0x0, 0x0, @TCA_ACT_KIND={0xa, 0x1, 'pedit\x00'}}, {0xc, 0x17, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x80}}, {0xc, 0xd, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x8f5}}, {0xc, 0x8, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x1ff}}, {0xc, 0x1f, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x8}}, {0xc, 0x9, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x5}}]}]}, 0x29c}}, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
r3 = syz_io_uring_setup(0x239, &(0x7f0000000740)={0x0, 0x1c2a, 0x10100, 0x0, 0x0, 0x0, r2}, &(0x7f0000000180)=<r4=>0x0, &(0x7f00000001c0)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r1, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r3, 0xded, 0xef92, 0x0, 0x0, 0x0)
r6 = openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
readv(r6, &(0x7f0000000c40)=[{&(0x7f00000003c0)=""/7, 0x7}], 0x1)
r7 = socket$pppl2tp(0x18, 0x1, 0x1)
setsockopt$pppl2tp_PPPOL2TP_SO_DEBUG(r7, 0x111, 0x1, 0x5, 0x4)

40.433080261s ago: executing program 2 (id=483):
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000640)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id', @ANYRESDEC=0x0])
statx(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x2000, 0xf0cb2f4a0c2cfc5d, 0x0)
read$FUSE(r0, &(0x7f0000006380)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000001200)={0x50, 0x0, r1, {0x7, 0x2b, 0x3, 0x200c0400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}}, 0x50)
read$FUSE(r0, &(0x7f0000004340)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INTERRUPT(r0, &(0x7f0000000200)={0x10, 0xffffffffffffffda, r2}, 0x10)

40.345704785s ago: executing program 3 (id=484):
bind$l2tp(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x0, @loopback}, 0x10)
syz_io_uring_setup(0x1f87, &(0x7f0000000080)={0x0, 0x0, 0x13580}, &(0x7f0000000100), &(0x7f0000000280))
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
openat(0xffffffffffffffff, &(0x7f0000000240)='./bus\x00', 0xac9c2, 0x23)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
r0 = syz_io_uring_setup(0x82e, &(0x7f0000000300)={0x0, 0xcd1d, 0x10100, 0x1}, &(0x7f0000000000), &(0x7f00000000c0))
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000400)=ANY=[@ANYBLOB="640000000206030000000000000000000000000705000100070000000900020073797a310000000014000780080013000000000008001240000000000500020000000500040001cc00001600030068610000008065742c706f72742c6e65740000008faddf34abffe74d800258ff1fb2e0141840e99d277430d80dc55b9c914e187288a024200b33c504c6"], 0x64}, 0x1, 0x0, 0x0, 0x4000}, 0x20004000)
io_uring_register$IORING_REGISTER_PBUF_RING(r0, 0x16, &(0x7f0000000380)={&(0x7f0000001000)={[{0x0}, {0x0}, {0x0}, {0x0}]}, 0x4}, 0x1)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001000)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f0000000040), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fdinfo/3\x00')
read$eventfd(r3, &(0x7f0000000080), 0x51)

39.70057508s ago: executing program 0 (id=485):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e22, @empty}, 0x67)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='syz_tun\x00', 0x10)
sendto$inet(r0, 0x0, 0x0, 0x20000800, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10)
syz_emit_ethernet(0x36, &(0x7f0000000180)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0xc2}}}}}}, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000640)={@local, @local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x2, 0x5, 0x2, 0x0, 0x0, 0x300}}}}}}, 0x0)

39.52022727s ago: executing program 2 (id=486):
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x7, 0x0, 0x0, 0x0, 0x4}, 0x94)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f0000000100)={0xfffffffd, 0x5, 0x0, 'queue0\x00', 0x5})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x18, 0x3, &(0x7f0000000940)=ANY=[@ANYBLOB="1800000008000000000000000000000095"], &(0x7f0000000240)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='contention_end\x00', r0}, 0x10)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8b05, &(0x7f00000004c0)={'wlan0\x00'}) (fail_nth: 2)

38.902461753s ago: executing program 1 (id=487):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x201, 0x0, 0x0, {0x3}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWTABLE={0x28, 0x0, 0xa, 0x401, 0x0, 0x0, {0x3}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}, @NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x3, 0x0, 0x0, {0x3}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x9c}}, 0x0)
sendmsg$IPSET_CMD_TYPE(r3, &(0x7f0000000380)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000340)={&(0x7f0000000240)={0x38, 0xd, 0x6, 0x3, 0x0, 0x0, {0x5}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_TYPENAME={0xd, 0x3, 'list:set\x00'}]}, 0x38}, 0x1, 0x0, 0x0, 0xa891}, 0x44010)
syz_open_dev$midi(&(0x7f0000000040), 0x2, 0x208001)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$nl_route(0x10, 0x3, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/partitions\x00', 0x0, 0x0)
r5 = syz_open_dev$amidi(&(0x7f0000000140), 0x2, 0x181)
r6 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f00000001c0)='.\x00', &(0x7f0000000000), 0x0, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r6}, 0x2c, {'wfdno', 0x3d, r5}})
sendmsg$nl_route(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=ANY=[@ANYBLOB="380000001800dd8d0000000000000000020000000000000500000000060015000200000014001680100008800c000380050001"], 0x38}}, 0x0)
r7 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r7, &(0x7f00000001c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'xchacha20\x00'}, 0x58)
r8 = accept4(r7, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f0000000080), r8)

36.794197497s ago: executing program 4 (id=488):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
dup(r2)
syz_open_dev$admmidi(&(0x7f0000000140), 0x20, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r4 = socket$netlink(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c000000020385000000000000000000000000000800010001000000"], 0x1c}}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'veth0_vlan\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x0, {0x0, 0x0, 0x0, r6}}, 0x24}}, 0x0)

33.545961807s ago: executing program 0 (id=489):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r1, 0x26, &(0x7f0000000000)={0x1})
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r2, 0x7, &(0x7f0000000000)={0x0, 0x2, 0x0, 0x1})
fcntl$lock(r1, 0x25, &(0x7f00000000c0)={0x2, 0x0, 0x2, 0xffffffffffffff7f})

0s ago: executing program 32 (id=489):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r1, 0x26, &(0x7f0000000000)={0x1})
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r2, 0x7, &(0x7f0000000000)={0x0, 0x2, 0x0, 0x1})
fcntl$lock(r1, 0x25, &(0x7f00000000c0)={0x2, 0x0, 0x2, 0xffffffffffffff7f})

kernel console output (not intermixed with test programs):

08][ T6159]  ? __pfx_sysfs_create_file_ns+0x10/0x10
[  116.264039][ T6159]  ? __dev_fwnode+0x50/0x80
[  116.264060][ T6159]  ? device_create_file+0xf4/0x1c0
[  116.264084][ T6159]  device_add+0x440/0xb50
[  116.264110][ T6159]  tty_register_device_attr+0x3fe/0x8f0
[  116.264143][ T6159]  ? __pfx_tty_register_device_attr+0x10/0x10
[  116.264179][ T6159]  ? tty_port_register_device+0x5a/0x100
[  116.264205][ T6159]  rfcomm_dev_ioctl+0x1788/0x1d40
[  116.264240][ T6159]  ? __pfx_rfcomm_dev_ioctl+0x10/0x10
[  116.264266][ T6159]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  116.264294][ T6159]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  116.264319][ T6159]  ? tomoyo_path_number_perm+0x4e2/0x5a0
[  116.264342][ T6159]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  116.264369][ T6159]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  116.264392][ T6159]  ? smack_log+0xef/0x3f0
[  116.264423][ T6159]  sock_do_ioctl+0xd9/0x300
[  116.264454][ T6159]  ? __pfx_sock_do_ioctl+0x10/0x10
[  116.264478][ T6159]  ? smk_tskacc+0x2fc/0x370
[  116.264504][ T6159]  ? smack_file_ioctl+0x24a/0x340
[  116.264536][ T6159]  sock_ioctl+0x576/0x790
[  116.264564][ T6159]  ? __pfx_sock_ioctl+0x10/0x10
[  116.264590][ T6159]  ? __fget_files+0x2a/0x420
[  116.264606][ T6159]  ? __fget_files+0x3a0/0x420
[  116.264621][ T6159]  ? __fget_files+0x2a/0x420
[  116.264642][ T6159]  ? bpf_lsm_file_ioctl+0x9/0x20
[  116.264659][ T6159]  ? __pfx_sock_ioctl+0x10/0x10
[  116.264684][ T6159]  __se_sys_ioctl+0xf9/0x170
[  116.264711][ T6159]  do_syscall_64+0xfa/0x3b0
[  116.264728][ T6159]  ? lockdep_hardirqs_on+0x9c/0x150
[  116.264754][ T6159]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  116.264772][ T6159]  ? clear_bhb_loop+0x60/0xb0
[  116.264795][ T6159]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  116.264813][ T6159] RIP: 0033:0x7ff54018e929
[  116.264830][ T6159] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  116.264845][ T6159] RSP: 002b:00007ff54106a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  116.264874][ T6159] RAX: ffffffffffffffda RBX: 00007ff5403b5fa0 RCX: 00007ff54018e929
[  116.264887][ T6159] RDX: 0000200000000100 RSI: 00000000400452c8 RDI: 0000000000000004
[  116.264898][ T6159] RBP: 00007ff54106a090 R08: 0000000000000000 R09: 0000000000000000
[  116.264909][ T6159] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  116.264919][ T6159] R13: 0000000000000000 R14: 00007ff5403b5fa0 R15: 00007ffcb2b9a468
[  116.264949][ T6159]  </TASK>
[  117.014303][    C1] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  119.658906][   T10] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  119.731138][ T6188] netlink: 12 bytes leftover after parsing attributes in process `syz.4.61'.
[  119.756751][ T6190] netlink: 16 bytes leftover after parsing attributes in process `syz.1.62'.
[  119.825576][   T10] usb 3-1: config 0 has an invalid interface number: 183 but max is 0
[  119.845852][   T10] usb 3-1: config 0 has no interface number 0
[  119.872916][  T979] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  119.887747][   T10] usb 3-1: New USB device found, idVendor=19d2, idProduct=e9d4, bcdDevice=38.f6
[  119.921124][   T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  119.951888][   T10] usb 3-1: config 0 descriptor??
[  119.985746][   T10] usb 3-1: bad CDC descriptors
[  120.054009][  T979] usb 1-1: Using ep0 maxpacket: 32
[  120.071438][  T979] usb 1-1: config 0 has an invalid interface number: 247 but max is 0
[  120.090624][  T979] usb 1-1: config 0 has no interface number 0
[  120.102884][  T979] usb 1-1: New USB device found, idVendor=1d50, idProduct=60c6, bcdDevice=62.9b
[  120.125737][  T979] usb 1-1: New USB device strings: Mfr=1, Product=3, SerialNumber=0
[  120.134460][  T979] usb 1-1: Product: syz
[  120.138783][  T979] usb 1-1: Manufacturer: syz
[  120.150038][  T979] usb 1-1: config 0 descriptor??
[  120.273612][ T5900] usb 3-1: USB disconnect, device number 2
[  121.092890][ T5844] Bluetooth: hci4: command 0x0405 tx timeout
[  125.190455][ T6219] Bluetooth: MGMT ver 1.23
[  125.272962][   T10] usb 1-1: USB disconnect, device number 2
[  126.149147][ T6228] netlink: 'syz.3.68': attribute type 21 has an invalid length.
[  126.160362][ T6228] IPv6: NLM_F_CREATE should be specified when creating new route
[  126.172161][ T6228] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  126.179485][ T6228] IPv6: NLM_F_CREATE should be set when creating new route
[  126.186891][ T6228] IPv6: NLM_F_CREATE should be set when creating new route
[  126.194265][ T6228] IPv6: NLM_F_CREATE should be set when creating new route
[  129.801674][   T10] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  129.981877][   T10] usb 4-1: Using ep0 maxpacket: 32
[  129.998851][   T10] usb 4-1: New USB device found, idVendor=041e, idProduct=403c, bcdDevice=cc.d7
[  130.028092][   T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  130.210686][   T10] usb 4-1: config 0 descriptor??
[  130.884866][   T10] gspca_main: sq930x-2.14.0 probing 041e:403c
[  131.101815][   T93] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  131.462497][   T10] gspca_sq930x: reg_r 001f failed -110
[  131.471141][   T10] sq930x 4-1:0.0: probe with driver sq930x failed with error -110
[  131.633955][   T93] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  131.650520][   T93] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  131.677587][   T93] usb 1-1: New USB device found, idVendor=06cb, idProduct=73f6, bcdDevice= 0.00
[  131.699070][   T93] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  131.760137][   T93] usb 1-1: config 0 descriptor??
[  132.544919][   T93] itetech 0003:06CB:73F6.0001: unknown main item tag 0x0
[  132.587224][ T6264] : entered promiscuous mode
[  132.633214][ T5855] usb 4-1: USB disconnect, device number 4
[  132.662558][   T93] itetech 0003:06CB:73F6.0001: unbalanced collection at end of report description
[  132.675712][   T93] itetech 0003:06CB:73F6.0001: probe with driver itetech failed with error -22
[  132.938499][ T6281] futex_wake_op: syz.4.84 tries to shift op by -1; fix this program
[  133.018412][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  133.031336][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  133.738750][   T93] usb 1-1: USB disconnect, device number 3
[  134.440558][ T6294] loop9: detected capacity change from 0 to 7
[  135.022007][ T6294] Dev loop9: unable to read RDB block 7
[  135.166296][ T6294]  loop9: unable to read partition table
[  135.173906][ T6294] loop9: partition table beyond EOD, truncated
[  135.180137][ T6294] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[  135.821756][ T5893] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  136.431978][ T5893] usb 1-1: no configurations
[  136.436646][ T5893] usb 1-1: can't read configurations, error -22
[  136.601559][ T5893] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  136.993420][ T5893] usb 1-1: no configurations
[  137.000219][ T5893] usb 1-1: can't read configurations, error -22
[  137.257283][ T5893] usb usb1-port1: attempt power cycle
[  137.630736][ T5893] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  137.690300][ T6316] FAULT_INJECTION: forcing a failure.
[  137.690300][ T6316] name failslab, interval 1, probability 0, space 0, times 0
[  137.712024][ T5893] usb 1-1: no configurations
[  137.716654][ T5893] usb 1-1: can't read configurations, error -22
[  137.754359][ T6319] netlink: 'syz.1.93': attribute type 1 has an invalid length.
[  137.754743][ T6316] CPU: 1 UID: 0 PID: 6316 Comm: syz.2.92 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(full) 
[  137.754766][ T6316] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  137.754775][ T6316] Call Trace:
[  137.754782][ T6316]  <TASK>
[  137.754789][ T6316]  dump_stack_lvl+0x189/0x250
[  137.754814][ T6316]  ? __pfx____ratelimit+0x10/0x10
[  137.754839][ T6316]  ? __pfx_dump_stack_lvl+0x10/0x10
[  137.754857][ T6316]  ? __pfx__printk+0x10/0x10
[  137.754885][ T6316]  ? __pfx___might_resched+0x10/0x10
[  137.754908][ T6316]  should_fail_ex+0x414/0x560
[  137.754935][ T6316]  ? seq_read_iter+0x1fd/0xe10
[  137.754954][ T6316]  should_failslab+0xa8/0x100
[  137.754979][ T6316]  __kvmalloc_node_noprof+0x161/0x5f0
[  137.755002][ T6316]  ? seq_read_iter+0x1fd/0xe10
[  137.755028][ T6316]  seq_read_iter+0x1fd/0xe10
[  137.755049][ T6316]  ? stack_depot_save_flags+0x40/0x900
[  137.755085][ T6316]  ? __asan_memset+0x22/0x50
[  137.755111][ T6316]  seq_read+0x2e2/0x3d0
[  137.755129][ T6316]  ? do_syscall_64+0xfa/0x3b0
[  137.755154][ T6316]  ? __pfx_seq_read+0x10/0x10
[  137.755197][ T6316]  loop_rw_iter+0x422/0x660
[  137.755235][ T6316]  __io_read+0x1326/0x14f0
[  137.755281][ T6316]  ? __pfx___io_read+0x10/0x10
[  137.755313][ T6316]  io_read+0x1c/0x60
[  137.755334][ T6316]  __io_issue_sqe+0x17e/0x4b0
[  137.755355][ T6316]  ? io_file_get_normal+0x101/0x2f0
[  137.755378][ T6316]  io_issue_sqe+0x165/0xfd0
[  137.755407][ T6316]  io_submit_sqes+0xa38/0x1c50
[  137.755461][ T6316]  __se_sys_io_uring_enter+0x2df/0x2b20
[  137.755502][ T6316]  ? ksys_write+0x1cb/0x250
[  137.755528][ T6316]  ? __pfx___se_sys_io_uring_enter+0x10/0x10
[  137.755546][ T6316]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  137.755562][ T6316]  ? __pfx_vfs_write+0x10/0x10
[  137.755587][ T6316]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  137.755606][ T6316]  ? __fget_files+0x3a0/0x420
[  137.755629][ T6316]  ? fput+0xa0/0xd0
[  137.755647][ T6316]  ? ksys_write+0x22a/0x250
[  137.755671][ T6316]  ? __pfx_ksys_write+0x10/0x10
[  137.755689][ T6316]  ? rcu_is_watching+0x15/0xb0
[  137.755713][ T6316]  ? __x64_sys_io_uring_enter+0x21/0xf0
[  137.755738][ T6316]  do_syscall_64+0xfa/0x3b0
[  137.755752][ T6316]  ? lockdep_hardirqs_on+0x9c/0x150
[  137.755774][ T6316]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  137.755790][ T6316]  ? clear_bhb_loop+0x60/0xb0
[  137.755810][ T6316]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  137.755825][ T6316] RIP: 0033:0x7ff54018e929
[  137.755841][ T6316] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  137.755854][ T6316] RSP: 002b:00007ff54106a038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  137.755872][ T6316] RAX: ffffffffffffffda RBX: 00007ff5403b5fa0 RCX: 00007ff54018e929
[  137.755883][ T6316] RDX: 000000000000a1ff RSI: 0000000000000567 RDI: 0000000000000004
[  137.755893][ T6316] RBP: 00007ff54106a090 R08: 0000000000000000 R09: 0000000000000000
[  137.755903][ T6316] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  137.755912][ T6316] R13: 0000000000000000 R14: 00007ff5403b5fa0 R15: 00007ffcb2b9a468
[  137.755941][ T6316]  </TASK>
[  137.900708][ T5893] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  138.122455][ T5893] usb 1-1: no configurations
[  138.131650][ T5893] usb 1-1: can't read configurations, error -22
[  138.141960][ T5893] usb usb1-port1: unable to enumerate USB device
[  138.944039][ T6323] bond1: (slave gretap1): making interface the new active one
[  138.944533][ T6333] 9pnet_fd: Insufficient options for proto=fd
[  138.971220][ T6323] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  139.492377][ T6345] loop9: detected capacity change from 0 to 7
[  139.765880][   T10] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  140.206551][   T10] usb 5-1: device descriptor read/64, error -71
[  140.243281][ T6345] Dev loop9: unable to read RDB block 7
[  140.417142][ T6345]  loop9: unable to read partition table
[  140.479055][ T6345] loop9: partition table beyond EOD, truncated
[  140.512555][ T6345] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[  140.550808][   T10] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  141.511338][   T10] usb 5-1: device descriptor read/64, error -71
[  141.631367][   T10] usb usb5-port1: attempt power cycle
[  142.138184][ T6365] overlayfs: failed to resolve './file0': -2
[  142.583621][ T6366] netlink: 'syz.3.104': attribute type 4 has an invalid length.
[  142.591521][ T6366] netlink: 17 bytes leftover after parsing attributes in process `syz.3.104'.
[  142.821686][ T6362] delete_channel: no stack
[  142.900129][   T93] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  143.340083][   T93] usb 3-1: Using ep0 maxpacket: 8
[  143.411259][   T93] usb 3-1: config index 0 descriptor too short (expected 65535, got 18)
[  143.434349][   T93] usb 3-1: config 255 has too many interfaces: 255, using maximum allowed: 32
[  143.675723][   T93] usb 3-1: config 255 has 1 interface, different from the descriptor's value: 255
[  143.687080][   T93] usb 3-1: config 255 has no interface number 0
[  143.693474][   T93] usb 3-1: New USB device found, idVendor=15c2, idProduct=ffdc, bcdDevice=54.91
[  143.702590][   T93] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  143.818023][   T93] imon 3-1:255.203: unable to register, err -19
[  143.862368][   T10] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  144.726782][  T979] usb 3-1: USB disconnect, device number 3
[  144.731298][ T6387] netlink: 'syz.1.110': attribute type 4 has an invalid length.
[  145.012526][   T10] usb 1-1: New USB device found, idVendor=056e, idProduct=4010, bcdDevice=20.1c
[  145.308780][   T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  145.385620][   T10] usb 1-1: config 0 descriptor??
[  145.527442][ T6382] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  145.716262][ T6397] loop9: detected capacity change from 0 to 7
[  145.761535][ T6397] Dev loop9: unable to read RDB block 7
[  145.823340][ T6397]  loop9: unable to read partition table
[  146.034311][ T6380] netlink: 'syz.0.109': attribute type 1 has an invalid length.
[  146.050060][ T6397] loop9: partition table beyond EOD, truncated
[  146.770205][ T6397] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[  146.852638][   T10] pegasus 1-1:0.0: probe with driver pegasus failed with error -32
[  147.730371][    C1] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  148.351904][    T9] usb 1-1: USB disconnect, device number 8
[  148.879501][  T979] usb 4-1: new full-speed USB device number 5 using dummy_hcd
[  149.303273][   T30] audit: type=1804 audit(1752037209.263:2): pid=6425 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.1.123" name="/newroot/25/file0" dev="tmpfs" ino=147 res=1 errno=0
[  150.400082][  T979] usb 4-1: unable to get BOS descriptor or descriptor too short
[  150.469167][  T979] usb 4-1: not running at top speed; connect to a high speed hub
[  150.531054][  T979] usb 4-1: config 253 has an invalid interface number: 140 but max is 0
[  150.598078][  T979] usb 4-1: config 253 has an invalid descriptor of length 204, skipping remainder of the config
[  150.659172][  T979] usb 4-1: config 253 has no interface number 0
[  150.706202][  T979] usb 4-1: config 253 interface 140 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  150.779916][  T979] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a0, bcdDevice=3e.5b
[  150.808976][  T979] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  150.844055][  T979] usb 4-1: Product: syz
[  150.859484][  T979] usb 4-1: Manufacturer: syz
[  150.864146][  T979] usb 4-1: SerialNumber: syz
[  150.995752][ T6436] .: renamed from vlan1 (while UP)
[  151.148328][  T979] usb 4-1: can't set config #253, error -71
[  151.207415][  T979] usb 4-1: USB disconnect, device number 5
[  151.660690][ T6444] lo speed is unknown, defaulting to 1000
[  151.667197][ T6444] lo speed is unknown, defaulting to 1000
[  151.681131][ T6444] lo speed is unknown, defaulting to 1000
[  151.718571][ T6444] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  151.791624][ T6444] infiniband s: RDMA CMA: cma_listen_on_dev, error -98
[  151.980552][ T6444] lo speed is unknown, defaulting to 1000
[  152.005646][ T6444] lo speed is unknown, defaulting to 1000
[  152.024633][ T6444] lo speed is unknown, defaulting to 1000
[  152.044669][ T6444] lo speed is unknown, defaulting to 1000
[  152.097998][ T6444] lo speed is unknown, defaulting to 1000
[  152.730310][  T979] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  153.070385][  T979] usb 2-1: device descriptor read/64, error -71
[  153.530286][  T979] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  153.636637][ T6454] loop9: detected capacity change from 0 to 7
[  153.643664][ T6456] netlink: 28 bytes leftover after parsing attributes in process `syz.3.132'.
[  153.680371][  T979] usb 2-1: device descriptor read/64, error -71
[  153.785739][ T6095] Dev loop9: unable to read RDB block 7
[  153.860358][ T6095]  loop9: unable to read partition table
[  153.872583][ T6095] loop9: partition table beyond EOD, truncated
[  154.506369][  T979] usb usb2-port1: attempt power cycle
[  155.159239][ T6461] netlink: 28 bytes leftover after parsing attributes in process `syz.4.133'.
[  155.797563][ T6466] fuse: Invalid rootmode
[  156.578853][   T93] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  156.708519][    T9] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  156.750170][   T93] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  156.801815][   T93] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  156.830747][   T93] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  156.870009][   T93] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  156.888597][    T9] usb 3-1: Using ep0 maxpacket: 32
[  156.913437][    T9] usb 3-1: config 0 has an invalid interface number: 247 but max is 0
[  156.922271][    T9] usb 3-1: config 0 has no interface number 0
[  156.940602][    T9] usb 3-1: New USB device found, idVendor=1d50, idProduct=60c6, bcdDevice=62.9b
[  156.978429][    T9] usb 3-1: New USB device strings: Mfr=1, Product=3, SerialNumber=0
[  157.020809][   T93] usb 1-1: SerialNumber: syz
[  157.023456][    T9] usb 3-1: Product: syz
[  157.085233][    T9] usb 3-1: Manufacturer: syz
[  157.135186][    T9] usb 3-1: config 0 descriptor??
[  161.214070][ T6493] netlink: 100 bytes leftover after parsing attributes in process `syz.4.144'.
[  161.282791][   T93] usb 1-1: 0:2 : does not exist
[  161.359437][   T93] usb 1-1: USB disconnect, device number 9
[  161.370704][   T30] audit: type=1326 audit(1752037221.335:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6494 comm="syz.3.145" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f799a18e929 code=0x7ffc0000
[  161.405335][ T6495] Smack: duplicate mount options
[  161.465698][   T30] audit: type=1326 audit(1752037221.335:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6494 comm="syz.3.145" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f799a18e929 code=0x7ffc0000
[  161.542646][ T6095] udevd[6095]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  162.022954][ T6499] fuse: Invalid rootmode
[  162.192474][   T30] audit: type=1326 audit(1752037221.375:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6494 comm="syz.3.145" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f799a18e929 code=0x7ffc0000
[  162.203755][  T979] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  162.303239][   T30] audit: type=1326 audit(1752037221.375:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6494 comm="syz.3.145" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f799a18e929 code=0x7ffc0000
[  162.350583][   T30] audit: type=1326 audit(1752037221.375:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6494 comm="syz.3.145" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f799a18e929 code=0x7ffc0000
[  162.377045][ T5893] usb 3-1: USB disconnect, device number 4
[  163.347627][   T30] audit: type=1326 audit(1752037221.375:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6494 comm="syz.3.145" exe="/root/syz-executor" sig=0 arch=c000003e syscall=444 compat=0 ip=0x7f799a18e929 code=0x7ffc0000
[  163.356539][  T979] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  163.380851][  T979] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  163.391218][  T979] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  163.484941][  T979] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  163.508310][   T30] audit: type=1326 audit(1752037221.375:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6494 comm="syz.3.145" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f799a18e929 code=0x7ffc0000
[  163.536738][  T979] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  163.566515][  T979] usb 4-1: Product: syz
[  163.574736][   T30] audit: type=1326 audit(1752037221.375:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6494 comm="syz.3.145" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f799a18e929 code=0x7ffc0000
[  163.609419][  T979] usb 4-1: Manufacturer: syz
[  163.614081][  T979] usb 4-1: SerialNumber: syz
[  163.615278][   T30] audit: type=1326 audit(1752037221.375:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6494 comm="syz.3.145" exe="/root/syz-executor" sig=0 arch=c000003e syscall=85 compat=0 ip=0x7f799a18e929 code=0x7ffc0000
[  163.678790][   T30] audit: type=1326 audit(1752037221.375:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6494 comm="syz.3.145" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f799a18e929 code=0x7ffc0000
[  163.874790][  T979] usblp 4-1:1.0: usblp0: USB Unidirectional printer dev 6 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  165.208740][ T6529] Driver unsupported XDP return value 0 on prog  (id 33) dev N/A, expect packet loss!
[  165.280126][  T979] usb 4-1: USB disconnect, device number 6
[  165.334498][  T979] usblp0: removed
[  167.099366][ T6539] netlink: 'syz.2.157': attribute type 21 has an invalid length.
[  167.109693][ T6539] IPv6: NLM_F_CREATE should be specified when creating new route
[  167.123062][ T6539] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  167.130376][ T6539] IPv6: NLM_F_CREATE should be set when creating new route
[  167.137709][ T6539] IPv6: NLM_F_CREATE should be set when creating new route
[  167.144982][ T6539] IPv6: NLM_F_CREATE should be set when creating new route
[  167.563960][ T6546] fuse: Invalid rootmode
[  167.867319][  T979] usb 5-1: new full-speed USB device number 5 using dummy_hcd
[  168.170241][  T979] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  168.210589][  T979] usb 5-1: New USB device found, idVendor=1822, idProduct=3202, bcdDevice=13.4a
[  168.230324][  T979] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  168.273972][  T979] usb 5-1: Product: syz
[  168.477038][  T979] usb 5-1: Manufacturer: syz
[  168.494309][  T979] usb 5-1: SerialNumber: syz
[  168.578517][  T979] usb 5-1: config 0 descriptor??
[  168.593318][  T979] dvb-usb: found a 'TwinhanDTV USB-Ter USB1.1 / Magic Box I / HAMA USB1.1 DVB-T device' in warm state.
[  168.953882][  T979] dvb-usb: bulk message failed: -22 (3/0)
[  169.025949][  T979] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  169.035767][ T6571] loop9: detected capacity change from 0 to 7
[  169.060711][ T6572] netlink: 'syz.0.167': attribute type 1 has an invalid length.
[  169.067675][  T979] dvbdev: DVB: registering new adapter (TwinhanDTV USB-Ter USB1.1 / Magic Box I / HAMA USB1.1 DVB-T device)
[  169.137141][ T6571] Dev loop9: unable to read RDB block 7
[  169.142803][ T6571]  loop9: unable to read partition table
[  169.160675][ T6572] bond1: (slave gretap1): making interface the new active one
[  169.186921][  T979] usb 5-1: media controller created
[  169.196319][  T979] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  169.242846][ T6571] loop9: partition table beyond EOD, truncated
[  169.294408][ T6571] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[  169.334390][ T6572] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  169.997890][  T979] dvb-usb: bulk message failed: -22 (6/0)
[  170.003979][  T979] dvb-usb: no frontend was attached by 'TwinhanDTV USB-Ter USB1.1 / Magic Box I / HAMA USB1.1 DVB-T device'
[  170.020580][  T979] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.4/usb5/5-1/input/input5
[  170.036532][  T979] dvb-usb: schedule remote query interval to 150 msecs.
[  170.043831][  T979] dvb-usb: bulk message failed: -22 (3/0)
[  170.077015][  T979] dvb-usb: TwinhanDTV USB-Ter USB1.1 / Magic Box I / HAMA USB1.1 DVB-T device successfully initialized and connected.
[  170.109411][  T979] usb 5-1: USB disconnect, device number 5
[  170.214996][ T6579] netlink: 'syz.2.170': attribute type 39 has an invalid length.
[  170.330803][  T979] dvb-usb: TwinhanDTV USB-Ter USB1.1 / Magic Box I successfully deinitialized and disconnected.
[  170.331456][ T6583] netlink: 200 bytes leftover after parsing attributes in process `syz.3.168'.
[  170.487737][ T6583] netlink: 44 bytes leftover after parsing attributes in process `syz.3.168'.
[  170.787779][ T6578] netlink: 'syz.3.168': attribute type 1 has an invalid length.
[  170.826652][ T6578] netlink: 224 bytes leftover after parsing attributes in process `syz.3.168'.
[  170.847277][  T979] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  171.137240][ T6601] binder: 6600:6601 ioctl c00c620f 200000000500 returned -22
[  172.104741][  T979] usb 5-1: Using ep0 maxpacket: 32
[  172.128676][  T979] usb 5-1: config index 0 descriptor too short (expected 24829, got 36)
[  172.137277][  T979] usb 5-1: config 63 has too many interfaces: 79, using maximum allowed: 32
[  172.146059][  T979] usb 5-1: config 63 has an invalid descriptor of length 173, skipping remainder of the config
[  172.157114][  T979] usb 5-1: config 63 has 0 interfaces, different from the descriptor's value: 79
[  172.166310][  T979] usb 5-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice= 0.0f
[  172.433719][  T979] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  172.578558][ T6617] syz.2.179 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  173.627617][ T6623] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  173.636934][ T6623] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  174.531555][ T6629] netlink: 8 bytes leftover after parsing attributes in process `syz.0.182'.
[  174.540621][ T6629] netlink: 8 bytes leftover after parsing attributes in process `syz.0.182'.
[  174.577918][ T6630] loop9: detected capacity change from 0 to 7
[  174.691281][ T6631] netlink: 'syz.0.182': attribute type 11 has an invalid length.
[  175.028178][  T979] usb 5-1: string descriptor 0 read error: -71
[  175.080269][ T6630] Dev loop9: unable to read RDB block 7
[  175.151163][ T6630]  loop9: unable to read partition table
[  175.284517][   T30] kauditd_printk_skb: 62 callbacks suppressed
[  175.284576][   T30] audit: type=1326 audit(1752037235.257:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6614 comm="syz.2.179" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff54018e929 code=0xffff0000
[  175.926157][  T979] usb 5-1: USB disconnect, device number 6
[  175.971593][ T6630] loop9: partition table beyond EOD, truncated
[  176.076087][ T6630] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[  176.388624][ T6643] netlink: 28 bytes leftover after parsing attributes in process `syz.4.187'.
[  176.397693][ T5893] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  176.600063][ T5893] usb 2-1: Using ep0 maxpacket: 32
[  176.741626][ T5893] usb 2-1: config 0 has an invalid interface number: 247 but max is 0
[  176.783749][ T5893] usb 2-1: config 0 has no interface number 0
[  176.919278][ T5893] usb 2-1: New USB device found, idVendor=1d50, idProduct=60c6, bcdDevice=62.9b
[  177.204223][ T5893] usb 2-1: New USB device strings: Mfr=1, Product=3, SerialNumber=0
[  177.212465][ T5893] usb 2-1: Product: syz
[  177.330540][ T5893] usb 2-1: Manufacturer: syz
[  177.397182][ T5893] usb 2-1: config 0 descriptor??
[  181.556417][ T5924] usb 2-1: USB disconnect, device number 8
[  181.661808][ T6668] netlink: 4344 bytes leftover after parsing attributes in process `syz.1.194'.
[  181.761780][ T6668] binder: 6667:6668 ioctl 40309410 2000000000c0 returned -22
[  181.917828][ T6675] netlink: 4 bytes leftover after parsing attributes in process `syz.3.195'.
[  182.075519][ T5924] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  182.282211][ T6680] netlink: 'syz.1.197': attribute type 29 has an invalid length.
[  182.293974][ T6680] netlink: 'syz.1.197': attribute type 29 has an invalid length.
[  182.340189][ T5893] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  182.585513][ T5893] usb 4-1: Using ep0 maxpacket: 16
[  182.661966][ T5893] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  182.763662][ T5893] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  182.904166][ T5893] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  182.936496][ T5893] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  182.975211][ T5893] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  183.013162][ T5924] usb 1-1: Using ep0 maxpacket: 32
[  183.018704][ T5893] usb 4-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  183.025284][ T5924] usb 1-1: config 0 has an invalid interface number: 247 but max is 0
[  183.036584][ T5893] usb 4-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  183.054380][ T5893] usb 4-1: Manufacturer: syz
[  183.072278][ T5893] usb 4-1: config 0 descriptor??
[  183.081781][ T5924] usb 1-1: config 0 has no interface number 0
[  183.090611][ T5924] usb 1-1: New USB device found, idVendor=1d50, idProduct=60c6, bcdDevice=62.9b
[  183.107705][ T5924] usb 1-1: New USB device strings: Mfr=1, Product=3, SerialNumber=0
[  183.110970][ T6685] loop9: detected capacity change from 0 to 7
[  183.131184][ T5924] usb 1-1: Product: syz
[  183.135513][  T979] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  183.142437][ T6685] Dev loop9: unable to read RDB block 7
[  183.143900][ T5924] usb 1-1: Manufacturer: syz
[  183.158969][ T6685]  loop9: unable to read partition table
[  183.161622][ T5924] usb 1-1: config 0 descriptor??
[  183.179529][ T6685] loop9: partition table beyond EOD, truncated
[  183.205337][ T6685] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[  183.228444][   T30] audit: type=1326 audit(1752037243.208:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6686 comm="syz.1.200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb538e929 code=0x7ffc0000
[  183.251734][   T30] audit: type=1326 audit(1752037243.208:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6686 comm="syz.1.200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb538e929 code=0x7ffc0000
[  183.280748][   T30] audit: type=1326 audit(1752037243.208:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6686 comm="syz.1.200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fdfb538e929 code=0x7ffc0000
[  183.316128][   T30] audit: type=1326 audit(1752037243.208:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6686 comm="syz.1.200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb538e929 code=0x7ffc0000
[  183.361887][  T979] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  183.396373][  T979] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[  183.407537][   T30] audit: type=1326 audit(1752037243.208:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6686 comm="syz.1.200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb538e929 code=0x7ffc0000
[  183.435384][  T979] usb 5-1: New USB device found, idVendor=2040, idProduct=1605, bcdDevice= a.94
[  183.444471][  T979] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  183.469335][ T5893] rc_core: IR keymap rc-hauppauge not found
[  183.473975][   T30] audit: type=1326 audit(1752037243.208:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6686 comm="syz.1.200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=444 compat=0 ip=0x7fdfb538e929 code=0x7ffc0000
[  183.502299][ T5893] Registered IR keymap rc-empty
[  183.502386][  T979] usb 5-1: config 0 descriptor??
[  183.515264][ T5924] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  183.543650][ T5893] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  183.547811][  T979] usb 5-1: can't set config #0, error -71
[  183.562100][   T30] audit: type=1326 audit(1752037243.208:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6686 comm="syz.1.200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb538e929 code=0x7ffc0000
[  183.592708][ T5893] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  183.603157][  T979] usb 5-1: USB disconnect, device number 7
[  183.702409][ T5893] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0
[  183.708243][ T5924] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  183.916069][   T30] audit: type=1326 audit(1752037243.208:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6686 comm="syz.1.200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb538e929 code=0x7ffc0000
[  183.953787][ T5893] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0/input6
[  184.175791][   T30] audit: type=1326 audit(1752037243.208:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6686 comm="syz.1.200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=85 compat=0 ip=0x7fdfb538e929 code=0x7ffc0000
[  184.408855][   T30] audit: type=1326 audit(1752037243.208:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6686 comm="syz.1.200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb538e929 code=0x7ffc0000
[  184.440848][ T5893] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  184.633976][ T5893] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  184.786786][ T5893] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  184.858732][ T5893] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  184.955855][ T5893] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  185.083542][ T5893] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  185.213707][ T5893] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  185.336057][ T5893] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  185.426765][ T5893] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  185.538812][ T5893] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  185.717165][ T5893] mceusb 4-1:0.0: Registered ˆ with mce emulator interface version 1
[  185.784144][ T5893] mceusb 4-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  185.977286][ T5893] usb 4-1: USB disconnect, device number 7
[  186.653272][ T5924] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  186.677944][ T5924] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  186.743466][ T5924] usb 2-1: string descriptor 0 read error: -71
[  186.753926][ T5924] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  186.763416][ T5924] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  186.777845][ T5924] usb 2-1: can't set config #1, error -71
[  186.788182][ T5924] usb 2-1: USB disconnect, device number 9
[  187.475662][ T5855] usb 1-1: USB disconnect, device number 10
[  188.568892][ T6720] FAULT_INJECTION: forcing a failure.
[  188.568892][ T6720] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  188.582317][ T6720] CPU: 0 UID: 0 PID: 6720 Comm: syz.0.206 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(full) 
[  188.582344][ T6720] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  188.582354][ T6720] Call Trace:
[  188.582362][ T6720]  <TASK>
[  188.582370][ T6720]  dump_stack_lvl+0x189/0x250
[  188.582397][ T6720]  ? __pfx____ratelimit+0x10/0x10
[  188.582427][ T6720]  ? __pfx_dump_stack_lvl+0x10/0x10
[  188.582447][ T6720]  ? __pfx__printk+0x10/0x10
[  188.582486][ T6720]  should_fail_ex+0x414/0x560
[  188.582518][ T6720]  _copy_to_user+0x31/0xb0
[  188.582560][ T6720]  simple_read_from_buffer+0xe1/0x170
[  188.582592][ T6720]  proc_fail_nth_read+0x1df/0x250
[  188.582616][ T6720]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  188.582639][ T6720]  ? rw_verify_area+0x258/0x650
[  188.582663][ T6720]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  188.582684][ T6720]  vfs_read+0x1fd/0x980
[  188.582723][ T6720]  ? __pfx___mutex_lock+0x10/0x10
[  188.582742][ T6720]  ? __pfx_vfs_read+0x10/0x10
[  188.582769][ T6720]  ? __fget_files+0x2a/0x420
[  188.582792][ T6720]  ? __fget_files+0x3a0/0x420
[  188.582807][ T6720]  ? __fget_files+0x2a/0x420
[  188.582835][ T6720]  ksys_read+0x145/0x250
[  188.582861][ T6720]  ? __pfx_ksys_read+0x10/0x10
[  188.582892][ T6720]  ? do_syscall_64+0xbe/0x3b0
[  188.582915][ T6720]  do_syscall_64+0xfa/0x3b0
[  188.582933][ T6720]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  188.582950][ T6720]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  188.582967][ T6720]  ? clear_bhb_loop+0x60/0xb0
[  188.582990][ T6720]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  188.583007][ T6720] RIP: 0033:0x7f0b7c18d33c
[  188.583025][ T6720] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  188.583040][ T6720] RSP: 002b:00007f0b7cf55030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  188.583061][ T6720] RAX: ffffffffffffffda RBX: 00007f0b7c3b6160 RCX: 00007f0b7c18d33c
[  188.583074][ T6720] RDX: 000000000000000f RSI: 00007f0b7cf550a0 RDI: 000000000000000b
[  188.583085][ T6720] RBP: 00007f0b7cf55090 R08: 0000000000000000 R09: 0000000000000000
[  188.583096][ T6720] R10: 0000800000000004 R11: 0000000000000246 R12: 0000000000000001
[  188.583107][ T6720] R13: 0000000000000000 R14: 00007f0b7c3b6160 R15: 00007fff5a9d3708
[  188.583139][ T6720]  </TASK>
[  188.949024][ T6724] netlink: 28 bytes leftover after parsing attributes in process `syz.3.207'.
[  189.148203][ T6725] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  189.595431][ T6707] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  189.994657][ T6707] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  190.004453][ T6707] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  190.084766][ T6707] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  190.118849][ T6707] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  190.542947][ T6746] syz.3.213 uses obsolete (PF_INET,SOCK_PACKET)
[  190.594396][ T5984] usb 1-1: new full-speed USB device number 11 using dummy_hcd
[  190.729127][ T6742] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  190.768192][ T5984] usb 1-1: config 0 has an invalid interface number: 212 but max is 0
[  190.776634][    T9] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  190.796568][ T6742] batadv_slave_0: entered promiscuous mode
[  190.802680][ T5984] usb 1-1: config 0 has no interface number 0
[  190.821558][ T6742] batadv_slave_0: entered allmulticast mode
[  190.831602][ T5984] usb 1-1: config 0 interface 212 has no altsetting 0
[  190.918855][ T5984] usb 1-1: New USB device found, idVendor=1ae7, idProduct=0525, bcdDevice=ca.e6
[  190.937370][ T5984] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  191.042543][ T6750] netlink: 16 bytes leftover after parsing attributes in process `syz.4.215'.
[  191.126875][ T6750] block device autoloading is deprecated and will be removed.
[  191.674232][ T5844] Bluetooth: hci1: command 0x0c1a tx timeout
[  191.694243][    T9] usb 3-1: Using ep0 maxpacket: 32
[  191.701182][ T5984] usb 1-1: Product: syz
[  191.714362][ T5984] usb 1-1: Manufacturer: syz
[  191.721031][    T9] usb 3-1: config 0 has an invalid interface number: 247 but max is 0
[  191.734185][ T5984] usb 1-1: SerialNumber: syz
[  191.741633][    T9] usb 3-1: config 0 has no interface number 0
[  191.763300][ T5984] usb 1-1: config 0 descriptor??
[  191.770997][    T9] usb 3-1: New USB device found, idVendor=1d50, idProduct=60c6, bcdDevice=62.9b
[  191.900393][    T9] usb 3-1: New USB device strings: Mfr=1, Product=3, SerialNumber=0
[  191.912209][ T5984] HFC-S_USB 1-1:0.212: probe with driver HFC-S_USB failed with error -5
[  191.923592][    T9] usb 3-1: Product: syz
[  191.927846][    T9] usb 3-1: Manufacturer: syz
[  191.941766][    T9] usb 3-1: config 0 descriptor??
[  191.964297][ T5844] Bluetooth: hci0: command 0x0c1a tx timeout
[  192.043890][ T6752] netlink: 'syz.4.216': attribute type 1 has an invalid length.
[  192.051787][ T5844] Bluetooth: hci2: command 0x0c1a tx timeout
[  192.068728][ T6754] netlink: 'syz.3.217': attribute type 1 has an invalid length.
[  192.124557][ T5844] Bluetooth: hci4: command 0x0405 tx timeout
[  192.124617][ T5841] Bluetooth: hci3: command 0x0c1a tx timeout
[  192.143009][    T9] usb 1-1: USB disconnect, device number 11
[  192.307158][ T6756] bond1: (slave gretap0): making interface the new active one
[  192.379558][ T6756] bond1: (slave gretap0): Enslaving as an active interface with an up link
[  192.776839][ T6754] bond1: (slave gretap1): making interface the new active one
[  192.941753][ T6754] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  194.318955][ T5893] usb 3-1: USB disconnect, device number 6
[  194.644373][ T6767] netlink: 'syz.4.219': attribute type 21 has an invalid length.
[  194.658919][ T6767] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  194.757503][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  194.915421][ T5855] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  195.100316][ T5855] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  195.141590][ T5855] usb 1-1: New USB device found, idVendor=056e, idProduct=00fc, bcdDevice= 0.00
[  195.219294][ T5855] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  195.230831][ T5855] usb 1-1: config 0 descriptor??
[  197.531498][ T5855] elecom 0003:056E:00FC.0002: unknown main item tag 0x0
[  197.539174][ T5855] elecom 0003:056E:00FC.0002: unknown main item tag 0x0
[  197.551133][ T5855] elecom 0003:056E:00FC.0002: item fetching failed at offset 2/5
[  197.573206][ T5855] elecom 0003:056E:00FC.0002: probe with driver elecom failed with error -22
[  198.146895][ T5893] usb 1-1: USB disconnect, device number 12
[  198.433104][ T6789] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  198.470434][ T6789] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  198.583389][ T6789] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  198.628948][ T6789] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  198.658890][ T6810] netlink: 8 bytes leftover after parsing attributes in process `syz.3.229'.
[  198.685531][ T6810] Invalid ELF header type: 17780 != 1
[  199.202107][ T6789] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  199.863294][ T5841] Bluetooth: hci1: command 0x0c1a tx timeout
[  200.533688][ T5841] Bluetooth: hci0: command 0x0c1a tx timeout
[  201.007680][ T5844] Bluetooth: hci3: command 0x0c1a tx timeout
[  201.014111][ T5841] Bluetooth: hci2: command 0x0c1a tx timeout
[  201.473085][ T5841] Bluetooth: hci4: command 0x0405 tx timeout
[  201.549457][   T30] kauditd_printk_skb: 23 callbacks suppressed
[  201.549478][   T30] audit: type=1326 audit(1752037261.520:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6813 comm="syz.0.230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b7c18e929 code=0x7ffc0000
[  201.600081][   T30] audit: type=1326 audit(1752037261.570:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6813 comm="syz.0.230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f0b7c18e929 code=0x7ffc0000
[  201.642159][   T30] audit: type=1326 audit(1752037261.570:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6813 comm="syz.0.230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b7c18e929 code=0x7ffc0000
[  201.733209][   T30] audit: type=1326 audit(1752037261.570:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6813 comm="syz.0.230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b7c18e929 code=0x7ffc0000
[  201.772511][   T30] audit: type=1326 audit(1752037261.570:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6813 comm="syz.0.230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=444 compat=0 ip=0x7f0b7c18e929 code=0x7ffc0000
[  201.813193][   T30] audit: type=1326 audit(1752037261.570:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6813 comm="syz.0.230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b7c18e929 code=0x7ffc0000
[  201.912079][   T30] audit: type=1326 audit(1752037261.570:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6813 comm="syz.0.230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b7c18e929 code=0x7ffc0000
[  201.943148][    T9] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  202.257037][ T5984] IPVS: starting estimator thread 0...
[  202.298183][   T30] audit: type=1326 audit(1752037261.570:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6813 comm="syz.0.230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=85 compat=0 ip=0x7f0b7c18e929 code=0x7ffc0000
[  202.358784][    T9] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  202.481906][    T9] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  202.511080][ T6834] IPVS: using max 24 ests per chain, 57600 per kthread
[  202.735605][ T6839] netlink: 'syz.1.237': attribute type 21 has an invalid length.
[  202.746868][ T6839] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  202.754327][ T6839] IPv6: NLM_F_CREATE should be set when creating new route
[  202.761699][ T6839] IPv6: NLM_F_CREATE should be set when creating new route
[  202.769118][ T6839] IPv6: NLM_F_CREATE should be set when creating new route
[  202.907367][    T9] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  202.940383][   T30] audit: type=1326 audit(1752037261.570:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6813 comm="syz.0.230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b7c18e929 code=0x7ffc0000
[  203.563515][   T30] audit: type=1326 audit(1752037261.570:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6813 comm="syz.0.230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b7c18e929 code=0x7ffc0000
[  203.587334][    T9] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  203.644888][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  203.657607][    T9] usb 1-1: Product: syz
[  203.668006][    T9] usb 1-1: Manufacturer: syz
[  203.676705][    T9] usb 1-1: SerialNumber: syz
[  203.785887][ T6844] FAULT_INJECTION: forcing a failure.
[  203.785887][ T6844] name failslab, interval 1, probability 0, space 0, times 0
[  203.860940][ T6844] CPU: 1 UID: 0 PID: 6844 Comm: syz.1.239 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(full) 
[  203.860970][ T6844] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  203.860981][ T6844] Call Trace:
[  203.860988][ T6844]  <TASK>
[  203.860996][ T6844]  dump_stack_lvl+0x189/0x250
[  203.861023][ T6844]  ? __pfx____ratelimit+0x10/0x10
[  203.861051][ T6844]  ? __pfx_dump_stack_lvl+0x10/0x10
[  203.861072][ T6844]  ? __pfx__printk+0x10/0x10
[  203.861103][ T6844]  ? __pfx___might_resched+0x10/0x10
[  203.861123][ T6844]  ? fs_reclaim_acquire+0x7d/0x100
[  203.861146][ T6844]  should_fail_ex+0x414/0x560
[  203.861177][ T6844]  should_failslab+0xa8/0x100
[  203.861207][ T6844]  __kmalloc_noprof+0xcb/0x4f0
[  203.861232][ T6844]  ? iter_file_splice_write+0x1cb/0x1000
[  203.861265][ T6844]  iter_file_splice_write+0x1cb/0x1000
[  203.861319][ T6844]  ? __pfx_iter_file_splice_write+0x10/0x10
[  203.861352][ T6844]  ? rcu_read_lock_any_held+0xb3/0x120
[  203.861375][ T6844]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  203.861408][ T6844]  ? __pfx_iter_file_splice_write+0x10/0x10
[  203.861435][ T6844]  direct_splice_actor+0xfe/0x160
[  203.861465][ T6844]  splice_direct_to_actor+0x5a8/0xcc0
[  203.861516][ T6844]  ? __pfx_direct_splice_actor+0x10/0x10
[  203.861543][ T6844]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  203.861580][ T6844]  do_splice_direct+0x181/0x270
[  203.861611][ T6844]  ? __pfx_do_splice_direct+0x10/0x10
[  203.861637][ T6844]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  203.861672][ T6844]  ? rw_verify_area+0x258/0x650
[  203.861702][ T6844]  do_sendfile+0x4da/0x7e0
[  203.861719][ T6844]  ? __pfx_vfs_write+0x10/0x10
[  203.861750][ T6844]  ? __pfx_do_sendfile+0x10/0x10
[  203.861769][ T6844]  ? __fget_files+0x3a0/0x420
[  203.861800][ T6844]  __se_sys_sendfile64+0x13e/0x190
[  203.861823][ T6844]  ? __pfx___se_sys_sendfile64+0x10/0x10
[  203.861839][ T6844]  ? rcu_is_watching+0x15/0xb0
[  203.861864][ T6844]  ? do_syscall_64+0xbe/0x3b0
[  203.861886][ T6844]  do_syscall_64+0xfa/0x3b0
[  203.861900][ T6844]  ? lockdep_hardirqs_on+0x9c/0x150
[  203.861925][ T6844]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  203.861944][ T6844]  ? clear_bhb_loop+0x60/0xb0
[  203.861967][ T6844]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  203.861984][ T6844] RIP: 0033:0x7fdfb538e929
[  203.862001][ T6844] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  203.862015][ T6844] RSP: 002b:00007fdfb61a8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  203.862036][ T6844] RAX: ffffffffffffffda RBX: 00007fdfb55b5fa0 RCX: 00007fdfb538e929
[  203.862049][ T6844] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003
[  203.862059][ T6844] RBP: 00007fdfb61a8090 R08: 0000000000000000 R09: 0000000000000000
[  203.862070][ T6844] R10: 0000000000000101 R11: 0000000000000246 R12: 0000000000000001
[  203.862081][ T6844] R13: 0000000000000000 R14: 00007fdfb55b5fa0 R15: 00007ffffb37da78
[  203.862113][ T6844]  </TASK>
[  204.201863][    T9] usblp 1-1:1.0: usblp0: USB Unidirectional printer dev 13 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  205.254757][ T6851] netlink: 8 bytes leftover after parsing attributes in process `syz.3.240'.
[  205.656868][ T5900] usb 1-1: USB disconnect, device number 13
[  205.799235][ T5900] usblp0: removed
[  206.174985][ T6869] netlink: 4 bytes leftover after parsing attributes in process `syz.2.244'.
[  206.197343][ T6869] netlink: 12 bytes leftover after parsing attributes in process `syz.2.244'.
[  206.912816][ T5855] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  206.967060][ T6862] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  206.992449][ T6862] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  207.001566][ T6862] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  207.012567][ T6862] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  207.020888][ T6862] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  207.072973][ T5855] usb 2-1: device descriptor read/64, error -71
[  207.339937][ T5855] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  207.515888][ T5855] usb 2-1: device descriptor read/64, error -71
[  207.709328][ T5855] usb usb2-port1: attempt power cycle
[  207.750968][ T6882] FAULT_INJECTION: forcing a failure.
[  207.750968][ T6882] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  207.768726][ T6882] CPU: 0 UID: 0 PID: 6882 Comm: syz.3.251 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(full) 
[  207.768753][ T6882] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  207.768764][ T6882] Call Trace:
[  207.768771][ T6882]  <TASK>
[  207.768779][ T6882]  dump_stack_lvl+0x189/0x250
[  207.768806][ T6882]  ? __pfx____ratelimit+0x10/0x10
[  207.768835][ T6882]  ? __pfx_dump_stack_lvl+0x10/0x10
[  207.768856][ T6882]  ? __pfx__printk+0x10/0x10
[  207.768880][ T6882]  ? __might_fault+0xb0/0x130
[  207.768925][ T6882]  should_fail_ex+0x414/0x560
[  207.768957][ T6882]  _copy_from_user+0x2d/0xb0
[  207.768980][ T6882]  ___sys_recvmsg+0x12e/0x510
[  207.769012][ T6882]  ? __pfx____sys_recvmsg+0x10/0x10
[  207.769065][ T6882]  ? __fget_files+0x3a0/0x420
[  207.769096][ T6882]  __x64_sys_recvmsg+0x198/0x260
[  207.769123][ T6882]  ? __pfx___x64_sys_recvmsg+0x10/0x10
[  207.769162][ T6882]  ? rcu_is_watching+0x15/0xb0
[  207.769183][ T6882]  ? trace_sys_enter+0x25/0x120
[  207.769216][ T6882]  do_syscall_64+0xfa/0x3b0
[  207.769232][ T6882]  ? lockdep_hardirqs_on+0x9c/0x150
[  207.769258][ T6882]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  207.769276][ T6882]  ? clear_bhb_loop+0x60/0xb0
[  207.769299][ T6882]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  207.769316][ T6882] RIP: 0033:0x7f799a18e929
[  207.769333][ T6882] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  207.769349][ T6882] RSP: 002b:00007f799b049038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  207.769369][ T6882] RAX: ffffffffffffffda RBX: 00007f799a3b5fa0 RCX: 00007f799a18e929
[  207.769382][ T6882] RDX: 0000000040010060 RSI: 0000200000000100 RDI: 0000000000000003
[  207.769393][ T6882] RBP: 00007f799b049090 R08: 0000000000000000 R09: 0000000000000000
[  207.769404][ T6882] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  207.769415][ T6882] R13: 0000000000000000 R14: 00007f799a3b5fa0 R15: 00007ffc2d1095b8
[  207.769447][ T6882]  </TASK>
[  208.162199][ T5841] Bluetooth: hci1: command 0x0c1a tx timeout
[  208.271637][ T6885] netlink: 'syz.0.250': attribute type 21 has an invalid length.
[  208.280789][ T6885] IPv6: NLM_F_CREATE should be specified when creating new route
[  208.292595][ T6885] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  208.299829][ T6885] IPv6: NLM_F_CREATE should be set when creating new route
[  208.307138][ T6885] IPv6: NLM_F_CREATE should be set when creating new route
[  208.314417][ T6885] IPv6: NLM_F_CREATE should be set when creating new route
[  208.530680][ T6894] netlink: 4 bytes leftover after parsing attributes in process `syz.2.254'.
[  208.702187][   T30] kauditd_printk_skb: 26 callbacks suppressed
[  208.702207][   T30] audit: type=1326 audit(1752037268.671:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6903 comm="syz.0.257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b7c18e929 code=0x7ffc0000
[  208.955662][   T30] audit: type=1326 audit(1752037268.701:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6903 comm="syz.0.257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b7c18e929 code=0x7ffc0000
[  209.069199][ T5841] Bluetooth: hci2: command 0x0c1a tx timeout
[  209.076350][ T5841] Bluetooth: hci0: command 0x0c1a tx timeout
[  209.082794][ T5841] Bluetooth: hci4: command 0x0405 tx timeout
[  209.082968][   T51] Bluetooth: hci3: command 0x0c1a tx timeout
[  209.122704][   T30] audit: type=1326 audit(1752037268.831:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6903 comm="syz.0.257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f0b7c18e929 code=0x7ffc0000
[  209.123315][ T6894] capability: warning: `syz.2.254' uses deprecated v2 capabilities in a way that may be insecure
[  209.144778][   T30] audit: type=1326 audit(1752037268.831:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6903 comm="syz.0.257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b7c18e929 code=0x7ffc0000
[  209.176567][   T30] audit: type=1326 audit(1752037268.841:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6903 comm="syz.0.257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b7c18e929 code=0x7ffc0000
[  209.326059][   T30] audit: type=1326 audit(1752037268.901:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6903 comm="syz.0.257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=444 compat=0 ip=0x7f0b7c18e929 code=0x7ffc0000
[  209.442133][ T5924] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  209.501218][   T30] audit: type=1326 audit(1752037268.901:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6903 comm="syz.0.257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b7c18e929 code=0x7ffc0000
[  209.584795][   T30] audit: type=1326 audit(1752037268.901:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6903 comm="syz.0.257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b7c18e929 code=0x7ffc0000
[  209.622731][ T6908] netlink: 4 bytes leftover after parsing attributes in process `syz.1.258'.
[  209.640296][ T5924] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  209.650168][   T30] audit: type=1326 audit(1752037268.901:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6903 comm="syz.0.257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=85 compat=0 ip=0x7f0b7c18e929 code=0x7ffc0000
[  209.682028][ T5924] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  209.717150][ T5924] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  209.719152][   T30] audit: type=1326 audit(1752037268.901:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6903 comm="syz.0.257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b7c18e929 code=0x7ffc0000
[  209.796374][ T5924] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  209.817555][    C1] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  209.839601][ T5924] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  209.864141][ T5924] usb 1-1: Product: syz
[  209.868389][ T5924] usb 1-1: Manufacturer: syz
[  209.893716][ T5924] usb 1-1: SerialNumber: syz
[  210.555126][ T5924] usblp 1-1:1.0: usblp0: USB Unidirectional printer dev 14 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  210.842356][ T5924] usb 1-1: USB disconnect, device number 14
[  210.852436][ T5924] usblp0: removed
[  211.744363][ T6927] sctp: failed to load transform for md5: -2
[  212.027535][ T6938] netlink: 'syz.2.265': attribute type 1 has an invalid length.
[  212.848293][ T6936] [U] 	
[  212.988940][ T6923] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  213.028393][ T6923] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  213.071829][ T6923] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  213.081408][ T6923] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  213.110934][ T6923] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  215.531967][   T51] Bluetooth: hci3: command 0x0c1a tx timeout
[  215.536330][ T5841] Bluetooth: hci2: command 0x0c1a tx timeout
[  215.539615][   T51] Bluetooth: hci0: command 0x0c1a tx timeout
[  215.544472][ T5853] Bluetooth: hci4: command 0x0405 tx timeout
[  215.550149][ T5844] Bluetooth: hci1: command 0x0c1a tx timeout
[  215.887817][ T6961] trusted_key: syz.4.269 sent an empty control message without MSG_MORE.
[  215.901516][   T30] kauditd_printk_skb: 64 callbacks suppressed
[  215.901557][   T30] audit: type=1326 audit(1752037275.611:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6949 comm="syz.1.268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb538e929 code=0x7fc00000
[  216.144817][   T30] audit: type=1326 audit(1752037275.611:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6949 comm="syz.1.268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb538e929 code=0x7fc00000
[  216.171969][   T30] audit: type=1326 audit(1752037275.611:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6949 comm="syz.1.268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb538e929 code=0x7fc00000
[  216.200863][   T30] audit: type=1326 audit(1752037275.611:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6949 comm="syz.1.268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb538e929 code=0x7fc00000
[  216.232863][   T30] audit: type=1326 audit(1752037275.611:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6949 comm="syz.1.268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb538e929 code=0x7fc00000
[  216.263072][   T30] audit: type=1326 audit(1752037275.611:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6949 comm="syz.1.268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb538e929 code=0x7fc00000
[  216.288190][   T30] audit: type=1326 audit(1752037275.611:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6949 comm="syz.1.268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb538e929 code=0x7fc00000
[  216.313860][   T30] audit: type=1326 audit(1752037275.611:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6949 comm="syz.1.268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb538e929 code=0x7fc00000
[  216.338779][   T30] audit: type=1326 audit(1752037275.611:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6949 comm="syz.1.268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb538e929 code=0x7fc00000
[  216.364901][   T30] audit: type=1326 audit(1752037275.611:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6949 comm="syz.1.268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb538e929 code=0x7fc00000
[  216.582308][ T6955] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  216.713909][ T6955] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  216.727049][ T6955] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  216.734080][ T6955] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  216.759357][ T6955] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  217.043749][ T6971] fuse: Bad value for 'group_id'
[  217.153440][ T6971] fuse: Bad value for 'group_id'
[  218.034065][ T6981] overlay: ./file0 is not a directory
[  218.122439][ T5844] Bluetooth: hci1: command 0x0c1a tx timeout
[  218.660571][ T5855] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  219.050952][ T5844] Bluetooth: hci4: command 0x0405 tx timeout
[  219.057931][ T5844] Bluetooth: hci3: command 0x0c1a tx timeout
[  219.070005][ T5844] Bluetooth: hci2: command 0x0c1a tx timeout
[  219.076334][ T5844] Bluetooth: hci0: command 0x0c1a tx timeout
[  219.331005][ T5855] usb 5-1: Using ep0 maxpacket: 16
[  219.363383][ T5855] usb 5-1: config 1 interface 0 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 32
[  219.566403][ T6992] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  219.574867][ T6992] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  219.582345][ T6992] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  219.589597][ T6992] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  219.597016][ T6992] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  219.737117][ T5855] usb 5-1: config 1 interface 0 altsetting 1 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  219.945522][ T5855] usb 5-1: config 1 interface 0 has no altsetting 0
[  219.993378][ T5855] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  220.010842][ T5855] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  220.028763][ T5855] usb 5-1: Product: syz
[  220.065035][ T5855] usb 5-1: Manufacturer: syz
[  220.069708][ T5855] usb 5-1: SerialNumber: syz
[  220.114472][ T6991] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  221.092260][ T5848] Bluetooth: hci1: command 0x0c1a tx timeout
[  221.104007][ T5855] cdc_ether 5-1:1.0: probe with driver cdc_ether failed with error -71
[  221.131223][ T5855] usb 5-1: USB disconnect, device number 8
[  221.459595][ T7025] netlink: 60 bytes leftover after parsing attributes in process `syz.3.286'.
[  221.468621][ T7025] netlink: 12 bytes leftover after parsing attributes in process `syz.3.286'.
[  221.478297][ T7025] netlink: 60 bytes leftover after parsing attributes in process `syz.3.286'.
[  221.641293][ T5848] Bluetooth: hci0: command 0x0c1a tx timeout
[  221.641322][ T5853] Bluetooth: hci4: command 0x0405 tx timeout
[  221.647358][ T5848] Bluetooth: hci3: command 0x0c1a tx timeout
[  221.647399][ T5848] Bluetooth: hci2: command 0x0c1a tx timeout
[  221.703340][ T7025] netlink: 60 bytes leftover after parsing attributes in process `syz.3.286'.
[  221.714872][ T7025] netlink: 12 bytes leftover after parsing attributes in process `syz.3.286'.
[  221.726638][ T7025] netlink: 60 bytes leftover after parsing attributes in process `syz.3.286'.
[  222.175208][ T7033] fuse: Bad value for 'group_id'
[  222.187202][ T7033] fuse: Bad value for 'group_id'
[  222.640669][ T5893] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  222.850469][ T5893] usb 5-1: Using ep0 maxpacket: 32
[  222.918283][ T5893] usb 5-1: config 0 has an invalid interface number: 247 but max is 0
[  222.988455][ T5893] usb 5-1: config 0 has no interface number 0
[  223.065680][ T5893] usb 5-1: New USB device found, idVendor=1d50, idProduct=60c6, bcdDevice=62.9b
[  223.113077][ T5893] usb 5-1: New USB device strings: Mfr=1, Product=3, SerialNumber=0
[  223.136126][ T5893] usb 5-1: Product: syz
[  223.140814][ T5893] usb 5-1: Manufacturer: syz
[  223.149871][ T5893] usb 5-1: config 0 descriptor??
[  226.932242][ T7067] netlink: 'syz.1.298': attribute type 1 has an invalid length.
[  226.954366][ T7068] netlink: 28 bytes leftover after parsing attributes in process `syz.2.300'.
[  227.108990][ T7070] fuse: Bad value for 'group_id'
[  227.115718][ T7070] fuse: Bad value for 'group_id'
[  227.170111][ T5893] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  227.750604][ T5893] usb 4-1: device descriptor read/64, error -71
[  227.757338][ T5900] usb 5-1: USB disconnect, device number 9
[  228.009931][ T5893] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  228.379099][ T7076] netlink: 28 bytes leftover after parsing attributes in process `syz.0.301'.
[  229.020774][ T7085] netlink: 'syz.1.303': attribute type 1 has an invalid length.
[  229.304401][ T7093] netlink: 'syz.3.306': attribute type 1 has an invalid length.
[  229.622892][ T7099] ALSA: seq fatal error: cannot create timer (-22)
[  230.615783][ T7089] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  230.632828][ T7089] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  230.657325][ T7083] FAULT_INJECTION: forcing a failure.
[  230.657325][ T7083] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  230.682337][ T7089] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  230.701667][ T7089] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  230.717438][ T7089] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  230.724186][ T7083] CPU: 0 UID: 0 PID: 7083 Comm: syz.2.304 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(full) 
[  230.724212][ T7083] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  230.724223][ T7083] Call Trace:
[  230.724230][ T7083]  <TASK>
[  230.724238][ T7083]  dump_stack_lvl+0x189/0x250
[  230.724266][ T7083]  ? __pfx____ratelimit+0x10/0x10
[  230.724294][ T7083]  ? __pfx_dump_stack_lvl+0x10/0x10
[  230.724313][ T7083]  ? __pfx__printk+0x10/0x10
[  230.724349][ T7083]  should_fail_ex+0x414/0x560
[  230.724379][ T7083]  _copy_to_user+0x31/0xb0
[  230.724402][ T7083]  simple_read_from_buffer+0xe1/0x170
[  230.724436][ T7083]  proc_fail_nth_read+0x1df/0x250
[  230.724459][ T7083]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  230.724483][ T7083]  ? rw_verify_area+0x258/0x650
[  230.724506][ T7083]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  230.724526][ T7083]  vfs_read+0x1fd/0x980
[  230.724560][ T7083]  ? __pfx_vfs_read+0x10/0x10
[  230.724582][ T7083]  ? inet_dgram_connect+0x5f/0x450
[  230.724621][ T7083]  ? bpf_lsm_socket_connect+0x9/0x20
[  230.724650][ T7083]  ? __sys_connect+0x339/0x440
[  230.724674][ T7083]  ? __pfx___sys_connect+0x10/0x10
[  230.724702][ T7083]  ksys_read+0x145/0x250
[  230.724729][ T7083]  ? __pfx_ksys_read+0x10/0x10
[  230.724751][ T7083]  ? rcu_is_watching+0x15/0xb0
[  230.724778][ T7083]  ? do_syscall_64+0xbe/0x3b0
[  230.724801][ T7083]  do_syscall_64+0xfa/0x3b0
[  230.724817][ T7083]  ? lockdep_hardirqs_on+0x9c/0x150
[  230.724842][ T7083]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  230.724860][ T7083]  ? clear_bhb_loop+0x60/0xb0
[  230.724884][ T7083]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  230.724902][ T7083] RIP: 0033:0x7ff54018d33c
[  230.724919][ T7083] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  230.724933][ T7083] RSP: 002b:00007ff54106a030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  230.724954][ T7083] RAX: ffffffffffffffda RBX: 00007ff5403b5fa0 RCX: 00007ff54018d33c
[  230.724967][ T7083] RDX: 000000000000000f RSI: 00007ff54106a0a0 RDI: 0000000000000004
[  230.724979][ T7083] RBP: 00007ff54106a090 R08: 0000000000000000 R09: 0000000000000000
[  230.724991][ T7083] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  230.725001][ T7083] R13: 0000000000000000 R14: 00007ff5403b5fa0 R15: 00007ffcb2b9a468
[  230.725031][ T7083]  </TASK>
[  231.710515][ T5924] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  232.051891][ T5924] usb 4-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08
[  232.078490][ T5924] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  232.119657][ T5841] Bluetooth: hci1: command 0x0c1a tx timeout
[  232.175210][ T5924] usb 4-1: config 0 descriptor??
[  232.199192][ T5924] gspca_main: cpia1-2.14.0 probing 0813:0001
[  232.277767][ T7128] netlink: 28 bytes leftover after parsing attributes in process `syz.4.314'.
[  232.325420][ T7129] netlink: 'syz.1.313': attribute type 1 has an invalid length.
[  232.679465][ T5841] Bluetooth: hci0: command 0x0c1a tx timeout
[  232.759414][ T5841] Bluetooth: hci4: command 0x0405 tx timeout
[  232.759505][ T5853] Bluetooth: hci3: command 0x0c1a tx timeout
[  232.765670][ T5841] Bluetooth: hci2: command 0x0c1a tx timeout
[  234.839080][ T5841] Bluetooth: hci4: command 0x0405 tx timeout
[  235.132557][ T5924] gspca_cpia1: usb_control_msg 03, error -71
[  235.209241][ T5924] gspca_cpia1: usb_control_msg 01, error -71
[  235.222161][ T5924] cpia1 4-1:0.0: only firmware version 1 is supported (got: 0)
[  235.273405][ T5924] usb 4-1: USB disconnect, device number 10
[  235.562345][ T7143] netlink: 4 bytes leftover after parsing attributes in process `syz.2.317'.
[  236.237084][   T30] kauditd_printk_skb: 56 callbacks suppressed
[  236.237105][   T30] audit: type=1326 audit(1752037296.214:285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7149 comm="syz.3.320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f799a18e929 code=0x7ffc0000
[  236.336945][   T30] audit: type=1326 audit(1752037296.214:286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7149 comm="syz.3.320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f799a18e929 code=0x7ffc0000
[  236.374941][   T30] audit: type=1326 audit(1752037296.244:287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7149 comm="syz.3.320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=136 compat=0 ip=0x7f799a18e929 code=0x7ffc0000
[  236.479108][   T30] audit: type=1326 audit(1752037296.244:288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7149 comm="syz.3.320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f799a18e929 code=0x7ffc0000
[  236.485096][ T7156] netlink: 388 bytes leftover after parsing attributes in process `syz.2.321'.
[  236.546919][   T30] audit: type=1326 audit(1752037296.244:289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7149 comm="syz.3.320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f799a18e929 code=0x7ffc0000
[  236.875962][   T30] audit: type=1326 audit(1752037296.244:290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7149 comm="syz.3.320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f799a18e929 code=0x7ffc0000
[  236.924457][   T30] audit: type=1326 audit(1752037296.244:291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7149 comm="syz.3.320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f799a18e929 code=0x7ffc0000
[  237.979648][ T5841] block nbd2: Receive control failed (result -32)
[  237.999371][ T7152] block nbd2: shutting down sockets
[  238.032525][   T30] audit: type=1326 audit(1752037296.244:292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7149 comm="syz.3.320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f799a18e929 code=0x7ffc0000
[  238.058177][   T30] audit: type=1326 audit(1752037296.244:293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7149 comm="syz.3.320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f799a18e929 code=0x7ffc0000
[  238.081155][   T30] audit: type=1326 audit(1752037296.244:294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7149 comm="syz.3.320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=48 compat=0 ip=0x7f799a18e929 code=0x7ffc0000
[  238.202384][ T7172] netlink: 28 bytes leftover after parsing attributes in process `syz.3.327'.
[  239.474503][ T7181] overlayfs: failed to resolve './file0': -2
[  240.712756][ T5924] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  240.881169][ T7187] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  240.887624][ T7187] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  240.897637][ T7187] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  240.907631][ T7187] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  240.916485][ T7187] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  241.300245][ T7198] FAULT_INJECTION: forcing a failure.
[  241.300245][ T7198] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  241.469391][ T5924] usb 3-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08
[  241.479475][ T5924] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  241.500477][ T5924] usb 3-1: config 0 descriptor??
[  241.507131][ T7198] CPU: 1 UID: 0 PID: 7198 Comm: syz.4.335 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(full) 
[  241.507158][ T7198] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  241.507168][ T7198] Call Trace:
[  241.507175][ T7198]  <TASK>
[  241.507182][ T7198]  dump_stack_lvl+0x189/0x250
[  241.507207][ T7198]  ? __pfx____ratelimit+0x10/0x10
[  241.507234][ T7198]  ? __pfx_dump_stack_lvl+0x10/0x10
[  241.507255][ T7198]  ? __pfx__printk+0x10/0x10
[  241.507277][ T7198]  ? __might_fault+0xb0/0x130
[  241.507316][ T7198]  should_fail_ex+0x414/0x560
[  241.507345][ T7198]  _copy_from_user+0x2d/0xb0
[  241.507366][ T7198]  snd_pcm_oss_write+0x84f/0x11a0
[  241.507390][ T7198]  ? get_pid_task+0x20/0x1f0
[  241.507434][ T7198]  ? __pfx_snd_pcm_oss_write+0x10/0x10
[  241.507462][ T7198]  ? bpf_lsm_file_permission+0x9/0x20
[  241.507479][ T7198]  ? security_file_permission+0x75/0x290
[  241.507505][ T7198]  ? rw_verify_area+0x258/0x650
[  241.507527][ T7198]  ? __pfx_snd_pcm_oss_write+0x10/0x10
[  241.507553][ T7198]  vfs_write+0x27b/0xa90
[  241.507598][ T7198]  ? __pfx_vfs_write+0x10/0x10
[  241.507625][ T7198]  ? __fget_files+0x2a/0x420
[  241.507643][ T7198]  ? __fget_files+0x2a/0x420
[  241.507659][ T7198]  ? __fget_files+0x3a0/0x420
[  241.507672][ T7198]  ? __fget_files+0x2a/0x420
[  241.507695][ T7198]  ksys_write+0x145/0x250
[  241.507719][ T7198]  ? __pfx_ksys_write+0x10/0x10
[  241.507737][ T7198]  ? rcu_is_watching+0x15/0xb0
[  241.507760][ T7198]  ? do_syscall_64+0xbe/0x3b0
[  241.507780][ T7198]  do_syscall_64+0xfa/0x3b0
[  241.507794][ T7198]  ? lockdep_hardirqs_on+0x9c/0x150
[  241.507818][ T7198]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  241.507833][ T7198]  ? clear_bhb_loop+0x60/0xb0
[  241.507853][ T7198]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  241.507868][ T7198] RIP: 0033:0x7f9ef6d8e929
[  241.507883][ T7198] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  241.507896][ T7198] RSP: 002b:00007f9ef7b36038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  241.507916][ T7198] RAX: ffffffffffffffda RBX: 00007f9ef6fb5fa0 RCX: 00007f9ef6d8e929
[  241.507928][ T7198] RDX: 00000000ffffffd9 RSI: 00002000000001c0 RDI: 0000000000000003
[  241.507939][ T7198] RBP: 00007f9ef7b36090 R08: 0000000000000000 R09: 0000000000000000
[  241.507949][ T7198] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  241.507959][ T7198] R13: 0000000000000000 R14: 00007f9ef6fb5fa0 R15: 00007fff80ac7b68
[  241.507991][ T7198]  </TASK>
[  241.523330][ T5924] gspca_main: cpia1-2.14.0 probing 0813:0001
[  242.918209][ T5853] Bluetooth: hci4: command 0x0405 tx timeout
[  242.925351][ T5841] Bluetooth: hci3: command 0x0c1a tx timeout
[  242.931483][ T5853] Bluetooth: hci2: command 0x0c1a tx timeout
[  242.937530][ T5853] Bluetooth: hci0: command 0x0c1a tx timeout
[  242.943600][ T5841] Bluetooth: hci1: command 0x0c1a tx timeout
[  244.338587][ T5924] gspca_cpia1: usb_control_msg 03, error -71
[  244.348061][ T5924] gspca_cpia1: usb_control_msg 01, error -71
[  244.354095][ T5924] cpia1 3-1:0.0: only firmware version 1 is supported (got: 0)
[  244.373540][ T5924] usb 3-1: USB disconnect, device number 7
[  245.067984][ T5844] Bluetooth: hci4: command 0x0405 tx timeout
[  246.640863][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  246.671085][   T10] hid-generic 0000:0000:0000.0003: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  246.887654][ T5924] usb 5-1: new full-speed USB device number 10 using dummy_hcd
[  246.966726][ T7235] netlink: 28 bytes leftover after parsing attributes in process `syz.2.344'.
[  247.059859][ T5924] usb 5-1: config 0 has an invalid interface number: 122 but max is 0
[  247.069597][ T5924] usb 5-1: config 0 has no interface number 0
[  247.097816][ T5924] usb 5-1: config 0 interface 122 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64
[  247.147691][ T5924] usb 5-1: New USB device found, idVendor=0f11, idProduct=1020, bcdDevice=90.16
[  247.167642][ T5924] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  247.323073][ T5924] usb 5-1: Product: syz
[  247.327878][ T5924] usb 5-1: Manufacturer: syz
[  247.333181][ T5924] usb 5-1: SerialNumber: syz
[  247.342190][ T5924] usb 5-1: config 0 descriptor??
[  247.360144][ T7232] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  247.376501][ T5924] ldusb 5-1:0.122: Interrupt in endpoint not found
[  248.082438][ T5893] usb 5-1: USB disconnect, device number 10
[  248.328107][ T7252] IPv6: Can't replace route, no match found
[  248.407540][   T10] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  248.442011][ T7254] netlink: 'syz.3.350': attribute type 3 has an invalid length.
[  248.449959][ T7254] netlink: 201372 bytes leftover after parsing attributes in process `syz.3.350'.
[  248.559082][   T10] usb 1-1: Using ep0 maxpacket: 32
[  248.582561][   T10] usb 1-1: New USB device found, idVendor=093a, idProduct=050f, bcdDevice=56.a5
[  248.611311][   T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  248.633519][   T10] usb 1-1: Product: syz
[  248.660861][   T10] usb 1-1: Manufacturer: syz
[  248.665526][   T10] usb 1-1: SerialNumber: syz
[  248.692190][   T10] usb 1-1: config 0 descriptor??
[  248.713307][   T10] gspca_main: mars-2.14.0 probing 093a:050f
[  251.395498][    T9] usb 1-1: USB disconnect, device number 15
[  251.402707][ T7291] netlink: 28 bytes leftover after parsing attributes in process `syz.3.359'.
[  251.760011][ T7288] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  251.770520][ T7288] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  251.777248][ T7288] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  251.792961][ T7288] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  251.806633][ T7288] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  252.228091][ T7300] FAULT_INJECTION: forcing a failure.
[  252.228091][ T7300] name failslab, interval 1, probability 0, space 0, times 0
[  252.241033][ T7300] CPU: 1 UID: 0 PID: 7300 Comm: syz.2.362 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(full) 
[  252.241058][ T7300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  252.241069][ T7300] Call Trace:
[  252.241076][ T7300]  <TASK>
[  252.241084][ T7300]  dump_stack_lvl+0x189/0x250
[  252.241110][ T7300]  ? __pfx____ratelimit+0x10/0x10
[  252.241137][ T7300]  ? __pfx_dump_stack_lvl+0x10/0x10
[  252.241155][ T7300]  ? __pfx__printk+0x10/0x10
[  252.241185][ T7300]  ? __pfx___might_resched+0x10/0x10
[  252.241211][ T7300]  should_fail_ex+0x414/0x560
[  252.241242][ T7300]  should_failslab+0xa8/0x100
[  252.241272][ T7300]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  252.241299][ T7300]  ? __alloc_skb+0x112/0x2d0
[  252.241323][ T7300]  __alloc_skb+0x112/0x2d0
[  252.241347][ T7300]  netlink_sendmsg+0x5c6/0xb30
[  252.241379][ T7300]  ? __pfx_netlink_sendmsg+0x10/0x10
[  252.241410][ T7300]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  252.241433][ T7300]  ? __pfx_netlink_sendmsg+0x10/0x10
[  252.241452][ T7300]  __sock_sendmsg+0x219/0x270
[  252.241477][ T7300]  ____sys_sendmsg+0x505/0x830
[  252.241502][ T7300]  ? __pfx_____sys_sendmsg+0x10/0x10
[  252.241533][ T7300]  ? import_iovec+0x74/0xa0
[  252.241567][ T7300]  ___sys_sendmsg+0x21f/0x2a0
[  252.241591][ T7300]  ? __pfx____sys_sendmsg+0x10/0x10
[  252.241649][ T7300]  ? __fget_files+0x2a/0x420
[  252.241666][ T7300]  ? __fget_files+0x3a0/0x420
[  252.241691][ T7300]  __x64_sys_sendmsg+0x19b/0x260
[  252.241709][ T7300]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  252.241729][ T7300]  ? __pfx_ksys_write+0x10/0x10
[  252.241742][ T7300]  ? rcu_is_watching+0x15/0xb0
[  252.241757][ T7300]  ? do_syscall_64+0xbe/0x3b0
[  252.241770][ T7300]  do_syscall_64+0xfa/0x3b0
[  252.241779][ T7300]  ? lockdep_hardirqs_on+0x9c/0x150
[  252.241793][ T7300]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  252.241806][ T7300]  ? clear_bhb_loop+0x60/0xb0
[  252.241820][ T7300]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  252.241830][ T7300] RIP: 0033:0x7ff54018e929
[  252.241841][ T7300] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  252.241850][ T7300] RSP: 002b:00007ff541028038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  252.241863][ T7300] RAX: ffffffffffffffda RBX: 00007ff5403b6160 RCX: 00007ff54018e929
[  252.241871][ T7300] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000005
[  252.241878][ T7300] RBP: 00007ff541028090 R08: 0000000000000000 R09: 0000000000000000
[  252.241884][ T7300] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  252.241890][ T7300] R13: 0000000000000000 R14: 00007ff5403b6160 R15: 00007ffcb2b9a468
[  252.241907][ T7300]  </TASK>
[  253.376059][ T7318] netlink: 252 bytes leftover after parsing attributes in process `syz.0.367'.
[  253.637106][ T5844] Bluetooth: hci1: command 0x0c1a tx timeout
[  253.807060][ T5853] Bluetooth: hci3: command 0x0c1a tx timeout
[  253.813792][ T5853] Bluetooth: hci2: command 0x0c1a tx timeout
[  253.820341][ T5853] Bluetooth: hci0: command 0x0c1a tx timeout
[  253.876895][ T5853] Bluetooth: hci4: command 0x0405 tx timeout
[  255.750918][ T7334] loop6: detected capacity change from 0 to 63
[  255.807958][ T7339] netlink: 28 bytes leftover after parsing attributes in process `syz.3.375'.
[  255.897833][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  255.956652][ T5841] Bluetooth: hci4: command 0x0405 tx timeout
[  256.110393][ T7336] Buffer I/O error on dev loop6, logical block 0, async page read
[  256.126991][ T7336] Buffer I/O error on dev loop6, logical block 1, async page read
[  256.267398][ T7336] Buffer I/O error on dev loop6, logical block 2, async page read
[  256.457966][ T7336] Buffer I/O error on dev loop6, logical block 3, async page read
[  256.469111][ T7343] Buffer I/O error on dev loop6, logical block 0, async page read
[  256.511391][ T7343] Buffer I/O error on dev loop6, logical block 1, async page read
[  256.530275][ T7343] Buffer I/O error on dev loop6, logical block 2, async page read
[  256.557694][ T7343] Buffer I/O error on dev loop6, logical block 3, async page read
[  256.799960][ T7347] mkiss: ax0: crc mode is auto.
[  257.526392][ T5924] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  258.497046][ T5924] usb 4-1: Using ep0 maxpacket: 32
[  258.508539][ T5924] usb 4-1: config 0 has an invalid interface number: 247 but max is 0
[  258.528923][ T5924] usb 4-1: config 0 has no interface number 0
[  258.554694][ T5924] usb 4-1: New USB device found, idVendor=1d50, idProduct=60c6, bcdDevice=62.9b
[  258.583293][ T5924] usb 4-1: New USB device strings: Mfr=1, Product=3, SerialNumber=0
[  258.609750][ T5924] usb 4-1: Product: syz
[  258.622416][ T5924] usb 4-1: Manufacturer: syz
[  258.723109][ T5924] usb 4-1: config 0 descriptor??
[  261.126938][ T5900] usb 4-1: USB disconnect, device number 11
[  261.927509][ T5855] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  261.999500][ T7383] vlan2: entered promiscuous mode
[  262.016901][ T7383] bond0: entered promiscuous mode
[  262.037211][ T7383] bond_slave_0: entered promiscuous mode
[  262.043490][ T7383] bond_slave_1: entered promiscuous mode
[  262.092013][ T5855] usb 2-1: Using ep0 maxpacket: 16
[  262.106788][ T5855] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  262.131544][ T5855] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  262.144796][ T7388] bridge0: entered promiscuous mode
[  262.152942][ T5855] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  262.166068][ T7388] macvlan2: entered promiscuous mode
[  262.189658][ T5855] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  262.219915][ T5855] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  262.257169][ T5855] usb 2-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  262.272940][ T5855] usb 2-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  262.287442][ T5855] usb 2-1: Manufacturer: syz
[  262.328537][ T5855] usb 2-1: config 0 descriptor??
[  262.460967][ T7394] autofs: Unknown parameter '¹:G"'
[  263.446009][ T5900] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  263.776097][ T5900] usb 5-1: Using ep0 maxpacket: 32
[  263.896893][ T5900] usb 5-1: config 0 has an invalid interface number: 247 but max is 0
[  263.994066][ T5900] usb 5-1: config 0 has no interface number 0
[  264.035284][ T5900] usb 5-1: New USB device found, idVendor=1d50, idProduct=60c6, bcdDevice=62.9b
[  264.054828][ T5900] usb 5-1: New USB device strings: Mfr=1, Product=3, SerialNumber=0
[  264.075031][ T5900] usb 5-1: Product: syz
[  264.084235][ T5900] usb 5-1: Manufacturer: syz
[  264.089885][ T5855] rc_core: IR keymap rc-hauppauge not found
[  264.100548][ T5855] Registered IR keymap rc-empty
[  264.109268][ T5900] usb 5-1: config 0 descriptor??
[  264.114453][ T5855] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  264.140543][ T5855] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  264.182000][ T5855] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0
[  264.229070][ T5855] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0/input7
[  264.278788][ T7420] lo speed is unknown, defaulting to 1000
[  264.396596][ T5855] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  264.438430][ T5855] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  264.481868][ T5855] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  264.517877][ T5855] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  264.556434][ T5855] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  265.039607][ T5924] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  265.075890][ T5855] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  265.095697][ T5855] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  265.115597][ T5855] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  265.145702][ T5855] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  265.204313][ T7429] fuse: Unknown parameter 'grou00000000000000000000'
[  265.265570][ T5855] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  265.294749][ T5855] mceusb 2-1:0.0: Registered  with mce emulator interface version 1
[  265.306040][ T5855] mceusb 2-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  265.319909][ T5855] usb 2-1: USB disconnect, device number 13
[  265.364890][ T5924] usb 3-1: Using ep0 maxpacket: 32
[  265.403937][ T5924] usb 3-1: config 0 has an invalid interface number: 247 but max is 0
[  265.433398][ T5924] usb 3-1: config 0 has no interface number 0
[  265.452678][ T5924] usb 3-1: New USB device found, idVendor=1d50, idProduct=60c6, bcdDevice=62.9b
[  265.474586][ T5924] usb 3-1: New USB device strings: Mfr=1, Product=3, SerialNumber=0
[  265.536548][ T5924] usb 3-1: Product: syz
[  265.561253][ T5924] usb 3-1: Manufacturer: syz
[  265.586864][ T5924] usb 3-1: config 0 descriptor??
[  265.595253][ T5924] chaoskey 3-1:0.247: Unable to register with hwrng
[  265.994648][ T7434] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  266.006316][ T7434] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  266.024730][ T7434] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  266.034775][ T7434] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  266.042931][ T7434] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  266.085938][ T5855] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  267.866336][ T5855] usb 1-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08
[  267.875878][ T5844] Bluetooth: hci1: command 0x0c1a tx timeout
[  267.990439][ T5855] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  268.050783][ T5844] Bluetooth: hci3: command 0x0c1a tx timeout
[  268.057099][ T5841] Bluetooth: hci2: command 0x0c1a tx timeout
[  268.057150][ T5853] Bluetooth: hci0: command 0x0c1a tx timeout
[  268.078196][ T5855] usb 1-1: config 0 descriptor??
[  268.102722][ T5855] gspca_main: cpia1-2.14.0 probing 0813:0001
[  268.119523][ T5853] Bluetooth: hci4: command 0x0405 tx timeout
[  268.126022][    T9] usb 5-1: USB disconnect, device number 11
[  269.110587][ T7451] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  269.315844][ T5855] gspca_cpia1: usb_control_msg 03, error -110
[  269.322934][ T5855] gspca_cpia1: usb_control_msg 01, error -32
[  269.342941][ T5855] gspca_cpia1: usb_control_msg 01, error -32
[  269.493318][ T7451] bond5 (unregistering): Released all slaves
[  270.563992][ T5855] gspca_cpia1: usb_control_msg 01, error -71
[  272.002294][ T5855] cpia1 1-1:0.0: only firmware version 1 is supported (got: 0)
[  272.031720][ T5855] usb 1-1: USB disconnect, device number 16
[  272.577468][   T43] usb 3-1: USB disconnect, device number 8
[  274.308266][ T7474] fuse: Unknown parameter 'grou00000000000000000000'
[  274.337746][ T7472] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  274.356598][ T7472] batman_adv: batadv0: Removing interface: batadv_slave_0
[  274.407646][ T7472] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  274.474602][ T7472] batman_adv: batadv0: Removing interface: batadv_slave_1
[  274.494493][ T5924] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  274.583586][ T7487] fuse: Unknown parameter '00000000000000000000006'
[  274.656771][ T5924] usb 2-1: config index 0 descriptor too short (expected 126, got 72)
[  274.691741][ T5924] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  274.741022][ T5924] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  274.791196][ T5924] usb 2-1: Product: syz
[  274.813174][ T5924] usb 2-1: Manufacturer: syz
[  274.854577][ T5924] usb 2-1: SerialNumber: syz
[  275.018282][ T5924] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  275.164332][   T10] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  276.501046][   T10] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive
[  276.711811][ T5924] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  277.995381][   T10] ath9k_htc: Failed to initialize the device
[  278.039760][   T10] usb 2-1: ath9k_htc: USB layer deinitialized
[  278.219241][   T30] kauditd_printk_skb: 15 callbacks suppressed
[  278.219261][   T30] audit: type=1326 audit(1752037338.189:310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7499 comm="syz.4.422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ef6d8e929 code=0x7ffc0000
[  278.246967][    C0] vkms_vblank_simulate: vblank timer overrun
[  278.328264][    T9] usb 2-1: USB disconnect, device number 14
[  278.371359][   T30] audit: type=1326 audit(1752037338.199:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7499 comm="syz.4.422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ef6d8e929 code=0x7ffc0000
[  278.393157][   T30] audit: type=1326 audit(1752037338.309:312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7499 comm="syz.4.422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f9ef6d8e929 code=0x7ffc0000
[  278.427905][   T30] audit: type=1326 audit(1752037338.309:313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7499 comm="syz.4.422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ef6d8e929 code=0x7ffc0000
[  278.472530][   T30] audit: type=1326 audit(1752037338.309:314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7499 comm="syz.4.422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ef6d8e929 code=0x7ffc0000
[  278.501496][   T30] audit: type=1326 audit(1752037338.309:315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7499 comm="syz.4.422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=444 compat=0 ip=0x7f9ef6d8e929 code=0x7ffc0000
[  278.528911][   T30] audit: type=1326 audit(1752037338.309:316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7499 comm="syz.4.422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ef6d8e929 code=0x7ffc0000
[  278.554973][   T30] audit: type=1326 audit(1752037338.309:317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7499 comm="syz.4.422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ef6d8e929 code=0x7ffc0000
[  278.580129][   T30] audit: type=1326 audit(1752037338.309:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7499 comm="syz.4.422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=85 compat=0 ip=0x7f9ef6d8e929 code=0x7ffc0000
[  278.604258][  T979] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  278.616775][   T30] audit: type=1326 audit(1752037338.309:319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7499 comm="syz.4.422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ef6d8e929 code=0x7ffc0000
[  278.673982][ T5924] usb 4-1: device descriptor read/64, error -71
[  278.983872][  T979] usb 5-1: device not accepting address 12, error -71
[  279.988633][ T5924] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  280.955648][ T7516] rdma_rxe: rxe_newlink: rxe creation allowed on top of a real device only
[  281.068449][ T5924] usb 4-1: Using ep0 maxpacket: 32
[  281.144056][ T5924] usb 4-1: config 0 has an invalid interface number: 247 but max is 0
[  281.173578][ T5924] usb 4-1: config 0 has no interface number 0
[  282.022498][ T5924] usb 4-1: string descriptor 0 read error: -71
[  282.039597][ T5924] usb 4-1: New USB device found, idVendor=1d50, idProduct=60c6, bcdDevice=62.9b
[  282.093090][ T5924] usb 4-1: New USB device strings: Mfr=1, Product=3, SerialNumber=0
[  282.115341][ T7524] fuse: Unknown parameter 'grou00000000000000000000'
[  282.129687][ T5924] usb 4-1: config 0 descriptor??
[  282.148346][ T5924] usb 4-1: can't set config #0, error -71
[  282.180236][ T5924] usb 4-1: USB disconnect, device number 13
[  282.264858][ T7526] netlink: 28 bytes leftover after parsing attributes in process `syz.3.431'.
[  282.286039][ T7532] netlink: 4 bytes leftover after parsing attributes in process `syz.1.430'.
[  283.054184][ T7545] Smack: duplicate mount options
[  283.336962][   T30] kauditd_printk_skb: 83 callbacks suppressed
[  283.336982][   T30] audit: type=1326 audit(1752037343.319:403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7543 comm="syz.2.437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff54018e52b code=0x7ffc0000
[  283.386733][ T5900] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  283.397044][   T30] audit: type=1326 audit(1752037343.389:404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7543 comm="syz.2.437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff54018e52b code=0x7ffc0000
[  283.453457][   T43] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  283.461707][   T30] audit: type=1326 audit(1752037343.439:405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7543 comm="syz.2.437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff54018e52b code=0x7ffc0000
[  283.483532][   T30] audit: type=1326 audit(1752037343.439:406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7543 comm="syz.2.437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff54018e52b code=0x7ffc0000
[  283.484484][ T5924] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  283.505322][   T30] audit: type=1326 audit(1752037343.439:407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7543 comm="syz.2.437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff54018e52b code=0x7ffc0000
[  283.537644][   T30] audit: type=1326 audit(1752037343.519:408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7543 comm="syz.2.437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff54018e52b code=0x7ffc0000
[  283.559630][ T5900] usb 2-1: Using ep0 maxpacket: 32
[  283.568503][ T5900] usb 2-1: config 0 has an invalid interface number: 247 but max is 0
[  283.580176][ T5900] usb 2-1: config 0 has no interface number 0
[  283.589411][ T5900] usb 2-1: New USB device found, idVendor=1d50, idProduct=60c6, bcdDevice=62.9b
[  283.602429][ T5900] usb 2-1: New USB device strings: Mfr=1, Product=3, SerialNumber=0
[  283.610945][ T5900] usb 2-1: Product: syz
[  283.619860][ T5900] usb 2-1: Manufacturer: syz
[  283.628078][   T43] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  283.645857][   T43] usb 3-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  283.657152][ T5900] usb 2-1: config 0 descriptor??
[  283.676557][   T43] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  283.677546][   T30] audit: type=1326 audit(1752037343.609:409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7543 comm="syz.2.437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff54018e52b code=0x7ffc0000
[  283.710545][   T43] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  283.713742][   T30] audit: type=1326 audit(1752037343.619:410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7543 comm="syz.2.437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff54018e52b code=0x7ffc0000
[  283.736415][   T43] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  283.745883][  T979] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  283.758720][   T30] audit: type=1326 audit(1752037343.619:411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7543 comm="syz.2.437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff54018e52b code=0x7ffc0000
[  283.788253][   T43] usb 3-1: Product: syz
[  283.792574][   T30] audit: type=1326 audit(1752037343.619:412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7543 comm="syz.2.437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff54018e52b code=0x7ffc0000
[  283.792829][   T43] usb 3-1: Manufacturer: syz
[  283.814130][ T5924] usb 5-1: Using ep0 maxpacket: 16
[  283.819246][ T5924] usb 5-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6
[  283.827715][   T43] usb 3-1: SerialNumber: syz
[  283.835185][ T5924] usb 5-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[  283.846911][ T5924] usb 5-1: Product: syz
[  283.851127][ T5924] usb 5-1: Manufacturer: syz
[  283.856414][ T5924] usb 5-1: SerialNumber: syz
[  283.864161][ T5924] usb 5-1: config 0 descriptor??
[  283.944151][  T979] usb 1-1: Using ep0 maxpacket: 32
[  283.987809][  T979] usb 1-1: config index 0 descriptor too short (expected 156, got 27)
[  284.016265][  T979] usb 1-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  284.034591][ T5934] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  284.076520][  T979] usb 1-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  284.181561][  T979] usb 1-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  284.196983][ T5934] usb 4-1: Using ep0 maxpacket: 32
[  284.250379][ T5934] usb 4-1: config 0 has an invalid interface number: 247 but max is 0
[  284.298011][ T5934] usb 4-1: config 0 has no interface number 0
[  284.311463][  T979] usb 1-1: config 0 interface 0 has no altsetting 0
[  284.341404][   T43] usblp 3-1:1.0: usblp1: USB Unidirectional printer dev 9 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  284.352042][ T5934] usb 4-1: New USB device found, idVendor=1d50, idProduct=60c6, bcdDevice=62.9b
[  284.467582][  T979] usb 1-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  284.486768][ T5934] usb 4-1: New USB device strings: Mfr=1, Product=3, SerialNumber=0
[  284.568455][  T979] usb 1-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  284.585216][ T5934] usb 4-1: Product: syz
[  284.623034][ T5934] usb 4-1: Manufacturer: syz
[  284.667625][  T979] usb 1-1: Product: syz
[  284.692112][  T979] usb 1-1: Manufacturer: syz
[  284.739654][  T979] usb 1-1: SerialNumber: syz
[  284.761129][ T5934] usb 4-1: config 0 descriptor??
[  284.898266][  T979] usb 1-1: config 0 descriptor??
[  284.978265][ T5934] chaoskey 4-1:0.247: Unable to register with hwrng
[  285.038079][  T979] ldusb 1-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  285.244859][  T979] ldusb 1-1:0.0: LD USB Device #3 now attached to major 180 minor 3
[  285.481355][  T979] usb 1-1: USB disconnect, device number 17
[  288.406107][   T43] usb 3-1: USB disconnect, device number 9
[  288.715424][  T979] ldusb 1-1:0.0: LD USB Device #3 now disconnected
[  288.864606][ T5893] usb 2-1: USB disconnect, device number 15
[  289.422663][ T5934] usb 5-1: USB disconnect, device number 14
[  289.433798][   T43] usblp1: removed
[  289.541314][ T7565] syz.1.442: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  289.658575][ T5893] usb 4-1: USB disconnect, device number 14
[  289.863024][ T7565] CPU: 0 UID: 0 PID: 7565 Comm: syz.1.442 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(full) 
[  289.863057][ T7565] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  289.863068][ T7565] Call Trace:
[  289.863077][ T7565]  <TASK>
[  289.863086][ T7565]  dump_stack_lvl+0x189/0x250
[  289.863119][ T7565]  ? __pfx_dump_stack_lvl+0x10/0x10
[  289.863141][ T7565]  ? __pfx__printk+0x10/0x10
[  289.863168][ T7565]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  289.863193][ T7565]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  289.863219][ T7565]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[  289.863247][ T7565]  warn_alloc+0x214/0x310
[  289.863267][ T7565]  ? stack_depot_save_flags+0x429/0x900
[  289.863301][ T7565]  ? __pfx_warn_alloc+0x10/0x10
[  289.863323][ T7565]  ? kasan_save_track+0x4f/0x80
[  289.863349][ T7565]  ? xskq_create+0x56/0x170
[  289.863377][ T7565]  ? xsk_init_queue+0xb0/0x110
[  289.863401][ T7565]  ? xsk_setsockopt+0x43f/0x710
[  289.863421][ T7565]  ? do_sock_setsockopt+0x25a/0x3e0
[  289.863442][ T7565]  ? __x64_sys_setsockopt+0x18b/0x220
[  289.863462][ T7565]  ? do_syscall_64+0xfa/0x3b0
[  289.863478][ T7565]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  289.863506][ T7565]  __vmalloc_node_range_noprof+0x125/0x12f0
[  289.863567][ T7565]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  289.863602][ T7565]  ? __kasan_kmalloc+0x93/0xb0
[  289.863628][ T7565]  vmalloc_user_noprof+0xad/0xf0
[  289.863654][ T7565]  ? xskq_create+0xbf/0x170
[  289.863689][ T7565]  xskq_create+0xbf/0x170
[  289.863719][ T7565]  xsk_init_queue+0xb0/0x110
[  289.863748][ T7565]  xsk_setsockopt+0x43f/0x710
[  289.863778][ T7565]  ? __pfx_xsk_setsockopt+0x10/0x10
[  289.863801][ T7565]  ? __lock_acquire+0xab9/0xd20
[  289.863831][ T7565]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[  289.863856][ T7565]  ? __pfx_xsk_setsockopt+0x10/0x10
[  289.863883][ T7565]  do_sock_setsockopt+0x25a/0x3e0
[  289.863909][ T7565]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  289.863938][ T7565]  ? __fget_files+0x2a/0x420
[  289.863967][ T7565]  __x64_sys_setsockopt+0x18b/0x220
[  289.863998][ T7565]  do_syscall_64+0xfa/0x3b0
[  289.864014][ T7565]  ? lockdep_hardirqs_on+0x9c/0x150
[  289.864042][ T7565]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  289.864061][ T7565]  ? clear_bhb_loop+0x60/0xb0
[  289.864086][ T7565]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  289.864104][ T7565] RIP: 0033:0x7fdfb538e929
[  289.864123][ T7565] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  289.864141][ T7565] RSP: 002b:00007fdfb61a8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  289.864164][ T7565] RAX: ffffffffffffffda RBX: 00007fdfb55b5fa0 RCX: 00007fdfb538e929
[  289.864177][ T7565] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000003
[  289.864189][ T7565] RBP: 00007fdfb5410b39 R08: 0000000000000004 R09: 0000000000000000
[  289.864201][ T7565] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  289.864213][ T7565] R13: 0000000000000000 R14: 00007fdfb55b5fa0 R15: 00007ffffb37da78
[  289.864246][ T7565]  </TASK>
[  290.175478][ T7565] Mem-Info:
[  290.599393][ T7565] active_anon:251 inactive_anon:4221 isolated_anon:0
[  290.599393][ T7565]  active_file:15815 inactive_file:37963 isolated_file:0
[  290.599393][ T7565]  unevictable:768 dirty:105 writeback:0
[  290.599393][ T7565]  slab_reclaimable:10380 slab_unreclaimable:97534
[  290.599393][ T7565]  mapped:29518 shmem:1364 pagetables:1059
[  290.599393][ T7565]  sec_pagetables:0 bounce:0
[  290.599393][ T7565]  kernel_misc_reclaimable:0
[  290.599393][ T7565]  free:1322489 free_pcp:12721 free_cma:0
[  290.879467][ T7565] Node 0 active_anon:1004kB inactive_anon:16984kB active_file:63056kB inactive_file:151852kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:118072kB dirty:412kB writeback:0kB shmem:3920kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12088kB pagetables:4100kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  290.949157][ T7573] fuse: Unknown parameter 'group_i00000000000000000000'
[  290.989819][ T7565] Node 1 active_anon:0kB inactive_anon:0kB active_file:204kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:8kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:136kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  291.202070][ T7565] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  291.232570][ T7565] lowmem_reserve[]: 0 2500 2502 2502 2502
[  291.238932][ T7565] Node 0 DMA32 free:1363160kB boost:0kB min:34264kB low:42828kB high:51392kB reserved_highatomic:0KB free_highatomic:0KB active_anon:1000kB inactive_anon:28340kB active_file:61292kB inactive_file:151784kB unevictable:1536kB writepending:412kB present:3129332kB managed:2560916kB mlocked:0kB bounce:0kB free_pcp:31232kB local_pcp:11956kB free_cma:0kB
[  291.299971][   T30] kauditd_printk_skb: 49 callbacks suppressed
[  291.299990][   T30] audit: type=1326 audit(1752037351.280:462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7579 comm="syz.3.448" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f799a18e929 code=0x0
[  291.300794][ T7565] lowmem_reserve[]:
[  291.319007][ T7584] loop2: detected capacity change from 0 to 1
[  291.338151][ T7565]  0 0 1 1 1
[  291.338203][ T7565] Node 0 Normal free:8kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB free_highatomic:0KB active_anon:4kB inactive_anon:44kB active_file:1764kB inactive_file:68kB unevictable:0kB writepending:0kB present:1048580kB managed:1904kB mlocked:0kB bounce:0kB free_pcp:16kB local_pcp:8kB free_cma:0kB
[  291.338263][ T7565] lowmem_reserve[]: 0 0 0 0 0
[  291.338311][ T7565] Node 1 Normal free:3901928kB boost:0kB min:55612kB low:69512kB high:83412kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:204kB inactive_file:0kB unevictable:1536kB writepending:8kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:17408kB local_pcp:5536kB free_cma:0kB
[  291.338372][ T7565] lowmem_reserve[]: 0 0 0 0 0
[  291.338429][ T7565] Node 0 DMA: 0*4kB 
[  291.364316][ T7584] Dev loop2: unable to read RDB block 1
[  291.428764][ T7584]  loop2: unable to read partition table
[  291.435089][ T7584] loop2: partition table beyond EOD, truncated
[  291.441727][ T7584] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  291.451256][ T7565] 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  291.466293][ T7570] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  291.509982][ T7565] Node 0 DMA32: 302*4kB (UM) 539*8kB (UME) 782*16kB (UME) 749*32kB (UME) 496*64kB (UME) 217*128kB (UME) 95*256kB (UME) 26*512kB (UME) 5*1024kB (UM) 5*2048kB (UM) 295*4096kB (UM) = 1362832kB
[  291.630610][ T7565] Node 0 Normal: 0*4kB 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB
[  291.687418][ T7565] Node 1 Normal: 192*4kB (UME) 47*8kB (UME) 47*16kB (UME) 142*32kB (UME) 35*64kB (UME) 8*128kB (UME) 4*256kB (UME) 4*512kB (UME) 2*1024kB (ME) 2*2048kB (UE) 948*4096kB (M) = 3901928kB
[  291.739878][ T7565] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  291.779156][ T7565] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  291.790799][ T7565] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  291.806097][ T7565] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  291.819466][ T7565] 64490 total pagecache pages
[  291.928386][ T7565] 0 pages in swap cache
[  291.943065][ T7565] Free swap  = 124996kB
[  291.947273][ T7565] Total swap = 124996kB
[  291.961722][ T7565] 2097051 pages RAM
[  291.971973][ T7565] 0 pages HighMem/MovableOnly
[  291.978996][ T7565] 424715 pages reserved
[  291.988740][ T7565] 0 pages cma reserved
[  292.392100][   T30] audit: type=1326 audit(1752037352.370:463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7600 comm="syz.2.454" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff54018e929 code=0x7ffc0000
[  292.422362][ T5893] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  292.437322][   T30] audit: type=1326 audit(1752037352.400:464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7600 comm="syz.2.454" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff54018e929 code=0x7ffc0000
[  292.460027][   T30] audit: type=1326 audit(1752037352.430:465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7600 comm="syz.2.454" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff54018e929 code=0x7ffc0000
[  292.465400][ T7601] Smack: duplicate mount options
[  293.442754][   T30] audit: type=1326 audit(1752037352.430:466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7600 comm="syz.2.454" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff54018e929 code=0x7ffc0000
[  293.777856][   T30] audit: type=1326 audit(1752037352.430:467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7600 comm="syz.2.454" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff54018e929 code=0x7ffc0000
[  293.851043][   T30] audit: type=1326 audit(1752037352.440:468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7600 comm="syz.2.454" exe="/root/syz-executor" sig=0 arch=c000003e syscall=444 compat=0 ip=0x7ff54018e929 code=0x7ffc0000
[  293.892115][ T5893] usb 5-1: Using ep0 maxpacket: 32
[  293.899181][ T5893] usb 5-1: config 0 has an invalid interface number: 247 but max is 0
[  293.922063][ T5893] usb 5-1: config 0 has no interface number 0
[  293.925331][   T30] audit: type=1326 audit(1752037352.440:469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7600 comm="syz.2.454" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff54018e929 code=0x7ffc0000
[  293.929841][ T5893] usb 5-1: New USB device found, idVendor=1d50, idProduct=60c6, bcdDevice=62.9b
[  293.999476][ T5893] usb 5-1: New USB device strings: Mfr=1, Product=3, SerialNumber=0
[  293.999601][   T30] audit: type=1326 audit(1752037352.440:470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7600 comm="syz.2.454" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff54018e929 code=0x7ffc0000
[  294.020471][ T5893] usb 5-1: Product: syz
[  294.033287][ T5934] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  294.051171][ T5893] usb 5-1: Manufacturer: syz
[  294.063184][ T5893] usb 5-1: config 0 descriptor??
[  294.071833][   T30] audit: type=1326 audit(1752037352.440:471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7600 comm="syz.2.454" exe="/root/syz-executor" sig=0 arch=c000003e syscall=85 compat=0 ip=0x7ff54018e929 code=0x7ffc0000
[  294.206273][ T5934] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  294.224989][ T5934] usb 3-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  294.242197][ T5934] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  294.266463][ T5934] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  294.282078][ T5855] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  294.287455][ T5934] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  294.322056][ T5934] usb 3-1: Product: syz
[  294.326276][ T5934] usb 3-1: Manufacturer: syz
[  294.342563][ T5934] usb 3-1: SerialNumber: syz
[  294.454447][ T5855] usb 2-1: Using ep0 maxpacket: 32
[  294.503910][ T5855] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 219
[  294.750365][ T5855] usb 2-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= 5.f5
[  294.809180][ T5855] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  294.895155][ T5855] usb 2-1: Product: syz
[  294.947096][ T5855] usb 2-1: Manufacturer: syz
[  295.005927][ T5855] usb 2-1: SerialNumber: syz
[  295.183115][ T5855] usb 2-1: config 0 descriptor??
[  295.256990][ T7607] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[  295.504402][ T5934] usblp 3-1:1.0: usblp1: USB Unidirectional printer dev 10 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  295.504551][ T5855] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  296.719329][ T5934] usb 3-1: USB disconnect, device number 10
[  296.727492][ T5934] usblp1: removed
[  296.992309][   T10] usb 5-1: USB disconnect, device number 15
[  297.142015][ T5855] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  297.371230][ T5855] usb 3-1: Using ep0 maxpacket: 32
[  297.472158][ T5934] usb 2-1: USB disconnect, device number 16
[  297.487322][ T5855] usb 3-1: config 0 has an invalid interface number: 247 but max is 0
[  297.507295][ T5855] usb 3-1: config 0 has no interface number 0
[  297.526444][ T5855] usb 3-1: New USB device found, idVendor=1d50, idProduct=60c6, bcdDevice=62.9b
[  297.541830][ T5855] usb 3-1: New USB device strings: Mfr=1, Product=3, SerialNumber=0
[  297.571523][ T5855] usb 3-1: Product: syz
[  297.600062][ T7617] FAULT_INJECTION: forcing a failure.
[  297.600062][ T7617] name failslab, interval 1, probability 0, space 0, times 0
[  297.609736][ T7619] fuse: Unknown parameter 'group_i00000000000000000000'
[  297.613757][ T5855] usb 3-1: Manufacturer: syz
[  297.632677][ T5855] usb 3-1: config 0 descriptor??
[  297.638078][ T7617] CPU: 1 UID: 0 PID: 7617 Comm: syz.1.458 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(full) 
[  297.638105][ T7617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  297.638117][ T7617] Call Trace:
[  297.638125][ T7617]  <TASK>
[  297.638139][ T7617]  dump_stack_lvl+0x189/0x250
[  297.638165][ T7617]  ? __pfx____ratelimit+0x10/0x10
[  297.638193][ T7617]  ? __pfx_dump_stack_lvl+0x10/0x10
[  297.638214][ T7617]  ? __pfx__printk+0x10/0x10
[  297.638241][ T7617]  ? __pfx___might_resched+0x10/0x10
[  297.638262][ T7617]  ? fs_reclaim_acquire+0x7d/0x100
[  297.638287][ T7617]  should_fail_ex+0x414/0x560
[  297.638320][ T7617]  should_failslab+0xa8/0x100
[  297.638349][ T7617]  __kmalloc_noprof+0xcb/0x4f0
[  297.638373][ T7617]  ? tomoyo_encode+0x28b/0x550
[  297.638398][ T7617]  tomoyo_encode+0x28b/0x550
[  297.638425][ T7617]  tomoyo_realpath_from_path+0x58d/0x5d0
[  297.638457][ T7617]  ? tomoyo_mount_permission+0x27a/0x970
[  297.638476][ T7617]  tomoyo_mount_permission+0x377/0x970
[  297.638498][ T7617]  ? tomoyo_mount_permission+0x27a/0x970
[  297.638517][ T7617]  ? __pfx_tomoyo_mount_permission+0x10/0x10
[  297.638603][ T7617]  security_sb_mount+0xec/0x350
[  297.638630][ T7617]  path_mount+0xbc/0xfe0
[  297.638656][ T7617]  ? user_path_at+0x44/0x60
[  297.638674][ T7617]  ? kmem_cache_free+0x18f/0x400
[  297.638710][ T7617]  __se_sys_mount+0x317/0x410
[  297.638736][ T7617]  ? __pfx___se_sys_mount+0x10/0x10
[  297.638751][ T7617]  ? rcu_is_watching+0x15/0xb0
[  297.638778][ T7617]  ? do_syscall_64+0xbe/0x3b0
[  297.638794][ T7617]  ? __x64_sys_mount+0x20/0xc0
[  297.638815][ T7617]  do_syscall_64+0xfa/0x3b0
[  297.638831][ T7617]  ? lockdep_hardirqs_on+0x9c/0x150
[  297.638857][ T7617]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  297.638875][ T7617]  ? clear_bhb_loop+0x60/0xb0
[  297.638898][ T7617]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  297.638916][ T7617] RIP: 0033:0x7fdfb538e929
[  297.638933][ T7617] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  297.638950][ T7617] RSP: 002b:00007fdfb61a8038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  297.638971][ T7617] RAX: ffffffffffffffda RBX: 00007fdfb55b5fa0 RCX: 00007fdfb538e929
[  297.638984][ T7617] RDX: 0000200000000340 RSI: 0000200000000300 RDI: 0000200000000280
[  297.638997][ T7617] RBP: 00007fdfb61a8090 R08: 0000000000000000 R09: 0000000000000000
[  297.639009][ T7617] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  297.639020][ T7617] R13: 0000000000000000 R14: 00007fdfb55b5fa0 R15: 00007ffffb37da78
[  297.639053][ T7617]  </TASK>
[  297.904124][ T7617] ERROR: Out of memory at tomoyo_realpath_from_path.
[  300.191433][ T5853] Bluetooth: hci1: command 0x0c1a tx timeout
[  302.107146][ T7636] netlink: 'syz.4.460': attribute type 1 has an invalid length.
[  302.311772][ T7627] Bluetooth: hci1: Opcode 0x0c1a failed: -110
[  302.345383][ T7627] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  302.436364][ T7627] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  302.448296][ T7627] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  302.468010][ T7627] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  303.103449][ T5924] usb 3-1: USB disconnect, device number 11
[  303.428395][ T7648] netlink: 4 bytes leftover after parsing attributes in process `syz.4.468'.
[  304.180479][ T5855] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  304.405215][ T5855] usb 3-1: Using ep0 maxpacket: 32
[  304.414926][ T5855] usb 3-1: config 0 has an invalid interface number: 247 but max is 0
[  304.442719][ T5855] usb 3-1: config 0 has no interface number 0
[  304.451401][ T5855] usb 3-1: New USB device found, idVendor=1d50, idProduct=60c6, bcdDevice=62.9b
[  304.468050][ T5855] usb 3-1: New USB device strings: Mfr=1, Product=3, SerialNumber=0
[  304.480700][ T5855] usb 3-1: Product: syz
[  304.491450][ T5855] usb 3-1: Manufacturer: syz
[  304.507450][ T5855] usb 3-1: config 0 descriptor??
[  304.514166][ T5853] Bluetooth: hci4: command 0x0405 tx timeout
[  304.520359][ T5844] Bluetooth: hci3: command 0x0c1a tx timeout
[  304.526571][ T5841] Bluetooth: hci2: command 0x0c1a tx timeout
[  304.641583][ T7647] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  304.647890][ T7647] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  304.654175][ T7647] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  304.670551][ T7647] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  304.691266][ T7647] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  306.670863][ T5844] Bluetooth: hci2: command 0x0c1a tx timeout
[  306.677036][ T5844] Bluetooth: hci1: command 0x0c1a tx timeout
[  306.689010][ T5853] Bluetooth: hci3: command 0x0c1a tx timeout
[  306.750724][ T5853] Bluetooth: hci4: command 0x0405 tx timeout
[  306.899955][ T7680] 9pnet_fd: Insufficient options for proto=fd
[  307.036497][ T7682] =======================================================
[  307.036497][ T7682] WARNING: The mand mount option has been deprecated and
[  307.036497][ T7682]          and is ignored by this kernel. Remove the mand
[  307.036497][ T7682]          option from the mount to silence this warning.
[  307.036497][ T7682] =======================================================
[  308.089371][   T43] usb 3-1: USB disconnect, device number 12
[  308.361098][ T7701] fuse: Bad value for 'fd'
[  308.936967][ T7693] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  308.974777][ T7693] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  308.990138][ T7693] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  309.011603][ T7707] netlink: 28 bytes leftover after parsing attributes in process `syz.3.484'.
[  309.029632][ T7693] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  309.036889][ T7693] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  309.452994][ T7712] FAULT_INJECTION: forcing a failure.
[  309.452994][ T7712] name failslab, interval 1, probability 0, space 0, times 0
[  310.235041][ T7712] CPU: 1 UID: 0 PID: 7712 Comm: syz.2.486 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(full) 
[  310.235073][ T7712] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  310.235084][ T7712] Call Trace:
[  310.235092][ T7712]  <TASK>
[  310.235100][ T7712]  dump_stack_lvl+0x189/0x250
[  310.235126][ T7712]  ? __pfx____ratelimit+0x10/0x10
[  310.235154][ T7712]  ? __pfx_dump_stack_lvl+0x10/0x10
[  310.235176][ T7712]  ? __pfx__printk+0x10/0x10
[  310.235202][ T7712]  ? __pfx___might_resched+0x10/0x10
[  310.235223][ T7712]  ? fs_reclaim_acquire+0x7d/0x100
[  310.235248][ T7712]  should_fail_ex+0x414/0x560
[  310.235280][ T7712]  should_failslab+0xa8/0x100
[  310.235310][ T7712]  __kmalloc_noprof+0xcb/0x4f0
[  310.235335][ T7712]  ? tomoyo_encode+0x28b/0x550
[  310.235356][ T7712]  tomoyo_encode+0x28b/0x550
[  310.235379][ T7712]  tomoyo_realpath_from_path+0x58d/0x5d0
[  310.235402][ T7712]  ? tomoyo_domain+0xda/0x130
[  310.235438][ T7712]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  310.235463][ T7712]  tomoyo_path_number_perm+0x1e8/0x5a0
[  310.235491][ T7712]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  310.235535][ T7712]  ? __lock_acquire+0xab9/0xd20
[  310.235567][ T7712]  ? __fget_files+0x2a/0x420
[  310.235579][ T7712]  ? __fget_files+0x2a/0x420
[  310.235588][ T7712]  ? __fget_files+0x3a0/0x420
[  310.235598][ T7712]  ? __fget_files+0x2a/0x420
[  310.235610][ T7712]  security_file_ioctl+0xcb/0x2d0
[  310.235628][ T7712]  __se_sys_ioctl+0x47/0x170
[  310.235644][ T7712]  do_syscall_64+0xfa/0x3b0
[  310.235654][ T7712]  ? lockdep_hardirqs_on+0x9c/0x150
[  310.235670][ T7712]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  310.235684][ T7712]  ? clear_bhb_loop+0x60/0xb0
[  310.235698][ T7712]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  310.235708][ T7712] RIP: 0033:0x7ff54018e929
[  310.235720][ T7712] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  310.235730][ T7712] RSP: 002b:00007ff54106a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  310.235744][ T7712] RAX: ffffffffffffffda RBX: 00007ff5403b5fa0 RCX: 00007ff54018e929
[  310.235752][ T7712] RDX: 00002000000004c0 RSI: 0000000000008b05 RDI: 0000000000000005
[  310.235759][ T7712] RBP: 00007ff54106a090 R08: 0000000000000000 R09: 0000000000000000
[  310.235766][ T7712] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  310.235773][ T7712] R13: 0000000000000000 R14: 00007ff5403b5fa0 R15: 00007ffcb2b9a468
[  310.235790][ T7712]  </TASK>
[  310.235805][ T7712] ERROR: Out of memory at tomoyo_realpath_from_path.
[  311.311791][ T5853] Bluetooth: hci1: command 0x0c1a tx timeout
[  311.317887][ T5853] Bluetooth: hci2: command 0x0c1a tx timeout
[  311.339575][ T5853] Bluetooth: hci4: command 0x0405 tx timeout
[  311.360903][ T5853] Bluetooth: hci3: command 0x0c1a tx timeout
[  316.163331][    C0] sched: DL replenish lagged too much
[  317.546936][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  332.679910][    C1] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  379.037414][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  510.467396][    C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  510.474417][    C0] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P5500/1:b..l P5954/1:b..l P5824/1:b..l P5834/1:b..l
[  510.486222][    C0] rcu: 	(detected by 0, t=10503 jiffies, g=21985, q=687768 ncpus=2)
[  510.494230][    C0] task:syz-executor    state:R  running task     stack:21576 pid:5834  tgid:5834  ppid:5830   task_flags:0x400140 flags:0x00004002
[  510.508820][    C0] Call Trace:
[  510.512148][    C0]  <TASK>
[  510.515109][    C0]  __schedule+0x16a2/0x4cb0
[  510.519675][    C0]  ? preempt_schedule_irq+0xb5/0x150
[  510.525003][    C0]  ? __pfx___schedule+0x10/0x10
[  510.529895][    C0]  ? __page_table_check_zero+0xba/0x530
[  510.535488][    C0]  ? __page_table_check_zero+0x406/0x530
[  510.541156][    C0]  ? __page_table_check_zero+0xba/0x530
[  510.546742][    C0]  ? preempt_schedule_irq+0xaa/0x150
[  510.552069][    C0]  preempt_schedule_irq+0xb5/0x150
[  510.557222][    C0]  ? __pfx_preempt_schedule_irq+0x10/0x10
[  510.562991][    C0]  ? rcu_irq_exit_check_preempt+0xdf/0x210
[  510.568847][    C0]  irqentry_exit+0x6f/0x90
[  510.573301][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  510.579316][    C0] RIP: 0010:lock_acquire+0x175/0x360
[  510.584633][    C0] Code: 00 00 00 00 9c 8f 44 24 30 f7 44 24 30 00 02 00 00 0f 85 cd 00 00 00 f7 44 24 08 00 02 00 00 74 01 fb 65 48 8b 05 ab e1 fe 10 <48> 3b 44 24 58 0f 85 f2 00 00 00 48 83 c4 60 5b 41 5c 41 5d 41 5e
[  510.604273][    C0] RSP: 0018:ffffc90003eaf1f8 EFLAGS: 00000206
[  510.610376][    C0] RAX: 7eeda50eab2b0800 RBX: 0000000000000000 RCX: 7eeda50eab2b0800
[  510.618377][    C0] RDX: 0000000000000000 RSI: ffffffff8db71883 RDI: ffffffff8be1ca40
[  510.626378][    C0] RBP: ffffffff81729ae5 R08: 0000000000000000 R09: ffffffff81729ae5
[  510.634374][    C0] R10: ffffc90003eaf3b8 R11: ffffffff81acf220 R12: 0000000000000002
[  510.642376][    C0] R13: ffffffff8e13f160 R14: 0000000000000000 R15: 0000000000000246
[  510.650379][    C0]  ? unwind_next_frame+0xa5/0x2390
[  510.655520][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  510.661715][    C0]  ? unwind_next_frame+0xa5/0x2390
[  510.666880][    C0]  ? unwind_next_frame+0x19ae/0x2390
[  510.672193][    C0]  ? stack_trace_save+0x9c/0xe0
[  510.677076][    C0]  ? unwind_next_frame+0xa5/0x2390
[  510.682216][    C0]  unwind_next_frame+0xc2/0x2390
[  510.687182][    C0]  ? unwind_next_frame+0xa5/0x2390
[  510.692322][    C0]  ? arch_stack_walk+0xe4/0x150
[  510.697214][    C0]  ? __unwind_start+0x5b9/0x760
[  510.702099][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  510.708290][    C0]  arch_stack_walk+0x11c/0x150
[  510.713093][    C0]  ? stack_trace_save+0x9c/0xe0
[  510.717981][    C0]  stack_trace_save+0x9c/0xe0
[  510.722695][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[  510.728114][    C0]  save_stack+0xf7/0x1f0
[  510.732394][    C0]  ? __pfx_save_stack+0x10/0x10
[  510.737300][    C0]  ? page_ext_put+0x97/0xc0
[  510.741856][    C0]  __reset_page_owner+0x71/0x1f0
[  510.746843][    C0]  __free_frozen_pages+0xc65/0xe60
[  510.752005][    C0]  __put_partials+0x161/0x1c0
[  510.756718][    C0]  put_cpu_partial+0x17c/0x250
[  510.761509][    C0]  ? put_cpu_partial+0x6d/0x250
[  510.766397][    C0]  __slab_free+0x2f7/0x400
[  510.770854][    C0]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  510.777218][    C0]  ? __phys_addr+0xd3/0x180
[  510.781762][    C0]  qlist_free_all+0x97/0x140
[  510.786390][    C0]  kasan_quarantine_reduce+0x148/0x160
[  510.791891][    C0]  __kasan_slab_alloc+0x22/0x80
[  510.796781][    C0]  __kvmalloc_node_noprof+0x2b0/0x5f0
[  510.802192][    C0]  ? translate_table+0x19b/0x2040
[  510.807258][    C0]  translate_table+0x19b/0x2040
[  510.812160][    C0]  ? __lock_acquire+0xab9/0xd20
[  510.817054][    C0]  ? __pfx_translate_table+0x10/0x10
[  510.822381][    C0]  ? __might_fault+0xb0/0x130
[  510.827115][    C0]  ? _copy_from_user+0x94/0xb0
[  510.831918][    C0]  do_ip6t_set_ctl+0x970/0xce0
[  510.836724][    C0]  ? rcu_is_watching+0x15/0xb0
[  510.841521][    C0]  ? __pfx_do_ip6t_set_ctl+0x10/0x10
[  510.846997][    C0]  ? __pfx___mutex_lock+0x10/0x10
[  510.852071][    C0]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  510.858134][    C0]  nf_setsockopt+0x26c/0x290
[  510.862765][    C0]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  510.868712][    C0]  do_sock_setsockopt+0x25a/0x3e0
[  510.873785][    C0]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  510.879380][    C0]  __x64_sys_setsockopt+0x18b/0x220
[  510.884628][    C0]  do_syscall_64+0xfa/0x3b0
[  510.889159][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  510.894406][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  510.900589][    C0]  ? clear_bhb_loop+0x60/0xb0
[  510.905421][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  510.911361][    C0] RIP: 0033:0x7fdfb539081a
[  510.915813][    C0] RSP: 002b:00007ffffb37d708 EFLAGS: 00000206 ORIG_RAX: 0000000000000036
[  510.924352][    C0] RAX: ffffffffffffffda RBX: 00007ffffb37d790 RCX: 00007fdfb539081a
[  510.932356][    C0] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003
[  510.940355][    C0] RBP: 0000000000000003 R08: 00000000000003b8 R09: 0079746972756365
[  510.948355][    C0] R10: 00007fdfb55827e0 R11: 0000000000000206 R12: 00007fdfb5582780
[  510.956352][    C0] R13: 00007ffffb37d72c R14: 0000000000000000 R15: 00007fdfb5582e40
[  510.964373][    C0]  </TASK>
[  510.967422][    C0] task:syz-executor    state:R  running task     stack:21544 pid:5824  tgid:5824  ppid:5823   task_flags:0x400100 flags:0x00004002
[  510.980961][    C0] Call Trace:
[  510.984272][    C0]  <TASK>
[  510.987233][    C0]  __schedule+0x16a2/0x4cb0
[  510.991799][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  510.997035][    C0]  ? preempt_schedule_irq+0xb5/0x150
[  511.002353][    C0]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  511.008281][    C0]  ? __pfx___schedule+0x10/0x10
[  511.013172][    C0]  ? rcu_preempt_deferred_qs_irqrestore+0x851/0xc40
[  511.019806][    C0]  ? preempt_schedule_irq+0xaa/0x150
[  511.025135][    C0]  preempt_schedule_irq+0xb5/0x150
[  511.030283][    C0]  ? __pfx_preempt_schedule_irq+0x10/0x10
[  511.036047][    C0]  ? rcu_irq_exit_check_preempt+0xdf/0x210
[  511.041973][    C0]  irqentry_exit+0x6f/0x90
[  511.046429][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  511.052441][    C0] RIP: 0010:unwind_next_frame+0x130e/0x2390
[  511.058379][    C0] Code: c1 e8 3f 48 01 c8 48 83 e0 fe 4c 8d 3c 45 00 00 00 00 49 01 ef 4c 89 f8 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df 0f b6 04 08 <84> c0 75 27 49 63 07 4c 01 f8 49 8d 4f 04 4c 39 e0 48 0f 46 e9 49
[  511.078021][    C0] RSP: 0018:ffffc90003d0f698 EFLAGS: 00000a02
[  511.084130][    C0] RAX: 0000000000000000 RBX: ffffffff8fbe96b8 RCX: dffffc0000000000
[  511.092138][    C0] RDX: ffffffff8fbe96ac RSI: ffffffff903f3ec0 RDI: ffffffff8be1c9e0
[  511.100144][    C0] RBP: ffffffff8fbe96ac R08: 0000000000000009 R09: ffffffff81729ae5
[  511.108160][    C0] R10: ffffc90003d0f7b8 R11: ffffffff81acf220 R12: ffffffff82393d6c
[  511.116163][    C0] R13: ffffffff8fbe96ac R14: ffffc90003d0f768 R15: ffffffff8fbe96b0
[  511.124169][    C0]  ? inode_init_always_gfp+0x9ec/0xdc0
[  511.129757][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  511.135943][    C0]  ? unwind_next_frame+0xa5/0x2390
[  511.141098][    C0]  ? unwind_next_frame+0xd4/0x2390
[  511.146251][    C0]  ? unwind_next_frame+0xa5/0x2390
[  511.151394][    C0]  ? inode_init_always_gfp+0x9ed/0xdc0
[  511.156893][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  511.163083][    C0]  arch_stack_walk+0x11c/0x150
[  511.167894][    C0]  ? inode_init_always_gfp+0x9ed/0xdc0
[  511.173394][    C0]  stack_trace_save+0x9c/0xe0
[  511.178108][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[  511.183538][    C0]  save_stack+0xf7/0x1f0
[  511.187821][    C0]  ? __pfx_save_stack+0x10/0x10
[  511.192710][    C0]  ? __free_frozen_pages+0xc65/0xe60
[  511.198034][    C0]  ? __put_partials+0x161/0x1c0
[  511.202909][    C0]  ? put_cpu_partial+0x17c/0x250
[  511.207874][    C0]  ? __slab_free+0x2f7/0x400
[  511.212490][    C0]  ? qlist_free_all+0x97/0x140
[  511.217290][    C0]  ? kasan_quarantine_reduce+0x148/0x160
[  511.222948][    C0]  ? __kasan_slab_alloc+0x22/0x80
[  511.228005][    C0]  ? kmem_cache_alloc_noprof+0x1c1/0x3c0
[  511.233666][    C0]  ? security_inode_alloc+0x39/0x330
[  511.238980][    C0]  ? inode_init_always_gfp+0x9ed/0xdc0
[  511.244482][    C0]  ? page_ext_put+0x97/0xc0
[  511.249032][    C0]  __reset_page_owner+0x71/0x1f0
[  511.254012][    C0]  __free_frozen_pages+0xc65/0xe60
[  511.259170][    C0]  __put_partials+0x161/0x1c0
[  511.263885][    C0]  put_cpu_partial+0x17c/0x250
[  511.268679][    C0]  ? put_cpu_partial+0x6d/0x250
[  511.273567][    C0]  __slab_free+0x2f7/0x400
[  511.278015][    C0]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  511.283943][    C0]  ? __phys_addr+0xd3/0x180
[  511.288480][    C0]  qlist_free_all+0x97/0x140
[  511.293106][    C0]  kasan_quarantine_reduce+0x148/0x160
[  511.298609][    C0]  __kasan_slab_alloc+0x22/0x80
[  511.303494][    C0]  kmem_cache_alloc_noprof+0x1c1/0x3c0
[  511.308991][    C0]  ? security_inode_alloc+0x39/0x330
[  511.314312][    C0]  security_inode_alloc+0x39/0x330
[  511.319455][    C0]  inode_init_always_gfp+0x9ed/0xdc0
[  511.324786][    C0]  alloc_inode+0x82/0x1b0
[  511.329186][    C0]  create_pipe_files+0x51/0x760
[  511.334164][    C0]  ? rcu_is_watching+0x15/0xb0
[  511.338967][    C0]  __do_pipe_flags+0x4c/0x2d0
[  511.343682][    C0]  do_pipe2+0x9c/0x170
[  511.347779][    C0]  ? __pfx_do_pipe2+0x10/0x10
[  511.352498][    C0]  __x64_sys_pipe2+0x5a/0x70
[  511.357214][    C0]  do_syscall_64+0xfa/0x3b0
[  511.361750][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  511.366990][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  511.373089][    C0]  ? clear_bhb_loop+0x60/0xb0
[  511.377809][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  511.383731][    C0] RIP: 0033:0x7f7aa258d649
[  511.388176][    C0] RSP: 002b:00007ffefb030f18 EFLAGS: 00000246 ORIG_RAX: 0000000000000125
[  511.396630][    C0] RAX: ffffffffffffffda RBX: 0000555571bd1ad0 RCX: 00007f7aa258d649
[  511.404632][    C0] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 00007ffefb030f30
[  511.412632][    C0] RBP: 00007ffefb0312e0 R08: 0000000000000007 R09: 0000555571bd3630
[  511.420631][    C0] R10: 291fbfa365ba006a R11: 0000000000000246 R12: 00007ffefb031340
[  511.428628][    C0] R13: 0000555571bd64e0 R14: 00007ffefb031060 R15: 0000555571bd0620
[  511.436651][    C0]  </TASK>
[  511.439698][    C0] task:kworker/0:5     state:R  running task     stack:24968 pid:5954  tgid:5954  ppid:2      task_flags:0x4208060 flags:0x00004000
[  511.453319][    C0] Workqueue:  0x0 (wg-crypt-wg2)
[  511.458312][    C0] Call Trace:
[  511.461620][    C0]  <TASK>
[  511.464599][    C0]  __schedule+0x16a2/0x4cb0
[  511.469152][    C0]  ? sg_copy_buffer+0x579/0x600
[  511.474057][    C0]  ? preempt_schedule_notrace+0xd1/0x110
[  511.479737][    C0]  ? __pfx___schedule+0x10/0x10
[  511.484626][    C0]  ? sched_clock_cpu+0x74/0x430
[  511.489512][    C0]  ? __lock_acquire+0xab9/0xd20
[  511.494406][    C0]  preempt_schedule_notrace+0xd1/0x110
[  511.499902][    C0]  ? __pfx_preempt_schedule_notrace+0x10/0x10
[  511.506005][    C0]  ? unwind_next_frame+0xa5/0x2390
[  511.511241][    C0]  preempt_schedule_notrace_thunk+0x16/0x30
[  511.517181][    C0]  rcu_is_watching+0x7f/0xb0
[  511.521804][    C0]  ? unwind_next_frame+0xa5/0x2390
[  511.526945][    C0]  unwind_next_frame+0x1965/0x2390
[  511.532096][    C0]  ? unwind_next_frame+0xa5/0x2390
[  511.537246][    C0]  ? __kthread_create_on_node+0xef/0x3e0
[  511.542926][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  511.549125][    C0]  arch_stack_walk+0x11c/0x150
[  511.553926][    C0]  ? kthread_create_on_node+0xdd/0x130
[  511.559425][    C0]  stack_trace_save+0x9c/0xe0
[  511.564142][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[  511.569567][    C0]  save_stack+0xf7/0x1f0
[  511.573854][    C0]  ? __pfx_save_stack+0x10/0x10
[  511.578738][    C0]  ? __free_frozen_pages+0xc65/0xe60
[  511.584055][    C0]  ? __put_partials+0x161/0x1c0
[  511.588935][    C0]  ? put_cpu_partial+0x17c/0x250
[  511.593905][    C0]  ? __slab_free+0x2f7/0x400
[  511.598610][    C0]  ? qlist_free_all+0x97/0x140
[  511.603402][    C0]  ? kasan_quarantine_reduce+0x148/0x160
[  511.609080][    C0]  ? __kasan_slab_alloc+0x22/0x80
[  511.614149][    C0]  ? __kmalloc_cache_noprof+0x1be/0x3d0
[  511.619726][    C0]  ? __kthread_create_on_node+0xef/0x3e0
[  511.625398][    C0]  ? page_ext_put+0x97/0xc0
[  511.629942][    C0]  __reset_page_owner+0x71/0x1f0
[  511.634918][    C0]  __free_frozen_pages+0xc65/0xe60
[  511.640076][    C0]  __put_partials+0x161/0x1c0
[  511.644796][    C0]  put_cpu_partial+0x17c/0x250
[  511.649589][    C0]  ? put_cpu_partial+0x6d/0x250
[  511.654472][    C0]  __slab_free+0x2f7/0x400
[  511.658921][    C0]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  511.664851][    C0]  ? __phys_addr+0xd3/0x180
[  511.669389][    C0]  qlist_free_all+0x97/0x140
[  511.674018][    C0]  kasan_quarantine_reduce+0x148/0x160
[  511.679513][    C0]  __kasan_slab_alloc+0x22/0x80
[  511.684406][    C0]  __kmalloc_cache_noprof+0x1be/0x3d0
[  511.689814][    C0]  ? __kthread_create_on_node+0xef/0x3e0
[  511.695477][    C0]  ? __pfx_worker_thread+0x10/0x10
[  511.700622][    C0]  __kthread_create_on_node+0xef/0x3e0
[  511.706130][    C0]  ? __pfx___kthread_create_on_node+0x10/0x10
[  511.712226][    C0]  ? string+0x279/0x2b0
[  511.716427][    C0]  ? __pfx_worker_thread+0x10/0x10
[  511.721569][    C0]  ? __pfx_worker_thread+0x10/0x10
[  511.726710][    C0]  kthread_create_on_node+0xdd/0x130
[  511.732038][    C0]  ? __pfx_kthread_create_on_node+0x10/0x10
[  511.737967][    C0]  ? __kmalloc_cache_node_noprof+0x234/0x3d0
[  511.744075][    C0]  ? format_worker_id+0x110/0x260
[  511.749149][    C0]  create_worker+0x299/0x720
[  511.753778][    C0]  ? rcu_is_watching+0x15/0xb0
[  511.758580][    C0]  ? __pfx_create_worker+0x10/0x10
[  511.763734][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  511.768980][    C0]  worker_thread+0x33e/0xda0
[  511.773641][    C0]  kthread+0x711/0x8a0
[  511.777746][    C0]  ? __pfx_worker_thread+0x10/0x10
[  511.782888][    C0]  ? __pfx_kthread+0x10/0x10
[  511.787511][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  511.792760][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  511.797990][    C0]  ? __pfx_kthread+0x10/0x10
[  511.802614][    C0]  ret_from_fork+0x3f9/0x770
[  511.807236][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[  511.812383][    C0]  ? __switch_to_asm+0x39/0x70
[  511.817178][    C0]  ? __switch_to_asm+0x33/0x70
[  511.821972][    C0]  ? __pfx_kthread+0x10/0x10
[  511.826599][    C0]  ret_from_fork_asm+0x1a/0x30
[  511.831414][    C0]  </TASK>
[  511.834458][    C0] task:dhcpcd          state:R  running task     stack:25120 pid:5500  tgid:5500  ppid:1      task_flags:0x400140 flags:0x00004002
[  511.847991][    C0] Call Trace:
[  511.851297][    C0]  <TASK>
[  511.854263][    C0]  __schedule+0x16a2/0x4cb0
[  511.858822][    C0]  ? preempt_schedule_irq+0xb5/0x150
[  511.864156][    C0]  ? __pfx___schedule+0x10/0x10
[  511.869230][    C0]  ? __lock_acquire+0xab9/0xd20
[  511.874408][    C0]  ? preempt_schedule_irq+0xaa/0x150
[  511.879755][    C0]  preempt_schedule_irq+0xb5/0x150
[  511.884916][    C0]  ? __pfx_preempt_schedule_irq+0x10/0x10
[  511.890684][    C0]  ? rcu_irq_exit_check_preempt+0xdf/0x210
[  511.896524][    C0]  irqentry_exit+0x6f/0x90
[  511.900976][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  511.906990][    C0] RIP: 0010:kasan_check_range+0x43/0x2c0
[  511.912662][    C0] Code: 4c 8d 04 37 49 39 f8 0f 82 82 02 00 00 49 b9 00 00 00 00 00 80 ff ff eb 11 cc cc cc f3 0f 1e fa 49 b9 00 00 00 00 00 00 00 ff <f3> 0f 1e fa 4c 39 cf 0f 82 58 02 00 00 49 89 ff 49 c1 ef 03 49 ba
[  511.932303][    C0] RSP: 0018:ffffc90003476e80 EFLAGS: 00000202
[  511.938407][    C0] RAX: 1ffff9200068ed01 RBX: 0000000000000010 RCX: ffffffff8172a6d8
[  511.946408][    C0] RDX: 0000000000000001 RSI: 0000000000000010 RDI: ffffc90003476ff8
[  511.954407][    C0] RBP: 0000000000000000 R08: ffffc90003477008 R09: ffff800000000000
[  511.962405][    C0] R10: ffffc90003476ff8 R11: ffffffff81acf220 R12: ffffc90003477378
[  511.970415][    C0] R13: ffffc90003476ff8 R14: ffffc90003476ff8 R15: ffffc90003476ff0
[  511.978517][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  511.984752][    C0]  ? unwind_next_frame+0xc98/0x2390
[  511.989998][    C0]  __asan_memset+0x22/0x50
[  511.994452][    C0]  unwind_next_frame+0xc98/0x2390
[  511.999517][    C0]  ? unwind_next_frame+0xa5/0x2390
[  512.004663][    C0]  ? put_cpu_partial+0x17c/0x250
[  512.009633][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  512.015823][    C0]  arch_stack_walk+0x11c/0x150
[  512.020644][    C0]  ? __slab_free+0x2f7/0x400
[  512.025271][    C0]  stack_trace_save+0x9c/0xe0
[  512.029981][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[  512.035403][    C0]  save_stack+0xf7/0x1f0
[  512.039686][    C0]  ? __pfx_save_stack+0x10/0x10
[  512.044574][    C0]  ? __free_frozen_pages+0xc65/0xe60
[  512.049902][    C0]  ? __put_partials+0x161/0x1c0
[  512.054778][    C0]  ? put_cpu_partial+0x17c/0x250
[  512.059764][    C0]  ? page_ext_put+0x97/0xc0
[  512.064312][    C0]  __reset_page_owner+0x71/0x1f0
[  512.069294][    C0]  __free_frozen_pages+0xc65/0xe60
[  512.074453][    C0]  __put_partials+0x161/0x1c0
[  512.079171][    C0]  put_cpu_partial+0x17c/0x250
[  512.083964][    C0]  ? put_cpu_partial+0x6d/0x250
[  512.088850][    C0]  __slab_free+0x2f7/0x400
[  512.093300][    C0]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  512.099227][    C0]  ? __phys_addr+0xd3/0x180
[  512.103853][    C0]  qlist_free_all+0x97/0x140
[  512.108483][    C0]  kasan_quarantine_reduce+0x148/0x160
[  512.113980][    C0]  __kasan_slab_alloc+0x22/0x80
[  512.118864][    C0]  __kmalloc_node_track_caller_noprof+0x216/0x4e0
[  512.125315][    C0]  ? __alloc_skb+0x142/0x2d0
[  512.129940][    C0]  ? __alloc_skb+0x142/0x2d0
[  512.134555][    C0]  kmalloc_reserve+0x136/0x290
[  512.139365][    C0]  __alloc_skb+0x142/0x2d0
[  512.143821][    C0]  alloc_skb_with_frags+0xca/0x890
[  512.148971][    C0]  ? __lock_acquire+0xab9/0xd20
[  512.153876][    C0]  sock_alloc_send_pskb+0x857/0x990
[  512.159146][    C0]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  512.164899][    C0]  ? is_bpf_text_address+0x26/0x2b0
[  512.170126][    C0]  ? smack_socket_getpeersec_dgram+0x320/0x430
[  512.176315][    C0]  unix_dgram_sendmsg+0x4f6/0x1870
[  512.181459][    C0]  ? __kernel_text_address+0xd/0x40
[  512.186699][    C0]  ? __pfx_smack_socket_sendmsg+0x10/0x10
[  512.192469][    C0]  ? __pfx_unix_dgram_sendmsg+0x10/0x10
[  512.198058][    C0]  ? unix_seqpacket_sendmsg+0x111/0x1e0
[  512.203645][    C0]  ? __pfx_unix_seqpacket_sendmsg+0x10/0x10
[  512.209574][    C0]  __sock_sendmsg+0x219/0x270
[  512.214295][    C0]  sock_write_iter+0x258/0x330
[  512.219106][    C0]  ? __pfx_sock_write_iter+0x10/0x10
[  512.224457][    C0]  do_iter_readv_writev+0x56e/0x7f0
[  512.229702][    C0]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  512.235461][    C0]  ? bpf_lsm_file_permission+0x9/0x20
[  512.240858][    C0]  ? security_file_permission+0x75/0x290
[  512.246528][    C0]  ? rw_verify_area+0x258/0x650
[  512.251415][    C0]  vfs_writev+0x31a/0x960
[  512.255781][    C0]  ? __pfx_vfs_writev+0x10/0x10
[  512.260696][    C0]  do_writev+0x14d/0x2d0
[  512.264974][    C0]  ? __pfx_do_writev+0x10/0x10
[  512.269767][    C0]  ? __secure_computing+0xe2/0x2a0
[  512.274922][    C0]  do_syscall_64+0xfa/0x3b0
[  512.279454][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  512.284688][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  512.290795][    C0]  ? clear_bhb_loop+0x60/0xb0
[  512.295506][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  512.301426][    C0] RIP: 0033:0x7efc29428407
[  512.305871][    C0] RSP: 002b:00007ffdad015b50 EFLAGS: 00000202 ORIG_RAX: 0000000000000014
[  512.314324][    C0] RAX: ffffffffffffffda RBX: 00007efc2939e740 RCX: 00007efc29428407
[  512.322322][    C0] RDX: 0000000000000005 RSI: 00007ffdad015bb0 RDI: 000000000000000a
[  512.330324][    C0] RBP: 000056512015b6d0 R08: 0000000000000000 R09: 0000000000000000
[  512.338325][    C0] R10: 0000000000000000 R11: 0000000000000202 R12: 000056512015b6d0
[  512.346324][    C0] R13: 000000000000012c R14: 00000000ffffffff R15: 0000000000000000
[  512.354342][    C0]  </TASK>
[  512.357390][    C0] rcu: rcu_preempt kthread starved for 10421 jiffies! g21985 f0x2 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
[  512.368613][    C0] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  512.378607][    C0] rcu: RCU grace-period kthread stack dump:
[  512.384518][    C0] task:rcu_preempt     state:R  running task     stack:26792 pid:16    tgid:16    ppid:2      task_flags:0x208040 flags:0x00004000
[  512.398051][    C0] Call Trace:
[  512.401360][    C0]  <TASK>
[  512.404328][    C0]  __schedule+0x16a2/0x4cb0
[  512.408890][    C0]  ? schedule+0x165/0x360
[  512.413259][    C0]  ? __pfx___schedule+0x10/0x10
[  512.418162][    C0]  ? schedule+0x91/0x360
[  512.422450][    C0]  schedule+0x165/0x360
[  512.426641][    C0]  schedule_timeout+0x12b/0x270
[  512.431530][    C0]  ? __pfx_schedule_timeout+0x10/0x10
[  512.436929][    C0]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  512.442860][    C0]  ? __pfx_process_timeout+0x10/0x10
[  512.448191][    C0]  ? prepare_to_swait_event+0x341/0x380
[  512.453804][    C0]  rcu_gp_fqs_loop+0x301/0x1540
[  512.458696][    C0]  ? __pfx_rcu_watching_snap_recheck+0x10/0x10
[  512.464879][    C0]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[  512.470189][    C0]  ? _raw_spin_unlock_irq+0x2e/0x50
[  512.475434][    C0]  rcu_gp_kthread+0x99/0x390
[  512.480059][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  512.485308][    C0]  ? __kthread_parkme+0x7b/0x200
[  512.490281][    C0]  ? __kthread_parkme+0x1a1/0x200
[  512.495348][    C0]  kthread+0x711/0x8a0
[  512.499456][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  512.504681][    C0]  ? __pfx_kthread+0x10/0x10
[  512.509323][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  512.514571][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  512.519808][    C0]  ? __pfx_kthread+0x10/0x10
[  512.524451][    C0]  ret_from_fork+0x3f9/0x770
[  512.529079][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[  512.534231][    C0]  ? __switch_to_asm+0x39/0x70
[  512.539035][    C0]  ? __switch_to_asm+0x33/0x70
[  512.543844][    C0]  ? __pfx_kthread+0x10/0x10
[  512.548473][    C0]  ret_from_fork_asm+0x1a/0x30
[  512.553285][    C0]  </TASK>
[  512.556331][    C0] rcu: Stack dump where RCU GP kthread last ran:
[  512.562684][    C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(full) 
[  512.574342][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  512.584432][    C0] RIP: 0010:__alloc_skb+0x12e/0x2d0
[  512.589667][    C0] Code: e6 83 e6 fe 4c 89 ff 89 ea e8 1e 43 cf f8 eb 0a e8 e7 d1 78 f8 e8 c2 01 00 00 49 89 c6 48 85 c0 0f 84 13 01 00 00 41 0f 0d 0e <48> 8d 7c 24 04 48 8d 4c 24 03 44 89 e6 89 ea e8 7e 08 00 00 48 85
[  512.609315][    C0] RSP: 0018:ffffc90000007098 EFLAGS: 00000286
[  512.615420][    C0] RAX: ffff88818859edc0 RBX: 0000000000000000 RCX: c32aac3ee7993200
[  512.623422][    C0] RDX: ffff888140ac9a00 RSI: ffffffff8be1ca20 RDI: ffffffff8be1c9e0
[  512.631423][    C0] RBP: 00000000ffffffff R08: 00000000ffffffff R09: 0000000000000000
[  512.639423][    C0] R10: ffff88818859edc0 R11: ffffffff81acf220 R12: 0000000000000820
[  512.647423][    C0] R13: 0000000000000820 R14: ffff88818859edc0 R15: ffff888140ac9a00
[  512.655427][    C0] FS:  0000000000000000(0000) GS:ffff888125c4f000(0000) knlGS:0000000000000000
[  512.664384][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  512.670998][    C0] CR2: 00007efc29517b45 CR3: 000000007a918000 CR4: 00000000003526f0
[  512.679006][    C0] Call Trace:
[  512.682926][    C0]  <IRQ>
[  512.685803][    C0]  synproxy_send_client_synack+0x16c/0xe20
[  512.691670][    C0]  ? __pfx_synproxy_send_client_synack+0x10/0x10
[  512.698033][    C0]  ? nft_osf_eval+0x5e0/0x770
[  512.702749][    C0]  ? synproxy_pernet+0x45/0x270
[  512.707639][    C0]  nft_synproxy_eval_v4+0x36e/0x560
[  512.712884][    C0]  ? __pfx_nft_synproxy_eval_v4+0x10/0x10
[  512.718651][    C0]  ? nf_ip_checksum+0x13c/0x510
[  512.723545][    C0]  nft_synproxy_do_eval+0x345/0x570
[  512.728786][    C0]  ? __pfx_nft_synproxy_do_eval+0x10/0x10
[  512.734547][    C0]  ? queue_work_on+0x115/0x270
[  512.739345][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  512.744584][    C0]  ? queue_work_on+0x1ed/0x270
[  512.749388][    C0]  nft_do_chain+0x409/0x1920
[  512.754016][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  512.759255][    C0]  ? __local_bh_enable_ip+0x12d/0x1c0
[  512.764674][    C0]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  512.770450][    C0]  ? __pfx_nft_do_chain+0x10/0x10
[  512.775552][    C0]  ? __pfx_nf_nat_inet_fn+0x10/0x10
[  512.780798][    C0]  nft_do_chain_inet+0x25d/0x340
[  512.785784][    C0]  ? __pfx_nft_do_chain_inet+0x10/0x10
[  512.791292][    C0]  ? ipt_do_table+0x2a3/0x1630
[  512.796105][    C0]  ? nf_nat_ipv4_local_in+0x223/0x720
[  512.801525][    C0]  ? __pfx_nft_do_chain_inet+0x10/0x10
[  512.807047][    C0]  nf_hook_slow+0xc5/0x220
[  512.811506][    C0]  NF_HOOK+0x206/0x3a0
[  512.815608][    C0]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[  512.821623][    C0]  ? NF_HOOK+0x9a/0x3a0
[  512.825827][    C0]  ? __pfx_NF_HOOK+0x10/0x10
[  512.830456][    C0]  ? ip_rcv_finish_core+0xda3/0x1c00
[  512.835778][    C0]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[  512.841792][    C0]  ? skb_dst+0x4f/0xd0
[  512.845895][    C0]  ? ip_local_deliver+0x12a/0x1b0
[  512.850952][    C0]  NF_HOOK+0x30c/0x3a0
[  512.855059][    C0]  ? __pfx_ip_rcv_finish+0x10/0x10
[  512.860202][    C0]  ? NF_HOOK+0x9a/0x3a0
[  512.864389][    C0]  ? __pfx_NF_HOOK+0x10/0x10
[  512.869006][    C0]  ? ip_rcv_core+0x7f7/0xd00
[  512.873632][    C0]  ? __pfx_ip_rcv_finish+0x10/0x10
[  512.878782][    C0]  ? __pfx_ip_rcv+0x10/0x10
[  512.883314][    C0]  __netif_receive_skb+0x143/0x380
[  512.888467][    C0]  ? process_backlog+0x2d5/0x14f0
[  512.893538][    C0]  process_backlog+0x60e/0x14f0
[  512.898433][    C0]  ? __lock_acquire+0xab9/0xd20
[  512.903340][    C0]  ? __pfx_process_backlog+0x10/0x10
[  512.908672][    C0]  __napi_poll+0xc4/0x480
[  512.913041][    C0]  ? net_rx_action+0x46d/0xe30
[  512.917848][    C0]  net_rx_action+0x707/0xe30
[  512.922472][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  512.927725][    C0]  ? __pfx_net_rx_action+0x10/0x10
[  512.932907][    C0]  handle_softirqs+0x283/0x870
[  512.937706][    C0]  ? __irq_exit_rcu+0xca/0x1f0
[  512.942507][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  512.947829][    C0]  ? irqtime_account_irq+0xb6/0x1c0
[  512.953067][    C0]  __irq_exit_rcu+0xca/0x1f0
[  512.957701][    C0]  ? __pfx___irq_exit_rcu+0x10/0x10
[  512.962940][    C0]  irq_exit_rcu+0x9/0x30
[  512.967210][    C0]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  512.972876][    C0]  </IRQ>
[  512.975839][    C0]  <TASK>
[  512.978797][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  512.984813][    C0] RIP: 0010:pv_native_safe_halt+0x13/0x20
[  512.990583][    C0] Code: cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d 93 3d 20 00 f3 0f 1e fa fb f4 <e9> 88 dd 02 00 cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90
[  513.010222][    C0] RSP: 0018:ffffffff8de07d80 EFLAGS: 000002c6
[  513.016326][    C0] RAX: c32aac3ee7993200 RBX: ffffffff81975b68 RCX: c32aac3ee7993200
[  513.024409][    C0] RDX: 0000000000000001 RSI: ffffffff8d984d62 RDI: ffffffff8be1ca40
[  513.032406][    C0] RBP: ffffffff8de07ea8 R08: ffff8880b8632f5b R09: 1ffff110170c65eb
[  513.040415][    C0] R10: dffffc0000000000 R11: ffffed10170c65ec R12: ffffffff8fa0c5f0
[  513.048416][    C0] R13: 0000000000000000 R14: 0000000000000000 R15: 1ffffffff1bd2a50
[  513.056435][    C0]  ? do_idle+0x1e8/0x510
[  513.060762][    C0]  default_idle+0x13/0x20
[  513.065123][    C0]  default_idle_call+0x74/0xb0
[  513.069924][    C0]  do_idle+0x1e8/0x510
[  513.074029][    C0]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  513.079711][    C0]  ? __pfx_do_idle+0x10/0x10
[  513.084352][    C0]  ? do_idle+0x4ef/0x510
[  513.088631][    C0]  cpu_startup_entry+0x44/0x60
[  513.093427][    C0]  rest_init+0x2de/0x300
[  513.097703][    C0]  ? __pfx_x86_late_time_init+0x10/0x10
[  513.103290][    C0]  start_kernel+0x47d/0x500
[  513.107833][    C0]  x86_64_start_reservations+0x24/0x30
[  513.113338][    C0]  x86_64_start_kernel+0x143/0x1c0
[  513.118484][    C0]  common_startup_64+0x13e/0x147
[  513.123478][    C0]  </TASK>
[  513.156145][   T31] INFO: task jbd2/sda1-8:5168 blocked for more than 144 seconds.
[  513.178761][   T31]       Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0
[  513.186437][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  513.209941][   T31] task:jbd2/sda1-8     state:D stack:22912 pid:5168  tgid:5168  ppid:2      task_flags:0x240040 flags:0x00004000
[  513.236849][   T31] Call Trace:
[  513.254567][   T31]  <TASK>
[  513.271843][   T31]  __schedule+0x16a2/0x4cb0
[  513.276427][   T31]  ? schedule+0x165/0x360
[  513.296523][   T31]  ? __pfx___schedule+0x10/0x10
[  513.331072][   T31]  ? schedule+0x91/0x360
[  513.335385][   T31]  schedule+0x165/0x360
[  513.353839][   T31]  jbd2_journal_wait_updates+0x18e/0x270
[  513.374203][   T31]  ? __pfx_jbd2_journal_wait_updates+0x10/0x10
[  513.394701][   T31]  ? do_raw_write_lock+0x11d/0x260
[  513.415290][   T31]  ? __pfx_autoremove_wake_function+0x10/0x10
[  513.436638][   T31]  ? __pfx_do_raw_write_lock+0x10/0x10
[  513.456106][   T31]  jbd2_journal_commit_transaction+0x85f/0x5a00
[  513.476755][   T31]  ? __lock_acquire+0xab9/0xd20
[  513.496017][   T31]  ? __lock_acquire+0xab9/0xd20
[  513.515832][   T31]  ? __pfx_jbd2_journal_commit_transaction+0x10/0x10
[  513.537819][   T31]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  513.544237][   T31]  ? __try_to_del_timer_sync+0x34a/0x3a0
[  513.565116][   T31]  ? __pfx___timer_delete_sync+0x10/0x10
[  513.585239][   T31]  kjournald2+0x3cf/0x750
[  513.605651][   T31]  ? __pfx_kjournald2+0x10/0x10
[  513.626717][   T31]  ? __pfx_autoremove_wake_function+0x10/0x10
[  513.647228][   T31]  ? __kthread_parkme+0x7b/0x200
[  513.652224][   T31]  ? __kthread_parkme+0x1a1/0x200
[  513.671919][   T31]  kthread+0x711/0x8a0
[  513.676052][   T31]  ? __pfx_kjournald2+0x10/0x10
[  513.695362][   T31]  ? __pfx_kthread+0x10/0x10
[  513.715492][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  513.736038][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  513.756233][   T31]  ? __pfx_kthread+0x10/0x10
[  513.775295][   T31]  ret_from_fork+0x3f9/0x770
[  513.794716][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  513.815307][   T31]  ? __switch_to_asm+0x39/0x70
[  513.835796][   T31]  ? __switch_to_asm+0x33/0x70
[  513.855732][   T31]  ? __pfx_kthread+0x10/0x10
[  513.874854][   T31]  ret_from_fork_asm+0x1a/0x30
[  513.894131][   T31]  </TASK>
[  513.913253][   T31] 
[  513.913253][   T31] Showing all locks held in the system:
[  513.936363][   T31] 1 lock held by kworker/R-kvfre/6:
[  513.956023][   T31]  #0: ffffffff8dfe5d08 (wq_pool_attach_mutex){+.+.}-{4:4}, at: worker_attach_to_pool+0x2e/0x3a0
[  513.981174][   T31] 3 locks held by kworker/0:0/9:
[  513.986155][   T31] 3 locks held by kworker/0:1/10:
[  514.005595][   T31] 4 locks held by kworker/u8:0/12:
[  514.025708][   T31] 3 locks held by kworker/u8:1/13:
[  514.046653][   T31] 1 lock held by kworker/R-mm_pe/14:
[  514.066526][   T31] 1 lock held by khungtaskd/31:
[  514.085995][   T31]  #0: ffffffff8e13f160 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[  514.111038][   T31] 3 locks held by kworker/u8:2/36:
[  514.116192][   T31] 3 locks held by kworker/u8:3/49:
[  514.136766][   T31] 3 locks held by kworker/u8:4/61:
[  514.158072][   T31] 3 locks held by kworker/u8:5/76:
[  514.163234][   T31] 3 locks held by kworker/0:2/979:
[  514.182872][   T31] 4 locks held by kworker/u8:6/1315:
[  514.202614][   T31] 3 locks held by kworker/u8:7/1324:
[  514.223382][   T31] 1 lock held by kworker/R-ipv6_/3184:
[  514.244451][   T31]  #0: ffffffff8dfe5d08 (wq_pool_attach_mutex){+.+.}-{4:4}, at: worker_attach_to_pool+0x2e/0x3a0
[  514.269524][   T31] 6 locks held by kworker/R-bat_e/3414:
[  514.275106][   T31] 3 locks held by kworker/u8:8/3532:
[  514.294781][   T31] 2 locks held by dhcpcd/5500:
[  514.314039][   T31] 1 lock held by dhcpcd/5501:
[  514.333693][   T31] 1 lock held by crond/5580:
[  514.354010][   T31] 2 locks held by getty/5598:
[  514.372687][   T31]  #0: ffff8880312150a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  514.397323][   T31]  #1: ffffc9000333b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400
[  514.422937][   T31] 2 locks held by syz-executor/5824:
[  514.443438][   T31] 2 locks held by syz-executor/5834:
[  514.463189][   T31] 1 lock held by syz-executor/5835:
[  514.483240][   T31]  #0: ffffffff8e144c78 (rcu_state.exp_mutex){+.+.}-{4:4}, at: synchronize_rcu_expedited+0x3b9/0x730
[  514.508639][   T31] 1 lock held by syz-executor/5836:
[  514.529649][   T31] 1 lock held by syz-executor/5842:
[  514.534891][   T31] 1 lock held by kworker/R-wg-cr/5872:
[  514.556006][   T31]  #0: ffffffff8dfe5d08 (wq_pool_attach_mutex){+.+.}-{4:4}, at: worker_attach_to_pool+0x2e/0x3a0
[  514.581126][   T31] 1 lock held by kworker/R-wg-cr/5883:
[  514.586625][   T31]  #0: ffffffff8dfe5d08 (wq_pool_attach_mutex){+.+.}-{4:4}, at: worker_attach_to_pool+0x2e/0x3a0
[  514.611579][   T31] 1 lock held by kworker/R-wg-cr/5884:
[  514.632411][   T31]  #0: ffffffff8dfe5d08 (wq_pool_attach_mutex){+.+.}-{4:4}, at: worker_attach_to_pool+0x2e/0x3a0
[  514.658586][   T31] 1 lock held by kworker/R-wg-cr/5885:
[  514.664082][   T31]  #0: ffffffff8dfe5d08 (wq_pool_attach_mutex){+.+.}-{4:4}, at: worker_attach_to_pool+0x2e/0x3a0
[  514.689165][   T31] 3 locks held by kworker/1:4/5893:
[  514.694399][   T31] 2 locks held by kworker/1:5/5900:
[  514.713974][   T31] 2 locks held by kworker/1:6/5907:
[  514.734664][   T31] 3 locks held by kworker/0:3/5924:
[  514.755948][   T31] 2 locks held by kworker/0:4/5934:
[  514.775774][   T31] 2 locks held by kworker/0:5/5954:
[  514.795796][   T31] 3 locks held by kworker/0:6/5984:
[  514.815472][   T31] 6 locks held by kworker/u8:9/6027:
[  514.836892][   T31] 4 locks held by kworker/u8:10/6096:
[  514.871889][   T31] 3 locks held by kworker/u8:11/6286:
[  514.891861][   T31] 4 locks held by kworker/u8:12/6349:
[  514.912241][   T31] 3 locks held by kworker/1:8/6800:
[  514.931942][   T31] 3 locks held by kworker/u8:13/6802:
[  514.952431][   T31] 3 locks held by syz.3.484/7714:
[  514.973621][   T31] 1 lock held by dhcpcd/7716:
[  514.993044][   T31] 
[  514.995408][   T31] =============================================
[  514.995408][   T31] 
[  515.017812][   T31] NMI backtrace for cpu 0
[  515.017830][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(full) 
[  515.017853][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  515.017864][   T31] Call Trace:
[  515.017872][   T31]  <TASK>
[  515.017881][   T31]  dump_stack_lvl+0x189/0x250
[  515.017906][   T31]  ? __wake_up_klogd+0xd9/0x110
[  515.017935][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[  515.017957][   T31]  ? __pfx__printk+0x10/0x10
[  515.017995][   T31]  nmi_cpu_backtrace+0x39e/0x3d0
[  515.018023][   T31]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  515.018043][   T31]  ? _printk+0xcf/0x120
[  515.018072][   T31]  ? __pfx__printk+0x10/0x10
[  515.018097][   T31]  ? debug_show_all_locks+0x2e/0x180
[  515.018116][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  515.018145][   T31]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[  515.018172][   T31]  watchdog+0xfee/0x1030
[  515.018203][   T31]  ? watchdog+0x1de/0x1030
[  515.018239][   T31]  kthread+0x711/0x8a0
[  515.018267][   T31]  ? __pfx_watchdog+0x10/0x10
[  515.018291][   T31]  ? __pfx_kthread+0x10/0x10
[  515.018317][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  515.018343][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  515.018367][   T31]  ? __pfx_kthread+0x10/0x10
[  515.018393][   T31]  ret_from_fork+0x3f9/0x770
[  515.018414][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  515.018439][   T31]  ? __switch_to_asm+0x39/0x70
[  515.018461][   T31]  ? __switch_to_asm+0x33/0x70
[  515.018481][   T31]  ? __pfx_kthread+0x10/0x10
[  515.018505][   T31]  ret_from_fork_asm+0x1a/0x30
[  515.018545][   T31]  </TASK>
[  515.018552][   T31] Sending NMI from CPU 0 to CPUs 1:
[  515.563538][    C1] NMI backtrace for cpu 1
[  515.563557][    C1] CPU: 1 UID: 0 PID: 1301 Comm: aoe_tx0 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(full) 
[  515.563575][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  515.563585][    C1] RIP: 0010:stack_depot_save_flags+0x1c1/0x900
[  515.563611][    C1] Code: db 75 62 4d 8b 24 24 4d 39 fc 74 56 41 39 6c 24 10 75 f0 45 39 54 24 14 75 e9 31 c0 49 8b 0c c6 49 3b 4c c4 20 75 dc 48 ff c0 <41> 39 c5 75 ed 83 fe 02 72 31 49 8d 7c 24 1c 41 8b 5c 24 1c 85 db
[  515.563624][    C1] RSP: 0018:ffffc90000a07ed8 EFLAGS: 00000202
[  515.563640][    C1] RAX: 0000000000000016 RBX: 0000000000000000 RCX: ffffffff8715f2ab
[  515.563651][    C1] RDX: 00000000305a9a55 RSI: 0000000000000001 RDI: 0000000087779ffc
[  515.563662][    C1] RBP: 00000000782be574 R08: 000000002b75959a R09: 00000000915e89e8
[  515.563672][    C1] R10: 000000000000001a R11: ffffffff81acf220 R12: ffff8880594426e0
[  515.563683][    C1] R13: 000000000000001a R14: ffffc90000a07f50 R15: ffff88823b9e5740
[  515.563693][    C1] FS:  0000000000000000(0000) GS:ffff888125d4f000(0000) knlGS:0000000000000000
[  515.563706][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  515.563716][    C1] CR2: 00005650e8d664b0 CR3: 0000000079500000 CR4: 00000000003526f0
[  515.563733][    C1] Call Trace:
[  515.563739][    C1]  <IRQ>
[  515.563747][    C1]  ? nft_synproxy_do_eval+0x320/0x570
[  515.563772][    C1]  kasan_save_track+0x4f/0x80
[  515.563790][    C1]  ? kasan_save_track+0x3e/0x80
[  515.563807][    C1]  ? kasan_save_free_info+0x46/0x50
[  515.563822][    C1]  ? __kasan_slab_free+0x62/0x70
[  515.563840][    C1]  ? kmem_cache_free+0x18f/0x400
[  515.563858][    C1]  ? skb_release_data+0x62d/0x7c0
[  515.563876][    C1]  ? consume_skb+0x9e/0xf0
[  515.563891][    C1]  ? nft_synproxy_eval_v4+0x376/0x560
[  515.563909][    C1]  ? nft_synproxy_do_eval+0x345/0x570
[  515.563927][    C1]  ? nft_do_chain+0x409/0x1920
[  515.563945][    C1]  ? nft_do_chain_inet+0x25d/0x340
[  515.563962][    C1]  ? nf_hook_slow+0xc5/0x220
[  515.563977][    C1]  ? NF_HOOK+0x206/0x3a0
[  515.563992][    C1]  ? NF_HOOK+0x30c/0x3a0
[  515.564006][    C1]  ? __netif_receive_skb+0x143/0x380
[  515.564027][    C1]  ? process_backlog+0x60e/0x14f0
[  515.564041][    C1]  ? __napi_poll+0xc4/0x480
[  515.564062][    C1]  ? net_rx_action+0x707/0xe30
[  515.564076][    C1]  ? handle_softirqs+0x283/0x870
[  515.564090][    C1]  ? do_softirq+0xec/0x180
[  515.564103][    C1]  ? __local_bh_enable_ip+0x17d/0x1c0
[  515.564117][    C1]  ? __dev_queue_xmit+0x1cd7/0x3a70
[  515.564135][    C1]  ? tx+0x6b/0x190
[  515.564148][    C1]  ? kthread+0x1cd/0x3e0
[  515.564166][    C1]  ? kthread+0x711/0x8a0
[  515.564183][    C1]  ? ret_from_fork+0x3f9/0x770
[  515.564196][    C1]  ? ret_from_fork_asm+0x1a/0x30
[  515.564228][    C1]  ? skb_release_data+0x62d/0x7c0
[  515.564244][    C1]  kasan_save_free_info+0x46/0x50
[  515.564259][    C1]  __kasan_slab_free+0x62/0x70
[  515.564277][    C1]  kmem_cache_free+0x18f/0x400
[  515.564299][    C1]  skb_release_data+0x62d/0x7c0
[  515.564321][    C1]  consume_skb+0x9e/0xf0
[  515.564338][    C1]  nft_synproxy_eval_v4+0x376/0x560
[  515.564360][    C1]  ? __pfx_nft_synproxy_eval_v4+0x10/0x10
[  515.564387][    C1]  ? nf_ip_checksum+0x13c/0x510
[  515.564408][    C1]  nft_synproxy_do_eval+0x345/0x570
[  515.564430][    C1]  ? __pfx_nft_synproxy_do_eval+0x10/0x10
[  515.564458][    C1]  nft_do_chain+0x409/0x1920
[  515.564478][    C1]  ? __lock_acquire+0xab9/0xd20
[  515.564495][    C1]  ? __pfx_nft_do_chain+0x10/0x10
[  515.564528][    C1]  ? __pfx_nf_nat_inet_fn+0x10/0x10
[  515.564550][    C1]  nft_do_chain_inet+0x25d/0x340
[  515.564568][    C1]  ? __pfx_nft_do_chain_inet+0x10/0x10
[  515.564587][    C1]  ? ipt_do_table+0x2a3/0x1630
[  515.564605][    C1]  ? nf_nat_ipv4_local_in+0x223/0x720
[  515.564629][    C1]  ? __pfx_nft_do_chain_inet+0x10/0x10
[  515.564649][    C1]  nf_hook_slow+0xc5/0x220
[  515.564666][    C1]  NF_HOOK+0x206/0x3a0
[  515.564682][    C1]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[  515.564699][    C1]  ? NF_HOOK+0x9a/0x3a0
[  515.564713][    C1]  ? __pfx_NF_HOOK+0x10/0x10
[  515.564728][    C1]  ? ip_rcv_finish_core+0xda3/0x1c00
[  515.564746][    C1]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[  515.564764][    C1]  ? skb_dst+0x4f/0xd0
[  515.564779][    C1]  ? ip_local_deliver+0x12a/0x1b0
[  515.564797][    C1]  NF_HOOK+0x30c/0x3a0
[  515.564812][    C1]  ? __pfx_ip_rcv_finish+0x10/0x10
[  515.564826][    C1]  ? NF_HOOK+0x9a/0x3a0
[  515.564839][    C1]  ? __pfx_NF_HOOK+0x10/0x10
[  515.564852][    C1]  ? ip_rcv_core+0x7f7/0xd00
[  515.564867][    C1]  ? __pfx_ip_rcv_finish+0x10/0x10
[  515.564887][    C1]  ? __pfx_ip_rcv+0x10/0x10
[  515.564901][    C1]  __netif_receive_skb+0x143/0x380
[  515.564923][    C1]  ? process_backlog+0x2d5/0x14f0
[  515.564939][    C1]  process_backlog+0x60e/0x14f0
[  515.564960][    C1]  ? __pfx_process_backlog+0x10/0x10
[  515.564976][    C1]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  515.564996][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  515.565016][    C1]  __napi_poll+0xc4/0x480
[  515.565029][    C1]  ? net_rx_action+0x46d/0xe30
[  515.565045][    C1]  net_rx_action+0x707/0xe30
[  515.565076][    C1]  ? __lock_acquire+0xab9/0xd20
[  515.565097][    C1]  ? __pfx_net_rx_action+0x10/0x10
[  515.565113][    C1]  ? kvm_sched_clock_read+0x11/0x20
[  515.565138][    C1]  ? __pfx_sched_clock_cpu+0x10/0x10
[  515.565160][    C1]  handle_softirqs+0x283/0x870
[  515.565177][    C1]  ? do_softirq+0xec/0x180
[  515.565194][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  515.565211][    C1]  ? __dev_queue_xmit+0x27e/0x3a70
[  515.565231][    C1]  do_softirq+0xec/0x180
[  515.565244][    C1]  </IRQ>
[  515.565249][    C1]  <TASK>
[  515.565255][    C1]  ? __pfx_do_softirq+0x10/0x10
[  515.565268][    C1]  ? __lock_acquire+0xab9/0xd20
[  515.565285][    C1]  ? lockdep_softirqs_on+0x13b/0x1c0
[  515.565307][    C1]  __local_bh_enable_ip+0x17d/0x1c0
[  515.565322][    C1]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  515.565339][    C1]  ? __dev_queue_xmit+0x27e/0x3a70
[  515.565357][    C1]  ? __dev_queue_xmit+0x27e/0x3a70
[  515.565374][    C1]  ? __dev_queue_xmit+0x27e/0x3a70
[  515.565394][    C1]  __dev_queue_xmit+0x1cd7/0x3a70
[  515.565417][    C1]  ? __dev_queue_xmit+0x27e/0x3a70
[  515.565437][    C1]  ? rcu_is_watching+0x15/0xb0
[  515.565453][    C1]  ? trace_sched_exit_tp+0x38/0x120
[  515.565476][    C1]  ? __pfx___dev_queue_xmit+0x10/0x10
[  515.565498][    C1]  ? do_raw_spin_lock+0x121/0x290
[  515.565521][    C1]  ? do_raw_spin_unlock+0x122/0x240
[  515.565541][    C1]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  515.565565][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  515.565583][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  515.565603][    C1]  tx+0x6b/0x190
[  515.565617][    C1]  ? __pfx_tx+0x10/0x10
[  515.565629][    C1]  kthread+0x1cd/0x3e0
[  515.565653][    C1]  ? __pfx_kthread+0x10/0x10
[  515.565672][    C1]  ? __pfx_default_wake_function+0x10/0x10
[  515.565694][    C1]  ? __kthread_parkme+0x7b/0x200
[  515.565711][    C1]  ? __kthread_parkme+0x1a1/0x200
[  515.565730][    C1]  kthread+0x711/0x8a0
[  515.565748][    C1]  ? __pfx_kthread+0x10/0x10
[  515.565767][    C1]  ? __pfx_kthread+0x10/0x10
[  515.565786][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  515.565805][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  515.565823][    C1]  ? __pfx_kthread+0x10/0x10
[  515.565842][    C1]  ret_from_fork+0x3f9/0x770
[  515.565857][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[  515.565874][    C1]  ? __switch_to_asm+0x39/0x70
[  515.565890][    C1]  ? __switch_to_asm+0x33/0x70
[  515.565906][    C1]  ? __pfx_kthread+0x10/0x10
[  515.565925][    C1]  ret_from_fork_asm+0x1a/0x30
[  515.565949][    C1]  </TASK>
[  515.566535][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[  516.294284][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(full) 
[  516.306123][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  516.316206][   T31] Call Trace:
[  516.319528][   T31]  <TASK>
[  516.322486][   T31]  dump_stack_lvl+0x99/0x250
[  516.327113][   T31]  ? __asan_memcpy+0x40/0x70
[  516.331736][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[  516.336963][   T31]  ? __pfx__printk+0x10/0x10
[  516.341602][   T31]  panic+0x2db/0x790
[  516.345549][   T31]  ? __pfx_panic+0x10/0x10
[  516.349997][   T31]  ? nmi_backtrace_stall_check+0x433/0x440
[  516.355847][   T31]  ? irq_work_queue+0xbc/0x140
[  516.360657][   T31]  watchdog+0x102d/0x1030
[  516.365024][   T31]  ? watchdog+0x1de/0x1030
[  516.369482][   T31]  kthread+0x711/0x8a0
[  516.373591][   T31]  ? __pfx_watchdog+0x10/0x10
[  516.378304][   T31]  ? __pfx_kthread+0x10/0x10
[  516.382928][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  516.388161][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  516.393397][   T31]  ? __pfx_kthread+0x10/0x10
[  516.398026][   T31]  ret_from_fork+0x3f9/0x770
[  516.402653][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  516.407802][   T31]  ? __switch_to_asm+0x39/0x70
[  516.412606][   T31]  ? __switch_to_asm+0x33/0x70
[  516.417399][   T31]  ? __pfx_kthread+0x10/0x10
[  516.422038][   T31]  ret_from_fork_asm+0x1a/0x30
[  516.426863][   T31]  </TASK>
[  516.430166][   T31] Kernel Offset: disabled
[  516.434490][   T31] Rebooting in 86400 seconds..