last executing test programs:

34.784909119s ago: executing program 1 (id=958):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@gettfilter={0x3c, 0x2e, 0x100, 0x70bd25, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0xffe0, 0xfff3}, {0x4, 0x10}, {0xd}}, [{0x8, 0xb, 0x6}, {0x8, 0xb, 0x6}, {0x8, 0xb, 0x6}]}, 0x3c}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
futex(&(0x7f000000cffc), 0xc, 0x1, 0x0, &(0x7f0000048000)=0x2, 0x0)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
r4 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
getsockopt$EBT_SO_GET_INFO(r3, 0x0, 0x80, &(0x7f0000000340)={'nat\x00', 0x0, 0x0, 0x0, [0x64cf, 0xe, 0x10001, 0x2, 0x5, 0x101]}, &(0x7f0000000100)=0x78)
setsockopt$netrom_NETROM_IDLE(r4, 0x103, 0x7, 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r3, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4)
r5 = socket$inet(0x2, 0x5, 0x0)
setsockopt$sock_int(r5, 0x1, 0x2e, &(0x7f0000000180)=0x7b, 0x4)
shutdown(r5, 0x0)
r6 = syz_io_uring_setup(0xade, &(0x7f0000000480)={0x0, 0x8a6f, 0x100, 0x22, 0x31a}, &(0x7f0000000540)=<r7=>0x0, &(0x7f00000001c0)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000000)=0x103, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f0000000200)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x4, 0x0, r5, 0x0, 0x0, 0x0, 0x2120, 0x1})
io_uring_enter(r6, 0x47ba, 0x0, 0x0, 0x0, 0x0)
r9 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r9, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000004c0)={0x38, 0x1403, 0x1, 0x70bd2d, 0x0, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'lo\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x854}, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000280)={0xffffffffffffffff, 0x58, &(0x7f0000000400)}, 0x10)
connect$inet(r3, &(0x7f0000001980)={0x2, 0x1, @loopback}, 0x10)

32.276363732s ago: executing program 1 (id=963):
r0 = getpid()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
syz_open_procfs(0x0, 0x0)
r4 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x749})
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000000c0)=@newsa={0x104, 0x10, 0x7, 0x0, 0x0, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @in=@multicast2, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee00}, {@in6=@dev, 0x0, 0x2b}, @in6=@mcast1, {}, {0x0, 0x200000, 0x7}, {}, 0x0, 0x0, 0xa, 0x2, 0x0, 0x70}, [@coaddr={0x14, 0xe, @in6=@remote}]}, 0x104}}, 0x0)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000040)=0x1)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r6, 0x0)
ioctl$TCSETS(r5, 0x89f0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7ff, 0x0, "5dee000000594000"})

29.880578609s ago: executing program 1 (id=968):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x14, &(0x7f0000000b00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000050ff850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r1, 0x0, 0xe, 0x0, &(0x7f00000003c0)="fdfc19f52a929e03000000000000", 0x0, 0xa00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

29.691873863s ago: executing program 1 (id=970):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
syz_emit_ethernet(0x46, &(0x7f0000000140)={@link_local, @random="ece65fbcee55", @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "010100", 0x10, 0x11, 0x0, @remote, @local, {[], {0x0, 0x4e21, 0x10, 0x0, @gue={{0x2}}}}}}}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='contention_end\x00', r0}, 0x10)
r1 = socket$packet(0x11, 0x2, 0x300)
mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x2000011, r1, 0x0)

27.976148622s ago: executing program 1 (id=975):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x68141, 0x0)
r1 = socket(0x10, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000000880)={'ip6tnl0\x00', &(0x7f0000000140)={'syztnl0\x00', 0x0, 0x4, 0x4, 0x7d, 0x9, 0x58, @loopback, @loopback={0x1000000, 0xffff888101827518}, 0x0, 0x0, 0x80000, 0xfffdfffe}})
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'rose0\x00', 0x112})
ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f00000000c0)={0x2, &(0x7f0000000080)=[{0x28, 0x0, 0x45, 0xfffff02c}, {0x6, 0x0, 0x0, 0x8000}]})

27.619765414s ago: executing program 1 (id=977):
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000004900), 0x0, 0x11)
r0 = socket$inet6(0xa, 0x3, 0x3c)
setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x39, &(0x7f0000001640)=ANY=[@ANYBLOB="0002020100000008ff"], 0x18)
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r1, &(0x7f00000004c0), 0x10)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
pipe2$9p(&(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0xe, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="850000002e0000001600ffff8000fdff95000000000000006884d1d9fe4c9ce4c8b7a8e93bb957f5ac915f7683352dbbdb85d8965f40a9372a85319dc353a5b7b7bf0365836f54ae60375c46827cb4d9f8a15bddba79096be7d495c19b3afaa67d2aea409ea69c67cc026d1f0d509b0055e7a371960c7eef346408d031b1249592ccc129485120730762afd7006f54bd541f8be0902162f15e7539ad6623a985526464b4539a3c1d15"], 0x0, 0x5, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
write$P9_RVERSION(r3, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff0180000008003950323030302e4c"], 0x15)
r4 = dup(r3)
write$FUSE_BMAP(r4, &(0x7f0000000100)={0x18}, 0x18)
fsopen(0x0, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000000)={'syztnl0\x00', 0x0})
r5 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000400), 0x4)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x630df6e0b32945da, 0x9, 0x9, 0x7fff, 0x18002, 0xffffffffffffffff, 0x710, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x5, 0x5, 0x0, @value=r5, @void, @value}, 0x50)
syz_emit_vhci(0x0, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000032680)=""/102400, 0x19000)
syz_open_dev$cec(&(0x7f0000000040), 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[], &(0x7f0000000040)=""/247, 0x26, 0xf7, 0x1, 0x0, 0x0, @void, @value}, 0x28)
write$FUSE_DIRENTPLUS(r4, &(0x7f0000000280)=ANY=[@ANYBLOB="38010000fe0000"], 0x138)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000004500), 0x0, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)

13.379574659s ago: executing program 32 (id=977):
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000004900), 0x0, 0x11)
r0 = socket$inet6(0xa, 0x3, 0x3c)
setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x39, &(0x7f0000001640)=ANY=[@ANYBLOB="0002020100000008ff"], 0x18)
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r1, &(0x7f00000004c0), 0x10)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
pipe2$9p(&(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0xe, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="850000002e0000001600ffff8000fdff95000000000000006884d1d9fe4c9ce4c8b7a8e93bb957f5ac915f7683352dbbdb85d8965f40a9372a85319dc353a5b7b7bf0365836f54ae60375c46827cb4d9f8a15bddba79096be7d495c19b3afaa67d2aea409ea69c67cc026d1f0d509b0055e7a371960c7eef346408d031b1249592ccc129485120730762afd7006f54bd541f8be0902162f15e7539ad6623a985526464b4539a3c1d15"], 0x0, 0x5, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
write$P9_RVERSION(r3, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff0180000008003950323030302e4c"], 0x15)
r4 = dup(r3)
write$FUSE_BMAP(r4, &(0x7f0000000100)={0x18}, 0x18)
fsopen(0x0, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000000)={'syztnl0\x00', 0x0})
r5 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000400), 0x4)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x630df6e0b32945da, 0x9, 0x9, 0x7fff, 0x18002, 0xffffffffffffffff, 0x710, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x5, 0x5, 0x0, @value=r5, @void, @value}, 0x50)
syz_emit_vhci(0x0, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000032680)=""/102400, 0x19000)
syz_open_dev$cec(&(0x7f0000000040), 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[], &(0x7f0000000040)=""/247, 0x26, 0xf7, 0x1, 0x0, 0x0, @void, @value}, 0x28)
write$FUSE_DIRENTPLUS(r4, &(0x7f0000000280)=ANY=[@ANYBLOB="38010000fe0000"], 0x138)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000004500), 0x0, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)

10.346484791s ago: executing program 4 (id=1001):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendfile(r0, r1, 0x0, 0xc19)
syz_open_dev$vim2m(0x0, 0xecb, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0400000004"], 0x48)
memfd_create(&(0x7f00000000c0)='\xfd\x0fm3#/\x00n\xaa\xaa\xe4\x01U\x8b\xc2\f\x03\x19\x9c\x8e\xcb\x90\x00\x00\xaegQ\x0e\x94\\y\x0fU2@\'\x8a\x80\x00$\x12\xfc\xe4.)\x9b\xf2@\xf0\xe0\xdb\x1f\xe6\xb4gc\x13\xda\xf9\xcd7el\xb7\xe6\b\x00\x00\x00\x00\xef\xff\x00vob/~\xc2\x00\b\x00\x00\x00\x00\x00\x00 \xff\xf1\xdem\x9c;%\xb5\"\xe4\xf1x2\x8a\x19p\x04\\\xaa-\x93\xd1\xc4 )\xbfK\xf7E\xf3\x05\xa0\xd0\xe6%\x97\x15\xf0\xab\x86\x90k\x10\xcer\x14\xe0a\xaf\xab\xfe\xd9V\x19\xa5d\x16\x8e]:3\xff\t\xe6\xf7\xb3\xbf\xa3\b[?\xb5\x14t\xd3\x8e\xc0\xe8\xefd\x88\xddz\xa25)\x17\xef\xfb4\xff\xdb\t\x8e\xeb\x1d\\\xf9\x14\xc7\v\xa8\x89\xdb A\xbaBAj\xfe\x18\xc3-+\xd6\xb0K\xee\x1b+\xc7lA\x84\xa6\xfe\x8bU<&\x1a\xe7m\x86\xb7\xa1A\xf9\x02S;C\x99\a.$K\x833\x82\x7f\x1b\'nj\x06\b\xb7\xe8] \x87A[y\xdc\x14\f\xcet\x00\x1f\x0f\xef\xca\xcfz\x7f\an0\xebB\xb8}&\xdd\xc9\xa7\x1dp\t\x9a\xceb \x81\xaaq{H\x88\xdf\xf8\x80\\\x1c8\xfe\xc4\xe3\xb0\x90\xcb\x8b1r\x94\x9f\x00\xce\xc8\xc3\x84\xa0\xc9\b\x00\x81Ks\xba\xbbC6\xd6\x13\xb5\xe086EzD\x18\xd5\x16\x88E\xc6\xf0A9\xf1u\xb3\x85\x02\x12\\Sp\xf4\x9a\xe8\x96^\xe6\xa8K\x12\b}\xff\xcb{\xc6\xf6\xb4\x8b\xb6\xa8Y\xf2\x91\xeeR\v#\xb5)\xb0\x99\x9b-p\xe3\x17\x04\xb0\xdc\x0fk\x11\xe1\x9a\a\x16\xb7\x9b\x88\xfa\x1e`\x84$\xfc\xd7\xf5^X\xd8[}\x032\xd0\x84\xdby\x94Vp\xa5\xcd(\xab\xb6\x95sR\xab\xfc\x8c\'\x9c\x16Q\xad\xbc\xb04%\xb7\xe5\x14\xb1`\x87#X\\W`;\'_4\xc5\xc9\x921<\xd9\xad\x9f\x12@!\xfaI\x88\xab\xef\x86\xe9\a>\xdd7\xb7\x8e\x9c0-o\xc9\xec_|\x02\xc8Ru\x95\xa8#U\xd6J\x87\xf6X\xb6{\x11$\x00\xc8\x14\xcb\xd1nK\xd8\xb9\x0e\x9bA\xed\xbcs\x1fS\r\x12O\x83\x15\xcb(\xdb\xb1S\x1f%\x04\x9a\xa0l\xa3}\xe7r\x02\x00\x00\x00\x8aeh;F[\xe2\x1c<L\xaa\x87A\xcdN#\xfb\xb0\xf2\x1e\x0e#J\xd0hB<\xc0\x82A0)p\xe7&J\x82\x83\x83\xd14\x01\xcf\x1b\xa9\x1d\x1ef\x0f\x86(1\xd6l\xd2\x8f\xb0\xad\t\x15\xdb|\x87\xf1\xc4\xb8\xb2\x9a\xd2A\x80\xbf\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xd6\x80\x00\x00\x00\x00\x00\x00\x00\x88&}\xd1\x00\x00\x00\xe6\xaf\t\x9f\x96\rN\xc9\x90\xbe\xed\x1ad\x14\xe7\x84\t\'\x8b\x00\xdd\xc9\x0f\x14v\xb6\x04\xf2U\xb4\xf6\xbe\xddT\xcb\x00\x00\x00\x00\x00\x00\xe9\x00\x00\x00\x00\x00\x00o:}\xa7jmH\xedn\x11\xfe\xe2\x0fT\x00\x94\xbc\xc6\x7f\x93eE1xp\xa3\xdc\xd7K9J<\xeb\xd2!\xf4\x19\xbd#\xb8\x83\x858\n\xf8\x12Z\x1a\x12\xfa\xcc\x04\r\xf3\xf4;\v\x15b^\xea\xa2\x04 \xe8\x99\xb3\x97\x9e\r\xb0\x05\xbb(f\xd0\x85\xc5\x15\xae#\x12Q\xacF\xfb\xc8\xbd\xcc#\v\x00\x00\x00\x00\x00\x00\x8f\x9b\x00\x03\xc8}\x11\xbc\x01\x8fi\xf5\x7f\xaf\x11\xfb\x16\x95\xdfc\xc9\x8a/&\x81w\xdf]ao\\\x88\xf7\xce\xbd\xb0\xa6J~\x8d\xf1\xe9\x1c\xcfo\xb3\xdc\x04Y\x8e\r\xf5\xa0\xeft\x06G0\xe3D\xd6\xa3L\xedN\x0e\xdc@7\xd8^\xae\xea\x92\xbe\x9c\xf9~c\xc1|\xca\x8d\x93R\xe5\xceU\xa5\x0f\xbf\xd8l\x96`\x0f\x00e\x8aR{\x17Y\x15m>\xe26 \x19k&.\x7f\x1d~\xdaI\xd4\x99\a+\xdf]\xbc\xa6\xc3\x0f\x99W\x9c-t\v\xc7J\xfd\x91\x853\xd1j;\x19W\x96V\x8az+\xf9\x82#\xfaC\xa3YN:\xe8\xda\xbc\xb2h\x8f\xe0\xc6d\x96\xccy\xb3\xc2\x98\x1c\xca\xde\"\xaeW\x89\x83\xc2sB\xe7\b\x9b9~}\xc2\xb3\x1d\xcc?\xd1\x89\xef\xca\x00\x00\x00\x00\x00\x00\x00\x00\x00J[\xc4\x04\xc1\xa6\x10\xc2\x9d\x11\t|\xc0\t\xd9(\x80\xe6s\xaa\x88\x8a\xd6\xa2\x01\x10W]Z\x8d\xf7\xd1P\xf9d\x01|\xa3\x03hSq\x95\x8f\xe1J\xd3#/fcCz\xff\x80\xe2M\xa3-r\xf6\x1a\xd74\xdc\xe1\xe4\xc3\x9dU t}\x02\x9a{C|S\xf4\x98\x05\xb9\x15}\xfa\"\xdc\xc2r\xf9\a\xadnD\xb6\x06\xd3\'\x10\x9f|\x17\xd6\x89O\f\x98@\x85\xa5m\x9d\\&\x17o\x11Z=l\xfb\x93\x8exZ', 0x6)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$SNDCTL_DSP_STEREO(r0, 0xc0045003, &(0x7f0000000040))
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r2, 0x0, 0x8a8}, 0x18)
bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
ioprio_get$uid(0x3, 0x0)
ioctl$sock_inet6_tcp_SIOCINQ(r0, 0x541b, 0x0)
sendmsg$IPCTNL_MSG_CT_GET_STATS_CPU(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, 0x4, 0x1, 0x201}, 0x14}}, 0x0)

9.739811903s ago: executing program 2 (id=1004):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="9feb01001800000000ff0f0000000002"], &(0x7f00000000c0)=""/209, 0x1a, 0xd1, 0x1, 0x0, 0x0, @void, @value}, 0x28)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000100)=ANY=[@ANYRES8, @ANYRES32, @ANYBLOB="0000000000000000400012800c0001"], 0x68}}, 0x0)
r1 = socket$igmp6(0xa, 0x3, 0x2)
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, &(0x7f0000000300)={0x0, 'syzkaller1\x00'})
write$tun(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="06000000bbbbbbbbbbbbaaaaaaaaaabb88f5"], 0xfdef)

8.934480145s ago: executing program 4 (id=1005):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000080)={r0}, 0x4)
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
pipe(0x0)
iopl(0x3)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000180)=""/196, 0xc4, 0x0, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x100000000000000, 0x0)
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
socket$inet6(0xa, 0x2, 0x0)
getsockopt$ARPT_SO_GET_ENTRIES(r3, 0x0, 0x61, &(0x7f0000000040)={'filter\x00', 0x2e, "d3843a468bbc993bd4c7fce071bbcdad7b982c1c1958184a6a14ade259da94476ff5d4aecadb8dad7bc49b795f7b"}, &(0x7f00000000c0)=0x52)
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r3, 0x84, 0x7b, &(0x7f0000000100)={0x0, 0x2}, 0x8)
bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
rseq(&(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x0, 0x8, 0x400, 0xfffffffffffffffb}, 0x3}, 0x20, 0x0, 0x0)
sendto$inet(r3, &(0x7f0000000300)="ab", 0xff04, 0x2404c090, &(0x7f0000000380)={0x2, 0x4e22, @local}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x4, 0x10, &(0x7f00000004c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x100}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1000}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0xb6}}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
getsockopt$inet_IP_XFRM_POLICY(r3, 0x0, 0x11, &(0x7f00000003c0)={{{@in=@private, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0}}, {{@in=@multicast2}, 0x0, @in=@local}}, &(0x7f0000000680)=0xe8)
setresuid(0xee00, r4, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)

8.158455741s ago: executing program 4 (id=1007):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000080)={r0}, 0x4)
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
pipe(0x0)
iopl(0x3)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000180)=""/196, 0xc4, 0x0, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x100000000000000, 0x0)
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
r4 = socket$inet6(0xa, 0x2, 0x0)
getsockopt$ARPT_SO_GET_ENTRIES(r3, 0x0, 0x61, &(0x7f0000000040)={'filter\x00', 0x2e, "d3843a468bbc993bd4c7fce071bbcdad7b982c1c1958184a6a14ade259da94476ff5d4aecadb8dad7bc49b795f7b"}, &(0x7f00000000c0)=0x52)
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r3, 0x84, 0x7b, &(0x7f0000000100)={0x0, 0x2}, 0x8)
bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
rseq(&(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x0, 0x8, 0x400, 0xfffffffffffffffb}, 0x3}, 0x20, 0x0, 0x0)
sendto$inet(r3, &(0x7f0000000300)="ab", 0xff04, 0x2404c090, &(0x7f0000000380)={0x2, 0x4e22, @local}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x4, 0x10, &(0x7f00000004c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x100}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1000}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0xb6}}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
getsockopt$inet_IP_XFRM_POLICY(r3, 0x0, 0x11, &(0x7f00000003c0)={{{@in=@private, @in=@dev}}, {{@in=@multicast2}, 0x0, @in=@local}}, &(0x7f0000000680)=0xe8)
getsockopt$inet6_IPV6_XFRM_POLICY(r4, 0x29, 0x23, &(0x7f0000000540)={{{@in6=@remote, @in6=@loopback}}, {{@in6=@initdev}, 0x0, @in=@multicast1}}, &(0x7f0000000640)=0xe8)
socket$nl_netfilter(0x10, 0x3, 0xc)

7.816343627s ago: executing program 0 (id=1009):
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340))
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000001d40)=[{{0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f0000001a80)=""/203, 0xcb}, {&(0x7f0000000000)=""/24, 0x18}, {&(0x7f00000004c0)=""/84, 0x54}, {&(0x7f0000000580)=""/23, 0x17}, {&(0x7f00000005c0)=""/237, 0xed}], 0x5, &(0x7f0000000740)=""/192, 0xc0}, 0x1}, {{&(0x7f0000000800)=@pptp={0x18, 0x2, {0x0, @remote}}, 0x80, &(0x7f0000000900)=[{&(0x7f0000000880)=""/121, 0x79}], 0x1, &(0x7f0000000940)=""/221, 0xdd}, 0x4}, {{&(0x7f0000000f80)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x80, &(0x7f0000001100), 0x0, &(0x7f0000001240)=""/250, 0xfa}, 0x6}, {{&(0x7f0000001340)=@phonet, 0x80, 0x0, 0x0, &(0x7f0000001580)=""/36, 0x24}, 0x9}], 0x4, 0x2, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000001140)='net\x00')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmmsg(0xffffffffffffffff, &(0x7f0000005c00)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18}}], 0x1, 0x0)
sendmmsg(0xffffffffffffffff, &(0x7f0000000300)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000001001000001000000ec"], 0x18, 0x7000000}, 0xf401}], 0x1, 0x0)
r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r2, 0xc004500a, &(0x7f0000000240)=0x7)
getpgid(0x0)
syz_open_procfs(0x0, &(0x7f0000000080)='net/vlan/vlan0\x00')
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$SIOCSIFMTU(r3, 0x8923, &(0x7f0000000100)={'vlan0\x00', 0x40})
read$FUSE(0xffffffffffffffff, &(0x7f00000021c0)={0x2020}, 0x2020)
ioctl$SNDCTL_DSP_CHANNELS(r2, 0xc0045006, &(0x7f0000000300)=0x7e)
read$dsp(r2, &(0x7f00000002c0)=""/58, 0x17a)
sendmsg$nl_xfrm(r0, &(0x7f0000000280)={0x0, 0x20, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="5c000000240001052abd7000fedbdf2509000000060003"], 0x5c}, 0x1, 0x0, 0x0, 0x8004}, 0x800)

6.536361766s ago: executing program 2 (id=1010):
prlimit64(0x0, 0xd, &(0x7f0000000100)={0x5, 0x7}, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x0, 0x2})
r0 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x12, 0x21, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000006000000000000000700000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000f6ffffffe80108000000170604000800000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000050000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000001000000850000008200000018220000", @ANYRES32, @ANYBLOB="00000000f8ffffff909718000800000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7020000000000008500000086000000bf91000000000000b7020000020000008500000085000000b700000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
add_key$keyring(&(0x7f00000000c0), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6000, 0x0)
r4 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mount$bind(0x0, &(0x7f0000000180)='./file0/file0\x00', 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(r4, 0x50009405, &(0x7f0000000180))

6.520308399s ago: executing program 4 (id=1011):
socket$nl_netfilter(0x10, 0x3, 0xc)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_setup(0xbdc, &(0x7f0000000640)={0x0, 0xec25, 0x8, 0x1, 0x40000333}, &(0x7f00000006c0), &(0x7f00000001c0))
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x2, 0x0, 0x0)
setxattr$incfs_metadata(&(0x7f0000000280)='./cgroup\x00', &(0x7f0000000840), &(0x7f0000000300), 0x0, 0x1)
removexattr(&(0x7f0000000200)='./cgroup\x00', &(0x7f0000000240)=@known='user.incfs.metadata\x00')
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setregid(0xee00, 0xee00)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000200)=@newlink={0x4c, 0x10, 0x437, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @bond={{0x9}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_BOND_AD_ACTOR_SYS_PRIO={0x6, 0x18, 0xfff}, @IFLA_BOND_AD_LACP_RATE={0x5}, @IFLA_BOND_MODE={0x5, 0x1, 0x4}]}}}]}, 0x4c}}, 0x0)
mount$cgroup(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f00000001c0), 0x2010042, &(0x7f0000000000)={[{@subsystem='hugetlb'}, {@subsystem='memory'}, {@subsystem='cpuacct'}, {@xattr}]})
mount(0x0, &(0x7f00000001c0)='./file0\x00', 0x0, 0x40078, &(0x7f0000000000))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))

6.404835742s ago: executing program 3 (id=1012):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x4, @tid=r0}, &(0x7f0000bbdffc)=<r1=>0x0)
timer_settime(r1, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
futex(&(0x7f000000cffc), 0x80, 0x0, 0x0, 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x40401, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
ioctl$KVM_CREATE_PIT2(r3, 0x4040ae77, &(0x7f0000000180))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000002000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="0f01cb650f741065666765f36f0f330f09660f3a0cb9000000752066b9800000c00f326635004000000f300f01d7ba4100ed", 0x32}], 0x1, 0x12, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000000)={0x1, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f00000003c0)={[0x0, 0x0, 0x8000, 0x40, 0x0, 0x0, 0x2004cb, 0x0, 0xfffffffffffffffe, 0x3, 0x0, 0x4, 0x0, 0x2, 0x0, 0x7fffffff], 0x80a0000})
openat$vcsu(0xffffffffffffff9c, 0x0, 0x183822, 0x0)
syz_io_uring_setup(0x34ff, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)

6.235878824s ago: executing program 0 (id=1013):
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x16, 0xe, &(0x7f00000017c0)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000703000000feffff7a0af0ff1100001f79a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7040000050000006a0af2fe00000000850000001a000000b700000000000000950000000000000000e154cd844a954b26c933f7ffffffffffffff55bb2007ee51050512b5b42128aa090a79507df719af36349f298129da4871307b534bf901115e17392ac66ad022186a8929d1c000006146001e04aeacea799a22a2fa030000c412f6cae80043eb27d53319d0ad229e5752548300000000dbc2777df150dd488318b5790bee7e6c8bd03acdd77b85b941092314fd085f028f4e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b217369ca8b6712f000000001b1df65b3e1b9bf115646914ce53d13d0ccacda1ef16fdcceaede3faedc51d29a47fc813ce3d32cfc7a53ac271d6d6f4ea6bf97f2f1be2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804d4a69bf9bc5fa77ee293fbd165a5a68488e40b030166565a097b1b44b451de7940b0000db8db03d4b7745fef1d04ec633dee254a6d491b8496da787e814c4fdf0b4a387b4c8149d18c1020029a18986252a70f8f92eb6f0e8c7db000068fbaa2e2a27efd9104297f2c58159f02d1b72183aacf4a84f9130b775dd4e9e3070756f97ad791fa909ac06b57479321a0574fb304bc2a1681989328c8ddc20ea011bf5742e0ef94234db1f00000000000000c20fb4791ec85821d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b35f421c3552772ca7f3e2c25a65f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41aad8bda74d66f47cc17d8ba3eec0fd80f82c5f573c6d294d366505000000da0fde0745db06753a7ac7fe13cab6692422a46e9ffe2d4a2d32f7528751313694bf5700b20ef0c248ddd3da323947004cacadcaff2066bb5d4045c9585638c2153a6eee01738b0c10671f4f559b7dcb98a6273b8c5f1e24d9f679e4fbe948dfb4cc4a389469608241730459f012b060e7d23fd39206000000000000eb55d001623258a141bd587cc9dad46de56ef907b059b99a79ae5498f6589880ed6eea7b9c670012f80cd6a1397953ba5870786554df26236ebced9390cb6941b8365d936a7d2120eca291963eb2d537d87cbb54e588ee5d6944ee4de5c183c960119451c31539b22809e1d7f0cda06a9fa87d64cb77872a0aa9a104e16b3b8c6e64836ac3f32f53c9a2bae513464ca03aff14b9fd8cd9539f5096412b92012e095b84c202060098df3314f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d304d455c363000000000223201780200c6ed7966130b547dbf8b497af0a77f52f2cd39000000200000e81c23cf14156951210001c800000000001500000000000928ee53595a779d243a48cea769470424d28804c026ab7f4a5c81921e0128dfd70b438af60b060000000000000056642b49b745f3bf2c01808b6d7d748308eea09f0161b4735efbf3411738d6ee7aebf9ef40662d7836d252c566e1ee938a9a6804ed3a1079b0282a12043408cd60b9e53978c81839be0000000000456f7d2a42cb13da2022f23eaec61854f640f701db0276652f6c74f20675eb781925441578e93046aaddea394cd8ffd3d628293e591dc6f71c2710a7ea8a4fdc214e1cc275b26adfa892e6de9200000000e50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e93311ab50fe82d5a96b09c68c73de2f04f15d005387577f480000ea65559eb00e014df20fa209bcbb5c252b11a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1cee1cdfba05e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2f085185cc92fe7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bbf96c89739f5d81e750d50515a59a3ad09e8802e8f4f535447dc0fc9d5f99a145dfcedad69da9cd4b75c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d583f436137a3c5dc714c9402c21d181aae59efb28d4f91652f6750b9195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa80900000000b6638c420eb4304f66e3a37aaf000000c42a570f0e9d76fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284df80e4636c25b96174327d82761c26e329555f9290af40000000000000100000fd3763655500344bae34347f5ab0d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419a5c16e2055b85058099448430587a49bed2ee9647c5d3bbb47bc00edf5e9020c09ab004321610b857e8717974b633b21cb32f0e03280e09758bd445ab91d201782d656ab09f508bbbaca005452b79d7b574a247f1d2fe45b3c4e93da3d51de647c10dd49944dc87c92b32af00f191b66b6a6f732a91f0a2e9120be61e58c79d497247d278888901d44bf77e8246605a644e9e3d769db497c3960df05caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f3101985602688888ccb85c87b4f8ffffff7f000000002c331fca0e541b7ca2119ff0d61c5224550346115b43f8b1894c8fa8a14dc4810f61ae01000000000000000000000102000000000000000000000027c9585c0cead5d619d18475ccde2857279a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77a23b0000e49666c464d35ca9b50f3ed3e535b3da8c17a23692759ccf5a205311b7d122532697b861dfb54609fd88e6043bd52ae84c1bb0c8a6c769f952b3d42c68a3102fa1296dfff4a979369b0e8ebc62887aa46e820a74f91381dcc198e353047db70686d147357024eb3cb94f1e8918a0d6e2949affcacb5ba0a56aa063b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fd00000000007271e28ef6806bc8e139c49b91c76b0d3958f7f05b47d3e519f1634e8fbd8d31330d89069f9448a2ff93060ff073b3a113e47edf76f7d1b8b90bc0df4cfb0b9c8c80158b44ecae9420654f7016b0aac117087406d343e27b372d6027ab2aec2bcad7fe6bb932bc5751d2974e95455a277fa3b472bc7bbdd2ac5a1ea608e8137ace03361607cc1a84be659355629ab13ad49008c3fcfa2423439a3607961d5b59da48a0155e8e42cc13c702cc40c99cf86c2021d72f9f4ab1b00de555a5a39593c93871ff7eb5ecadb64837a2d88723ef65aa5152e3d5864e57581b61f2b0960600000000000000265f091e7bce17d20604c5ab751773a5cf8a719a7ada06ed03832bf274707c7c970edc20f4a1eaa3b610450d2025cae6d2cb639ecd58709b05a20097208d03f7a146a6901913618738679d4e0af53eae997eecfa0dc3dcec19d3d9205450765d659220c92701ee75c8710470d9eb6f62c5c721883f1544ba66271c8dab05a933746c16b6e93294b561c6715a32a394ed1e6c01670c931bfa52c58c6f34d64e758a7a7f7d33c49336d4cba2cbb170ad7539a45774dfcc55257215c8ae719dc1c232fc6699ef01005887d04a543030b4328ab48744ac23ff56fd2da52eb9fb2eefcdd2d92d73ac1b111ea8b5e1fec36a3579879acfe366d393f1fa9cbe08d9ba57a443643e9cd251dc88e91a5e458e66ea1e822d55d4dd919a95eb4c25a08cb6e1070000003a0fd07a4ad9df240e00006aaa2db0dfe416146840d88bd08365e547c970e2983200703864a3b9e1682cb479dad6d34d211b05267eb1355520e9ec0c5014b0832f7fb35782fdbfcbf5e23a7f5d51ea480371748d18d8e10608ab8261fe058d1732f28814a9981d84a04a2bb36c89bdd245e3293a14df1ac567301a79514f103abd387d6ef2d9d94508ac0f6135c8921279573eefd5d4e33b9ef585980789a94d9848906f545559d30000b5040f0776703363249ca984cbb09752f099efbb9e7362e4999594c1086d8958e9469db01d85fb0b9b3148663e9ea2e755d96c70e540b4200e4cf82986712dd733b26d00e947d03c42215118426d548cb2077b43b89e4163d260faea1db53e2cf3427c90aefa2662a1c2b28b0e020e872bda1d39da508de5dbc37d03ee056b2579a1d16799589a2600000000aa00006c94bcaf115fbbcb216e3cb7fd9afe16d1fff2d047e508aa5f6de0ea4e9ec1b3a4ab1f8b5f312fc50000000000000000000000000042709db6de7e969ac0ce18b47280fb1b1b1531648122fed3e25edecb5200f5000000000000166f7d36b2966c19af7ffa6afa69e50821c9aa3ae60fbc196cf8ad2f7f86d79db1bb0ecbf9c3d0d3d407574def838e4def26ed9c7e6c69858f7813be8ffc565583663bebfe7485660b67e1436cbc6d4d3c48ab7b033d7d1195173edb16643f69cb779802839d490a4df94e5ea89c192af2ae83876edd59c9a7140e12ba591f073ec604f7e8f1e100cd414e9237ecfc052d9a73a868cd0e4b06da0435af72fb0d25657e8f5464b19fa83f977e6900000000367871fa37420e7a232ef9b440bb0639994c655d144c5786939d6a187b8182ddd2bec36cd28371b1754cb6c53697fb23576ee0d3fd0a5803c9be9fe384f1a7a9a8eb64d17d238fa3238a001aa8ed040a69e9ec0a627e3b3ca64d4680d819c14c71684581000000000000000000000000000000000000c6a6587715865fe14558960bc936bc83abd1f2a00b17a407457681d0760000000000000040000000000000000000004faeabea6de40ae30291662594c993099ef041c264a64d77d69e0cdfa620a191704cef91e269044acf752b55690075fa844de65a099200265e13c2a8f9b717886dea8e79407e34bc268a17965033ca1d000000000000000046595642f9fc008875ddb7aebda7a16b1d20dd8b65bcdac8cdc75a173fd2e57a9c37bf5a52ea001ec981dd7ad4e5944575ced39233ada8f3c1b856644812828bb79536a5188d14fe537250dc107121534cbbc7598f48aa2335616ae8eb72acf6982048e568e37f1f58e9714343587734c7ec0fa5c44d13165d6384bf9500757b4b0275950d6e7c451eef3fd353d47c54c4c2cf7318e6c24583ba0966225284d1abac80786519c563ddf0e6c023d537ca6e0d6d4e072c98f45415d13f0dcea174f162ebd00b42264f6fa3dccd09f4101dd254e54423b30e06713eccfacb6ffb38afff920980af938a4d78f4b9a6b5c7424e91121cda789104ee490d25843f1622bba93257cc23e45cd7ed42abdb991d51804e674e507dfd53b5ab6944df33f4f494b9ae0d2de410539828e82a939ad82b385e66809d7d4d3630b6f22c2f41fdaa0fadeea09fa4f7005813643c2d6307d55689faf6f656327ac5872a3bd4c11363909a8b9f30e5401993a0f6e1a9b42287542647d1e86b02b7e36319414629ac1f35572a9cc1e98ce1457f922da0c2de76c9e97944efad0a3ad78cda81c5b82709d696e85bbf4595ef9664a6aff8cf96446cb6c26595f4eb659d26c846471f6551dbb24fc6c03a01e33efcd5939472b687d31be9bd9bd1bcda45bd2236f06c000000007d348ebcb9d810d4dc3c55bbe4055ce9c45267daeec7a7d8b498f56ee933cc02fb53c2c28fa09ce5ada5687889357599971a8c794f8ce23c1f7add4f65280ab446ea2d130000000000000000000000d1a0313ff63bc4e4463688db1d6ac7f4595a02c89349a973f118d936f33ea18e69d7739f4532e1b8580ef125b47cf5b402b6f2beffed6cc9afe2b548c4dbc78363118818d9473f29d52444685c41620eeaeb1f8786e87aeaf287fb9b63b30e6761507503dcd47b64f0b6157d970a989844f9b7dbe83211cd7999c82bd151bee0c67f3e6642ef1772d759df9ec9b4197383f9a66217e180e434e650dd560aa3ed42acddd44d6f45807a3c63e15929cfbebc7eef1a219d3147a6c06bd974168ac689392fa851ebdf524ca2331148ff7e855cccc106074ca92153734d5c5e3f9efc6592b08e0c07c7b5d42ec71484bb2a4c0f4293138369f39f9fa4a9cc607b42ba6102f918ce4e76d66fba450e94849962fae5059bda419fd2a170ea387c10a4ada5893f38486069ef1bfdbb432ab322ce87d7a94fa967135833157bafbed3b48bb267fc3aa56d1e5b66417a673b40884fc91ec9558eab6a08222dfe37767095b2d94cda881290d6017137595cdd53972353f485adfde8015cac0e1acd64ca97d67023f75a54b1ebe55053652ad16292a15e79dc58ba080f795f1a753d1c5c85475e286c548da6f669e5c34afc272e5a32f27264d9210acec3b65a264fd5e85d5f44979431eab3fcd8d33d5476e070d2e20e6156ad9c964ebbfe7d9096461b72530295b3603bf85b0c8f9921e9ca95d744bf5c03d60f7364f3fd9d98f7acc80cabd02d061818d028056c68805ee4783aa4b90d39e9b29085429de28c615668e4b4f4dd77b3a55a8058b99f3adff03294e01da549dd64cacd59382466e562a3f67ef5d042426659574ed041bc19ed625b7c0633154a290f69437f43065795d3ae5b11ee8e935b9969f5291a32ce3adca268162efcee3898e823affe0f50f7efe763d47288004a2b310e2a79115160b8e0e09067f26a7653a3a0886691fe44a307f8f344eb9512b632bc132c26220ec86dbf788f4fadd493c37e38f782fc1c0e64f7d3e6a04aa1918796fa53353ab58cfc4505147ed3"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = landlock_create_ruleset(&(0x7f0000000200)={0x6020, 0x2, 0x1}, 0x18, 0x1)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet_tcp(0x2, 0x1, 0x0)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
setsockopt$SO_VM_SOCKETS_BUFFER_SIZE(r2, 0x28, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='sched_switch\x00', r1, 0x0, 0x4}, 0x18)
socket(0x10, 0x803, 0x0)
socket$unix(0x1, 0x1, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001480))
socket$nl_route(0x10, 0x3, 0x0)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000000407d1ef62c000000000001090224000100000000090400000103000200092100000001110700090581030100000000"], 0x0)
socket$inet6(0xa, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000100))
r5 = syz_genetlink_get_family_id$devlink(&(0x7f0000000280), r3)
sendmsg$DEVLINK_CMD_PORT_GET(r4, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000002c0)={&(0x7f0000000580)={0x140, r5, 0x318, 0x70bd2a, 0x25dfdbfb, {}, [{{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x2}}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x1}}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x1}}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x3}}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x3}}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x3}}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x1}}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x2}}}]}, 0x140}, 0x1, 0x0, 0x0, 0x804}, 0x0)
landlock_restrict_self(r0, 0x4)
fanotify_init(0x8, 0x800)
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a00000804800200090581", @ANYBLOB="f7", @ANYRESDEC], 0x0)
syz_usb_ep_write(r6, 0x81, 0x8, &(0x7f0000000080)="00012c615bc20000")
syz_usb_control_io(r6, 0x0, &(0x7f0000000800)={0x84, &(0x7f0000000400)=ANY=[@ANYBLOB="110d0100"], 0x0, 0x0, &(0x7f00000004c0)={0x20, 0x0, 0x4, {0x1}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)={0x40, 0x21, 0x1, 0x7}})
read$char_usb(0xffffffffffffffff, 0x0, 0x0)

5.190546519s ago: executing program 2 (id=1014):
r0 = syz_usb_connect$hid(0x5, 0x0, 0x0, 0x0)
socket$kcm(0x29, 0x2, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000000c0)={0x24, 0x0, 0x0, &(0x7f0000000080)={0x0, 0x22, 0x41, {[@main=@item_012={0x2, 0x0, 0x8, '\x00\x00'}, @main=@item_4={0x3, 0x0, 0xa, "6e0e8e8b"}]}}, 0x0}, 0x0)

5.021319359s ago: executing program 3 (id=1015):
r0 = syz_open_dev$vim2m(&(0x7f00000002c0), 0x2000000f5, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000400)={0xf0f014, 0x2})
r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x101840, 0x46)
r2 = syz_open_dev$usbfs(&(0x7f0000000040), 0x20000007d, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
semtimedop(0x0, 0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
socket(0xa, 0x801, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000340)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000040)='GPL\x00', 0xfffffffd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
preadv(r2, &(0x7f00000001c0)=[{&(0x7f0000000080)=""/33, 0x21}], 0x1, 0x21, 0x100)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="9feb01001800000000ff0f000000000200000000020000000000"], &(0x7f00000000c0)=""/209, 0x1a, 0xd1, 0x1, 0x0, 0x0, @void, @value}, 0x28)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000100)=ANY=[@ANYRES8, @ANYRES32, @ANYBLOB="0000000000000000400012800c0001"], 0x68}}, 0x0)
r4 = socket$igmp6(0xa, 0x3, 0x2)
r5 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r4, 0x8983, &(0x7f0000000300)={0x0, 'syzkaller1\x00'})
write$tun(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="06000000bbbbbbbbbbbbaaaaaaaaaabb88f5"], 0xfdef)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r6, 0x29, 0x40, &(0x7f0000000f40)=@filter={'filter\x00', 0x4, 0x4, 0x3cc, 0xffffffff, 0x0, 0x0, 0xe4, 0xfeffffff, 0xffffffff, 0x390, 0x390, 0x390, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x2f2, 0xa4, 0xe4}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x0, 0x4}}}, {{@ipv6={@private2, @empty, [], [], 'sit0\x00', 'batadv_slave_1\x00'}, 0x0, 0xec, 0x12c, 0x0, {}, [@common=@dst={{0x48}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x2, 0x57, {0x2000000}}}}, {{@ipv6={@empty, @mcast1, [], [], 'ip6tnl0\x00', 'dvmrp0\x00'}, 0x0, 0xd0, 0xf4, 0x0, {}, [@common=@unspec=@realm={{0x2c}, {0x1, 0xdd8}}]}, @REJECT={0x24}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x428)
openat(r1, &(0x7f0000000100)='./file0\x00', 0x20200, 0x4)
openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)

4.524198441s ago: executing program 2 (id=1016):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_ERR_FILTER(r0, 0x65, 0x7, &(0x7f00000001c0)=0x8, 0x4)
r1 = openat$smackfs_ipv6host(0xffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$smackfs_ipv6host(r1, &(0x7f0000000080)=@l2={{0x3, 0x3a, 0x75, 0x3a, 0x9, 0x3a, 0xf, 0x3a, 0x80, 0x3a, 0x4000000000f54, 0x3a, 0xa, 0x3a, 0x6}, 0x2f, 0x49, 0x20, '(%\''}, 0xb1)
close_range(r0, r1, 0x2)
sendmsg$can_raw(r0, &(0x7f0000000140)={&(0x7f0000000000), 0x10, &(0x7f00000005c0)={&(0x7f0000000240)=@canfd={{0x2, 0x1, 0x1}, 0x4, 0x190c0a410eee0af8, 0x0, 0x0, "e2ad550d060a56f967277340f06dd16f833a500fc8bb515dfd84d29d6a59a856942f0e245296208de2340c97d54c8fe5528d47283c99c6f66f457a62b7b6cd90"}, 0x48}}, 0x0)

4.340187192s ago: executing program 2 (id=1017):
io_uring_enter(0xffffffffffffffff, 0x0, 0xe38e, 0x5, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x60b03, 0x0)
r1 = syz_open_dev$vim2m(&(0x7f0000000000), 0x0, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FRAMESIZES(r1, 0xc02c564a, &(0x7f0000000080)={0x0, 0x0, 0x0, @discrete={0x0, 0x4}})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_NMI(r3, 0xae9a)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000010000000003b81000085"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r4}, 0x18)
r6 = syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f0000000040)=ANY=[], 0x0, 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
fsetxattr$security_ima(r5, &(0x7f0000000100), &(0x7f0000000240)=@v1={0x2, "738c96e08583dab5"}, 0x9, 0x3)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x8040ae9f, &(0x7f0000000040)=@arm64)
r7 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
syz_pidfd_open(r6, 0x0)
read$msr(r7, &(0x7f0000019680)=""/102392, 0x18ff8)
timer_create(0x0, 0x0, &(0x7f00000000c0))
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

4.106051509s ago: executing program 0 (id=1018):
socket$inet(0x2, 0x4000000000000001, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, 0x0, 0x0)
socket$key(0xf, 0x3, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
inotify_add_watch(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x6000008)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x200, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_SET_TSC_KHZ(r5, 0xaea2, 0x4001b)

2.971795238s ago: executing program 3 (id=1019):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
pipe(&(0x7f0000000080))
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="9feb010018"], 0x0, 0x5a, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
r2 = socket(0x1, 0x803, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000280)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=@ipv6_newaddr={0x40, 0x14, 0x20, 0x0, 0x25dfdbfc, {0xa, 0x8, 0x4, 0xfe, r3}, [@IFA_CACHEINFO={0x14, 0x6, {0x2, 0x0, 0x5, 0x5}}, @IFA_LOCAL={0x14, 0x2, @private1={0xfc, 0x1, '\x00', 0x1}}]}, 0x40}, 0x1, 0x0, 0x0, 0x4009c}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x0, 0x24, 0x10000, 0x0, 0x0, 0x6, 0xfffffffffffffffe, 0x200, 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_PIT(0xffffffffffffffff, 0x8048ae66, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000180)="66ba4300b006ee0f01c40f009b27000000b9800000c00f3235008000000f30b80e0000000f23d80f21f835800000a00f23f8c9b9490300000f60b932c00a000000328fe858b660002fb90d090000b800680000ba000000000f30", 0x5a}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

2.882623557s ago: executing program 0 (id=1020):
openat$vcsu(0xffffffffffffff9c, &(0x7f0000000080), 0x183822, 0x0)
r0 = syz_io_uring_setup(0x70ca, &(0x7f0000000080)={0x0, 0x0, 0x10100, 0x3, 0x179}, &(0x7f0000000100)=<r1=>0x0, &(0x7f00000007c0)=<r2=>0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
syz_init_net_socket$ax25(0x3, 0x5, 0x31)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0}, 0x18)
sendmsg$NL80211_CMD_GET_WOWLAN(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r6}, 0xc)
r7 = add_key$fscrypt_v1(0x0, 0x0, &(0x7f00000004c0)={0x0, "d1cc36a7f7b46969adcac737ee43395966a4b96ab99dc9152669484465687559a61e3f08e687f5d5f57378ce2ac54ba0e89c8cf04799789b72dd85718f8733af", 0x20}, 0x48, 0xfffffffffffffffe)
keyctl$negate(0xd, r7, 0xad0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
sendmsg$tipc(0xffffffffffffffff, 0x0, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x3, 0x0, &(0x7f0000000440)=[{&(0x7f0000000580)="1a", 0x1}, {0x0}], 0x2})
io_uring_enter(r0, 0x4d10, 0x2, 0x2, 0x0, 0x0) (fail_nth: 1)

2.831887545s ago: executing program 4 (id=1021):
r0 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000), 0x8502, 0x0)
write$sndseq(r0, &(0x7f00000005c0)=[{0x6, 0x0, 0x0, 0x0, @time, {0x4}, {}, @time=@time={0x7, 0xe}}, {0x0, 0x0, 0x0, 0x5, @time={0xb, 0x8}, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw8={"272be5806cd46d37ea9a65a0"}}, {0x0, 0x0, 0x0, 0x0, @time={0x8000, 0x8}, {}, {}, @result={0xbac, 0x28}}], 0x70)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000700)={0x14, 0x33, 0x1, 0x70bd29, 0x25dfdbfd, {0x5}}, 0x14}, 0x1, 0x0, 0x0, 0x4000034}, 0x0)
r2 = syz_init_net_socket$bt_rfcomm(0x1f, 0x3, 0x3)
r3 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0)
write$P9_RSTATu(r3, &(0x7f0000000080)=ANY=[@ANYBLOB="1d0200007d00000005df000000000000000000000000000000000000000000000000000000000000000000000000000000001f00046e6f6465767b6576626f6825ffffff8102000000000000ff03ff9200000034007002007dfa673effeb09b5351f5bde054000000000187b82d9b500002b595fcb14034354b9fd9ef196a51cd5157adc8106b494e11000cfc200100000000000e308d860ccf6004900f8f669fb716dcf315ecaf385409ac65b9408678c2c3b9e1d52c36cde7ba4451b3407dbdab2884baf050000000000000047ec21cabff20f9c1c577b7468be36f4fd3a4cc280e8d489da29016f6465762f6eb17b2300f9daa5ee23266ecf85fea65e42d979a3fde5f475daf03b1172d97badc7095afd76fe4f0441f7f7741eac030000ecff0000dba04d1ad66e2d070198019f30118447aa9a74f51685f506ae894806878267d5a1298d792c4a37f2e1cbbd2482929a0d8972b5cf732ea5b0d7238593aed3b42ee7cac07de09d1d68a603330300467d2b31aacdf9188549b1050000000000000056c57d7dc626e4390796a1eb48274669ab13f8b11d146059f310e263000000000000000082066664c0fb4e4c90570a70049f399f061f75b7797ce1fe1100009609d51a41dd3de304bd7c7ed0a456f0ae12516105c9ce887df5a6e0b6a77d596cf88ba6e5c6397c7d5021d7989528fd1d39e1c2d87fc200"/529, @ANYRES32, @ANYRES32=0x0, @ANYRES32=0x0], 0x21d)
ioctl$sock_inet_SIOCGIFBRDADDR(r2, 0x8919, &(0x7f0000000000)={'sit0\x00', {0x2, 0x0, @dev}})
openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000), 0x8502, 0x0) (async)
write$sndseq(r0, &(0x7f00000005c0)=[{0x6, 0x0, 0x0, 0x0, @time, {0x4}, {}, @time=@time={0x7, 0xe}}, {0x0, 0x0, 0x0, 0x5, @time={0xb, 0x8}, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw8={"272be5806cd46d37ea9a65a0"}}, {0x0, 0x0, 0x0, 0x0, @time={0x8000, 0x8}, {}, {}, @result={0xbac, 0x28}}], 0x70) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
sendmsg$nl_generic(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000700)={0x14, 0x33, 0x1, 0x70bd29, 0x25dfdbfd, {0x5}}, 0x14}, 0x1, 0x0, 0x0, 0x4000034}, 0x0) (async)
syz_init_net_socket$bt_rfcomm(0x1f, 0x3, 0x3) (async)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0) (async)
write$P9_RSTATu(r3, &(0x7f0000000080)=ANY=[@ANYBLOB="1d0200007d00000005df000000000000000000000000000000000000000000000000000000000000000000000000000000001f00046e6f6465767b6576626f6825ffffff8102000000000000ff03ff9200000034007002007dfa673effeb09b5351f5bde054000000000187b82d9b500002b595fcb14034354b9fd9ef196a51cd5157adc8106b494e11000cfc200100000000000e308d860ccf6004900f8f669fb716dcf315ecaf385409ac65b9408678c2c3b9e1d52c36cde7ba4451b3407dbdab2884baf050000000000000047ec21cabff20f9c1c577b7468be36f4fd3a4cc280e8d489da29016f6465762f6eb17b2300f9daa5ee23266ecf85fea65e42d979a3fde5f475daf03b1172d97badc7095afd76fe4f0441f7f7741eac030000ecff0000dba04d1ad66e2d070198019f30118447aa9a74f51685f506ae894806878267d5a1298d792c4a37f2e1cbbd2482929a0d8972b5cf732ea5b0d7238593aed3b42ee7cac07de09d1d68a603330300467d2b31aacdf9188549b1050000000000000056c57d7dc626e4390796a1eb48274669ab13f8b11d146059f310e263000000000000000082066664c0fb4e4c90570a70049f399f061f75b7797ce1fe1100009609d51a41dd3de304bd7c7ed0a456f0ae12516105c9ce887df5a6e0b6a77d596cf88ba6e5c6397c7d5021d7989528fd1d39e1c2d87fc200"/529, @ANYRES32, @ANYRES32=0x0, @ANYRES32=0x0], 0x21d) (async)
ioctl$sock_inet_SIOCGIFBRDADDR(r2, 0x8919, &(0x7f0000000000)={'sit0\x00', {0x2, 0x0, @dev}}) (async)

2.059829153s ago: executing program 4 (id=1022):
r0 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000080), 0x183822, 0x0)
r1 = syz_io_uring_setup(0x6af7, &(0x7f0000000080)={0x0, 0x0, 0x200, 0x3, 0x179}, &(0x7f0000000100)=<r2=>0x0, &(0x7f00000007c0)=<r3=>0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x3, &(0x7f00000005c0)=0xb)
syz_init_net_socket$ax25(0x3, 0x5, 0x31)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
r5 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901)
syz_genetlink_get_family_id$tipc(&(0x7f0000000040), r5)
setsockopt$bt_BT_SECURITY(r5, 0x112, 0x4, &(0x7f00000001c0)={0x1, 0x68}, 0x2)
newfstatat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, <r6=>0x0}, 0x1000)
ioctl$DRM_IOCTL_GET_CLIENT(r0, 0xc0286405, &(0x7f0000000280)={0x100, 0x8, {r4}, {r6}, 0x7, 0x8})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
sched_setattr(r4, &(0x7f0000000180)={0x38, 0x3, 0x10, 0xff, 0x8000, 0x6, 0x0, 0x55f00b60, 0x8, 0x1}, 0x0)
connect$unix(r7, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000040), 0x0, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0}, 0x18)
sendmsg$NL80211_CMD_GET_WOWLAN(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r9}, 0xc)
truncate(&(0x7f0000000040)='./file0\x00', 0x6)
r10 = add_key$fscrypt_v1(0x0, 0x0, &(0x7f00000004c0)={0x0, "d1cc36a7f7b46969adcac737ee43395966a4b96ab99dc9152669484465687559a61e3f08e687f5d5f57378ce2ac54ba0e89c8cf04799789b72dd85718f8733af", 0x20}, 0x48, 0xfffffffffffffffe)
keyctl$negate(0xd, r10, 0xad0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
sendmsg$tipc(0xffffffffffffffff, 0x0, 0x8)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x3, 0x0, &(0x7f0000000440)=[{&(0x7f0000000580)="1a", 0x1}, {0x0}], 0x2})
io_uring_enter(r1, 0x4d10, 0x2, 0x2, 0x0, 0x0)

1.794605184s ago: executing program 0 (id=1023):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
openat$dma_heap(0xffffffffffffff9c, 0x0, 0x100, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
rseq(0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8d}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
madvise(&(0x7f0000004000/0x3000)=nil, 0x3000, 0x1b)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSSOFTCAR(r1, 0x5453, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$MEDIA_IOC_REQUEST_ALLOC(0xffffffffffffffff, 0x80047c05, &(0x7f0000000140)=<r2=>0xffffffffffffffff)
ioctl$VIDIOC_G_EXT_CTRLS(0xffffffffffffffff, 0xc0205647, &(0x7f00000001c0)={0x0, 0x8bc, 0x10001, r2, 0x0, &(0x7f0000000180)={0x9b0907, 0x2, '\x00', @value64=0x4}})
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, &(0x7f0000000380)={0xc})
openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x1be)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000080)='./file0/file0\x00', &(0x7f00000001c0)='./file0/file0\x00', 0x0, 0x31001, 0x0)
getpid()
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x2205080, 0x0)

1.69267356s ago: executing program 3 (id=1024):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x4, @tid=r0}, &(0x7f0000bbdffc)=<r1=>0x0)
timer_settime(r1, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
futex(&(0x7f000000cffc), 0x80, 0x0, 0x0, 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x40401, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
ioctl$KVM_CREATE_PIT2(r3, 0x4040ae77, &(0x7f0000000180))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000002000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="0f01cb650f741065666765f36f0f330f09660f3a0cb9000000752066b9800000c00f326635004000000f300f01d7ba4100ed", 0x32}], 0x1, 0x12, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000000)={0x1, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f00000003c0)={[0x0, 0x0, 0x8000, 0x40, 0x0, 0x0, 0x2004cb, 0x0, 0xfffffffffffffffe, 0x3, 0x0, 0x4, 0x0, 0x2, 0x0, 0x7fffffff], 0x80a0000})
openat$vcsu(0xffffffffffffff9c, 0x0, 0x183822, 0x0)
syz_io_uring_setup(0x34ff, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)

1.043227621s ago: executing program 2 (id=1025):
r0 = syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x46d, 0xc222, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x1, 0x0, {0x9, 0x21, 0x1000, 0x6, 0x1, {0x22, 0x7}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0xd, 0x3}}}}}]}}]}}, 0x0)
socket$kcm(0x29, 0x2, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)

350.361642ms ago: executing program 0 (id=1026):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000080)={r0}, 0x4)
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
pipe(0x0)
iopl(0x3)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000180)=""/196, 0xc4, 0x0, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x100000000000000, 0x0)
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
r4 = socket$inet6(0xa, 0x2, 0x0)
getsockopt$ARPT_SO_GET_ENTRIES(r3, 0x0, 0x61, &(0x7f0000000040)={'filter\x00', 0x2e, "d3843a468bbc993bd4c7fce071bbcdad7b982c1c1958184a6a14ade259da94476ff5d4aecadb8dad7bc49b795f7b"}, &(0x7f00000000c0)=0x52)
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r3, 0x84, 0x7b, &(0x7f0000000100)={0x0, 0x2}, 0x8)
bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
rseq(&(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x0, 0x8, 0x400, 0xfffffffffffffffb}, 0x3}, 0x20, 0x0, 0x0)
sendto$inet(r3, &(0x7f0000000300)="ab", 0xff04, 0x2404c090, &(0x7f0000000380)={0x2, 0x4e22, @local}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x4, 0x10, &(0x7f00000004c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x100}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1000}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0xb6}}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
getsockopt$inet6_IPV6_XFRM_POLICY(r4, 0x29, 0x23, &(0x7f0000000540)={{{@in6=@remote, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0}}, {{@in6=@initdev}, 0x0, @in=@multicast1}}, &(0x7f0000000640)=0xe8)
setresuid(0xee00, 0x0, r5)
socket$nl_netfilter(0x10, 0x3, 0xc)

268.498912ms ago: executing program 3 (id=1027):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = dup(r1)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000003c0)=@raw={'raw\x00', 0xe501, 0x3, 0x228, 0x0, 0xa, 0x1000000, 0xd8, 0x0, 0x190, 0x230, 0x230, 0x190, 0x223, 0x3, 0x0, {[{{@uncond, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0xd6, 0x2, 0x90, '\x00', 'syz1\x00', {0x8}}}}, {{@uncond, 0x0, 0x70, 0xb8}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x20c499, 'syz0\x00', {0x40}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x288)
syz_open_dev$audion(&(0x7f0000000000), 0x10001, 0x88000)
ioctl$IOMMU_VFIO_IOMMU_UNMAP_DMA(r0, 0x3b72, 0x0)

0s ago: executing program 3 (id=1028):
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000140)={0xaa, 0x298})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
r1 = creat(0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=ANY=[@ANYBLOB="041c0500c8", @ANYRESHEX=r1, @ANYRES32=r1], 0x8)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0)
write$RDMA_USER_CM_CMD_SET_OPTION(0xffffffffffffffff, &(0x7f00000000c0)={0xe, 0x18, 0xfa00, @id_tos={&(0x7f0000000400), 0xffffffffffffffff, 0x0, 0x3, 0x1}}, 0x20)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000032680)=""/102400, 0x19000)
r3 = syz_open_dev$cec(&(0x7f0000000040), 0x0, 0x0)
ioctl$CEC_S_MODE(r3, 0x40046109, &(0x7f0000000100)=0xd0)
semget$private(0x0, 0x207, 0x53)
r4 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000000080)={0xaa, 0x1})
ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, 0x0)
ioctl$UFFDIO_COPY(r4, 0xc028aa05, 0x0)
r5 = inotify_init1(0x0)
fcntl$setstatus(r5, 0x4, 0x2c00)
ioctl$int_in(r5, 0x5452, &(0x7f0000000c00))
clock_settime(0x0, &(0x7f0000000040)={0x77359400})
ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000040)={&(0x7f00002b9000/0x400000)=nil, &(0x7f00001b1000/0x4000)=nil, 0x400000, 0x2, 0x2})

kernel console output (not intermixed with test programs):

c+0x1f/0xc0
[  248.819982][ T7461]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  248.820014][ T7461]  ? __pfx__copy_from_iter+0x10/0x10
[  248.820040][ T7461]  ? __build_skb_around+0x257/0x3e0
[  248.820069][ T7461]  ? netlink_sendmsg+0x642/0xb30
[  248.820089][ T7461]  ? skb_put+0x11b/0x210
[  248.820117][ T7461]  netlink_sendmsg+0x6b2/0xb30
[  248.820138][ T7461]  ? is_bpf_text_address+0x26/0x2b0
[  248.820175][ T7461]  ? __pfx_netlink_sendmsg+0x10/0x10
[  248.820206][ T7461]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  248.820227][ T7461]  ? __pfx_netlink_sendmsg+0x10/0x10
[  248.820251][ T7461]  __sock_sendmsg+0x21c/0x270
[  248.820274][ T7461]  ____sys_sendmsg+0x505/0x830
[  248.820307][ T7461]  ? __pfx_____sys_sendmsg+0x10/0x10
[  248.820343][ T7461]  ? import_iovec+0x74/0xa0
[  248.820373][ T7461]  ___sys_sendmsg+0x21f/0x2a0
[  248.820402][ T7461]  ? __pfx____sys_sendmsg+0x10/0x10
[  248.820468][ T7461]  ? __fget_files+0x2a/0x420
[  248.820486][ T7461]  ? __fget_files+0x3a0/0x420
[  248.820515][ T7461]  __x64_sys_sendmsg+0x19b/0x260
[  248.820545][ T7461]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  248.820602][ T7461]  ? do_syscall_64+0xba/0x210
[  248.820633][ T7461]  do_syscall_64+0xf6/0x210
[  248.820659][ T7461]  ? clear_bhb_loop+0x60/0xb0
[  248.820684][ T7461]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  248.820704][ T7461] RIP: 0033:0x7f09e638e969
[  248.820722][ T7461] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  248.820739][ T7461] RSP: 002b:00007f09e72d8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  248.820760][ T7461] RAX: ffffffffffffffda RBX: 00007f09e65b5fa0 RCX: 00007f09e638e969
[  248.820775][ T7461] RDX: 0000000000000084 RSI: 0000200000000100 RDI: 0000000000000003
[  248.820787][ T7461] RBP: 00007f09e72d8090 R08: 0000000000000000 R09: 0000000000000000
[  248.820800][ T7461] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  248.820811][ T7461] R13: 0000000000000000 R14: 00007f09e65b5fa0 R15: 00007fff6be26218
[  248.820843][ T7461]  </TASK>
[  249.104313][ T5939] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  249.115689][ T5939] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  249.132066][ T5939] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  249.141165][ T5939] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  249.732840][ T7447] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  250.271107][ T5939] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  250.645518][ T5939] usb 3-1: USB disconnect, device number 7
[  250.650883][ T7477] netlink: 4 bytes leftover after parsing attributes in process `syz.3.433'.
[  251.113279][ T7483] netlink: 'syz.4.437': attribute type 10 has an invalid length.
[  252.043725][ T7503] new mount options do not match the existing superblock, will be ignored
[  252.083061][ T7501] cgroup: option or name mismatch, new: 0x4 "", old: 0x0 ""
[  255.127480][ T7521] netlink: 4 bytes leftover after parsing attributes in process `syz.0.445'.
[  255.372169][ T5939] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  255.873122][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  255.876948][ T5939] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  255.882156][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  255.979716][ T5939] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  256.008016][ T5939] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  256.020851][ T5939] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  256.243458][ T7526] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  257.159802][ T5939] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  257.449646][ T5939] usb 2-1: USB disconnect, device number 9
[  257.535098][ T7545] netlink: 'syz.0.452': attribute type 10 has an invalid length.
[  259.290768][ T7562] netlink: 4 bytes leftover after parsing attributes in process `syz.1.457'.
[  262.992500][ T7598] netlink: 4 bytes leftover after parsing attributes in process `syz.3.464'.
[  263.067070][ T7598] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(9)
[  263.073651][ T7598] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  263.117299][ T7598] vhci_hcd vhci_hcd.0: Device attached
[  263.938655][ T7601] netlink: 8 bytes leftover after parsing attributes in process `syz.3.464'.
[  264.003084][ T5939] vhci_hcd: vhci_device speed not set
[  264.083674][ T5939] usb 39-1: new full-speed USB device number 3 using vhci_hcd
[  264.272094][ T5900] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  265.412673][ T5900] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  265.426464][ T7599] vhci_hcd: connection reset by peer
[  265.449054][ T6283] vhci_hcd: stop threads
[  265.482169][ T5900] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  265.492375][ T6283] vhci_hcd: release socket
[  265.508680][ T6283] vhci_hcd: disconnect device
[  265.540555][ T5900] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  265.590263][ T5900] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  266.760775][ T7611] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  266.841513][ T7634] netlink: 14593 bytes leftover after parsing attributes in process `syz.0.471'.
[  267.027583][ T5900] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  268.019072][ T5900] usb 3-1: USB disconnect, device number 8
[  268.115764][ T7644] netlink: 14593 bytes leftover after parsing attributes in process `syz.2.475'.
[  268.991903][ T5870] udevd[5870]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  269.322097][ T5939] vhci_hcd: vhci_device speed not set
[  272.188746][ T7670] netlink: 8 bytes leftover after parsing attributes in process `syz.3.481'.
[  272.203173][ T7670] netlink: 24 bytes leftover after parsing attributes in process `syz.3.481'.
[  273.756502][ T5939] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  273.956465][ T5939] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  273.980784][ T5939] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  273.991873][ T5939] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  274.003588][ T7697] tipc: Started in network mode
[  274.008741][ T7697] tipc: Node identity ac14140f, cluster identity 4711
[  274.016291][ T7697] tipc: New replicast peer: 255.255.255.255
[  274.235908][ T7697] tipc: Enabled bearer <udp:syz2>, priority 10
[  274.684802][ T5939] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  274.698758][ T7685] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  274.724427][ T5939] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  274.967229][ T7685] netlink: 'syz.2.485': attribute type 4 has an invalid length.
[  275.442057][ T7713] netlink: 8 bytes leftover after parsing attributes in process `syz.0.493'.
[  275.471019][ T7713] netlink: 24 bytes leftover after parsing attributes in process `syz.0.493'.
[  275.884149][ T5869] tipc: Node number set to 2886997007
[  276.458244][ T5939] usb 3-1: USB disconnect, device number 9
[  277.249868][ T7729] netlink: 14593 bytes leftover after parsing attributes in process `syz.3.499'.
[  277.580949][ T7725] bridge1: entered promiscuous mode
[  277.644361][ T7725] bridge1: entered allmulticast mode
[  277.716865][ T7725] team0: Port device bridge1 added
[  277.898253][ T7732] FAULT_INJECTION: forcing a failure.
[  277.898253][ T7732] name failslab, interval 1, probability 0, space 0, times 0
[  277.912385][ T7732] CPU: 1 UID: 0 PID: 7732 Comm: syz.3.504 Not tainted 6.15.0-rc6-syzkaller-00025-g627277ba7c23 #0 PREEMPT(full) 
[  277.912413][ T7732] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  277.912425][ T7732] Call Trace:
[  277.912433][ T7732]  <TASK>
[  277.912441][ T7732]  dump_stack_lvl+0x189/0x250
[  277.912477][ T7732]  ? __pfx_dump_stack_lvl+0x10/0x10
[  277.912504][ T7732]  ? __pfx__printk+0x10/0x10
[  277.912540][ T7732]  ? __pfx___might_resched+0x10/0x10
[  277.912575][ T7732]  should_fail_ex+0x414/0x560
[  277.912602][ T7732]  should_failslab+0xa8/0x100
[  277.912623][ T7732]  kmem_cache_alloc_noprof+0x73/0x3c0
[  277.912652][ T7732]  ? getname_flags+0xb8/0x540
[  277.912677][ T7732]  getname_flags+0xb8/0x540
[  277.912712][ T7732]  __x64_sys_mknod+0x79/0xa0
[  277.912739][ T7732]  do_syscall_64+0xf6/0x210
[  277.912766][ T7732]  ? clear_bhb_loop+0x60/0xb0
[  277.912792][ T7732]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  277.912811][ T7732] RIP: 0033:0x7fdaee98e969
[  277.912828][ T7732] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  277.912845][ T7732] RSP: 002b:00007fdaef7d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000085
[  277.912866][ T7732] RAX: ffffffffffffffda RBX: 00007fdaeebb5fa0 RCX: 00007fdaee98e969
[  277.912881][ T7732] RDX: 0000000000000706 RSI: 0000000000002000 RDI: 00002000000002c0
[  277.912893][ T7732] RBP: 00007fdaef7d5090 R08: 0000000000000000 R09: 0000000000000000
[  277.912905][ T7732] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  277.912916][ T7732] R13: 0000000000000000 R14: 00007fdaeebb5fa0 R15: 00007ffe9f1c3268
[  277.912947][ T7732]  </TASK>
[  280.314571][ T7765] netlink: 8 bytes leftover after parsing attributes in process `syz.3.505'.
[  280.328804][ T7765] netlink: 24 bytes leftover after parsing attributes in process `syz.3.505'.
[  281.055301][ T7773] new mount options do not match the existing superblock, will be ignored
[  281.075548][ T7773] cgroup: option or name mismatch, new: 0x4 "", old: 0x0 ""
[  282.260893][ T7781] new mount options do not match the existing superblock, will be ignored
[  282.384345][ T7779] cgroup: option or name mismatch, new: 0x4 "", old: 0x0 ""
[  282.894367][ T7782] ptrace attach of "./syz-executor exec"[5823] was attempted by "                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
[  282.995759][ T7790] netlink: 4 bytes leftover after parsing attributes in process `syz.2.518'.
[  285.883656][ T7825] netlink: 8 bytes leftover after parsing attributes in process `syz.1.525'.
[  285.935698][ T7825] netlink: 24 bytes leftover after parsing attributes in process `syz.1.525'.
[  288.730919][   T55] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  290.863886][ T7851] netlink: 8 bytes leftover after parsing attributes in process `syz.2.534'.
[  291.496426][ T7851] netlink: 12 bytes leftover after parsing attributes in process `syz.2.534'.
[  293.043689][ T7861] netlink: 14593 bytes leftover after parsing attributes in process `syz.0.536'.
[  293.804531][ T7877] bridge_slave_0: left allmulticast mode
[  293.810319][ T7877] bridge_slave_0: left promiscuous mode
[  293.817479][ T7877] bridge0: port 1(bridge_slave_0) entered disabled state
[  294.286072][ T7877] bridge_slave_1: left allmulticast mode
[  294.291823][ T7877] bridge_slave_1: left promiscuous mode
[  294.302238][ T7877] bridge0: port 2(bridge_slave_1) entered disabled state
[  294.349007][ T7877] bond0: (slave bond_slave_0): Releasing backup interface
[  294.385782][ T7877] bond0: (slave bond_slave_1): Releasing backup interface
[  294.425418][ T7877] team0: Port device team_slave_0 removed
[  294.453613][ T7877] team0: Port device team_slave_1 removed
[  294.462347][ T7877] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  294.469839][ T7877] batman_adv: batadv0: Removing interface: batadv_slave_0
[  294.479361][ T7877] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  294.486978][ T7877] batman_adv: batadv0: Removing interface: batadv_slave_1
[  295.588762][ T7903] netlink: 12 bytes leftover after parsing attributes in process `syz.4.551'.
[  295.602484][   T55] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  297.828021][   T30] audit: type=1326 audit(1747104352.854:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7920 comm="syz.3.558" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fdaee98e969 code=0x0
[  300.612052][ T5872] usb 1-1: new full-speed USB device number 5 using dummy_hcd
[  301.823459][ T5872] usb 1-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  301.920662][ T5872] usb 1-1: config 1 has no interface number 1
[  302.006231][ T5872] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  302.078933][ T5872] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  302.138566][ T5872] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  302.157204][ T5872] usb 1-1: Product: syz
[  302.161434][ T5872] usb 1-1: Manufacturer: syz
[  302.199392][ T5872] usb 1-1: SerialNumber: syz
[  303.438002][ T5872] usb 1-1: 2:1 : invalid UAC_AS_GENERAL desc
[  303.902381][ T5872] usb 1-1: USB disconnect, device number 5
[  304.262577][ T7979] overlayfs: failed to resolve './file0': -2
[  304.826178][ T7555] udevd[7555]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  306.177042][ T7989] new mount options do not match the existing superblock, will be ignored
[  306.192083][ T7990] new mount options do not match the existing superblock, will be ignored
[  306.424321][ T7985] cgroup: option or name mismatch, new: 0x4 "", old: 0x0 ""
[  306.468268][ T7984] cgroup: option or name mismatch, new: 0x4 "", old: 0x0 ""
[  307.232240][ T5956] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  307.782246][ T5956] usb 5-1: device descriptor read/64, error -71
[  307.912402][ T5869] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  308.033733][ T5956] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  308.094662][ T5900] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  308.122100][ T5869] usb 1-1: Using ep0 maxpacket: 32
[  308.127809][ T5188] udevd[5188]: worker [7555] did not accept message -111 (Connection refused), kill it
[  308.139670][ T5869] usb 1-1: New USB device found, idVendor=041e, idProduct=403c, bcdDevice=cc.d7
[  308.157217][ T5869] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  308.164640][ T5188] udevd[5188]: worker [7555] terminated by signal 33 (Unknown signal 33)
[  308.186420][ T5869] usb 1-1: config 0 descriptor??
[  308.192150][ T5956] usb 5-1: device descriptor read/64, error -71
[  308.201410][ T5869] gspca_main: sq930x-2.14.0 probing 041e:403c
[  308.276896][ T5900] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  308.292966][ T5900] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  308.308053][ T5900] usb 4-1: New USB device found, idVendor=0b05, idProduct=1822, bcdDevice= 0.00
[  308.317930][ T5956] usb usb5-port1: attempt power cycle
[  308.321033][ T5900] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  308.770195][ T5900] usb 4-1: config 0 descriptor??
[  308.825279][ T5956] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  308.924463][ T5956] usb 5-1: device descriptor read/8, error -71
[  309.182154][ T5956] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  309.211122][ T5956] usb 5-1: device descriptor read/8, error -71
[  309.325744][ T5900] asus 0003:0B05:1822.0003: item fetching failed at offset 0/3
[  309.336763][ T5956] usb usb5-port1: unable to enumerate USB device
[  309.401268][ T5900] asus 0003:0B05:1822.0003: Asus hid parse failed: -22
[  309.415297][ T5900] asus 0003:0B05:1822.0003: probe with driver asus failed with error -22
[  310.275381][ T8030] overlayfs: failed to resolve './file0': -2
[  310.652266][ T5869] gspca_sq930x: reg_w 0105 bc00 failed -71
[  310.662736][ T5869] sq930x 1-1:0.0: probe with driver sq930x failed with error -71
[  310.678481][ T5869] usb 1-1: USB disconnect, device number 6
[  310.724907][ T5900] usb 4-1: USB disconnect, device number 4
[  313.053117][   T50] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  313.145818][ T8064] netlink: 4 bytes leftover after parsing attributes in process `syz.2.596'.
[  313.332343][   T50] usb 4-1: Using ep0 maxpacket: 32
[  313.386614][ T8067] netlink: 8 bytes leftover after parsing attributes in process `syz.2.596'.
[  313.415349][   T50] usb 4-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  313.461371][   T50] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  313.912172][ T8064] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8)
[  313.918760][ T8064] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  313.935535][ T8064] vhci_hcd vhci_hcd.0: Device attached
[  313.981616][   T50] usb 4-1: config 0 descriptor??
[  314.114716][ T8068] vhci_hcd: connection closed
[  314.115041][ T5928] vhci_hcd: stop threads
[  314.144289][   T24] vhci_hcd: vhci_device speed not set
[  314.148067][ T5928] vhci_hcd: release socket
[  314.157647][ T5928] vhci_hcd: disconnect device
[  314.241727][   T24] usb 37-1: new full-speed USB device number 3 using vhci_hcd
[  314.250520][   T50] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  314.259567][   T24] usb 37-1: enqueue for inactive port 0
[  314.290737][   T50] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  314.351729][   T24] vhci_hcd: vhci_device speed not set
[  314.381744][   T50] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  314.511172][   T50] usb 4-1: media controller created
[  314.772983][   T50] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  314.986228][   T50] az6027: usb out operation failed. (-71)
[  314.995312][   T50] az6027: usb out operation failed. (-71)
[  315.001107][   T50] stb0899_attach: Driver disabled by Kconfig
[  315.007202][   T50] az6027: no front-end attached
[  315.007202][   T50] 
[  315.015846][   T50] az6027: usb out operation failed. (-71)
[  315.021854][   T50] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[  315.087664][ T8090] overlayfs: failed to resolve './file0': -2
[  315.791246][   T50] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb4/4-1/input/input13
[  315.832427][   T50] dvb-usb: schedule remote query interval to 400 msecs.
[  315.872093][   T50] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[  315.938887][ T8095] xt_hashlimit: max too large, truncated to 1048576
[  315.949117][   T50] usb 4-1: USB disconnect, device number 5
[  316.164180][ T8100] FAULT_INJECTION: forcing a failure.
[  316.164180][ T8100] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  316.206003][   T50] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[  316.220708][ T8100] CPU: 1 UID: 0 PID: 8100 Comm: syz.2.604 Not tainted 6.15.0-rc6-syzkaller-00025-g627277ba7c23 #0 PREEMPT(full) 
[  316.220737][ T8100] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  316.220749][ T8100] Call Trace:
[  316.220758][ T8100]  <TASK>
[  316.220767][ T8100]  dump_stack_lvl+0x189/0x250
[  316.220798][ T8100]  ? __lock_acquire+0xaac/0xd20
[  316.220828][ T8100]  ? __pfx_dump_stack_lvl+0x10/0x10
[  316.220854][ T8100]  ? __pfx__printk+0x10/0x10
[  316.220885][ T8100]  ? __might_fault+0xb0/0x130
[  316.220928][ T8100]  should_fail_ex+0x414/0x560
[  316.220953][ T8100]  _copy_from_iter+0x1db/0x15a0
[  316.220986][ T8100]  ? trace_kmem_cache_alloc+0x1f/0xc0
[  316.221012][ T8100]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  316.221044][ T8100]  ? __pfx__copy_from_iter+0x10/0x10
[  316.221070][ T8100]  ? __build_skb_around+0x257/0x3e0
[  316.221098][ T8100]  ? netlink_sendmsg+0x642/0xb30
[  316.221118][ T8100]  ? skb_put+0x11b/0x210
[  316.221146][ T8100]  netlink_sendmsg+0x6b2/0xb30
[  316.221167][ T8100]  ? is_bpf_text_address+0x26/0x2b0
[  316.221203][ T8100]  ? __pfx_netlink_sendmsg+0x10/0x10
[  316.221234][ T8100]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  316.221255][ T8100]  ? __pfx_netlink_sendmsg+0x10/0x10
[  316.221280][ T8100]  __sock_sendmsg+0x21c/0x270
[  316.221303][ T8100]  ____sys_sendmsg+0x505/0x830
[  316.221335][ T8100]  ? __pfx_____sys_sendmsg+0x10/0x10
[  316.221371][ T8100]  ? import_iovec+0x74/0xa0
[  316.221402][ T8100]  ___sys_sendmsg+0x21f/0x2a0
[  316.221431][ T8100]  ? __pfx____sys_sendmsg+0x10/0x10
[  316.221499][ T8100]  ? __fget_files+0x2a/0x420
[  316.221517][ T8100]  ? __fget_files+0x3a0/0x420
[  316.221551][ T8100]  __x64_sys_sendmsg+0x19b/0x260
[  316.221581][ T8100]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  316.221625][ T8100]  ? do_syscall_64+0xba/0x210
[  316.221654][ T8100]  do_syscall_64+0xf6/0x210
[  316.221679][ T8100]  ? clear_bhb_loop+0x60/0xb0
[  316.221704][ T8100]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  316.221723][ T8100] RIP: 0033:0x7f33bbb8e969
[  316.221741][ T8100] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  316.221757][ T8100] RSP: 002b:00007f33bcaa8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  316.221777][ T8100] RAX: ffffffffffffffda RBX: 00007f33bbdb5fa0 RCX: 00007f33bbb8e969
[  316.221793][ T8100] RDX: 0000000000000040 RSI: 0000200000000700 RDI: 0000000000000003
[  316.221805][ T8100] RBP: 00007f33bcaa8090 R08: 0000000000000000 R09: 0000000000000000
[  316.221818][ T8100] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  316.221829][ T8100] R13: 0000000000000000 R14: 00007f33bbdb5fa0 R15: 00007ffc777f5788
[  316.221861][ T8100]  </TASK>
[  317.333537][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  317.521694][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  318.155921][ T8119] new mount options do not match the existing superblock, will be ignored
[  318.176402][ T8119] cgroup: option or name mismatch, new: 0x4 "", old: 0x0 ""
[  318.773079][ T5872] usb 5-1: new low-speed USB device number 11 using dummy_hcd
[  318.810869][ T8120] netlink: 80 bytes leftover after parsing attributes in process `syz.0.610'.
[  318.840632][ T8120] netlink: 80 bytes leftover after parsing attributes in process `syz.0.610'.
[  318.912856][ T5872] usb 5-1: device descriptor read/64, error -71
[  319.152285][ T5872] usb 5-1: new low-speed USB device number 12 using dummy_hcd
[  319.161116][ T8127] No such timeout policy "syz0"
[  319.302085][ T5872] usb 5-1: device descriptor read/64, error -71
[  319.471360][   T50] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  319.479615][ T5872] usb usb5-port1: attempt power cycle
[  319.769247][   T50] usb 2-1: Using ep0 maxpacket: 8
[  320.044352][ T5872] usb 5-1: new low-speed USB device number 13 using dummy_hcd
[  320.158884][   T50] usb 2-1: config 0 has an invalid interface number: 31 but max is 0
[  320.178674][   T50] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  320.199499][ T5872] usb 5-1: device descriptor read/8, error -71
[  320.207289][   T50] usb 2-1: config 0 has no interface number 0
[  320.265604][   T50] usb 2-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16
[  320.301318][   T50] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  320.320651][   T50] usb 2-1: Product: syz
[  320.330419][   T50] usb 2-1: Manufacturer: syz
[  320.338309][   T50] usb 2-1: SerialNumber: syz
[  320.388107][   T50] usb 2-1: config 0 descriptor??
[  320.427120][   T50] usb 2-1: Found UVC 0.04 device syz (046d:08c3)
[  320.715039][ T5872] usb 5-1: new low-speed USB device number 14 using dummy_hcd
[  320.905149][ T8127] debugfs: Bad value for 'uid'
[  320.909984][ T8127] debugfs: Bad value for 'uid'
[  320.921266][   T50] usb 2-1: No streaming interface found for terminal 6.
[  320.982582][ T5872] usb 5-1: device descriptor read/8, error -71
[  321.043101][   T50] usb 2-1: USB disconnect, device number 10
[  321.122622][ T5872] usb usb5-port1: unable to enumerate USB device
[  322.444395][ T5871] usb 5-1: new full-speed USB device number 15 using dummy_hcd
[  323.172384][ T8161] netlink: 80 bytes leftover after parsing attributes in process `syz.3.623'.
[  323.268967][ T5871] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  323.428969][ T8161] netlink: 80 bytes leftover after parsing attributes in process `syz.3.623'.
[  323.516728][ T5871] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  324.285569][ T5871] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  324.307637][ T5871] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  325.180906][ T5871] usb 5-1: usb_control_msg returned -71
[  325.257220][ T5871] usbtmc 5-1:16.0: can't read capabilities
[  325.294555][ T8177] netlink: 52 bytes leftover after parsing attributes in process `syz.0.627'.
[  325.409840][ T5871] usb 5-1: USB disconnect, device number 15
[  325.598033][ T8180] netlink: 12 bytes leftover after parsing attributes in process `syz.4.628'.
[  327.067153][ T8198] netlink: 12 bytes leftover after parsing attributes in process `syz.4.632'.
[  327.115479][ T8201] netlink: 'syz.0.635': attribute type 11 has an invalid length.
[  328.823316][ T8225] netlink: 52 bytes leftover after parsing attributes in process `syz.4.639'.
[  329.227100][ T8233] 9pnet_fd: Insufficient options for proto=fd
[  329.502100][   T50] usb 5-1: new low-speed USB device number 16 using dummy_hcd
[  329.596508][ T8239] netlink: 80 bytes leftover after parsing attributes in process `syz.0.645'.
[  329.640988][ T8239] netlink: 80 bytes leftover after parsing attributes in process `syz.0.645'.
[  329.662075][   T50] usb 5-1: device descriptor read/64, error -71
[  329.972265][   T50] usb 5-1: new low-speed USB device number 17 using dummy_hcd
[  330.172277][   T50] usb 5-1: device descriptor read/64, error -71
[  331.409707][   T50] usb usb5-port1: attempt power cycle
[  331.691894][ T8262] netlink: 52 bytes leftover after parsing attributes in process `syz.2.652'.
[  331.724601][ T8268] FAULT_INJECTION: forcing a failure.
[  331.724601][ T8268] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  331.762506][   T50] usb 5-1: new low-speed USB device number 18 using dummy_hcd
[  331.777472][ T8260] loop5: detected capacity change from 0 to 1
[  331.782095][ T8268] CPU: 0 UID: 0 PID: 8268 Comm: syz.0.653 Not tainted 6.15.0-rc6-syzkaller-00025-g627277ba7c23 #0 PREEMPT(full) 
[  331.782137][ T8268] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  331.782151][ T8268] Call Trace:
[  331.782161][ T8268]  <TASK>
[  331.782171][ T8268]  dump_stack_lvl+0x189/0x250
[  331.782209][ T8268]  ? __pfx_dump_stack_lvl+0x10/0x10
[  331.782239][ T8268]  ? __pfx__printk+0x10/0x10
[  331.782287][ T8268]  should_fail_ex+0x414/0x560
[  331.782315][ T8268]  strncpy_from_user+0x36/0x290
[  331.782353][ T8268]  path_setxattrat+0x150/0x3a0
[  331.782391][ T8268]  ? __pfx_path_setxattrat+0x10/0x10
[  331.782414][ T8268]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  331.782472][ T8268]  ? ksys_write+0x1f0/0x250
[  331.782499][ T8268]  ? rcu_is_watching+0x15/0xb0
[  331.782540][ T8268]  __x64_sys_fsetxattr+0xbc/0xe0
[  331.782566][ T8268]  do_syscall_64+0xf6/0x210
[  331.782594][ T8268]  ? clear_bhb_loop+0x60/0xb0
[  331.782621][ T8268]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  331.782641][ T8268] RIP: 0033:0x7efe4218e969
[  331.782661][ T8268] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  331.782680][ T8268] RSP: 002b:00007efe4304a038 EFLAGS: 00000246 ORIG_RAX: 00000000000000be
[  331.782704][ T8268] RAX: ffffffffffffffda RBX: 00007efe423b5fa0 RCX: 00007efe4218e969
[  331.782719][ T8268] RDX: 0000200000000240 RSI: 0000200000000180 RDI: 0000000000000003
[  331.782734][ T8268] RBP: 00007efe4304a090 R08: 0000000000000001 R09: 0000000000000000
[  331.782748][ T8268] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000001
[  331.782761][ T8268] R13: 0000000000000000 R14: 00007efe423b5fa0 R15: 00007fffa64085f8
[  331.782820][ T8268]  </TASK>
[  332.012589][   T50] usb 5-1: device descriptor read/8, error -71
[  332.662303][   T50] usb 5-1: new low-speed USB device number 19 using dummy_hcd
[  332.749513][   T50] usb 5-1: device descriptor read/8, error -71
[  333.045632][   T50] usb usb5-port1: unable to enumerate USB device
[  333.784859][ T8285] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  333.883931][ T8287] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  333.890095][ T8287] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  333.935322][ T8287] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  333.986858][ T8287] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  334.366480][ T8302] netlink: 80 bytes leftover after parsing attributes in process `syz.1.664'.
[  334.565454][ T8302] netlink: 80 bytes leftover after parsing attributes in process `syz.1.664'.
[  335.312082][ T5871] usb 5-1: new full-speed USB device number 20 using dummy_hcd
[  335.487244][ T5871] usb 5-1: config 131 has an invalid interface number: 242 but max is 0
[  335.632186][ T5871] usb 5-1: config 131 has no interface number 0
[  335.699367][ T5871] usb 5-1: config 131 interface 242 altsetting 13 endpoint 0x2 has invalid maxpacket 7573, setting to 64
[  335.894451][   T55] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  335.916003][ T5871] usb 5-1: config 131 interface 242 altsetting 13 endpoint 0xC has invalid wMaxPacketSize 0
[  335.926914][   T55] Bluetooth: hci2: command 0x0c1a tx timeout
[  335.928455][ T5128] Bluetooth: hci1: command 0x0c1a tx timeout
[  336.012266][   T55] Bluetooth: hci3: command 0x0c1a tx timeout
[  336.018664][   T55] Bluetooth: hci4: command 0x0c1a tx timeout
[  336.030429][ T5871] usb 5-1: config 131 interface 242 has no altsetting 0
[  336.645705][ T5871] usb 5-1: New USB device found, idVendor=0bfd, idProduct=010b, bcdDevice=19.10
[  336.656730][ T5871] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=5
[  336.665137][ T5871] usb 5-1: Product: syz
[  336.673491][ T5871] usb 5-1: Manufacturer: syz
[  336.681612][ T5871] usb 5-1: SerialNumber: syz
[  336.695480][ T8303] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  337.597425][ T5871] kvaser_usb 5-1:131.242: error -ENODEV: Cannot get usb endpoint(s)
[  337.642750][ T5871] usb 5-1: USB disconnect, device number 20
[  339.064950][ T8350] netlink: 14593 bytes leftover after parsing attributes in process `syz.1.672'.
[  342.702583][ T8365] netlink: 52 bytes leftover after parsing attributes in process `syz.1.677'.
[  343.527868][ T8373] FAULT_INJECTION: forcing a failure.
[  343.527868][ T8373] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  343.551776][ T8371] netlink: 80 bytes leftover after parsing attributes in process `syz.3.679'.
[  343.578123][ T8373] CPU: 0 UID: 0 PID: 8373 Comm: syz.2.680 Not tainted 6.15.0-rc6-syzkaller-00025-g627277ba7c23 #0 PREEMPT(full) 
[  343.578152][ T8373] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  343.578164][ T8373] Call Trace:
[  343.578172][ T8373]  <TASK>
[  343.578181][ T8373]  dump_stack_lvl+0x189/0x250
[  343.578223][ T8373]  ? __lock_acquire+0xaac/0xd20
[  343.578252][ T8373]  ? __pfx_dump_stack_lvl+0x10/0x10
[  343.578277][ T8373]  ? __pfx__printk+0x10/0x10
[  343.578307][ T8373]  ? __might_fault+0xb0/0x130
[  343.578347][ T8373]  should_fail_ex+0x414/0x560
[  343.578371][ T8373]  _copy_from_iter+0x1db/0x15a0
[  343.578403][ T8373]  ? trace_kmem_cache_alloc+0x1f/0xc0
[  343.578429][ T8373]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  343.578457][ T8373]  ? __pfx__copy_from_iter+0x10/0x10
[  343.578482][ T8373]  ? __build_skb_around+0x257/0x3e0
[  343.578527][ T8373]  ? netlink_sendmsg+0x642/0xb30
[  343.578548][ T8373]  ? skb_put+0x11b/0x210
[  343.578575][ T8373]  netlink_sendmsg+0x6b2/0xb30
[  343.578596][ T8373]  ? is_bpf_text_address+0x26/0x2b0
[  343.578630][ T8373]  ? __pfx_netlink_sendmsg+0x10/0x10
[  343.578662][ T8373]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  343.578682][ T8373]  ? __pfx_netlink_sendmsg+0x10/0x10
[  343.578706][ T8373]  __sock_sendmsg+0x21c/0x270
[  343.578728][ T8373]  ____sys_sendmsg+0x505/0x830
[  343.578769][ T8373]  ? __pfx_____sys_sendmsg+0x10/0x10
[  343.578805][ T8373]  ? import_iovec+0x74/0xa0
[  343.578833][ T8373]  ___sys_sendmsg+0x21f/0x2a0
[  343.578861][ T8373]  ? __pfx____sys_sendmsg+0x10/0x10
[  343.578925][ T8373]  ? __fget_files+0x2a/0x420
[  343.578942][ T8373]  ? __fget_files+0x3a0/0x420
[  343.578972][ T8373]  __x64_sys_sendmsg+0x19b/0x260
[  343.579000][ T8373]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  343.579045][ T8373]  ? do_syscall_64+0xba/0x210
[  343.579074][ T8373]  do_syscall_64+0xf6/0x210
[  343.579098][ T8373]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  343.579118][ T8373]  ? clear_bhb_loop+0x60/0xb0
[  343.579141][ T8373]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  343.579160][ T8373] RIP: 0033:0x7f33bbb8e969
[  343.579178][ T8373] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  343.579195][ T8373] RSP: 002b:00007f33bcaa8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  343.579217][ T8373] RAX: ffffffffffffffda RBX: 00007f33bbdb5fa0 RCX: 00007f33bbb8e969
[  343.579230][ T8373] RDX: 0000000020044090 RSI: 000020000000b4c0 RDI: 0000000000000003
[  343.579243][ T8373] RBP: 00007f33bcaa8090 R08: 0000000000000000 R09: 0000000000000000
[  343.579254][ T8373] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  343.579267][ T8373] R13: 0000000000000000 R14: 00007f33bbdb5fa0 R15: 00007ffc777f5788
[  343.579297][ T8373]  </TASK>
[  343.594643][ T8371] netlink: 80 bytes leftover after parsing attributes in process `syz.3.679'.
[  344.092453][ T8368] block nbd1: NBD_DISCONNECT
[  344.103903][ T8368] block nbd1: Disconnected due to user request.
[  344.960953][ T8368] block nbd1: shutting down sockets
[  345.767165][ T8393] netlink: 14593 bytes leftover after parsing attributes in process `syz.2.685'.
[  346.868960][ T8401] netlink: 40 bytes leftover after parsing attributes in process `syz.0.688'.
[  346.933080][ T8398] netlink: 4 bytes leftover after parsing attributes in process `syz.4.687'.
[  347.023586][ T8398] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(9)
[  347.030251][ T8398] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  347.098616][ T8398] vhci_hcd vhci_hcd.0: Device attached
[  347.200375][ T8398] netlink: 8 bytes leftover after parsing attributes in process `syz.4.687'.
[  347.380033][ T5900] vhci_hcd: vhci_device speed not set
[  348.042013][ T5900] usb 41-1: new full-speed USB device number 2 using vhci_hcd
[  348.295044][ T8404] vhci_hcd: connection reset by peer
[  348.321593][ T7591] vhci_hcd: stop threads
[  348.325913][ T7591] vhci_hcd: release socket
[  348.335192][ T7591] vhci_hcd: disconnect device
[  348.610812][ T5869] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  348.901377][ T5869] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  348.913213][ T5869] usb 3-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[  348.925125][ T5869] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  348.962421][ T5869] usb 3-1: config 0 descriptor??
[  349.408033][ T5869] lg-g15 0003:046D:C222.0004: item fetching failed at offset 3/7
[  350.239761][ T5869] lg-g15 0003:046D:C222.0004: probe with driver lg-g15 failed with error -22
[  350.333510][ T5869] usb 3-1: USB disconnect, device number 10
[  350.548686][ T3077] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  350.698096][ T3077] usb 1-1: device descriptor read/64, error -71
[  350.930872][ T3077] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  351.900717][ T3077] usb 1-1: device descriptor read/64, error -71
[  352.003533][ T3077] usb usb1-port1: attempt power cycle
[  352.319746][ T3077] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  352.417597][ T3077] usb 1-1: device descriptor read/8, error -71
[  352.656665][ T3077] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  352.705621][ T3077] usb 1-1: device descriptor read/8, error -71
[  352.803609][ T5900] vhci_hcd: vhci_device speed not set
[  352.835122][ T3077] usb usb1-port1: unable to enumerate USB device
[  352.902879][ T8444] new mount options do not match the existing superblock, will be ignored
[  353.006318][ T8450] cgroup: option or name mismatch, new: 0x4 "", old: 0x0 ""
[  353.037690][ T8445] netlink: 14593 bytes leftover after parsing attributes in process `syz.2.699'.
[  353.442286][ T8454] netlink: 43 bytes leftover after parsing attributes in process `syz.0.701'.
[  356.329439][ T8474] netlink: 8 bytes leftover after parsing attributes in process `syz.1.707'.
[  356.344154][ T8474] IPv6: Can't replace route, no match found
[  356.378403][ T8475] netlink: 80 bytes leftover after parsing attributes in process `syz.2.706'.
[  356.458478][ T8475] netlink: 80 bytes leftover after parsing attributes in process `syz.2.706'.
[  356.588982][ T5900] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  356.727504][ T8471] bridge_slave_0: left allmulticast mode
[  356.733283][ T8471] bridge_slave_0: left promiscuous mode
[  356.740960][ T8471] bridge0: port 1(bridge_slave_0) entered disabled state
[  356.780143][ T8471] bridge_slave_1: left allmulticast mode
[  356.785926][ T8471] bridge_slave_1: left promiscuous mode
[  356.791753][ T8471] bridge0: port 2(bridge_slave_1) entered disabled state
[  356.807121][ T8471] bond0: (slave bond_slave_0): Releasing backup interface
[  356.818443][ T8471] bond0: (slave bond_slave_1): Releasing backup interface
[  356.846169][ T8471] team0: Port device team_slave_0 removed
[  356.870311][ T8471] team0: Port device team_slave_1 removed
[  356.877404][ T8471] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  356.884848][ T8471] batman_adv: batadv0: Removing interface: batadv_slave_0
[  356.903624][ T8471] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  356.911433][ T8471] batman_adv: batadv0: Removing interface: batadv_slave_1
[  357.164059][ T8471] team0: Port device bridge1 removed
[  357.541355][ T5900] usb 2-1: Using ep0 maxpacket: 16
[  357.817620][ T5900] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  357.843531][ T5900] usb 2-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=7b.55
[  357.960038][ T5900] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  357.972195][ T5900] usb 2-1: Product: syz
[  357.976422][ T5900] usb 2-1: Manufacturer: syz
[  357.981968][ T5900] usb 2-1: SerialNumber: syz
[  358.004872][ T5900] usb 2-1: config 0 descriptor??
[  358.035486][ T5900] usb 2-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  358.189876][ T8490] netlink: 14593 bytes leftover after parsing attributes in process `syz.3.710'.
[  358.927205][ T8474] process 'syz.1.707' launched './file1' with NULL argv: empty string added
[  359.003140][ T7591] usb 2-1: Failed to submit usb control message: -110
[  359.015384][ T7591] usb 2-1: unable to send the bmi data to the device: -110
[  359.061751][ T5872] usb 2-1: USB disconnect, device number 11
[  359.081548][ T7591] usb 2-1: unable to get target info from device
[  359.088328][ T7591] usb 2-1: could not get target info (-110)
[  359.095451][ T7591] usb 2-1: could not probe fw (-110)
[  359.757774][ T5872] usb 4-1: new full-speed USB device number 6 using dummy_hcd
[  359.930549][ T5872] usb 4-1: not running at top speed; connect to a high speed hub
[  360.149392][ T5872] usb 4-1: config 1 interface 0 has no altsetting 0
[  360.171626][ T5872] usb 4-1: New USB device found, idVendor=046d, idProduct=c225, bcdDevice= 0.40
[  360.200066][ T5872] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  360.220543][ T5872] usb 4-1: Product: ཱིƴ⎲�⨩벴᮴傹껷�脳텨첥≡섳�⟪박핷嘻寋剭㎲銧ꛣጛ⳼銕廱疤翵䡴��솔뀸䜥⫔킑鳿෨㯗硾뎀澦�謄中쯶笛횎쒜�ﴞퟮ㰘᠗픊쨦圚行齖ਆࡵ�똘苔�Ღ猉袻褱ྋ�⻥볩�즢딛�垗嵽힟媦�뀥ƣ冈頿ꫢ惌Ａ墉뱦賿婣Ⰵ広벮믓�
[  360.488215][ T5872] usb 4-1: Manufacturer: 繕燛掕ဂ艤您꾿䙂�욨ꮙ硢숮♟莉ຂ懊迬㺞㽯蛻�什㭇ǜ�嘴锂䤓�餦宧貄셑噻熬㗪뼆떾�윮ç�㔊慱译演暫ᦹ㴖�ꢭ�瀞�쀯᪻�еᙘᴗ�轓⯟瞆�Ꮋ��庮ꮶ귧爎㢇꒦䯱責鳑欿㋆⸎蚲�픫ᄕໆ뾖覿ᾶ鲼䯈柘誱�륺�겜疪앧鲳ﷂ믠�ᅧ윭
[  360.690211][ T8513] new mount options do not match the existing superblock, will be ignored
[  360.710225][ T8513] cgroup: option or name mismatch, new: 0x4 "", old: 0x0 ""
[  362.251997][ T5872] usb 4-1: SerialNumber: ᄶ⿩塠ۼ择艷淰瀤�ꊤ�諚꣞
[  362.393717][ T5872] usb 4-1: can't set config #1, error -71
[  362.434847][ T5872] usb 4-1: USB disconnect, device number 6
[  363.560408][ T8534] netlink: 4 bytes leftover after parsing attributes in process `syz.3.721'.
[  363.718963][ T8534] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(9)
[  363.725552][ T8534] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  363.863245][ T8534] vhci_hcd vhci_hcd.0: Device attached
[  364.138683][ T5871] vhci_hcd: vhci_device speed not set
[  364.312116][ T8531] netlink: 8 bytes leftover after parsing attributes in process `syz.3.721'.
[  364.380290][ T5871] usb 39-1: new full-speed USB device number 4 using vhci_hcd
[  364.398202][ T8544] Bluetooth: hci0: Opcode 0x0c03 failed: -112
[  365.080511][ T8546] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  365.107385][ T8546] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  365.125188][ T8546] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  365.136018][ T8546] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  366.337887][ T5818] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  366.377487][ T5818] Bluetooth: hci1: command 0x0c1a tx timeout
[  367.233436][ T5818] Bluetooth: hci2: command 0x0c1a tx timeout
[  367.242123][ T5818] Bluetooth: hci4: command 0x0c1a tx timeout
[  367.249247][ T5818] Bluetooth: hci3: command 0x0c1a tx timeout
[  367.424394][ T8535] vhci_hcd: connection reset by peer
[  367.446375][ T5928] vhci_hcd: stop threads
[  367.481312][ T5928] vhci_hcd: release socket
[  367.499105][ T5928] vhci_hcd: disconnect device
[  368.477147][ T5869] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  368.724029][ T5869] usb 3-1: Using ep0 maxpacket: 8
[  368.766685][ T5869] usb 3-1: config 179 has an invalid interface number: 65 but max is 0
[  368.824919][ T5869] usb 3-1: config 179 has no interface number 0
[  368.875451][ T5869] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  369.195618][ T5869] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  369.231015][ T5869] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  369.249636][ T5871] vhci_hcd: vhci_device speed not set
[  369.262002][ T5869] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  369.323128][ T8590] Bluetooth: hci0: Opcode 0x0c03 failed: -112
[  369.329972][ T5869] usb 3-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  369.373790][ T5869] usb 3-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  369.470040][ T5869] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  369.520758][ T8575] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  370.077985][ T8590] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  370.084221][ T8590] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  370.167655][ T8590] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  370.180324][ T8590] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  370.223684][    C1] xpad 3-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  370.232065][    C1] xpad 3-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  370.240831][ T5869] usb 3-1: USB disconnect, device number 11
[  371.157157][ T8608] netlink: 24 bytes leftover after parsing attributes in process `syz.1.738'.
[  371.177302][ T8608] netlink: 48 bytes leftover after parsing attributes in process `syz.1.738'.
[  371.563831][ T5818] Bluetooth: hci1: command 0x0c1a tx timeout
[  371.613065][ T5128] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  372.471139][ T5128] Bluetooth: hci2: command 0x0c1a tx timeout
[  372.471182][ T5818] Bluetooth: hci3: command 0x0c1a tx timeout
[  372.477205][ T5128] Bluetooth: hci4: command 0x0c1a tx timeout
[  372.829758][ T5871] IPVS: starting estimator thread 0...
[  373.524157][ T8621] IPVS: using max 23 ests per chain, 55200 per kthread
[  374.213208][ T8631] FAULT_INJECTION: forcing a failure.
[  374.213208][ T8631] name failslab, interval 1, probability 0, space 0, times 0
[  374.235778][ T8631] CPU: 0 UID: 0 PID: 8631 Comm: syz.0.744 Not tainted 6.15.0-rc6-syzkaller-00025-g627277ba7c23 #0 PREEMPT(full) 
[  374.235809][ T8631] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  374.235826][ T8631] Call Trace:
[  374.235834][ T8631]  <TASK>
[  374.235846][ T8631]  dump_stack_lvl+0x189/0x250
[  374.235885][ T8631]  ? __pfx_dump_stack_lvl+0x10/0x10
[  374.235913][ T8631]  ? __pfx__printk+0x10/0x10
[  374.235950][ T8631]  ? __pfx___might_resched+0x10/0x10
[  374.235994][ T8631]  should_fail_ex+0x414/0x560
[  374.236021][ T8631]  should_failslab+0xa8/0x100
[  374.236043][ T8631]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  374.236075][ T8631]  ? __alloc_skb+0x112/0x2d0
[  374.236105][ T8631]  __alloc_skb+0x112/0x2d0
[  374.236133][ T8631]  netlink_sendmsg+0x5c6/0xb30
[  374.236157][ T8631]  ? is_bpf_text_address+0x26/0x2b0
[  374.236194][ T8631]  ? __pfx_netlink_sendmsg+0x10/0x10
[  374.236227][ T8631]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  374.236248][ T8631]  ? __pfx_netlink_sendmsg+0x10/0x10
[  374.236274][ T8631]  __sock_sendmsg+0x21c/0x270
[  374.236297][ T8631]  ____sys_sendmsg+0x505/0x830
[  374.236329][ T8631]  ? __pfx_____sys_sendmsg+0x10/0x10
[  374.236364][ T8631]  ? import_iovec+0x74/0xa0
[  374.236395][ T8631]  ___sys_sendmsg+0x21f/0x2a0
[  374.236424][ T8631]  ? __pfx____sys_sendmsg+0x10/0x10
[  374.236491][ T8631]  ? __fget_files+0x2a/0x420
[  374.236509][ T8631]  ? __fget_files+0x3a0/0x420
[  374.236540][ T8631]  __x64_sys_sendmsg+0x19b/0x260
[  374.236570][ T8631]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  374.236620][ T8631]  ? do_syscall_64+0xba/0x210
[  374.236651][ T8631]  do_syscall_64+0xf6/0x210
[  374.236678][ T8631]  ? clear_bhb_loop+0x60/0xb0
[  374.236703][ T8631]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  374.236722][ T8631] RIP: 0033:0x7efe4218e969
[  374.236741][ T8631] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  374.236759][ T8631] RSP: 002b:00007efe4304a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  374.236781][ T8631] RAX: ffffffffffffffda RBX: 00007efe423b5fa0 RCX: 00007efe4218e969
[  374.236795][ T8631] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000005
[  374.236808][ T8631] RBP: 00007efe4304a090 R08: 0000000000000000 R09: 0000000000000000
[  374.236821][ T8631] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  374.236833][ T8631] R13: 0000000000000000 R14: 00007efe423b5fa0 R15: 00007fffa64085f8
[  374.236866][ T8631]  </TASK>
[  376.236646][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  376.244138][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  376.321979][   T30] audit: type=1326 audit(1747104433.782:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8658 comm="syz.3.752" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fdaee98e969 code=0x0
[  376.525902][ T8634] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  376.979045][ T8634] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  377.021632][ T8634] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  377.079154][ T8634] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  377.114339][ T8634] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  378.347093][ T8674] FAULT_INJECTION: forcing a failure.
[  378.347093][ T8674] name failslab, interval 1, probability 0, space 0, times 0
[  378.359943][ T8674] CPU: 1 UID: 0 PID: 8674 Comm: syz.0.753 Not tainted 6.15.0-rc6-syzkaller-00025-g627277ba7c23 #0 PREEMPT(full) 
[  378.359970][ T8674] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  378.359982][ T8674] Call Trace:
[  378.359990][ T8674]  <TASK>
[  378.359998][ T8674]  dump_stack_lvl+0x189/0x250
[  378.360033][ T8674]  ? __pfx_dump_stack_lvl+0x10/0x10
[  378.360064][ T8674]  ? __pfx__printk+0x10/0x10
[  378.360096][ T8674]  ? __pfx___might_resched+0x10/0x10
[  378.360126][ T8674]  ? fs_reclaim_acquire+0x7d/0x100
[  378.360153][ T8674]  should_fail_ex+0x414/0x560
[  378.360178][ T8674]  should_failslab+0xa8/0x100
[  378.360198][ T8674]  __kmalloc_cache_noprof+0x70/0x3d0
[  378.360227][ T8674]  ? alloc_pipe_info+0xe9/0x4d0
[  378.360261][ T8674]  alloc_pipe_info+0xe9/0x4d0
[  378.360292][ T8674]  splice_direct_to_actor+0xa5d/0xcc0
[  378.360324][ T8674]  ? preempt_schedule_irq+0xde/0x150
[  378.360347][ T8674]  ? __pfx_preempt_schedule_irq+0x10/0x10
[  378.360380][ T8674]  ? lockdep_hardirqs_on+0x9c/0x150
[  378.360406][ T8674]  ? __pfx_direct_splice_actor+0x10/0x10
[  378.360435][ T8674]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  378.360477][ T8674]  do_splice_direct+0x181/0x270
[  378.360509][ T8674]  ? __pfx_do_splice_direct+0x10/0x10
[  378.360539][ T8674]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  378.360560][ T8674]  ? bpf_lsm_file_permission+0x9/0x20
[  378.360591][ T8674]  ? security_file_permission+0x75/0x290
[  378.360616][ T8674]  ? rw_verify_area+0x258/0x650
[  378.360647][ T8674]  do_sendfile+0x4da/0x7d0
[  378.360668][ T8674]  ? __pfx_vfs_write+0x10/0x10
[  378.360702][ T8674]  ? __pfx_do_sendfile+0x10/0x10
[  378.360737][ T8674]  __se_sys_sendfile64+0x13e/0x190
[  378.360761][ T8674]  ? __pfx___se_sys_sendfile64+0x10/0x10
[  378.360785][ T8674]  ? do_syscall_64+0xba/0x210
[  378.360815][ T8674]  do_syscall_64+0xf6/0x210
[  378.360840][ T8674]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  378.360860][ T8674]  ? clear_bhb_loop+0x60/0xb0
[  378.360883][ T8674]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  378.360902][ T8674] RIP: 0033:0x7efe4218e969
[  378.360918][ T8674] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  378.360933][ T8674] RSP: 002b:00007efe43008038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  378.360949][ T8674] RAX: ffffffffffffffda RBX: 00007efe423b6160 RCX: 00007efe4218e969
[  378.360960][ T8674] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005
[  378.360968][ T8674] RBP: 00007efe43008090 R08: 0000000000000000 R09: 0000000000000000
[  378.360977][ T8674] R10: 0000000000201f00 R11: 0000000000000246 R12: 0000000000000001
[  378.360986][ T8674] R13: 0000000000000000 R14: 00007efe423b6160 R15: 00007fffa64085f8
[  378.361008][ T8674]  </TASK>
[  378.628423][    C1] vkms_vblank_simulate: vblank timer overrun
[  378.992327][ T5818] Bluetooth: hci1: command 0x0c1a tx timeout
[  378.998683][ T5818] Bluetooth: hci2: command 0x0c1a tx timeout
[  379.005188][ T5818] Bluetooth: hci3: command 0x0c1a tx timeout
[  379.052559][ T5818] Bluetooth: hci4: command 0x0c1a tx timeout
[  382.039577][ T8713] FAULT_INJECTION: forcing a failure.
[  382.039577][ T8713] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  382.220904][ T5869] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  382.223546][ T8717] netlink: 4 bytes leftover after parsing attributes in process `syz.1.766'.
[  382.309833][ T8718] netlink: 8 bytes leftover after parsing attributes in process `syz.1.766'.
[  382.359822][ T5869] usb 4-1: device descriptor read/64, error -71
[  382.378265][ T8713] CPU: 1 UID: 0 PID: 8713 Comm: syz.4.765 Not tainted 6.15.0-rc6-syzkaller-00025-g627277ba7c23 #0 PREEMPT(full) 
[  382.378295][ T8713] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  382.378308][ T8713] Call Trace:
[  382.378316][ T8713]  <TASK>
[  382.378326][ T8713]  dump_stack_lvl+0x189/0x250
[  382.378357][ T8713]  ? __lock_acquire+0xaac/0xd20
[  382.378388][ T8713]  ? __pfx_dump_stack_lvl+0x10/0x10
[  382.378415][ T8713]  ? __pfx__printk+0x10/0x10
[  382.378446][ T8713]  ? __might_fault+0xb0/0x130
[  382.378488][ T8713]  should_fail_ex+0x414/0x560
[  382.378513][ T8713]  _copy_from_iter+0x1db/0x15a0
[  382.378543][ T8713]  ? trace_kmem_cache_alloc+0x1f/0xc0
[  382.378570][ T8713]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  382.378603][ T8713]  ? __pfx__copy_from_iter+0x10/0x10
[  382.378631][ T8713]  ? __build_skb_around+0x257/0x3e0
[  382.378660][ T8713]  ? netlink_sendmsg+0x642/0xb30
[  382.378681][ T8713]  ? skb_put+0x11b/0x210
[  382.378707][ T8713]  netlink_sendmsg+0x6b2/0xb30
[  382.378723][ T8713]  ? is_bpf_text_address+0x26/0x2b0
[  382.378749][ T8713]  ? __pfx_netlink_sendmsg+0x10/0x10
[  382.378772][ T8713]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  382.378787][ T8713]  ? __pfx_netlink_sendmsg+0x10/0x10
[  382.378805][ T8713]  __sock_sendmsg+0x21c/0x270
[  382.378822][ T8713]  ____sys_sendmsg+0x505/0x830
[  382.378845][ T8713]  ? __pfx_____sys_sendmsg+0x10/0x10
[  382.378872][ T8713]  ? import_iovec+0x74/0xa0
[  382.378894][ T8713]  ___sys_sendmsg+0x21f/0x2a0
[  382.378915][ T8713]  ? __pfx____sys_sendmsg+0x10/0x10
[  382.378962][ T8713]  ? __fget_files+0x2a/0x420
[  382.378975][ T8713]  ? __fget_files+0x3a0/0x420
[  382.378996][ T8713]  __x64_sys_sendmsg+0x19b/0x260
[  382.379017][ T8713]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  382.379050][ T8713]  ? do_syscall_64+0xba/0x210
[  382.379071][ T8713]  do_syscall_64+0xf6/0x210
[  382.379090][ T8713]  ? clear_bhb_loop+0x60/0xb0
[  382.379108][ T8713]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  382.379122][ T8713] RIP: 0033:0x7f689878e969
[  382.379136][ T8713] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  382.379149][ T8713] RSP: 002b:00007f6899631038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  382.379165][ T8713] RAX: ffffffffffffffda RBX: 00007f68989b5fa0 RCX: 00007f689878e969
[  382.379176][ T8713] RDX: 0000000020040814 RSI: 0000200000000840 RDI: 0000000000000005
[  382.379186][ T8713] RBP: 00007f6899631090 R08: 0000000000000000 R09: 0000000000000000
[  382.379195][ T8713] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  382.379204][ T8713] R13: 0000000000000000 R14: 00007f68989b5fa0 R15: 00007ffe21c4a0d8
[  382.379234][ T8713]  </TASK>
[  382.770403][ T5869] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  382.900643][ T5869] usb 4-1: device descriptor read/64, error -71
[  383.006458][ T5869] usb usb4-port1: attempt power cycle
[  383.219356][ T8717] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(9)
[  383.225915][ T8717] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  383.793450][ T8717] vhci_hcd vhci_hcd.0: Device attached
[  383.805239][ T8720] vhci_hcd: connection closed
[  383.825268][ T5928] vhci_hcd: stop threads
[  383.843580][ T5928] vhci_hcd: release socket
[  383.853678][ T5928] vhci_hcd: disconnect device
[  383.873138][ T5869] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  383.907639][ T5869] usb 4-1: device descriptor read/8, error -71
[  384.123588][ T8728] fuse: Unknown parameter '000000000000000000000030x0000000000000003'
[  384.133396][ T5869] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  384.165979][ T5869] usb 4-1: device descriptor read/8, error -71
[  384.299091][ T5869] usb usb4-port1: unable to enumerate USB device
[  384.624699][ T5869] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  385.213022][ T5869] usb 5-1: New USB device found, idVendor=0582, idProduct=008d, bcdDevice=7a.ac
[  385.282392][ T5869] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  385.367274][ T5869] usb 5-1: Product: syz
[  385.404390][ T5869] usb 5-1: Manufacturer: syz
[  385.525389][ T5869] usb 5-1: SerialNumber: syz
[  385.533589][ T5869] usb 5-1: config 0 descriptor??
[  385.819066][ T5869] usb 5-1: interface 1 not found
[  386.105754][ T5869] usb 5-1: USB disconnect, device number 21
[  387.496291][ T5869] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  387.563833][ T5956] usb 1-1: new full-speed USB device number 11 using dummy_hcd
[  387.644955][ T5869] usb 5-1: Using ep0 maxpacket: 8
[  387.713352][ T5869] usb 5-1: config index 0 descriptor too short (expected 6427, got 27)
[  387.780774][ T8803] netlink: 4 bytes leftover after parsing attributes in process `syz.2.779'.
[  387.803353][ T5869] usb 5-1: config 0 has an invalid interface number: 21 but max is 0
[  387.811489][ T5869] usb 5-1: config 0 has no interface number 0
[  387.930356][ T8808] netlink: 8 bytes leftover after parsing attributes in process `syz.2.779'.
[  387.961295][ T8804] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(9)
[  387.967867][ T8804] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  387.976054][ T5869] usb 5-1: config 0 interface 21 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  387.991542][ T8804] vhci_hcd vhci_hcd.0: Device attached
[  388.165667][ T5956] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[  388.175089][ T5956] usb 1-1: config 0 has no interface number 0
[  388.316492][ T5956] usb 1-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e
[  388.344916][ T8806] vhci_hcd: connection closed
[  388.352958][ T6285] vhci_hcd: stop threads
[  388.355044][ T5956] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  388.358289][ T6285] vhci_hcd: release socket
[  388.380854][ T5869] usb 5-1: config 0 interface 21 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  388.401311][ T5869] usb 5-1: config 0 interface 21 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  388.415016][ T6285] vhci_hcd: disconnect device
[  388.913890][ T3077] vhci_hcd: vhci_device speed not set
[  388.928989][ T5956] usb 1-1: config 0 descriptor??
[  388.961278][ T5956] usb 1-1: selecting invalid altsetting 1
[  388.968210][ T5956] dvb_ttusb_budget: ttusb_init_controller: error
[  388.976688][ T5956] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB)
[  388.983174][ T5869] usb 5-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4
[  389.026582][ T5869] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  389.073411][ T5869] usb 5-1: config 0 descriptor??
[  389.090308][ T8792] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  390.237205][ T5956] DVB: Unable to find symbol cx22700_attach()
[  390.644678][ T8824] FAULT_INJECTION: forcing a failure.
[  390.644678][ T8824] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  390.726731][ T8824] CPU: 0 UID: 0 PID: 8824 Comm: syz.1.783 Not tainted 6.15.0-rc6-syzkaller-00025-g627277ba7c23 #0 PREEMPT(full) 
[  390.726768][ T8824] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  390.726781][ T8824] Call Trace:
[  390.726789][ T8824]  <TASK>
[  390.726798][ T8824]  dump_stack_lvl+0x189/0x250
[  390.726830][ T8824]  ? __lock_acquire+0xaac/0xd20
[  390.726861][ T8824]  ? __pfx_dump_stack_lvl+0x10/0x10
[  390.726889][ T8824]  ? __pfx__printk+0x10/0x10
[  390.726920][ T8824]  ? __might_fault+0xb0/0x130
[  390.726963][ T8824]  should_fail_ex+0x414/0x560
[  390.726990][ T8824]  _copy_from_iter+0x1db/0x15a0
[  390.727024][ T8824]  ? trace_kmem_cache_alloc+0x1f/0xc0
[  390.727051][ T8824]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  390.727083][ T8824]  ? __pfx__copy_from_iter+0x10/0x10
[  390.727110][ T8824]  ? __build_skb_around+0x257/0x3e0
[  390.727139][ T8824]  ? netlink_sendmsg+0x642/0xb30
[  390.727160][ T8824]  ? skb_put+0x11b/0x210
[  390.727189][ T8824]  netlink_sendmsg+0x6b2/0xb30
[  390.727210][ T8824]  ? is_bpf_text_address+0x26/0x2b0
[  390.727247][ T8824]  ? __pfx_netlink_sendmsg+0x10/0x10
[  390.727279][ T8824]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  390.727301][ T8824]  ? __pfx_netlink_sendmsg+0x10/0x10
[  390.727325][ T8824]  __sock_sendmsg+0x21c/0x270
[  390.727348][ T8824]  ____sys_sendmsg+0x505/0x830
[  390.727383][ T8824]  ? __pfx_____sys_sendmsg+0x10/0x10
[  390.727420][ T8824]  ? import_iovec+0x74/0xa0
[  390.727451][ T8824]  ___sys_sendmsg+0x21f/0x2a0
[  390.727480][ T8824]  ? __pfx____sys_sendmsg+0x10/0x10
[  390.727547][ T8824]  ? __fget_files+0x2a/0x420
[  390.727565][ T8824]  ? __fget_files+0x3a0/0x420
[  390.727595][ T8824]  __x64_sys_sendmsg+0x19b/0x260
[  390.727625][ T8824]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  390.727675][ T8824]  ? do_syscall_64+0xba/0x210
[  390.727704][ T8824]  do_syscall_64+0xf6/0x210
[  390.727731][ T8824]  ? clear_bhb_loop+0x60/0xb0
[  390.727761][ T8824]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  390.727781][ T8824] RIP: 0033:0x7f09e638e969
[  390.727799][ T8824] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  390.727817][ T8824] RSP: 002b:00007f09e72d8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  390.727838][ T8824] RAX: ffffffffffffffda RBX: 00007f09e65b5fa0 RCX: 00007f09e638e969
[  390.727852][ T8824] RDX: 0000000000000000 RSI: 00002000000007c0 RDI: 0000000000000004
[  390.727865][ T8824] RBP: 00007f09e72d8090 R08: 0000000000000000 R09: 0000000000000000
[  390.727877][ T8824] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  390.727889][ T8824] R13: 0000000000000000 R14: 00007f09e65b5fa0 R15: 00007fff6be26218
[  390.727921][ T8824]  </TASK>
[  391.024344][ T5956] DVB: Unable to find symbol tda10046_attach()
[  391.030793][ T5956] dvb_ttusb_budget: no frontend driver found for device [0b48:1005]
[  391.042825][ T5956] usb 1-1: USB disconnect, device number 11
[  391.204004][ T5869] usb 5-1: USB disconnect, device number 22
[  391.293146][ T8829] loop2: detected capacity change from 0 to 7
[  391.304717][ T8829] Dev loop2: unable to read RDB block 7
[  391.318044][ T8829]  loop2: unable to read partition table
[  391.332732][ T8829] loop2: partition table beyond EOD, truncated
[  391.339472][ T8829] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  391.611157][ T8829] netlink: 8 bytes leftover after parsing attributes in process `syz.2.785'.
[  391.665401][ T8829] vlan2: entered allmulticast mode
[  391.741483][ T8829] dummy0: entered allmulticast mode
[  391.904068][ T8842] bridge_slave_0: left allmulticast mode
[  391.910061][ T8842] bridge_slave_0: left promiscuous mode
[  391.916994][ T8842] bridge0: port 1(bridge_slave_0) entered disabled state
[  391.946779][ T8842] bridge_slave_1: left allmulticast mode
[  391.952690][ T8842] bridge_slave_1: left promiscuous mode
[  391.961274][ T8842] bridge0: port 2(bridge_slave_1) entered disabled state
[  391.995923][ T8842] bond0: (slave bond_slave_0): Releasing backup interface
[  392.094191][ T8842] bond0: (slave bond_slave_1): Releasing backup interface
[  392.227996][ T8842] team0: Port device team_slave_0 removed
[  392.381378][ T8842] team0: Port device team_slave_1 removed
[  392.392534][ T8842] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  392.400311][ T8842] batman_adv: batadv0: Removing interface: batadv_slave_0
[  392.456235][ T8842] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  392.464096][ T8842] batman_adv: batadv0: Removing interface: batadv_slave_1
[  392.561817][ T8842] bond0: (slave wlan1): Releasing backup interface
[  392.621063][ T8846] FAULT_INJECTION: forcing a failure.
[  392.621063][ T8846] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  392.635575][ T8846] CPU: 1 UID: 0 PID: 8846 Comm: syz.0.789 Not tainted 6.15.0-rc6-syzkaller-00025-g627277ba7c23 #0 PREEMPT(full) 
[  392.635594][ T8846] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  392.635603][ T8846] Call Trace:
[  392.635608][ T8846]  <TASK>
[  392.635615][ T8846]  dump_stack_lvl+0x189/0x250
[  392.635637][ T8846]  ? __lock_acquire+0xaac/0xd20
[  392.635658][ T8846]  ? __pfx_dump_stack_lvl+0x10/0x10
[  392.635676][ T8846]  ? __pfx__printk+0x10/0x10
[  392.635701][ T8846]  ? __might_fault+0xb0/0x130
[  392.635732][ T8846]  should_fail_ex+0x414/0x560
[  392.635749][ T8846]  _copy_from_user+0x2d/0xb0
[  392.635769][ T8846]  core_sys_select+0x633/0x990
[  392.635798][ T8846]  ? __pfx_core_sys_select+0x10/0x10
[  392.635836][ T8846]  ? __pfx_set_user_sigmask+0x10/0x10
[  392.635866][ T8846]  __se_sys_pselect6+0x27a/0x300
[  392.635891][ T8846]  ? __pfx___se_sys_pselect6+0x10/0x10
[  392.635916][ T8846]  ? __x64_sys_pselect6+0x21/0xf0
[  392.635939][ T8846]  do_syscall_64+0xf6/0x210
[  392.635958][ T8846]  ? clear_bhb_loop+0x60/0xb0
[  392.635976][ T8846]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  392.635989][ T8846] RIP: 0033:0x7efe4218e969
[  392.636002][ T8846] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  392.636014][ T8846] RSP: 002b:00007efe43029038 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
[  392.636029][ T8846] RAX: ffffffffffffffda RBX: 00007efe423b6080 RCX: 00007efe4218e969
[  392.636039][ T8846] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000040
[  392.636048][ T8846] RBP: 00007efe43029090 R08: 0000000000000000 R09: 0000000000000000
[  392.636057][ T8846] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000000000000001
[  392.636066][ T8846] R13: 0000000000000000 R14: 00007efe423b6080 R15: 00007fffa64085f8
[  392.636087][ T8846]  </TASK>
[  394.314327][ T8861] new mount options do not match the existing superblock, will be ignored
[  394.329220][ T8861] cgroup: option or name mismatch, new: 0x4 "", old: 0x0 ""
[  394.924812][ T5869] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  394.955002][ T8872] netlink: 4 bytes leftover after parsing attributes in process `syz.3.796'.
[  394.978087][ T8872] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(9)
[  394.984746][ T8872] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  394.993579][ T8872] vhci_hcd vhci_hcd.0: Device attached
[  395.191698][ T8872] netlink: 8 bytes leftover after parsing attributes in process `syz.3.796'.
[  395.202391][ T5869] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  395.202612][ T5869] usb 2-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[  395.202694][ T5869] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  395.217519][ T5869] usb 2-1: config 0 descriptor??
[  395.455587][ T5956] vhci_hcd: vhci_device speed not set
[  395.520270][ T5956] usb 39-1: new full-speed USB device number 5 using vhci_hcd
[  395.601382][ T8873] vhci_hcd: connection closed
[  395.604094][   T53] vhci_hcd: stop threads
[  395.638953][   T53] vhci_hcd: release socket
[  395.650606][   T53] vhci_hcd: disconnect device
[  395.779908][ T5869] lg-g15 0003:046D:C222.0005: item fetching failed at offset 3/7
[  396.020481][ T5869] lg-g15 0003:046D:C222.0005: probe with driver lg-g15 failed with error -22
[  396.043226][ T5869] usb 2-1: USB disconnect, device number 12
[  396.147359][ T8883] Illegal XDP return value 4294967274 on prog  (id 160) dev syz_tun, expect packet loss!
[  396.664011][ T8889] FAULT_INJECTION: forcing a failure.
[  396.664011][ T8889] name failslab, interval 1, probability 0, space 0, times 0
[  396.723659][ T8889] CPU: 1 UID: 0 PID: 8889 Comm: syz.1.800 Not tainted 6.15.0-rc6-syzkaller-00025-g627277ba7c23 #0 PREEMPT(full) 
[  396.723689][ T8889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  396.723702][ T8889] Call Trace:
[  396.723710][ T8889]  <TASK>
[  396.723718][ T8889]  dump_stack_lvl+0x189/0x250
[  396.723753][ T8889]  ? __pfx_dump_stack_lvl+0x10/0x10
[  396.723780][ T8889]  ? __pfx__printk+0x10/0x10
[  396.723814][ T8889]  ? __pfx___might_resched+0x10/0x10
[  396.723841][ T8889]  ? fs_reclaim_acquire+0x7d/0x100
[  396.723867][ T8889]  should_fail_ex+0x414/0x560
[  396.723892][ T8889]  should_failslab+0xa8/0x100
[  396.723913][ T8889]  __kmalloc_cache_noprof+0x70/0x3d0
[  396.723941][ T8889]  ? drm_atomic_state_alloc+0xa9/0x100
[  396.723966][ T8889]  drm_atomic_state_alloc+0xa9/0x100
[  396.723987][ T8889]  drm_mode_atomic_ioctl+0x437/0xcb0
[  396.724026][ T8889]  ? __pfx_drm_mode_atomic_ioctl+0x10/0x10
[  396.724074][ T8889]  ? do_raw_spin_unlock+0x122/0x240
[  396.724098][ T8889]  ? _raw_spin_unlock+0x28/0x50
[  396.724117][ T8889]  ? drm_is_current_master+0x19f/0x200
[  396.724143][ T8889]  drm_ioctl_kernel+0x2cc/0x390
[  396.724178][ T8889]  ? __pfx_drm_mode_atomic_ioctl+0x10/0x10
[  396.724201][ T8889]  ? __pfx_drm_ioctl_kernel+0x10/0x10
[  396.724237][ T8889]  drm_ioctl+0x67f/0xb10
[  396.724266][ T8889]  ? __pfx_drm_mode_atomic_ioctl+0x10/0x10
[  396.724295][ T8889]  ? __pfx_drm_ioctl+0x10/0x10
[  396.724333][ T8889]  ? __fget_files+0x3a0/0x420
[  396.724350][ T8889]  ? __fget_files+0x2a/0x420
[  396.724371][ T8889]  ? bpf_lsm_file_ioctl+0x9/0x20
[  396.724395][ T8889]  ? __pfx_drm_ioctl+0x10/0x10
[  396.724418][ T8889]  __se_sys_ioctl+0xf9/0x170
[  396.724444][ T8889]  do_syscall_64+0xf6/0x210
[  396.724469][ T8889]  ? clear_bhb_loop+0x60/0xb0
[  396.724491][ T8889]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  396.724509][ T8889] RIP: 0033:0x7f09e638e969
[  396.724526][ T8889] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  396.724542][ T8889] RSP: 002b:00007f09e72d8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  396.724562][ T8889] RAX: ffffffffffffffda RBX: 00007f09e65b5fa0 RCX: 00007f09e638e969
[  396.724576][ T8889] RDX: 00002000000001c0 RSI: 00000000c03864bc RDI: 0000000000000003
[  396.724589][ T8889] RBP: 00007f09e72d8090 R08: 0000000000000000 R09: 0000000000000000
[  396.724600][ T8889] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  396.724611][ T8889] R13: 0000000000000000 R14: 00007f09e65b5fa0 R15: 00007fff6be26218
[  396.724640][ T8889]  </TASK>
[  396.981787][    C1] vkms_vblank_simulate: vblank timer overrun
[  397.277424][ T8894] netlink: 14593 bytes leftover after parsing attributes in process `syz.3.802'.
[  400.325568][ T8924] new mount options do not match the existing superblock, will be ignored
[  400.335228][ T8924] cgroup: option or name mismatch, new: 0x4 "", old: 0x0 ""
[  400.423841][ T5956] vhci_hcd: vhci_device speed not set
[  403.831816][ T8955] fuse: Bad value for 'group_id'
[  403.842481][ T8955] fuse: Bad value for 'group_id'
[  404.169255][ T8964] veth0_vlan: entered allmulticast mode
[  404.315178][ T8965] veth0_vlan: left promiscuous mode
[  404.321797][ T8965] veth0_vlan: entered promiscuous mode
[  405.510008][   T30] audit: type=1326 audit(1747104465.089:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8974 comm="syz.2.823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33bbb8e969 code=0x7ffc0000
[  405.563326][   T30] audit: type=1326 audit(1747104465.089:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8974 comm="syz.2.823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33bbb8e969 code=0x7ffc0000
[  405.591164][   T30] audit: type=1326 audit(1747104465.121:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8974 comm="syz.2.823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f33bbb8e969 code=0x7ffc0000
[  405.627563][   T30] audit: type=1326 audit(1747104465.121:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8974 comm="syz.2.823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33bbb8e969 code=0x7ffc0000
[  405.732471][   T30] audit: type=1326 audit(1747104465.121:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8974 comm="syz.2.823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33bbb8e969 code=0x7ffc0000
[  405.918658][   T30] audit: type=1326 audit(1747104465.121:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8974 comm="syz.2.823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=195 compat=0 ip=0x7f33bbb8e969 code=0x7ffc0000
[  405.992836][   T30] audit: type=1326 audit(1747104465.121:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8974 comm="syz.2.823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33bbb8e969 code=0x7ffc0000
[  406.678183][   T30] audit: type=1326 audit(1747104465.121:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8974 comm="syz.2.823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=50 compat=0 ip=0x7f33bbb8e969 code=0x7ffc0000
[  406.699959][   T30] audit: type=1326 audit(1747104465.121:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8974 comm="syz.2.823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33bbb8e969 code=0x7ffc0000
[  406.722146][   T30] audit: type=1326 audit(1747104465.121:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8974 comm="syz.2.823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f33bbb8e969 code=0x7ffc0000
[  407.061908][ T8985] mmap: syz.1.827 (8985) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  408.801101][ T8998] netlink: 8 bytes leftover after parsing attributes in process `syz.1.830'.
[  408.858916][ T8998] netlink: 8 bytes leftover after parsing attributes in process `syz.1.830'.
[  409.172404][ T9014] netlink: 52 bytes leftover after parsing attributes in process `syz.1.836'.
[  409.287527][ T9016] new mount options do not match the existing superblock, will be ignored
[  409.302408][ T9016] cgroup: option or name mismatch, new: 0x4 "", old: 0x0 ""
[  410.882653][ T9023] FAULT_INJECTION: forcing a failure.
[  410.882653][ T9023] name failslab, interval 1, probability 0, space 0, times 0
[  410.895718][ T9023] CPU: 1 UID: 0 PID: 9023 Comm: syz.0.838 Not tainted 6.15.0-rc6-syzkaller-00025-g627277ba7c23 #0 PREEMPT(full) 
[  410.895746][ T9023] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  410.895758][ T9023] Call Trace:
[  410.895765][ T9023]  <TASK>
[  410.895774][ T9023]  dump_stack_lvl+0x189/0x250
[  410.895809][ T9023]  ? __pfx_dump_stack_lvl+0x10/0x10
[  410.895834][ T9023]  ? __pfx__printk+0x10/0x10
[  410.895866][ T9023]  ? __pfx___might_resched+0x10/0x10
[  410.895896][ T9023]  ? fs_reclaim_acquire+0x7d/0x100
[  410.895922][ T9023]  should_fail_ex+0x414/0x560
[  410.895946][ T9023]  should_failslab+0xa8/0x100
[  410.895967][ T9023]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  410.895996][ T9023]  ? smk_access+0x14c/0x4e0
[  410.896021][ T9023]  ? __alloc_skb+0x112/0x2d0
[  410.896047][ T9023]  __alloc_skb+0x112/0x2d0
[  410.896074][ T9023]  alloc_skb_with_frags+0xca/0x890
[  410.896097][ T9023]  ? __lock_acquire+0xaac/0xd20
[  410.896130][ T9023]  ? __lock_acquire+0xaac/0xd20
[  410.896160][ T9023]  sock_alloc_send_pskb+0x857/0x990
[  410.896193][ T9023]  ? __lock_acquire+0xaac/0xd20
[  410.896229][ T9023]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  410.896264][ T9023]  ? is_bpf_text_address+0x26/0x2b0
[  410.896300][ T9023]  tun_get_user+0x9c9/0x3c20
[  410.896353][ T9023]  ? __pfx_tun_get_user+0x10/0x10
[  410.896389][ T9023]  ? __lock_acquire+0xaac/0xd20
[  410.896419][ T9023]  ? ref_tracker_alloc+0x318/0x460
[  410.896443][ T9023]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  410.896467][ T9023]  ? tun_get+0x1c/0x2f0
[  410.896499][ T9023]  ? tun_get+0x1c/0x2f0
[  410.896525][ T9023]  ? tun_get+0x1c/0x2f0
[  410.896557][ T9023]  tun_chr_write_iter+0x113/0x200
[  410.896588][ T9023]  vfs_write+0x54b/0xa90
[  410.896632][ T9023]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  410.896661][ T9023]  ? __pfx_vfs_write+0x10/0x10
[  410.896701][ T9023]  ? __fget_files+0x2a/0x420
[  410.896730][ T9023]  ksys_write+0x145/0x250
[  410.896762][ T9023]  ? __pfx_ksys_write+0x10/0x10
[  410.896793][ T9023]  ? do_syscall_64+0xba/0x210
[  410.896823][ T9023]  do_syscall_64+0xf6/0x210
[  410.896850][ T9023]  ? clear_bhb_loop+0x60/0xb0
[  410.896875][ T9023]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  410.896895][ T9023] RIP: 0033:0x7efe4218d41f
[  410.896915][ T9023] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  410.896932][ T9023] RSP: 002b:00007efe4304a000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  410.896955][ T9023] RAX: ffffffffffffffda RBX: 00007efe423b5fa0 RCX: 00007efe4218d41f
[  410.896970][ T9023] RDX: 0000000000000fc0 RSI: 0000200000007940 RDI: 00000000000000c8
[  410.896983][ T9023] RBP: 00007efe4304a090 R08: 0000000000000000 R09: 0000000000000000
[  410.896997][ T9023] R10: 0000000000000fc0 R11: 0000000000000293 R12: 0000000000000001
[  410.897009][ T9023] R13: 0000000000000001 R14: 00007efe423b5fa0 R15: 00007fffa64085f8
[  410.897040][ T9023]  </TASK>
[  411.387444][ T9026] netlink: 'syz.2.833': attribute type 2 has an invalid length.
[  411.406372][ T9026] : entered promiscuous mode
[  413.459049][   T59] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  413.579096][   T30] kauditd_printk_skb: 26 callbacks suppressed
[  413.579115][   T30] audit: type=1326 audit(1747104473.747:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9047 comm="syz.4.845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f689878e969 code=0x7ffc0000
[  413.642724][   T30] audit: type=1326 audit(1747104473.747:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9047 comm="syz.4.845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f689878e969 code=0x7ffc0000
[  413.660274][   T59] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  413.714396][   T59] usb 1-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[  413.724028][   T30] audit: type=1326 audit(1747104473.747:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9047 comm="syz.4.845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f689878e969 code=0x7ffc0000
[  413.724078][   T30] audit: type=1326 audit(1747104473.747:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9047 comm="syz.4.845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f689878e969 code=0x7ffc0000
[  413.724121][   T30] audit: type=1326 audit(1747104473.747:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9047 comm="syz.4.845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=195 compat=0 ip=0x7f689878e969 code=0x7ffc0000
[  413.724164][   T30] audit: type=1326 audit(1747104473.747:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9047 comm="syz.4.845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f689878e969 code=0x7ffc0000
[  413.724210][   T30] audit: type=1326 audit(1747104473.747:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9047 comm="syz.4.845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=50 compat=0 ip=0x7f689878e969 code=0x7ffc0000
[  413.724253][   T30] audit: type=1326 audit(1747104473.747:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9047 comm="syz.4.845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f689878e969 code=0x7ffc0000
[  413.724296][   T30] audit: type=1326 audit(1747104473.747:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9047 comm="syz.4.845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f689878e969 code=0x7ffc0000
[  413.724339][   T30] audit: type=1326 audit(1747104473.747:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9047 comm="syz.4.845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f689878e969 code=0x7ffc0000
[  413.885364][ T9050] FAULT_INJECTION: forcing a failure.
[  413.885364][ T9050] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  413.994475][ T9050] CPU: 1 UID: 0 PID: 9050 Comm: syz.4.846 Not tainted 6.15.0-rc6-syzkaller-00025-g627277ba7c23 #0 PREEMPT(full) 
[  413.994508][ T9050] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  413.994521][ T9050] Call Trace:
[  413.994529][ T9050]  <TASK>
[  413.994538][ T9050]  dump_stack_lvl+0x189/0x250
[  413.994574][ T9050]  ? __pfx_dump_stack_lvl+0x10/0x10
[  413.994603][ T9050]  ? __pfx__printk+0x10/0x10
[  413.994650][ T9050]  should_fail_ex+0x414/0x560
[  413.994679][ T9050]  _copy_to_user+0x31/0xb0
[  413.994710][ T9050]  kvm_arch_vcpu_ioctl+0x1ccf/0x2a10
[  413.994751][ T9050]  ? __lock_acquire+0xaac/0xd20
[  413.994781][ T9050]  ? __pfx_kvm_arch_vcpu_ioctl+0x10/0x10
[  413.994824][ T9050]  ? __lock_acquire+0xaac/0xd20
[  413.994874][ T9050]  ? is_bpf_text_address+0x26/0x2b0
[  413.994908][ T9050]  ? is_bpf_text_address+0x292/0x2b0
[  413.994935][ T9050]  ? is_bpf_text_address+0x26/0x2b0
[  413.994967][ T9050]  ? kernel_text_address+0xa5/0xe0
[  413.994995][ T9050]  ? __kernel_text_address+0xd/0x40
[  413.995021][ T9050]  ? unwind_get_return_address+0x4d/0x90
[  413.995045][ T9050]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  413.995068][ T9050]  ? arch_stack_walk+0xfc/0x150
[  413.995108][ T9050]  ? stack_trace_save+0x9c/0xe0
[  413.995133][ T9050]  ? stack_depot_save_flags+0x40/0x910
[  413.995178][ T9050]  ? __lock_acquire+0xaac/0xd20
[  413.995214][ T9050]  ? __mutex_trylock_common+0x153/0x260
[  413.995238][ T9050]  ? __pfx___mutex_trylock_common+0x10/0x10
[  413.995265][ T9050]  ? rcu_is_watching+0x15/0xb0
[  413.995294][ T9050]  ? trace_contention_end+0x39/0x120
[  413.995467][ T9050]  ? __mutex_lock+0x330/0xe80
[  413.995529][ T9050]  ? __pfx___mutex_lock+0x10/0x10
[  413.995557][ T9050]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  413.995586][ T9050]  ? tomoyo_path_number_perm+0x4e2/0x5a0
[  413.995608][ T9050]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  413.995632][ T9050]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  413.995660][ T9050]  kvm_vcpu_ioctl+0x74b/0xe90
[  413.995696][ T9050]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  413.995724][ T9050]  ? __lock_acquire+0xaac/0xd20
[  413.995757][ T9050]  ? __asan_memset+0x22/0x50
[  413.995783][ T9050]  ? smack_file_ioctl+0x302/0x340
[  413.995807][ T9050]  ? __pfx_smack_file_ioctl+0x10/0x10
[  413.995840][ T9050]  ? __fget_files+0x3a0/0x420
[  413.995859][ T9050]  ? __fget_files+0x2a/0x420
[  413.995882][ T9050]  ? bpf_lsm_file_ioctl+0x9/0x20
[  413.995908][ T9050]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  413.995935][ T9050]  __se_sys_ioctl+0xf9/0x170
[  413.995965][ T9050]  do_syscall_64+0xf6/0x210
[  413.995993][ T9050]  ? clear_bhb_loop+0x60/0xb0
[  413.996020][ T9050]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  413.996040][ T9050] RIP: 0033:0x7f689878e969
[  413.996059][ T9050] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  413.996076][ T9050] RSP: 002b:00007f6899631038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  413.996098][ T9050] RAX: ffffffffffffffda RBX: 00007f68989b5fa0 RCX: 00007f689878e969
[  413.996113][ T9050] RDX: 0000200000000280 RSI: 00000000c048aeca RDI: 0000000000000005
[  413.996128][ T9050] RBP: 00007f6899631090 R08: 0000000000000000 R09: 0000000000000000
[  413.996141][ T9050] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  413.996153][ T9050] R13: 0000000000000000 R14: 00007f68989b5fa0 R15: 00007ffe21c4a0d8
[  413.996187][ T9050]  </TASK>
[  414.651506][ T9052] netlink: 52 bytes leftover after parsing attributes in process `syz.3.847'.
[  414.925030][   T59] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  414.987191][   T59] usb 1-1: config 0 descriptor??
[  415.218183][ T9056] Bluetooth: hci0: Opcode 0x0c03 failed: -112
[  415.538079][ T9066] new mount options do not match the existing superblock, will be ignored
[  415.553935][ T9066] cgroup: option or name mismatch, new: 0x4 "", old: 0x0 ""
[  415.774265][ T9064] workqueue: Failed to create a rescuer kthread for wq "bond4": -EINTR
[  415.808835][ T9060] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  415.986017][   T59] lg-g15 0003:046D:C222.0006: item fetching failed at offset 3/7
[  416.008144][   T59] lg-g15 0003:046D:C222.0006: probe with driver lg-g15 failed with error -22
[  416.018387][ T9062] netlink: 4 bytes leftover after parsing attributes in process `syz.1.851'.
[  416.046913][   T59] usb 1-1: USB disconnect, device number 12
[  416.091523][ T9060] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  416.104638][ T9060] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  416.112122][ T9060] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  416.118324][ T9060] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  416.246595][ T9058] netlink: 8 bytes leftover after parsing attributes in process `syz.1.851'.
[  416.269394][ T9073] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(9)
[  416.275964][ T9073] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  416.307514][ T9073] vhci_hcd vhci_hcd.0: Device attached
[  416.488702][ T9075] vhci_hcd: connection closed
[  416.492459][ T6286] vhci_hcd: stop threads
[  417.150880][ T6286] vhci_hcd: release socket
[  417.161452][ T6286] vhci_hcd: disconnect device
[  417.209694][   T59] vhci_hcd: vhci_device speed not set
[  418.009249][ T5128] Bluetooth: hci2: command 0x0c1a tx timeout
[  418.016379][ T5128] Bluetooth: hci1: command 0x0c1a tx timeout
[  418.049092][ T5818] Bluetooth: hci4: command 0x0c1a tx timeout
[  418.055361][ T5128] Bluetooth: hci3: command 0x0c1a tx timeout
[  418.394240][   T30] kauditd_printk_skb: 8 callbacks suppressed
[  418.394259][   T30] audit: type=1326 audit(1747104478.897:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9093 comm="syz.2.856" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33bbb8e969 code=0x7ffc0000
[  418.566263][   T30] audit: type=1326 audit(1747104478.897:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9093 comm="syz.2.856" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33bbb8e969 code=0x7ffc0000
[  418.622624][   T30] audit: type=1326 audit(1747104478.908:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9093 comm="syz.2.856" exe="/root/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f33bbb8e969 code=0x7ffc0000
[  418.655504][   T30] audit: type=1326 audit(1747104478.908:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9093 comm="syz.2.856" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33bbb8e969 code=0x7ffc0000
[  418.664328][ T9100] netlink: 60 bytes leftover after parsing attributes in process `syz.4.858'.
[  418.688135][   T30] audit: type=1326 audit(1747104478.908:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9093 comm="syz.2.856" exe="/root/syz-executor" sig=0 arch=c000003e syscall=195 compat=0 ip=0x7f33bbb8e969 code=0x7ffc0000
[  418.723740][ T9099] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  418.741788][ T9099] netlink: 8 bytes leftover after parsing attributes in process `syz.2.859'.
[  418.778426][   T30] audit: type=1326 audit(1747104478.908:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9093 comm="syz.2.856" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33bbb8e969 code=0x7ffc0000
[  418.931180][   T30] audit: type=1326 audit(1747104478.908:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9093 comm="syz.2.856" exe="/root/syz-executor" sig=0 arch=c000003e syscall=50 compat=0 ip=0x7f33bbb8e969 code=0x7ffc0000
[  419.400870][   T30] audit: type=1326 audit(1747104478.908:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9093 comm="syz.2.856" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33bbb8e969 code=0x7ffc0000
[  419.409572][ T5939] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  419.448587][   T30] audit: type=1326 audit(1747104478.908:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9093 comm="syz.2.856" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33bbb8e969 code=0x7ffc0000
[  419.490464][   T30] audit: type=1326 audit(1747104478.908:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9093 comm="syz.2.856" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f33bbb8e969 code=0x7ffc0000
[  420.027854][ T5939] usb 3-1: device descriptor read/64, error -71
[  421.194046][ T5939] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  421.338553][ T9130] FAULT_INJECTION: forcing a failure.
[  421.338553][ T9130] name failslab, interval 1, probability 0, space 0, times 0
[  421.354159][ T9130] CPU: 0 UID: 0 PID: 9130 Comm: syz.1.867 Not tainted 6.15.0-rc6-syzkaller-00025-g627277ba7c23 #0 PREEMPT(full) 
[  421.354190][ T9130] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  421.354202][ T9130] Call Trace:
[  421.354207][ T9130]  <TASK>
[  421.354214][ T9130]  dump_stack_lvl+0x189/0x250
[  421.354240][ T9130]  ? __pfx_dump_stack_lvl+0x10/0x10
[  421.354260][ T9130]  ? __pfx__printk+0x10/0x10
[  421.354284][ T9130]  ? __pfx___might_resched+0x10/0x10
[  421.354307][ T9130]  ? fs_reclaim_acquire+0x7d/0x100
[  421.354327][ T9130]  should_fail_ex+0x414/0x560
[  421.354344][ T9130]  should_failslab+0xa8/0x100
[  421.354359][ T9130]  kmem_cache_alloc_noprof+0x73/0x3c0
[  421.354380][ T9130]  ? security_file_alloc+0x34/0x330
[  421.354400][ T9130]  security_file_alloc+0x34/0x330
[  421.354418][ T9130]  init_file+0x93/0x2f0
[  421.354436][ T9130]  alloc_empty_file+0x6e/0x1d0
[  421.354452][ T9130]  path_openat+0x107/0x3830
[  421.354469][ T9130]  ? arch_stack_walk+0xfc/0x150
[  421.354496][ T9130]  ? stack_trace_save+0x9c/0xe0
[  421.354512][ T9130]  ? stack_depot_save_flags+0x40/0x910
[  421.354527][ T9130]  ? sched_clock+0x3f/0x60
[  421.354552][ T9130]  ? kasan_save_track+0x4f/0x80
[  421.354572][ T9130]  ? __kasan_slab_alloc+0x6c/0x80
[  421.354591][ T9130]  ? kmem_cache_alloc_noprof+0x1c1/0x3c0
[  421.354611][ T9130]  ? getname_flags+0xb8/0x540
[  421.354625][ T9130]  ? __pfx_path_openat+0x10/0x10
[  421.354641][ T9130]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  421.354687][ T9130]  do_filp_open+0x1fa/0x410
[  421.354707][ T9130]  ? __pfx_do_filp_open+0x10/0x10
[  421.354742][ T9130]  ? _raw_spin_unlock+0x28/0x50
[  421.354756][ T9130]  ? alloc_fd+0x64c/0x6c0
[  421.354786][ T9130]  do_sys_openat2+0x121/0x1c0
[  421.354805][ T9130]  ? __pfx_do_sys_openat2+0x10/0x10
[  421.354824][ T9130]  ? irqentry_exit+0x74/0x90
[  421.354847][ T9130]  __x64_sys_openat+0x138/0x170
[  421.354868][ T9130]  do_syscall_64+0xf6/0x210
[  421.354887][ T9130]  ? asm_sysvec_call_function_single+0x1a/0x20
[  421.354901][ T9130]  ? clear_bhb_loop+0x60/0xb0
[  421.354924][ T9130]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  421.354938][ T9130] RIP: 0033:0x7f09e638d2d0
[  421.354952][ T9130] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44
[  421.354965][ T9130] RSP: 002b:00007f09e72b6f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  421.354980][ T9130] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f09e638d2d0
[  421.354991][ T9130] RDX: 0000000000000002 RSI: 00007f09e72b6fa0 RDI: 00000000ffffff9c
[  421.355000][ T9130] RBP: 00007f09e72b6fa0 R08: 0000000000000000 R09: 0000000000000000
[  421.355009][ T9130] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  421.355017][ T9130] R13: 0000000000000000 R14: 00007f09e65b6080 R15: 00007fff6be26218
[  421.355039][ T9130]  </TASK>
[  421.822971][ T5939] usb 3-1: device descriptor read/64, error -71
[  422.028684][ T5939] usb usb3-port1: attempt power cycle
[  423.131246][   T30] kauditd_printk_skb: 10 callbacks suppressed
[  423.131297][   T30] audit: type=1326 audit(1747104483.918:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9139 comm="syz.2.869" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33bbb8e969 code=0x7ffc0000
[  423.295567][   T30] audit: type=1326 audit(1747104483.929:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9139 comm="syz.2.869" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33bbb8e969 code=0x7ffc0000
[  423.325043][   T30] audit: type=1326 audit(1747104483.940:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9139 comm="syz.2.869" exe="/root/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f33bbb8e969 code=0x7ffc0000
[  423.382881][ T9143] netlink: 4 bytes leftover after parsing attributes in process `syz.0.870'.
[  423.401299][ T9143] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(9)
[  423.407853][ T9143] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  423.415642][ T9143] vhci_hcd vhci_hcd.0: Device attached
[  423.425305][ T9143] netlink: 8 bytes leftover after parsing attributes in process `syz.0.870'.
[  423.449834][   T30] audit: type=1326 audit(1747104483.961:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9139 comm="syz.2.869" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33bbb8e969 code=0x7ffc0000
[  423.456262][ T9146] netlink: 60 bytes leftover after parsing attributes in process `syz.2.873'.
[  423.524068][ T9144] vhci_hcd: connection closed
[  423.525976][   T30] audit: type=1326 audit(1747104483.972:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9139 comm="syz.2.869" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33bbb8e969 code=0x7ffc0000
[  423.526024][ T8762] vhci_hcd: stop threads
[  423.530935][   T30] audit: type=1326 audit(1747104483.983:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9139 comm="syz.2.869" exe="/root/syz-executor" sig=0 arch=c000003e syscall=195 compat=0 ip=0x7f33bbb8e969 code=0x7ffc0000
[  423.530985][   T30] audit: type=1326 audit(1747104484.058:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9139 comm="syz.2.869" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33bbb8e969 code=0x7ffc0000
[  423.531030][   T30] audit: type=1326 audit(1747104484.058:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9139 comm="syz.2.869" exe="/root/syz-executor" sig=0 arch=c000003e syscall=50 compat=0 ip=0x7f33bbb8e969 code=0x7ffc0000
[  423.531073][   T30] audit: type=1326 audit(1747104484.058:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9139 comm="syz.2.869" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33bbb8e969 code=0x7ffc0000
[  423.531118][   T30] audit: type=1326 audit(1747104484.058:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9139 comm="syz.2.869" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f33bbb8e969 code=0x7ffc0000
[  423.670412][   T50] vhci_hcd: vhci_device speed not set
[  423.677969][ T8762] vhci_hcd: release socket
[  423.685244][ T8762] vhci_hcd: disconnect device
[  423.724321][   T50] usb 33-1: new full-speed USB device number 3 using vhci_hcd
[  423.732074][   T50] usb 33-1: enqueue for inactive port 0
[  423.811809][   T50] vhci_hcd: vhci_device speed not set
[  424.060550][ T5869] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  424.284307][ T5869] usb 3-1: Using ep0 maxpacket: 16
[  424.411021][ T5869] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0
[  425.159754][ T5869] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 0
[  425.186539][ T5869] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 255
[  425.213682][ T5869] usb 3-1: New USB device found, idVendor=04d8, idProduct=0a30, bcdDevice=ce.47
[  425.234973][ T5869] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  425.247616][ T5869] usb 3-1: Product: syz
[  425.257035][ T5869] usb 3-1: Manufacturer: syz
[  425.348121][ T5869] usb 3-1: SerialNumber: syz
[  425.358518][ T5869] usb 3-1: config 0 descriptor??
[  425.371905][ T9158] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  426.440829][ T5869] mcba_usb 3-1:0.0 can0: failed tx_urb -90
[  426.465795][ T5869] mcba_usb 3-1:0.0 can0: Failed to send cmd (169)
[  426.482615][ T5869] mcba_usb 3-1:0.0 can0: failed tx_urb -90
[  426.503989][ T5869] mcba_usb 3-1:0.0 can0: Failed to send cmd (169)
[  426.520934][ T5869] mcba_usb 3-1:0.0: Microchip CAN BUS Analyzer connected
[  426.945298][ T5869] usb 3-1: USB disconnect, device number 15
[  426.988808][ T5869] mcba_usb 3-1:0.0 can0: device disconnected
[  429.140071][ T9202] netlink: 4 bytes leftover after parsing attributes in process `syz.4.887'.
[  429.161538][ T9202] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(9)
[  429.168090][ T9202] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  429.175686][ T9202] vhci_hcd vhci_hcd.0: Device attached
[  429.206018][ T9202] netlink: 8 bytes leftover after parsing attributes in process `syz.4.887'.
[  429.252813][ T9203] vhci_hcd: connection closed
[  429.253435][   T53] vhci_hcd: stop threads
[  429.263577][   T53] vhci_hcd: release socket
[  429.283620][   T53] vhci_hcd: disconnect device
[  430.746944][ T9224] overlayfs: overlapping lowerdir path
[  432.764110][ T9253] netlink: 4 bytes leftover after parsing attributes in process `syz.4.899'.
[  433.231541][ T5869] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  433.313056][    C1] raw-gadget.0 gadget.3: ignoring, device is not running
[  433.446282][ T5869] usb 4-1: device descriptor read/64, error -32
[  433.517721][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  433.524176][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  433.593322][ T9252] netlink: 8 bytes leftover after parsing attributes in process `syz.4.899'.
[  433.697858][ T9257] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(10)
[  433.704530][ T9257] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  433.719940][ T9259] vhci_hcd: connection closed
[  433.721102][ T9257] vhci_hcd vhci_hcd.0: Device attached
[  433.752814][ T6283] vhci_hcd: stop threads
[  433.767098][ T6283] vhci_hcd: release socket
[  433.771595][ T6283] vhci_hcd: disconnect device
[  433.806198][ T5869] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  434.741620][ T5869] usb 4-1: Using ep0 maxpacket: 8
[  434.772824][ T5869] usb 4-1: config index 0 descriptor too short (expected 301, got 45)
[  434.877698][ T5869] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  434.915223][ T5869] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  434.933579][ T5869] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  434.972037][ T5869] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  435.010071][ T5869] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  435.023498][ T5869] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  435.867029][ T5869] usb 4-1: GET_CAPABILITIES returned 0
[  435.881737][ T5869] usbtmc 4-1:16.0: can't read capabilities
[  435.988488][ T5869] usb 4-1: USB disconnect, device number 12
[  436.559135][   T24] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  436.668297][ T9290] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  436.681942][ T9290] xt_limit: Overflow, try lower: 687996928/40
[  436.691938][ T9290] netlink: 292 bytes leftover after parsing attributes in process `syz.1.907'.
[  436.718371][   T24] usb 3-1: Using ep0 maxpacket: 8
[  436.781237][   T24] usb 3-1: config index 0 descriptor too short (expected 301, got 45)
[  436.850491][   T24] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  437.368904][ T9292] FAULT_INJECTION: forcing a failure.
[  437.368904][ T9292] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  437.470863][ T9292] CPU: 0 UID: 0 PID: 9292 Comm: syz.3.909 Not tainted 6.15.0-rc6-syzkaller-00025-g627277ba7c23 #0 PREEMPT(full) 
[  437.470893][ T9292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  437.470906][ T9292] Call Trace:
[  437.470914][ T9292]  <TASK>
[  437.470922][ T9292]  dump_stack_lvl+0x189/0x250
[  437.470957][ T9292]  ? __pfx_dump_stack_lvl+0x10/0x10
[  437.470985][ T9292]  ? __pfx__printk+0x10/0x10
[  437.471030][ T9292]  should_fail_ex+0x414/0x560
[  437.471056][ T9292]  _copy_to_user+0x31/0xb0
[  437.471086][ T9292]  llc_ui_getsockopt+0x451/0x500
[  437.471114][ T9292]  ? __pfx_llc_ui_getsockopt+0x10/0x10
[  437.471149][ T9292]  do_sock_getsockopt+0x360/0x650
[  437.471179][ T9292]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  437.471204][ T9292]  ? do_syscall_64+0x40/0x210
[  437.471236][ T9292]  ? __fget_files+0x2a/0x420
[  437.471253][ T9292]  ? __fget_files+0x3a0/0x420
[  437.471270][ T9292]  ? __fget_files+0x2a/0x420
[  437.471296][ T9292]  __x64_sys_getsockopt+0x1a5/0x250
[  437.471321][ T9292]  ? do_syscall_64+0x40/0x210
[  437.471347][ T9292]  ? do_syscall_64+0x40/0x210
[  437.471375][ T9292]  do_syscall_64+0xf6/0x210
[  437.471401][ T9292]  ? clear_bhb_loop+0x60/0xb0
[  437.471426][ T9292]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  437.471445][ T9292] RIP: 0033:0x7fdaee98e969
[  437.471462][ T9292] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  437.471480][ T9292] RSP: 002b:00007fdaef7d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  437.471501][ T9292] RAX: ffffffffffffffda RBX: 00007fdaeebb5fa0 RCX: 00007fdaee98e969
[  437.471517][ T9292] RDX: 0000000000000009 RSI: 000000000000010c RDI: 0000000000000005
[  437.471528][ T9292] RBP: 00007fdaef7d5090 R08: 0000200000000340 R09: 0000000000000000
[  437.471541][ T9292] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000001
[  437.471553][ T9292] R13: 0000000000000000 R14: 00007fdaeebb5fa0 R15: 00007ffe9f1c3268
[  437.471604][ T9292]  </TASK>
[  437.513913][   T24] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  437.820985][ T9302] FAULT_INJECTION: forcing a failure.
[  437.820985][ T9302] name failslab, interval 1, probability 0, space 0, times 0
[  437.834104][ T9302] CPU: 0 UID: 0 PID: 9302 Comm: syz.3.913 Not tainted 6.15.0-rc6-syzkaller-00025-g627277ba7c23 #0 PREEMPT(full) 
[  437.834133][ T9302] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  437.834146][ T9302] Call Trace:
[  437.834154][ T9302]  <TASK>
[  437.834163][ T9302]  dump_stack_lvl+0x189/0x250
[  437.834208][ T9302]  ? __pfx_dump_stack_lvl+0x10/0x10
[  437.834236][ T9302]  ? __pfx__printk+0x10/0x10
[  437.834274][ T9302]  ? __pfx___might_resched+0x10/0x10
[  437.834306][ T9302]  ? fs_reclaim_acquire+0x7d/0x100
[  437.834334][ T9302]  should_fail_ex+0x414/0x560
[  437.834361][ T9302]  should_failslab+0xa8/0x100
[  437.834383][ T9302]  __kmalloc_cache_noprof+0x70/0x3d0
[  437.834414][ T9302]  ? drm_mode_page_flip_ioctl+0xafd/0x11d0
[  437.834451][ T9302]  drm_mode_page_flip_ioctl+0xafd/0x11d0
[  437.834506][ T9302]  ? __pfx_drm_mode_page_flip_ioctl+0x10/0x10
[  437.834561][ T9302]  ? __pfx_drm_mode_page_flip_ioctl+0x10/0x10
[  437.834591][ T9302]  ? drm_ioctl_kernel+0x2ac/0x390
[  437.834626][ T9302]  drm_ioctl_kernel+0x2cc/0x390
[  437.834654][ T9302]  ? __pfx_drm_mode_page_flip_ioctl+0x10/0x10
[  437.834683][ T9302]  ? __pfx_drm_ioctl_kernel+0x10/0x10
[  437.834722][ T9302]  drm_ioctl+0x67f/0xb10
[  437.834754][ T9302]  ? __pfx_drm_mode_page_flip_ioctl+0x10/0x10
[  437.834789][ T9302]  ? __pfx_drm_ioctl+0x10/0x10
[  437.834831][ T9302]  ? __fget_files+0x3a0/0x420
[  437.834850][ T9302]  ? __fget_files+0x2a/0x420
[  437.834874][ T9302]  ? bpf_lsm_file_ioctl+0x9/0x20
[  437.834900][ T9302]  ? __pfx_drm_ioctl+0x10/0x10
[  437.834926][ T9302]  __se_sys_ioctl+0xf9/0x170
[  437.834955][ T9302]  do_syscall_64+0xf6/0x210
[  437.834983][ T9302]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  437.835003][ T9302]  ? clear_bhb_loop+0x60/0xb0
[  437.835029][ T9302]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  437.835049][ T9302] RIP: 0033:0x7fdaee98e969
[  437.835068][ T9302] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  437.835085][ T9302] RSP: 002b:00007fdaef7b4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  437.835107][ T9302] RAX: ffffffffffffffda RBX: 00007fdaeebb6080 RCX: 00007fdaee98e969
[  437.835122][ T9302] RDX: 0000200000000000 RSI: 00000000c01864b0 RDI: 0000000000000006
[  437.835136][ T9302] RBP: 00007fdaef7b4090 R08: 0000000000000000 R09: 0000000000000000
[  437.835149][ T9302] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  437.835162][ T9302] R13: 0000000000000000 R14: 00007fdaeebb6080 R15: 00007ffe9f1c3268
[  437.835201][ T9302]  </TASK>
[  438.610201][   T24] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  438.622457][   T24] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  438.685136][   T24] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  438.694808][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  438.945556][   T24] usb 3-1: usb_control_msg returned -71
[  438.981092][   T24] usbtmc 3-1:16.0: can't read capabilities
[  440.433850][   T24] usb 3-1: USB disconnect, device number 16
[  440.590730][ T9319] netlink: 4 bytes leftover after parsing attributes in process `syz.2.916'.
[  440.688455][ T9320] netlink: 8 bytes leftover after parsing attributes in process `syz.2.916'.
[  440.996902][ T9319] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8)
[  441.003487][ T9319] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  441.089751][ T9319] vhci_hcd vhci_hcd.0: Device attached
[  441.118645][ T9321] vhci_hcd: connection closed
[  441.145815][ T1156] vhci_hcd: stop threads
[  441.167997][ T1156] vhci_hcd: release socket
[  441.172583][ T1156] vhci_hcd: disconnect device
[  442.646286][ T9337] netlink: 292 bytes leftover after parsing attributes in process `syz.3.922'.
[  445.717844][ T9384] netlink: 4 bytes leftover after parsing attributes in process `syz.4.933'.
[  445.927264][ T9384] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(8)
[  445.933844][ T9384] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  445.949512][ T9384] vhci_hcd vhci_hcd.0: Device attached
[  445.951225][ T9379] netlink: 8 bytes leftover after parsing attributes in process `syz.4.933'.
[  445.973741][ T9386] vhci_hcd: connection closed
[  445.977595][   T53] vhci_hcd: stop threads
[  445.989933][   T53] vhci_hcd: release socket
[  446.000294][   T53] vhci_hcd: disconnect device
[  446.084651][ T9389] netlink: 292 bytes leftover after parsing attributes in process `syz.2.935'.
[  446.550808][ T9399] netlink: 20 bytes leftover after parsing attributes in process `syz.1.938'.
[  448.883991][ T9402] random: crng reseeded on system resumption
[  450.666051][ T9415] bridge0: port 1(veth0_to_bridge) entered blocking state
[  450.677107][ T9415] bridge0: port 1(veth0_to_bridge) entered disabled state
[  450.688978][ T9415] veth0_to_bridge: entered allmulticast mode
[  450.730293][ T9415] veth0_to_bridge: entered promiscuous mode
[  451.771272][ T3077] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  451.955685][ T3077] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  452.007059][ T3077] usb 1-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[  452.035371][ T3077] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  452.066251][ T3077] usb 1-1: config 0 descriptor??
[  452.661617][ T9436] netlink: 16 bytes leftover after parsing attributes in process `syz.4.949'.
[  453.027258][ T3077] lg-g15 0003:046D:C222.0007: item fetching failed at offset 3/7
[  453.045023][ T3077] lg-g15 0003:046D:C222.0007: probe with driver lg-g15 failed with error -22
[  453.417453][ T3077] usb 1-1: USB disconnect, device number 13
[  455.475801][ T9461] input: syz1 as /devices/virtual/input/input19
[  461.442583][ T9487] lo speed is unknown, defaulting to 1000
[  461.450952][ T9487] lo speed is unknown, defaulting to 1000
[  461.459529][ T9487] lo speed is unknown, defaulting to 1000
[  461.469951][ T9487] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  461.486268][ T9487] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  461.516150][ T9487] lo speed is unknown, defaulting to 1000
[  461.525027][ T9487] lo speed is unknown, defaulting to 1000
[  461.534394][ T9487] lo speed is unknown, defaulting to 1000
[  461.541519][ T9487] lo speed is unknown, defaulting to 1000
[  461.548602][ T9487] lo speed is unknown, defaulting to 1000
[  462.716578][ T9492] new mount options do not match the existing superblock, will be ignored
[  462.725987][ T9492] cgroup: option or name mismatch, new: 0x4 "", old: 0x0 ""
[  463.249139][ T9498] netlink: 'syz.0.964': attribute type 2 has an invalid length.
[  463.263951][ T9498] : entered promiscuous mode
[  464.359091][ T9513] netlink: 'syz.3.969': attribute type 2 has an invalid length.
[  464.407130][ T9513] : entered promiscuous mode
[  466.002978][ T9531] (unnamed net_device) (uninitialized): (slave bond_slave_1): Device is not bonding slave
[  466.087122][ T9531] (unnamed net_device) (uninitialized): option active_slave: invalid value (bond_slave_1)
[  466.362112][ T5871] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  466.583394][ T5871] usb 1-1: unable to get BOS descriptor or descriptor too short
[  467.210940][ T9542] new mount options do not match the existing superblock, will be ignored
[  467.242348][ T9542] cgroup: option or name mismatch, new: 0x4 "", old: 0x0 ""
[  467.395539][ T5871] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2
[  467.400899][ T9541] workqueue: Failed to create a rescuer kthread for wq "bond5": -EINTR
[  467.532438][ T5871] usb 1-1: config 1 interface 0 altsetting 247 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  467.592204][ T5871] usb 1-1: config 1 interface 0 has no altsetting 1
[  467.630333][ T5871] usb 1-1: New USB device found, idVendor=2040, idProduct=b990, bcdDevice=f6.75
[  467.648581][ T5871] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  467.829077][ T5871] usb 1-1: Product: syz
[  467.842713][ T5871] usb 1-1: Manufacturer: syz
[  468.459798][ T5871] usb 1-1: SerialNumber: syz
[  468.495351][ T5871] smsusb:smsusb_probe: board id=8, interface number 0
[  468.686998][ T5871] smsusb:smsusb_probe: Device initialized with return code -19
[  468.876410][ T9531] tipc: Started in network mode
[  468.945627][ T9531] tipc: Node identity , cluster identity 4711
[  469.162395][ T9531] tipc: Failed to set node id, please configure manually
[  469.563002][ T9531] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  469.591382][ T5871] usb 1-1: USB disconnect, device number 14
[  473.531485][ T9603] FAULT_INJECTION: forcing a failure.
[  473.531485][ T9603] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  473.544764][ T9603] CPU: 1 UID: 0 PID: 9603 Comm: syz.4.987 Not tainted 6.15.0-rc6-syzkaller-00025-g627277ba7c23 #0 PREEMPT(full) 
[  473.544792][ T9603] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  473.544805][ T9603] Call Trace:
[  473.544814][ T9603]  <TASK>
[  473.544823][ T9603]  dump_stack_lvl+0x189/0x250
[  473.544854][ T9603]  ? __lock_acquire+0xaac/0xd20
[  473.544885][ T9603]  ? __pfx_dump_stack_lvl+0x10/0x10
[  473.544912][ T9603]  ? __pfx__printk+0x10/0x10
[  473.544944][ T9603]  ? __might_fault+0xb0/0x130
[  473.544988][ T9603]  should_fail_ex+0x414/0x560
[  473.545014][ T9603]  _copy_from_iter+0x1db/0x15a0
[  473.545048][ T9603]  ? trace_kmem_cache_alloc+0x1f/0xc0
[  473.545077][ T9603]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  473.545110][ T9603]  ? __pfx__copy_from_iter+0x10/0x10
[  473.545137][ T9603]  ? __build_skb_around+0x257/0x3e0
[  473.545166][ T9603]  ? netlink_sendmsg+0x642/0xb30
[  473.545195][ T9603]  ? skb_put+0x11b/0x210
[  473.545224][ T9603]  netlink_sendmsg+0x6b2/0xb30
[  473.545246][ T9603]  ? is_bpf_text_address+0x26/0x2b0
[  473.545283][ T9603]  ? __pfx_netlink_sendmsg+0x10/0x10
[  473.545316][ T9603]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  473.545339][ T9603]  ? __pfx_netlink_sendmsg+0x10/0x10
[  473.545364][ T9603]  __sock_sendmsg+0x21c/0x270
[  473.545387][ T9603]  ____sys_sendmsg+0x505/0x830
[  473.545421][ T9603]  ? __pfx_____sys_sendmsg+0x10/0x10
[  473.545459][ T9603]  ? import_iovec+0x74/0xa0
[  473.545490][ T9603]  ___sys_sendmsg+0x21f/0x2a0
[  473.545520][ T9603]  ? __pfx____sys_sendmsg+0x10/0x10
[  473.545586][ T9603]  ? __fget_files+0x2a/0x420
[  473.545605][ T9603]  ? __fget_files+0x3a0/0x420
[  473.545635][ T9603]  __x64_sys_sendmsg+0x19b/0x260
[  473.545666][ T9603]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  473.545712][ T9603]  ? do_syscall_64+0xba/0x210
[  473.545743][ T9603]  do_syscall_64+0xf6/0x210
[  473.545770][ T9603]  ? clear_bhb_loop+0x60/0xb0
[  473.545795][ T9603]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  473.545815][ T9603] RIP: 0033:0x7f689878e969
[  473.545835][ T9603] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  473.545852][ T9603] RSP: 002b:00007f68995ef038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  473.545874][ T9603] RAX: ffffffffffffffda RBX: 00007f68989b6160 RCX: 00007f689878e969
[  473.545889][ T9603] RDX: 0000000004008000 RSI: 0000200000000080 RDI: 0000000000000006
[  473.545902][ T9603] RBP: 00007f68995ef090 R08: 0000000000000000 R09: 0000000000000000
[  473.545915][ T9603] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  473.545928][ T9603] R13: 0000000000000000 R14: 00007f68989b6160 R15: 00007ffe21c4a0d8
[  473.545960][ T9603]  </TASK>
[  474.769490][ T5939] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  475.194696][ T5939] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  475.206655][ T5939] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  475.220202][ T5939] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  475.247217][ T5939] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  475.271797][ T5939] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  475.438338][ T5818] Bluetooth: hci1: unexpected event for opcode 0x0c05
[  475.465112][ T9614] random: crng reseeded on system resumption
[  476.553395][ T9620] new mount options do not match the existing superblock, will be ignored
[  476.575658][ T9620] cgroup: option or name mismatch, new: 0x4 "", old: 0x0 ""
[  477.189992][ T9619] workqueue: Failed to create a rescuer kthread for wq "bond7": -EINTR
[  477.200307][ T5939] usb 4-1: config 0 descriptor??
[  477.407283][ T5939] usb 4-1: can't set config #0, error -71
[  477.629151][ T5939] usb 4-1: USB disconnect, device number 13
[  479.626860][ T9632] workqueue: Failed to create a rescuer kthread for wq "ceph-watch-notify": -EINTR
[  479.995031][ T9635] 9pnet_fd: Insufficient options for proto=fd
[  480.251967][ T9635] netlink: 52 bytes leftover after parsing attributes in process `syz.0.992'.
[  480.785146][   T24] usb 1-1: new full-speed USB device number 15 using dummy_hcd
[  480.950161][   T24] usb 1-1: config 128 has an invalid interface number: 147 but max is 0
[  481.055197][   T24] usb 1-1: config 128 has no interface number 0
[  481.061581][   T24] usb 1-1: config 128 interface 147 has no altsetting 0
[  481.107580][   T24] usb 1-1: New USB device found, idVendor=0af0, idProduct=d033, bcdDevice=13.dc
[  481.169883][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  481.246866][   T24] usb 1-1: Product: syz
[  481.287200][   T24] usb 1-1: Manufacturer: syz
[  481.748967][   T24] usb 1-1: SerialNumber: syz
[  482.505404][   T24] usb 1-1: USB disconnect, device number 15
[  484.397252][ T5128] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  484.438847][ T5128] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  484.466243][ T5128] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  484.549226][ T5128] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  484.559887][ T5128] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  485.167613][ T9679] lo speed is unknown, defaulting to 1000
[  485.494834][ T9684] ALSA: mixer_oss: invalid OSS volume ''
[  485.940311][ T9701] FAULT_INJECTION: forcing a failure.
[  485.940311][ T9701] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  485.981842][ T9701] CPU: 0 UID: 0 PID: 9701 Comm: syz.3.1006 Not tainted 6.15.0-rc6-syzkaller-00025-g627277ba7c23 #0 PREEMPT(full) 
[  485.981865][ T9701] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  485.981874][ T9701] Call Trace:
[  485.981881][ T9701]  <TASK>
[  485.981887][ T9701]  dump_stack_lvl+0x189/0x250
[  485.981923][ T9701]  ? __pfx_dump_stack_lvl+0x10/0x10
[  485.981943][ T9701]  ? __pfx__printk+0x10/0x10
[  485.981975][ T9701]  should_fail_ex+0x414/0x560
[  485.981994][ T9701]  _copy_to_user+0x31/0xb0
[  485.982016][ T9701]  simple_read_from_buffer+0xe1/0x170
[  485.982042][ T9701]  proc_fail_nth_read+0x1df/0x250
[  485.982060][ T9701]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  485.982078][ T9701]  ? rw_verify_area+0x258/0x650
[  485.982097][ T9701]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  485.982112][ T9701]  vfs_read+0x200/0x980
[  485.982136][ T9701]  ? __pfx___mutex_lock+0x10/0x10
[  485.982157][ T9701]  ? __pfx_vfs_read+0x10/0x10
[  485.982178][ T9701]  ? __fget_files+0x2a/0x420
[  485.982194][ T9701]  ? __fget_files+0x3a0/0x420
[  485.982207][ T9701]  ? __fget_files+0x2a/0x420
[  485.982227][ T9701]  ksys_read+0x145/0x250
[  485.982245][ T9701]  ? __fget_files+0x2a/0x420
[  485.982259][ T9701]  ? __pfx_ksys_read+0x10/0x10
[  485.982281][ T9701]  ? do_syscall_64+0xba/0x210
[  485.982303][ T9701]  do_syscall_64+0xf6/0x210
[  485.982321][ T9701]  ? clear_bhb_loop+0x60/0xb0
[  485.982339][ T9701]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  485.982353][ T9701] RIP: 0033:0x7fdaee98d37c
[  485.982366][ T9701] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  485.982378][ T9701] RSP: 002b:00007fdaef7d5030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  485.982394][ T9701] RAX: ffffffffffffffda RBX: 00007fdaeebb5fa0 RCX: 00007fdaee98d37c
[  485.982405][ T9701] RDX: 000000000000000f RSI: 00007fdaef7d50a0 RDI: 0000000000000003
[  485.982414][ T9701] RBP: 00007fdaef7d5090 R08: 0000000000000000 R09: 0000000000000000
[  485.982423][ T9701] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  485.982431][ T9701] R13: 0000000000000000 R14: 00007fdaeebb5fa0 R15: 00007ffe9f1c3268
[  485.982454][ T9701]  </TASK>
[  486.503417][ T5128] Bluetooth: hci5: command tx timeout
[  487.486762][ T9712] netlink: 64 bytes leftover after parsing attributes in process `syz.0.1009'.
[  487.585640][   T53] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  487.636597][ T9711] @: renamed from vlan0 (while UP)
[  488.502319][ T5128] Bluetooth: hci5: command tx timeout
[  488.859219][ T3077] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  488.946530][   T53] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  489.039250][ T3077] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  489.051810][ T3077] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  489.081973][ T3077] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  489.094620][ T3077] usb 1-1: config 0 descriptor??
[  489.104266][ T3077] usbhid 1-1:0.0: can't add hid device: -22
[  489.115864][ T3077] usbhid 1-1:0.0: probe with driver usbhid failed with error -22
[  489.152733][   T53] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  489.276112][ T9679] chnl_net:caif_netlink_parms(): no params data found
[  489.297041][ T9723] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  489.307020][ T9723] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  489.339674][ T3077] usb 1-1: USB disconnect, device number 16
[  489.377574][ T9737] new mount options do not match the existing superblock, will be ignored
[  489.387234][ T9737] cgroup: option or name mismatch, new: 0x4 "", old: 0x0 ""
[  489.402822][   T53] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  489.558228][ T9732] workqueue: Failed to create a rescuer kthread for wq "bond5": -EINTR
[  490.454094][ T5128] Bluetooth: hci5: command tx timeout
[  490.795645][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  490.802334][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  490.972056][ T9679] bridge0: port 1(bridge_slave_0) entered blocking state
[  491.000560][ T9679] bridge0: port 1(bridge_slave_0) entered disabled state
[  491.008124][ T9679] bridge_slave_0: entered allmulticast mode
[  491.036818][ T9679] bridge_slave_0: entered promiscuous mode
[  491.054121][ T9679] bridge0: port 2(bridge_slave_1) entered blocking state
[  491.127010][ T9679] bridge0: port 2(bridge_slave_1) entered disabled state
[  491.181028][ T9679] bridge_slave_1: entered allmulticast mode
[  491.207554][ T9679] bridge_slave_1: entered promiscuous mode
[  491.333033][ T9758] dlm: no local IP address has been set
[  491.361784][ T9758] dlm: cannot start dlm midcomms -107
[  491.383875][ T9679] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  491.416298][ T9760] dlm: no local IP address has been set
[  491.450745][ T9760] dlm: cannot start dlm midcomms -107
[  491.470232][ T9679] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  491.612728][ T9767] FAULT_INJECTION: forcing a failure.
[  491.612728][ T9767] name failslab, interval 1, probability 0, space 0, times 0
[  491.625524][ T9767] CPU: 1 UID: 0 PID: 9767 Comm: syz.0.1020 Not tainted 6.15.0-rc6-syzkaller-00025-g627277ba7c23 #0 PREEMPT(full) 
[  491.625552][ T9767] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  491.625565][ T9767] Call Trace:
[  491.625574][ T9767]  <TASK>
[  491.625583][ T9767]  dump_stack_lvl+0x189/0x250
[  491.625619][ T9767]  ? __pfx_dump_stack_lvl+0x10/0x10
[  491.625647][ T9767]  ? __pfx__printk+0x10/0x10
[  491.625685][ T9767]  ? __pfx___might_resched+0x10/0x10
[  491.625716][ T9767]  ? fs_reclaim_acquire+0x7d/0x100
[  491.625744][ T9767]  should_fail_ex+0x414/0x560
[  491.625771][ T9767]  should_failslab+0xa8/0x100
[  491.625793][ T9767]  __kmalloc_cache_noprof+0x70/0x3d0
[  491.625824][ T9767]  ? io_uring_alloc_task_context+0xa6/0x590
[  491.625862][ T9767]  io_uring_alloc_task_context+0xa6/0x590
[  491.625892][ T9767]  ? finish_task_switch+0x18b/0x950
[  491.625920][ T9767]  ? __pfx_io_uring_alloc_task_context+0x10/0x10
[  491.625951][ T9767]  ? __lock_acquire+0xaac/0xd20
[  491.625993][ T9767]  __io_uring_add_tctx_node+0x33e/0x4e0
[  491.626029][ T9767]  ? __pfx___io_uring_add_tctx_node+0x10/0x10
[  491.626057][ T9767]  ? __fget_files+0x2a/0x420
[  491.626079][ T9767]  ? __fget_files+0x2a/0x420
[  491.626102][ T9767]  __io_uring_add_tctx_node_from_submit+0x91/0x120
[  491.626136][ T9767]  __se_sys_io_uring_enter+0x2505/0x2b20
[  491.626175][ T9767]  ? preempt_schedule_irq+0xb5/0x150
[  491.626205][ T9767]  ? __pfx___schedule+0x10/0x10
[  491.626231][ T9767]  ? ksys_write+0x1cb/0x250
[  491.626263][ T9767]  ? __pfx___se_sys_io_uring_enter+0x10/0x10
[  491.626301][ T9767]  ? rcu_is_watching+0x15/0xb0
[  491.626332][ T9767]  ? trace_irq_disable+0x37/0x110
[  491.626355][ T9767]  ? preempt_schedule_irq+0xde/0x150
[  491.626384][ T9767]  ? __pfx_preempt_schedule_irq+0x10/0x10
[  491.626415][ T9767]  ? irqentry_exit+0x74/0x90
[  491.626438][ T9767]  ? lockdep_hardirqs_on+0x9c/0x150
[  491.626476][ T9767]  ? __x64_sys_io_uring_enter+0x21/0xf0
[  491.626511][ T9767]  do_syscall_64+0xf6/0x210
[  491.626538][ T9767]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  491.626558][ T9767]  ? clear_bhb_loop+0x60/0xb0
[  491.626583][ T9767]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  491.626604][ T9767] RIP: 0033:0x7efe4218e969
[  491.626622][ T9767] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  491.626640][ T9767] RSP: 002b:00007efe3fdf6038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  491.626661][ T9767] RAX: ffffffffffffffda RBX: 00007efe423b6160 RCX: 00007efe4218e969
[  491.626676][ T9767] RDX: 0000000000000002 RSI: 0000000000004d10 RDI: 0000000000000004
[  491.626689][ T9767] RBP: 00007efe3fdf6090 R08: 0000000000000000 R09: 0000000000000000
[  491.626702][ T9767] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  491.626714][ T9767] R13: 0000000000000000 R14: 00007efe423b6160 R15: 00007fffa64085f8
[  491.626747][ T9767]  </TASK>
[  491.927820][   T53] veth0_to_bridge: left allmulticast mode
[  491.939936][   T53] veth0_to_bridge: left promiscuous mode
[  491.964854][   T53] bridge0: port 1(veth0_to_bridge) entered disabled state
[  492.397811][ T5128] Bluetooth: hci5: command tx timeout
[  493.377019][   T59] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  493.790805][   T59] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  493.815195][   T59] usb 3-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[  493.839673][   T59] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  493.880518][   T59] usb 3-1: config 0 descriptor??
[  493.971482][ T9788] xt_CT: You must specify a L4 protocol and not use inversions on it
[  494.276459][   T59] usbhid 3-1:0.0: can't add hid device: -71
[  494.315686][   T59] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  592.202556][    C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  592.209563][    C1] rcu: 	0-...!: (1 GPs behind) idle=5c0c/1/0x4000000000000000 softirq=43014/43020 fqs=1
[  592.220187][    C1] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P9795/1:b..l
[  592.228129][    C1] rcu: 	(detected by 1, t=10505 jiffies, g=35813, q=263 ncpus=2)
[  592.235878][    C1] Sending NMI from CPU 1 to CPUs 0:
[  592.235915][    C0] NMI backtrace for cpu 0
[  592.235931][    C0] CPU: 0 UID: 0 PID: 9794 Comm: dhcpcd-run-hook Not tainted 6.15.0-rc6-syzkaller-00025-g627277ba7c23 #0 PREEMPT(full) 
[  592.235953][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  592.235964][    C0] RIP: 0010:check_preemption_disabled+0x40/0x120
[  592.235996][    C0] Code: 08 65 8b 05 56 0e 23 07 65 8b 0d 4b 0e 23 07 f7 c1 ff ff ff 7f 74 23 65 48 8b 0d 2b 0e 23 07 48 3b 4c 24 08 0f 85 cc 00 00 00 <48> 83 c4 10 5b 41 5e 41 5f 5d e9 51 b5 02 00 cc 48 c7 04 24 00 00
[  592.236012][    C0] RSP: 0018:ffffc90000007ba0 EFLAGS: 00000046
[  592.236027][    C0] RAX: 0000000000000000 RBX: ffff888020eae2e8 RCX: f298700ec90b5600
[  592.236039][    C0] RDX: 0000000000010000 RSI: ffffffff8bc104c0 RDI: ffffffff8bc10480
[  592.236052][    C0] RBP: ffff8880289fa150 R08: ffff8880289fa087 R09: 1ffff1100513f410
[  592.236065][    C0] R10: dffffc0000000000 R11: ffffed100513f411 R12: ffff888020eae340
[  592.236079][    C0] R13: ffffffff8970ae9f R14: ffff888020eae300 R15: ffff8880243fc000
[  592.236092][    C0] FS:  0000000000000000(0000) GS:ffff8881260fb000(0000) knlGS:0000000000000000
[  592.236107][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  592.236118][    C0] CR2: 0000001b2f715ff8 CR3: 000000007a8f2000 CR4: 00000000003526f0
[  592.236134][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  592.236143][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  592.236154][    C0] Call Trace:
[  592.236163][    C0]  <IRQ>
[  592.236175][    C0]  rcu_is_watching+0x15/0xb0
[  592.236203][    C0]  lock_release+0x4b/0x3e0
[  592.236224][    C0]  ? taprio_set_budgets+0x375/0x3b0
[  592.236250][    C0]  _raw_spin_unlock+0x16/0x50
[  592.236267][    C0]  advance_sched+0x99f/0xc90
[  592.236296][    C0]  ? __pfx_advance_sched+0x10/0x10
[  592.236316][    C0]  __hrtimer_run_queues+0x529/0xc60
[  592.236350][    C0]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  592.236373][    C0]  ? read_tsc+0x9/0x20
[  592.236404][    C0]  hrtimer_interrupt+0x45b/0xaa0
[  592.236449][    C0]  __sysvec_apic_timer_interrupt+0x108/0x410
[  592.236472][    C0]  sysvec_apic_timer_interrupt+0xa1/0xc0
[  592.236492][    C0]  </IRQ>
[  592.236497][    C0]  <TASK>
[  592.236504][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  592.236523][    C0] RIP: 0010:finish_task_switch+0x26b/0x950
[  592.236545][    C0] Code: 0f 84 3c 01 00 00 48 85 db 0f 85 63 01 00 00 e9 27 05 00 00 4c 8b 75 d0 4c 89 e7 e8 ef a0 bf 09 e8 5a 65 35 00 fb 4c 8b 65 c0 <49> 8d bc 24 18 16 00 00 48 89 f8 48 c1 e8 03 42 0f b6 04 28 84 c0
[  592.236559][    C0] RSP: 0018:ffffc9001bf66f98 EFLAGS: 00000282
[  592.236574][    C0] RAX: f298700ec90b5600 RBX: 0000000000000000 RCX: f298700ec90b5600
[  592.236586][    C0] RDX: 0000000000000006 RSI: ffffffff8d7387c2 RDI: ffffffff8bc104e0
[  592.236597][    C0] RBP: ffffc9001bf66ff0 R08: ffffffff8f7dd277 R09: 1ffffffff1efba4e
[  592.236610][    C0] R10: dffffc0000000000 R11: fffffbfff1efba4f R12: ffff88802fe33c00
[  592.236623][    C0] R13: dffffc0000000000 R14: ffff88801db4da00 R15: ffff8880b883a558
[  592.236646][    C0]  ? finish_task_switch+0x266/0x950
[  592.236671][    C0]  __schedule+0x1697/0x4c70
[  592.236698][    C0]  ? preempt_schedule_irq+0xb5/0x150
[  592.236716][    C0]  ? rcu_is_watching+0x15/0xb0
[  592.236742][    C0]  ? __pfx___schedule+0x10/0x10
[  592.236758][    C0]  ? __schedule+0x16ad/0x4c70
[  592.236784][    C0]  ? preempt_schedule_irq+0xaa/0x150
[  592.236804][    C0]  preempt_schedule_irq+0xb5/0x150
[  592.236823][    C0]  ? __pfx_preempt_schedule_irq+0x10/0x10
[  592.236846][    C0]  ? rcu_irq_exit_check_preempt+0xdf/0x210
[  592.236872][    C0]  irqentry_exit+0x6f/0x90
[  592.236891][    C0]  asm_sysvec_reschedule_ipi+0x1a/0x20
[  592.236907][    C0] RIP: 0010:__sanitizer_cov_trace_pc+0x11/0x70
[  592.236926][    C0] Code: 5b e9 e3 3c 55 00 cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 8b 04 24 65 48 8b 0c 25 08 50 72 92 <65> 8b 15 78 5f b2 10 81 e2 00 01 ff 00 74 11 81 fa 00 01 00 00 75
[  592.236940][    C0] RSP: 0018:ffffc9001bf67380 EFLAGS: 00000246
[  592.236953][    C0] RAX: ffffffff82173569 RBX: ffffea00014f4c80 RCX: ffff88802fe33c00
[  592.236966][    C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  592.236976][    C0] RBP: 0000000000000000 R08: ffffea00014f4c87 R09: 1ffffd400029e990
[  592.236987][    C0] R10: dffffc0000000000 R11: fffff9400029e991 R12: dffffc0000000000
[  592.237000][    C0] R13: 1ffffd400029e991 R14: ffffea00014f4c88 R15: 1ffffd400029e990
[  592.237017][    C0]  ? free_swap_cache+0x109/0x300
[  592.237041][    C0]  free_swap_cache+0x109/0x300
[  592.237061][    C0]  free_pages_and_swap_cache+0x17a/0x520
[  592.237085][    C0]  ? __pfx_free_pages_and_swap_cache+0x10/0x10
[  592.237119][    C0]  ? __pfx_call_rcu+0x10/0x10
[  592.237143][    C0]  ? flush_tlb_mm_range+0xbf8/0x12b0
[  592.237174][    C0]  ? tlb_table_flush+0x36d/0x410
[  592.237198][    C0]  tlb_flush_mmu+0x3a0/0x680
[  592.237218][    C0]  ? __pfx_down_write+0x10/0x10
[  592.237242][    C0]  tlb_finish_mmu+0xc3/0x1d0
[  592.237263][    C0]  exit_mmap+0x474/0xba0
[  592.237280][    C0]  ? __pfx_exit_mmap+0x10/0x10
[  592.237295][    C0]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  592.237323][    C0]  ? __pfx_exit_aio+0x10/0x10
[  592.237351][    C0]  ? uprobe_clear_state+0x274/0x290
[  592.237368][    C0]  ? mm_update_next_owner+0xa7/0x870
[  592.237391][    C0]  __mmput+0x118/0x410
[  592.237417][    C0]  exec_mmap+0x680/0x7a0
[  592.237442][    C0]  ? generic_permission+0x2e5/0x690
[  592.237464][    C0]  ? __pfx_exec_mmap+0x10/0x10
[  592.237489][    C0]  begin_new_exec+0x129c/0x2120
[  592.237514][    C0]  ? __pfx_load_elf_phdrs+0x10/0x10
[  592.237545][    C0]  load_elf_binary+0x973/0x27b0
[  592.237577][    C0]  ? load_misc_binary+0x110/0xc40
[  592.237599][    C0]  ? load_elf_binary+0x891/0x27b0
[  592.237625][    C0]  ? __lock_acquire+0xaac/0xd20
[  592.237651][    C0]  ? __pfx_load_elf_binary+0x10/0x10
[  592.237685][    C0]  bprm_execve+0x999/0x1440
[  592.237715][    C0]  ? __pfx_bprm_execve+0x10/0x10
[  592.237742][    C0]  do_execveat_common+0x510/0x6a0
[  592.237771][    C0]  __x64_sys_execve+0x94/0xb0
[  592.237795][    C0]  do_syscall_64+0xf6/0x210
[  592.237816][    C0]  ? clear_bhb_loop+0x60/0xb0
[  592.237836][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  592.237852][    C0] RIP: 0033:0x7f2961161107
[  592.237875][    C0] Code: Unable to access opcode bytes at 0x7f29611610dd.
[  592.237884][    C0] RSP: 002b:00007ffd5a29b6a8 EFLAGS: 00000246 ORIG_RAX: 000000000000003b
[  592.237901][    C0] RAX: ffffffffffffffda RBX: 000055b6c8956080 RCX: 00007f2961161107
[  592.237913][    C0] RDX: 000055b6c89560a8 RSI: 000055b6c8956080 RDI: 000055b6c8956138
[  592.237925][    C0] RBP: 000055b6c8956138 R08: 00007ffd5a29feb8 R09: 0000000000000000
[  592.237936][    C0] R10: 0000000000000008 R11: 0000000000000246 R12: 000055b6c89560a8
[  592.237947][    C0] R13: 00007f2961326e8b R14: 000055b6c89560a8 R15: 0000000000000000
[  592.237968][    C0]  </TASK>
[  592.238906][    C1] task:syz.3.1028      state:R  running task     stack:25512 pid:9795  tgid:9792  ppid:5826   task_flags:0x400140 flags:0x00004000
[  592.907604][    C1] Call Trace:
[  592.910906][    C1]  <TASK>
[  592.913859][    C1]  __schedule+0x168f/0x4c70
[  592.918397][    C1]  ? cgroup_rstat_updated+0x144/0xb50
[  592.923802][    C1]  ? rcu_qs+0xc4/0x170
[  592.927985][    C1]  ? __pfx_rcu_qs+0x10/0x10
[  592.932514][    C1]  ? preempt_schedule_irq+0xb5/0x150
[  592.937826][    C1]  ? __pfx___schedule+0x10/0x10
[  592.942696][    C1]  ? irqentry_exit+0x74/0x90
[  592.947337][    C1]  preempt_schedule_irq+0xb5/0x150
[  592.952473][    C1]  ? __pfx_preempt_schedule_irq+0x10/0x10
[  592.958211][    C1]  ? __pv_queued_spin_lock_slowpath+0xa05/0xb60
[  592.964483][    C1]  ? rcu_irq_exit_check_preempt+0xdf/0x210
[  592.970319][    C1]  irqentry_exit+0x6f/0x90
[  592.974753][    C1]  asm_sysvec_call_function_single+0x1a/0x20
[  592.980752][    C1] RIP: 0010:lock_acquire+0x175/0x360
[  592.986059][    C1] Code: 00 00 00 00 9c 8f 44 24 30 f7 44 24 30 00 02 00 00 0f 85 cd 00 00 00 f7 44 24 08 00 02 00 00 74 01 fb 65 48 8b 05 4b 10 d4 10 <48> 3b 44 24 58 0f 85 f2 00 00 00 48 83 c4 60 5b 41 5c 41 5d 41 5e
[  593.005685][    C1] RSP: 0018:ffffc9000ab46e98 EFLAGS: 00000206
[  593.011771][    C1] RAX: 479f898b59f58600 RBX: 0000000000000000 RCX: 479f898b59f58600
[  593.019759][    C1] RDX: 0000000000000000 RSI: ffffffff8d9226df RDI: ffffffff8bc104e0
[  593.027747][    C1] RBP: ffffffff8171ca05 R08: 0000000000000000 R09: 0000000000000000
[  593.035733][    C1] R10: 0000000000000000 R11: ffffffff8171ca05 R12: 0000000000000002
[  593.043723][    C1] R13: ffffffff8df3dce0 R14: 0000000000000000 R15: 0000000000000246
[  593.051716][    C1]  ? unwind_next_frame+0xa5/0x2390
[  593.056848][    C1]  ? unwind_next_frame+0xa5/0x2390
[  593.062022][    C1]  ? unwind_next_frame+0xa5/0x2390
[  593.067153][    C1]  ? alloc_pages_mpol+0x232/0x4a0
[  593.072207][    C1]  ? unwind_next_frame+0xa5/0x2390
[  593.077335][    C1]  unwind_next_frame+0xc2/0x2390
[  593.082294][    C1]  ? unwind_next_frame+0xa5/0x2390
[  593.087431][    C1]  ? unwind_next_frame+0xa5/0x2390
[  593.092565][    C1]  ? __alloc_frozen_pages_noprof+0x181/0x370
[  593.098569][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  593.104742][    C1]  arch_stack_walk+0x11c/0x150
[  593.109540][    C1]  ? alloc_pages_mpol+0x232/0x4a0
[  593.114625][    C1]  stack_trace_save+0x9c/0xe0
[  593.119363][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[  593.124782][    C1]  save_stack+0xf7/0x1f0
[  593.129060][    C1]  ? __pfx_save_stack+0x10/0x10
[  593.133938][    C1]  ? post_alloc_hook+0x1d8/0x230
[  593.138892][    C1]  ? get_page_from_freelist+0x21c7/0x22a0
[  593.144636][    C1]  ? __alloc_frozen_pages_noprof+0x181/0x370
[  593.150636][    C1]  ? alloc_pages_mpol+0x232/0x4a0
[  593.155699][    C1]  ? irqentry_exit+0x74/0x90
[  593.160408][    C1]  __set_page_owner+0x8d/0x4a0
[  593.165205][    C1]  ? __pfx___set_page_owner+0x10/0x10
[  593.170608][    C1]  ? __pfx_memset_orig+0x10/0x10
[  593.175594][    C1]  post_alloc_hook+0x1d8/0x230
[  593.180409][    C1]  get_page_from_freelist+0x21c7/0x22a0
[  593.186036][    C1]  ? __pfx_get_page_from_freelist+0x10/0x10
[  593.191961][    C1]  ? prepare_alloc_pages+0x213/0x610
[  593.197279][    C1]  __alloc_frozen_pages_noprof+0x181/0x370
[  593.203118][    C1]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  593.209488][    C1]  alloc_pages_mpol+0x232/0x4a0
[  593.214384][    C1]  alloc_pages_noprof+0xa9/0x190
[  593.219373][    C1]  pte_alloc_one+0x1e/0x160
[  593.223922][    C1]  __pte_alloc+0x25/0x160
[  593.228282][    C1]  ? down_read+0x1ad/0x2e0
[  593.232743][    C1]  mfill_atomic_copy+0x844/0x1470
[  593.237813][    C1]  ? __pfx_mfill_atomic_copy+0x10/0x10
[  593.243313][    C1]  userfaultfd_ioctl+0x29ba/0x4bc0
[  593.248458][    C1]  ? do_vfs_ioctl+0xf36/0x1eb0
[  593.253243][    C1]  ? __se_sys_ioctl+0x47/0x170
[  593.258041][    C1]  ? do_syscall_64+0xf6/0x210
[  593.262777][    C1]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  593.267859][    C1]  ? __pfx_userfaultfd_ioctl+0x10/0x10
[  593.273398][    C1]  ? kasan_quarantine_put+0xdd/0x220
[  593.278746][    C1]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  593.284414][    C1]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  593.290082][    C1]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  593.296099][    C1]  ? smack_log+0xef/0x3f0
[  593.300484][    C1]  ? __pfx_smack_log+0x10/0x10
[  593.305294][    C1]  ? smk_access+0x14c/0x4e0
[  593.309841][    C1]  ? smk_tskacc+0x2fc/0x370
[  593.314380][    C1]  ? smack_file_ioctl+0x2a9/0x340
[  593.319426][    C1]  ? __pfx_smack_file_ioctl+0x10/0x10
[  593.324830][    C1]  ? __fget_files+0x3a0/0x420
[  593.329523][    C1]  ? __fget_files+0x2a/0x420
[  593.334132][    C1]  ? bpf_lsm_file_ioctl+0x9/0x20
[  593.339092][    C1]  ? __pfx_userfaultfd_ioctl+0x10/0x10
[  593.344573][    C1]  __se_sys_ioctl+0xf9/0x170
[  593.349192][    C1]  do_syscall_64+0xf6/0x210
[  593.353724][    C1]  ? asm_sysvec_call_function_single+0x1a/0x20
[  593.359894][    C1]  ? clear_bhb_loop+0x60/0xb0
[  593.364594][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  593.370504][    C1] RIP: 0033:0x7fdaee98e969
[  593.374935][    C1] RSP: 002b:00007fdaef7b4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  593.383386][    C1] RAX: ffffffffffffffda RBX: 00007fdaeebb6080 RCX: 00007fdaee98e969
[  593.391399][    C1] RDX: 0000200000000040 RSI: 00000000c028aa03 RDI: 0000000000000003
[  593.399396][    C1] RBP: 00007fdaeea10ab1 R08: 0000000000000000 R09: 0000000000000000
[  593.407387][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  593.415376][    C1] R13: 0000000000000000 R14: 00007fdaeebb6080 R15: 00007ffe9f1c3268
[  593.423407][    C1]  </TASK>
[  593.426455][    C1] rcu: rcu_preempt kthread starved for 10500 jiffies! g35813 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1
[  593.437664][    C1] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  593.447644][    C1] rcu: RCU grace-period kthread stack dump:
[  593.453544][    C1] task:rcu_preempt     state:R  running task     stack:27496 pid:16    tgid:16    ppid:2      task_flags:0x208040 flags:0x00004000
[  593.467069][    C1] Call Trace:
[  593.470363][    C1]  <TASK>
[  593.473374][    C1]  __schedule+0x168f/0x4c70
[  593.477962][    C1]  ? do_raw_spin_unlock+0x122/0x240
[  593.483257][    C1]  ? schedule+0x165/0x360
[  593.487612][    C1]  ? __pfx___schedule+0x10/0x10
[  593.492502][    C1]  ? schedule+0x91/0x360
[  593.496770][    C1]  schedule+0x165/0x360
[  593.500948][    C1]  schedule_timeout+0x12b/0x270
[  593.505818][    C1]  ? __pfx_schedule_timeout+0x10/0x10
[  593.511208][    C1]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  593.517123][    C1]  ? __pfx_process_timeout+0x10/0x10
[  593.522431][    C1]  ? prepare_to_swait_event+0x341/0x380
[  593.528005][    C1]  rcu_gp_fqs_loop+0x301/0x1540
[  593.532884][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  593.538118][    C1]  ? __pfx_rcu_watching_snap_save+0x10/0x10
[  593.544043][    C1]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[  593.549349][    C1]  ? _raw_spin_unlock_irq+0x2e/0x50
[  593.554579][    C1]  rcu_gp_kthread+0x99/0x390
[  593.559201][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  593.564424][    C1]  ? __kthread_parkme+0x7b/0x200
[  593.569383][    C1]  ? __kthread_parkme+0x1a1/0x200
[  593.574434][    C1]  kthread+0x70e/0x8a0
[  593.578529][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  593.583751][    C1]  ? __pfx_kthread+0x10/0x10
[  593.588366][    C1]  ? __pfx_kthread+0x10/0x10
[  593.592974][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  593.598198][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  593.603418][    C1]  ? __pfx_kthread+0x10/0x10
[  593.608033][    C1]  ret_from_fork+0x4b/0x80
[  593.612469][    C1]  ? __pfx_kthread+0x10/0x10
[  593.617092][    C1]  ret_from_fork_asm+0x1a/0x30
[  593.621987][    C1]  </TASK>
[  593.625031][    C1] rcu: Stack dump where RCU GP kthread last ran:
[  593.631369][    C1] CPU: 1 UID: 0 PID: 7591 Comm: kworker/u8:14 Not tainted 6.15.0-rc6-syzkaller-00025-g627277ba7c23 #0 PREEMPT(full) 
[  593.643618][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  593.653688][    C1] Workqueue: events_unbound toggle_allocation_gate
[  593.660659][    C1] RIP: 0010:smp_call_function_many_cond+0xe69/0x11c0
[  593.667360][    C1] Code: 00 45 8b 2f 44 89 ee 83 e6 01 31 ff e8 10 6d 0b 00 41 83 e5 01 49 bd 00 00 00 00 00 fc ff df 75 07 e8 bb 68 0b 00 eb 37 f3 90 <43> 0f b6 04 2c 84 c0 75 10 41 f7 07 01 00 00 00 74 1e e8 a0 68 0b
[  593.687018][    C1] RSP: 0018:ffffc9001a97f700 EFLAGS: 00000293
[  593.693117][    C1] RAX: ffffffff81b48800 RBX: ffff8880b893abc0 RCX: ffff8880624cbc00
[  593.701107][    C1] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  593.709094][    C1] RBP: ffffc9001a97f860 R08: ffffffff8f7dd277 R09: 1ffffffff1efba4e
[  593.717083][    C1] R10: dffffc0000000000 R11: fffffbfff1efba4f R12: 1ffff11017108221
[  593.725073][    C1] R13: dffffc0000000000 R14: 0000000000000000 R15: ffff8880b8841108
[  593.733062][    C1] FS:  0000000000000000(0000) GS:ffff8881261fb000(0000) knlGS:0000000000000000
[  593.742006][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  593.748608][    C1] CR2: 0000200000036000 CR3: 000000000dd38000 CR4: 00000000003526f0
[  593.756595][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  593.764579][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  593.772566][    C1] Call Trace:
[  593.775861][    C1]  <TASK>
[  593.778818][    C1]  ? __pfx_do_sync_core+0x10/0x10
[  593.783879][    C1]  ? __pfx_smp_call_function_many_cond+0x10/0x10
[  593.790235][    C1]  ? __pfx___text_poke+0x10/0x10
[  593.795206][    C1]  ? __pfx_do_sync_core+0x10/0x10
[  593.800255][    C1]  on_each_cpu_cond_mask+0x3f/0x80
[  593.805395][    C1]  ? kmem_cache_alloc_bulk_noprof+0x148/0x790
[  593.811483][    C1]  text_poke_bp_batch+0x319/0x940
[  593.816548][    C1]  ? __pfx_text_poke_bp_batch+0x10/0x10
[  593.822121][    C1]  ? text_poke_queue+0x140/0x190
[  593.827094][    C1]  ? arch_jump_label_transform_queue+0x97/0x110
[  593.833404][    C1]  text_poke_finish+0x30/0x50
[  593.838121][    C1]  arch_jump_label_transform_apply+0x1c/0x30
[  593.844139][    C1]  static_key_enable_cpuslocked+0x128/0x250
[  593.850077][    C1]  static_key_enable+0x1a/0x20
[  593.854870][    C1]  toggle_allocation_gate+0xad/0x240
[  593.860187][    C1]  ? __pfx_toggle_allocation_gate+0x10/0x10
[  593.866110][    C1]  ? process_scheduled_works+0x9ec/0x17a0
[  593.871866][    C1]  ? process_scheduled_works+0x9ec/0x17a0
[  593.877612][    C1]  ? process_scheduled_works+0x9ec/0x17a0
[  593.883376][    C1]  process_scheduled_works+0xadb/0x17a0
[  593.888980][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[  593.895095][    C1]  worker_thread+0x8a0/0xda0
[  593.899706][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  593.906059][    C1]  ? __kthread_parkme+0x7b/0x200
[  593.911024][    C1]  kthread+0x70e/0x8a0
[  593.915119][    C1]  ? __pfx_worker_thread+0x10/0x10
[  593.920243][    C1]  ? __pfx_kthread+0x10/0x10
[  593.924861][    C1]  ? __pfx_kthread+0x10/0x10
[  593.929465][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  593.934678][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  593.939894][    C1]  ? __pfx_kthread+0x10/0x10
[  593.944515][    C1]  ret_from_fork+0x4b/0x80
[  593.948955][    C1]  ? __pfx_kthread+0x10/0x10
[  593.953581][    C1]  ret_from_fork_asm+0x1a/0x30
[  593.958386][    C1]  </TASK>