last executing test programs:

8.492249842s ago: executing program 1 (id=2636):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r2=>0x0})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', <r4=>0x0})
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=@RTM_NEWMDB={0x38, 0x54, 0xe5, 0x0, 0x0, {0x7, r2}, [@MDBA_SET_ENTRY={0x20, 0x1, {r4, 0x1, 0x0, 0x3, {@ip4=@local, 0x86dd}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4}, 0x0)

8.409418231s ago: executing program 1 (id=2637):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x2)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000fdffffff850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_emit_ethernet(0x1e, &(0x7f0000000100)=ANY=[], 0x0)
timer_create(0x0, 0x0, 0x0)
timer_gettime(0x0, 0x0)
io_setup(0x7, 0x0)
openat$sysfs(0xffffff9c, &(0x7f00000000c0)='/sys/power/wakeup_count', 0x42, 0x0)
io_submit(0x0, 0x1, &(0x7f0000000500)=[0x0])

7.215766122s ago: executing program 1 (id=2642):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x4000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000000800000", @ANYRES8=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = socket$netlink(0x10, 0x3, 0x0)
writev(r3, &(0x7f0000000180)=[{&(0x7f0000000080)="390000001300090468fe0700000000000000ff3f04000000484100100000000004e438d2fd00000000004a7b72000000000000000000f90000", 0x39}], 0x1)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r4}, 0x4)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000510700140000000000000001b7080000000000007b8af8ff00000000b7080000fcffffff7b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)

7.214833371s ago: executing program 2 (id=2643):
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
symlink(&(0x7f0000000340)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
readlink(0x0, &(0x7f0000000200)=""/62, 0x3e)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYRES8=r0], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prlimit64(0x0, 0x2, 0x0, 0x0)
r4 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_rx_ring(r4, 0x107, 0x5, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000000)={0x2, &(0x7f0000000080)=[{0x28, 0x8, 0x0, 0x80}, {0x80000006, 0x0, 0x0, 0x72000000}]}, 0x10)
syz_emit_ethernet(0x3e, &(0x7f0000000200)=ANY=[], 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000000000000000000000000000000000000000cfb020cf9c26eeaa8dbedd9288edc8cdc7a5b1de41f3b580821c0fcd89f9c6f1b27d6a5e66ff90e45a2f66bfe1626d1bb70f1a3cc3f8ba9e42d92752d1b5899506fe5ff9fbe0ac354bb0bb6037e9d6dd630d0596d91170a76e7a4141f6d24e9daefc5d9bd9d49f5902cea566f65884a64e59f98968f5d497cbacbe3baa34f9e458cd701be640a62d4ac1b3778b5ef430cf36c95bdcbba052922a3d68bcb1fc4ad6d2384552c61ea5079815a6040ce8c4b80ce3c35ca6dee5597815f9b611d6bab31ea2e1f1ec7a2ef54089d1474ed49a14d841f4980d9dc005edc4a85920d2886bcb8e06a1a0b28d4ba0e04dae"], 0x48)
r5 = socket(0x10, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r5, 0x89f1, &(0x7f00000000c0)={'ip6gre0\x00', &(0x7f00000009c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, @mcast1, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}})
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r5, 0x89f3, &(0x7f0000000080)={'syztnl1\x00', &(0x7f0000000180)={'ip6_vti0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev, @empty}})
r6 = socket$nl_audit(0x10, 0x3, 0x9)
ioctl$sock_SIOCETHTOOL(r6, 0x8946, &(0x7f0000000080)={'bridge0\x00', &(0x7f0000000000)=@ethtool_ringparam={0x10, 0x2, 0x800, 0x100, 0x4, 0x2, 0x6, 0x10001, 0x1}})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x10)

7.078341812s ago: executing program 0 (id=2644):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000007c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-aes-aesni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000300)="c99b57381801238c09d0ff0f1d0dbd301e5a47b2f3caa73dcd2a6a370554375a", 0x20)
r1 = accept4(r0, 0x0, 0x0, 0x0)
recvmsg$kcm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f00000005c0)=""/217, 0xd9}], 0x1}, 0x2000)
sendmsg$TIPC_NL_MEDIA_SET(r1, &(0x7f0000000200)={0x0, 0xfffffffffffffce1, &(0x7f00000001c0)={&(0x7f00000033c0)=ANY=[], 0xf00}, 0x1, 0x0, 0x0, 0x4011}, 0x4090)

7.027908873s ago: executing program 3 (id=2645):
r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
ioctl$sock_netrom_SIOCADDRT(r0, 0x890b, &(0x7f0000000280)={0x1, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @bpq0, 0x10000, 'syz0\x00', @default, 0xfffffdb6, 0x2, [@default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]})
ioctl$sock_netrom_SIOCADDRT(r0, 0x890b, &(0x7f0000000000)={0x1, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bpq0, 0x10001, 'syz1\x00', @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, 0x1, 0x0, [@null, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @default, @default]})
ioctl$sock_netrom_SIOCADDRT(r0, 0x890b, &(0x7f0000000440)={0x1, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bpq0, 0x8, 'syz1\x00', @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x7, 0x4, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @null, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast]})

5.951746856s ago: executing program 2 (id=2646):
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
write$uinput_user_dev(r4, &(0x7f0000000840)={'syz1\x00', {0x0, 0x1, 0x0, 0xfffe}, 0x0, [0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [0x0, 0x0, 0x0, 0x0, 0x2265f112, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0xfffffffd], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x4000, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x504, 0xfffffffe, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8]}, 0x45c)
ioctl$UI_DEV_CREATE(r4, 0x5501)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[@ANYRES32=0x0], 0x54}}, 0x40c0)
socket$packet(0x11, 0xa, 0x300)
r5 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00')
pread64(r5, 0x0, 0x0, 0x100008)

5.905293663s ago: executing program 4 (id=2647):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r2=>0x0})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', <r4=>0x0})
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=@RTM_NEWMDB={0x38, 0x54, 0xe5, 0x0, 0x0, {0x7, r2}, [@MDBA_SET_ENTRY={0x20, 0x1, {r4, 0x1, 0x0, 0x3, {@ip4=@local, 0x86dd}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4}, 0x0)

5.411234559s ago: executing program 3 (id=2648):
socket$nl_xfrm(0x10, 0x3, 0x6)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000fdffffff850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x892b2000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000800)={0x0}}, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
r5 = socket$inet(0x2, 0x3, 0x8d)
setsockopt$inet_msfilter(r5, 0x0, 0x8, 0x0, 0x1)
getsockopt$inet_pktinfo(r5, 0x0, 0x8, &(0x7f0000000200)={<r6=>0x0, @local, @local}, &(0x7f0000000140)=0xc)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000000)={@ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x10, 0x0}}, 0x6d, r6})
socket(0xa, 0x1, 0x0)
ioctl(0xffffffffffffffff, 0x8916, &(0x7f0000000000))
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f00000000c0)={'xfrm0\x00', &(0x7f0000000080)=@ethtool_pauseparam={0x12, 0x7ff, 0x6}})
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xc, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x6b, 0x11, 0x6e}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x8}, @exit]}, &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)

5.393079998s ago: executing program 0 (id=2649):
sched_setscheduler(0x0, 0x1, 0x0)
r0 = syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0xa401)
ioctl$USBDEVFS_ALLOC_STREAMS(r0, 0x8008551c, &(0x7f0000000d80)={0x1006, 0x1, [{0x1, 0x1}]})
io_submit(0x0, 0x0, 0x0)

5.372422868s ago: executing program 1 (id=2650):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x6, 0xe, &(0x7f00000008c0)=ANY=[@ANYBLOB="b7020000000d0000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000006f6400000000000045040400010000001704000001000a00b7040000ff0100006a0a00fe0000000085000000bd000000b70000000000000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d5550ad857d0454d8877a6db61d69f2ffcaa10350e11cb97c8adf1bc9a0c4eeceb9971e43405d621ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d5595f6fbaa187b81d1106000000000fd60000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7e43c5cbd80450f859ce8122a79c3e40000b59b0fc46d6cec3c0802882add4e3179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3a32efa04137d4524847d2638da3261c8162bb7c7824be6195a66d2e17e122040e1100000000928612a29fc691e4f1f7bd053abb885f39381f1759410b1059f05684261f332d606834669b49ec99320ca7712d7e79bd5bf5ed818ecc7640917f6a559a47db608fcf9f6c131b84e41c354c66838f72b9e12d36e996f316f0812ca83efb30c7f6c6d57c4a64590401eec22523dd712c680013e87f649a1ede7142ca9d5d8a8c9f9b440fe4331ad5532c74d9a31a5d737537f7a2caa30581253d14dd3e92af7dc836686365ae01bdec561c0402b67801267a8df97d2f85426a5963d4fa3e26cc05972c162f223f000000d999e80de00fcbcc02d0aed7bb8f7ba337d59c14f39dcd4aad4139ef6425a9367f1bd1467fc6b95a4df7669839771ce9d5788029901e5a79d8b9990ace8f74087f25ad50c46088000000008000"/686], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x3a, 0x10, &(0x7f0000000340), 0xd58495bc, 0x0, 0xffffffffffffffff, 0xffffffffffffff5b, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x42)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000c80)={r2, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x7ffe, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

4.283830077s ago: executing program 4 (id=2651):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f00000000c0)='rpc_request\x00', r0, 0x0, 0x5}, 0x18)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000001740)={0x0, 0x0, &(0x7f0000001700)={&(0x7f0000001580)={0x14, 0x25, 0x1, 0x70bd2c, 0x25dfdbff, {0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x40080c0}, 0x24000100)

4.112264949s ago: executing program 2 (id=2652):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='sys_enter\x00', r0}, 0x18)
sysinfo(&(0x7f0000000580)=""/84)

4.075068975s ago: executing program 1 (id=2653):
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, 0x0)
r0 = socket(0x10, 0x2, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), 0xffffffffffffffff)
socket$netlink(0x10, 0x3, 0xf)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
r1 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed074479000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r3}, 0x18)
open(&(0x7f00009e1000)='./file0\x00', 0xc162, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000140)={'ip6tnl0\x00', &(0x7f0000000000)={'syztnl1\x00', r4, 0x0, 0x0, 0x0, 0x0, 0x0, @private0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x7800, 0x7800}})
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r6 = dup(r5)
write$UHID_INPUT(r6, &(0x7f0000001980)={0xa, {"a2e3ad214fc752f91b2909094bf70e0dd038e7ff7fc6e5539b3245078b089b3b0838651a0890e0878f0e1ac6e7049b3d6d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b343b0d076d0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006)

4.073687253s ago: executing program 3 (id=2654):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000020000000900010073797a300000000040000000030a09020000000000000000020000000900010073797a30000000000900030073797a3200000000140004800800014000000000080002400000000014000000110001"], 0x88}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000b00)={{0x14}, [@NFT_MSG_NEWRULE={0x84, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x58, 0x4, 0x0, 0x1, [{0x54, 0x1, 0x0, 0x1, @match={{0xa}, @val={0x44, 0x2, 0x0, 0x1, [@NFTA_MATCH_REV={0x8}, @NFTA_MATCH_INFO={0x2c, 0x3, "5c8f020082395afa4d23edfcbe6d55b57cb15e63c15c46395916e2b388abc3d6ce2316334e8278ad"}, @NFTA_MATCH_NAME={0xa, 0x1, 'limit\x00'}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0xac}, 0x1, 0x0, 0x0, 0x8010}, 0x4000800)

4.045449137s ago: executing program 0 (id=2655):
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x2d)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)

3.945114256s ago: executing program 3 (id=2656):
r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000040)=0x7)
r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040301, 0x0)
r2 = syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000500)={0x0, 0xfffffffffffffd83, 0xfa00, {0x0, 0x0}}, 0xfdbc)
ioctl$SNDCTL_DSP_SYNC(r1, 0x5001, 0x0)
ioctl$SNDRV_PCM_IOCTL_SW_PARAMS(r2, 0xc0884113, &(0x7f0000000080)={0x1, 0xfffffffe, 0x0, 0x8, 0x8000, 0x0, 0x1, 0x0, 0x0, 0x1, 0xfffffffe, 0x2})
write$RDMA_USER_CM_CMD_NOTIFY(r2, &(0x7f0000000180)={0xf, 0x8, 0xfa00, {0xffffffffffffffff, 0x3}}, 0x10)

3.918527842s ago: executing program 2 (id=2657):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendmmsg$inet(r0, &(0x7f0000000cc0)=[{{0x0, 0x0, &(0x7f0000000b40)=[{&(0x7f0000000700)="acc841985992b79554acfc02163bb0fb2bb293e68702bb40b6b870bde5700d368744361ae9fce3a4ff", 0x29}, {&(0x7f0000000740)="b1f56ee29c433328d3b2a83bd97e37007087acae7568edff43ed556d76770122635aea1dc487553859348d48e6fc49d81c71590cd542e796cc2669e2af442a03760c5cdfc691b3da35ad6a8d2ef9c2baa53a8dec36a2e434d46e643a1277b1dd932f3ef2cf46c257d6a19523b8b789ef34b46e461725b5e437323385b88c368f8bb5b95e269169f5f7b51dd5319b8016623d1863d70581691a79a6678db1e5e7fa1c98c5b9e4a87272e9c4a1bde5fbc390c7ccb9d3c1020e80bd0659e82d861dc6fe4c62639134c54e708601eae992000000", 0xd2}, {&(0x7f0000000940)="5be3b011e12323e4ab88c0472f0700000000000000e71ba62334303d2db97401439932cfd4855c4cc243dae723789d8a9a16be3135c5f82691837c90ab19545f7a1dcf1449fd59eecae5f52fba1e89d6d34b39297bbbc2580600000000000000d6e36e737691a1c6bd2a64b2a85cbaaf648c9100000000000000", 0x7a}, {&(0x7f0000000b80)="bd2f6aa36cea0e4bccda24dc5bd69ad762e998d923018ec9f30d63c7059c3c786069915581888508ff589f82857ff546b23b88d6bd61f1efc982005bf6c9abc4fe2caf32ef3ff105b69346a4d09afd7b0b8bd5f8c25f0eab84d8ad1b65e2acc2ef0a9b0f9964d5b05db134bdd9f261b7349a42b463709b19b5605bd160899eaba704b3b37af409d2c47e808b3767959756c1273617b0b0f42f9caec585a7c463f8bbdf28c534c44dc0003816f47f296ed4ff", 0xb2}], 0x4}}], 0x1, 0xc0)
close(0x3)

3.883055623s ago: executing program 4 (id=2658):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x25dfdbfb, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x14, 0x2, 0x3, 0x301, 0x0, 0x0, {0x3, 0x0, 0x7}}, 0x14}, 0x1, 0x0, 0x0, 0x20040001}, 0x10)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000040)={'syz_tun\x00', &(0x7f0000000100)=@ethtool_link_settings={0x2, 0x0, 0x0, 0x81, 0x7, 0x0, 0x0, 0x0, 0x20}})

3.75177374s ago: executing program 2 (id=2659):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000300)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x7, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = socket(0x11, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'bridge_slave_1\x00', <r5=>0x0})
bind$packet(r4, &(0x7f0000000080)={0x11, 0x1c, r5, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x14)
sendto$packet(r4, &(0x7f00000002c0), 0x0, 0x0, 0x0, 0x0)
recvmsg(r4, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x2000)

3.683675695s ago: executing program 4 (id=2660):
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000000c0)='sched_switch\x00', r3}, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$wireguard(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r4, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2, 0x0, 0x0, 0x3}, [@call={0x85, 0x0, 0x0, 0x87}]}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

3.162308445s ago: executing program 3 (id=2661):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r2=>0x0})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480))
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=@RTM_NEWMDB={0x38, 0x54, 0xe5, 0x0, 0x0, {0x7, r2}, [@MDBA_SET_ENTRY={0x20, 0x1, {0x0, 0x1, 0x0, 0x3, {@ip4=@local, 0x86dd}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4}, 0x0)

2.861062833s ago: executing program 0 (id=2662):
r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
ioctl$sock_netrom_SIOCADDRT(r0, 0x890b, &(0x7f0000000280)={0x1, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @bpq0, 0x10000, 'syz0\x00', @default, 0xfffffdb6, 0x2, [@default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]})
ioctl$sock_netrom_SIOCADDRT(r0, 0x890b, &(0x7f0000000000)={0x1, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bpq0, 0x10001, 'syz1\x00', @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, 0x1, 0x0, [@null, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @default, @default]})
ioctl$sock_netrom_SIOCADDRT(r0, 0x890b, &(0x7f0000000440)={0x1, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bpq0, 0x8, 'syz1\x00', @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x7, 0x4, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @null, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast]})

2.261925921s ago: executing program 0 (id=2663):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1d00, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007ffffffb70200000800"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x2, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, &(0x7f00000000c0)=@req={0x8000, 0xb4f, 0x300, 0x6}, 0x10)
fadvise64(0xffffffffffffffff, 0xaa1e, 0x0, 0x5)
rt_sigprocmask(0x0, &(0x7f0000000240)={[0xfffffffffffe]}, 0x0, 0x8)
r2 = signalfd(0xffffffffffffffff, &(0x7f00000002c0)={[0x7fffffff]}, 0x8)
r3 = gettid()
timer_create(0x0, &(0x7f0000000180)={0x0, 0x17, 0x4, @tid=r3}, &(0x7f0000000080))
read$FUSE(r2, &(0x7f00000008c0)={0x2020}, 0xfffffef0)
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1}, {0x0, 0xe4c}}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r4, 0x11b, 0x4, &(0x7f0000000080)={0x0, 0x214000, 0x800}, 0x20)
setsockopt$XDP_TX_RING(r4, 0x11b, 0x3, &(0x7f00000001c0)=0x800, 0x4)
r5 = socket$tipc(0x1e, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000a00)={'veth1_to_batadv\x00'})
setsockopt$XDP_UMEM_COMPLETION_RING(r4, 0x11b, 0x6, &(0x7f0000000180)=0x20, 0x4)

2.26150636s ago: executing program 3 (id=2664):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x1, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/resume', 0x149a82, 0x0)
write$cgroup_int(r2, &(0x7f0000000040)=0x1c8, 0x12)
socket$inet6_udplite(0xa, 0x2, 0x88)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f00000001c0)={0x73622a85, 0xa})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0x101, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
r6 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r6, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x40)
setsockopt$inet_MCAST_JOIN_GROUP(r6, 0x0, 0x2a, 0x0, 0x0)
io_pgetevents(0x0, 0xffff, 0x0, 0x0, 0x0, &(0x7f0000000280)={0x0})

1.803013955s ago: executing program 2 (id=2665):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0xc, &(0x7f00000001c0)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
add_key$keyring(&(0x7f0000000140), 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000780)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
msync(&(0x7f0000949000/0x1000)=nil, 0x1000, 0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000240)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000000000800000000000", @ANYRES32, @ANYBLOB='\x00'/10, @ANYRES32=0x0, @ANYBLOB='\x00'/11], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x9, 0xc, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffffffff}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r5 = dup(r4)
ioctl$SIOCGSTAMP(r5, 0x8906, 0x0)
sendmsg$inet(r5, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000001600)=[{&(0x7f0000000140)="be38", 0xffdf}], 0x1, &(0x7f0000000c80)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @private}}}, @ip_retopts={{0x1c, 0x0, 0x7, {[@timestamp={0x44, 0x4, 0x73}, @noop]}}}], 0x40}, 0x0)
read$char_usb(r5, &(0x7f0000000080)=""/139, 0xfdef)
r6 = socket(0x10, 0x3, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket(0x10, 0x803, 0x0)
getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r9, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
ioctl$sock_SIOCSIFVLAN_DEL_VLAN_CMD(r6, 0x8983, &(0x7f0000000340)={0x1, 'nr0\x00', {}, 0x2})
sendmsg$nl_route_sched(r6, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, r9, {}, {0xffff, 0xffff}, {0x0, 0xb}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c}}]}, 0x78}}, 0x0)
ioctl$F2FS_IOC_COMPRESS_FILE(r2, 0xf518, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=@deltfilter={0x3c, 0x2d, 0x108, 0x70bd2a, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0xb, 0x5}, {0xb, 0xfff3}, {0xf, 0xfff3}}, [@TCA_CHAIN={0x8, 0xb, 0x2}, @TCA_RATE={0x6, 0x5, {0x9, 0x3}}, @TCA_RATE={0x6, 0x5, {0x4, 0xb}}]}, 0x3c}}, 0x0)

1.258256412s ago: executing program 4 (id=2666):
prlimit64(0x0, 0xe, 0x0, 0x0)
mmap(&(0x7f0000680000/0x1000)=nil, 0x1000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c}}, 0x0)
getsockname$packet(r2, &(0x7f0000000600)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=@newlink={0x50, 0x10, 0x503, 0x0, 0x700, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @ip6gre={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_GRE_REMOTE={0x14, 0x7, @local}]}}}, @IFLA_MASTER={0x8, 0xa, r3}]}, 0x50}, 0x1, 0x0, 0x0, 0x800}, 0xc0b0)

333.702419ms ago: executing program 4 (id=2667):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x408, 0xcd, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x6042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x143042, 0x0)
sendfile(r1, r2, 0x0, 0x80000002)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x0, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0xfffffffc, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r5, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff"], 0x15)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x1e, 0x0, 0x5, 0xff, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000580)={0x3, 0xc, &(0x7f0000000b00)=ANY=[@ANYBLOB="1800ff7f000000000000ffff00000000581100005cd0db053ffa1e850036bd4a2db4ff70ce7634d9005e790ea929eac84b3b430efe51bf31e75dcc65d4f07cd5e733ca6fa75e93cb02288ae57a90fee4cb9be4c6ce5b1ac480f4564d9b68ef034bda8693b7f8207f249c992f2f29d1174907773c325575b81f2263ad85cbe422d6b577f52224224f9ab0a406d0913245b3b238879813366ff3ec3afd650ab2171867b60a90290855f33ee4ae87e9662bd9f3bb538a2d4ed1420186d05a61", @ANYBLOB="7a3f59faf5a71e507669683f5eeca3c857eb388fbc55a2ed91dac4ac3c39b368ee06060e89e1579440c5ea88f2f57a76b2a420b3c5f7ade3f4d2be1fd5afb1d39c7918bfaa91cbd7052c5c70ab16f93c859a2a144662262680637aa3a37cbbe3b46d0e817555b509823fee0d12", @ANYBLOB="c700000000000000b7080000070000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704008a81f6772094a7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='timer_start\x00', r6}, 0x10)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000940))
r7 = dup(r5)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r7}})
write$FUSE_BMAP(r7, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r7, &(0x7f0000000540)=ANY=[@ANYBLOB="a8"], 0xa8)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x8, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x51}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call, @exit={0x95, 0x10}], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r7}})

113.534527ms ago: executing program 0 (id=2668):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x9}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xffd, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r4}, 0x10)
socket$inet_tcp(0x2, 0x1, 0x0)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0x2, 0x6, 0xfffa}, 0x3a, [0x8000, 0xc95a, 0xf, 0x8, 0x84, 0x2, 0x3, 0x7f, 0x20000006, 0x4d, 0x6, 0x5f, 0x9, 0x5, 0xffff2d37, 0xbfffff01, 0x6, 0x3, 0x3, 0x5, 0x4, 0x0, 0x7, 0x3c5b, 0x1, 0x24, 0xd, 0x1, 0x0, 0xffffffff, 0xe661, 0x4, 0x7, 0x3, 0x8, 0x4c74, 0x80000000, 0x242, 0x3, 0xe, 0x0, 0x80008071, 0x1, 0x17, 0x1, 0x2, 0x5, 0x3e, 0x8f, 0x6, 0x6, 0x0, 0x5, 0x7b, 0x8, 0x400, 0x80, 0x0, 0x5, 0x6, 0x8, 0x4, 0x1, 0x40], [0x10000007, 0x9, 0x8000012f, 0x8004, 0x5, 0xfffffff3, 0x129432e6, 0xc8, 0xf9, 0xe, 0x2bf, 0x6c7, 0x9, 0xfffffffc, 0x3, 0x0, 0x0, 0x5, 0x2f, 0xe, 0x312, 0xa, 0xea4, 0x0, 0x4, 0x7, 0x7ffc, 0x6, 0x400, 0x401, 0x6, 0x1, 0x20ff, 0x5, 0x1000005, 0x5f31, 0xd, 0x4e0, 0x2, 0x4, 0xb, 0x4, 0x9, 0x8, 0x9, 0x6, 0x47, 0x8000, 0x1, 0xfe000000, 0xffff, 0x2, 0x4, 0x9, 0x3, 0x3, 0x9, 0x1, 0x3, 0x3, 0xbc45, 0x48c93690, 0x42, 0x3], [0x7, 0x4, 0x4, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x9, 0x5, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x5, 0x5, 0x0, 0x1ef, 0x5, 0x8, 0x86, 0x3, 0x303c, 0x3e7, 0xb, 0x5, 0x2, 0x2, 0x3, 0x20000008, 0x4, 0x6d01, 0x6, 0x38, 0x800003, 0x200, 0x80, 0x3, 0x4, 0x2950bfaf, 0x1000, 0xa2, 0x7, 0xa9, 0x5, 0x6, 0xac8, 0xbf, 0x5, 0x3, 0x7ff, 0x12b, 0x4, 0x1, 0xa, 0x0, 0x5, 0x1c, 0x120000, 0x3, 0x2006, 0x80a2ed, 0x4, 0x25], [0x9, 0xbb33, 0x7, 0xb, 0x5, 0x938, 0x6, 0x6, 0x0, 0xb9, 0xce7, 0x1ff, 0x2, 0x57, 0x5, 0x3, 0x101, 0x10000, 0x4, 0x7fff, 0xffff, 0xa620, 0x2, 0x5, 0x1, 0x2, 0x14c, 0x60a7, 0x6, 0x15, 0xffffffff, 0x80000000, 0x5, 0x4, 0xc8, 0x0, 0xfffff000, 0x10000, 0x3, 0x7e, 0x100, 0x9602, 0x7, 0xaf, 0x8, 0x6, 0x226, 0x5, 0x5, 0x8, 0x30b1d693, 0xa1f, 0xf40, 0x7, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1e, 0x7, 0x200, 0xffff343f, 0xfff]}, 0x45c)
clock_settime(0x0, &(0x7f00000002c0)={0x77359400})
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000340)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000071000000850000000800000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='sys_enter\x00', r5}, 0x18)
fstat(0xffffffffffffffff, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00')
pread64(r6, &(0x7f0000000300)=""/246, 0xf6, 0x0)

0s ago: executing program 1 (id=2669):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
ioctl$GIO_CMAP(0xffffffffffffffff, 0x4b70, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x1, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000005700)={{r3, <r4=>0xffffffffffffffff}, &(0x7f0000005680), &(0x7f00000056c0)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x5}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0b00000005000000010001000900000001"], 0x48)
r6 = socket$nl_route(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=@newqdisc={0x48, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x2, 0x8}}]}}]}, 0x48}}, 0x0)

kernel console output (not intermixed with test programs):

46] xt_hashlimit: size too large, truncated to 1048576
[ 1014.821637][T15144] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(10)
[ 1014.828274][T15144] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1014.836013][T15144] vhci_hcd vhci_hcd.0: Device attached
[ 1015.054284][T15145] vhci_hcd: connection closed
[ 1015.085444][ T5875] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[ 1015.096919][   T12] vhci_hcd: stop threads
[ 1015.110395][   T12] vhci_hcd: release socket
[ 1015.141006][   T12] vhci_hcd: disconnect device
[ 1015.211590][T13837] vhci_hcd: vhci_device speed not set
[ 1015.454839][T14918] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[ 1015.896423][ T5875] usb 5-1: Using ep0 maxpacket: 8
[ 1015.905078][ T5875] usb 5-1: device descriptor read/all, error -71
[ 1016.036937][T14918] usb 3-1: Using ep0 maxpacket: 16
[ 1016.061906][T14918] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7
[ 1016.156180][ T5135] Bluetooth: hci0: command 0x0406 tx timeout
[ 1016.193014][T14918] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 1016.202215][ T5135] Bluetooth: hci1: command 0x0406 tx timeout
[ 1016.401430][ T5135] Bluetooth: hci2: command 0x0406 tx timeout
[ 1016.413858][T14918] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1016.436404][ T5135] Bluetooth: hci4: command 0x0406 tx timeout
[ 1016.442572][ T5135] Bluetooth: hci3: command 0x0406 tx timeout
[ 1017.402895][T14918] usb 3-1: Product: syz
[ 1017.410486][T14918] usb 3-1: Manufacturer: syz
[ 1017.415157][T14918] usb 3-1: SerialNumber: syz
[ 1017.425477][T14918] usb 3-1: config 0 descriptor??
[ 1017.704209][T15177] netlink: 68 bytes leftover after parsing attributes in process `syz.3.2223'.
[ 1018.118857][T15180] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1018.152934][T14918] usb 3-1: can't set config #0, error -71
[ 1018.184989][T14918] usb 3-1: USB disconnect, device number 11
[ 1018.195997][T15173] Bluetooth: hci0: command 0x0406 tx timeout
[ 1018.276879][T15173] Bluetooth: hci1: command 0x0406 tx timeout
[ 1018.290418][T15191] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2226'.
[ 1018.391757][T15200] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1018.454112][   T30] audit: type=1400 audit(1741732131.686:503): avc:  denied  { name_bind } for  pid=15186 comm="syz.0.2225" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[ 1018.454648][T15173] Bluetooth: hci2: command 0x0406 tx timeout
[ 1018.605187][    C1] blk_print_req_error: 98 callbacks suppressed
[ 1018.605209][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 8 prio class 0
[ 1018.607129][   T30] audit: type=1400 audit(1741732131.686:504): avc:  denied  { setopt } for  pid=15186 comm="syz.0.2225" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[ 1018.724545][    C0] I/O error, dev loop6, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1018.733711][    C0] buffer_io_error: 92 callbacks suppressed
[ 1018.733721][    C0] Buffer I/O error on dev loop6, logical block 1, async page read
[ 1018.748111][    C0] I/O error, dev loop6, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1018.757231][    C0] Buffer I/O error on dev loop6, logical block 1, async page read
[ 1018.885013][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1018.894179][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1018.925065][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1018.934235][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1018.942891][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1018.952095][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1018.965788][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1018.974938][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1018.983604][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1018.992791][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1019.171684][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 2 prio class 0
[ 1019.180828][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1019.188695][    C0] Buffer I/O error on dev loop6, logical block 1, async page read
[ 1019.203103][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1019.212284][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1019.396110][T15173] Bluetooth: hci3: command 0x0406 tx timeout
[ 1019.402124][T10125] Bluetooth: hci4: command 0x0406 tx timeout
[ 1019.409305][T15210] pic_ioport_write: 4 callbacks suppressed
[ 1019.409314][T15210] kvm: pic: single mode not supported
[ 1019.415102][T15210] pic_ioport_write: 12 callbacks suppressed
[ 1019.415108][T15210] kvm: pic: level sensitive irq not supported
[ 1019.594496][ T5196] ldm_validate_partition_table(): Disk read failed.
[ 1020.248961][ T5196] Dev loop6: unable to read RDB block 0
[ 1020.275103][ T5196]  loop6: unable to read partition table
[ 1020.594234][T15231] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=15231 comm=syz.4.2234
[ 1021.771877][   T30] audit: type=1400 audit(1741732135.006:505): avc:  denied  { setcurrent } for  pid=15241 comm="syz.0.2238" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[ 1021.889012][T15245] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1022.284678][   T30] audit: type=1400 audit(1741732135.506:506): avc:  denied  { map } for  pid=15241 comm="syz.0.2238" path="/proc/1671/cmdline" dev="proc" ino=44732 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=file permissive=1
[ 1022.366526][ T5875] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[ 1022.525961][ T5875] usb 2-1: Using ep0 maxpacket: 32
[ 1022.565852][ T5875] usb 2-1: config 0 has an invalid interface number: 12 but max is 0
[ 1022.585843][   T30] audit: type=1400 audit(1741732135.506:507): avc:  denied  { execute } for  pid=15241 comm="syz.0.2238" path="/proc/1671/cmdline" dev="proc" ino=44732 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=file permissive=1
[ 1022.682680][ T5875] usb 2-1: config 0 has no interface number 0
[ 1022.690665][ T5875] usb 2-1: config 0 interface 12 has no altsetting 0
[ 1022.701017][ T5875] usb 2-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[ 1022.711772][ T5875] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1022.719892][ T5875] usb 2-1: Product: syz
[ 1022.724123][ T5875] usb 2-1: Manufacturer: syz
[ 1022.729365][ T5875] usb 2-1: SerialNumber: syz
[ 1022.736298][ T5875] usb 2-1: config 0 descriptor??
[ 1022.741924][T15269] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2244'.
[ 1022.776054][T15269] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2244'.
[ 1022.894439][T15273] mkiss: ax0: crc mode is auto.
[ 1022.963523][ T5196] ldm_validate_partition_table(): Disk read failed.
[ 1022.971070][ T5196] Dev loop6: unable to read RDB block 0
[ 1023.784854][    C1] blk_print_req_error: 54 callbacks suppressed
[ 1023.784878][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1023.784905][    C1] buffer_io_error: 52 callbacks suppressed
[ 1023.784915][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1023.975903][   T30] audit: type=1400 audit(1741732136.836:508): avc:  denied  { connect } for  pid=15274 comm="syz.0.2246" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1023.975949][   T30] audit: type=1400 audit(1741732137.006:509): avc:  denied  { shutdown } for  pid=15274 comm="syz.0.2246" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1024.180389][T11280] libceph: connect (1)[c::]:6789 error -101
[ 1024.206726][    C1] I/O error, dev loop6, sector 24 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1024.216034][    C1] Buffer I/O error on dev loop6, logical block 3, async page read
[ 1024.230148][T15248] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1024.239427][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1024.248590][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1024.261901][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1024.271092][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1024.279007][ T5196]  loop6: unable to read partition table
[ 1024.375859][T15284] ceph: No mds server is up or the cluster is laggy
[ 1024.403692][T15248] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1024.496095][T11280] libceph: mon0 (1)[c::]:6789 connect error
[ 1024.957174][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[ 1024.975583][ T5875] f81534 2-1:0.12: f81534_set_register: reg: 1002 data: 0 failed: -71
[ 1024.978184][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1024.984583][ T5875] f81534 2-1:0.12: f81534_find_config_idx: read failed: -71
[ 1024.992959][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1025.030381][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1025.039616][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1025.052221][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1025.061442][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1025.070096][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1025.070182][T15314] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2253'.
[ 1025.079291][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1025.096246][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1025.096276][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1025.122633][ T5875] f81534 2-1:0.12: f81534_calc_num_ports: find idx failed: -71
[ 1025.149238][ T5875] f81534 2-1:0.12: probe with driver f81534 failed with error -71
[ 1025.177879][ T5875] usb 2-1: USB disconnect, device number 13
[ 1025.355204][T15326] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(9)
[ 1025.361749][T15326] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1025.608011][T15326] vhci_hcd vhci_hcd.0: Device attached
[ 1025.855832][T11280] usb 39-1: new low-speed USB device number 9 using vhci_hcd
[ 1026.036653][T10125] Bluetooth: hci4: command 0x0406 tx timeout
[ 1026.045885][T14918] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[ 1027.236018][T14555] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[ 1027.353849][T15336] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(9)
[ 1027.355859][T14918] usb 1-1: Using ep0 maxpacket: 8
[ 1027.360379][T15336] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1027.463553][T14918] usb 1-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[ 1027.464206][    C1] Buffer I/O error on dev loop6, logical block 1, async page read
[ 1027.475810][T14918] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1027.498887][T15336] vhci_hcd vhci_hcd.0: Device attached
[ 1027.505522][T14918] usb 1-1: Product: syz
[ 1027.522895][ T5881] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[ 1027.536747][T14918] usb 1-1: Manufacturer: syz
[ 1027.576372][T14918] usb 1-1: SerialNumber: syz
[ 1027.621679][T14918] usb 1-1: config 0 descriptor??
[ 1027.666246][T14555] usb 2-1: Using ep0 maxpacket: 16
[ 1027.681942][ T5196] ldm_validate_partition_table(): Disk read failed.
[ 1027.694431][T14555] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7
[ 1027.712552][ T5196] Dev loop6: unable to read RDB block 0
[ 1027.722943][T14555] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 1027.736400][    T9] usb 41-1: new low-speed USB device number 7 using vhci_hcd
[ 1027.737741][ T5196]  loop6: unable to read partition table
[ 1027.751317][T14555] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1027.766764][ T5881] usb 4-1: Using ep0 maxpacket: 16
[ 1027.770765][T14555] usb 2-1: Product: syz
[ 1027.787224][T14555] usb 2-1: Manufacturer: syz
[ 1027.790375][T15327] vhci_hcd: cannot find a urb of seqnum 1 max seqnum 5
[ 1027.812813][T14555] usb 2-1: SerialNumber: syz
[ 1028.611097][T14555] usb 2-1: config 0 descriptor??
[ 1028.732756][   T55] vhci_hcd: stop threads
[ 1028.737507][   T55] vhci_hcd: release socket
[ 1028.742059][   T55] vhci_hcd: disconnect device
[ 1028.950710][T14918] dvb_usb_rtl28xxu 1-1:0.0: chip type detection failed -71
[ 1028.982895][T14918] dvb_usb_rtl28xxu 1-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[ 1029.106351][ T5875] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[ 1029.114610][T14555] usb 2-1: can't set config #0, error -71
[ 1029.135354][T14918] usb 1-1: USB disconnect, device number 14
[ 1029.149109][T15341] vhci_hcd: connection reset by peer
[ 1029.184002][T14555] usb 2-1: USB disconnect, device number 14
[ 1029.216139][   T12] vhci_hcd: stop threads
[ 1029.220425][   T12] vhci_hcd: release socket
[ 1029.235095][   T12] vhci_hcd: disconnect device
[ 1029.246881][ T5881] usb 4-1: unable to get BOS descriptor or descriptor too short
[ 1029.279736][ T5881] usb 4-1: too many configurations: 30, using maximum allowed: 8
[ 1029.299569][ T5881] usb 4-1: unable to read config index 0 descriptor/start: -71
[ 1029.312948][T15364] trusted_key: encrypted_key: insufficient parameters specified
[ 1029.322522][ T5881] usb 4-1: can't read configurations, error -71
[ 1029.591331][   T30] audit: type=1804 audit(1741732142.826:510): pid=15371 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.4.2265" name="/newroot/451/file0" dev="tmpfs" ino=2539 res=1 errno=0
[ 1029.654898][   T30] audit: type=1804 audit(1741732142.826:511): pid=15371 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=ToMToU comm="syz.4.2265" name="/newroot/451/file0" dev="tmpfs" ino=2539 res=1 errno=0
[ 1029.806880][T14555] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[ 1030.146063][T14555] usb 2-1: Using ep0 maxpacket: 8
[ 1030.193896][T14555] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1030.293543][T14555] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1030.303732][T14555] usb 2-1: Duplicate descriptor for config 1 interface 0 altsetting 0, skipping
[ 1030.314837][T14555] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1030.325696][T14555] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1030.333953][T14555] usb 2-1: Product: syz
[ 1030.338336][T14555] usb 2-1: Manufacturer: syz
[ 1030.343764][T14555] usb 2-1: SerialNumber: syz
[ 1030.609883][T15383] netlink: 68 bytes leftover after parsing attributes in process `syz.0.2268'.
[ 1030.981504][T15390] QAT: Device 198 not found
[ 1030.991626][T15361] Bluetooth: MGMT ver 1.23
[ 1031.026678][T14555] usb 2-1: 0:2 : does not exist
[ 1031.047979][T14555] usb 2-1: 0:8 : does not exist
[ 1031.169659][T11280] vhci_hcd: vhci_device speed not set
[ 1031.281002][T14555] usb 2-1: USB disconnect, device number 15
[ 1032.280368][T14440] udevd[14440]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1032.594715][T15409] FAULT_INJECTION: forcing a failure.
[ 1032.594715][T15409] name failslab, interval 1, probability 0, space 0, times 0
[ 1032.610388][T15409] CPU: 0 UID: 0 PID: 15409 Comm: syz.0.2275 Not tainted 6.14.0-rc6-syzkaller-00007-g0b46b049d6ec #0
[ 1032.610413][T15409] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1032.610422][T15409] Call Trace:
[ 1032.610428][T15409]  <TASK>
[ 1032.610434][T15409]  dump_stack_lvl+0x16c/0x1f0
[ 1032.610462][T15409]  should_fail_ex+0x50a/0x650
[ 1032.610487][T15409]  ? fs_reclaim_acquire+0xae/0x150
[ 1032.610515][T15409]  should_failslab+0xc2/0x120
[ 1032.610534][T15409]  __kmalloc_node_noprof+0xd1/0x510
[ 1032.610554][T15409]  ? __kvmalloc_node_noprof+0xad/0x1a0
[ 1032.610585][T15409]  __kvmalloc_node_noprof+0xad/0x1a0
[ 1032.610612][T15409]  seq_read_iter+0x82a/0x12b0
[ 1032.610654][T15409]  seq_read+0x39f/0x4e0
[ 1032.610678][T15409]  ? __pfx_seq_read+0x10/0x10
[ 1032.610713][T15409]  ? avc_policy_seqno+0x9/0x20
[ 1032.610734][T15409]  ? __pfx_seq_read+0x10/0x10
[ 1032.610771][T15409]  proc_reg_read+0x23d/0x330
[ 1032.610863][T15409]  ? __pfx_proc_reg_read+0x10/0x10
[ 1032.611030][T15409]  vfs_read+0x1df/0xbf0
[ 1032.611266][T15409]  ? __fget_files+0x1fc/0x3a0
[ 1032.611420][T15409]  ? __pfx___mutex_lock+0x10/0x10
[ 1032.611642][T15409]  ? __pfx_vfs_read+0x10/0x10
[ 1032.611713][T15409]  ? __fget_files+0x206/0x3a0
[ 1032.611886][T15409]  ksys_read+0x12b/0x250
[ 1032.611988][T15409]  ? __pfx_ksys_read+0x10/0x10
[ 1032.612011][T15409]  do_syscall_64+0xcd/0x250
[ 1032.612036][T15409]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1032.612060][T15409] RIP: 0033:0x7f4f6f58d169
[ 1032.612074][T15409] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1032.612089][T15409] RSP: 002b:00007f4f70457038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1032.612106][T15409] RAX: ffffffffffffffda RBX: 00007f4f6f7a5fa0 RCX: 00007f4f6f58d169
[ 1032.612116][T15409] RDX: 000000000000008f RSI: 0000400000000200 RDI: 0000000000000003
[ 1032.612126][T15409] RBP: 00007f4f70457090 R08: 0000000000000000 R09: 0000000000000000
[ 1032.612136][T15409] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1032.612145][T15409] R13: 0000000000000000 R14: 00007f4f6f7a5fa0 R15: 00007ffca00f3cb8
[ 1032.612167][T15409]  </TASK>
[ 1032.824687][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1032.847534][T15411] 9pnet_virtio: no channels available for device syz
[ 1032.950375][T15414] overlayfs: missing 'workdir'
[ 1033.423757][    T9] vhci_hcd: vhci_device speed not set
[ 1033.475891][ T5875] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[ 1033.582646][   T30] audit: type=1400 audit(1741732146.816:512): avc:  denied  { create } for  pid=15418 comm="syz.2.2279" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[ 1034.222074][ T5875] usb 4-1: Using ep0 maxpacket: 16
[ 1034.497512][   T30] audit: type=1400 audit(1741732147.066:513): avc:  denied  { listen } for  pid=15418 comm="syz.2.2279" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[ 1034.531287][T11280] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[ 1034.531346][ T5875] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1034.583053][   T30] audit: type=1400 audit(1741732147.796:514): avc:  denied  { create } for  pid=15419 comm="syz.0.2280" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1
[ 1034.590044][ T5875] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1034.624134][ T5875] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1034.767880][   T30] audit: type=1400 audit(1741732147.856:515): avc:  denied  { read write } for  pid=15419 comm="syz.0.2280" name="uhid" dev="devtmpfs" ino=1273 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[ 1034.770118][ T5875] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1034.792253][   T30] audit: type=1400 audit(1741732147.856:516): avc:  denied  { open } for  pid=15419 comm="syz.0.2280" path="/dev/uhid" dev="devtmpfs" ino=1273 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[ 1034.792289][   T30] audit: type=1400 audit(1741732147.856:517): avc:  denied  { ioctl } for  pid=15419 comm="syz.0.2280" path="/dev/uhid" dev="devtmpfs" ino=1273 ioctlcmd=0xf509 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[ 1034.792319][   T30] audit: type=1400 audit(1741732147.886:518): avc:  denied  { sqpoll } for  pid=15419 comm="syz.0.2280" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[ 1034.891101][T15426] QAT: Device 198 not found
[ 1034.965972][T11280] usb 5-1: Using ep0 maxpacket: 16
[ 1034.989900][T11280] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7
[ 1035.091111][T11280] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 1035.113175][ T5875] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1035.184699][T15434] nfs4: Unknown parameter '
proc/sys/net/ipv4/vs/drop_packet'
[ 1035.208708][T11280] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1035.209394][ T5875] usb 4-1: config 0 descriptor??
[ 1035.229240][T11280] usb 5-1: Product: syz
[ 1035.273696][T11280] usb 5-1: Manufacturer: syz
[ 1035.334047][T11280] usb 5-1: SerialNumber: syz
[ 1035.357767][T11280] usb 5-1: config 0 descriptor??
[ 1035.453173][   T30] audit: type=1400 audit(1741732148.666:519): avc:  denied  { getopt } for  pid=15436 comm="syz.2.2286" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[ 1035.619109][T13837] usb 5-1: USB disconnect, device number 15
[ 1035.654874][ T5875] microsoft 0003:045E:07DA.000D: No inputs registered, leaving
[ 1035.726876][T15442] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(10)
[ 1035.733501][T15442] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1035.741276][T15442] vhci_hcd vhci_hcd.0: Device attached
[ 1035.760384][T15442] xt_hashlimit: size too large, truncated to 1048576
[ 1036.236063][ T5875] microsoft 0003:045E:07DA.000D: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.3-1/input0
[ 1036.262976][ T5875] microsoft 0003:045E:07DA.000D: no inputs found
[ 1036.270743][    T9] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[ 1036.278728][ T5875] microsoft 0003:045E:07DA.000D: could not initialize ff, continuing anyway
[ 1036.348643][T15443] vhci_hcd: connection closed
[ 1036.356392][   T55] vhci_hcd: stop threads
[ 1036.365336][   T55] vhci_hcd: release socket
[ 1036.376951][   T55] vhci_hcd: disconnect device
[ 1036.435882][   T53] usb 37-1: new low-speed USB device number 15 using vhci_hcd
[ 1036.443631][   T53] usb 37-1: enqueue for inactive port 0
[ 1036.444814][   T30] audit: type=1400 audit(1741732149.616:520): avc:  denied  { append } for  pid=15449 comm="syz.4.2288" name="sg0" dev="devtmpfs" ino=722 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[ 1036.484033][ T5875] usb 4-1: USB disconnect, device number 17
[ 1036.526060][   T53] vhci_hcd: vhci_device speed not set
[ 1036.566809][    T9] usb 1-1: New USB device found, idVendor=5543, idProduct=0004, bcdDevice= 0.00
[ 1036.632678][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1036.676839][T15456] xt_hashlimit: size too large, truncated to 1048576
[ 1037.118381][T15454] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8)
[ 1037.124945][T15454] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1037.132661][T15454] vhci_hcd vhci_hcd.0: Device attached
[ 1037.142667][T15455] vhci_hcd: connection closed
[ 1037.173945][    T9] usb 1-1: config 0 descriptor??
[ 1037.175943][   T12] vhci_hcd: stop threads
[ 1037.213345][   T12] vhci_hcd: release socket
[ 1037.222029][   T12] vhci_hcd: disconnect device
[ 1037.294320][T15463] QAT: Device 198 not found
[ 1037.636303][    T9] uclogic 0003:5543:0004.000E: item fetching failed at offset 2/5
[ 1037.645104][    T9] uclogic 0003:5543:0004.000E: parse failed
[ 1037.653286][    T9] uclogic 0003:5543:0004.000E: probe with driver uclogic failed with error -22
[ 1037.731734][T15472] QAT: Device 198 not found
[ 1038.131397][    T9] usb 1-1: USB disconnect, device number 15
[ 1039.516178][T15492] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2299'.
[ 1039.546866][T15494] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=15494 comm=syz.1.2299
[ 1039.928867][T15496] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1041.342285][T15508] /dev/nullb0: Can't open blockdev
[ 1041.597144][T15507] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(10)
[ 1041.603775][T15507] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1041.611416][T15507] vhci_hcd vhci_hcd.0: Device attached
[ 1042.285983][T15507] xt_hashlimit: size too large, truncated to 1048576
[ 1043.160217][T15510] vhci_hcd: connection closed
[ 1043.202702][   T55] vhci_hcd: stop threads
[ 1043.885407][T15516] xt_hashlimit: size too large, truncated to 1048576
[ 1043.998186][T15514] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8)
[ 1044.004725][T15514] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1044.012381][T15514] vhci_hcd vhci_hcd.0: Device attached
[ 1044.016380][   T55] vhci_hcd: release socket
[ 1044.023087][   T55] vhci_hcd: disconnect device
[ 1044.140594][T15517] vhci_hcd: connection closed
[ 1044.152064][ T1110] vhci_hcd: stop threads
[ 1044.185962][ T1110] vhci_hcd: release socket
[ 1044.216608][   T30] audit: type=1400 audit(1741732157.446:521): avc:  denied  { write } for  pid=15522 comm="syz.0.2305" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[ 1044.237920][ T1110] vhci_hcd: disconnect device
[ 1044.246016][ T5927] vhci_hcd: vhci_device speed not set
[ 1044.339936][T15527] QAT: Device 198 not found
[ 1045.015916][T15538] overlayfs: missing 'workdir'
[ 1045.965854][   T30] audit: type=1400 audit(1741732159.196:522): avc:  denied  { map } for  pid=15540 comm="syz.3.2311" path="socket:[46268]" dev="sockfs" ino=46268 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1
[ 1046.086422][T13837] libceph: connect (1)[c::]:6789 error -101
[ 1046.092514][T13837] libceph: mon0 (1)[c::]:6789 connect error
[ 1046.789417][T13837] libceph: connect (1)[c::]:6789 error -101
[ 1046.795402][T13837] libceph: mon0 (1)[c::]:6789 connect error
[ 1046.933851][T15545] ceph: No mds server is up or the cluster is laggy
[ 1047.505492][T13837] libceph: connect (1)[c::]:6789 error -101
[ 1047.514847][T13837] libceph: mon0 (1)[c::]:6789 connect error
[ 1048.232764][T15561] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5126 sclass=netlink_route_socket pid=15561 comm=syz.4.2315
[ 1048.353422][    C1] blk_print_req_error: 39 callbacks suppressed
[ 1048.353440][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 5 prio class 0
[ 1048.392989][    C1] I/O error, dev loop6, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1048.400292][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1048.402184][    C1] buffer_io_error: 37 callbacks suppressed
[ 1048.402193][    C1] Buffer I/O error on dev loop6, logical block 1, async page read
[ 1048.411286][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1048.416302][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1048.419244][    C1] I/O error, dev loop6, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1048.424903][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1048.432709][    C1] Buffer I/O error on dev loop6, logical block 1, async page read
[ 1048.450075][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1048.475600][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1048.484630][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1048.493791][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1048.506495][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1048.515705][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1048.641188][T15541] SELinux: failed to load policy
[ 1048.649735][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1048.658936][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1048.731735][   T30] audit: type=1400 audit(1741732161.876:523): avc:  denied  { load_policy } for  pid=15540 comm="syz.3.2311" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[ 1048.762496][T15569] netlink: 256 bytes leftover after parsing attributes in process `syz.2.2317'.
[ 1048.771658][T15569] netlink: 'syz.2.2317': attribute type 9 has an invalid length.
[ 1048.789913][T15569] /dev/nullb0: Can't open blockdev
[ 1049.176226][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1049.185379][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1049.194646][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1049.239091][ T5196] ldm_validate_partition_table(): Disk read failed.
[ 1049.261527][ T5196] Dev loop6: unable to read RDB block 0
[ 1049.285509][ T5196]  loop6: unable to read partition table
[ 1050.089068][T15583] xt_hashlimit: size too large, truncated to 1048576
[ 1050.377754][T15582] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8)
[ 1050.384293][T15582] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1050.391979][T15582] vhci_hcd vhci_hcd.0: Device attached
[ 1050.866002][   T30] audit: type=1326 audit(1741732163.886:524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15579 comm="syz.4.2323" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f6c4598d169 code=0x0
[ 1050.895712][T15585] vhci_hcd: connection closed
[ 1050.939501][ T1110] vhci_hcd: stop threads
[ 1050.952820][T15578] netlink: 'syz.1.2321': attribute type 10 has an invalid length.
[ 1050.962505][T15578] netlink: 2 bytes leftover after parsing attributes in process `syz.1.2321'.
[ 1050.981865][ T1110] vhci_hcd: release socket
[ 1050.991647][ T1110] vhci_hcd: disconnect device
[ 1053.451965][T15605] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(9)
[ 1053.458505][T15605] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1053.477337][T15605] vhci_hcd vhci_hcd.0: Device attached
[ 1053.734535][    C1] blk_print_req_error: 30 callbacks suppressed
[ 1053.734551][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 8 prio class 0
[ 1053.751255][    C1] I/O error, dev loop6, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1053.760413][    C1] buffer_io_error: 28 callbacks suppressed
[ 1053.760425][    C1] Buffer I/O error on dev loop6, logical block 1, async page read
[ 1053.779309][   T53] usb 35-1: new low-speed USB device number 12 using vhci_hcd
[ 1053.787883][    C1] I/O error, dev loop6, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1053.797041][    C1] Buffer I/O error on dev loop6, logical block 1, async page read
[ 1053.805849][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1053.814989][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1053.816601][ T5875] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[ 1053.832209][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1053.841397][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1053.851419][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1053.860600][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1053.868689][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1053.877856][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1053.886437][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1053.895587][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1053.905474][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1053.914670][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1053.926965][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1053.936147][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1053.944510][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1054.081761][ T5196] ldm_validate_partition_table(): Disk read failed.
[ 1054.089944][ T5196] Dev loop6: unable to read RDB block 0
[ 1054.102713][ T5196]  loop6: unable to read partition table
[ 1054.125420][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[ 1054.132618][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[ 1054.216622][ T5875] usb 2-1: Using ep0 maxpacket: 16
[ 1054.237344][T15628] netlink: 256 bytes leftover after parsing attributes in process `syz.0.2332'.
[ 1054.247036][T15628] netlink: 'syz.0.2332': attribute type 9 has an invalid length.
[ 1054.267199][T15628] /dev/nullb0: Can't open blockdev
[ 1054.652153][T15608] vhci_hcd: connection reset by peer
[ 1054.653095][ T5875] usb 2-1: unable to get BOS descriptor or descriptor too short
[ 1054.667453][ T5875] usb 2-1: too many configurations: 30, using maximum allowed: 8
[ 1054.693387][ T5875] usb 2-1: unable to read config index 0 descriptor/start: -71
[ 1054.702835][   T12] vhci_hcd: stop threads
[ 1054.715609][   T12] vhci_hcd: release socket
[ 1054.731697][ T5875] usb 2-1: can't read configurations, error -71
[ 1054.743662][   T12] vhci_hcd: disconnect device
[ 1055.211539][T15633] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5126 sclass=netlink_route_socket pid=15633 comm=syz.4.2333
[ 1055.548204][T15646] netlink: 68 bytes leftover after parsing attributes in process `syz.2.2334'.
[ 1056.625451][ T5196] ldm_validate_partition_table(): Disk read failed.
[ 1056.654583][ T5196] Dev loop6: unable to read RDB block 0
[ 1056.819416][ T5196]  loop6: unable to read partition table
[ 1058.106085][T15674] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(10)
[ 1058.112730][T15674] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1058.121122][T15675] vhci_hcd: connection closed
[ 1058.121141][T15674] vhci_hcd vhci_hcd.0: Device attached
[ 1058.132523][ T3540] vhci_hcd: stop threads
[ 1058.143282][ T3540] vhci_hcd: release socket
[ 1058.156159][T15677] netlink: 'syz.3.2339': attribute type 10 has an invalid length.
[ 1058.158536][ T3540] vhci_hcd: disconnect device
[ 1058.174720][T15677] netlink: 2 bytes leftover after parsing attributes in process `syz.3.2339'.
[ 1058.250167][ T5196] ldm_validate_partition_table(): Disk read failed.
[ 1058.286732][ T5196] Dev loop6: unable to read RDB block 0
[ 1058.301708][ T5196]  loop6: unable to read partition table
[ 1058.518501][T15692] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(10)
[ 1058.525130][T15692] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1058.532809][T15692] vhci_hcd vhci_hcd.0: Device attached
[ 1058.836160][ T5927] usb 37-1: new low-speed USB device number 16 using vhci_hcd
[ 1058.906055][   T53] vhci_hcd: vhci_device speed not set
[ 1059.002901][    C0] blk_print_req_error: 102 callbacks suppressed
[ 1059.002914][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[ 1059.036879][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1059.046074][    C0] buffer_io_error: 97 callbacks suppressed
[ 1059.046081][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1059.060808][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1059.069941][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1059.079948][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1059.089143][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1059.099079][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1059.108281][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1059.117036][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1059.117664][T15693] vhci_hcd: connection reset by peer
[ 1059.126228][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1059.151674][ T1051] vhci_hcd: stop threads
[ 1059.165063][ T1051] vhci_hcd: release socket
[ 1059.171447][T14555] libceph: connect (1)[c::]:6789 error -101
[ 1059.177493][ T1051] vhci_hcd: disconnect device
[ 1059.182453][T14555] libceph: mon0 (1)[c::]:6789 connect error
[ 1059.269098][T15705] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(9)
[ 1059.275655][T15705] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1059.339856][T15705] vhci_hcd vhci_hcd.0: Device attached
[ 1059.451014][T14555] libceph: connect (1)[c::]:6789 error -101
[ 1059.463724][T14555] libceph: mon0 (1)[c::]:6789 connect error
[ 1059.471040][   T30] audit: type=1326 audit(1741732172.706:525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15707 comm="syz.3.2348" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f6e4fb8d169 code=0x0
[ 1059.622900][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 8 prio class 0
[ 1059.642770][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1059.652003][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1059.702039][T13837] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[ 1059.717439][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1059.726643][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1059.734524][    C1] I/O error, dev loop6, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1059.743661][    C1] Buffer I/O error on dev loop6, logical block 1, async page read
[ 1059.752939][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1059.762989][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1059.763112][   T53] usb 35-1: device descriptor read/64, error -110
[ 1059.950618][T15700] ceph: No mds server is up or the cluster is laggy
[ 1059.976227][T11280] libceph: connect (1)[c::]:6789 error -101
[ 1060.022798][T11280] libceph: mon0 (1)[c::]:6789 connect error
[ 1060.033121][ T5196] ldm_validate_partition_table(): Disk read failed.
[ 1060.047119][   T53] usb 35-1: new low-speed USB device number 13 using vhci_hcd
[ 1060.067044][ T5196] Dev loop6: unable to read RDB block 0
[ 1060.073998][ T5196]  loop6: unable to read partition table
[ 1060.085947][T13837] usb 2-1: Using ep0 maxpacket: 16
[ 1060.118108][T15709] vhci_hcd: connection closed
[ 1060.119663][T13837] usb 2-1: unable to get BOS descriptor or descriptor too short
[ 1060.132570][ T3789] vhci_hcd: stop threads
[ 1060.137752][ T3789] vhci_hcd: release socket
[ 1060.185549][ T3789] vhci_hcd: disconnect device
[ 1060.195569][T13837] usb 2-1: too many configurations: 30, using maximum allowed: 8
[ 1060.219423][T13837] usb 2-1: unable to read config index 0 descriptor/start: -71
[ 1060.235819][T13837] usb 2-1: can't read configurations, error -71
[ 1060.294362][   T30] audit: type=1326 audit(1741732173.496:526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15725 comm="syz.0.2351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f6f58d169 code=0x7ffc0000
[ 1060.350248][   T30] audit: type=1326 audit(1741732173.496:527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15725 comm="syz.0.2351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f6f58d169 code=0x7ffc0000
[ 1060.374475][   T30] audit: type=1326 audit(1741732173.496:528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15725 comm="syz.0.2351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f4f6f58d169 code=0x7ffc0000
[ 1060.380424][T15731] QAT: Device 198 not found
[ 1060.404507][   T30] audit: type=1326 audit(1741732173.496:529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15725 comm="syz.0.2351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f6f58d169 code=0x7ffc0000
[ 1060.451919][T15740] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2356'.
[ 1060.461107][   T30] audit: type=1326 audit(1741732173.496:530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15725 comm="syz.0.2351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=94 compat=0 ip=0x7f4f6f58d169 code=0x7ffc0000
[ 1060.461145][   T30] audit: type=1326 audit(1741732173.496:531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15725 comm="syz.0.2351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f6f58d169 code=0x7ffc0000
[ 1060.461175][   T30] audit: type=1326 audit(1741732173.496:532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15725 comm="syz.0.2351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f6f58d169 code=0x7ffc0000
[ 1060.461203][   T30] audit: type=1326 audit(1741732173.496:533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15725 comm="syz.0.2351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f4f6f58d169 code=0x7ffc0000
[ 1060.488057][T15740] netlink: 48 bytes leftover after parsing attributes in process `syz.2.2356'.
[ 1061.463305][   T30] audit: type=1326 audit(1741732173.496:534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15725 comm="syz.0.2351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f6f58d169 code=0x7ffc0000
[ 1062.511868][T15746] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[ 1064.618759][ T5927] vhci_hcd: vhci_device speed not set
[ 1064.731525][   T30] kauditd_printk_skb: 3 callbacks suppressed
[ 1064.731539][   T30] audit: type=1400 audit(1741732177.966:538): avc:  denied  { setopt } for  pid=15773 comm="syz.1.2360" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[ 1065.186663][T11280] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[ 1065.246078][   T53] vhci_hcd: vhci_device speed not set
[ 1065.508434][T11280] usb 4-1: New USB device found, idVendor=5543, idProduct=0004, bcdDevice= 0.00
[ 1065.538133][T11280] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1065.545884][T13837] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[ 1065.803724][T11280] usb 4-1: config 0 descriptor??
[ 1065.845929][T15788] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1066.123116][   T30] audit: type=1326 audit(1741732179.356:539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15787 comm="syz.0.2364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f6f58d169 code=0x7ffc0000
[ 1066.163557][T10125] block nbd1: Receive control failed (result -32)
[ 1066.176558][T15173] block nbd1: Receive control failed (result -32)
[ 1066.186297][T15173] block nbd1: Receive control failed (result -32)
[ 1066.194221][T13837] usb 5-1: New USB device found, idVendor=5543, idProduct=0004, bcdDevice= 0.00
[ 1066.216421][T13837] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1066.226767][   T30] audit: type=1326 audit(1741732179.356:540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15787 comm="syz.0.2364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=5 compat=0 ip=0x7f4f6f58d169 code=0x7ffc0000
[ 1066.229622][T15775] block nbd1: shutting down sockets
[ 1066.266780][T13837] usb 5-1: config 0 descriptor??
[ 1066.273362][T15792] FAULT_INJECTION: forcing a failure.
[ 1066.273362][T15792] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1066.291227][   T30] audit: type=1326 audit(1741732179.356:541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15787 comm="syz.0.2364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f6f58d169 code=0x7ffc0000
[ 1066.294015][T15792] CPU: 1 UID: 0 PID: 15792 Comm: syz.0.2366 Not tainted 6.14.0-rc6-syzkaller-00007-g0b46b049d6ec #0
[ 1066.294036][T15792] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1066.294044][T15792] Call Trace:
[ 1066.294048][T15792]  <TASK>
[ 1066.294053][T15792]  dump_stack_lvl+0x16c/0x1f0
[ 1066.294080][T15792]  should_fail_ex+0x50a/0x650
[ 1066.294104][T15792]  _copy_to_user+0x32/0xd0
[ 1066.294120][T15792]  video_usercopy+0xf3e/0x1620
[ 1066.294139][T15792]  ? __pfx___video_do_ioctl+0x10/0x10
[ 1066.294156][T15792]  ? __pfx_video_usercopy+0x10/0x10
[ 1066.294185][T15792]  v4l2_ioctl+0x1ba/0x250
[ 1066.294200][T15792]  ? __pfx_v4l2_ioctl+0x10/0x10
[ 1066.294215][T15792]  __x64_sys_ioctl+0x190/0x200
[ 1066.294236][T15792]  do_syscall_64+0xcd/0x250
[ 1066.294256][T15792]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1066.294274][T15792] RIP: 0033:0x7f4f6f58d169
[ 1066.294286][T15792] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1066.294299][T15792] RSP: 002b:00007f4f70457038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1066.294313][T15792] RAX: ffffffffffffffda RBX: 00007f4f6f7a5fa0 RCX: 00007f4f6f58d169
[ 1066.294322][T15792] RDX: 0000400000001740 RSI: 00000000c0945662 RDI: 0000000000000003
[ 1066.294330][T15792] RBP: 00007f4f70457090 R08: 0000000000000000 R09: 0000000000000000
[ 1066.294338][T15792] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1066.294346][T15792] R13: 0000000000000000 R14: 00007f4f6f7a5fa0 R15: 00007ffca00f3cb8
[ 1066.294364][T15792]  </TASK>
[ 1066.352917][T15796] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(9)
[ 1066.356284][   T30] audit: type=1326 audit(1741732179.356:542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15787 comm="syz.0.2364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f4f6f58d169 code=0x7ffc0000
[ 1066.358346][T15796] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1066.521179][T15796] vhci_hcd vhci_hcd.0: Device attached
[ 1066.531770][T11280] uclogic 0003:5543:0004.000F: item fetching failed at offset 2/5
[ 1066.541672][T15797] vhci_hcd: cannot find a urb of seqnum 1 max seqnum 1
[ 1066.550278][T11280] uclogic 0003:5543:0004.000F: parse failed
[ 1066.556959][T11280] uclogic 0003:5543:0004.000F: probe with driver uclogic failed with error -22
[ 1066.568583][ T1051] vhci_hcd: stop threads
[ 1066.570447][   T30] audit: type=1326 audit(1741732179.356:543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15787 comm="syz.0.2364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f6f58d169 code=0x7ffc0000
[ 1066.579026][ T1051] vhci_hcd: release socket
[ 1066.618778][ T1051] vhci_hcd: disconnect device
[ 1067.130324][   T30] audit: type=1326 audit(1741732179.356:544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15787 comm="syz.0.2364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f4f6f58d169 code=0x7ffc0000
[ 1067.155099][   T30] audit: type=1326 audit(1741732179.356:545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15787 comm="syz.0.2364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f6f58d169 code=0x7ffc0000
[ 1067.196083][   T30] audit: type=1326 audit(1741732179.386:546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15787 comm="syz.0.2364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f6f58d169 code=0x7ffc0000
[ 1067.232753][T13837] uclogic 0003:5543:0004.0010: item fetching failed at offset 2/5
[ 1067.262077][T13837] uclogic 0003:5543:0004.0010: parse failed
[ 1067.279660][T13837] uclogic 0003:5543:0004.0010: probe with driver uclogic failed with error -22
[ 1067.476624][ T5927] usb 4-1: USB disconnect, device number 18
[ 1067.558595][T15819] netlink: 256 bytes leftover after parsing attributes in process `syz.2.2369'.
[ 1067.568352][T15819] netlink: 'syz.2.2369': attribute type 9 has an invalid length.
[ 1070.673025][ T5927] usb 5-1: USB disconnect, device number 16
[ 1070.769417][T13837] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[ 1071.916640][ T5875] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[ 1072.047958][T15839] mkiss: ax0: crc mode is auto.
[ 1072.166462][ T5875] usb 5-1: Using ep0 maxpacket: 16
[ 1072.255213][ T5875] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7
[ 1072.412872][ T5875] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 1072.516976][ T5875] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1072.542125][T13837] usb 1-1: device descriptor read/64, error -71
[ 1072.618125][ T5875] usb 5-1: Product: syz
[ 1072.660541][ T5875] usb 5-1: Manufacturer: syz
[ 1072.665180][ T5875] usb 5-1: SerialNumber: syz
[ 1072.746780][ T5875] usb 5-1: config 0 descriptor??
[ 1073.155954][T13837] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[ 1073.390827][T13837] usb 1-1: New USB device found, idVendor=5543, idProduct=0004, bcdDevice= 0.00
[ 1073.498452][T13837] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1073.710594][T13837] usb 1-1: config 0 descriptor??
[ 1074.414931][ T5927] usb 5-1: USB disconnect, device number 17
[ 1074.422742][T15850] syzkaller0: create flow: hash 3259187829 index 1
[ 1074.462108][T15856] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(9)
[ 1074.468709][T15856] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1074.478649][T15856] vhci_hcd vhci_hcd.0: Device attached
[ 1074.485227][T15857] vhci_hcd: cannot find a urb of seqnum 1 max seqnum 5
[ 1074.503907][T15848] syzkaller0: delete flow: hash 3259187829 index 1
[ 1074.503944][ T3540] vhci_hcd: stop threads
[ 1074.522458][ T3540] vhci_hcd: release socket
[ 1074.532666][T13837] usbhid 1-1:0.0: can't add hid device: -71
[ 1074.544157][T13837] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[ 1074.548333][ T3540] vhci_hcd: disconnect device
[ 1074.571531][T13837] usb 1-1: USB disconnect, device number 17
[ 1074.802324][T15862] netlink: 256 bytes leftover after parsing attributes in process `syz.2.2382'.
[ 1074.811528][T15862] netlink: 'syz.2.2382': attribute type 9 has an invalid length.
[ 1075.806127][T14555] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[ 1075.825247][   T30] audit: type=1326 audit(1741732189.056:547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15863 comm="syz.4.2383" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f6c4598d169 code=0x0
[ 1076.022564][T14555] usb 4-1: New USB device found, idVendor=5543, idProduct=0004, bcdDevice= 0.00
[ 1076.076319][T14555] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1076.168722][T14555] usb 4-1: config 0 descriptor??
[ 1076.609169][T14555] uclogic 0003:5543:0004.0011: item fetching failed at offset 2/5
[ 1076.617532][T14555] uclogic 0003:5543:0004.0011: parse failed
[ 1076.623495][T14555] uclogic 0003:5543:0004.0011: probe with driver uclogic failed with error -22
[ 1077.047596][T15869] workqueue: Failed to create a rescuer kthread for wq "bond2": -EINTR
[ 1077.050737][T13837] usb 4-1: USB disconnect, device number 19
[ 1077.376264][ T5927] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[ 1077.429641][T15885] netlink: 'syz.0.2387': attribute type 10 has an invalid length.
[ 1077.443861][T15885] netlink: 2 bytes leftover after parsing attributes in process `syz.0.2387'.
[ 1077.635861][ T5927] usb 2-1: Using ep0 maxpacket: 32
[ 1077.722858][ T5927] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x9 has an invalid bInterval 128, changing to 11
[ 1077.903955][T15896] xt_hashlimit: size too large, truncated to 1048576
[ 1078.158371][T15894] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(10)
[ 1078.165003][T15894] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1078.172734][T15894] vhci_hcd vhci_hcd.0: Device attached
[ 1078.266560][ T5927] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[ 1078.282520][ T5927] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xB7, changing to 0x87
[ 1078.299966][ T5927] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x87 has an invalid bInterval 79, changing to 10
[ 1078.381552][ T5927] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x87 has invalid maxpacket 34258, setting to 1024
[ 1078.436492][T15898] vhci_hcd: connection closed
[ 1078.436815][ T1110] vhci_hcd: stop threads
[ 1078.454804][ T1110] vhci_hcd: release socket
[ 1078.463858][ T1110] vhci_hcd: disconnect device
[ 1078.470778][ T5927] usb 2-1: New USB device found, idVendor=0e6f, idProduct=582c, bcdDevice=31.68
[ 1078.484207][ T5927] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1078.495065][ T5927] usb 2-1: Product: syz
[ 1078.504206][ T5927] usb 2-1: Manufacturer: syz
[ 1078.510953][ T5927] usb 2-1: SerialNumber: syz
[ 1078.516472][ T5875] vhci_hcd: vhci_device speed not set
[ 1078.522595][ T5927] usb 2-1: config 0 descriptor??
[ 1078.528140][T15878] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1078.669667][ T5927] input: Generic X-Box pad as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input12
[ 1078.690827][T15173] block nbd3: Receive control failed (result -32)
[ 1078.695052][T15895] block nbd3: shutting down sockets
[ 1078.863390][ T5181] xpad 2-1:0.0: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -90
[ 1078.875629][T15908] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(9)
[ 1078.882169][T15908] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1078.891704][ T5181] xpad 2-1:0.0: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -90
[ 1078.906446][T15908] vhci_hcd vhci_hcd.0: Device attached
[ 1078.931404][ T5181] xpad 2-1:0.0: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -90
[ 1079.005955][ T5927] usb 2-1: USB disconnect, device number 20
[ 1079.005983][    C0] xpad 2-1:0.0: xpad_irq_in - usb_submit_urb failed with result -19
[ 1079.034233][T15911] vhci_hcd: cannot find a urb of seqnum 1 max seqnum 1
[ 1079.145612][ T1051] vhci_hcd: stop threads
[ 1079.150253][ T1051] vhci_hcd: release socket
[ 1079.154900][ T1051] vhci_hcd: disconnect device
[ 1079.160572][T13837] vhci_hcd: vhci_device speed not set
[ 1079.416055][T15920] netlink: 256 bytes leftover after parsing attributes in process `syz.3.2395'.
[ 1079.425458][T15920] netlink: 'syz.3.2395': attribute type 9 has an invalid length.
[ 1080.467290][   T10] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[ 1080.706760][T13837] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[ 1080.736567][   T10] usb 3-1: Using ep0 maxpacket: 8
[ 1080.802597][   T10] usb 3-1: New USB device found, idVendor=10d2, idProduct=2865, bcdDevice=a4.c9
[ 1080.927798][   T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1080.965951][T13837] usb 5-1: Using ep0 maxpacket: 16
[ 1081.051418][T13837] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7
[ 1081.158830][   T10] usb 3-1: config 0 descriptor??
[ 1081.278485][T13837] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 1081.294312][   T10] usblcd 3-1:0.0: USBLCD model not supported.
[ 1081.341003][T14918] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[ 1081.385595][T13837] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1081.432717][   T30] audit: type=1400 audit(1741732194.616:548): avc:  denied  { create } for  pid=15931 comm="syz.3.2400" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_scsitransport_socket permissive=1
[ 1081.549022][T13837] usb 5-1: Product: syz
[ 1081.596835][T13837] usb 5-1: Manufacturer: syz
[ 1081.647436][T14918] usb 1-1: New USB device found, idVendor=5543, idProduct=0004, bcdDevice= 0.00
[ 1081.672810][T13837] usb 5-1: SerialNumber: syz
[ 1081.693203][T15922] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2397'.
[ 1081.761846][   T30] audit: type=1400 audit(1741732194.636:549): avc:  denied  { write } for  pid=15931 comm="syz.3.2400" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_scsitransport_socket permissive=1
[ 1081.789669][T14918] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1081.804519][T13837] usb 5-1: config 0 descriptor??
[ 1082.019823][T14918] usb 1-1: config 0 descriptor??
[ 1082.680025][T14918] uclogic 0003:5543:0004.0012: item fetching failed at offset 2/5
[ 1082.688835][T14918] uclogic 0003:5543:0004.0012: parse failed
[ 1082.706380][T11280] usb 3-1: USB disconnect, device number 12
[ 1082.725975][T14918] uclogic 0003:5543:0004.0012: probe with driver uclogic failed with error -22
[ 1082.801034][T15941] netlink: 2 bytes leftover after parsing attributes in process `syz.1.2402'.
[ 1082.811075][T15941] netlink: 2 bytes leftover after parsing attributes in process `syz.1.2402'.
[ 1082.821492][T15941] netlink: 2 bytes leftover after parsing attributes in process `syz.1.2402'.
[ 1082.830503][T15941] netlink: 2 bytes leftover after parsing attributes in process `syz.1.2402'.
[ 1082.840873][T15941] netlink: 2 bytes leftover after parsing attributes in process `syz.1.2402'.
[ 1082.849831][T15941] netlink: 2 bytes leftover after parsing attributes in process `syz.1.2402'.
[ 1082.860220][T15941] netlink: 2 bytes leftover after parsing attributes in process `syz.1.2402'.
[ 1082.869425][T15941] netlink: 2 bytes leftover after parsing attributes in process `syz.1.2402'.
[ 1082.879543][T15941] netlink: 2 bytes leftover after parsing attributes in process `syz.1.2402'.
[ 1083.297651][T15945] netlink: 'syz.3.2403': attribute type 10 has an invalid length.
[ 1083.345529][ T5927] usb 5-1: USB disconnect, device number 18
[ 1083.502224][    C1] blk_print_req_error: 33 callbacks suppressed
[ 1083.502241][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 8 prio class 0
[ 1083.535820][    C1] I/O error, dev loop6, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1083.544951][    C1] buffer_io_error: 31 callbacks suppressed
[ 1083.544958][    C1] Buffer I/O error on dev loop6, logical block 1, async page read
[ 1083.577841][    C1] I/O error, dev loop6, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1083.587020][    C1] Buffer I/O error on dev loop6, logical block 1, async page read
[ 1083.638732][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1083.647918][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1083.737603][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1083.746827][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1083.765240][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1083.771113][T14918] usb 1-1: USB disconnect, device number 18
[ 1083.774432][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1083.798781][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1083.807967][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1083.816723][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1083.825871][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1083.835826][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1083.845008][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1083.864022][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1083.873201][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1083.881867][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1083.908320][ T5196] ldm_validate_partition_table(): Disk read failed.
[ 1083.925490][ T5196] Dev loop6: unable to read RDB block 0
[ 1083.932551][   T30] audit: type=1400 audit(1741732197.166:550): avc:  denied  { setopt } for  pid=15951 comm="syz.2.2405" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[ 1083.934945][ T5196]  loop6: unable to read partition table
[ 1084.029489][T15958] FAULT_INJECTION: forcing a failure.
[ 1084.029489][T15958] name failslab, interval 1, probability 0, space 0, times 0
[ 1084.057788][T15958] CPU: 0 UID: 0 PID: 15958 Comm: syz.2.2408 Not tainted 6.14.0-rc6-syzkaller-00007-g0b46b049d6ec #0
[ 1084.057813][T15958] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1084.057823][T15958] Call Trace:
[ 1084.057828][T15958]  <TASK>
[ 1084.057835][T15958]  dump_stack_lvl+0x16c/0x1f0
[ 1084.057862][T15958]  should_fail_ex+0x50a/0x650
[ 1084.057888][T15958]  ? fs_reclaim_acquire+0xae/0x150
[ 1084.057914][T15958]  ? tomoyo_realpath_from_path+0xb9/0x720
[ 1084.057939][T15958]  should_failslab+0xc2/0x120
[ 1084.057959][T15958]  __kmalloc_noprof+0xcb/0x510
[ 1084.057977][T15958]  ? __pfx_lock_acquire.part.0+0x10/0x10
[ 1084.058005][T15958]  tomoyo_realpath_from_path+0xb9/0x720
[ 1084.058029][T15958]  ? tomoyo_path_number_perm+0x235/0x590
[ 1084.058051][T15958]  ? tomoyo_path_number_perm+0x235/0x590
[ 1084.058075][T15958]  tomoyo_path_number_perm+0x248/0x590
[ 1084.058095][T15958]  ? tomoyo_path_number_perm+0x235/0x590
[ 1084.058118][T15958]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1084.058162][T15958]  ? __pfx_lock_release+0x10/0x10
[ 1084.058184][T15958]  ? trace_lock_acquire+0x14e/0x1f0
[ 1084.058206][T15958]  ? lock_acquire+0x2f/0xb0
[ 1084.058227][T15958]  ? __fget_files+0x40/0x3a0
[ 1084.058247][T15958]  ? __fget_files+0x206/0x3a0
[ 1084.058267][T15958]  security_file_ioctl+0x9b/0x240
[ 1084.058292][T15958]  __x64_sys_ioctl+0xb7/0x200
[ 1084.058317][T15958]  do_syscall_64+0xcd/0x250
[ 1084.058342][T15958]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1084.058365][T15958] RIP: 0033:0x7f2398b8d169
[ 1084.058379][T15958] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1084.058394][T15958] RSP: 002b:00007f2399a79038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1084.058411][T15958] RAX: ffffffffffffffda RBX: 00007f2398da5fa0 RCX: 00007f2398b8d169
[ 1084.058421][T15958] RDX: 0000400000000100 RSI: 0000000000003b84 RDI: 0000000000000003
[ 1084.058431][T15958] RBP: 00007f2399a79090 R08: 0000000000000000 R09: 0000000000000000
[ 1084.058440][T15958] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1084.058449][T15958] R13: 0000000000000000 R14: 00007f2398da5fa0 R15: 00007ffd6e9bcda8
[ 1084.058472][T15958]  </TASK>
[ 1084.058479][T15958] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1084.310177][T15960] siw: device registration error -23
[ 1087.885014][ T3789] syzkaller0: tun_net_xmit 76
[ 1087.936865][T14555] syzkaller0: tun_net_xmit 76
[ 1087.942266][ T3789] syzkaller0: tun_net_xmit 48
[ 1087.989064][ T5196] ldm_validate_partition_table(): Disk read failed.
[ 1088.007929][ T5196] Dev loop6: unable to read RDB block 0
[ 1088.031848][ T5196]  loop6: unable to read partition table
[ 1088.862128][    T9] usb 3-1: new full-speed USB device number 13 using dummy_hcd
[ 1089.101011][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[ 1089.112173][    T9] usb 3-1: New USB device found, idVendor=5543, idProduct=0004, bcdDevice= 0.00
[ 1089.121623][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1089.132600][    T9] usb 3-1: config 0 descriptor??
[ 1089.154487][T16003] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1089.217558][T14918] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[ 1089.552406][T14555] libceph: connect (1)[c::]:6789 error -101
[ 1089.615522][T14555] libceph: mon0 (1)[c::]:6789 connect error
[ 1089.832970][T14918] usb 1-1: New USB device found, idVendor=5543, idProduct=0004, bcdDevice= 0.00
[ 1089.842237][T14918] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1089.854116][T14918] usb 1-1: config 0 descriptor??
[ 1089.919666][    T9] uclogic 0003:5543:0004.0013: item fetching failed at offset 2/5
[ 1089.926510][T14555] libceph: connect (1)[c::]:6789 error -101
[ 1089.927710][T16016] ceph: No mds server is up or the cluster is laggy
[ 1089.941141][    T9] uclogic 0003:5543:0004.0013: parse failed
[ 1089.944255][T14555] libceph: mon0 (1)[c::]:6789 connect error
[ 1089.947157][    T9] uclogic 0003:5543:0004.0013: probe with driver uclogic failed with error -22
[ 1090.273102][T14918] uclogic 0003:5543:0004.0014: item fetching failed at offset 2/5
[ 1090.282003][T14918] uclogic 0003:5543:0004.0014: parse failed
[ 1090.288788][T14918] uclogic 0003:5543:0004.0014: probe with driver uclogic failed with error -22
[ 1090.817556][    T9] usb 3-1: USB disconnect, device number 13
[ 1090.830927][T13837] usb 1-1: USB disconnect, device number 19
[ 1091.635852][ T5135] Bluetooth: hci4: command 0x0406 tx timeout
[ 1091.895928][    C0] blk_print_req_error: 58 callbacks suppressed
[ 1091.895948][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 8 prio class 0
[ 1091.935837][    C0] I/O error, dev loop6, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1091.945035][    C0] buffer_io_error: 54 callbacks suppressed
[ 1091.945049][    C0] Buffer I/O error on dev loop6, logical block 1, async page read
[ 1092.080645][    C1] I/O error, dev loop6, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1092.089792][    C1] Buffer I/O error on dev loop6, logical block 1, async page read
[ 1092.114970][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1092.124156][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1092.286092][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1092.295278][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1092.326192][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1092.335369][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1092.363981][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1092.373173][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1092.618380][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1092.627634][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1092.636653][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1092.645838][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1092.653923][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1092.663144][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1092.671320][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1093.148278][T16052] kernel read not supported for file /blkio.throttle.io_service_bytes_recursive (pid: 16052 comm: syz.1.2434)
[ 1093.154495][ T5196] ldm_validate_partition_table(): Disk read failed.
[ 1093.180471][ T5196] Dev loop6: unable to read RDB block 0
[ 1093.195058][   T30] audit: type=1800 audit(1741732206.426:551): pid=16052 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.1.2434" name="blkio.throttle.io_service_bytes_recursive" dev="mqueue" ino=48425 res=0 errno=0
[ 1093.204790][ T5196]  loop6: unable to read partition table
[ 1093.402099][T16058] bond0: entered promiscuous mode
[ 1093.413940][ T5927] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[ 1093.422471][T16058] bond_slave_0: entered promiscuous mode
[ 1093.429255][T16058] bond_slave_1: entered promiscuous mode
[ 1093.575830][ T5927] usb 5-1: Using ep0 maxpacket: 32
[ 1093.599678][ T5927] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1093.717648][ T5927] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[ 1093.843287][ T5927] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 1094.037002][ T5927] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[ 1094.078571][ T5927] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1094.196837][ T5927] usb 5-1: config 0 descriptor??
[ 1094.203869][T16041] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 1094.212181][ T5927] hub 5-1:0.0: USB hub found
[ 1094.426328][ T5927] hub 5-1:0.0: config failed, can't read hub descriptor (err -90)
[ 1094.920795][ T5927] usbhid 5-1:0.0: can't add hid device: -71
[ 1095.023956][ T5927] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[ 1095.163868][ T5927] usb 5-1: USB disconnect, device number 19
[ 1095.943285][T16083] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5126 sclass=netlink_route_socket pid=16083 comm=syz.3.2441
[ 1096.902603][ T5196] ldm_validate_partition_table(): Disk read failed.
[ 1096.914817][    C1] blk_print_req_error: 43 callbacks suppressed
[ 1096.914835][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1096.931490][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1096.944773][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1096.953948][    C1] buffer_io_error: 42 callbacks suppressed
[ 1096.953955][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1096.968914][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1096.978045][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1096.985986][ T5196] Dev loop6: unable to read RDB block 0
[ 1096.992963][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1097.002114][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1097.085325][T16101] __nla_validate_parse: 177 callbacks suppressed
[ 1097.085350][T16101] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2447'.
[ 1097.094211][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1097.111049][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1097.111074][T16101] FAULT_INJECTION: forcing a failure.
[ 1097.111074][T16101] name failslab, interval 1, probability 0, space 0, times 0
[ 1097.133459][T16101] CPU: 0 UID: 0 PID: 16101 Comm: syz.3.2447 Not tainted 6.14.0-rc6-syzkaller-00007-g0b46b049d6ec #0
[ 1097.133481][T16101] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1097.133489][T16101] Call Trace:
[ 1097.133494][T16101]  <TASK>
[ 1097.133499][T16101]  dump_stack_lvl+0x16c/0x1f0
[ 1097.133517][T16101]  should_fail_ex+0x50a/0x650
[ 1097.133533][T16101]  ? fs_reclaim_acquire+0xae/0x150
[ 1097.133550][T16101]  should_failslab+0xc2/0x120
[ 1097.133562][T16101]  __kmalloc_node_noprof+0xd1/0x510
[ 1097.133573][T16101]  ? geneve_setup+0x2d3/0x3c0
[ 1097.133588][T16101]  ? __kvmalloc_node_noprof+0xad/0x1a0
[ 1097.133607][T16101]  __kvmalloc_node_noprof+0xad/0x1a0
[ 1097.133623][T16101]  ? __pfx_geneve_setup+0x10/0x10
[ 1097.133637][T16101]  alloc_netdev_mqs+0xbbc/0x15d0
[ 1097.133656][T16101]  rtnl_create_link+0xc10/0xfa0
[ 1097.133672][T16101]  rtnl_newlink+0x14c6/0x1d60
[ 1097.133690][T16101]  ? __pfx_rtnl_newlink+0x10/0x10
[ 1097.133712][T16101]  ? __pfx___lock_acquire+0x10/0x10
[ 1097.133727][T16101]  ? cred_has_capability.isra.0+0x192/0x2f0
[ 1097.133742][T16101]  ? __pfx_cred_has_capability.isra.0+0x10/0x10
[ 1097.133759][T16101]  ? find_held_lock+0x2d/0x110
[ 1097.133772][T16101]  ? rtnetlink_rcv_msg+0x93a/0xea0
[ 1097.133786][T16101]  ? __pfx_lock_release+0x10/0x10
[ 1097.133799][T16101]  ? trace_lock_acquire+0x14e/0x1f0
[ 1097.133813][T16101]  ? __pfx_rtnl_newlink+0x10/0x10
[ 1097.133828][T16101]  rtnetlink_rcv_msg+0x95b/0xea0
[ 1097.133843][T16101]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1097.133863][T16101]  netlink_rcv_skb+0x16b/0x440
[ 1097.133878][T16101]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1097.133893][T16101]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1097.133913][T16101]  ? netlink_deliver_tap+0x1ae/0xd30
[ 1097.133929][T16101]  netlink_unicast+0x53c/0x7f0
[ 1097.133944][T16101]  ? __pfx_netlink_unicast+0x10/0x10
[ 1097.133961][T16101]  netlink_sendmsg+0x8b8/0xd70
[ 1097.133977][T16101]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1097.133995][T16101]  ____sys_sendmsg+0xaaf/0xc90
[ 1097.134007][T16101]  ? copy_msghdr_from_user+0x10b/0x160
[ 1097.134021][T16101]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1097.134038][T16101]  ___sys_sendmsg+0x135/0x1e0
[ 1097.134057][T16101]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1097.134077][T16101]  ? __pfx_lock_release+0x10/0x10
[ 1097.134090][T16101]  ? trace_lock_acquire+0x14e/0x1f0
[ 1097.134105][T16101]  ? __fget_files+0x206/0x3a0
[ 1097.134119][T16101]  __sys_sendmsg+0x16e/0x220
[ 1097.134133][T16101]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1097.134156][T16101]  do_syscall_64+0xcd/0x250
[ 1097.134171][T16101]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1097.134185][T16101] RIP: 0033:0x7f6e4fb8d169
[ 1097.134195][T16101] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1097.134204][T16101] RSP: 002b:00007f6e50a87038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1097.134214][T16101] RAX: ffffffffffffffda RBX: 00007f6e4fda6080 RCX: 00007f6e4fb8d169
[ 1097.134220][T16101] RDX: 0000000000044004 RSI: 0000400000000180 RDI: 0000000000000009
[ 1097.134226][T16101] RBP: 00007f6e50a87090 R08: 0000000000000000 R09: 0000000000000000
[ 1097.134231][T16101] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1097.134237][T16101] R13: 0000000000000000 R14: 00007f6e4fda6080 R15: 00007ffc27aa9bf8
[ 1097.134249][T16101]  </TASK>
[ 1097.468402][    C1] I/O error, dev loop6, sector 24 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1097.477692][    C1] Buffer I/O error on dev loop6, logical block 3, async page read
[ 1097.493506][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1097.502687][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1097.525783][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1097.534938][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1097.607165][ T5196]  loop6: unable to read partition table
[ 1097.854969][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[ 1097.897366][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1097.915928][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1097.925635][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1098.194090][T16112] xt_hashlimit: size too large, truncated to 1048576
[ 1098.439149][T16110] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(10)
[ 1098.445788][T16110] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1098.453773][T16110] vhci_hcd vhci_hcd.0: Device attached
[ 1098.716932][T16111] vhci_hcd: connection closed
[ 1098.723181][   T12] vhci_hcd: stop threads
[ 1098.735685][   T12] vhci_hcd: release socket
[ 1098.756393][   T12] vhci_hcd: disconnect device
[ 1098.786075][   T10] vhci_hcd: vhci_device speed not set
[ 1099.274675][   T30] audit: type=1400 audit(1741732212.436:552): avc:  denied  { getopt } for  pid=16124 comm="syz.4.2452" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[ 1099.933473][T16138] netlink: 256 bytes leftover after parsing attributes in process `syz.3.2454'.
[ 1099.942682][T16138] netlink: 'syz.3.2454': attribute type 9 has an invalid length.
[ 1101.628503][T16153] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(8)
[ 1101.635053][T16153] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1101.642794][T16153] vhci_hcd vhci_hcd.0: Device attached
[ 1101.699824][T16154] vhci_hcd: connection closed
[ 1101.770617][ T3789] vhci_hcd: stop threads
[ 1102.111451][ T3789] vhci_hcd: release socket
[ 1102.338849][ T3789] vhci_hcd: disconnect device
[ 1102.339612][    C1] blk_print_req_error: 5 callbacks suppressed
[ 1102.339625][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 8 prio class 0
[ 1102.366708][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1102.375916][    C1] buffer_io_error: 2 callbacks suppressed
[ 1102.375929][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1102.419622][    T9] vhci_hcd: vhci_device speed not set
[ 1102.425019][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1102.434135][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1102.455885][    C0] I/O error, dev loop6, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1102.465060][    C0] Buffer I/O error on dev loop6, logical block 1, async page read
[ 1102.472910][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1102.482025][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1102.495216][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1102.504460][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1102.521057][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 2 prio class 0
[ 1102.530265][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1102.538210][    C0] Buffer I/O error on dev loop6, logical block 1, async page read
[ 1102.563556][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1102.572764][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1102.671823][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1102.681030][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1102.689436][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1102.698634][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1102.734154][ T5196] ldm_validate_partition_table(): Disk read failed.
[ 1102.741998][T16169] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1102.776326][T16166] QAT: Device 198 not found
[ 1102.794887][ T5196] Dev loop6: unable to read RDB block 0
[ 1102.810750][ T5196]  loop6: unable to read partition table
[ 1103.157068][T16173] block nbd0: Device being setup by another task
[ 1103.387978][ T5135] block nbd0: Receive control failed (result -32)
[ 1103.397322][T16173] block nbd0: shutting down sockets
[ 1103.446483][   T53] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[ 1103.606066][   T53] usb 2-1: Using ep0 maxpacket: 16
[ 1103.620957][   T53] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1103.634178][   T53] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1103.655505][   T53] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[ 1103.674698][   T53] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[ 1103.698984][   T53] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1103.717044][   T53] usb 2-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[ 1103.730793][   T53] usb 2-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[ 1103.739108][   T53] usb 2-1: Manufacturer: syz
[ 1103.754597][   T53] usb 2-1: config 0 descriptor??
[ 1104.035848][   T53] rc_core: IR keymap rc-hauppauge not found
[ 1104.043453][   T53] Registered IR keymap rc-empty
[ 1104.054997][   T53] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1104.086039][   T53] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1104.123186][   T53] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0
[ 1104.135957][   T53] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0/input13
[ 1104.157160][   T53] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1104.185824][   T53] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1104.217370][   T53] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1104.246822][   T53] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1104.281238][   T53] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1104.306334][   T53] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1104.328754][   T53] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1104.365958][   T53] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1104.400470][   T53] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1104.435882][   T53] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1104.465924][   T53] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1104.497410][   T53] mceusb 2-1:0.0: Registered 424242424242 with mce emulator interface version 1
[ 1104.507215][   T53] mceusb 2-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[ 1104.520667][   T53] usb 2-1: USB disconnect, device number 21
[ 1105.096055][   T30] audit: type=1400 audit(1741732218.326:553): avc:  denied  { accept } for  pid=16206 comm="syz.3.2468" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1105.115963][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1106.466491][   T30] audit: type=1400 audit(1741732218.866:554): avc:  denied  { mounton } for  pid=16203 comm="syz.4.2469" path="/proc/1853/task" dev="proc" ino=47957 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[ 1106.523632][T16208] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2469'.
[ 1106.597481][T16208] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2469'.
[ 1106.940709][T16227] netlink: 256 bytes leftover after parsing attributes in process `syz.3.2473'.
[ 1106.950421][T16227] netlink: 'syz.3.2473': attribute type 9 has an invalid length.
[ 1107.681486][ T5927] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[ 1107.995864][ T5927] usb 2-1: Using ep0 maxpacket: 16
[ 1108.126076][ T5927] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7
[ 1108.350378][ T5927] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 1108.490096][ T5927] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1108.617500][ T5927] usb 2-1: Product: syz
[ 1108.687610][ T5927] usb 2-1: Manufacturer: syz
[ 1108.953031][ T5927] usb 2-1: SerialNumber: syz
[ 1109.041661][   T53] libceph: connect (1)[c::]:6789 error -101
[ 1109.633814][T16236] ceph: No mds server is up or the cluster is laggy
[ 1109.937082][ T5927] usb 2-1: config 0 descriptor??
[ 1109.976020][   T53] libceph: mon0 (1)[c::]:6789 connect error
[ 1109.985005][T16243] QAT: Device 198 not found
[ 1110.019610][ T5927] usb 2-1: can't set config #0, error -71
[ 1110.080487][ T5927] usb 2-1: USB disconnect, device number 22
[ 1112.744711][T16257] QAT: Device 198 not found
[ 1112.757250][   T53] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[ 1113.025563][T16260] netlink: 256 bytes leftover after parsing attributes in process `syz.3.2481'.
[ 1113.034693][T16260] netlink: 'syz.3.2481': attribute type 9 has an invalid length.
[ 1113.057939][T16260] /dev/nullb0: Can't open blockdev
[ 1114.165806][   T53] usb 2-1: Using ep0 maxpacket: 16
[ 1114.183890][    C1] raw-gadget.0 gadget.1: ignoring, device is not running
[ 1114.205552][   T53] usb 2-1: device descriptor read/all, error -71
[ 1114.905209][T16272] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1114.996918][   T30] audit: type=1400 audit(1741732228.226:555): avc:  denied  { execute } for  pid=16274 comm="syz.2.2485" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=49208 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[ 1115.178641][T16280] FAULT_INJECTION: forcing a failure.
[ 1115.178641][T16280] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1115.216820][T16280] CPU: 0 UID: 0 PID: 16280 Comm: syz.4.2487 Not tainted 6.14.0-rc6-syzkaller-00007-g0b46b049d6ec #0
[ 1115.216845][T16280] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1115.216852][T16280] Call Trace:
[ 1115.216857][T16280]  <TASK>
[ 1115.216863][T16280]  dump_stack_lvl+0x16c/0x1f0
[ 1115.216889][T16280]  should_fail_ex+0x50a/0x650
[ 1115.216914][T16280]  _copy_to_user+0x32/0xd0
[ 1115.216930][T16280]  simple_read_from_buffer+0xd0/0x160
[ 1115.216953][T16280]  proc_fail_nth_read+0x198/0x270
[ 1115.216975][T16280]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1115.216995][T16280]  ? rw_verify_area+0xcf/0x680
[ 1115.217014][T16280]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1115.217034][T16280]  vfs_read+0x1df/0xbf0
[ 1115.217056][T16280]  ? __fget_files+0x1fc/0x3a0
[ 1115.217071][T16280]  ? __pfx___mutex_lock+0x10/0x10
[ 1115.217091][T16280]  ? __pfx_vfs_read+0x10/0x10
[ 1115.217120][T16280]  ? __fget_files+0x206/0x3a0
[ 1115.217139][T16280]  ksys_read+0x12b/0x250
[ 1115.217152][T16280]  ? __pfx_ksys_read+0x10/0x10
[ 1115.217172][T16280]  do_syscall_64+0xcd/0x250
[ 1115.217191][T16280]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1115.217209][T16280] RIP: 0033:0x7f6c4598bb7c
[ 1115.217220][T16280] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1115.217232][T16280] RSP: 002b:00007f6c46775030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1115.217245][T16280] RAX: ffffffffffffffda RBX: 00007f6c45ba5fa0 RCX: 00007f6c4598bb7c
[ 1115.217253][T16280] RDX: 000000000000000f RSI: 00007f6c467750a0 RDI: 0000000000000004
[ 1115.217260][T16280] RBP: 00007f6c46775090 R08: 0000000000000000 R09: 0000000000000000
[ 1115.217268][T16280] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1115.217275][T16280] R13: 0000000000000000 R14: 00007f6c45ba5fa0 R15: 00007fff98b02f68
[ 1115.217291][T16280]  </TASK>
[ 1115.468236][T16283] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2484'.
[ 1115.536528][T16285] netlink: 'syz.4.2489': attribute type 10 has an invalid length.
[ 1115.580113][T16285] macvlan0: entered promiscuous mode
[ 1115.597734][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[ 1115.604311][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[ 1115.645842][T16285] macvlan0: entered allmulticast mode
[ 1115.736967][T16285] veth1_vlan: entered allmulticast mode
[ 1115.832511][T16285] bond0: (slave macvlan0): Enslaving as an active interface with an up link
[ 1116.256642][    T9] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[ 1117.286530][    T9] usb 4-1: Using ep0 maxpacket: 16
[ 1117.323243][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7
[ 1117.463250][    T9] usb 4-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 1117.526463][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1117.532798][T16303] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1117.576815][    T9] usb 4-1: Product: syz
[ 1117.581013][    T9] usb 4-1: Manufacturer: syz
[ 1117.585601][    T9] usb 4-1: SerialNumber: syz
[ 1117.662231][    T9] usb 4-1: config 0 descriptor??
[ 1117.690956][   T30] audit: type=1400 audit(1741732230.926:556): avc:  denied  { read } for  pid=16305 comm="syz.4.2495" name="cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[ 1117.693065][T16307] 9pnet_fd: Insufficient options for proto=fd
[ 1117.714708][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1117.740825][T16297] netlink: 68 bytes leftover after parsing attributes in process `syz.0.2491'.
[ 1117.756387][   T30] audit: type=1400 audit(1741732230.926:557): avc:  denied  { open } for  pid=16305 comm="syz.4.2495" path="/dev/cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[ 1117.885166][T16309] QAT: Device 198 not found
[ 1117.898598][T16307] warning: `syz.4.2495' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[ 1118.388934][T14918] usb 4-1: USB disconnect, device number 20
[ 1119.363159][T15173] block nbd3: Receive control failed (result -32)
[ 1119.377048][T15790] block nbd3: Receive control failed (result -32)
[ 1119.405963][ T5135] block nbd3: Receive control failed (result -32)
[ 1119.430814][   T30] audit: type=1326 audit(1741732232.226:558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16320 comm="syz.1.2498" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f703458d169 code=0x0
[ 1119.460786][T16317] block nbd3: shutting down sockets
[ 1119.502589][    C0] blk_print_req_error: 21 callbacks suppressed
[ 1119.502617][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 8 prio class 0
[ 1119.776928][T16328] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1119.783190][T16328] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[ 1119.793429][T16328] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1119.799564][T16328] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[ 1119.808350][T16328] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1119.814253][T16328] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[ 1119.822325][T16328] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1119.828262][T16328] Bluetooth: hci4: Error when powering off device on rfkill (-4)
[ 1119.895840][    C1] I/O error, dev loop6, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1119.905005][    C1] buffer_io_error: 20 callbacks suppressed
[ 1119.905018][    C1] Buffer I/O error on dev loop6, logical block 1, async page read
[ 1119.927671][    C1] I/O error, dev loop6, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1119.936863][    C1] Buffer I/O error on dev loop6, logical block 1, async page read
[ 1119.986916][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1119.996124][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1120.062821][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1120.072032][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1120.154364][T16333] netlink: 'syz.3.2500': attribute type 31 has an invalid length.
[ 1120.226216][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1120.235417][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1120.246449][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1120.255610][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1120.263820][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1120.272994][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1121.190864][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1121.200061][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1121.208852][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1121.218006][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1121.231712][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1121.350728][ T5196] ldm_validate_partition_table(): Disk read failed.
[ 1121.389784][ T5196] Dev loop6: unable to read RDB block 0
[ 1121.418042][ T5196]  loop6: unable to read partition table
[ 1122.726224][T16351] FAULT_INJECTION: forcing a failure.
[ 1122.726224][T16351] name failslab, interval 1, probability 0, space 0, times 0
[ 1122.793741][T16351] CPU: 1 UID: 0 PID: 16351 Comm: syz.0.2505 Not tainted 6.14.0-rc6-syzkaller-00007-g0b46b049d6ec #0
[ 1122.793768][T16351] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1122.793776][T16351] Call Trace:
[ 1122.793781][T16351]  <TASK>
[ 1122.793787][T16351]  dump_stack_lvl+0x16c/0x1f0
[ 1122.793813][T16351]  should_fail_ex+0x50a/0x650
[ 1122.793838][T16351]  ? fs_reclaim_acquire+0xae/0x150
[ 1122.793862][T16351]  ? shmem_initxattrs+0x168/0x5a0
[ 1122.793877][T16351]  should_failslab+0xc2/0x120
[ 1122.793895][T16351]  __kmalloc_noprof+0xcb/0x510
[ 1122.793916][T16351]  shmem_initxattrs+0x168/0x5a0
[ 1122.793930][T16351]  ? evm_inode_init_security+0x237/0x320
[ 1122.793955][T16351]  security_inode_init_security+0x26c/0x390
[ 1122.793972][T16351]  ? __pfx_shmem_initxattrs+0x10/0x10
[ 1122.793987][T16351]  ? __pfx_security_inode_init_security+0x10/0x10
[ 1122.794005][T16351]  ? shmem_get_inode+0x73a/0xf00
[ 1122.794024][T16351]  shmem_mknod+0x22e/0x450
[ 1122.794044][T16351]  vfs_mknod+0x5d7/0x8e0
[ 1122.794069][T16351]  do_mknodat+0x310/0x5d0
[ 1122.794095][T16351]  ? __pfx_do_mknodat+0x10/0x10
[ 1122.794122][T16351]  ? getname_flags.part.0+0x1c5/0x550
[ 1122.794146][T16351]  __x64_sys_mknod+0x87/0xb0
[ 1122.794162][T16351]  do_syscall_64+0xcd/0x250
[ 1122.794183][T16351]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1122.794203][T16351] RIP: 0033:0x7f4f6f58d169
[ 1122.794215][T16351] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1122.794229][T16351] RSP: 002b:00007f4f70457038 EFLAGS: 00000246 ORIG_RAX: 0000000000000085
[ 1122.794244][T16351] RAX: ffffffffffffffda RBX: 00007f4f6f7a5fa0 RCX: 00007f4f6f58d169
[ 1122.794253][T16351] RDX: 0000000000000701 RSI: 100000000000600d RDI: 0000400000000080
[ 1122.794263][T16351] RBP: 00007f4f70457090 R08: 0000000000000000 R09: 0000000000000000
[ 1122.794271][T16351] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1122.794280][T16351] R13: 0000000000000001 R14: 00007f4f6f7a5fa0 R15: 00007ffca00f3cb8
[ 1122.794299][T16351]  </TASK>
[ 1122.935728][T16353] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(7)
[ 1123.009571][T16353] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1123.017094][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1123.083143][T16353] vhci_hcd vhci_hcd.0: Device attached
[ 1123.143005][T16341] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2502'.
[ 1123.215913][T11280] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[ 1123.326222][   T10] usb 37-1: new low-speed USB device number 19 using vhci_hcd
[ 1123.385846][T11280] usb 3-1: Using ep0 maxpacket: 16
[ 1123.849455][T16355] vhci_hcd: cannot find a urb of seqnum 1 max seqnum 9
[ 1123.858223][   T55] vhci_hcd: stop threads
[ 1123.863435][   T55] vhci_hcd: release socket
[ 1123.866944][T11280] usb 3-1: unable to get BOS descriptor or descriptor too short
[ 1123.874697][   T55] vhci_hcd: disconnect device
[ 1123.974433][T16371] @: renamed from vlan0 (while UP)
[ 1124.010081][T11280] usb 3-1: too many configurations: 30, using maximum allowed: 8
[ 1124.577565][T16376] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2509'.
[ 1124.598161][T11280] usb 3-1: unable to read config index 0 descriptor/start: -71
[ 1124.612524][T11280] usb 3-1: can't read configurations, error -71
[ 1124.804492][T16380] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(7)
[ 1124.811055][T16380] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1124.823217][T16380] vhci_hcd vhci_hcd.0: Device attached
[ 1125.055933][T14555] usb 41-1: new low-speed USB device number 9 using vhci_hcd
[ 1125.105963][ T5927] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[ 1125.125940][   T53] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[ 1125.670099][   T30] audit: type=1326 audit(1741732238.876:559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16389 comm="syz.2.2515" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f2398b8d169 code=0x0
[ 1126.545789][T16396] netlink: 256 bytes leftover after parsing attributes in process `syz.3.2516'.
[ 1126.554874][T16396] netlink: 'syz.3.2516': attribute type 9 has an invalid length.
[ 1126.559539][ T5927] usb 5-1: Using ep0 maxpacket: 16
[ 1126.570877][   T53] usb 1-1: Using ep0 maxpacket: 16
[ 1126.578014][T16396] /dev/nullb0: Can't open blockdev
[ 1126.606838][ T5927] usb 5-1: unable to get BOS descriptor or descriptor too short
[ 1126.994782][ T5927] usb 5-1: too many configurations: 30, using maximum allowed: 8
[ 1127.095989][T16381] vhci_hcd: cannot find a urb of seqnum 1 max seqnum 3
[ 1127.118780][ T5927] usb 5-1: unable to read config index 0 descriptor/start: -71
[ 1127.137029][ T5927] usb 5-1: can't read configurations, error -71
[ 1127.166296][   T12] vhci_hcd: stop threads
[ 1127.202746][   T12] vhci_hcd: release socket
[ 1127.223880][   T12] vhci_hcd: disconnect device
[ 1127.823981][    C1] blk_print_req_error: 28 callbacks suppressed
[ 1127.824009][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 8 prio class 0
[ 1127.842470][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1127.851805][    C0] buffer_io_error: 26 callbacks suppressed
[ 1127.851819][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1127.865631][    C0] I/O error, dev loop6, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1127.874861][    C0] Buffer I/O error on dev loop6, logical block 1, async page read
[ 1127.915773][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1127.924935][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1127.934521][    C0] I/O error, dev loop6, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1127.943696][    C0] Buffer I/O error on dev loop6, logical block 1, async page read
[ 1127.952092][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1127.956044][  T971] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[ 1127.961229][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1127.980681][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1127.989831][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1127.998029][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1128.007228][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1128.018821][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1128.027962][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1128.040155][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1128.049310][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1128.058450][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1128.091868][   T30] audit: type=1400 audit(1741732241.326:560): avc:  denied  { write } for  pid=16414 comm="syz.4.2521" name="random" dev="devtmpfs" ino=8 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1
[ 1128.145448][T16415] IPVS: rr: SCTP 172.20.20.187:0 - no destination available
[ 1128.198768][    T9] IPVS: starting estimator thread 0...
[ 1128.205575][ T5196] ldm_validate_partition_table(): Disk read failed.
[ 1128.215697][ T5196] Dev loop6: unable to read RDB block 0
[ 1128.223122][ T5196]  loop6: unable to read partition table
[ 1128.296098][T16417] IPVS: using max 56 ests per chain, 134400 per kthread
[ 1128.415898][  T971] usb 2-1: Using ep0 maxpacket: 32
[ 1129.332015][  T971] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1129.343149][  T971] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1129.353720][  T971] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[ 1129.442963][   T53] usb 1-1: device descriptor read/all, error -71
[ 1129.449912][  T971] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1129.450792][T16401] syz.3.2517: attempt to access beyond end of device
[ 1129.450792][T16401] nbd3: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1129.459521][  T971] usb 2-1: config 0 descriptor??
[ 1129.471728][T16401] SQUASHFS error: Failed to read block 0x0: -5
[ 1129.479517][  T971] hub 2-1:0.0: USB hub found
[ 1129.491001][T16401] unable to read squashfs_super_block
[ 1129.672187][   T10] vhci_hcd: vhci_device speed not set
[ 1129.680268][  T971] hub 2-1:0.0: config failed, hub doesn't have any ports! (err -19)
[ 1129.912998][ T5196] ldm_validate_partition_table(): Disk read failed.
[ 1129.926599][ T5196] Dev loop6: unable to read RDB block 0
[ 1130.478977][T16438] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1130.488795][T16438] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1130.498467][T16438] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1130.508773][T16438] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1130.862953][  T971] hid-generic 0003:046D:C31C.0015: hidraw0: USB HID v8.00 Device [HID 046d:c31c] on usb-dummy_hcd.1-1/input0
[ 1130.954120][T16444] netlink: 256 bytes leftover after parsing attributes in process `syz.3.2527'.
[ 1130.963289][T16444] netlink: 'syz.3.2527': attribute type 9 has an invalid length.
[ 1130.974433][T16444] /dev/nullb0: Can't open blockdev
[ 1131.470175][ T5196]  loop6: unable to read partition table
[ 1131.522390][T14555] vhci_hcd: vhci_device speed not set
[ 1131.530768][  T971] usb 2-1: USB disconnect, device number 25
[ 1131.572241][   T30] audit: type=1400 audit(1741732244.806:561): avc:  denied  { write } for  pid=16445 comm="syz.0.2530" name="usbmon8" dev="devtmpfs" ino=745 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[ 1131.700117][   T30] audit: type=1400 audit(1741732244.936:562): avc:  denied  { read } for  pid=16453 comm="syz.4.2531" name="btrfs-control" dev="devtmpfs" ino=1311 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[ 1131.734484][   T30] audit: type=1400 audit(1741732244.936:563): avc:  denied  { open } for  pid=16453 comm="syz.4.2531" path="/dev/btrfs-control" dev="devtmpfs" ino=1311 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[ 1131.903578][   T30] audit: type=1400 audit(1741732244.966:564): avc:  denied  { ioctl } for  pid=16453 comm="syz.4.2531" path="/dev/btrfs-control" dev="devtmpfs" ino=1311 ioctlcmd=0x9427 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[ 1132.031722][   T10] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[ 1132.435841][   T10] usb 3-1: device descriptor read/64, error -71
[ 1133.223070][   T10] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[ 1133.466883][   T10] usb 3-1: device descriptor read/64, error -71
[ 1133.726087][   T10] usb usb3-port1: attempt power cycle
[ 1133.814230][T16481] openvswitch: netlink: IPv4 frag type 255 is out of range max 2
[ 1134.035122][T16483] netlink: 256 bytes leftover after parsing attributes in process `syz.0.2538'.
[ 1134.044614][T16483] netlink: 'syz.0.2538': attribute type 9 has an invalid length.
[ 1134.142876][T16484] /dev/nullb0: Can't open blockdev
[ 1134.466572][T14555] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[ 1134.482893][ T5135] block nbd1: Receive control failed (result -32)
[ 1134.489510][T10125] block nbd1: Receive control failed (result -32)
[ 1134.498243][T16330] block nbd1: Receive control failed (result -32)
[ 1134.505048][T16480] block nbd1: shutting down sockets
[ 1134.517018][   T10] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[ 1134.548726][   T10] usb 3-1: device descriptor read/8, error -71
[ 1134.658911][T14555] usb 4-1: New USB device found, idVendor=5543, idProduct=0004, bcdDevice= 0.00
[ 1134.684466][T14555] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1134.709127][T14555] usb 4-1: config 0 descriptor??
[ 1135.125589][T14555] uclogic 0003:5543:0004.0016: item fetching failed at offset 2/5
[ 1135.134178][T14555] uclogic 0003:5543:0004.0016: parse failed
[ 1135.140170][T14555] uclogic 0003:5543:0004.0016: probe with driver uclogic failed with error -22
[ 1135.339103][T14555] usb 4-1: USB disconnect, device number 21
[ 1139.925829][   T53] usb 2-1: new high-speed USB device number 26 using dummy_hcd
[ 1140.097890][   T53] usb 2-1: New USB device found, idVendor=5543, idProduct=0004, bcdDevice= 0.00
[ 1140.107070][   T53] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1140.116197][   T53] usb 2-1: config 0 descriptor??
[ 1140.328504][   T30] audit: type=1400 audit(1741732253.566:565): avc:  denied  { create } for  pid=16517 comm="syz.1.2541" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[ 1140.349768][   T30] audit: type=1400 audit(1741732253.566:566): avc:  denied  { write } for  pid=16517 comm="syz.1.2541" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[ 1140.370909][   T30] audit: type=1400 audit(1741732253.566:567): avc:  denied  { nlmsg_write } for  pid=16517 comm="syz.1.2541" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[ 1140.533477][   T53] uclogic 0003:5543:0004.0017: item fetching failed at offset 2/5
[ 1140.541601][   T53] uclogic 0003:5543:0004.0017: parse failed
[ 1140.547665][   T53] uclogic 0003:5543:0004.0017: probe with driver uclogic failed with error -22
[ 1140.745183][T14555] usb 2-1: USB disconnect, device number 26
[ 1159.972784][T16545] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2543'.
[ 1160.622327][   T30] audit: type=1400 audit(1741732273.266:568): avc:  denied  { execute_no_trans } for  pid=16533 comm="syz.0.2543" path=2F6D656D66643A202864656C6574656429 dev="hugetlbfs" ino=50510 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[ 1160.930955][T16538] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(7)
[ 1160.937510][T16538] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1161.493749][T16538] vhci_hcd vhci_hcd.0: Device attached
[ 1161.722261][    T9] libceph: connect (1)[c::]:6789 error -101
[ 1161.728406][    T9] libceph: mon0 (1)[c::]:6789 connect error
[ 1161.745618][T16549] ceph: No mds server is up or the cluster is laggy
[ 1161.954011][T16565] overlayfs: failed to resolve './file1': -2
[ 1161.968261][T14555] usb 39-1: new low-speed USB device number 11 using vhci_hcd
[ 1162.055877][    T9] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[ 1162.246511][    T9] usb 4-1: Using ep0 maxpacket: 16
[ 1162.257423][T16554] vhci_hcd: cannot find a urb of seqnum 1 max seqnum 6
[ 1162.309056][ T3540] vhci_hcd: stop threads
[ 1162.335844][T16575] block nbd4: Device being setup by another task
[ 1162.474111][ T3540] vhci_hcd: release socket
[ 1162.570768][  T971] libceph: connect (1)[c::]:6789 error -101
[ 1162.602705][ T3540] vhci_hcd: disconnect device
[ 1162.669848][  T971] libceph: mon0 (1)[c::]:6789 connect error
[ 1162.777010][    T9] usb 4-1: unable to get BOS descriptor or descriptor too short
[ 1162.785423][    T9] usb 4-1: too many configurations: 30, using maximum allowed: 8
[ 1162.831642][    T9] usb 4-1: unable to read config index 0 descriptor/start: -71
[ 1162.860499][T16577] ceph: No mds server is up or the cluster is laggy
[ 1162.860911][    T9] usb 4-1: can't read configurations, error -71
[ 1162.913339][T16571] block nbd4: shutting down sockets
[ 1163.033078][T16583] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1163.320244][    T9] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[ 1163.416617][T16592] netlink: 'syz.4.2556': attribute type 10 has an invalid length.
[ 1163.424772][T16592] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2556'.
[ 1163.452215][T16592] batadv0: entered promiscuous mode
[ 1163.471206][T16592] batadv0: entered allmulticast mode
[ 1163.484425][T16592] bridge0: port 4(batadv0) entered blocking state
[ 1163.492813][T16592] bridge0: port 4(batadv0) entered disabled state
[ 1163.503712][T16592] bridge0: port 4(batadv0) entered blocking state
[ 1163.510413][T16592] bridge0: port 4(batadv0) entered forwarding state
[ 1163.603981][T16598] FAULT_INJECTION: forcing a failure.
[ 1163.603981][T16598] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1163.620474][T16598] CPU: 0 UID: 0 PID: 16598 Comm: syz.0.2558 Not tainted 6.14.0-rc6-syzkaller-00007-g0b46b049d6ec #0
[ 1163.620498][T16598] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1163.620506][T16598] Call Trace:
[ 1163.620511][T16598]  <TASK>
[ 1163.620517][T16598]  dump_stack_lvl+0x16c/0x1f0
[ 1163.620537][T16598]  should_fail_ex+0x50a/0x650
[ 1163.620557][T16598]  _copy_to_user+0x32/0xd0
[ 1163.620568][T16598]  simple_read_from_buffer+0xd0/0x160
[ 1163.620590][T16598]  proc_fail_nth_read+0x198/0x270
[ 1163.620608][T16598]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1163.620625][T16598]  ? rw_verify_area+0xcf/0x680
[ 1163.620640][T16598]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1163.620654][T16598]  vfs_read+0x1df/0xbf0
[ 1163.620670][T16598]  ? __fget_files+0x1fc/0x3a0
[ 1163.620681][T16598]  ? __pfx___mutex_lock+0x10/0x10
[ 1163.620695][T16598]  ? __pfx_vfs_read+0x10/0x10
[ 1163.620713][T16598]  ? __fget_files+0x206/0x3a0
[ 1163.620726][T16598]  ksys_read+0x12b/0x250
[ 1163.620736][T16598]  ? __pfx_ksys_read+0x10/0x10
[ 1163.620748][T16598]  do_syscall_64+0xcd/0x250
[ 1163.620762][T16598]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1163.620777][T16598] RIP: 0033:0x7f4f6f58bb7c
[ 1163.620785][T16598] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1163.620796][T16598] RSP: 002b:00007f4f70436030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1163.620805][T16598] RAX: ffffffffffffffda RBX: 00007f4f6f7a6080 RCX: 00007f4f6f58bb7c
[ 1163.620812][T16598] RDX: 000000000000000f RSI: 00007f4f704360a0 RDI: 0000000000000007
[ 1163.620818][T16598] RBP: 00007f4f70436090 R08: 0000000000000000 R09: 0000000000000000
[ 1163.620824][T16598] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1163.620830][T16598] R13: 0000000000000000 R14: 00007f4f6f7a6080 R15: 00007ffca00f3cb8
[ 1163.620842][T16598]  </TASK>
[ 1163.994822][ T1110] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[ 1164.004275][ T1110] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[ 1164.096242][    T9] usb 4-1: Using ep0 maxpacket: 8
[ 1164.117354][    T9] usb 4-1: config 0 has an invalid interface number: 231 but max is 0
[ 1164.135825][    T9] usb 4-1: config 0 has no interface number 0
[ 1164.166904][    T9] usb 4-1: New USB device found, idVendor=0c45, idProduct=800a, bcdDevice=53.16
[ 1164.192356][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1164.229274][    T9] usb 4-1: Product: syz
[ 1164.258208][    T9] usb 4-1: Manufacturer: syz
[ 1164.290218][    T9] usb 4-1: SerialNumber: syz
[ 1164.337131][    T9] usb 4-1: config 0 descriptor??
[ 1164.388504][    T9] gspca_main: sn9c2028-2.14.0 probing 0c45:800a
[ 1164.505520][T11280] libceph: connect (1)[c::]:6789 error -101
[ 1165.024728][    T9] gspca_sn9c2028: read1 error -110
[ 1165.031549][    T9] gspca_sn9c2028: read1 error -32
[ 1165.045286][    T9] gspca_sn9c2028: read1 error -32
[ 1165.069301][    T9] sn9c2028 4-1:0.231: probe with driver sn9c2028 failed with error -32
[ 1165.082398][T11280] libceph: mon0 (1)[c::]:6789 connect error
[ 1165.094323][T16609] ceph: No mds server is up or the cluster is laggy
[ 1165.094438][   T30] audit: type=1326 audit(1741732278.316:569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16581 comm="syz.3.2554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e4fb8d169 code=0x7ffc0000
[ 1165.141328][   T30] audit: type=1326 audit(1741732278.316:570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16581 comm="syz.3.2554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e4fb8d169 code=0x7ffc0000
[ 1165.243977][   T30] audit: type=1326 audit(1741732278.366:571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16581 comm="syz.3.2554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6e4fb8d169 code=0x7ffc0000
[ 1165.356362][   T30] audit: type=1326 audit(1741732278.366:572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16581 comm="syz.3.2554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e4fb8d169 code=0x7ffc0000
[ 1165.553174][T16615] netlink: 'syz.1.2562': attribute type 10 has an invalid length.
[ 1165.562331][T16621] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1165.577463][T16621] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1165.581153][T16615] netlink: 2 bytes leftover after parsing attributes in process `syz.1.2562'.
[ 1165.721907][   T30] audit: type=1326 audit(1741732278.366:573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16581 comm="syz.3.2554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e4fb8d169 code=0x7ffc0000
[ 1165.746141][   T30] audit: type=1400 audit(1741732278.366:574): avc:  denied  { connect } for  pid=16607 comm="syz.2.2561" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[ 1165.774409][   T30] audit: type=1326 audit(1741732278.426:575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16581 comm="syz.3.2554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6e4fb8d169 code=0x7ffc0000
[ 1165.808543][T16585] mac80211_hwsim hwsim11 wlan1: entered allmulticast mode
[ 1165.855866][   T30] audit: type=1326 audit(1741732278.426:576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16581 comm="syz.3.2554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e4fb8d169 code=0x7ffc0000
[ 1165.884054][   T30] audit: type=1326 audit(1741732278.426:577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16581 comm="syz.3.2554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6e4fb8d169 code=0x7ffc0000
[ 1165.884834][T11280] usb 4-1: USB disconnect, device number 23
[ 1165.908209][   T30] audit: type=1326 audit(1741732278.426:578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16581 comm="syz.3.2554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e4fb8d169 code=0x7ffc0000
[ 1165.991423][T16628] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(6)
[ 1165.997948][T16628] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1166.007609][T16628] vhci_hcd vhci_hcd.0: Device attached
[ 1166.022769][   T30] audit: type=1326 audit(1741732278.426:579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16581 comm="syz.3.2554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f6e4fb8d169 code=0x7ffc0000
[ 1166.049621][   T30] audit: type=1326 audit(1741732278.426:580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16581 comm="syz.3.2554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e4fb8d169 code=0x7ffc0000
[ 1166.081744][   T30] audit: type=1326 audit(1741732278.426:581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16581 comm="syz.3.2554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f6e4fb8d169 code=0x7ffc0000
[ 1166.108198][   T30] audit: type=1326 audit(1741732278.426:582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16581 comm="syz.3.2554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e4fb8d169 code=0x7ffc0000
[ 1166.246358][T16632] block nbd1: server does not support multiple connections per device.
[ 1166.258731][T16631] block nbd1: shutting down sockets
[ 1166.266312][T13837] usb 41-1: new low-speed USB device number 10 using vhci_hcd
[ 1166.296796][    T9] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[ 1166.455828][    T9] usb 5-1: Using ep0 maxpacket: 16
[ 1166.502048][T16629] vhci_hcd: cannot find a urb of seqnum 1 max seqnum 4
[ 1166.512408][    T9] usb 5-1: unable to get BOS descriptor or descriptor too short
[ 1166.537180][ T6782] vhci_hcd: stop threads
[ 1166.566505][ T6782] vhci_hcd: release socket
[ 1166.584212][    T9] usb 5-1: too many configurations: 30, using maximum allowed: 8
[ 1166.596516][ T6782] vhci_hcd: disconnect device
[ 1166.613695][    T9] usb 5-1: unable to read config index 0 descriptor/start: -71
[ 1166.635359][   T10] usb 2-1: new high-speed USB device number 27 using dummy_hcd
[ 1166.661864][    T9] usb 5-1: can't read configurations, error -71
[ 1166.827369][   T10] usb 2-1: New USB device found, idVendor=5543, idProduct=0004, bcdDevice= 0.00
[ 1166.847397][   T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1166.868373][   T10] usb 2-1: config 0 descriptor??
[ 1167.471717][  T971] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[ 1167.535862][T14555] vhci_hcd: vhci_device speed not set
[ 1167.679920][  T971] usb 1-1: New USB device found, idVendor=5543, idProduct=0004, bcdDevice= 0.00
[ 1167.693285][   T10] uclogic 0003:5543:0004.0018: item fetching failed at offset 2/5
[ 1167.702709][   T10] uclogic 0003:5543:0004.0018: parse failed
[ 1167.710555][   T10] uclogic 0003:5543:0004.0018: probe with driver uclogic failed with error -22
[ 1167.723362][  T971] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1167.826520][T16651] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5126 sclass=netlink_route_socket pid=16651 comm=syz.4.2573
[ 1167.845902][  T971] usb 1-1: config 0 descriptor??
[ 1167.975571][   T10] usb 2-1: USB disconnect, device number 27
[ 1168.035350][T16655] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2574'.
[ 1168.348936][  T971] uclogic 0003:5543:0004.0019: item fetching failed at offset 2/5
[ 1168.392872][  T971] uclogic 0003:5543:0004.0019: parse failed
[ 1168.399097][  T971] uclogic 0003:5543:0004.0019: probe with driver uclogic failed with error -22
[ 1168.601927][T16661] netlink: 'syz.4.2577': attribute type 10 has an invalid length.
[ 1168.611570][   T10] usb 1-1: USB disconnect, device number 22
[ 1168.619714][T16661] netlink: 2 bytes leftover after parsing attributes in process `syz.4.2577'.
[ 1170.372195][  T971] libceph: connect (1)[c::]:6789 error -101
[ 1170.393992][  T971] libceph: mon0 (1)[c::]:6789 connect error
[ 1170.433224][T16674] ceph: No mds server is up or the cluster is laggy
[ 1170.636024][T16681] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1170.768218][T16686] netlink: 68 bytes leftover after parsing attributes in process `syz.2.2582'.
[ 1172.395913][T16698] netlink: 68 bytes leftover after parsing attributes in process `syz.4.2585'.
[ 1172.979781][T13837] vhci_hcd: vhci_device speed not set
[ 1173.102633][T16701] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1173.976123][ T5875] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[ 1174.699548][   T30] kauditd_printk_skb: 23 callbacks suppressed
[ 1174.699561][   T30] audit: type=1400 audit(1741732287.926:606): avc:  denied  { ioctl } for  pid=16717 comm="syz.4.2591" path="socket:[51205]" dev="sockfs" ino=51205 ioctlcmd=0x890b scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[ 1174.758385][ T5875] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 254, using maximum allowed: 30
[ 1174.784297][ T5875] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has an invalid bInterval 64, changing to 10
[ 1174.824416][ T5875] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 254
[ 1174.838723][ T5875] usb 3-1: New USB device found, idVendor=1e71, idProduct=200e, bcdDevice= 0.00
[ 1174.848335][ T5875] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1174.861960][ T5875] usb 3-1: config 0 descriptor??
[ 1175.149512][   T30] audit: type=1400 audit(1741732288.386:607): avc:  denied  { write } for  pid=16734 comm="syz.1.2598" name="rtc0" dev="devtmpfs" ino=921 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[ 1175.749511][ T5875] nzxt-smart2 0003:1E71:200E.001A: unknown main item tag 0x0
[ 1175.776015][ T5875] nzxt-smart2 0003:1E71:200E.001A: unknown main item tag 0x0
[ 1175.794506][T16707] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1175.821942][T16707] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1175.855347][ T5875] nzxt-smart2 0003:1E71:200E.001A: hidraw0: USB HID v0.0a Device [HID 1e71:200e] on usb-dummy_hcd.2-1/input0
[ 1176.448116][ T5875] usb 3-1: USB disconnect, device number 20
[ 1177.441040][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[ 1177.456390][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[ 1177.752547][T16764] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2607'.
[ 1178.012043][   T30] audit: type=1326 audit(1741732291.246:608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16770 comm="syz.2.2609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2398b8d169 code=0x7ffc0000
[ 1178.100854][   T30] audit: type=1326 audit(1741732291.246:609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16770 comm="syz.2.2609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2398b8d169 code=0x7ffc0000
[ 1178.180138][   T30] audit: type=1326 audit(1741732291.246:610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16770 comm="syz.2.2609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2398b8d169 code=0x7ffc0000
[ 1178.204607][   T30] audit: type=1326 audit(1741732291.246:611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16770 comm="syz.2.2609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2398b8d169 code=0x7ffc0000
[ 1178.229027][   T30] audit: type=1326 audit(1741732291.246:612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16770 comm="syz.2.2609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2398b8d169 code=0x7ffc0000
[ 1178.255085][   T30] audit: type=1326 audit(1741732291.246:613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16770 comm="syz.2.2609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f2398b8d169 code=0x7ffc0000
[ 1178.479526][   T30] audit: type=1326 audit(1741732291.416:614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16770 comm="syz.2.2609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2398b8d169 code=0x7ffc0000
[ 1178.941059][   T30] audit: type=1326 audit(1741732291.416:615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16770 comm="syz.2.2609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2398b8d169 code=0x7ffc0000
[ 1179.082855][T16780] lo speed is unknown, defaulting to 1000
[ 1179.421679][T16780] lo speed is unknown, defaulting to 1000
[ 1180.321458][ T5875] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[ 1180.496290][ T5875] usb 4-1: Using ep0 maxpacket: 16
[ 1180.516549][ T5875] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1180.535872][ T5875] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1180.545648][ T5875] usb 4-1: New USB device found, idVendor=046d, idProduct=c287, bcdDevice= 0.00
[ 1180.600745][ T5875] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1180.645109][ T5875] usb 4-1: config 0 descriptor??
[ 1180.797858][T16807] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1180.901146][T16808] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1180.959944][T16807] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1181.060249][ T5875] logitech 0003:046D:C287.001B: unknown main item tag 0x0
[ 1181.078312][ T5875] logitech 0003:046D:C287.001B: unknown main item tag 0x0
[ 1181.096420][ T5875] logitech 0003:046D:C287.001B: item fetching failed at offset 2/5
[ 1181.115569][ T5875] logitech 0003:046D:C287.001B: parse failed
[ 1181.125202][ T5875] logitech 0003:046D:C287.001B: probe with driver logitech failed with error -22
[ 1181.728857][   T30] kauditd_printk_skb: 4 callbacks suppressed
[ 1181.728890][   T30] audit: type=1400 audit(1741732294.716:620): avc:  denied  { nlmsg_read } for  pid=16811 comm="syz.2.2622" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[ 1183.225258][ T5875] usb 4-1: USB disconnect, device number 24
[ 1187.009684][T16881] netlink: 25 bytes leftover after parsing attributes in process `syz.1.2642'.
[ 1187.045796][T16881] gretap0: entered promiscuous mode
[ 1188.698419][T16894] usb usb1: usbfs: process 16894 (syz.0.2649) did not claim interface 0 before use
[ 1189.200869][   T30] audit: type=1400 audit(1741732302.436:621): avc:  denied  { bind } for  pid=16914 comm="syz.4.2658" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 1189.709723][   T30] audit: type=1400 audit(1741732302.436:622): avc:  denied  { setopt } for  pid=16914 comm="syz.4.2658" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 1189.762795][   T30] audit: type=1400 audit(1741732302.436:623): avc:  denied  { ioctl } for  pid=16914 comm="syz.4.2658" path="socket:[51731]" dev="sockfs" ino=51731 ioctlcmd=0x8946 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1191.230315][T16935] block device autoloading is deprecated and will be removed.
[ 1191.695068][T16943] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2665'.
[ 1298.595672][    C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[ 1298.602664][    C0] rcu: 	1-...!: (1 GPs behind) idle=86b4/1/0x4000000000000000 softirq=62985/62986 fqs=0
[ 1298.613390][    C0] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P16942/1:b..l
[ 1298.621388][    C0] rcu: 	(detected by 0, t=10502 jiffies, g=59241, q=120 ncpus=2)
[ 1298.629097][    C0] Sending NMI from CPU 0 to CPUs 1:
[ 1298.629122][    C1] NMI backtrace for cpu 1
[ 1298.629132][    C1] CPU: 1 UID: 0 PID: 16949 Comm: syz.0.2668 Not tainted 6.14.0-rc6-syzkaller-00007-g0b46b049d6ec #0
[ 1298.629148][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1298.629156][    C1] RIP: 0010:lock_acquire.part.0+0xd2/0x380
[ 1298.629184][    C1] Code: f8 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 80 02 00 00 8b 95 ec 0a 00 00 85 d2 0f 85 d5 00 00 00 44 89 44 24 04 89 0c 24 9c <5d> fa 48 c7 c7 40 ff 6c 8b e8 b0 db c0 09 44 89 e2 44 89 f6 4c 89
[ 1298.629195][    C1] RSP: 0000:ffffc90000a28c38 EFLAGS: 00000046
[ 1298.629206][    C1] RAX: 0000000000000007 RBX: 1ffff92000145189 RCX: 0000000000000000
[ 1298.629214][    C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff88805f0faf2c
[ 1298.629222][    C1] RBP: ffff88805f0fa440 R08: 0000000000000001 R09: 0000000000000000
[ 1298.629230][    C1] R10: ffffffff90626317 R11: 0000000000000001 R12: 0000000000000000
[ 1298.629238][    C1] R13: ffffffff9ab1d018 R14: 0000000000000000 R15: 0000000000000000
[ 1298.629246][    C1] FS:  00007f4f704576c0(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[ 1298.629261][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1298.629269][    C1] CR2: 000000110c2c918a CR3: 00000000237fa000 CR4: 00000000003526f0
[ 1298.629278][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1298.629285][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1298.629293][    C1] Call Trace:
[ 1298.629299][    C1]  <NMI>
[ 1298.629305][    C1]  ? nmi_cpu_backtrace+0x1d8/0x390
[ 1298.629321][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[ 1298.629337][    C1]  ? nmi_handle+0x1ac/0x5d0
[ 1298.629356][    C1]  ? lock_acquire.part.0+0xd2/0x380
[ 1298.629373][    C1]  ? default_do_nmi+0x6a/0x160
[ 1298.629385][    C1]  ? exc_nmi+0x170/0x1e0
[ 1298.629397][    C1]  ? end_repeat_nmi+0xf/0x53
[ 1298.629418][    C1]  ? lock_acquire.part.0+0xd2/0x380
[ 1298.629434][    C1]  ? lock_acquire.part.0+0xd2/0x380
[ 1298.629451][    C1]  ? lock_acquire.part.0+0xd2/0x380
[ 1298.629468][    C1]  </NMI>
[ 1298.629472][    C1]  <IRQ>
[ 1298.629477][    C1]  ? __pfx_lock_acquire.part.0+0x10/0x10
[ 1298.629494][    C1]  ? rcu_is_watching+0x12/0xc0
[ 1298.629508][    C1]  ? trace_lock_acquire+0x14e/0x1f0
[ 1298.629522][    C1]  ? debug_object_activate+0x149/0x4a0
[ 1298.629538][    C1]  ? debug_object_deactivate+0x13b/0x370
[ 1298.629553][    C1]  ? lock_acquire+0x2f/0xb0
[ 1298.629568][    C1]  ? debug_object_deactivate+0x13b/0x370
[ 1298.629584][    C1]  _raw_spin_lock_irqsave+0x3a/0x60
[ 1298.629597][    C1]  ? debug_object_deactivate+0x13b/0x370
[ 1298.629612][    C1]  debug_object_deactivate+0x13b/0x370
[ 1298.629627][    C1]  ? __pfx_debug_object_deactivate+0x10/0x10
[ 1298.629642][    C1]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1298.629656][    C1]  ? __pfx_advance_sched+0x10/0x10
[ 1298.629669][    C1]  __hrtimer_run_queues+0x47c/0xae0
[ 1298.629686][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[ 1298.629699][    C1]  ? read_tsc+0x9/0x20
[ 1298.629714][    C1]  hrtimer_interrupt+0x392/0x8e0
[ 1298.629728][    C1]  ? irq_work_single+0x13a/0x260
[ 1298.629749][    C1]  __sysvec_apic_timer_interrupt+0x10f/0x400
[ 1298.629769][    C1]  sysvec_apic_timer_interrupt+0x9f/0xc0
[ 1298.629785][    C1]  </IRQ>
[ 1298.629789][    C1]  <TASK>
[ 1298.629794][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1298.629811][    C1] RIP: 0010:finish_task_switch.isra.0+0x220/0xcc0
[ 1298.629831][    C1] Code: a9 0a 00 00 44 8b 0d f3 dd d9 0e 45 85 c9 0f 85 c0 01 00 00 48 89 df e8 ae f8 ff ff e8 79 f0 38 00 fb 65 48 8b 1d e0 20 7b 7e <48> 8d bb 08 16 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1
[ 1298.629842][    C1] RSP: 0000:ffffc90003ecf4d8 EFLAGS: 00000206
[ 1298.629852][    C1] RAX: 000000000000acc9 RBX: ffff88805f0fa440 RCX: 1ffffffff20c43f1
[ 1298.629860][    C1] RDX: 0000000000000000 RSI: ffffffff8b6cfc80 RDI: ffffffff8bd36a20
[ 1298.629868][    C1] RBP: ffffc90003ecf520 R08: 0000000000000001 R09: 0000000000000001
[ 1298.629877][    C1] R10: ffffffff90626317 R11: 0000000000000000 R12: dffffc0000000000
[ 1298.629885][    C1] R13: ffff88801df80000 R14: 0000000000000000 R15: 0000000000000000
[ 1298.629898][    C1]  ? finish_task_switch.isra.0+0x217/0xcc0
[ 1298.629917][    C1]  __schedule+0xf4b/0x5890
[ 1298.629931][    C1]  ? __pfx___lock_acquire+0x10/0x10
[ 1298.629947][    C1]  ? __lock_acquire+0x15a9/0x3c40
[ 1298.629967][    C1]  ? __pfx___schedule+0x10/0x10
[ 1298.629980][    C1]  ? schedule+0x298/0x350
[ 1298.629993][    C1]  ? __pfx_lock_release+0x10/0x10
[ 1298.630011][    C1]  ? lock_acquire+0x2f/0xb0
[ 1298.630026][    C1]  ? schedule+0x1fd/0x350
[ 1298.630040][    C1]  schedule+0xe7/0x350
[ 1298.630053][    C1]  schedule_timeout+0x244/0x280
[ 1298.630066][    C1]  ? __pfx_schedule_timeout+0x10/0x10
[ 1298.630081][    C1]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[ 1298.630095][    C1]  ? prepare_to_wait_exclusive+0xe2/0x2b0
[ 1298.630113][    C1]  unix_wait_for_peer+0x247/0x280
[ 1298.630132][    C1]  ? __pfx_unix_wait_for_peer+0x10/0x10
[ 1298.630148][    C1]  ? __pfx_autoremove_wake_function+0x10/0x10
[ 1298.630165][    C1]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1298.630180][    C1]  ? hook_unix_may_send+0x2aa/0x3a0
[ 1298.630196][    C1]  unix_dgram_sendmsg+0x179d/0x1880
[ 1298.630217][    C1]  ? __pfx_unix_dgram_sendmsg+0x10/0x10
[ 1298.630239][    C1]  ____sys_sendmsg+0xaaf/0xc90
[ 1298.630253][    C1]  ? copy_msghdr_from_user+0x10b/0x160
[ 1298.630270][    C1]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1298.630283][    C1]  ? __lock_acquire+0xcc5/0x3c40
[ 1298.630300][    C1]  ? hlock_class+0x4e/0x130
[ 1298.630312][    C1]  ? __lock_acquire+0x15a9/0x3c40
[ 1298.630330][    C1]  ___sys_sendmsg+0x135/0x1e0
[ 1298.630348][    C1]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1298.630364][    C1]  ? __pfx___lock_acquire+0x10/0x10
[ 1298.630389][    C1]  ? __pfx___might_resched+0x10/0x10
[ 1298.630407][    C1]  ? __might_fault+0xe3/0x190
[ 1298.630424][    C1]  __sys_sendmmsg+0x201/0x420
[ 1298.630443][    C1]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1298.630462][    C1]  ? __pfx_do_futex+0x10/0x10
[ 1298.630482][    C1]  ? __pfx___x64_sys_futex+0x10/0x10
[ 1298.630497][    C1]  ? rcu_is_watching+0x12/0xc0
[ 1298.630511][    C1]  __x64_sys_sendmmsg+0x9c/0x100
[ 1298.630528][    C1]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1298.630543][    C1]  do_syscall_64+0xcd/0x250
[ 1298.630560][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1298.630577][    C1] RIP: 0033:0x7f4f6f58d169
[ 1298.630589][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1298.630601][    C1] RSP: 002b:00007f4f70457038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1298.630612][    C1] RAX: ffffffffffffffda RBX: 00007f4f6f7a5fa0 RCX: 00007f4f6f58d169
[ 1298.630621][    C1] RDX: 0000000000000651 RSI: 0000400000000000 RDI: 0000000000000004
[ 1298.630630][    C1] RBP: 00007f4f6f60e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 1298.630638][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1298.630646][    C1] R13: 0000000000000000 R14: 00007f4f6f7a5fa0 R15: 00007ffca00f3cb8
[ 1298.630659][    C1]  </TASK>
[ 1298.631117][    C0] task:syz.2.2665      state:R  running task     stack:26096 pid:16942 tgid:16939 ppid:5828   task_flags:0x40044c flags:0x00004002
[ 1299.316910][    C0] Call Trace:
[ 1299.320187][    C0]  <TASK>
[ 1299.323115][    C0]  __schedule+0xf43/0x5890
[ 1299.327530][    C0]  ? lock_acquire.part.0+0x11b/0x380
[ 1299.332824][    C0]  ? __pfx___schedule+0x10/0x10
[ 1299.337671][    C0]  ? __mod_node_page_state+0xde/0x1d0
[ 1299.343050][    C0]  ? preempt_schedule_thunk+0x1a/0x30
[ 1299.348422][    C0]  preempt_schedule_common+0x44/0xc0
[ 1299.353703][    C0]  preempt_schedule_thunk+0x1a/0x30
[ 1299.358906][    C0]  _raw_spin_unlock+0x3e/0x50
[ 1299.363582][    C0]  unmap_page_range+0x201d/0x4350
[ 1299.368625][    C0]  ? __pfx_unmap_page_range+0x10/0x10
[ 1299.373997][    C0]  ? mas_next_slot+0x12d3/0x21b0
[ 1299.378940][    C0]  ? uprobe_munmap+0x20/0x5c0
[ 1299.383640][    C0]  unmap_single_vma+0x194/0x2b0
[ 1299.388511][    C0]  unmap_vmas+0x22f/0x490
[ 1299.392848][    C0]  ? __pfx_unmap_vmas+0x10/0x10
[ 1299.397706][    C0]  ? mas_next_slot+0x12d3/0x21b0
[ 1299.402658][    C0]  exit_mmap+0x1c1/0xba0
[ 1299.406897][    C0]  ? __pfx_exit_mmap+0x10/0x10
[ 1299.411663][    C0]  ? __pfx_mark_lock+0x10/0x10
[ 1299.416443][    C0]  __mmput+0x12a/0x410
[ 1299.420515][    C0]  mmput+0x62/0x70
[ 1299.424239][    C0]  do_exit+0x9ba/0x2d70
[ 1299.428394][    C0]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1299.433593][    C0]  ? __pfx_do_exit+0x10/0x10
[ 1299.438179][    C0]  ? preempt_schedule_common+0x44/0xc0
[ 1299.443638][    C0]  do_group_exit+0xd3/0x2a0
[ 1299.448137][    C0]  get_signal+0x24ed/0x26c0
[ 1299.452645][    C0]  ? __schedule+0xf4b/0x5890
[ 1299.457237][    C0]  ? do_user_addr_fault+0xdc7/0x13f0
[ 1299.462521][    C0]  ? reacquire_held_locks+0x20b/0x4c0
[ 1299.467893][    C0]  ? __pfx_get_signal+0x10/0x10
[ 1299.472755][    C0]  arch_do_signal_or_restart+0x90/0x7e0
[ 1299.478295][    C0]  ? do_user_addr_fault+0xe50/0x13f0
[ 1299.483580][    C0]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 1299.489741][    C0]  syscall_exit_to_user_mode+0x150/0x2a0
[ 1299.495371][    C0]  do_syscall_64+0xda/0x250
[ 1299.499875][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1299.505766][    C0] RIP: 0033:0x7f2398b8d169
[ 1299.510172][    C0] RSP: 002b:00007f2399a58038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 1299.518581][    C0] RAX: 000000000003fffd RBX: 00007f2398da6080 RCX: 00007f2398b8d169
[ 1299.526546][    C0] RDX: 03fffffffffffeda RSI: 00004000000000c0 RDI: 0000000000000003
[ 1299.534510][    C0] RBP: 00007f2398c0e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 1299.542470][    C0] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000
[ 1299.550431][    C0] R13: 0000000000000001 R14: 00007f2398da6080 R15: 00007ffd6e9bcda8
[ 1299.558423][    C0]  </TASK>
[ 1299.561455][    C0] rcu: rcu_preempt kthread starved for 10502 jiffies! g59241 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
[ 1299.572661][    C0] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[ 1299.582707][    C0] rcu: RCU grace-period kthread stack dump:
[ 1299.588584][    C0] task:rcu_preempt     state:R  running task     stack:28048 pid:18    tgid:18    ppid:2      task_flags:0x208040 flags:0x00004000
[ 1299.602069][    C0] Call Trace:
[ 1299.605346][    C0]  <TASK>
[ 1299.608274][    C0]  __schedule+0xf43/0x5890
[ 1299.612694][    C0]  ? __pfx___lock_acquire+0x10/0x10
[ 1299.617905][    C0]  ? __pfx___schedule+0x10/0x10
[ 1299.622753][    C0]  ? schedule+0x298/0x350
[ 1299.627084][    C0]  ? __pfx_lock_release+0x10/0x10
[ 1299.632110][    C0]  ? lock_acquire+0x2f/0xb0
[ 1299.636611][    C0]  ? schedule+0x1fd/0x350
[ 1299.640939][    C0]  schedule+0xe7/0x350
[ 1299.645007][    C0]  schedule_timeout+0x124/0x280
[ 1299.649852][    C0]  ? __pfx_schedule_timeout+0x10/0x10
[ 1299.655217][    C0]  ? __pfx_process_timeout+0x10/0x10
[ 1299.660502][    C0]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[ 1299.666303][    C0]  ? prepare_to_swait_event+0xf3/0x470
[ 1299.671766][    C0]  rcu_gp_fqs_loop+0x1eb/0xb00
[ 1299.676533][    C0]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[ 1299.681815][    C0]  ? rcu_gp_init+0xc82/0x1630
[ 1299.686496][    C0]  ? _raw_spin_unlock_irq+0x2e/0x50
[ 1299.691692][    C0]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[ 1299.697495][    C0]  rcu_gp_kthread+0x271/0x380
[ 1299.702170][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 1299.707370][    C0]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1299.712566][    C0]  ? __kthread_parkme+0x148/0x220
[ 1299.717587][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 1299.722786][    C0]  kthread+0x3af/0x750
[ 1299.726854][    C0]  ? __pfx_kthread+0x10/0x10
[ 1299.731447][    C0]  ? __pfx_kthread+0x10/0x10
[ 1299.736033][    C0]  ret_from_fork+0x45/0x80
[ 1299.740447][    C0]  ? __pfx_kthread+0x10/0x10
[ 1299.745032][    C0]  ret_from_fork_asm+0x1a/0x30
[ 1299.749822][    C0]  </TASK>
[ 1299.752929][    C0] rcu: Stack dump where RCU GP kthread last ran:
[ 1299.759254][    C0] CPU: 0 UID: 0 PID: 16935 Comm: syz.3.2664 Not tainted 6.14.0-rc6-syzkaller-00007-g0b46b049d6ec #0
[ 1299.770006][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1299.780050][    C0] RIP: 0010:smp_call_function_many_cond+0x4c6/0x12c0
[ 1299.786725][    C0] Code: 0c 00 85 ed 74 4d 48 b8 00 00 00 00 00 fc ff df 4d 89 fc 4c 89 fd 49 c1 ec 03 83 e5 07 49 01 c4 83 c5 03 e8 ac 0e 0c 00 f3 90 <41> 0f b6 04 24 40 38 c5 7c 08 84 c0 0f 85 e8 0b 00 00 8b 43 08 31
[ 1299.806326][    C0] RSP: 0018:ffffc900030e74c0 EFLAGS: 00000293
[ 1299.812402][    C0] RAX: 0000000000000000 RBX: ffff8880b8744a80 RCX: ffffffff81ade25a
[ 1299.820380][    C0] RDX: ffff888030f20000 RSI: ffffffff81ade234 RDI: 0000000000000005
[ 1299.828352][    C0] RBP: 0000000000000003 R08: 0000000000000005 R09: 0000000000000000
[ 1299.836317][    C0] R10: 0000000000000001 R11: 0000000000000003 R12: ffffed10170e8951
[ 1299.844280][    C0] R13: 0000000000000001 R14: ffff8880b863fe80 R15: ffff8880b8744a88
[ 1299.852244][    C0] FS:  0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[ 1299.861171][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1299.867751][    C0] CR2: 000000110c3069b4 CR3: 000000003a0a6000 CR4: 00000000003526f0
[ 1299.875719][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1299.883680][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1299.891643][    C0] Call Trace:
[ 1299.894920][    C0]  <IRQ>
[ 1299.897759][    C0]  ? rcu_check_gp_kthread_starvation+0x31b/0x450
[ 1299.904086][    C0]  ? do_raw_spin_unlock+0x172/0x230
[ 1299.909286][    C0]  ? rcu_sched_clock_irq+0x247a/0x3310
[ 1299.914753][    C0]  ? timekeeping_advance+0x72e/0xa90
[ 1299.920036][    C0]  ? __pfx_rcu_sched_clock_irq+0x10/0x10
[ 1299.925663][    C0]  ? __asan_memcpy+0x3c/0x60
[ 1299.930254][    C0]  ? cgroup_rstat_updated+0x2a/0xb20
[ 1299.935540][    C0]  ? rcu_is_watching+0x12/0xc0
[ 1299.940309][    C0]  ? update_process_times+0x178/0x2d0
[ 1299.945681][    C0]  ? __pfx_update_process_times+0x10/0x10
[ 1299.951399][    C0]  ? __pfx_tick_nohz_handler+0x10/0x10
[ 1299.956852][    C0]  ? update_wall_time+0x1c/0x40
[ 1299.961701][    C0]  ? tick_nohz_handler+0x376/0x530
[ 1299.966811][    C0]  ? __pfx_tick_nohz_handler+0x10/0x10
[ 1299.972265][    C0]  ? __hrtimer_run_queues+0x5fb/0xae0
[ 1299.977638][    C0]  ? __pfx___hrtimer_run_queues+0x10/0x10
[ 1299.983348][    C0]  ? read_tsc+0x9/0x20
[ 1299.987419][    C0]  ? hrtimer_interrupt+0x392/0x8e0
[ 1299.992533][    C0]  ? __sysvec_apic_timer_interrupt+0x10f/0x400
[ 1299.998689][    C0]  ? sysvec_apic_timer_interrupt+0x9f/0xc0
[ 1300.004491][    C0]  </IRQ>
[ 1300.007413][    C0]  <TASK>
[ 1300.010339][    C0]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1300.016498][    C0]  ? smp_call_function_many_cond+0x4ea/0x12c0
[ 1300.022557][    C0]  ? smp_call_function_many_cond+0x4c4/0x12c0
[ 1300.028620][    C0]  ? smp_call_function_many_cond+0x4c6/0x12c0
[ 1300.034683][    C0]  ? __pfx_should_flush_tlb+0x10/0x10
[ 1300.040056][    C0]  ? __pfx_flush_tlb_func+0x10/0x10
[ 1300.045248][    C0]  ? __pfx_should_flush_tlb+0x10/0x10
[ 1300.050612][    C0]  on_each_cpu_cond_mask+0x40/0x90
[ 1300.055719][    C0]  flush_tlb_mm_range+0x271/0x4a0
[ 1300.060740][    C0]  ? __pfx_flush_tlb_mm_range+0x10/0x10
[ 1300.066284][    C0]  ? rcu_is_watching+0x12/0xc0
[ 1300.071043][    C0]  unmap_page_range+0x1f5b/0x4350
[ 1300.076086][    C0]  ? __pfx_unmap_page_range+0x10/0x10
[ 1300.081457][    C0]  ? mas_next_slot+0x12d3/0x21b0
[ 1300.086396][    C0]  ? uprobe_munmap+0x20/0x5c0
[ 1300.091069][    C0]  unmap_single_vma+0x194/0x2b0
[ 1300.095927][    C0]  unmap_vmas+0x22f/0x490
[ 1300.100259][    C0]  ? __pfx_unmap_vmas+0x10/0x10
[ 1300.105114][    C0]  ? mas_next_slot+0x12d3/0x21b0
[ 1300.110063][    C0]  exit_mmap+0x1c1/0xba0
[ 1300.114302][    C0]  ? __pfx_exit_mmap+0x10/0x10
[ 1300.119067][    C0]  ? __pfx_mark_lock+0x10/0x10
[ 1300.123849][    C0]  __mmput+0x12a/0x410
[ 1300.127924][    C0]  mmput+0x62/0x70
[ 1300.131650][    C0]  do_exit+0x9ba/0x2d70
[ 1300.135803][    C0]  ? get_signal+0x8f7/0x26c0
[ 1300.140394][    C0]  ? __pfx_do_exit+0x10/0x10
[ 1300.144978][    C0]  ? do_raw_spin_lock+0x12d/0x2c0
[ 1300.149997][    C0]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1300.155369][    C0]  do_group_exit+0xd3/0x2a0
[ 1300.159870][    C0]  get_signal+0x24ed/0x26c0
[ 1300.164379][    C0]  ? __pfx___lock_acquire+0x10/0x10
[ 1300.169581][    C0]  ? __pfx_get_signal+0x10/0x10
[ 1300.174437][    C0]  ? find_held_lock+0x2d/0x110
[ 1300.179198][    C0]  arch_do_signal_or_restart+0x90/0x7e0
[ 1300.184742][    C0]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 1300.190896][    C0]  ? __might_fault+0xe3/0x190
[ 1300.195579][    C0]  syscall_exit_to_user_mode+0x150/0x2a0
[ 1300.201209][    C0]  do_syscall_64+0xda/0x250
[ 1300.205712][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1300.211605][    C0] RIP: 0033:0x7f6e4fb8d169
[ 1300.216012][    C0] Code: Unable to access opcode bytes at 0x7f6e4fb8d13f.
[ 1300.223017][    C0] RSP: 002b:00007f6e50aa8038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 1300.231425][    C0] RAX: 0000000000010106 RBX: 00007f6e4fda5fa0 RCX: 00007f6e4fb8d169
[ 1300.239387][    C0] RDX: 0000000000010106 RSI: 00004000000000c0 RDI: 0000000000000008
[ 1300.247348][    C0] RBP: 00007f6e4fc0e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 1300.255311][    C0] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000
[ 1300.263273][    C0] R13: 0000000000000000 R14: 00007f6e4fda5fa0 R15: 00007ffc27aa9bf8
[ 1300.271248][    C0]  </TASK>