last executing test programs:

25m16.490066123s ago: executing program 32 (id=200):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r3=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r1, r3, 0x25, 0x2, @void}, 0x10)
syz_emit_ethernet(0x46, &(0x7f0000000100)=ANY=[], 0x0)

22m33.677996504s ago: executing program 33 (id=778):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$dir(0xffffffffffffff9c, 0x0, 0x6bc001, 0x80)
r2 = mmap$KVM_VCPU(&(0x7f0000ffc000/0x2000)=nil, 0x930, 0x1000002, 0x4018831, 0xffffffffffffffff, 0x0)
r3 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f00000000c0))
r4 = syz_io_uring_setup(0xa1, &(0x7f0000000640)={0x0, 0xe8ce, 0x0, 0x20, 0x40000333}, &(0x7f00000006c0)=<r5=>0x0, &(0x7f00000020c0)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x6007, @fd=r3, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001800)=""/211, 0xd3}], 0x1})
io_uring_enter(r4, 0x47ba, 0x0, 0x0, 0x0, 0x0)
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000002800)={{&(0x7f0000ffa000/0x3000)=nil, 0x3000}, 0x1})
syz_memcpy_off$KVM_EXIT_HYPERCALL(r2, 0x20, &(0x7f0000000000)="1eb3bf65654102f4af4d221c8bd458d1e7cbdaf3657d0f34e790c85bdba7931791f6d15c3e681411f7a496c0dace6a3c242f5b016f64b4ef8a9cedaf6bec340dee49474360b24cb8", 0x0, 0x48)

21m27.820685396s ago: executing program 34 (id=863):
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10)
bind$tipc(r0, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42}}}, 0x10)
bind$tipc(r0, &(0x7f0000000140)=@name={0x1e, 0x2, 0xfffffffffffffffe, {{0x42, 0x2}, 0x2}}, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x10)
r2 = socket$inet6(0xa, 0x3, 0x3c)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="540000004900010928bd700018dcdf250a001c", @ANYRES32, @ANYBLOB="0000000014000100fe80000000000000000000000000001f14000100fe8000000000000000000000000000bb08"], 0x54}}, 0x0)
setsockopt$inet6_IPV6_RTHDR(r2, 0x29, 0x39, &(0x7f0000000f00)={0x0, 0x2, 0x2, 0x1, 0x0, [@mcast2]}, 0x18)
writev(r2, &(0x7f00000000c0)=[{&(0x7f0000000100)=',', 0x5dc}], 0x1)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
socket$packet(0x11, 0xa, 0x300)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r5, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="219a53f271a76d2608004c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010008020000001800006600000008000300", @ANYRES32=r6, @ANYBLOB="08002600940900000800b7"], 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)

21m24.561909906s ago: executing program 35 (id=865):
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, 0x0)
r0 = socket$xdp(0x2c, 0x3, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$SNDRV_TIMER_IOCTL_CREATE(0xffffffffffffffff, 0xc02054a5, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000340)=0x14)
setsockopt$XDP_RX_RING(r0, 0x11b, 0x2, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000280)={'batadv_slave_1\x00'})
r2 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$XDP_UMEM_COMPLETION_RING(r2, 0x11b, 0x6, 0x0, 0x0)
setsockopt$XDP_UMEM_FILL_RING(r2, 0x11b, 0x5, 0x0, 0x0)
r3 = socket$kcm(0x10, 0x2, 0x0)
openat$comedi(0xffffffffffffff9c, 0x0, 0x400, 0x0)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000002c0)="2e00000011008b88040f80ee59acbc04130800480f0000005e2900421803001825800000000000000280000c0012", 0x2e}], 0x1}, 0x0)

18m51.884843913s ago: executing program 36 (id=1003):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="0000000000000000000100"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f0000000040)={{0x0, 0x3}})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', 0xffffffffffffffff, 0x0, 0x3}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mkdir(&(0x7f0000000200)='./file1\x00', 0x0)
mount(0x0, 0x0, &(0x7f0000000040)='autofs\x00', 0x0, 0x0)
r4 = socket(0x10, 0x3, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000001c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x4)
sendmsg$nl_route(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001340)={&(0x7f00000000c0)=ANY=[@ANYBLOB="4c0000001800010d00000000000000850a000000000000000500000014000500200100000000000000000100000000001c00090008000000", @ANYRES32=r4, @ANYRES16=r5], 0x4c}}, 0x40000)
sendmmsg(r4, &(0x7f0000000000), 0x4000000000001f2, 0xfc)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1f, 0xf, &(0x7f0000000500)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x6}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f00000000c0)='GPL\x00', 0x3, 0x0, 0x0, 0x41100, 0x12, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xebfb}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r6}, 0xc)
r7 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r7, 0xc01064bd, &(0x7f0000000280)={&(0x7f00000008c0), 0xffa4})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000006c0)=@newchain={0x24, 0x64, 0x200, 0x70bd2c, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x8, 0x9}, {0x8, 0x7}, {0xe, 0xfff1}}}, 0x24}}, 0x24000040)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0)
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=@newtaction={0x64, 0x30, 0x9e54f29ff072a93b, 0x0, 0x25dfdbfc, {}, [{0x50, 0x1, [@m_csum={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0x4}, 0x2d}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x64}}, 0x0)
sendmmsg(r8, &(0x7f00000002c0), 0x40000000000009f, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
socket$inet(0x2, 0x1, 0x0)

16m54.033784818s ago: executing program 37 (id=1478):
syz_emit_ethernet(0x0, 0x0, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000006b40)={0x2020}, 0x2020)
write$UHID_DESTROY(0xffffffffffffffff, &(0x7f0000000180), 0x4)
unshare(0x6a040200)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @empty}, 0xc)
getsockopt$inet_buf(r0, 0x0, 0x29, &(0x7f0000000000)=""/145, &(0x7f00000000c0)=0x91)

15m30.012804148s ago: executing program 38 (id=1658):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x74)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x5)
getpid()
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/seq/clients\x00', 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
r2 = io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0xc89f, 0xc000, 0x7, 0x1b5})
bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-serpent-avx\x00'}, 0x58)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="2105"], 0x14}}, 0x0)
io_uring_enter(r2, 0x80002219, 0x7721, 0x16, 0x0, 0x0)
socket(0x10, 0x3, 0x0)
setitimer(0x2, &(0x7f0000000580)={{}, {0x0, 0x2710}}, 0x0)
mq_notify(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0xd, 0x4, @thr={&(0x7f0000000e80)="3904f819259b82170b7f56e8b4e14e58885a6f18542e129bbc9deb58b16c3690c4a05b0051fc5f720edcce4622aa80b2929451cf7f80b9005edf6768b52ba113c6f8699e8cfad6fb564d5b2d215ad29257331703e7eec3b9c4a6a70fe1df474f416b0ea95e63127f21ed515456d8c5b9d39b30ab7468236435d15432b05e7d2a042bc87d5097f665de610a92106703c8d01e506fe09edec3dd85278687c69480082da1bd0013b476c43b7cdd0b61a2bd270fcd3e48f56b786ab438663e9e79b174f7cee76ca5dd790f3cb6769ddc7782a85ed7c959efe79b92234b0f288b3c55ec6b2af575e1ae30fe9246365899cab6470f127c70b43ccacf11a4a4bffe379f7d56ee1a15122aeb0755c295630fa672ee26dd26ee71710c27bca58a4c03d414553a3a951514f26007e30be294c31076f8c9e9e9f2e6d6df4aefe1909b12652b0694eb6a1314ef39ce9d18afec719f234ad40f78b329d689c6aa2b842a85d4b212531c6c5ede0a04f1522bdd5d038851c42e6294edd2e251e6806d7e86b91547d6a6317a27caa2d82c41eccf083dbf493f8944a411f8788b2af56f582dec52d135fc800221c1f6f3664bca2177cb8124c3c6bc510ee860e23bbbd2fc358cdc1fca91ea5cf24d3353a77484dc8ac582f9362669d1ecd577b4e6fc5500aed9397e3559dda7899f5938ce0fcd3a6264305f6865b259a57d3f8464e82592e14b5d314432419b333a7c7b888c165b29241d72954901d6da63886bf99b7ff61b9a60245f4a0c19d0f9ef9bda9fac8af7513d0206d6702be5ea4754d4a2fb5faef7a7ac328085c16c66160a6dd11f07dedda0c0376b59b2cf56948b712add94db2021d82842ee34133640e1091d92e06679dd5c0d826c709a7079c7a2ddabdd4a93944df2202fb3904d44f12db5c79029066ba8dc2875b1fae0ca00b793a9a1faaa518542a828d19fe7f3cfd9852391b2ff7ea9054d0067f1e47abb9a0e5bac00bf1bc290d2701ab5216882cf8d1028d5fb45b0bbfa3c5fc415b26924fca7353b08f08625fea3b969e23a5616f08f6667b2a2099c86c9bd46676237bdf6955500f7e4388c0922b36c59f404bfe0c631f483098440127189919fb2e630c1f355faa3d5916964316d7bb7dc98a8b0121cd3931d088336136608b79482bf26aed41634a7296d31cce50c931b46e61ad954f879aeeebb44fcf575a930e61b1276de05157d1e1625866ec5f9419ce033bf41a3819310ff0569dca58543689eaea8dfe43a8e3297471781858dd181aaadbf3fa05b0a8c16db092199672d8ee10f4563a28e32723dc79389c5ea1a999dd042951399cd9b5a5121dcfa7671ba79050a4d1687b291fd21b95e45fce96c0ec5ecb9b08911e0f1f2665eed97734e033d0c97e2eb431c56ec75642a67eedeaa11cbaf72fa512f106aa3b4b1e26e654c8549bd52ba84d8061d89ea7e3d5bc98288170d20821ca8ff495a319bcd3c30bf92ddfcbdd1a3d3162b6e64d6c5f35a5bb59d7d1b7c9c0cb8d2361d42f36cc394fdb0c0f60d11526260de9d0562f062928d61113846930f8e208a72634b187f2f0cadbba056aaf221fce03030f225b873326da0022387136817fc60d24d653b376029dbdc03a5f25a0c1e39d695211d074a38a031213c94090772fc6bcce1a524a60c6e3748073c0d9b9d7687b0719a6000172441434f69dd967a62df5a758bc37b641db63572f6dd498535123a587ad70ce571c7f3e4bf13699154cfbfc38b49b9a3364c44d6030020a6f6ab3188a103cacd359d4e941f44cc9e6f45f567a67253b3c65ac38093d8393b439ca4b248eb6f17fcbdd164892506857acff9f9f5d7dd3517cc3c45ad7a6f631053044f0bbdd0bbb2f703815ece538b3379882e185702ead8850b03c20b5c8c9f007d4a82b3246418739817aed92b1d24046899ae5928e262091c7f2019b1d3f7cc5750d760f53da13ea9daeb04938572d0e3d9557966876743d8b5f17899857718aee50deb497dfd6ef90c28296d7227f16a17e044b61e4fd4d94aaac5d6ec7f908612c8c0fefa05e8e536c2810a911220b8968dadd6df1d39bf61658f6305405c21f655be83bd089f494571fb46252bba55a3f62880ecc9ab55267c062bea17e1a0416e3909f9449157d1eddf0a42405ed8c069b0492e70c4d0c0d1e7d75564595f8e0576b4e8c660285edae5f91535ba0e5e2b4df5bd2d836f6361aadf65ca76b86607bbc396e5a1de1c37a0e1cd51a7c6525348c9679d9d3b1fd84b43b7b59a6767d82922b25dd3d73b142caf113d826fe39708fde1b6d2f7701dcb62169c626031", &(0x7f0000000100)}})

11m16.141003397s ago: executing program 8 (id=2683):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000400)=0x6)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000940)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls=0x36, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xe980}, 0x94)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000010000000900010073797a30000000002c000000030a010200000000000000000100fffe0900010073797a30000000000900030073797a3213000000dc000000060a010400000000000000000100000508000b4000000000b4000480200001800d00010073796e70726f7879000000000c000280060001400000000034000180080001006c6f670028000280080006400000000d110002402b24292d2d2a5d24402c2d400000000006000440000700003c0001800900010068617368000000002c000280080007400000000008000340000000160800014000ff00120800024000000000080004400000000020000180080001006e61740014000280080003400000000008000540000000000900010073797a30"], 0x150}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)

11m10.457001536s ago: executing program 8 (id=2693):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x14, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(0x0, r0)
sendmsg$IEEE802154_SCAN_REQ(r0, &(0x7f0000002980)={0x0, 0x0, &(0x7f0000002940)={0x0}, 0x1, 0x0, 0x0, 0x161b060f1436d4f2}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x6)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000c00)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='ramfs\x00', 0x2014800, 0x0)
openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000240), 0x101100, 0x0)

10m58.047807713s ago: executing program 8 (id=2706):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0x4, &(0x7f0000000140)={0xa, 0x5}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
syz_open_dev$vcsa(&(0x7f0000000180), 0x8000, 0x200000)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x89}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeeb, 0x8031, 0xffffffffffffffff, 0xc36e5000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ptrace$peekuser(0x3, r1, 0x4)
unshare(0x8000000)
semtimedop(0x0, 0x0, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x4)
r4 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000580)={0xffffffffffffffff, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0), ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000340)=[0x0, 0x0], 0x0, 0x6d, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000400), 0x8, 0xf8, 0x8, 0x0, 0x0}}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$tipc(r5, &(0x7f0000004440)={0x0, 0x0, &(0x7f0000004340)=[{0x0}, {0x0}], 0x2}, 0x0)
ioctl$SG_GET_VERSION_NUM(r4, 0x2284, &(0x7f0000000080))

10m56.739470607s ago: executing program 8 (id=2709):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
socket$nl_xfrm(0x10, 0x3, 0x6)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$ppp(0xffffffffffffff9c, 0x0, 0x68002, 0x0)
ioctl$PPPIOCNEWUNIT(r3, 0xc004743e, &(0x7f0000000180)=0x4000000)
ioctl$PPPIOCSFLAGS1(r3, 0x40047459, &(0x7f0000000080)=0x6100204)
pwritev(r3, &(0x7f0000000040)=[{&(0x7f0000000240)="00214717a7070075000003060000000000000000d35fecbfc83df141460817efaaa6087c309c981de05261a7164d20dc8555", 0x32}], 0x1, 0x73a, 0x1)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000540)='btrfs_setup_cluster\x00'}, 0x18)
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
r4 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r4, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x163180, 0x0)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r5, 0x0, 0x40, &(0x7f0000000000)=@filter={'filter\x00', 0x42, 0x4, 0x2e8, 0xffffffff, 0x98, 0x98, 0x198, 0xffffffff, 0xffffffff, 0x250, 0x250, 0x250, 0xffffffff, 0x4, 0x0, {[{{@ip={@broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}, 0xff, 0x0, 'netpci0\x00', 'syzkaller1\x00', {}, {}, 0x6, 0x1}, 0x0, 0x70, 0x98}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x7}}}, {{@ip={@remote, @multicast2, 0x0, 0x0, 'veth1_macvtap\x00', 'ip6_vti0\x00'}, 0x0, 0xa0, 0x100, 0x0, {0x60010000}, [@common=@unspec=@connmark={{0x30}, {0x0, 0x0, 0x41}}]}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @empty, 0x0, 0xfffc, [0x16, 0x0, 0x0, 0x0, 0x1c, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x100]}}}, {{@uncond, 0x0, 0x90, 0xb8, 0x0, {}, [@common=@socket0={{0x20}}]}, @REJECT={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x348)

10m53.683508847s ago: executing program 8 (id=2713):
socket$can_bcm(0x1d, 0x2, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$wireguard(&(0x7f0000000000), r3)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r3, 0x8933, &(0x7f00000003c0)={'wg2\x00'})
sendmsg$WG_CMD_SET_DEVICE(r3, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8010}, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
socket$inet(0x2, 0x4000000000000001, 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x22)
r4 = fsopen(&(0x7f0000000240)='ext2\x00', 0x1)
fsconfig$FSCONFIG_SET_BINARY(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0xc)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x4}, @HCI_OP_LE_SET_ADV_PARAM={{0x79}, 0xce}}}, 0x7)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000005c0)={0xffffffffffffffff, &(0x7f0000000580)}, 0x20)

10m50.644549479s ago: executing program 8 (id=2716):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mmap(&(0x7f000051b000/0x2000)=nil, 0x2000, 0xb635773f06ebbeee, 0x4010, 0xffffffffffffffff, 0xffffe000)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_open_dev$MSR(&(0x7f0000000080), 0x7ff, 0x0)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0x18ff2}], 0x1, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0x3, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x4002)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
mount$afs(0x0, 0x0, 0x0, 0x0, 0x0)
setsockopt$RXRPC_UPGRADEABLE_SERVICE(0xffffffffffffffff, 0x110, 0x5, &(0x7f0000000140)=[0x0, 0x3], 0x2)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40408c0)
syz_open_procfs(0x0, &(0x7f00000000c0)='net/ptype\x00')

10m34.583934626s ago: executing program 39 (id=2716):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mmap(&(0x7f000051b000/0x2000)=nil, 0x2000, 0xb635773f06ebbeee, 0x4010, 0xffffffffffffffff, 0xffffe000)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_open_dev$MSR(&(0x7f0000000080), 0x7ff, 0x0)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0x18ff2}], 0x1, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0x3, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x4002)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
mount$afs(0x0, 0x0, 0x0, 0x0, 0x0)
setsockopt$RXRPC_UPGRADEABLE_SERVICE(0xffffffffffffffff, 0x110, 0x5, &(0x7f0000000140)=[0x0, 0x3], 0x2)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40408c0)
syz_open_procfs(0x0, &(0x7f00000000c0)='net/ptype\x00')

10m31.716216442s ago: executing program 1 (id=2741):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, 0x0, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000200)='bbr', 0x3)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
r2 = getpid()
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r5, 0x4020565a, &(0x7f0000000080)={0x0, 0x2})
ioctl$VIDIOC_S_INPUT(r5, 0xc0045627, &(0x7f00000000c0)=0x3)
syz_open_dev$vim2m(&(0x7f0000000000), 0x800, 0x2)
r6 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADDDEST(r6, 0x0, 0x487, &(0x7f0000000000)={{0x84, @rand_addr=0x64010100, 0x4e24, 0x3, 'lc\x00', 0x8, 0x323b, 0x55}, {@remote, 0x4e23, 0x10000, 0x0, 0x12d5c, 0x12d5c}}, 0x44)
sendmsg$sock(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000580)=@in6={0x2, 0x4e22, 0x0, @dev}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@mark={{0x14, 0x1, 0x24, 0x3}}], 0x18}, 0x0)
sendto$inet(r0, &(0x7f0000000280)="1d", 0x1, 0x200400c5, 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4)

10m24.722235274s ago: executing program 1 (id=2745):
connect$inet(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000400)=@framed={{0xc3, 0xa, 0xa, 0xfe00, 0x110, 0x71, 0x10, 0x1a}}, &(0x7f0000000480)='syzkaller\x00', 0xe}, 0x94)
r3 = syz_open_procfs(r0, &(0x7f0000000600)='net/fib_triestat\x00')
read$FUSE(r3, &(0x7f0000004180)={0x2020}, 0x2020)

10m23.201030058s ago: executing program 1 (id=2746):
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x1, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {}, {0x7d}}}, 0xb8}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
r5 = fanotify_init(0xf00, 0x0)
fanotify_mark(r5, 0x105, 0x40009975, r4, 0x0)
mknod(&(0x7f0000000100)='./file0\x00', 0x8001420, 0x1)
r6 = socket$kcm(0x11, 0x2, 0x0)
sendmsg$kcm(r6, &(0x7f0000000080)={&(0x7f0000000280)=@tipc=@nameseq={0x1e, 0x1, 0x3, {0x43}}, 0x80, 0x0}, 0x4000)
r7 = syz_open_dev$video4linux(&(0x7f0000000080), 0x6d6b, 0x480)
ioctl$VIDIOC_QUERYMENU(r7, 0xc008561c, &(0x7f0000000000)={0x980900, 0x81, @value=0x327})
openat$null(0xffffffffffffff9c, &(0x7f0000000000), 0x6040, 0x0)
r8 = getpid()
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0)
r9 = syz_pidfd_open(r8, 0x0)
ioctl$VIDIOC_QBUF(r9, 0xc058ff0b, &(0x7f0000000200)=@mmap={0x1, 0x1, 0x4, 0x10, 0x200, {}, {0x5, 0x8, 0xe, 0x9f, 0x0, 0x7b, "c16599e2"}, 0xabdb, 0x1, {}, 0xbaa})
syz_genetlink_get_family_id$fou(&(0x7f0000000080), 0xffffffffffffffff)

10m19.534686714s ago: executing program 1 (id=2751):
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x181)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
socket(0x840000000002, 0x3, 0xff)
socket$inet6(0xa, 0x2, 0x0)
r3 = socket$inet6(0xa, 0x2, 0x3a)
connect$inet6(r3, &(0x7f0000000180)={0xa, 0x0, 0x6, @mcast2, 0x9}, 0x1c)

10m15.181283322s ago: executing program 1 (id=2754):
connect$inet(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000400)=@framed={{0xc3, 0xa, 0xa, 0xfe00, 0x110, 0x71, 0x10, 0x1a}}, &(0x7f0000000480)='syzkaller\x00', 0xe}, 0x94)
r1 = syz_open_procfs(r0, &(0x7f0000000600)='net/fib_triestat\x00')
read$FUSE(r1, &(0x7f0000004180)={0x2020}, 0x2020)

10m11.094743049s ago: executing program 1 (id=2758):
r0 = fsopen(&(0x7f0000000380)='udf\x00', 0x0)
fcntl$dupfd(r0, 0x0, r0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
gettid()
timer_settime(0x0, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
mkdir(&(0x7f0000000140)='./file1\x00', 0x1bb)
mount(0x0, &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='tmpfs\x00', 0x8, &(0x7f0000000000)='usrquota')
chdir(&(0x7f0000000280)='./file1\x00')
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
r4 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
write$vhost_msg(r4, &(0x7f0000000340)={0x1, {0x0, 0x0, 0x0, 0x3, 0x3}}, 0x48)
write$binfmt_aout(r3, &(0x7f0000000180)=ANY=[], 0xfffffecc)
quotactl_fd$Q_SETQUOTA(r3, 0xffffffff80000800, 0x0, &(0x7f00000003c0)={0x0, 0x5, 0x1000, 0x476, 0x0, 0x7f, 0x3, 0xffffffffffffffff, 0x6})
fchown(r3, 0xee01, 0x0)
fchdir(0xffffffffffffffff)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r5, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r5, 0x0)
setxattr$system_posix_acl(0x0, &(0x7f0000002a40)='system.posix_acl_access\x00', 0x0, 0x0, 0x1)

9m54.362118811s ago: executing program 40 (id=2758):
r0 = fsopen(&(0x7f0000000380)='udf\x00', 0x0)
fcntl$dupfd(r0, 0x0, r0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
gettid()
timer_settime(0x0, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
mkdir(&(0x7f0000000140)='./file1\x00', 0x1bb)
mount(0x0, &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='tmpfs\x00', 0x8, &(0x7f0000000000)='usrquota')
chdir(&(0x7f0000000280)='./file1\x00')
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
r4 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
write$vhost_msg(r4, &(0x7f0000000340)={0x1, {0x0, 0x0, 0x0, 0x3, 0x3}}, 0x48)
write$binfmt_aout(r3, &(0x7f0000000180)=ANY=[], 0xfffffecc)
quotactl_fd$Q_SETQUOTA(r3, 0xffffffff80000800, 0x0, &(0x7f00000003c0)={0x0, 0x5, 0x1000, 0x476, 0x0, 0x7f, 0x3, 0xffffffffffffffff, 0x6})
fchown(r3, 0xee01, 0x0)
fchdir(0xffffffffffffffff)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r5, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r5, 0x0)
setxattr$system_posix_acl(0x0, &(0x7f0000002a40)='system.posix_acl_access\x00', 0x0, 0x0, 0x1)

9m30.794787529s ago: executing program 3 (id=2786):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
madvise(&(0x7f000042f000/0x800000)=nil, 0x800000, 0x15)
msync(&(0x7f0000c0e000/0x3000)=nil, 0x3000, 0x6)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
syslog(0x4, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
gettid()

9m23.854702229s ago: executing program 3 (id=2792):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x8000000000002)
sched_setscheduler(r0, 0x2, &(0x7f0000000240)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f00000002c0)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r3}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000880)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1ff8d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002706870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a83984e68a6d80a5f5222ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2a2d0e0007000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1f6428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e1700000000000000000a034000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1ebbb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa5210b16eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d6"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r4, 0x18000000000002a0, 0xe2c, 0x60000000, &(0x7f0000000100)="b9ff03076844268cb89e14f086dd47e0ffff00122c00631177fbac141416e000030a44079f034d2f87e589ca6aab845013f2325f1a3911050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000, 0x0, 0x7000002}, 0x2c)

9m20.252654524s ago: executing program 3 (id=2795):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f0000000180)={0xa, 0x4e22, 0x0, @loopback}, 0x58)
listen(r3, 0x5)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r4, 0x0, 0x0, 0x24040014, &(0x7f0000000000)={0xa, 0x4e22, 0x7, @empty, 0xfffffffe}, 0x1c)
close_range(r3, 0xffffffffffffffff, 0x0)
open(&(0x7f0000000780)='./bus\x00', 0x14507e, 0x0)
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x1000f4)

9m18.613383151s ago: executing program 3 (id=2797):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kmem_cache_free\x00'}, 0x10)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f0000000180)={0xa, 0x4e22, 0x0, @loopback}, 0x58)
listen(r3, 0x5)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r4, 0x0, 0x0, 0x24040014, &(0x7f0000000000)={0xa, 0x4e22, 0x7, @empty, 0xfffffffe}, 0x1c)
close_range(r3, 0xffffffffffffffff, 0x0)
open(&(0x7f0000000780)='./bus\x00', 0x14507e, 0x0)
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x1000f4)

9m10.350403711s ago: executing program 3 (id=2805):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kmem_cache_free\x00'}, 0x10)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f0000000180)={0xa, 0x4e22, 0x0, @loopback}, 0x58)
listen(r3, 0x5)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r4, 0x0, 0x0, 0x24040014, &(0x7f0000000000)={0xa, 0x4e22, 0x7, @empty, 0xfffffffe}, 0x1c)
close_range(r3, 0xffffffffffffffff, 0x0)
open(&(0x7f0000000780)='./bus\x00', 0x14507e, 0x0)
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x1000f4)

9m5.685514586s ago: executing program 3 (id=2808):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sched_setscheduler(0x0, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=@newqdisc={0x44, 0x24, 0x800, 0x70bd29, 0x25dfdc00, {0x60, 0x0, 0x0, 0x0, {0xfff1, 0xfff2}, {0x1, 0xc}, {0x8, 0x8}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x14, 0x2, [@TCA_CAKE_MEMORY={0x8, 0xa, 0x80000000}, @TCA_CAKE_FWMARK={0x8, 0x12, 0xffff7fff}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x44045}, 0x10)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000d}, 0x20000000)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e"], 0x50}}, 0x4000084)

8m49.292345603s ago: executing program 41 (id=2808):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sched_setscheduler(0x0, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=@newqdisc={0x44, 0x24, 0x800, 0x70bd29, 0x25dfdc00, {0x60, 0x0, 0x0, 0x0, {0xfff1, 0xfff2}, {0x1, 0xc}, {0x8, 0x8}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x14, 0x2, [@TCA_CAKE_MEMORY={0x8, 0xa, 0x80000000}, @TCA_CAKE_FWMARK={0x8, 0x12, 0xffff7fff}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x44045}, 0x10)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000d}, 0x20000000)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e"], 0x50}}, 0x4000084)

3m37.015543919s ago: executing program 5 (id=3465):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r0, 0x3ba0, &(0x7f0000000100)={0x48, 0x2, r1, 0x0, <r2=>0x0, 0x0, <r3=>0x0})
ioctl$IOMMU_HWPT_ALLOC$NONE(r0, 0x3b89, &(0x7f0000000180)={0x28, 0x1, r3, r1, <r4=>0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)})
ioctl$IOMMU_HWPT_ALLOC$TEST(r0, 0x3b89, &(0x7f0000000200)={0x28, 0x0, r3, r4, <r5=>0x0, 0x0, 0xdead, 0x4, &(0x7f0000000240)})
r6 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r6, 0x0, 0x482, &(0x7f0000000040)={0x84, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x4e23, 0x3, 'dh\x00', 0x1, 0x7, 0x49}, 0x2c)
setsockopt$IP_VS_SO_SET_ADDDEST(r6, 0x0, 0x487, &(0x7f0000000000)={{0x84, @local, 0x4e20, 0x3, 'nq\x00', 0x6, 0x81, 0x5}, {@rand_addr=0x64010101, 0x4e22, 0x10000, 0x1cb, 0xfff, 0x32d5c}}, 0x44)
ioctl$IOMMU_HWPT_INVALIDATE$TEST(r0, 0x3b8d, &(0x7f0000000280)={0x20, r5, &(0x7f00000002c0)=[{}], 0xdeadbeef, 0x8, 0x1})
r7 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r7, 0x3b81, &(0x7f0000000340)={0xc, 0x0, <r8=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r7, 0x3ba0, &(0x7f0000000200)={0x48, 0x2, r8, 0x0, 0x0, 0x0, <r9=>0x0})
ioctl$IOMMU_IOAS_ALLOC(r7, 0x3b81, &(0x7f0000000040)={0xc, 0x0, <r10=>0x0})
ioctl$IOMMU_HWPT_ALLOC$TEST(r7, 0x3b89, &(0x7f00000002c0)={0x18, 0x3, r9, r10, <r11=>0x0, 0x0, 0xdead, 0x4, &(0x7f0000000280)})
ioctl$IOMMU_HWPT_GET_DIRTY_BITMAP(r7, 0x3b8c, &(0x7f0000000100)={0x30, r11, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0})
ioctl$IOMMU_DESTROY$hwpt(r7, 0x3b80, &(0x7f0000000000)={0x8, r11})
ioctl$IOMMU_DESTROY$hwpt(r0, 0x3b80, &(0x7f0000000340)={0x8, r4})
ioctl$IOMMU_GET_HW_INFO(r0, 0x3b8a, &(0x7f0000000380)={0x24, 0x0, r3, 0x1c, &(0x7f00000003c0)=""/28})
ioctl$IOMMU_DESTROY$stdev(r0, 0x3b80, &(0x7f0000000400)={0x8, r2})
ioctl$IOMMU_DESTROY$ioas(r0, 0x3b80, &(0x7f0000000440)={0x8, r1})
close(r0)

3m35.710974208s ago: executing program 5 (id=3467):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x20040040)
capset(&(0x7f0000000100)={0x20080522}, &(0x7f0000000140))
r1 = socket$netlink(0x10, 0x3, 0xb)
sendmsg$nl_xfrm(r1, &(0x7f0000001440)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x400}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x80}, 0xc0)

3m35.513992745s ago: executing program 5 (id=3469):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8000000000000000}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0900000004000000e27f00000200000012"], 0x50)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000032c0)={0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x4}, 0x38)
r4 = socket$inet(0x2, 0x2, 0x0)
shutdown(r4, 0x0)
recvmmsg(r4, &(0x7f00000066c0), 0xa0d, 0x0, 0x0)
pipe2(&(0x7f0000000080)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x84000)
ioctl$int_in(r5, 0x5452, &(0x7f0000000100)=0x3ff)

3m34.619426447s ago: executing program 5 (id=3474):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mkdir(0x0, 0x0)
mount$tmpfs(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000280), 0x0, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x2951094, 0x0)
mount$bind(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x201091, 0x0)
chroot(&(0x7f00000001c0)='./file0\x00')
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b100a, 0x0)
mount$bind(&(0x7f0000000540)='./file0/file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2125099, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000480)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ff9000/0x3000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000000380)="c61dba105bbda3017724c67835b64d4c7b63dd7d4132bdc8d5ace1469ea43494c0977097b9b195010245cbc0373195eb25c6c8ef0ba130b402671f09ab78b810fd2ec31e9f899d6766b25185890b44dbe519ce59316e00bf0007bfa4be69bff6ce1192e420d955ba445fc92dbe71f5b61e0104dc9c1537330a104cef03d952c9f5affb803a0242ac0ccf8227b621f9f71b93008e7acb877672379aab3c532dfb3115320cbc782ce0d7c01cf14332eb04e1ebd8fb6aa8755979f0c60723c580345d60e50e3f6bbbd4f9aa53ac3c988e77d8a32df2cd2be20624b38363bc3ac8d891d7fb5b5f229b8d1872eb4395bcab79fc43c249e7849c", 0xf7, r0}, 0x68)
umount2(&(0x7f0000000280)='./file0\x00', 0xb)
sendmsg$IPCTNL_MSG_EXP_DELETE(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)=ANY=[@ANYBLOB="cc0000000202010200000000000000000100000308000940000000060400038094000a"], 0xcc}, 0x1, 0x0, 0x0, 0x91}, 0x800)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=@newtaction={0x48, 0x30, 0x53b, 0x0, 0x0, {0x9}, [{0x34, 0x1, [@m_sample={0x30, 0x1, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc}, {0xc, 0x4, {0x3}}}}]}]}, 0x48}}, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000002b000b00000000000000000004000000040003000c0001"], 0x24}}, 0xc00)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003f000b05d25a806c8c6394f90324fc60100002000a000300053582c137153e3704020180fc0b09000c00", 0x33fe0}], 0x1}, 0x0)

3m33.878108732s ago: executing program 5 (id=3478):
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$usbfs(&(0x7f0000000180), 0x205, 0x2581)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$USBDEVFS_SUBMITURB(r1, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x80, 0x0, 0x0, 0x0, 0x7995}, 0xfff7, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0})
r2 = accept4$ax25(r1, &(0x7f0000000100)={{0x3, @default}, [@rose, @rose, @bcast, @rose, @default, @remote, @netrom]}, &(0x7f0000000040)=0x48, 0x800)
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
socket(0x400000000010, 0x3, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000}, 0x94)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000120000002400000008000000850000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000005c0)='sched_switch\x00', r5}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0x8000000000, 0x1}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x3, 0x0, 0x0, 0x7fffffff, 0xfffffffffffffffc}, 0x0, 0x0)
r6 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r6, 0x10e, 0xc, &(0x7f0000000040)={0x5, 0x0, 0x4}, 0x10)
sendmsg$nl_route(r6, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001a00010100000000000000000a00808000040009000900009baf6f78facc968ed7a291b274dd66f1fae45d316a470035b9fb742b3433434f80e8916799ad27fca18d7cb1ee4202ce7841aacf55ca85a1bdb77695"], 0x1c}}, 0x0)
ioctl$SIOCAX25CTLCON(r2, 0x89e8, &(0x7f0000000240)={@bcast, @bcast, @default, 0x0, 0xffffffff80000001, 0x7, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @default, @default]})
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x8, 0x5, 0x0, 0x0, 0x2, 0x0, 0x0, 0x41100, 0x44, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = socket(0x10, 0x3, 0x0)
r8 = socket(0x10, 0x803, 0x0)
r9 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_int(r9, 0x29, 0x19, &(0x7f0000000000)=0x94b, 0x4)
recvmmsg(r9, &(0x7f0000001740)=[{{0x0, 0x0, 0x0}, 0x4}], 0x1, 0x2000, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=ANY=[@ANYBLOB="540000001400b59500000000000000000a000000", @ANYRES32=r8, @ANYBLOB="140001000040000000000000000000000000000014000200fe8000000000000000000000000000aa140006"], 0x54}, 0x1, 0x0, 0x0, 0x800}, 0x80)
sendmmsg(r7, &(0x7f0000000000), 0x4000000000001f2, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
ioctl$USBDEVFS_REAPURBNDELAY(r1, 0x4004550d, &(0x7f0000000500))

3m31.415137817s ago: executing program 5 (id=3484):
r0 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r0, 0x107, 0xf, &(0x7f0000000000), 0x4)
sendmsg$kcm(r0, &(0x7f0000000080)={&(0x7f0000000100)=@caif=@rfm={0x25, 0x5, "cdfaaf7254f4ef6249f068fcdd7e1cbd"}, 0x80, &(0x7f00000002c0)=[{&(0x7f0000000300)="27050200340f14000600002fb96dbcf706e10500000086ddffff1144ee162fd4b8bf4a31accbe1ba0777cfbf6ae77256da82f6184b8a34f9015cc99e57000010", 0xfdef}], 0x1}, 0x800)

3m30.017531495s ago: executing program 42 (id=3484):
r0 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r0, 0x107, 0xf, &(0x7f0000000000), 0x4)
sendmsg$kcm(r0, &(0x7f0000000080)={&(0x7f0000000100)=@caif=@rfm={0x25, 0x5, "cdfaaf7254f4ef6249f068fcdd7e1cbd"}, 0x80, &(0x7f00000002c0)=[{&(0x7f0000000300)="27050200340f14000600002fb96dbcf706e10500000086ddffff1144ee162fd4b8bf4a31accbe1ba0777cfbf6ae77256da82f6184b8a34f9015cc99e57000010", 0xfdef}], 0x1}, 0x800)

3m12.895581256s ago: executing program 0 (id=3540):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8000000000000000}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0900000004000000e27f00000200000012"], 0x50)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet(0x2, 0x2, 0x0)
shutdown(r3, 0x0)
recvmmsg(r3, &(0x7f00000066c0), 0xa0d, 0x0, 0x0)
pipe2(&(0x7f0000000080)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x84000)
ioctl$int_in(r4, 0x5452, &(0x7f0000000100)=0x3ff)

3m10.120842176s ago: executing program 0 (id=3541):
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080", @ANYBLOB], 0x50)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0x14, &(0x7f0000000640)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2002}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)

3m10.012533331s ago: executing program 0 (id=3542):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_IOAS_IOVA_RANGES(r0, 0x3b84, &(0x7f0000000100)={0x20, r1, 0x2, 0x0, &(0x7f0000000140)=[{}, {}]})
ioctl$IOMMU_IOAS_ALLOW_IOVAS(r0, 0x3b82, &(0x7f0000000180)={0x20, r1, 0x2, 0x0, &(0x7f00000001c0)=[{0x0, 0x1}, {0x3, 0x5}]})
ioctl$IOMMU_IOAS_MAP(r0, 0x3b85, &(0x7f0000000200)={0x28, 0x7, r1, 0x0, &(0x7f0000000240)='LLLLLLLLLLLLLLLLLLLLLLLLLLLL', 0x1c, 0x1c})
ioctl$IOMMU_IOAS_UNMAP$ALL(r0, 0x3b86, &(0x7f0000000280)={0x18, r1})
ioctl$IOMMU_IOAS_MAP(r0, 0x3b85, &(0x7f00000002c0)={0x28, 0x7, r1, 0x0, &(0x7f0000000300)='LLLLLLLLLLLLLLLLLLLLLLLLLLLL', 0x1c, 0x2})
ioctl$IOMMU_IOAS_UNMAP(r0, 0x3b86, &(0x7f0000000340)={0x18, r1, 0x2, 0x1c})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000380)={0x28, 0x7, r1, 0x0, &(0x7f0000ffc000/0x1000)=nil, 0x1000})
ioctl$IOMMU_IOAS_UNMAP$ALL(r0, 0x3b86, &(0x7f00000003c0)={0x18, r1})
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000400)={0xc, 0x0, <r2=>0x0})
ioctl$IOMMU_IOAS_MAP(r0, 0x3b85, &(0x7f0000000440)={0x28, 0x2, r1, 0x0, &(0x7f0000000480)="4c4c4c4c4c62004c4c4c4c4c4c4c4c4c4c4c4c4cd013d45a4c4c4c4c", 0x1c, 0x2})
ioctl$IOMMU_IOAS_COPY(r0, 0x3b83, &(0x7f00000004c0)={0x28, 0x7, 0x0, r1, 0x1c, 0x7, 0x2})
ioctl$IOMMU_IOAS_UNMAP(r0, 0x3b86, &(0x7f0000000500)={0x18, r2, 0x3, 0x1c})
ioctl$IOMMU_DESTROY$ioas(r0, 0x3b80, &(0x7f0000000540)={0x8, r2})
ioctl$IOMMU_IOAS_UNMAP$ALL(r0, 0x3b86, &(0x7f0000000580)={0x18, r1})
ioctl$IOMMU_OPTION$IOMMU_OPTION_RLIMIT_MODE(r0, 0x3b87, &(0x7f00000005c0)={0x18, 0x0, 0x1})
ioctl$IOMMU_IOAS_ALLOW_IOVAS(r0, 0x3b82, &(0x7f0000000640)={0x20, r1, 0x0, 0x0, &(0x7f0000000680)})
ioctl$IOMMU_TEST_OP_ACCESS_RW(r0, 0x3ba0, &(0x7f0000000ac0)={0x48, 0x8, 0xffffffffffffffff, 0x0, 0x8000, 0xfffffffffffffe7c, &(0x7f0000000e00)="4c4c4c4c4c4c4c4c4c4c4c4c5c4c4c4c4c4c4c4c4c4c4c4c4c4c4c4c4d701eb65a24497dfd9ee482f1303b1127c5611eeeaab34025b002bc0b09f508823d545f5201ea8301d3f5d0b4926b11ae746c63b18b68f47a31c3adf4ebfb68644de7f279146022001b70df64edbfeb3d443b913eae1c3b60856e31c2f640170a36d1c4d27d58414e61e48fcc4382af004b50827d63916e061f4cbe80e5379f8df33243abc18c28d4db9451fec0e4fa411eedbffce1eed4d104bf8913c6652eb3b00890b5387d5df769bb35118ca44d1c10ed3f7c6d4a4d3e4b7eed04a74824d8a49b2ce6ca94790000000000000000", 0x4})

3m9.806552635s ago: executing program 0 (id=3543):
syz_emit_vhci(&(0x7f0000000280)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi_and_pscan_mode={{0x22, 0x2e}, {0x3, [{@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x30, 0xa, 0x0, '\x00', 0x5}, {@none, 0x3a, 0xf7, 0xfe, "0500", 0xd31, 0x8}, {@none, 0x5, 0x3, 0x4, "5b9a26", 0xc, 0x5}]}}}, 0x31)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/softlockup_count', 0x400400, 0x140)
r1 = socket(0xa, 0x3, 0x3a)
getsockopt$inet6_mreq(r1, 0x29, 0x7, 0x0, &(0x7f0000000180))
bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(serpent)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
r2 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f00000006c0)=<r3=>0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000840)={{0x1, 0x1, 0x18, <r4=>r0, {<r5=>0xee01, <r6=>0xffffffffffffffff}}, './file0\x00'})
r7 = openat$zero(0xffffffffffffff9c, &(0x7f00000022c0), 0xc4000, 0x0)
sendmmsg$unix(r2, &(0x7f0000003d00)=[{{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000080)="43635f20d7e4fe47c50e40dbe6941a9442f6c16855c26eed580e33feb1c144b2d9eff4f2945c22b0e67d63ce4cfb63d95effc737e29340ff18ba5029374cd6805655ecd798eb92c31f49767e765f4531789b61881268c06c6ad7a423c37a3fecae40936be2bd2ff3882bba20894b303dcbb112043a178aade99f16771dd6de0a02698c65a946877b20a0a175ff1947d685873de2", 0x94}, {&(0x7f00000002c0)="c807d13d48cafe0f87a0f49dbd375ed4bf894d8d2f0eddbce86512b816a890b3b9699327929e2f16af6467a4190dcf9a65819a996a47dc21332e8734408119d8f194553f3df4934133ee8a602ee0", 0x4e}, {&(0x7f0000000340)="7cd775707dd5abbdf289812fe8ada897f6cba4edf373a9f658da678f8e1f8ebffb11540e0f5e9d9e3ddc6666c4562694e189e2e6fe1391690e99a267952e017ceb0c71eccb0243c6420d4493fb3b6f6aa2799f03d0fb997482310d30a4664b324fe3d27fc9186c3cee3f02b3f9d4e810f34e3fa49b11d73ab474", 0x7a}, {&(0x7f00000003c0)="1c4ec5e131f372f531efe57b329eb9c0084a9185d46bf2b020b9b5f2ff6d6dd9c315d9110534b657665a9c07d29a056aa27b4c14b67e377e7b8cf92acebc4f8a6d92324aeddd8d9f1436a2dcb61af42b0cad08d5def0051073dc4c43e20953f4cb4f6394731f45b54da6f5c70afe60d1fa3895495bb1c0", 0x77}], 0x4, &(0x7f0000000540)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, r2, r2, 0xffffffffffffffff, r0, r2]}}], 0x40, 0x41}}, {{&(0x7f0000000580)=@abs={0x0, 0x0, 0x4e20}, 0x6e, &(0x7f0000000680)=[{&(0x7f0000000600)="8b5c4869ccac9298dfa5a10213c4d2064fd1ea0f15b3ebf643aee1ab08bf561eb899a32e42b88d8e0808b2b7adb0a04d5fda98f81bae1e342a2638b6a6193075dd1fb8e50aa7d4142fa5343ae4c9d46f243216e3b8300ee8a2b8ed13f918b4b937500119c32d93622f6c022d", 0x6c}], 0x1, &(0x7f0000000880)=[@cred={{0x1c, 0x1, 0x2, {r3}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, r6}}}], 0x40, 0x5}}, {{&(0x7f00000008c0)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000001c00)=[{&(0x7f0000000940)="3468c872baeb800fdb9b5bc3e4a46bbae998a522060d2625d2e3843c822cd10f360762e1f13b67e09e215995f3cc600e5f1fcac319780855b2a1d9", 0x3b}, {&(0x7f0000000980)="dd03003d974fca4672fdc405626ffd8a6faa1d327e", 0x15}, {&(0x7f00000009c0)="f8f72c2a4b6f272492cb3579f44a23c89607efee9bd53e9d3ca56a8bd7941eb71a269e4a7d65278f6f86c8bc3f902ffe3b975da64f615dd1360222d78c86b2a30ffe4f012a7f37aaef65af4751615bbdac612a427d1996df88ccf5ed93c2bf56e7adc65f528f0b06b79f16e8b94cca335da43282b0eb27ec6e7e476a32ff87cca8753075c5717d4215ded709b0ab951769b31f4ccba23c7f415795c27eda9fba72055edd587f1733a30d00996e679efa7d032016dad1a5b99915a207ee5552f5098deeebd73ebe0f4e13f5fa170060f95c886b8deb3d8344cdf5ebfd0cb5ea6a1cc9218310abb1182a08e1f96243e841fe000054e10443ed95", 0xf9}, {&(0x7f0000000ac0)="0f3e888c4ca3f52f0759041ef9d367bceddc5cf0ca37ea7bbf63d9995c6d35aa1ff2170b0e939c1e6fb473d2c793a75b37eeb0ec2142836bbb25e5278db02f44e6ff8c52c67bdf2328e0c83ca1968be58cffb50c6db98b2c0d3554c9c1073df164aa891cd9718e1d74d5701acca3d9a05ca704b363f17e5f94424158c65cd0caa5788563b02b0a8dc82369d4f37c3b8e7689ffb0dab829eedc345d63599e4500bb744b2dcbba1918e8807f06b4f517f1c7911288555441ca89d7b3311b452259dfebb6648ed93dc7e0ccbe16dd5d38b2cb5d2ab3652861b4d70cb80a8b2eeaad65e199d3ec03a180e326fe8e21ffdd172cc362f7247a953b3811ea0dfc840a7647b5d1e7ef51eddd1a37effd29c92b046cc92a089c273f50f3ecfe70d8e26b0ddef3ea82169d1b6eb8418faba99275978b112d7eebacb4f5b46381d3e126b2721f5067b942d3e35c85223ac32a8eeec694b045ff4f8a804193256a38e6bfc90999ddf8ae039ae3d69c3459e695f780323c88722024c96029f2b272acc0372eb0357a5e1eda013bfbc5bcd2b0df8e190f5bd577c0fa0dd159ef25f49fd61553c714282c0faf29b9536e13df4dc909e697621632f78ff5fc96327f5f08d2a9e2abb386e7fa351cb3935994de6ad1322edca6aa1f1409c15bedb207b92c9525c86bb2522ad228969d2626554fcde862379a58fbf803860b4f6c2320a640e5b6c25cf2cb7ed4fd8257eeba50458e1afc1d79dde5af4eea1068c8aec0f08912ccd11a5abfbf34958b13178eb1fc4c84cddd830e3fed460a812a06ac3b865da19490814c767b49470c2fc5a0657babdcc32014b5079265ba4327c460c910d0866688fd051c3d91a245ba889b9743640b4e7cb6e6f5cec3e5ed15a33a76cdb654cba19f24539380b3c0e7cfde668539406792669fe66780605e6cf620abe360610ed3ff0ee8273d3cda31fa3ab761963661fae0c7ca349ac83a56c688c2dda15406fa4b41ec330c691d12716ca3992babac4a3f52b83a4bebb47b47d69beda4c7a1fdd4552b0dcf3f134f23111bdcaca9d1b33ef5b203048b5185795b84b9a86c2d63f30fa328c3bea02438eca3265a35fda889ed0553d3283e4de0c56e8260d43d56fd64944a3e2828d749946cd6cee74b7e9c788572245cf63fea2447bb877b6e7b4364a712da4aac020e2dabcaa75c7eacbc45af6d9fc3dc4768d68b73772fe63967ca87ef82b6a72042fc50c63999b26bf5c73025d9b9e296ad7599081c47775c5baad077e561005ccee5c9217749c9622db051d17e2d68b69b325f3a6660f2d9b1b6069faa5344bbf2195b6e0def50d567b054e776c8bd1cc41fa5f04855ff6b94bec0783835ac11f2fbe2a97298d43836d4b40d58d5c9470524de505963d95d7fbab1d6154d26af4104a94bcd33e1b159a9ccec08dc106d3e4906bbb2c2fd98c86622c1b32e45a5f38d3bd182b252c4c509419bb7b9bb3657b74cabf90318a85b0fd5ff89efdbd2a775a4d953930219fca783a8530083158a514d996cf3afb631eea2579bbbfa1d663f7315a3e9b309d33e5dab98e59a18262ed3ebaf5e1edb9f88c3846b221bcb02b81b1a8d744d5f174d79d6d9921f70ce02eddad9066accc6b48664bb64ccfa245e71e68ce924fb6a9a971782668b07090a6b27c20bd94aafa32c9b188b5c2d5700ae0b162980078eb8486c59ed7b091cbb292bf574774edb84ede58abb8246b75c6309fb97d1b651898d835e254a4f4b68c998fd3d3a745d896735c019bc98256ca91890c0f540fc6522313773b91dd0ece70aacdb06e1c041d00929e20d0ba8f6ab9cf214bddd60929bbc89ed840b2db56adc2688ad9e05b23d4d04d5cc2ca2fa517856a54e58fb144921eb3d6b23a8426348a1f591d76f28b552e7674fa727a52df9423da6edace3f2a7e3ed407479eaf81c81d04da61977672169380ad205c9552d21ac06a8c9a4dc97aca970fc90703a7ceecbca4bc3ab97b8fe026a68043bd9bbc1248406444b27abc1b2a4b61e6c19f961fb65685f12ac71612e699a34b4d4128341b8968f5f11cc5ff5d3c404e374253afd62e7d115a8cb23010ebd066c8263c5a7e06c150baac79f6c522fbb51647f5173f32d60220172e45f821934158a40e1c6a06725af5be66229cf57ca85a60f78829aa7f60305cc857c2fac362c5af5f9fdb16e91142847d2e6ffd22a4de6f4f2f280519c200bd3f136ff77070f5edc75fac1e472babf9622cd1cd250814aaadb3002cd13adea5e6e11edac27528e307c82a7ea803b15be2ff8d48df12d61e0bc3fd66e54cea4a5d528923301b5bc7acfd49513b05a131fda256f618a52754f313a5562b79ea46586887b1772354a8e10f1e5c6f24754eab88118f4b951d545ae70dbb5f5e7a3c266bbd00bf69281bde3140538a6bdbd4557fc4790c907a08370a21d581f53e37cef7bc0d67d20fd0299885c7a354beb825e4271ddbff3475b692f74a6219c70652c6b67768e2d37f069756f5ec7f73983d970678b239f3d4d4cbb11500a514a7472bf5626587890bc39f88a28603f6f5eba00854b675f584f69714b8cf27ffab303542cb62e8e57e28bc4a8d1da29a469f83c854be0d0a75c1aaf6e1f6edaef80afdf66423efa9ada6bd170ff3235de22d2282fbe980f5c3b0b8363672b50453ea13d037c849cca53f4791d3600ef8b2e935a34bfe96c91e2037c729bc5eea817f4a751125bdbcbccf57f92507601bf8fa2f2ac245ad57eeb83a1c854eea8993b5107293f9ae64b1882545e8798e78e86afa62f49f6eeaf038d30bb1eb00ede277e61cf4d5a1e35c230774ae6fcfbea90265f775147b79deccd64d32026cc03e984c8ab751898ae087fed36b9f248483118d12285e3a72699ebcedecf7074699bb1420b9c40f7b2c18f0552a1af1c1eaa6945845b0acc9ecbba9ce05c3e080a9260c8bd8bb8e9c31df749de60989c4699205583e808920ea8557ff108f4dc9b89c87b55b9616a118923ba1694cec9c052a97f3630c7e40a125d057867033801649e01d466eaf3045538bdf1f57b54971724a00f2ec96a90bd4675cab9560cc27c6492d13bcf484907ddc560e5558584cbe41179a294a586a6fcf84ca6fd60602ea1909ed476e805fa6e2a8c48900366c93426951a6dfcc6075858c3b2553d8c63af41da31ffb2697ed722436b78c32db94ceec3599fcf6d66fc85d90285a0607119a277e9869145adddb22ac6687ab7bc6b9cbd64c7eede5d795ba32ba0950baeece8dc1918656509aef007858c2db9c197f9d2d4a3e17b2363ac5d71f492980d252a1b017b07ce3853161615a72a8a68d5d2a57d7fff442c4c6bf0fffd0802720587cc11154083781ec5ddb8002d5f74f9300779599eb85e44340b21e5183d321100a68fa958a1430be72ed8a67396bb64244d3cc642436ec68349e47475079a6b51563ebd214c1c81ee46a5e3fa75bbb9eaddb10c76a463b74be4cebf450534aa4a53b89d2e80f1786cf77fdbdc833256d04e37e3d323117ed192b899d641070638a219b63750bb80758fc4a1e06c1fbde301c39d91956dfb4abd085921db22619e011e356a9b62e58fd54f03442f0363c5c7d1bf047cc94fa607196e02b609c494db584b120661b2d7e23c132f1cba551c32d207c768f239690eb8936a55382367462cf2d9a3ab9aae925a6cdf23bf6c9d7c62b918f39c9c27373ce2ab140e318047be162d08c41a8224e24845391a43270cafb93bd96f47fc944d2d69c911b705cc47700c5f476396d6ba3d04c3a778955bb05c48235bdfec436ce0b106f78422af0525895f3ab8a5e4e281ba0f27efef395fd1ccc9a29b72f63b817e843e360fa43f1c1e00c71ecddfb2988097aeb4e17b1a9da741ddf6f0d4fbb7dd4021342a36382ae8285bce70c70d0c30ed66a716666c8347f496304b2fe5d0635dd0b28f1fd00be69872325c2f138dddecbf33db4195c4bb11975a3235d3b06373d193029a3eb9c4ffeaf4dcee971cd4cbea2f59ae4954121a5eba7589387aa092cbfc2f4d318571463f157cd5877cc124a126e6c0e6fc603fa03073b118facd503c62e38603f4ffc6d14ec7ed9fb699677faaeee50facf48b8120beaec57853f326031f4125141e45885f4f81207be62b610a8ad97029eb2fc3f3c108cb4dd611e8d19496d7b82a807772f502eb976b1adbc9299f2e056ab5aca6a8a4e1ea832d14aebb014e9f5444e767782bf669e1f37e6e3d88fdddd47c44fc29efc5cbd5b2a8ae5a7025733eea4cc424c97b6e4e99a5458166fd7b6e56efde18543b8314cb59b7fe55248dd064768477f112e0461e17bb90402c47b04a4fbe172bef589212960a8693dec345ac8a0452b111af3396c9a1e1397d11ddd57dbc8694876d5edbd222d2736581a4ce9bd4493a2b19e6c050affef3eac21ade428ad3852ea957e385402705f65097c3242f06c2b45d2ad1b30129b5450870c8167755e05ba16ca22c1486473122b3553d5802fac1f4950e494236f248ed7c117ff16e08148bd01f4ec850b7cc49cc97ca72861b74aa70967e854ef64ff0abc71d9eaa32e496ab794b5c11e7b55c0d2fd02fca8bed26249e703cbb6bbb8a79c38ce3fbc6586032f3aa833b85f90a3d1be0dbd3e42cca8e7c2b3d0a0bcc6d969ac9390891aa2c74451dc7f5878c86dba80e94c2fad6f6933cba49f15d26f0577200e97bb27391648454265fcf5c4a4777681d9ecac36fef41c67886a130850422a37bd94d69eef055cbf4d81a64653938a4ed8494a0b85bc583e9893ff7ad753bfee7032f0a8e77b772dfcecefed05b8d119ebae6130c9517176081bdcab1622f1e5665d97318d0fb64b59c676e0a075bbdf365edfd306d57d286c3d09b433c110fb3e23b756187600b798f6877ba34bc27fbc6f684d6af7245358936b32d886cc73e239f1642faadf8620c51ea4fb77c15e48b49e87efe2b243a412093a9e78e4f8edd8f03401a4ba2907de17fdad00123db641b413f8c93fd345dabaee53a000fa1e39e3203db774ebfd4e1c3f7ee0e0cbf3bf3281547500f4667248cf73c874eb739a4e55a23a7eb764b40fd7a353eda7815721c5484e3f392af5dac30c78c74920c6495982297f020e8ac156f6f51e7c84454bcb887969a4c5bd595d2bc2917bd42c018b583b57d813eadccc712ecbf76d8161051ac8e720220fa16af1aab4c28c9a93fa61e2c229ef45f800f5eed3470087689a6ae999d46ef19784cdf85184487ed5a5c0c3f7aa4f929514012d8e658ed0d555b22d710096c792a92987646fa81f59fdbb935b26d3a7f874bf0ac9cce00d7fc4113aeae211752595b18cef36bc5e7eb55202a3fab81734346ff25e752899f84984e638ed882c6cefcec4ff391e379a7115fda5c4eeb29f47b7c047296bd5848a3995afc9db624d16ebf0cacb6f12089d38f92ac202e1d8199260cb6194227ca0af894e4a6e106cb763ec122d63e6ed24e482e662e17a867e94ca7674777392e24154dd5fa2cb519ab09398aef59ef8030fda55d90d4e85c717bcabedab718b6abf13efe6edf649e243a12d53b294ba775d501b5d1d17c455e2783c8eaf38c182ee7e5a5a84024e5853101680ebe716479fb7a8e7660547fb28584739dd928a6b6218f2803e3f1d7c77b11bfea87f89ccc1394b7ded86b4a8620aa1400e1940135f3d195332a0430ea7b0e0301a774f0cc3c78644a89865c61b7d5c15958c21758acf3b0037b1db780580ed8ca8dfe010bf959dd1d40fa8002b9134bba88684f5683a50fe5859f577ce843429535d39a43", 0x1000}, {&(0x7f0000001ac0)="09eea07388ebd4f03800da9e88ffb3cdee40c2c66828759a94a94667e4559b24618761e09b77619d86f27fad5fe24663c3d9c58da1ea5b494ae6a93c0a9b640ca9dbefad08b916f9c5e28204c8800cecc5b460df98f8c981f87e9d72da53dcb549afdcded362158beaad45a02b58c993642e7ead0cea9b16d54f88253ac6d7068e54559355d718c9ad627a29ec0f96c6e94bf6263bdc9c41b55df1dd296b9f1166b1b0b9e9b33b8797009749495b8596d7d9ee1a65316cd3deaa203a20", 0xbd}, {&(0x7f0000001b80)="8a93ab148fd7af7f0b78301a9f66dabe536402d33ce6d01a4847b31e23982797aa2ccd5dc9583f67c6d7e25a23e2096349976b8d1978ff0eccaf2844098c35124a640dea47298411436d3114aef2ffb3d55b48fc8b56df40b61fec30bfb33e5f4f618409c68e0fc723342ddeb648e3", 0x6f}], 0x6, &(0x7f0000001e40)=[@rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, r4, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, r6}}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [r4, r1, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [r1, 0xffffffffffffffff, r2, 0xffffffffffffffff, 0xffffffffffffffff, r0, r0]}}, @rights={{0x20, 0x1, 0x1, [r1, 0xffffffffffffffff, r0, 0xffffffffffffffff]}}], 0xe8, 0x14}}, {{&(0x7f0000001f40)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000002040)=[{&(0x7f0000002100)="a5a5bb9c75e395e3f8caac5ac41f4a0ba63c44ac5fca7f074c223e2ab0fed081a3a0bed2eb2b587ac7afe3ab35542e4315d7a177f54b827c223b1a1af0c2fd58699816afdec51b3fe47d4b26f61006cdbb197403c343590a5a2a61fa743dd421653fb4e832a57203344aaa358b8c946e91b03b1d26ac7233ec59c15c545d1b4e52ab2adf801adea6b4263898dfa338e75297b89893acae41cb5fe76b76d507a2998113a818705f4a6193ee2d5e76bc83757796ffceb065d6a4da3e57bf16c1062e410714c403216e0060b34b5f98b2843feef11c81c52df7e8369b77c232", 0xde}, {&(0x7f0000001fc0)="950c39899b5979d752e6e637393e604cc0a1bcd43113e3bb95947e8e6317ac659ebcfdf7337052f9d4508bf43ba72a815c2bf0a91f35d5c303c69149c3bc74b800886cf645e72b885c5517e6189fb2972abcadbc978928b67e4252037db5d94fbfbede7f5ea5e7580966052f52315d5b4447533c56", 0x75}], 0x2, &(0x7f00000024c0)=[@cred={{0x1c, 0x1, 0x2, {r3}}}, @cred={{0x1c, 0x1, 0x2, {r3}}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r7]}}, @cred={{0x1c, 0x1, 0x2, {r3, r5}}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, r0, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r4, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [r0, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, r0]}}], 0x130, 0x2}}, {{&(0x7f0000002600)=@abs={0x0, 0x0, 0x4e24}, 0x6e, &(0x7f00000028c0)=[{&(0x7f0000002680)="9af9d81cf33591b2342e068bdc6ba7fc2ea1587437f3a92efed030949a14bafc4f663e6083a36811344c83ac9fa6", 0x2e}, {&(0x7f00000026c0)="1cdd15518b243de5d60499d22df792d9a7bae36c042a72809f6b5f0435a345251152a93338731baaae9aaccda600685f64002b7c53337e41e9cd835efeeb4e2da9753d34b6b26aaa8c47f6feb1f99bccc8256be4829a9c819d457a0b61fc97ea0b5897c8163f6017bc7047a4b23081f0709c193266d72255a9bdb7a9a2d6c572e55b535f86bdf9553640d1eeeb4624a88023f6b893f53de862af208dfa29bc45164ce1715abfd9bdcf63d3a0d07ea71db00155895e807a56ea6f7b01a4b1355f55e332e303c3e8aa5b0beca089f01ad76d159aebb782f2a6", 0xd8}, {&(0x7f00000027c0)="1a33915f5cf7905c767b7bb368ad5f5736d26e3c979e13ff2c565a6eba46b333fcda8d1da5549d209390ecdda505e08c51dbd1d99fdbd8c688bf76cb160c2d888407f2a1df015e484a9ddb2e88625ca2313d617e0d50848adea936bbdf4903c83c4198118fd9cf04e1f75dc25530f1eb733d58c5d93f7d4b8822ddca90c500cf0738813a5080e2f838fbbdf2b5a44b480d35b75ed2a8d3380064cff998b51d705924c4db7c36f4895c998ba4fd40a429774f69e1ba936e01c5448dcb04be7742c5f01ee43944a6d4d252", 0xca}], 0x3, 0x0, 0x0, 0x10}}, {{0x0, 0x0, &(0x7f0000003a00)=[{&(0x7f0000002900)="66810dd7de8d4cfe5f838775de94c79ea89f84b16270c0f17d927c2c9977d53df4920c0ddfd2f97ab1ee71f29fe90edaed6c4a7d46cd8edd17e186dc8e34d5b5bf935443b0c73aa755d4d8b0a86baad0b81fc3eb563f7f173191ddf1586635910d4028ebf6f3f6aaa6a8d9d2902d286ef8c6a893012fed29b77bc1358d9ab71e527edc500f5d8fed390dd83a901f65c4bb7d87d8348b0fdd9ddcf63ee878ce3952a84a08910ed9dc91928dd230e2b755ced6ac60c3a1955fd3fcffca5be20b634ffd636d3d9121034f7eb07bdc6f25510671738079a83362ea165a8c24407d6271dc8f18cc8ecbc30328639d978b30d0a3b877af38574cb575f4bf8ceaac5fb08b576cef24608c648dff34cc386d9e12d77cc16eef9bfe93a212b408664e31e0d10e77a6070c2d779a2068419f7ed3289c7a5005621512ca699d34959a1f0d059381618865a87cae6a110a4322a580b72619522d017f2a0d48255380ce596cff5a169f3e4141aefb18d6421251ae4a67741104119551ffe24a3099f3aafe43c259af499b3952eab844eb0c2192842a1394cefa8fb8bcbce6240b7b14d22e3365f011d7f5927a3e43da786913e43d16eecde39428ae97ef652d6c6366710cba7ede8e4d7876cfce1de3daefa0a95d4154aeedd892f6a0eec3348de02f882df3af2fafa72f60c2abfc9e2caf6c1bfd0f82436839526dfd7fb63740802877d7087c59c595423ffd581cbcad76fadc6b8f57e987155fa5c8acd571c3b6929fe040d7133c4bba06a4b86eedc6d68f859d43ba3d6a9a1ba447b057efe9894afc32edd4ede1081b0a218d558f59bb18cfdec5e2d7e62324ce4f2b1ae7a05e6c899db5e63834f031bb4e7e8991cf9b321495f8159fdec801ae01322c8d9402db8a27ec3ffa801ee3e38fccb0d0bb2238ddb9d9302fa42c8f68c8300199cac79b556839e9a7e912aa56f26411bbfdbc24807cffeb84b4fd2e34129270d4b769c27a19ce232ef5ce8a1ba541950e073ff4949a7ab34586214ea764f98698a5107c3a607c93d28a3ee8ef858d27d10dc8704feef1ae2cb787dcba70a049d8946a97e5e936622a8e71cb6146d91149c413b10a2e2dd653052558e3d45c2b18bb77d1dce8cedf544cf453f0c7cbfc53223f9301c432474887bcc5623a06a2854853facf02ffb596cd8266a96f0ab37f528721d52c03908c6590407356d602494fe5a6c42f8f513a44d648855bb3b91a1b6c96da27b08d63f9a2e0ccbae1219c45d701804576c9241685cf0ddc79cc4cf5d6a15a5e4f89b94a8681f9f659354d0451bc57eabf6cb1902c9138e4769a12a30ee941d51f6003fa17132a8100ac370f7d8a7eed7c590223f23e70e30daa4617cabb71c5814335330764dc1a888cc5a8fae9f2d75dd4628e215ba1911c3d72a5c6a20165731161cc1af7a5ab6cb2324d229b9e8253e1c004ad1a57f9b37bc142a84fd4fbd80446beb6206251ac077eac2b85bdc5ad0b65a07e9c28b2f14006085c202f1d3c7dcd2ddfebf3de8bff8a3352c8c0f47362f6f0b61c880e36a5cf34b56ef8df85421ed020ef63292642f4007bfef8dda85c5622a7cf3ecc7393b0bf49c211548678d84fa37c103230257cd1ad0b771bffc3c9afb3a9858428cfe872d45d9ec400b433be322916be3368b5d640d3d448323d6ac26690a2864ce98f091d219b1dcd9653d5b5fbe163ff5d3b71109786f6bc5795f42bd361a80b927cd241922076021c37ca25a03fa20f9a3f49f354e25d047bc45416ebf3a8cb5947e7e0d7a3cc078c788f1e8a23d193b50839411b0a3b4f1bfa747771ea0abd28b0ef71a2189d6dd896bd33e22ce96988322b052368a31f07fa1449d2c5a4e6ba0ebda1bf1f3879f29287ef250021388ae516859681abb00e070b16ce7181065c0c52a4a1b6b2a3a0197ecc708c29570f3a3acc9a582f41afd18f9c82363d3b6f0708b1862d26b4fb627c7a8aa49af78b4f279125aae033dbc5cda29444dc2e8447bc65afd0a962484b867516e48b27ae183b6da4609d799782b624dc992172b2bb3cf716ffd7d8bfa2fb02d9e77988963875b0e2502a6f07db2a1d3a57941d1979a808ebbf3684205138d4f88d43caa7d754d4c2d8973f2632bc99337cb96e5b9016ea4eb232e6bec54ad50fe24cdd185d99a438c26239b91da521566e9a6ca659172382f1299b52151288a1f2eab7f5372e7af09094f770fc88fca3c53a94b0a0fde676e9e9e6543a017925ec4d30ac6208a793977d0cdc81b4e290b71c5faa30abb886fcf4bd12db2202bb7add3339a92fee42230a9364a4c798236a40a41952e389a0953133886e87b0ffd3e244b91c328d6f4bda31199ce018a23c96dbfd94ab48c143e65d0009a4b89573cfdcb9b7998425a3430b583801a3fd241b31f6e2cda96583e5e09867a2a68805c06467b3373bf0f4a8332fe14acb41a55a0c39568237c136d7a247567ea62d6d87ba9aea26b37f06befa4ecf05e1597db613b21aacb17386d84b73e464e6b0f1b0222432d1e9be96e56f50802bdb77962e366c227bba40568ff88c8ed2a103ba6ef8a7186aaeaa79ae81314641e5ea4afd7c33c878c09b6692b12f3a21293c45d4d4d3f99351c9d3ed65aaa851ec6ccdb8a6789443e04a609f0a856b9f3e06614ad268e471c7c3c14b10b7875393ecc53805e4281bd106e091e22922d8a9c50dd3c9d7445706f144b4382d9db75976a4ba9c5376bdf2aca8c5ccc4a08b0519c47520c0141942c96df4f5650c1f732917792ce90c5c3b3ad847e325d7047230267c2a6b30ae680295c594b2280425dcc641306b6f64bd6817a8a495ab5bd46fdc9de65c61e7a8e2a269b26715f913ea0a9c0b02564fd68429680645d4451bc6e5a4642ced88511111006fcd2909407fd26462dd6129e7e9966ea4124b8305c3f11fc46fe1d25d0b6bc596d4b6ab0df898d788724f20556ee1fdced2691b3a722e14a554879c3a9932a6b8e3ebd454a5f5b43065eae4e104fbb9ac2af57e60ceb9abd00411397ca3ac9958272a8df5ada1cef12b7f08f3b8ed5d9e26c90ff585d77c2d3d12a30c619bd801deb21e7b6f00a18369d42bcdf0db2a09732f16dd46c3d466ff5c1e518a2ab4a14e78831bbc362320516ccda03ebe2a07d1880fdaed074ab2d618fa9f5e446cac88ec7028dc71cb957c4eb94ffd33c84d0339d804f8be0bfa4c9efcd4094348c24076c4fe1106b79b7b08a9a9ebc9ff6abb0cce8f86bae655c39bda757ac734c13f46784240e1169b47fa97edd4f7f198d770d092463f36cb15149c1adc92c99e855c17c4aa1efd581af1199393e20e0ded525dd97a805271739903a05b2cdb4b9ed74b74b72941c6c001390fc1727d199d48d285465617d86236d4a277e96a0a2c56d0f6f6fdef18f37fcc79d232a525e6facc90b01c9a7509952db26c676e8fe568aff93f8354b0f5b5d33e72f44c073cffdb5bc143d5757dfd25f4a1dd40d5b2c41b82abfe6a4cfa433c68b12935390dedb78a7d07088c05c23390628acfe28e251bfca0260d2fdbf2e90080f02796cf60953635b03aa2dad455ab93b26cf6eabb934ea8b35b5e710a90a97cce100d63cb7bddc3862677af954a7316dfbf6576db7ff8a600e6cf611fd7144dc1ab5a9844b9a869bd0b81cbf6629a829a8ca4c1dc95ac588770a13b7ad2053185365f49e13086a048045ab9029afb36fd957622e66648e3168c54c7c36f87c9c3332120e3f311595c8d6eb448524b20c1e14b43a7885257aab8f53a8c1ebe38e68e7c56b05b94e716c15ffac5ddd7e598c979dc9107c52887a40dc529ea9c936a3541f800a222275429a93792f06c7018ad2ff31154815075743a6061df2aef5a8a6bcb3025ea3b57cf6f5e34bfdf154a815c649ae3652c4cf8340b0db5ec7ebf28f5ac9d1aa1d31d534a417efe4b9b58f20548eddc0536d733a37605a14587bebbdf250098d9127c1a5aba8f5c1ad4316f5e86e6e73813e7a778e37c35883241e691ed86b66dfff1b3bde75bbe3559b96e3346086c9519355288d085455fcd4be78fdd99e08e6a6382bc3f374edb497a4776d50de0428c57e3806263ab85c536685182f175ed02c96b4ff0a238e94ffe847268992633f270f7d5684b352742125ab9bc1339cf918d76ce09d7a7fa50028414d86d7506b2e56edc51135970baf3a6b7cc3a6a82457af917a6c8ca46c86fb6d41844745a4b691ae9ab71a2b1deee324b78c5969bd7674ed671340457145965b7c29c261ce82a6fc2ef2aae9212ba706756312b9381c7c101ca39bf2253ec4f0e5d5b96592428cd490014bd7140e75f2e0523489d480c4db1a19cf94223c8946da4418344d87cc9159ef6f80d43096b7c4b3d71653f1c73ac3a160d9713012374b6098256930d208fafd15b3e25804f3d93dc3fa24654d72d5c2531d9123a41d24a70e88942c5c2f4c7d0e1cba95987aa4251eaa4c9b3cf9215acd6c264849bdf2c01e91cede998cd6fc7b786abfa581db6214190f0fef1c2cbcae5b8c1ceb61b9652bf9257022fb149dbddd87f8661cef609f4154eb73f27deeb0f8f6e506ac99d32824d98d1cfc1da15509309fc90d6b80b55ceb6d9d7cf31febcc272c03a76f20017ee46905c88628ff23c3da2d6bc671d300d32a98a6a87cc02932bdc344df95ef6531b26d4872bb5d5538c892e470e007dbead4ed205dcf0812d89ed1752405aa49913bd46ad1280c7e99dad345f9ec92cbe9ba7eb28495ed60d58c565cf172ea39db138517eb9ef038b573cf6d011d0aa5574e757610dad1df7971786982b70e1757a79f84e32fe6ab898ce1a67d3e24afa065c207c8423ebb5fc19b70d912a89fe8b702bb30f4b3509034b158965e26fe80da1a67f282efc1040192d9f2623b75bc54387c248112ab304a95e94b577e12af6dabe6ee998b72653c6fd37dbd74b816d3237a18a8a70d4c5d6a1ecba131f84170421bf6313ff9f928e6ff870de3f483eadae401b6726ffd5cd7af6892cd0a97cbc5e66600989423fc2b7af29dc24e2f3a086db7de13cbd87d193008764e03bce143d7a4ff5fb9ec2425d468b835ac927c8377d767ea1601bbc388f17d7f57b016293b7e116d7db420364f6fcc4e514e90b6adb52f7f0e9c8c82dbc0042c22564733a1bb879115678a64a542ca82acf7e41315876ca1e5ddef6468cbb740d2a81c72b99eb2c418d812c3bbea856272377cf71be737c312fbe6796034b0290c91bfe1c65c91ce3480a27bfcb92e73902f62d305551846d22919057c17b65c6fdb09d71e4e779ea3dee457ba8059d0023f0b8ce863fca63607fdb714088c67b14343cc44d4e614dd55961b5ceeea32f0d6dafd291861a9aaa99eaab261ab26f304730707a0a0020e7ce8ce8104849be27abab6ea8423de208c9a190adb81ef2739932c865c68d70aa0df19a31330ab2790d9dd51790a089049a53191552e15210a2ff98697b3341142155322a902fc53b0b5eeaf646d453157e19bfcc132cd217be7375f2a7558a1cc5fc16261bf696dd4b38fb65d08dcc9edfa6ee5854a966d81d50460d48f8f8a84af54886e6600d21e7c8743d1ab215df3bb58cda88d414c2ca63f7ba1c498a89f42437ad32efa041016c7dd655cca83a8401f8d19c3c3dade94d8f3d036e7b043a182882315ddb4077a8eba3e35232830b08ad4e8b4f97067f103452a92a7f607a36e8036a12c5068560efd498836b50206eea1ab15d8c3dae132ffabf832bdac4c689d149d10d3474cef2b88b35b424912c209d882974b5016a1a5840f96336cfc6d86c84", 0x1000}, {&(0x7f0000002300)="a57d67ccec8eeb23d0d453ef37623681aede5444538ec97e2e5c392b8f19000000000000002a91be513fb3d0a13216e19c4cbc5760d841f86ac44b00d01792d835c8e9a8380ec5b8444ef3d3e31211ee58fc9e8bfb1864f188b34a5bcc2c8fe13ced7adcae73", 0x66}, {&(0x7f0000003980)="cebd8be95914658384605edcdc0f837b805553f18d58e29fab889f6de9fdce353e4ab10d32525221e038eff41404b53b88364f672320e1ce55247ac60cbbef1aa6060822cb59fb81a4e4f73f875d07a241d6cf24e0", 0x55}], 0x3, 0x0, 0x0, 0x20000000}}, {{&(0x7f0000003a40)=@abs={0x0, 0x0, 0x4e21}, 0x6e, &(0x7f0000003c80)=[{&(0x7f0000003ac0)="cc7578e03a7d01ea60826ade69807f2da6bd6b1b8805370fcebed1e5b3da327672a26a0cd4253b884c646dd0f05922a45ae21141076132ff19d49c6a1d22b53c0cbb97367dcdf87460fc7850bfe353c539d8063e30663b63c371c12ecb49b4f08900a2c9ad9505158783ed67120788e3d8e03468e281079aaba8f8", 0x7b}, {&(0x7f0000003b40)="81448e1f03898930a83d753f02c7a043ebe4d1c7", 0x14}, {&(0x7f0000003b80)="405c2ebf158d39be49f0cdfd7a6a98ae148f2318e76d6e72c72aa7070b71a26cbfb57185a7704327e5a03c2af74f6848fc2f86d15f3db0a159c41b0502c7cf27a9cee19e290c3627eefe01cb164f44088b44", 0x52}, {&(0x7f0000003c00)="257bdf5c88e5041b693c214f2ab9753d72ceabecf159644d62ffbe6c23a53cdd4d83781b8698b5517671b2d6ba3f9849d0f91c6deefa32e0d5949eba6212504666bd89962c64f97dab175b6075d28fcc75a2229a84a204d419fa447174f7069e348c3eb6a6208d2d2a82512e2b84b1", 0x6f}], 0x4, &(0x7f0000002400)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}], 0x58, 0x20004000}}], 0x7, 0x8010)

3m9.631680972s ago: executing program 0 (id=3544):
r0 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000280), 0x1, 0x0)
ftruncate(r0, 0x100000001)

3m9.552624723s ago: executing program 0 (id=3546):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000740)={&(0x7f0000000040)=ANY=[@ANYBLOB="9feb010018000000000000001800000018000000050000000100000001000013040000000200000088060000ff0f0000002e2e"], 0x0, 0x35, 0x0, 0x1}, 0x28)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000100)={0x1, &(0x7f0000000240)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
poll(&(0x7f0000000040)=[{0xffffffffffffffff, 0x80cd}], 0x1, 0x7)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$UHID_CREATE2(r5, &(0x7f0000000040)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x12, r5, 0x0)
ioctl$KVM_X86_SETUP_MCE(r5, 0x4008ae9c, &(0x7f0000000000)={0x14, 0x9, 0x4})
sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f0000000000)='ns\x00')
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000004c80)={0x1020, 0x32, 0x8, 0x0, 0x0, {0xa}, [@generic="3d2a70bf7985a5736d4a7b491e0130ee1be65411dd3265814355e29ce3226c0dd88f32dbb67086b27e8af6d5340d0a1a7e4e82f55dad14fdb88efc4038df6915c9165c7c564a29208cedd5fc0b138728f125812b946fd1ae9537b7a86a12ca0f9207ca8058d4377a8ab455ca72d9f40e1decff7059e554caa63c2e63206931311c0d12a369e649c1afaee1be77e3efa96109a366884f569ee4cdc1a46c23377fc890e4af98354bf1a0ae00743f94a009bdb8f3af701008a4eec4ddfa8f7ee6dc46aacabad75aa5285d02529045c95a8e27d752cf274917e4843bac2d9ce6dcb79f416451c9079add529059e5ceaeb809156ec9d632af71be66f6de351ff6a00cfb507fffd52b13c609fe1236dc9a7055d8a184d55610c12a7750d7bad3e8778cc3dd64cbe30b93e56cf8f7eb7df97046fc4fbea037d278bf9326b7bcb602b88df419eee6743d5325aa8c067660d59e9edfd811815bfdedc3e04f90d2abbddf3e159c51e9a2d6bcb5fd2eb0acb88e50351345fa99ffcf096d6fa0a0df75486608b6e2ef8bffd1527cc16088f61349de0198b0c8834c6d0ba206998735c445151ae6cea9b4a8bbe0ae836fd5c3415bc5a2d28e46791cce076b9a3e930271ec5ab687d16bfda836b88a59f185f320f2562c8278a5864692284c095f33da6f38868984144f598bf17d77c3121312df05fa7f98775f96c43ad6c50f58f2195847979c2ba47ac7c08f791fc8520f470dca9ed2726388f7cd4b75a170c35b6a15a71a32c429b1dea81ef4cd3b78527d9a06bfcf416cde77474bd30900df6e867c9836b86bd5ac78ebd8435b8d800217356eaf71dad610dc5f12a1a1a0ba8c1a96c4e5dbc950978a0600705a0e5b99aed4dbacfb2569ad2f1c0757ff0adfcb94cf249c28c54520b00a868187f86675d5ec8063e45639d74c3913ce0a0bbea0c1d67c5fa717f42c1ecd768d9890db9693484b6d073f67f93d24796a75e53a1840d60c6a58aa9d0e9f4d5348921fef0805db66fb77a28742c4e3fd005ec68754a65d51237339941c0f6c8f54d7fbeb1daabd5ee1e893287ad7a8e190614584b67f351784c3107c26f8cc0f2c76730fcc32aef95155551f53ebd7c83368e4a64d9ec5f3a6e57c3d1e60527274d2a4c353a1347035420917f8d928bf027809e8a5ee6476bd5f10a5bea87ee228269a5ac43d3434a24c2734abdf275d96a9526cb5210ed67baac25ad5e60773d9ab9fb3f068b4071abe7d4d25ee9bc82be8abe6156d964c6870d88934913ab0edc4f701cb488e406b987883e65783824515aeaf222cd7a50d57fe451f4b8a8c38789712340196741b3f7f2976881cbb396ee821ae4151288a82a391519c14e02e68a496e6d0cf26427e9da4360e6e56c0b832c0cf7e4e416eb15a91124196357ac2be4f7e68ef3b52bb230117697c78325a708320e1f0d379c7b63cdd2393898f13d11a47f8dafab9575156f643c6d37ac7b506113e1f08afd926c01dfc218f538d5a699a6d901c1f295e21c365f27abf7d32d79ec3dabbfaba56597083cba537c58b1cfa84f35ef655d7703c82e354a7387e8c731d84ccd1cef0a2fb6c6ea17d5ffc61b3c2ebada8ed0e4a51a2327c154a6efb1e0610cf3adfe72e2cce0c8f966660fd63af73561ba9dcb7017cdd0eb9eda3668747e1c5f8d66e24fbd230c6ded395b0c7589a8616e82d0f217e5e2b2dd933242ccbc67c50e48f17b37c888c1648ca81cf821dfd24afec50c16da46be038486f2bb6f56b4e07c4bd544094f0deb81ea896bcfeb126c5ea31de4b54653f85805f1054e44fe26ab05020e5df0a11c3360616692d5edab92fb07a019cfeff754de95a1d05455263f460f643960f669ab6be0ceda41a805260688500f922ee1914ae0ff7beb48f59bd7b3130f54751bb6850825b21bba38de2d13019645b077c49419b2f9c782206d2fe6808920fcb1b474bbf2117d62226ee448dd234a209610549ff79b69292242b2daaa315a64fb90dc29c5276461144f6e008548e0e079f4e05ecc72630b62b4f9a607f5e0534534767a3bc7b8311200a1a032330c67030404ad2d52e1531d84202f629f237d6cd8d238de1d2e03acd32b5054f45b375c12fdfee65ce856dfd3920e1fb1d9130d83a13b8b9f66004c78baa15d7c3da058c6840d46e610c09250b097d68d78dddd797b461a6c9ff8f629326d83ca01979f9e4e5486791b7e07d4a804d8ee1cb66a30b34ba294447c3f0072b6f659a57c7985b863c5b2e13cbdae372a91c3573e4ad699316ff33116fb25bd5e4aea827a1c13e8832722e9b835acac0f4c4a3f46ed897913a762a55d0735dc8412fdc0dd68022598ade2ac6af48e70b40ae62873063ca9fb79095d5bbf146ee929d1dd5238291ab85760d7000679d6763d3fac5d492bb488ae0261c868d9b8b1d43d4063eb3e0bb8528894d5202c2068672c5ad266c92f40dbe82d603402294a528a6078145c8ab2a9db00dbf21fc5e8312dedb1ad5bf928f62bcea2e4ab43a9dbe0ad77fd33ec25a997eef3673eb877d459da1ae9a3d30986ff577f436342d88db93056711fbc47f27221ae31f7a47a361c9b662437bb4676565b567cdcd0bedf2fac103ae1336eaaf95934e88ad5c6c03557810e540f2423b0d55d9b60bc1befe8174f9650c79e8fb4e157c20037bbac4b9b9ebd8c855f15fd00854b30000000000000007c2f1af3fbc7db9c5d4530cd83e42a88d3e2f462ff8aa180fb16c0b3ad050a14412da977544252e796c771f87e46e908cd21307a732b1fee339ce81c82f02421dd4577826594823588b0494af53a02185ff9fdd9cfeab73404650d9bb14cf0e2cb5916dc35015fa2e6ecd37bbcff5c08f0765fea1e4c151b60104b31120e67a68dbac5ab59272157ee415bafbc43f2bc63be27ed61d900f418defaaad0c0dd2efe50f05fa2f7d181ea2c685275037392a567a136ad2f53588a552075ce715d48096e9153f7891236a1a36ead3b3a1edaf070b832a993ec2cbf0e0109a5ada33c3332fde5a0578261560a348167ae4bf892a958c5f4b911a6d20b1fade781047dbb85bdd32b3d0bd10bc8317b1869f3358d3a35c294676f07c1bf387806dc0f043b8a63006db03137b8a7542c484fc825b8840aeb5fd0bd829d9ca87b4d7894f5125c7af8630cf1505853542b60cc8a42d9224bd9edbd9af0fcda27c29bc8021cc3370bc292043df8a7e0763aef45a4b86fe3b434433d9cc6c2203990c06411d016a5591f378513b8ddc0c11e529ee1e65d8add7f57935b1668c80d218ffb10902598f0102f30c82c10a08236f92d2471361705b337964e3f3cd889d886773cbdf53fc8195af9aa05f25565fc77ee474589275c42f153724b2ccd620191d67db8b6e12e302fed8001c646fcf470d4561b009d1d18df542a9be85551b3c4dae124765be9af47047559a9443ccdefdf257ea3d821140752e84257522397e7e53ab214acd6560d859addb2cb186d5081b1d5c470e1f40eb1cf656b797ca1c7a90be405a0ab5a71a0a84c02428e003d4db050a15de819b5ef8240664553e9769170d65bf55c7275a9ecb5e4e892035ee90d32da571b265b75f7326b977b27bbea6c757c1cf8ce48945b363e26728c88673b83c884fc4217f4a6542340fbd10c863bc9f2e08b019124d8c298de6c9f5708bb59db1ac2f2388f2ac5f5d09b496b0d92221ce753f695f2ff651b71e9d98b7d640039a23f24224b7009f000918b17d80e9276ab35b3e98f0e47e685e483697027d968632510fc93aba7ff381ffdf889b340c5e16dfa37cdb52ae850a7c6c7487d968c278286ce9a5cffbec9ca0b3f4d172eed352c189d198999e5c60f5ec1f6c03b32ccef8ff9e9a259dbb3c4ce0b03bde508c266825b9113156faffae4400391ae8d5e76901393577a5721f0658131bb7be65f311351c09e18a7c07c4369d70e0091b7f0d9d4b1ae751d5098df6dfd48cd4d5788e69cbdbfd9bfb3b3778400150986f8489f0626f8d2e6a1b0052d5c5de0438d5f5f1944fea7777c6c9d96d914fc4eba78bf2c25c5acc091085759257e80e6ed65067677c2a67c0b7b1f1fb60215d11ba72432c9c1955502ba4d9d5d7ab592b176a945f44dcab12ee429f9ce5c1d541a8d474495770ff3b7648e7a104d6258835441b4bfbc48716f192b1d0ae957cb949590860ce20372293e4df40662d65430ed8078a04f4514c631e98682a05649881d6c1f54b65747c791354fbf771c510d1f6d79eb7890d8b845a2611ece8225db35e6862d0b7ab163cfcf313817fa770dbd9488ecf0ce83efd044a6b06f44176338663ef417e03c4fa8518e2bebbae6e7c57674a264798d7ab12a9133b1c9af31563aa5f2192956517b5c836805c5a4d169f93752293b60e6df0dc58dfdabd86d334ed159bb440b60f2fe1e7d250a58b130129bd20abe4ed3ffe1649bffc5ac1d38db0da8e36a1193c764fb95321f0e9f644b7f78f7e807d19b118921160fa1d4d96b5f9a179eb6922b7a55c3b13ca855abb220173e457c930e7d39d3eb68355abbe37c7ab58ce3cada16bd3f17d0bbb23a989ffb1853ed5ba4bba1f43015158863290072904fe6afde19e818f94b8c0d71ac7a574b3c3bdb31116d2917ea4171f9b31921dab0b0d6a0cf55a1e4bfe01013039ba1155c12782b083cd7b43f8d0ddc47e178abca888f2f1d5bd5ada460200051ffd8e9edff9b01af21b95eb8aa66e1af28ce8e284e5b85b4e8864c7420318cf75dbb51c9244aa18efe21f5643c34f4fd40b1a95b2bc66810b931645cecebb3e50f7f62630487a45cd51c7dc6b2498b14d44a47281ee7a35deebd694d2d24f3c588bd72931dd50b4b65109eb907572e6a62785bee99b7e6b87dd701698d0123e2b05e419f1b132fc2436acffff71114d7d7f5c40ee674ea67a2b864d2459a61225b4f2121986e59f9dcbf44e8ec62e66d5251806d66a7a942091cb9d2d68c31b92d5e4d417edac9d7d844364d561954b641f1673ef3a059ab21ba8b706d95c3ae62c57a5c2fc9f1cdda3f09a04485b099007da4978550b61f0eafae18706a9e54e820cdc080ca78a5a00c2be72c8d9c1fa6a62021b590d0515ea8c5afb5b9c46b9aa16f56d083fde6d3a708725f661813146936032ce409d2b7162c7c71e9c97dea41802d3b0c0b1ed128757bb02551f2e9276faea2bcd93278b0c764be87cfffc748c3d4a2d00234919077087e736f99b7a1e6d8f499318eb36ad6338a715065bc9ba3bcc578b5ac366b82e9c6b040054c7ba25d000e114e3f786518a12733a0b9e2b412d2d6665f03a27e00ef8e656ecb3ea942b56fc3458f0ede538850be55e65a49884f01b922632f1c5bb7bff7914344ed03d39a551f9b9980dea301cb74dd7046d3c2022d837f1d12c0db2979302928525e1709e0befcf21fc5628f2e408428d191e33a1c68134ec4c3a0e3939ec78870b4606ee450bea947b7e49e2a1676f1e26c0ce6a23d7a76830721af6cdd8d7552202d81535398b866f8826269a3b439b5588b47fc46aa7b55a97a4e31baf6860c08ac5a2966f47eccd5abc08741cbc3155f49b45c0aebd76971cb9036e8ce456102202894facade14974a0b6acd55096b0b1396282fb0b8df12788f6ea12755e6df733d897eddaac86fd57aa55f74bedeb6d4b46af65abd4f27523c3c17fb010ac2fa8634451c7cef9b35d343fe2c4dd1c717c0ab28661db7d5aab6bb10de3248d33035ba26f97488a95ceba2a7ff94e40827036ca88a5b9987ffb7e9a37a918f2d48bc79d03bd3ef685b3c5bd48f5a49e", @typed={0xc, 0xa, 0x0, 0x0, @u64=0x76f1}]}, 0x1020}}, 0x0)
sendmsg$nl_generic(r7, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000002d00)=ANY=[@ANYBLOB="200000001000010700000000000000000a0000000c0002006e6c3830323131"], 0x20}}, 0x800)
r9 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/unix\x00')
pread64(r9, &(0x7f0000000780)=""/185, 0xb9, 0x0)
recvmmsg(r7, &(0x7f0000000780)=[{{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000001180)=""/4096}, {&(0x7f0000000440)=""/128}], 0x0, &(0x7f00000004c0)=""/193}, 0x7f}, {{&(0x7f00000005c0)=@in, 0x0, &(0x7f0000000700)=[{&(0x7f0000000640)=""/35}, {&(0x7f0000000680)=""/127}], 0x0, &(0x7f0000000740)=""/23}, 0x3}], 0x400000000000054, 0x40012100, 0x0)
ioctl$KVM_IOEVENTFD(r3, 0x40a0ae49, &(0x7f0000000000)={0x6, 0x0, 0x0, r6, 0x100000})
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r10, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="440000001a000100000000000000042481"], 0x44}, 0x1, 0x0, 0x0, 0x4004880}, 0x884)
ioctl$VIDIOC_TRY_EXT_CTRLS(0xffffffffffffffff, 0xc0205649, &(0x7f0000000400)={0x9c0000, 0x9, 0x7fffffff, 0xffffffffffffffff, 0x0, &(0x7f00000003c0)={0x9909c8, 0xbe36, '\x00', @string=&(0x7f0000000380)=0x2}})
syz_clone(0x40080000, &(0x7f0000000000)="8b8e", 0x2, &(0x7f00000000c0), &(0x7f0000000180), &(0x7f00000001c0)="4cc8b02974d06693ba70a903255944ead95306ce322a3d6c9f1141339158e48b08029deea16a53c5b6946c36d11fa89ee401fdacc6157d13b209f9c5a782b503c0162562d745a632fbbb8bbbcda7e1023187def3bd2ff6ec7807bbc93360de8ed765b26813a3e1d71e317270ce2b310662bf7378e9e4218f0bfde95ccaad0aec1868d8aaa83166683777cd76498ea9b95c57dfcb7fc16f51105ad2c7e30b110001a5e032d757b4a801127c67c8751b72768f901b3d4725d95c")
r11 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r12 = dup(r11)
ioctl$KVM_SET_MSRS(r12, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="010000000008000006010040"])

2m54.397259351s ago: executing program 43 (id=3546):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000740)={&(0x7f0000000040)=ANY=[@ANYBLOB="9feb010018000000000000001800000018000000050000000100000001000013040000000200000088060000ff0f0000002e2e"], 0x0, 0x35, 0x0, 0x1}, 0x28)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000100)={0x1, &(0x7f0000000240)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
poll(&(0x7f0000000040)=[{0xffffffffffffffff, 0x80cd}], 0x1, 0x7)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$UHID_CREATE2(r5, &(0x7f0000000040)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x12, r5, 0x0)
ioctl$KVM_X86_SETUP_MCE(r5, 0x4008ae9c, &(0x7f0000000000)={0x14, 0x9, 0x4})
sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f0000000000)='ns\x00')
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000004c80)={0x1020, 0x32, 0x8, 0x0, 0x0, {0xa}, [@generic="3d2a70bf7985a5736d4a7b491e0130ee1be65411dd3265814355e29ce3226c0dd88f32dbb67086b27e8af6d5340d0a1a7e4e82f55dad14fdb88efc4038df6915c9165c7c564a29208cedd5fc0b138728f125812b946fd1ae9537b7a86a12ca0f9207ca8058d4377a8ab455ca72d9f40e1decff7059e554caa63c2e63206931311c0d12a369e649c1afaee1be77e3efa96109a366884f569ee4cdc1a46c23377fc890e4af98354bf1a0ae00743f94a009bdb8f3af701008a4eec4ddfa8f7ee6dc46aacabad75aa5285d02529045c95a8e27d752cf274917e4843bac2d9ce6dcb79f416451c9079add529059e5ceaeb809156ec9d632af71be66f6de351ff6a00cfb507fffd52b13c609fe1236dc9a7055d8a184d55610c12a7750d7bad3e8778cc3dd64cbe30b93e56cf8f7eb7df97046fc4fbea037d278bf9326b7bcb602b88df419eee6743d5325aa8c067660d59e9edfd811815bfdedc3e04f90d2abbddf3e159c51e9a2d6bcb5fd2eb0acb88e50351345fa99ffcf096d6fa0a0df75486608b6e2ef8bffd1527cc16088f61349de0198b0c8834c6d0ba206998735c445151ae6cea9b4a8bbe0ae836fd5c3415bc5a2d28e46791cce076b9a3e930271ec5ab687d16bfda836b88a59f185f320f2562c8278a5864692284c095f33da6f38868984144f598bf17d77c3121312df05fa7f98775f96c43ad6c50f58f2195847979c2ba47ac7c08f791fc8520f470dca9ed2726388f7cd4b75a170c35b6a15a71a32c429b1dea81ef4cd3b78527d9a06bfcf416cde77474bd30900df6e867c9836b86bd5ac78ebd8435b8d800217356eaf71dad610dc5f12a1a1a0ba8c1a96c4e5dbc950978a0600705a0e5b99aed4dbacfb2569ad2f1c0757ff0adfcb94cf249c28c54520b00a868187f86675d5ec8063e45639d74c3913ce0a0bbea0c1d67c5fa717f42c1ecd768d9890db9693484b6d073f67f93d24796a75e53a1840d60c6a58aa9d0e9f4d5348921fef0805db66fb77a28742c4e3fd005ec68754a65d51237339941c0f6c8f54d7fbeb1daabd5ee1e893287ad7a8e190614584b67f351784c3107c26f8cc0f2c76730fcc32aef95155551f53ebd7c83368e4a64d9ec5f3a6e57c3d1e60527274d2a4c353a1347035420917f8d928bf027809e8a5ee6476bd5f10a5bea87ee228269a5ac43d3434a24c2734abdf275d96a9526cb5210ed67baac25ad5e60773d9ab9fb3f068b4071abe7d4d25ee9bc82be8abe6156d964c6870d88934913ab0edc4f701cb488e406b987883e65783824515aeaf222cd7a50d57fe451f4b8a8c38789712340196741b3f7f2976881cbb396ee821ae4151288a82a391519c14e02e68a496e6d0cf26427e9da4360e6e56c0b832c0cf7e4e416eb15a91124196357ac2be4f7e68ef3b52bb230117697c78325a708320e1f0d379c7b63cdd2393898f13d11a47f8dafab9575156f643c6d37ac7b506113e1f08afd926c01dfc218f538d5a699a6d901c1f295e21c365f27abf7d32d79ec3dabbfaba56597083cba537c58b1cfa84f35ef655d7703c82e354a7387e8c731d84ccd1cef0a2fb6c6ea17d5ffc61b3c2ebada8ed0e4a51a2327c154a6efb1e0610cf3adfe72e2cce0c8f966660fd63af73561ba9dcb7017cdd0eb9eda3668747e1c5f8d66e24fbd230c6ded395b0c7589a8616e82d0f217e5e2b2dd933242ccbc67c50e48f17b37c888c1648ca81cf821dfd24afec50c16da46be038486f2bb6f56b4e07c4bd544094f0deb81ea896bcfeb126c5ea31de4b54653f85805f1054e44fe26ab05020e5df0a11c3360616692d5edab92fb07a019cfeff754de95a1d05455263f460f643960f669ab6be0ceda41a805260688500f922ee1914ae0ff7beb48f59bd7b3130f54751bb6850825b21bba38de2d13019645b077c49419b2f9c782206d2fe6808920fcb1b474bbf2117d62226ee448dd234a209610549ff79b69292242b2daaa315a64fb90dc29c5276461144f6e008548e0e079f4e05ecc72630b62b4f9a607f5e0534534767a3bc7b8311200a1a032330c67030404ad2d52e1531d84202f629f237d6cd8d238de1d2e03acd32b5054f45b375c12fdfee65ce856dfd3920e1fb1d9130d83a13b8b9f66004c78baa15d7c3da058c6840d46e610c09250b097d68d78dddd797b461a6c9ff8f629326d83ca01979f9e4e5486791b7e07d4a804d8ee1cb66a30b34ba294447c3f0072b6f659a57c7985b863c5b2e13cbdae372a91c3573e4ad699316ff33116fb25bd5e4aea827a1c13e8832722e9b835acac0f4c4a3f46ed897913a762a55d0735dc8412fdc0dd68022598ade2ac6af48e70b40ae62873063ca9fb79095d5bbf146ee929d1dd5238291ab85760d7000679d6763d3fac5d492bb488ae0261c868d9b8b1d43d4063eb3e0bb8528894d5202c2068672c5ad266c92f40dbe82d603402294a528a6078145c8ab2a9db00dbf21fc5e8312dedb1ad5bf928f62bcea2e4ab43a9dbe0ad77fd33ec25a997eef3673eb877d459da1ae9a3d30986ff577f436342d88db93056711fbc47f27221ae31f7a47a361c9b662437bb4676565b567cdcd0bedf2fac103ae1336eaaf95934e88ad5c6c03557810e540f2423b0d55d9b60bc1befe8174f9650c79e8fb4e157c20037bbac4b9b9ebd8c855f15fd00854b30000000000000007c2f1af3fbc7db9c5d4530cd83e42a88d3e2f462ff8aa180fb16c0b3ad050a14412da977544252e796c771f87e46e908cd21307a732b1fee339ce81c82f02421dd4577826594823588b0494af53a02185ff9fdd9cfeab73404650d9bb14cf0e2cb5916dc35015fa2e6ecd37bbcff5c08f0765fea1e4c151b60104b31120e67a68dbac5ab59272157ee415bafbc43f2bc63be27ed61d900f418defaaad0c0dd2efe50f05fa2f7d181ea2c685275037392a567a136ad2f53588a552075ce715d48096e9153f7891236a1a36ead3b3a1edaf070b832a993ec2cbf0e0109a5ada33c3332fde5a0578261560a348167ae4bf892a958c5f4b911a6d20b1fade781047dbb85bdd32b3d0bd10bc8317b1869f3358d3a35c294676f07c1bf387806dc0f043b8a63006db03137b8a7542c484fc825b8840aeb5fd0bd829d9ca87b4d7894f5125c7af8630cf1505853542b60cc8a42d9224bd9edbd9af0fcda27c29bc8021cc3370bc292043df8a7e0763aef45a4b86fe3b434433d9cc6c2203990c06411d016a5591f378513b8ddc0c11e529ee1e65d8add7f57935b1668c80d218ffb10902598f0102f30c82c10a08236f92d2471361705b337964e3f3cd889d886773cbdf53fc8195af9aa05f25565fc77ee474589275c42f153724b2ccd620191d67db8b6e12e302fed8001c646fcf470d4561b009d1d18df542a9be85551b3c4dae124765be9af47047559a9443ccdefdf257ea3d821140752e84257522397e7e53ab214acd6560d859addb2cb186d5081b1d5c470e1f40eb1cf656b797ca1c7a90be405a0ab5a71a0a84c02428e003d4db050a15de819b5ef8240664553e9769170d65bf55c7275a9ecb5e4e892035ee90d32da571b265b75f7326b977b27bbea6c757c1cf8ce48945b363e26728c88673b83c884fc4217f4a6542340fbd10c863bc9f2e08b019124d8c298de6c9f5708bb59db1ac2f2388f2ac5f5d09b496b0d92221ce753f695f2ff651b71e9d98b7d640039a23f24224b7009f000918b17d80e9276ab35b3e98f0e47e685e483697027d968632510fc93aba7ff381ffdf889b340c5e16dfa37cdb52ae850a7c6c7487d968c278286ce9a5cffbec9ca0b3f4d172eed352c189d198999e5c60f5ec1f6c03b32ccef8ff9e9a259dbb3c4ce0b03bde508c266825b9113156faffae4400391ae8d5e76901393577a5721f0658131bb7be65f311351c09e18a7c07c4369d70e0091b7f0d9d4b1ae751d5098df6dfd48cd4d5788e69cbdbfd9bfb3b3778400150986f8489f0626f8d2e6a1b0052d5c5de0438d5f5f1944fea7777c6c9d96d914fc4eba78bf2c25c5acc091085759257e80e6ed65067677c2a67c0b7b1f1fb60215d11ba72432c9c1955502ba4d9d5d7ab592b176a945f44dcab12ee429f9ce5c1d541a8d474495770ff3b7648e7a104d6258835441b4bfbc48716f192b1d0ae957cb949590860ce20372293e4df40662d65430ed8078a04f4514c631e98682a05649881d6c1f54b65747c791354fbf771c510d1f6d79eb7890d8b845a2611ece8225db35e6862d0b7ab163cfcf313817fa770dbd9488ecf0ce83efd044a6b06f44176338663ef417e03c4fa8518e2bebbae6e7c57674a264798d7ab12a9133b1c9af31563aa5f2192956517b5c836805c5a4d169f93752293b60e6df0dc58dfdabd86d334ed159bb440b60f2fe1e7d250a58b130129bd20abe4ed3ffe1649bffc5ac1d38db0da8e36a1193c764fb95321f0e9f644b7f78f7e807d19b118921160fa1d4d96b5f9a179eb6922b7a55c3b13ca855abb220173e457c930e7d39d3eb68355abbe37c7ab58ce3cada16bd3f17d0bbb23a989ffb1853ed5ba4bba1f43015158863290072904fe6afde19e818f94b8c0d71ac7a574b3c3bdb31116d2917ea4171f9b31921dab0b0d6a0cf55a1e4bfe01013039ba1155c12782b083cd7b43f8d0ddc47e178abca888f2f1d5bd5ada460200051ffd8e9edff9b01af21b95eb8aa66e1af28ce8e284e5b85b4e8864c7420318cf75dbb51c9244aa18efe21f5643c34f4fd40b1a95b2bc66810b931645cecebb3e50f7f62630487a45cd51c7dc6b2498b14d44a47281ee7a35deebd694d2d24f3c588bd72931dd50b4b65109eb907572e6a62785bee99b7e6b87dd701698d0123e2b05e419f1b132fc2436acffff71114d7d7f5c40ee674ea67a2b864d2459a61225b4f2121986e59f9dcbf44e8ec62e66d5251806d66a7a942091cb9d2d68c31b92d5e4d417edac9d7d844364d561954b641f1673ef3a059ab21ba8b706d95c3ae62c57a5c2fc9f1cdda3f09a04485b099007da4978550b61f0eafae18706a9e54e820cdc080ca78a5a00c2be72c8d9c1fa6a62021b590d0515ea8c5afb5b9c46b9aa16f56d083fde6d3a708725f661813146936032ce409d2b7162c7c71e9c97dea41802d3b0c0b1ed128757bb02551f2e9276faea2bcd93278b0c764be87cfffc748c3d4a2d00234919077087e736f99b7a1e6d8f499318eb36ad6338a715065bc9ba3bcc578b5ac366b82e9c6b040054c7ba25d000e114e3f786518a12733a0b9e2b412d2d6665f03a27e00ef8e656ecb3ea942b56fc3458f0ede538850be55e65a49884f01b922632f1c5bb7bff7914344ed03d39a551f9b9980dea301cb74dd7046d3c2022d837f1d12c0db2979302928525e1709e0befcf21fc5628f2e408428d191e33a1c68134ec4c3a0e3939ec78870b4606ee450bea947b7e49e2a1676f1e26c0ce6a23d7a76830721af6cdd8d7552202d81535398b866f8826269a3b439b5588b47fc46aa7b55a97a4e31baf6860c08ac5a2966f47eccd5abc08741cbc3155f49b45c0aebd76971cb9036e8ce456102202894facade14974a0b6acd55096b0b1396282fb0b8df12788f6ea12755e6df733d897eddaac86fd57aa55f74bedeb6d4b46af65abd4f27523c3c17fb010ac2fa8634451c7cef9b35d343fe2c4dd1c717c0ab28661db7d5aab6bb10de3248d33035ba26f97488a95ceba2a7ff94e40827036ca88a5b9987ffb7e9a37a918f2d48bc79d03bd3ef685b3c5bd48f5a49e", @typed={0xc, 0xa, 0x0, 0x0, @u64=0x76f1}]}, 0x1020}}, 0x0)
sendmsg$nl_generic(r7, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000002d00)=ANY=[@ANYBLOB="200000001000010700000000000000000a0000000c0002006e6c3830323131"], 0x20}}, 0x800)
r9 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/unix\x00')
pread64(r9, &(0x7f0000000780)=""/185, 0xb9, 0x0)
recvmmsg(r7, &(0x7f0000000780)=[{{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000001180)=""/4096}, {&(0x7f0000000440)=""/128}], 0x0, &(0x7f00000004c0)=""/193}, 0x7f}, {{&(0x7f00000005c0)=@in, 0x0, &(0x7f0000000700)=[{&(0x7f0000000640)=""/35}, {&(0x7f0000000680)=""/127}], 0x0, &(0x7f0000000740)=""/23}, 0x3}], 0x400000000000054, 0x40012100, 0x0)
ioctl$KVM_IOEVENTFD(r3, 0x40a0ae49, &(0x7f0000000000)={0x6, 0x0, 0x0, r6, 0x100000})
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r10, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="440000001a000100000000000000042481"], 0x44}, 0x1, 0x0, 0x0, 0x4004880}, 0x884)
ioctl$VIDIOC_TRY_EXT_CTRLS(0xffffffffffffffff, 0xc0205649, &(0x7f0000000400)={0x9c0000, 0x9, 0x7fffffff, 0xffffffffffffffff, 0x0, &(0x7f00000003c0)={0x9909c8, 0xbe36, '\x00', @string=&(0x7f0000000380)=0x2}})
syz_clone(0x40080000, &(0x7f0000000000)="8b8e", 0x2, &(0x7f00000000c0), &(0x7f0000000180), &(0x7f00000001c0)="4cc8b02974d06693ba70a903255944ead95306ce322a3d6c9f1141339158e48b08029deea16a53c5b6946c36d11fa89ee401fdacc6157d13b209f9c5a782b503c0162562d745a632fbbb8bbbcda7e1023187def3bd2ff6ec7807bbc93360de8ed765b26813a3e1d71e317270ce2b310662bf7378e9e4218f0bfde95ccaad0aec1868d8aaa83166683777cd76498ea9b95c57dfcb7fc16f51105ad2c7e30b110001a5e032d757b4a801127c67c8751b72768f901b3d4725d95c")
r11 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r12 = dup(r11)
ioctl$KVM_SET_MSRS(r12, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="010000000008000006010040"])

53.445708936s ago: executing program 7 (id=3917):
syz_usb_connect(0x1, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x7f}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffeda}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f00000001c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
ptrace$setopts(0x4200, r1, 0x2, 0x3e)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000580)=ANY=[@ANYRES32=0x1, @ANYRES32=0x0, @ANYRES32, @ANYRESHEX=0x0], 0x50)
read$FUSE(0xffffffffffffffff, &(0x7f0000004180)={0x2020}, 0x2020)
socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$can_j1939(0x1d, 0x2, 0x7)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x7, 0x4, 0x6, 0xffda}, 0x1d, [0x6, 0xc95a, 0xfffffff3, 0x9, 0x7f, 0x2, 0x1, 0x7f, 0x6, 0xfffffff9, 0xfffffff2, 0x3, 0x8, 0x3, 0xffff2d37, 0x1dd2, 0x6, 0x7, 0x0, 0x80000001, 0x4, 0x7, 0x3, 0x3c5b, 0x8000001, 0x24, 0xffffffff, 0xfffffffe, 0x1f461e2c, 0x24000, 0xe661, 0x4, 0x9, 0x3, 0x7fff, 0x4c74, 0x8f00, 0x642, 0x3, 0xa, 0x8, 0x71, 0x7, 0x7, 0x103, 0x0, 0x5, 0x3c, 0x91, 0x6, 0x0, 0x3, 0x9, 0x4, 0x8, 0x0, 0x90, 0x0, 0x5, 0x6, 0x8, 0x4, 0x1, 0x40], [0x10000004, 0x8, 0x12f, 0x8000, 0x11, 0x8, 0x129432e2, 0xcb, 0x204f9, 0xd, 0x2bf, 0x6c9, 0x9, 0x1, 0x7, 0x0, 0x7, 0x5, 0x2f, 0xe, 0x312, 0x78, 0xea0, 0xa, 0x4, 0x4000, 0x8000, 0x9, 0x400, 0x1, 0x5, 0xf, 0xff, 0x1005, 0x7ff, 0x5f31, 0x4, 0x0, 0x6, 0x2, 0x19, 0x4, 0x9, 0x8, 0x9, 0x4, 0x1, 0xc681, 0x2, 0x8000, 0xffff, 0x600000, 0x7f, 0x9, 0x5, 0x10003, 0x4, 0x1, 0x7, 0xb, 0x9, 0x48c93690, 0x23, 0xff], [0x4, 0x4, 0x0, 0x64e, 0x3e8, 0x7fffffff, 0x8d2, 0x9, 0x5, 0x7fff, 0x0, 0x5, 0xb, 0x6, 0x5, 0x5, 0x2, 0x1ef, 0x5, 0x8, 0x86, 0x3, 0x665, 0x3e7, 0x9, 0x5, 0x2, 0x2, 0xf, 0x8, 0x4, 0x6d01, 0x5, 0x3b, 0x3, 0x10000, 0x80, 0x3, 0x4, 0x2, 0x0, 0xa2, 0xff, 0x53cf697b, 0x5, 0x6, 0x54fe12d6, 0xbf, 0x200, 0x3, 0x400002, 0xfffffff9, 0x0, 0x6, 0x5, 0x0, 0x6, 0xfffffffb, 0x120000, 0x3, 0x6, 0x9, 0x4, 0x3], [0x9, 0xbb2f, 0x3, 0x7, 0x5, 0x938, 0x6, 0x81, 0x0, 0x5, 0xce7, 0x1ff, 0x6, 0x8ad, 0x5, 0x3, 0x101, 0x10000, 0x6, 0x7fff, 0x8ffff, 0xa620, 0x2, 0x5, 0x4, 0x2, 0x14c, 0x60a7, 0x6, 0x5, 0xffffffff, 0x7ffffffe, 0x5, 0x8, 0xc8, 0x3, 0x4, 0x9, 0x3, 0x9, 0x100, 0x9602, 0xa, 0x2, 0x4, 0x6, 0x1, 0x10000, 0x1, 0x8, 0x2b91, 0xa1f, 0x8, 0x9, 0x1, 0x6c1b, 0x0, 0xb, 0x5, 0xb1c, 0x1, 0x200, 0xffff3441, 0x80000fff]}, 0x45c)
r5 = syz_open_dev$evdev(&(0x7f0000000000), 0x3, 0x822b01)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
write$char_usb(r5, &(0x7f0000000040)="e2", 0x918)
sendmsg$inet(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000007c0)}, 0x4048081)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r6 = socket(0x400000000010, 0x3, 0x0)
r7 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffffd, {0x0, 0x0, 0x0, r8, {0x0, 0x1}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x4)

50.076454269s ago: executing program 7 (id=3924):
socket(0x2, 0x80805, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket(0x2, 0x3, 0xff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
syz_emit_vhci(&(0x7f0000000340)=ANY=[], 0x64)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xa2bb1000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x691, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', 0x0, 0x5, 0x0)
close(0xffffffffffffffff)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
accept(0xffffffffffffffff, 0x0, 0x0)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r3, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe)
listen(r3, 0x8000)
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="043e130100c90001"], 0x16)
r4 = socket(0xa, 0x5, 0x0)
close_range(r4, 0xffffffffffffffff, 0x0)

22.778176448s ago: executing program 7 (id=3925):
pipe2(&(0x7f0000000000), 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r1 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000940)=ANY=[@ANYBLOB="b4050000200080066110000000000000c6000000000000009500d800000000009f33ef60916e55893f1eeb0b2ae13d922e6235592ce847e2566c43d72918a897323fd0723043c47c896ce0bce66a245ad9d6817fd98cd824498949714ffaac8a6f77ef0000ca5d82054d54d53cd2b6db714e75d9bdae214fa68a0557eb2c5ca683a4b6fcfcff0bffffffffffd47042eaebfa6fa26fa7a347c7faa8e700458c60897d4a6148a1c11428427c40de60beacf871ab5c2ff88a02084e5b5271e45f00003826fb8579c1fb01d2c5553d2ccb5fc5b51fe6b174ebd9907dcff414ed55b0c20cdbe7009a6fe7cc78762f1d4dcdbca64920db9a50f86c21632f7a4bd344e0bd74ff05d37ef68e3b9db863c758ffffffffabe90ac5d08dd9d4e0359c41cf3626e1230bc1cd4c02c460ceb44276e9bd94d1c2e6d17dc5c2edf332a62f5fe68fbbbbfcfd00000000000fbf940e6652d357474ed5f816f66ac3027460ae66317f83cdd7a7eb2a7003d1a6cf5478533584961c329fcf5a43e05c92bfef0dcd28000000003f2915a3039c9a78f63b8ec7e60a0000fed7d67c440e23d130e51eea1e085bebabe7059de9cbfc5117c024185a062acb6b8eec31c21b3af8b9eedb4660ed2deb7acf2a33a376a5cb7d4266d5b0be14488d14b473502486ad8dd600000000000000000000c7766ea7c581782c0d90f42a85303835fc291c25d29e6bead5d7360f2e1929d7736ebc8558c4506407d3046022bdf25485bd5442169e9b4c1278343581b7a06f65e8ea6b042c4fd08381e5000000000000006398d6480000001a723b91030000006480304c66b217aea0156ce9eef911fe5b7370f79987303ecb3aabc53c60014a0101ab766754f596b41da9534d12b8306a1b36cf3b03f0d790879f523eabfbee83d8bd472ef69660cf6ec897106c51e54a17497f384c4956b41f3843e7c878b1e11316d8ddae1c6c3b85aaf7a9fcaf8f5d6186c42542d68ba72682c938d3c0a2e6e10eed71b1d31c9f300b41745329bf34495c63e43fb896e4903fb0fae54a8f0fe3b48a5b29d279070647e65097c8ecf32a15080000000000000001007ba4a70a084bd994ac5e00000000000000000000000000351a30cd97f83d72631d0fe92efa974a53f4dc1eb9a86df632a6d463688123f64d42a919bcfc44a90ffd680200000091f842a91c977f6075d07e39e669b0713af0498a99bf5261cb3269d499a5202d7a08b33ade7b38829b9bd39619688d5e9af22170ef83e5b92cbb32b655c45de1c154aad81bf64351668a3f76d5afa958aff76249e0ffdf8e45155536a1a44bfcbfbfd232af000052f9002a"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="12000000040000000400000012"], 0x48)
close(r1)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r2}, &(0x7f0000000280), &(0x7f00000002c0)=r1}, 0x20)
munlockall()
recvmmsg(0xffffffffffffffff, &(0x7f0000002040), 0x400000000000233, 0x10022, 0x0)
syz_emit_ethernet(0x3e, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaeaa3986dd6c37a07e00082c01000000000000000000e6ffffe0000001fe8000000000000000000000000000aaff"], 0x0)

22.77376945s ago: executing program 7 (id=3930):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
socket$kcm(0xa, 0x3, 0x87)
syz_emit_ethernet(0x4e, &(0x7f0000000080)={@multicast, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, '\x00', 0x18, 0x87, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, @mcast2, {[@routing={0x4, 0x2, 0x1, 0xf, 0x0, [@empty]}]}}}}}, 0x0)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18, 0x0, 0x0, {0x2}}, 0x18)
write$FUSE_INIT(r2, &(0x7f0000000280)={0x50, 0x0, 0x0, {0x7, 0x21, 0x0, 0x0, 0xfff8, 0x4, 0x0, 0x2, 0x0, 0x0, 0x20, 0x4}}, 0x50)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000540)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@afid={'afid', 0x3d, 0x9}}, {@uname={'uname', 0x3d, '\x14*{%[]-(-['}}], [], 0x6b}})
syz_open_procfs(0x0, &(0x7f0000000dc0)='gid_map\x00')
getxattr(&(0x7f0000000140)='./file0/file0\x00', &(0x7f0000000200)=@random={'trusted.', ')\x00'}, &(0x7f0000000240)=""/64, 0x40)

22.772643309s ago: executing program 7 (id=3931):
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={0x0}}, 0x0)
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/comedi4\x00', 0x2, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
ioctl$COMEDI_CHANINFO(r0, 0x80306403, &(0x7f0000000040)={0x80000000, 0x0, 0x0, 0x0})
pipe2(&(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x4880)
ioctl$IOC_WATCH_QUEUE_SET_FILTER(r1, 0x5761, 0x0)

22.771506772s ago: executing program 7 (id=3932):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000001000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
memfd_create(&(0x7f0000000080)=',\xea\x00', 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r1 = getpid()
socket$packet(0x11, 0x3, 0x300)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket(0x2, 0x2, 0x1)
socket$packet(0x11, 0x2, 0x300)
syz_pidfd_open(r1, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0x14, &(0x7f0000000080)=0xfff, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff})
getpeername$packet(r3, &(0x7f0000000000)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
sendmmsg(r2, &(0x7f0000000440)=[{{&(0x7f0000000700)=@xdp={0x2c, 0x0, r4, 0x2f000000}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000180)}], 0x1}}], 0x1, 0x0)

15.259691792s ago: executing program 9 (id=3950):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x1000000, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
socket$inet_udp(0x2, 0x2, 0x0)
move_pages(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000300)={0x1, 0x1, &(0x7f0000000180)=[0x0], &(0x7f00000000c0), &(0x7f0000000240)=[0x0], &(0x7f0000000040)})
socket$vsock_stream(0x28, 0x1, 0x0)
landlock_restrict_self(0xffffffffffffffff, 0x944c2e86f2959664)

14.059415716s ago: executing program 9 (id=3954):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$SNDRV_RAWMIDI_IOCTL_INFO(0xffffffffffffffff, 0x40045731, &(0x7f00000004c0))
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1e7d, 0x2c2e, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x20, 0xc, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x2000, 0x3, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x400, 0xff}}}}}]}}]}}, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000180)={@ifindex, 0x1e, 0x1, 0x7fff, &(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6, 0x0, &(0x7f0000000040)=[0x0, 0x0], &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r2=>0x0}, 0x40)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
r4 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r4, 0x1, 0x2, &(0x7f0000f59ffc)=0x4, 0x4)
bind$inet6(r4, &(0x7f0000000480)={0xa, 0x4e20, 0x0, @mcast1, 0x2}, 0x1c)
bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e20, 0x3, @ipv4={'\x00', '\xff\xff', @multicast2}, 0x3c}, 0x1c)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r3, 0x8982, &(0x7f0000000280)={0x0, 'dvmrp0\x00', {0x1}, 0x4})
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000240)={0x9, <r5=>0x0}, 0x8)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000300)=ANY=[@ANYRES32=r0, @ANYRES32=r0, @ANYBLOB="160000002020000000000000", @ANYRES32=r5, @ANYBLOB="1f0054f510ebd35df12083ef2399fb423bccde58fd266a58175eb4ba117b506eb04635996d4eec8a324cc34fd69e8d297f9a2b9216086f425bf73def8bc0b48697cde40cdc5720a35f17b2442eff9ef9f2900945ffe2f0168b9113347b75365283718581c901e745a82b348833a81defd59fb1aed4059d639b4d9e3175cd75f3ef21be6639b6a4424a198013b6d4cd11073c56871dad0898f020f25754661a5bf18aee00b7", @ANYRES64=r2], 0x20)
syz_usb_control_io(r1, 0x0, 0x0)
ioctl$BTRFS_IOC_SNAP_DESTROY(0xffffffffffffffff, 0x5000940f, &(0x7f0000000600)={{}, "efc98950c893d6ae2e38f56d43d263b17b6d3ac16323846e4707cceadf0b12d04120336ec2d8b98242a698e79b005137009e57bf6e7609b07b444764de548ada896020d6c994976dea4010412a109f8a4c81ae2f816477ba21e027fd291b9f4e8900921ec10824ef59eb7d3d923d6ca52ead3850de8be5343acf457bd3da56ea1fcddbfbb48121ffbc50ee85e83e65ed063ac8c1460d52e6c9bbd826593069197c3c52aa9f27e25b2c5c45bc6a6efc2fb77c5822e094c5f809ff29380ec1b9570c9b63298fa6fab56991756268499aed87651bd4a4666d68bd9317c5973410052bbe08dd56c388ba80d83d5401a7bb12bdff972fb0f9dff669d5b40ed7c2d91bb5f70fbc9762fd3217db56ce821ea5a4058584a30c245c9f58f57d50bdd5d7bd4ebbbf6c075eda5d2c822de924058e73fa2230f9b2f3e7968fe72bd86ab64b2f30fff3bfb339a6e994eb9af9a1d660e17cb17d8718587862ac043ecd950e3b4ecf0a9093119fd3d368d5134f83f59325a247108639a872be64c18d76f19942ea65cba660ca43e792b4c279802f435efdd0d6f8d94e2138eefb2429774a52564975746c9f3b72d0436df433dd963cafcce1af0fd7079c3792b36c537dc3c4c755a310e7b1b5e7c9c0bd360a7fa152c726cca804c46e81db996d159e58535b810721b4a6a120ba32538fea956bf2c8775730761f1944d4e712f03a5a7438b903f8fbd9b56087be374dcaf1fbb5275e1e0860a2bf0e52e5bf3be9bd576d8f4531ec1ae337d2a1b53468c1bd20d0892e0cbfd95f9b67a960d9c4d00f593dbcfac3458d5776b069d0257b63610864fc8f96fe64d7e8d7795a873278e5b5216983ec50ab0501461aef07a79aa27182a0f9bfb6bc0acbf4b7950e1bda34c0f35b95c5d546d5b5d25ef22ab565fca8287642d04388bd8a15d7d3f362d7fc2758d4ba1ee75ef1adc26de58e222f0c665388e9dca3ca24a4ed03b22cf12494f15cf8358a39cc74ced1df2b8b907e31aae5ba306af603dc60c63c9b1c048f02b2dd5af73ce7f3a7a3b9468f8198ea5b9a8796b9498741e975edaf73a1fc0e6810ee9c5be1f3938321be41272f136e36f6c5e335e9ba7554fb96f54db7414df4290a76e0b62aa4c3cb4eb44c9a28cc5f1fbfb62a33b85135b8db390e1ef2fbd983b7059a34387de23df12a321a599d0d645be5770d8145248627aa48c68e50186fe026d6aa4bf574947f3a778d9f0dcfb338400e27f1d62fa80d6a778e5f9c18f22f5777b70e717b76d35292f23a9d081ee5f8ea08c0f776cf68c64689b99d90d413dfc27201427c7d3e4e7dbd884e71f5c92e359c9a99dc79c51be5483b276dd9fc62c338abad5ab8b58dd78695c737e474528c5b2d80dcfa087952eaef520ba79c7ffd1bcfc1a93c2a09242ed0c60983e121b8f50dbdec80f1da7e7e7cbc13d3e4d9ed03bffcae89b0607fb70ef04245a62b4b27c3a3a35a285a79bae280c1b3ba8aaa8a8dca5d05b17dbe0d74785774ca5c3e0782d3a9883ad090e6073d6bb7731a3731546cf8d6d8966b61addc904575807cf264af9dfc82c512440b94f8829c14e870095bfb850ee5e29691804ccd963f44de0aedb582e665f9b2765d643d437d72fb42d50d0249c39fdf501dbde97b5d6437906d0de31f332b56c34af646dae0bc2f96176e273838ecc2ed1aa6f4d1a275c0d7d82b54f699d6b0366d04935e4d1a86479f9a2294b5228de3dd98f079f52279f4b5794e704b9bf360ca882b3f0a1861a10335ae59fba4084febfa341edf5040a48c4cbf14fefd8705ccee61579c3fa054ff6baeeed769a1ad8823675bceb690cde3a19c8d638d70dba3e19f3ddcb685f33872753a54e60a38142ba76eebf4a18d692a24424c99c29d772a35cec29925fa297662cec95128d063d8f34d2c63bf733ee2e5854c37677015ec7fe1d1627086e7d05b3da9f425b2418abd65d1fea3e55d57917b5b9c24e385aa574477f56f83ceb9033733ff217ed67c24f46db02a4c778de93b58e191da2aa074ee16929db472abfe0e524e84f4d1ae522b52ed3d75ba9d95d181ff7b130589861ba84dc1b64c6cab8e6d2676be06213cd36d740c5c7748a88d0b44812afccfc748f1ad30eb6f2c4da1023ed59069e86d232912d85918d39e75a0845ea5dfc00e14e0515183200a8a0e91bb85d577c1b8908d38d939317831c9d320a5c91b621fc91f06613e289c572965e92238138756f1ca37e305d0337aef8d3ed55c44bbc7266c06c46237a6552d667b6a89a6fa0c5686b8a6e3e6aa683d4d47cde4e437bdcd3b2f22bc21c7924505034658b35b93aa2df925142a42f8b6b663d7a674f54548105b8b6e4263080f3968109c3af975b3827e78422c56f3d4c71a075fea8def3e2c9e0597454e667fa7ba8e6e6b6f16f46b09f74c516e2dc420965919ec534a6713c2f6997040ab7ab41891fb5fd320c55f8657af6bcf531088209dd3234364ba4569b6e1697a926b2dea959fe7e64b25ad283d9ef8534c80cc59012087afc34ddf59a8efc73f0cd7616271784bd492b08aa12929ae740023e442f1f3da0a2005ab138079d3540ce6eb610382610bdb15ec99fa17b7770ca2c4584aecc03ec760092bd8e63b7f8d7593958ec15779d9a676acaa51aff7ba532bed8136780852a996260da54e959840a6eff556084b928b83cbfd065dbd55f6d275dee93952996f60b2ed5e87a07c4d9cc09cebd11b63303db1e9f49867a555a8fc0587c76fc7374ca778a1b98f25bd25efea6b38dddb1ca2ec11447a2ad4b2b70f2ba45aeb50e756dc8fdf1cadacd6b946499ba4aab91b65b7a754f002bb0616d8fb16a5b71897bacf0a26686f068610aa9f734f4737d16b70b52e6e52b5ea4cbec5bf3f5bd462b74addb049f7619ece514dd2ced9da153b1ccf638c5d118dd6dd757702d2ef3afe4b57759559036e4a5b00f71417de8e7ab76ff8c27be1172a6d8b00522954cdc21c846a4304180ee09ae8b3d42d61f073e185f1b9d9f42dfaf13b6e81658dbaf8c72fcb5b39054c0fb1c3f8f83098dfe2705f3e1e7f5e6c604bb810b82715b292e50925a3b5e7badff4adf171904363a744b7bd91018f098b721de1a79941cf370114209bee940cd01285ac82d4c64ef0f38a5f4c21cc7305f3d4cea2f5ab164cc5a8330b0d70d9b5fd67deffee957ee07cf0ba211564623a90ecbd90e9f2c977f025eab7f911f56f277435101a6a9b153212367c5c43cea1170989013f8664707008fb7cd5d25da5db2c302e5550406bae972f1e76bb8135286a39261940eed732b540a438d7c5a667d8d54b22974fc055fac344e9698b8ee82e233b79d123f73198d97254e70e02bf0d72e69e4f01f5ffba7dbd9085e468e2ba7062977b404a1cd14d30c5b0568f6c6a87421316175b22f1dd3f5c5dea8e00a49d02193643f362e933922a664acd64ce1a1c943c014b8cfcc19caf57ab1229e16e3038f14d8f802bf33c1f77239f1933745a8140b87ce153c3175541c0fa5149feb4d47d5c75fd99d9f4e5617262fa49dc1a34812ee14acc06f16103434f94e7a130985ef630cddb775a9e620123d77cbed8f41a2f7b60e5be515d4ebaf175af3ca5d852b7428ed4cbc5a21968bd8b824267dd5c285082b482255187896dd07f871b7f3da71cfb8db4ddca4d75c77ec30ee4df35a6a57e86a6425f3fee9ea17e7e8c63ba521ecb7b63324b6f79352d5b7e6a734b3d93ad5f072c283e33cdc77f4ccebb01074cd2af03751f2e5435b5b4894a3dacb65d19805eaa4253873305e36d59324d1463b397873743caa7458ff8b8b5e0a7b0fb635bacae734291b8596421437061fe1dcff740c6b5be3846fbdcb59c9129642e1471e4cc304c7215da87b4d9e83b387facacaefc1da25071bd4a412f4cb45fccd43bb7585351c2be1b0a02042fe61313eb6f6fbbd81be238fd85583174fb053be88a6d79e9a8ee7341b824571ac451318f8181ace6691fcd772131106b2642abcded21ed91151f5c925a243712f4a8eef8b5c08f962a3c87d4ae7e75b1fd1d230db6afca412d8706b43c54f8d6a9ac97cb693d9f5454ae1513d78f99f7fecf853101f8bf761910913fb75dbdf0d7bbae9ca8dcdcfe86e40efaf8ada21efc6db5e302ce7a30a0647ca0efdaa28a2c84e8135a24968108f9ef0cdb2f90f0810e695e77dc70a0ce598f73b2343186049fe1933ccd0095824451c5cb4bc0937257fed84db5d04b99261a016c3f4d17d27381ff61a2aa7d87dcde8061cac8efff975b7189ec0b59073151155b4d5b6590a7c2b607cde2bf9d1f268d3526974031329f10ac0c1e13842e0c196bb69122c18a8566dbc78cf10d4707a6b512a598d24133845299d7eda764711675d5058dc89b4044a6e2064f047819a66f7559b841d6f2baffa62292d979d06e76df17d4a82eebff85104d2c42515e827315481306240d7d89bb9bee0e4623c44f7c67ebaf415d5afcc69bd9ded79c13811e3a1a19273e631ece2d6388f3b48e81142ddfc519684398df99c7a668e340aed3bad730d2036eb99c84d570a69b6e8a68924a43a0d9e5c1a928e01a0386ebf21da77cc4984c419b69f63fc9500bd0129906c19abe2aaedcc2d4ff9fcfdccf8bb67dface2f8d015d0be4fe05bae2c2eebbfc1503634af3f8c030d5014cc04ace102e02158b0a1e62b641255056788aae7997f93f4e01975072c2dd4bca29e8cf0747ba87f09ff74ba8f8d86322228f5b8ffbe0d052eddf334fb7793e1822bc58a422b9ed95707bfcff355811c39324a873a440cb54c16229ba7f3d74117656c7a85412d9e416766cfffaf61bb59217a6ca2f0d6437b38ffe35a2050ddbbd44f65fe88e2e5a0f4b7bea58b0f83a69f738b8312ec20720f424ad6458a00fc8630df7c62bfde9271ff36220c74fac1d1f94a7aa6384c89d6cac59f1d98485b972fd245f911ac8d1dade812041f1ab423d48b00e7e387234f51e77687c23d84a037eb4b7022e4fa22c7c56f375631c6fcba92e40a97eb643e726f48decf8f4c7bdf17fac7d236dc1c1cf6861fe2e90c0737e009732a1f71f47eb634cc469a11c44d66e0c09503e274f4c20be5b0465cc96281d1f1a2e08f00099f5257fb542a38359237ffa772cc376cc3ea9beaa902e7e09b309b361b04b7849dfbed3783850c84b40b4d6726b646d6f48ce036b812ae10d59ca169d5f4af23df8f1073d225c482a4b62014e97bc0629d52349697ff2331afbedb02a6e9fb62d823a5d2912e0d96c92717205b5c11f9a46403dd1717e3e4324cb6e59e8e8ac2f418f6318ad2e9035ddbab087924526284747ff1fa84a09ee640f0ed27722cea1795bfe188dbfc45c83ca28a676d552c34bdbf06fd866cc17ab947d1b97933a0c161d99dd465d1e9f6405717b8125fd84aacafd929362512583c9ef1dfd53836bf8487c02b57bb391257d5bcbee39bbb1e2a2151475722ededc2fa6c77bec031121205e2ae034574ca517ed4abb0a4e0c7df42a399704913f5639835ec21fbb37fc14aa0b6bdafc8e37b61f3f6cceae2e8b040f29f1c3ff41e239f4247403b5e0312519ce9569f9e9551352063c56959a35d1552a60b2b8d7252c33533b77ef56e04f62618b3b4bd83cb5db459bea9cb663da4b20bc36894c11d23dc7c618eada1a83b54e48c846e69837a553705e54ac2a37aa19abc5d55b64eb1fe73b21435cca4c55dbdded4168d7f33e69e2c39eb8fa2a53398285f77d8eb28d2fc66af90027a37c00373b73c3ded7916642b6869c2cdd6c45fa65f2c549"})
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000640)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = syz_io_uring_setup(0x2be, &(0x7f0000000140)={0x0, 0xa581, 0x0, 0x2, 0x1000111}, &(0x7f00000001c0)=<r8=>0x0, &(0x7f0000000040)=<r9=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r8, r9, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x0, 0x3, r6, 0x0, 0x0, 0x0, 0x80800})
io_uring_enter(r7, 0x3516, 0x3e44, 0x8, 0x0, 0x0)
syz_usb_control_io$hid(r1, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="00220500000003f43fdf81191c5f79f0e395"], 0x0}, 0x0)

13.769770118s ago: executing program 2 (id=3955):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_open_procfs$pagemap(0x0, &(0x7f0000000140))
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x25, 0x16, 0x0)
r1 = syz_open_dev$ttys(0xc, 0x2, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)=0x15)
ioctl$TCFLSH(r1, 0x804c4700, 0xfffffffffffffffe)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r2, 0x7a7, &(0x7f0000000040)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r2, 0x7a0, &(0x7f0000000100)={@hyper})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r2, 0x7a8, &(0x7f0000000240)={{@hyper, 0x2}, @host, 0xc, 0x1000000, 0x5e, 0x2000001, 0x4, 0x401c, 0x4})
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
socket$kcm(0x10, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
r4 = socket$inet_udp(0x2, 0x2, 0x0)
syz_usb_connect$uac1(0x3, 0xdc, &(0x7f00000001c0)=ANY=[@ANYBLOB="12010000000000106b1d01014000010203010902ca0003010070000904000000010100000a24010800000201020d24060000030800000000000000240803960c03112d9cd2ce0c240208000103000000ff000924060506020100000924030003030005490c240206", @ANYRES8=r4, @ANYRES16=r3], 0x0)
sendmsg$IPSET_CMD_TYPE(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="580000000d06010200000000000000000600000a0e0003006269746d63703a6970000000c4000300686173683a697000050001000700000005000100070000000e0003006269746d61703a6970000000050005000a0000003cb4b8ab698fc0"], 0x58}, 0x1, 0x0, 0x0, 0x800}, 0x840)
r5 = socket(0xa, 0x2, 0x100)
ioctl$F2FS_IOC_RESERVE_COMPRESS_BLOCKS(r0, 0x8008f513, &(0x7f0000001b40))
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r5, 0x0, 0x0)
sendmsg$NFT_MSG_GETRULE(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000140)={&(0x7f00000003c0)={0x16c, 0x7, 0xa, 0xfa6e57cb440df3e3, 0x0, 0x0, {0x5, 0x0, 0x2}, [@NFTA_RULE_POSITION_ID={0x8, 0xa, 0x1, 0x0, 0x1}, @NFTA_RULE_USERDATA={0x5c, 0x7, 0x1, 0x0, "313d27073ca8e804b3a562f244550479eac6778443595480608d95062b43d7c897178bc2de42b0ce20126e9d363813f61dfcfcc319318050a3d839ce258d0dad03838bc8419279d7e125f176cdea2631c2434de14438c0b8"}, @NFTA_RULE_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x2}, @NFTA_RULE_USERDATA={0x91, 0x7, 0x1, 0x0, "f151ea1d7fbb09714e80575c178687810c584ca1eeeb8cd9edc8188e7d725f599c1735cd9fd6213f43c7ba3226b38f03b9b5f4cca5c277e2e360325c549a0e35a0e62079c5c7115c0777daa99e8bb5b737333795491b0592ef6fd2df5c0015135d0c6e42e370e242ac5da446933363af61281c9a4af36ed0627843aea7a319270d3d69b9a97661ce86691e2a2f"}, @NFTA_RULE_EXPRESSIONS={0x50, 0x4, 0x0, 0x1, [{0xffffffffffffff9f, 0x1, 0x0, 0x1, @lookup={{0xb}, @val={0x3c, 0x2, 0x0, 0x1, [@NFTA_LOOKUP_SREG={0x8, 0x2, 0x1, 0x0, 0x14}, @NFTA_LOOKUP_SET={0x9, 0x1, 'syz2\x00'}, @NFTA_LOOKUP_SREG={0x8, 0x2, 0x1, 0x0, 0x10}, @NFTA_LOOKUP_SET={0x9, 0x1, 'syz0\x00'}, @NFTA_LOOKUP_FLAGS={0x8, 0x5, 0x1, 0x0, 0x1}, @NFTA_LOOKUP_FLAGS={0x8}]}}}]}, @NFTA_RULE_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x3}]}, 0x16c}, 0x1, 0x0, 0x0, 0x48c0}, 0x4000010)
syz_genetlink_get_family_id$SEG6(0x0, r5)
sendmsg$SEG6_CMD_GET_TUNSRC(r5, 0x0, 0x20004000)

13.60200532s ago: executing program 6 (id=3957):
r0 = socket$inet_icmp(0x2, 0x2, 0x1)
r1 = syz_open_procfs(0x0, &(0x7f0000000040)='timerslack_ns\x00')
write$tun(r1, 0x0, 0xfce)
ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, &(0x7f0000000000)={0x4, 0x6, 0x5, 0x9, 0x1, 0x7a9})

13.487359805s ago: executing program 6 (id=3958):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
sendmsg$key(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00008feff0)={0x0}}, 0x0)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$key(0xf, 0x3, 0x2)
sendmmsg(r3, &(0x7f00000000c0), 0x2c8, 0x0)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x4000000)

12.100525334s ago: executing program 6 (id=3959):
syz_usb_connect(0x1, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x7f}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffeda}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f00000001c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
ptrace$setopts(0x4200, r1, 0x2, 0x3e)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000580)=ANY=[@ANYRES32=0x1, @ANYRES32=0x0, @ANYRES32, @ANYRESHEX=0x0], 0x50)
read$FUSE(0xffffffffffffffff, &(0x7f0000004180)={0x2020}, 0x2020)
socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$can_j1939(0x1d, 0x2, 0x7)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x7, 0x4, 0x6, 0xffda}, 0x1d, [0x6, 0xc95a, 0xfffffff3, 0x9, 0x7f, 0x2, 0x1, 0x7f, 0x6, 0xfffffff9, 0xfffffff2, 0x3, 0x8, 0x3, 0xffff2d37, 0x1dd2, 0x6, 0x7, 0x0, 0x80000001, 0x4, 0x7, 0x3, 0x3c5b, 0x8000001, 0x24, 0xffffffff, 0xfffffffe, 0x1f461e2c, 0x24000, 0xe661, 0x4, 0x9, 0x3, 0x7fff, 0x4c74, 0x8f00, 0x642, 0x3, 0xa, 0x8, 0x71, 0x7, 0x7, 0x103, 0x0, 0x5, 0x3c, 0x91, 0x6, 0x0, 0x3, 0x9, 0x4, 0x8, 0x0, 0x90, 0x0, 0x5, 0x6, 0x8, 0x4, 0x1, 0x40], [0x10000004, 0x8, 0x12f, 0x8000, 0x11, 0x8, 0x129432e2, 0xcb, 0x204f9, 0xd, 0x2bf, 0x6c9, 0x9, 0x1, 0x7, 0x0, 0x7, 0x5, 0x2f, 0xe, 0x312, 0x78, 0xea0, 0xa, 0x4, 0x4000, 0x8000, 0x9, 0x400, 0x1, 0x5, 0xf, 0xff, 0x1005, 0x7ff, 0x5f31, 0x4, 0x0, 0x6, 0x2, 0x19, 0x4, 0x9, 0x8, 0x9, 0x4, 0x1, 0xc681, 0x2, 0x8000, 0xffff, 0x600000, 0x7f, 0x9, 0x5, 0x10003, 0x4, 0x1, 0x7, 0xb, 0x9, 0x48c93690, 0x23, 0xff], [0x4, 0x4, 0x0, 0x64e, 0x3e8, 0x7fffffff, 0x8d2, 0x9, 0x5, 0x7fff, 0x0, 0x5, 0xb, 0x6, 0x5, 0x5, 0x2, 0x1ef, 0x5, 0x8, 0x86, 0x3, 0x665, 0x3e7, 0x9, 0x5, 0x2, 0x2, 0xf, 0x8, 0x4, 0x6d01, 0x5, 0x3b, 0x3, 0x10000, 0x80, 0x3, 0x4, 0x2, 0x0, 0xa2, 0xff, 0x53cf697b, 0x5, 0x6, 0x54fe12d6, 0xbf, 0x200, 0x3, 0x400002, 0xfffffff9, 0x0, 0x6, 0x5, 0x0, 0x6, 0xfffffffb, 0x120000, 0x3, 0x6, 0x9, 0x4, 0x3], [0x9, 0xbb2f, 0x3, 0x7, 0x5, 0x938, 0x6, 0x81, 0x0, 0x5, 0xce7, 0x1ff, 0x6, 0x8ad, 0x5, 0x3, 0x101, 0x10000, 0x6, 0x7fff, 0x8ffff, 0xa620, 0x2, 0x5, 0x4, 0x2, 0x14c, 0x60a7, 0x6, 0x5, 0xffffffff, 0x7ffffffe, 0x5, 0x8, 0xc8, 0x3, 0x4, 0x9, 0x3, 0x9, 0x100, 0x9602, 0xa, 0x2, 0x4, 0x6, 0x1, 0x10000, 0x1, 0x8, 0x2b91, 0xa1f, 0x8, 0x9, 0x1, 0x6c1b, 0x0, 0xb, 0x5, 0xb1c, 0x1, 0x200, 0xffff3441, 0x80000fff]}, 0x45c)
r5 = syz_open_dev$evdev(&(0x7f0000000000), 0x3, 0x822b01)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
write$char_usb(r5, &(0x7f0000000040)="e2", 0x918)
sendmsg$inet(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000007c0)}, 0x4048081)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000280)={'syzkaller0\x00', 0xdc467fef0aefe668})
r6 = socket(0x400000000010, 0x3, 0x0)
r7 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffffd, {0x0, 0x0, 0x0, r8, {0x0, 0x1}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x4)

10.345040425s ago: executing program 9 (id=3962):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x0, &(0x7f0000000440)}, 0x10)
syz_emit_ethernet(0x92, &(0x7f00000002c0)={@local, @link_local={0x17, 0x80, 0xc2, 0x6, 0x5}, @void, {@ipv6={0x86dd, @dccp_packet={0xd, 0x6, "0ffaf3", 0x5c, 0x21, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}, @ipv4={'\x00', '\xff\xff', @empty}, {[@routing={0x6, 0x4, 0x2, 0x2, 0x0, [@mcast2, @remote]}, @fragment={0xff, 0x0, 0x40, 0x0, 0x0, 0xb, 0x66}], {{0x4e20, 0x4e21, 0x4, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, "087b0e", 0x3, "5dfd7d"}, "b9adb8655bda673d4b69f7c8cea3aeefbe93b0f78eef80bf80807ac4"}}}}}}, 0x0)

10.322546108s ago: executing program 2 (id=3963):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x1000000, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
move_pages(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000300)={0x1, 0x1, &(0x7f0000000180)=[0x0], &(0x7f00000000c0), &(0x7f0000000240)=[0x0], &(0x7f0000000040)})
socket$vsock_stream(0x28, 0x1, 0x0)
landlock_restrict_self(0xffffffffffffffff, 0x944c2e86f2959664)

10.090322746s ago: executing program 9 (id=3965):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
syz_emit_ethernet(0x4e, &(0x7f0000000080)={@multicast, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, '\x00', 0x18, 0x87, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, @mcast2, {[@routing={0x4, 0x2, 0x1, 0xf, 0x0, [@empty]}]}}}}}, 0x0)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000040)={0x15, 0x65, 0xffff, 0x1000, 0x8, '9P2000.u'}, 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18, 0x0, 0x0, {0x2}}, 0x18)
write$FUSE_INIT(r2, &(0x7f0000000280)={0x50, 0x0, 0x0, {0x7, 0x21, 0x0, 0x0, 0xfff8, 0x4, 0x0, 0x2, 0x0, 0x0, 0x20, 0x4}}, 0x50)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000540)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@afid={'afid', 0x3d, 0x9}}, {@uname={'uname', 0x3d, '\x14*{%[]-(-['}}], [], 0x6b}})
syz_open_procfs(0x0, &(0x7f0000000dc0)='gid_map\x00')
getxattr(&(0x7f0000000140)='./file0/file0\x00', &(0x7f0000000200)=@random={'trusted.', ')\x00'}, &(0x7f0000000240)=""/64, 0x40)

9.82420749s ago: executing program 9 (id=3967):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f00000000c0)='source', &(0x7f0000000100)='=/,\n-&\xf5\xcc\xd7\x06f\xcdY\xb9\xc7\x9d\xb2a\r\xd7\xef\xc5\x112i\x88\n\x13.\xd6\xfa\xd5?\xc7\xfd&\x8d*\xbb\xa7&,\xe9\xa3/\x91>C\x1b\x15\x87\xeb\xfe\x1c\x9d\\C\xfeI\'\xaeqKHq\x89\x83\xbb\x9dC\xd6Hy\x04\xa4\xb6\x88\xdb\xa1b\xae\xa7\x87\xcc\xc7\xa4\xdc\n:///\x00\x00\x00\x85^\x00\x0f\bu\x01\xab\x8c\x95?\x90\x8d_\xc0\xe1\x9d><T+\xfe\xff\x84x\'+\xd5\xd4?[e\x19\xa3\\J\xe9\x8a\xb9\xe4r\x93\xb3\xd3J \x06\x03\xaeP\f0\xf6Dfz\xf0.\xff\xc2a\x16\xd9\xdc1\xa4\xdf\xafZ\b\xb4IE\x1a\xb6\x8e\xa2\x1c}\x8d\x9e\x87\x96\xe41\xe2\xa3\x9ad\x90\x94\v\xcc', 0xfeffffff00000000)
syz_usb_connect(0x0, 0x3b, &(0x7f0000000300)=ANY=[@ANYBLOB="120100001b3ebd40d80483009c830102030109022900010000000009040000000202010005240e000005"], 0x0)
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)=ANY=[], 0x4c}, 0x1, 0x0, 0x0, 0xb1672d717fa09977}, 0x0)

7.727688375s ago: executing program 4 (id=3969):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/seq/clients\x00', 0x0, 0x0)
r1 = openat$sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000300)={@local})
sendfile(r1, r0, 0x0, 0xfe)
socket$vsock_stream(0x28, 0x1, 0x0)

7.577445088s ago: executing program 6 (id=3970):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
prctl$PR_SET_MM_MAP_SIZE(0x23, 0xf, &(0x7f0000000040))
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_open_dev$usbfs(0x0, 0x85c, 0x1f5100)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000000)={0x0, 0x0, <r3=>0x0}, &(0x7f0000000040)=0xc)
mount(0x0, &(0x7f0000000040)='\x00', &(0x7f00000000c0)='cgroup2\x00', 0x2, 0x0)
mount$bpf(0x0, &(0x7f00000023c0)='./file0\x00', 0x0, 0x958028, &(0x7f0000000180)={[{@gid={'gid', 0x3d, r3}}]})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
ioctl$TIOCSETD(r1, 0x5423, 0x0)
ioctl$TIOCVHANGUP(r1, 0x5437, 0x2)
dup(r1)
acct(0x0)
semctl$GETVAL(0x0, 0x1, 0xc, &(0x7f0000000100)=""/235)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000000000)='/proc/sys/net/\x00\x00v4\x00\x00s/\x92ync_\x00le\xf44.\x00\x00\x00\x00\xd4\xa2\x88\x00\xd1l,'}, 0x30)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
fchdir(r4)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents64(r5, &(0x7f00000000c0)=""/4096, 0x1000)
shmctl$SHM_INFO(0x0, 0xe, 0x0)

7.455457142s ago: executing program 4 (id=3971):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r2 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000940)=ANY=[@ANYBLOB="b4050000200080066110000000000000c6000000000000009500d800000000009f33ef60916e55893f1eeb0b2ae13d922e6235592ce847e2566c43d72918a897323fd0723043c47c896ce0bce66a245ad9d6817fd98cd824498949714ffaac8a6f77ef0000ca5d82054d54d53cd2b6db714e75d9bdae214fa68a0557eb2c5ca683a4b6fcfcff0bffffffffffd47042eaebfa6fa26fa7a347c7faa8e700458c60897d4a6148a1c11428427c40de60beacf871ab5c2ff88a02084e5b5271e45f00003826fb8579c1fb01d2c5553d2ccb5fc5b51fe6b174ebd9907dcff414ed55b0c20cdbe7009a6fe7cc78762f1d4dcdbca64920db9a50f86c21632f7a4bd344e0bd74ff05d37ef68e3b9db863c758ffffffffabe90ac5d08dd9d4e0359c41cf3626e1230bc1cd4c02c460ceb44276e9bd94d1c2e6d17dc5c2edf332a62f5fe68fbbbbfcfd00000000000fbf940e6652d357474ed5f816f66ac3027460ae66317f83cdd7a7eb2a7003d1a6cf5478533584961c329fcf5a43e05c92bfef0dcd28000000003f2915a3039c9a78f63b8ec7e60a0000fed7d67c440e23d130e51eea1e085bebabe7059de9cbfc5117c024185a062acb6b8eec31c21b3af8b9eedb4660ed2deb7acf2a33a376a5cb7d4266d5b0be14488d14b473502486ad8dd600000000000000000000c7766ea7c581782c0d90f42a85303835fc291c25d29e6bead5d7360f2e1929d7736ebc8558c4506407d3046022bdf25485bd5442169e9b4c1278343581b7a06f65e8ea6b042c4fd08381e5000000000000006398d6480000001a723b91030000006480304c66b217aea0156ce9eef911fe5b7370f79987303ecb3aabc53c60014a0101ab766754f596b41da9534d12b8306a1b36cf3b03f0d790879f523eabfbee83d8bd472ef69660cf6ec897106c51e54a17497f384c4956b41f3843e7c878b1e11316d8ddae1c6c3b85aaf7a9fcaf8f5d6186c42542d68ba72682c938d3c0a2e6e10eed71b1d31c9f300b41745329bf34495c63e43fb896e4903fb0fae54a8f0fe3b48a5b29d279070647e65097c8ecf32a15080000000000000001007ba4a70a084bd994ac5e00000000000000000000000000351a30cd97f83d72631d0fe92efa974a53f4dc1eb9a86df632a6d463688123f64d42a919bcfc44a90ffd680200000091f842a91c977f6075d07e39e669b0713af0498a99bf5261cb3269d499a5202d7a08b33ade7b38829b9bd39619688d5e9af22170ef83e5b92cbb32b655c45de1c154aad81bf64351668a3f76d5afa958aff76249e0ffdf8e45155536a1a44bfcbfbfd232af000052f9002a"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
close(r2)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{}, &(0x7f0000000280), &(0x7f00000002c0)=r2}, 0x20)
munlockall()
r3 = socket(0xa, 0x3, 0xff)
recvmmsg(r3, &(0x7f0000002040), 0x400000000000233, 0x10022, 0x0)
syz_emit_ethernet(0x3e, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaeaa3986dd6c37a07e00082c01000000000000000000e6ffffe0000001fe8000000000000000000000000000aaff"], 0x0)
openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c4159b364a4fd7013f34db173a4fdacf15229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be867a28f09c5877fc2355ecdc9c30dcb2d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff3a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb357b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50265a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3590], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r4}, 0x10)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x480000, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0xfffffdb6)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20000023893)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
munlockall()
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x6)
ioctl$KVM_SET_MSRS(r6, 0x4008ae89, &(0x7f00000001c0)=ANY=[@ANYBLOB="01000000000000009a000040"])
ioctl$IOC_WATCH_QUEUE_SET_FILTER(0xffffffffffffffff, 0x5761, 0x0)

6.442492665s ago: executing program 6 (id=3972):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$SNDRV_RAWMIDI_IOCTL_INFO(0xffffffffffffffff, 0x40045731, 0x0)
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1e7d, 0x2c2e, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x20, 0xc, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x2000, 0x3, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x400, 0xff}}}}}]}}]}}, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000180)={@ifindex, 0x1e, 0x1, 0x7fff, &(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6, 0x0, &(0x7f0000000040)=[0x0, 0x0], &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r2=>0x0}, 0x40)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
r4 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r4, 0x1, 0x2, &(0x7f0000f59ffc)=0x4, 0x4)
bind$inet6(r4, &(0x7f0000000480)={0xa, 0x4e20, 0x0, @mcast1, 0x2}, 0x1c)
bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e20, 0x3, @ipv4={'\x00', '\xff\xff', @multicast2}, 0x3c}, 0x1c)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r3, 0x8982, &(0x7f0000000280)={0x0, 'dvmrp0\x00', {0x1}, 0x4})
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000240)={0x9, <r5=>0x0}, 0x8)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000300)=ANY=[@ANYRES32=r0, @ANYRES32=r0, @ANYBLOB="160000002020000000000000", @ANYRES32=r5, @ANYBLOB="1f0054f510ebd35df12083ef2399fb423bccde58fd266a58175eb4ba117b506eb04635996d4eec8a324cc34fd69e8d297f9a2b9216086f425bf73def8bc0b48697cde40cdc5720a35f17b2442eff9ef9f2900945ffe2f0168b9113347b75365283718581c901e745a82b348833a81defd59fb1aed4059d639b4d9e3175cd75f3ef21be6639b6a4424a198013b6d4cd11073c56871dad0898f020f25754661a5bf18aee00b7", @ANYRES64=r2], 0x20)
syz_usb_control_io(r1, 0x0, 0x0)
ioctl$BTRFS_IOC_SNAP_DESTROY(0xffffffffffffffff, 0x5000940f, &(0x7f0000000600)={{}, "efc98950c893d6ae2e38f56d43d263b17b6d3ac16323846e4707cceadf0b12d04120336ec2d8b98242a698e79b005137009e57bf6e7609b07b444764de548ada896020d6c994976dea4010412a109f8a4c81ae2f816477ba21e027fd291b9f4e8900921ec10824ef59eb7d3d923d6ca52ead3850de8be5343acf457bd3da56ea1fcddbfbb48121ffbc50ee85e83e65ed063ac8c1460d52e6c9bbd826593069197c3c52aa9f27e25b2c5c45bc6a6efc2fb77c5822e094c5f809ff29380ec1b9570c9b63298fa6fab56991756268499aed87651bd4a4666d68bd9317c5973410052bbe08dd56c388ba80d83d5401a7bb12bdff972fb0f9dff669d5b40ed7c2d91bb5f70fbc9762fd3217db56ce821ea5a4058584a30c245c9f58f57d50bdd5d7bd4ebbbf6c075eda5d2c822de924058e73fa2230f9b2f3e7968fe72bd86ab64b2f30fff3bfb339a6e994eb9af9a1d660e17cb17d8718587862ac043ecd950e3b4ecf0a9093119fd3d368d5134f83f59325a247108639a872be64c18d76f19942ea65cba660ca43e792b4c279802f435efdd0d6f8d94e2138eefb2429774a52564975746c9f3b72d0436df433dd963cafcce1af0fd7079c3792b36c537dc3c4c755a310e7b1b5e7c9c0bd360a7fa152c726cca804c46e81db996d159e58535b810721b4a6a120ba32538fea956bf2c8775730761f1944d4e712f03a5a7438b903f8fbd9b56087be374dcaf1fbb5275e1e0860a2bf0e52e5bf3be9bd576d8f4531ec1ae337d2a1b53468c1bd20d0892e0cbfd95f9b67a960d9c4d00f593dbcfac3458d5776b069d0257b63610864fc8f96fe64d7e8d7795a873278e5b5216983ec50ab0501461aef07a79aa27182a0f9bfb6bc0acbf4b7950e1bda34c0f35b95c5d546d5b5d25ef22ab565fca8287642d04388bd8a15d7d3f362d7fc2758d4ba1ee75ef1adc26de58e222f0c665388e9dca3ca24a4ed03b22cf12494f15cf8358a39cc74ced1df2b8b907e31aae5ba306af603dc60c63c9b1c048f02b2dd5af73ce7f3a7a3b9468f8198ea5b9a8796b9498741e975edaf73a1fc0e6810ee9c5be1f3938321be41272f136e36f6c5e335e9ba7554fb96f54db7414df4290a76e0b62aa4c3cb4eb44c9a28cc5f1fbfb62a33b85135b8db390e1ef2fbd983b7059a34387de23df12a321a599d0d645be5770d8145248627aa48c68e50186fe026d6aa4bf574947f3a778d9f0dcfb338400e27f1d62fa80d6a778e5f9c18f22f5777b70e717b76d35292f23a9d081ee5f8ea08c0f776cf68c64689b99d90d413dfc27201427c7d3e4e7dbd884e71f5c92e359c9a99dc79c51be5483b276dd9fc62c338abad5ab8b58dd78695c737e474528c5b2d80dcfa087952eaef520ba79c7ffd1bcfc1a93c2a09242ed0c60983e121b8f50dbdec80f1da7e7e7cbc13d3e4d9ed03bffcae89b0607fb70ef04245a62b4b27c3a3a35a285a79bae280c1b3ba8aaa8a8dca5d05b17dbe0d74785774ca5c3e0782d3a9883ad090e6073d6bb7731a3731546cf8d6d8966b61addc904575807cf264af9dfc82c512440b94f8829c14e870095bfb850ee5e29691804ccd963f44de0aedb582e665f9b2765d643d437d72fb42d50d0249c39fdf501dbde97b5d6437906d0de31f332b56c34af646dae0bc2f96176e273838ecc2ed1aa6f4d1a275c0d7d82b54f699d6b0366d04935e4d1a86479f9a2294b5228de3dd98f079f52279f4b5794e704b9bf360ca882b3f0a1861a10335ae59fba4084febfa341edf5040a48c4cbf14fefd8705ccee61579c3fa054ff6baeeed769a1ad8823675bceb690cde3a19c8d638d70dba3e19f3ddcb685f33872753a54e60a38142ba76eebf4a18d692a24424c99c29d772a35cec29925fa297662cec95128d063d8f34d2c63bf733ee2e5854c37677015ec7fe1d1627086e7d05b3da9f425b2418abd65d1fea3e55d57917b5b9c24e385aa574477f56f83ceb9033733ff217ed67c24f46db02a4c778de93b58e191da2aa074ee16929db472abfe0e524e84f4d1ae522b52ed3d75ba9d95d181ff7b130589861ba84dc1b64c6cab8e6d2676be06213cd36d740c5c7748a88d0b44812afccfc748f1ad30eb6f2c4da1023ed59069e86d232912d85918d39e75a0845ea5dfc00e14e0515183200a8a0e91bb85d577c1b8908d38d939317831c9d320a5c91b621fc91f06613e289c572965e92238138756f1ca37e305d0337aef8d3ed55c44bbc7266c06c46237a6552d667b6a89a6fa0c5686b8a6e3e6aa683d4d47cde4e437bdcd3b2f22bc21c7924505034658b35b93aa2df925142a42f8b6b663d7a674f54548105b8b6e4263080f3968109c3af975b3827e78422c56f3d4c71a075fea8def3e2c9e0597454e667fa7ba8e6e6b6f16f46b09f74c516e2dc420965919ec534a6713c2f6997040ab7ab41891fb5fd320c55f8657af6bcf531088209dd3234364ba4569b6e1697a926b2dea959fe7e64b25ad283d9ef8534c80cc59012087afc34ddf59a8efc73f0cd7616271784bd492b08aa12929ae740023e442f1f3da0a2005ab138079d3540ce6eb610382610bdb15ec99fa17b7770ca2c4584aecc03ec760092bd8e63b7f8d7593958ec15779d9a676acaa51aff7ba532bed8136780852a996260da54e959840a6eff556084b928b83cbfd065dbd55f6d275dee93952996f60b2ed5e87a07c4d9cc09cebd11b63303db1e9f49867a555a8fc0587c76fc7374ca778a1b98f25bd25efea6b38dddb1ca2ec11447a2ad4b2b70f2ba45aeb50e756dc8fdf1cadacd6b946499ba4aab91b65b7a754f002bb0616d8fb16a5b71897bacf0a26686f068610aa9f734f4737d16b70b52e6e52b5ea4cbec5bf3f5bd462b74addb049f7619ece514dd2ced9da153b1ccf638c5d118dd6dd757702d2ef3afe4b57759559036e4a5b00f71417de8e7ab76ff8c27be1172a6d8b00522954cdc21c846a4304180ee09ae8b3d42d61f073e185f1b9d9f42dfaf13b6e81658dbaf8c72fcb5b39054c0fb1c3f8f83098dfe2705f3e1e7f5e6c604bb810b82715b292e50925a3b5e7badff4adf171904363a744b7bd91018f098b721de1a79941cf370114209bee940cd01285ac82d4c64ef0f38a5f4c21cc7305f3d4cea2f5ab164cc5a8330b0d70d9b5fd67deffee957ee07cf0ba211564623a90ecbd90e9f2c977f025eab7f911f56f277435101a6a9b153212367c5c43cea1170989013f8664707008fb7cd5d25da5db2c302e5550406bae972f1e76bb8135286a39261940eed732b540a438d7c5a667d8d54b22974fc055fac344e9698b8ee82e233b79d123f73198d97254e70e02bf0d72e69e4f01f5ffba7dbd9085e468e2ba7062977b404a1cd14d30c5b0568f6c6a87421316175b22f1dd3f5c5dea8e00a49d02193643f362e933922a664acd64ce1a1c943c014b8cfcc19caf57ab1229e16e3038f14d8f802bf33c1f77239f1933745a8140b87ce153c3175541c0fa5149feb4d47d5c75fd99d9f4e5617262fa49dc1a34812ee14acc06f16103434f94e7a130985ef630cddb775a9e620123d77cbed8f41a2f7b60e5be515d4ebaf175af3ca5d852b7428ed4cbc5a21968bd8b824267dd5c285082b482255187896dd07f871b7f3da71cfb8db4ddca4d75c77ec30ee4df35a6a57e86a6425f3fee9ea17e7e8c63ba521ecb7b63324b6f79352d5b7e6a734b3d93ad5f072c283e33cdc77f4ccebb01074cd2af03751f2e5435b5b4894a3dacb65d19805eaa4253873305e36d59324d1463b397873743caa7458ff8b8b5e0a7b0fb635bacae734291b8596421437061fe1dcff740c6b5be3846fbdcb59c9129642e1471e4cc304c7215da87b4d9e83b387facacaefc1da25071bd4a412f4cb45fccd43bb7585351c2be1b0a02042fe61313eb6f6fbbd81be238fd85583174fb053be88a6d79e9a8ee7341b824571ac451318f8181ace6691fcd772131106b2642abcded21ed91151f5c925a243712f4a8eef8b5c08f962a3c87d4ae7e75b1fd1d230db6afca412d8706b43c54f8d6a9ac97cb693d9f5454ae1513d78f99f7fecf853101f8bf761910913fb75dbdf0d7bbae9ca8dcdcfe86e40efaf8ada21efc6db5e302ce7a30a0647ca0efdaa28a2c84e8135a24968108f9ef0cdb2f90f0810e695e77dc70a0ce598f73b2343186049fe1933ccd0095824451c5cb4bc0937257fed84db5d04b99261a016c3f4d17d27381ff61a2aa7d87dcde8061cac8efff975b7189ec0b59073151155b4d5b6590a7c2b607cde2bf9d1f268d3526974031329f10ac0c1e13842e0c196bb69122c18a8566dbc78cf10d4707a6b512a598d24133845299d7eda764711675d5058dc89b4044a6e2064f047819a66f7559b841d6f2baffa62292d979d06e76df17d4a82eebff85104d2c42515e827315481306240d7d89bb9bee0e4623c44f7c67ebaf415d5afcc69bd9ded79c13811e3a1a19273e631ece2d6388f3b48e81142ddfc519684398df99c7a668e340aed3bad730d2036eb99c84d570a69b6e8a68924a43a0d9e5c1a928e01a0386ebf21da77cc4984c419b69f63fc9500bd0129906c19abe2aaedcc2d4ff9fcfdccf8bb67dface2f8d015d0be4fe05bae2c2eebbfc1503634af3f8c030d5014cc04ace102e02158b0a1e62b641255056788aae7997f93f4e01975072c2dd4bca29e8cf0747ba87f09ff74ba8f8d86322228f5b8ffbe0d052eddf334fb7793e1822bc58a422b9ed95707bfcff355811c39324a873a440cb54c16229ba7f3d74117656c7a85412d9e416766cfffaf61bb59217a6ca2f0d6437b38ffe35a2050ddbbd44f65fe88e2e5a0f4b7bea58b0f83a69f738b8312ec20720f424ad6458a00fc8630df7c62bfde9271ff36220c74fac1d1f94a7aa6384c89d6cac59f1d98485b972fd245f911ac8d1dade812041f1ab423d48b00e7e387234f51e77687c23d84a037eb4b7022e4fa22c7c56f375631c6fcba92e40a97eb643e726f48decf8f4c7bdf17fac7d236dc1c1cf6861fe2e90c0737e009732a1f71f47eb634cc469a11c44d66e0c09503e274f4c20be5b0465cc96281d1f1a2e08f00099f5257fb542a38359237ffa772cc376cc3ea9beaa902e7e09b309b361b04b7849dfbed3783850c84b40b4d6726b646d6f48ce036b812ae10d59ca169d5f4af23df8f1073d225c482a4b62014e97bc0629d52349697ff2331afbedb02a6e9fb62d823a5d2912e0d96c92717205b5c11f9a46403dd1717e3e4324cb6e59e8e8ac2f418f6318ad2e9035ddbab087924526284747ff1fa84a09ee640f0ed27722cea1795bfe188dbfc45c83ca28a676d552c34bdbf06fd866cc17ab947d1b97933a0c161d99dd465d1e9f6405717b8125fd84aacafd929362512583c9ef1dfd53836bf8487c02b57bb391257d5bcbee39bbb1e2a2151475722ededc2fa6c77bec031121205e2ae034574ca517ed4abb0a4e0c7df42a399704913f5639835ec21fbb37fc14aa0b6bdafc8e37b61f3f6cceae2e8b040f29f1c3ff41e239f4247403b5e0312519ce9569f9e9551352063c56959a35d1552a60b2b8d7252c33533b77ef56e04f62618b3b4bd83cb5db459bea9cb663da4b20bc36894c11d23dc7c618eada1a83b54e48c846e69837a553705e54ac2a37aa19abc5d55b64eb1fe73b21435cca4c55dbdded4168d7f33e69e2c39eb8fa2a53398285f77d8eb28d2fc66af90027a37c00373b73c3ded7916642b6869c2cdd6c45fa65f2c549"})
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000640)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = syz_io_uring_setup(0x2be, &(0x7f0000000140)={0x0, 0xa581, 0x0, 0x2, 0x1000111}, &(0x7f00000001c0)=<r8=>0x0, &(0x7f0000000040)=<r9=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r8, r9, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x0, 0x3, r6, 0x0, 0x0, 0x0, 0x80800})
io_uring_enter(r7, 0x3516, 0x3e44, 0x8, 0x0, 0x0)
syz_usb_control_io$hid(r1, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="00220500000003f43fdf81191c5f79f0e395"], 0x0}, 0x0)

6.417818485s ago: executing program 2 (id=3973):
socket(0x2, 0x80805, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket(0x2, 0x3, 0xff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
syz_emit_vhci(&(0x7f0000000340)=ANY=[], 0x64)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xa2bb1000)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x691, 0x0)
close(0xffffffffffffffff)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
accept(0xffffffffffffffff, 0x0, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe)
listen(r1, 0x8000)
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="043e130100c90001"], 0x16)
r2 = socket(0xa, 0x5, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)

5.79799668s ago: executing program 2 (id=3974):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_int(r0, 0x6, 0x9, &(0x7f0000000000)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1c}, 0xd}, 0x1c)
openat$adsp1(0xffffffffffffff9c, 0x0, 0x80, 0x0)

5.296656785s ago: executing program 2 (id=3975):
syz_usb_connect(0x1, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x7f}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffeda}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f00000001c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
ptrace$setopts(0x4200, r1, 0x2, 0x3e)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000580)=ANY=[@ANYRES32=0x1, @ANYRES32=0x0, @ANYRES32, @ANYRESHEX=0x0], 0x50)
read$FUSE(0xffffffffffffffff, &(0x7f0000004180)={0x2020}, 0x2020)
socket$nl_route(0x10, 0x3, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x7, 0x4, 0x6, 0xffda}, 0x1d, [0x6, 0xc95a, 0xfffffff3, 0x9, 0x7f, 0x2, 0x1, 0x7f, 0x6, 0xfffffff9, 0xfffffff2, 0x3, 0x8, 0x3, 0xffff2d37, 0x1dd2, 0x6, 0x7, 0x0, 0x80000001, 0x4, 0x7, 0x3, 0x3c5b, 0x8000001, 0x24, 0xffffffff, 0xfffffffe, 0x1f461e2c, 0x24000, 0xe661, 0x4, 0x9, 0x3, 0x7fff, 0x4c74, 0x8f00, 0x642, 0x3, 0xa, 0x8, 0x71, 0x7, 0x7, 0x103, 0x0, 0x5, 0x3c, 0x91, 0x6, 0x0, 0x3, 0x9, 0x4, 0x8, 0x0, 0x90, 0x0, 0x5, 0x6, 0x8, 0x4, 0x1, 0x40], [0x10000004, 0x8, 0x12f, 0x8000, 0x11, 0x8, 0x129432e2, 0xcb, 0x204f9, 0xd, 0x2bf, 0x6c9, 0x9, 0x1, 0x7, 0x0, 0x7, 0x5, 0x2f, 0xe, 0x312, 0x78, 0xea0, 0xa, 0x4, 0x4000, 0x8000, 0x9, 0x400, 0x1, 0x5, 0xf, 0xff, 0x1005, 0x7ff, 0x5f31, 0x4, 0x0, 0x6, 0x2, 0x19, 0x4, 0x9, 0x8, 0x9, 0x4, 0x1, 0xc681, 0x2, 0x8000, 0xffff, 0x600000, 0x7f, 0x9, 0x5, 0x10003, 0x4, 0x1, 0x7, 0xb, 0x9, 0x48c93690, 0x23, 0xff], [0x4, 0x4, 0x0, 0x64e, 0x3e8, 0x7fffffff, 0x8d2, 0x9, 0x5, 0x7fff, 0x0, 0x5, 0xb, 0x6, 0x5, 0x5, 0x2, 0x1ef, 0x5, 0x8, 0x86, 0x3, 0x665, 0x3e7, 0x9, 0x5, 0x2, 0x2, 0xf, 0x8, 0x4, 0x6d01, 0x5, 0x3b, 0x3, 0x10000, 0x80, 0x3, 0x4, 0x2, 0x0, 0xa2, 0xff, 0x53cf697b, 0x5, 0x6, 0x54fe12d6, 0xbf, 0x200, 0x3, 0x400002, 0xfffffff9, 0x0, 0x6, 0x5, 0x0, 0x6, 0xfffffffb, 0x120000, 0x3, 0x6, 0x9, 0x4, 0x3], [0x9, 0xbb2f, 0x3, 0x7, 0x5, 0x938, 0x6, 0x81, 0x0, 0x5, 0xce7, 0x1ff, 0x6, 0x8ad, 0x5, 0x3, 0x101, 0x10000, 0x6, 0x7fff, 0x8ffff, 0xa620, 0x2, 0x5, 0x4, 0x2, 0x14c, 0x60a7, 0x6, 0x5, 0xffffffff, 0x7ffffffe, 0x5, 0x8, 0xc8, 0x3, 0x4, 0x9, 0x3, 0x9, 0x100, 0x9602, 0xa, 0x2, 0x4, 0x6, 0x1, 0x10000, 0x1, 0x8, 0x2b91, 0xa1f, 0x8, 0x9, 0x1, 0x6c1b, 0x0, 0xb, 0x5, 0xb1c, 0x1, 0x200, 0xffff3441, 0x80000fff]}, 0x45c)
r4 = syz_open_dev$evdev(&(0x7f0000000000), 0x3, 0x822b01)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
write$char_usb(r4, &(0x7f0000000040)="e2", 0x918)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000280)={'syzkaller0\x00', 0xdc467fef0aefe668})
r6 = socket(0x400000000010, 0x3, 0x0)
r7 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffffd, {0x0, 0x0, 0x0, r8, {0x0, 0x1}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x4)

3.871360819s ago: executing program 9 (id=3976):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$SNDRV_RAWMIDI_IOCTL_INFO(0xffffffffffffffff, 0x40045731, &(0x7f00000004c0))
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1e7d, 0x2c2e, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x20, 0xc, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x2000, 0x3, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x400, 0xff}}}}}]}}]}}, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000180)={@ifindex, 0x1e, 0x1, 0x7fff, &(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6, 0x0, &(0x7f0000000040)=[0x0, 0x0], &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r2=>0x0}, 0x40)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
r4 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r4, 0x1, 0x2, &(0x7f0000f59ffc)=0x4, 0x4)
bind$inet6(r4, &(0x7f0000000480)={0xa, 0x4e20, 0x0, @mcast1, 0x2}, 0x1c)
bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e20, 0x3, @ipv4={'\x00', '\xff\xff', @multicast2}, 0x3c}, 0x1c)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r3, 0x8982, &(0x7f0000000280)={0x0, 'dvmrp0\x00', {0x1}, 0x4})
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000240)={0x9, <r5=>0x0}, 0x8)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000300)=ANY=[@ANYRES32=r0, @ANYRES32=r0, @ANYBLOB="160000002020000000000000", @ANYRES32=r5, @ANYBLOB="1f0054f510ebd35df12083ef2399fb423bccde58fd266a58175eb4ba117b506eb04635996d4eec8a324cc34fd69e8d297f9a2b9216086f425bf73def8bc0b48697cde40cdc5720a35f17b2442eff9ef9f2900945ffe2f0168b9113347b75365283718581c901e745a82b348833a81defd59fb1aed4059d639b4d9e3175cd75f3ef21be6639b6a4424a198013b6d4cd11073c56871dad0898f020f25754661a5bf18aee00b7", @ANYRES64=r2], 0x20)
syz_usb_control_io(r1, 0x0, 0x0)
ioctl$BTRFS_IOC_SNAP_DESTROY(0xffffffffffffffff, 0x5000940f, &(0x7f0000000600)={{}, "efc98950c893d6ae2e38f56d43d263b17b6d3ac16323846e4707cceadf0b12d04120336ec2d8b98242a698e79b005137009e57bf6e7609b07b444764de548ada896020d6c994976dea4010412a109f8a4c81ae2f816477ba21e027fd291b9f4e8900921ec10824ef59eb7d3d923d6ca52ead3850de8be5343acf457bd3da56ea1fcddbfbb48121ffbc50ee85e83e65ed063ac8c1460d52e6c9bbd826593069197c3c52aa9f27e25b2c5c45bc6a6efc2fb77c5822e094c5f809ff29380ec1b9570c9b63298fa6fab56991756268499aed87651bd4a4666d68bd9317c5973410052bbe08dd56c388ba80d83d5401a7bb12bdff972fb0f9dff669d5b40ed7c2d91bb5f70fbc9762fd3217db56ce821ea5a4058584a30c245c9f58f57d50bdd5d7bd4ebbbf6c075eda5d2c822de924058e73fa2230f9b2f3e7968fe72bd86ab64b2f30fff3bfb339a6e994eb9af9a1d660e17cb17d8718587862ac043ecd950e3b4ecf0a9093119fd3d368d5134f83f59325a247108639a872be64c18d76f19942ea65cba660ca43e792b4c279802f435efdd0d6f8d94e2138eefb2429774a52564975746c9f3b72d0436df433dd963cafcce1af0fd7079c3792b36c537dc3c4c755a310e7b1b5e7c9c0bd360a7fa152c726cca804c46e81db996d159e58535b810721b4a6a120ba32538fea956bf2c8775730761f1944d4e712f03a5a7438b903f8fbd9b56087be374dcaf1fbb5275e1e0860a2bf0e52e5bf3be9bd576d8f4531ec1ae337d2a1b53468c1bd20d0892e0cbfd95f9b67a960d9c4d00f593dbcfac3458d5776b069d0257b63610864fc8f96fe64d7e8d7795a873278e5b5216983ec50ab0501461aef07a79aa27182a0f9bfb6bc0acbf4b7950e1bda34c0f35b95c5d546d5b5d25ef22ab565fca8287642d04388bd8a15d7d3f362d7fc2758d4ba1ee75ef1adc26de58e222f0c665388e9dca3ca24a4ed03b22cf12494f15cf8358a39cc74ced1df2b8b907e31aae5ba306af603dc60c63c9b1c048f02b2dd5af73ce7f3a7a3b9468f8198ea5b9a8796b9498741e975edaf73a1fc0e6810ee9c5be1f3938321be41272f136e36f6c5e335e9ba7554fb96f54db7414df4290a76e0b62aa4c3cb4eb44c9a28cc5f1fbfb62a33b85135b8db390e1ef2fbd983b7059a34387de23df12a321a599d0d645be5770d8145248627aa48c68e50186fe026d6aa4bf574947f3a778d9f0dcfb338400e27f1d62fa80d6a778e5f9c18f22f5777b70e717b76d35292f23a9d081ee5f8ea08c0f776cf68c64689b99d90d413dfc27201427c7d3e4e7dbd884e71f5c92e359c9a99dc79c51be5483b276dd9fc62c338abad5ab8b58dd78695c737e474528c5b2d80dcfa087952eaef520ba79c7ffd1bcfc1a93c2a09242ed0c60983e121b8f50dbdec80f1da7e7e7cbc13d3e4d9ed03bffcae89b0607fb70ef04245a62b4b27c3a3a35a285a79bae280c1b3ba8aaa8a8dca5d05b17dbe0d74785774ca5c3e0782d3a9883ad090e6073d6bb7731a3731546cf8d6d8966b61addc904575807cf264af9dfc82c512440b94f8829c14e870095bfb850ee5e29691804ccd963f44de0aedb582e665f9b2765d643d437d72fb42d50d0249c39fdf501dbde97b5d6437906d0de31f332b56c34af646dae0bc2f96176e273838ecc2ed1aa6f4d1a275c0d7d82b54f699d6b0366d04935e4d1a86479f9a2294b5228de3dd98f079f52279f4b5794e704b9bf360ca882b3f0a1861a10335ae59fba4084febfa341edf5040a48c4cbf14fefd8705ccee61579c3fa054ff6baeeed769a1ad8823675bceb690cde3a19c8d638d70dba3e19f3ddcb685f33872753a54e60a38142ba76eebf4a18d692a24424c99c29d772a35cec29925fa297662cec95128d063d8f34d2c63bf733ee2e5854c37677015ec7fe1d1627086e7d05b3da9f425b2418abd65d1fea3e55d57917b5b9c24e385aa574477f56f83ceb9033733ff217ed67c24f46db02a4c778de93b58e191da2aa074ee16929db472abfe0e524e84f4d1ae522b52ed3d75ba9d95d181ff7b130589861ba84dc1b64c6cab8e6d2676be06213cd36d740c5c7748a88d0b44812afccfc748f1ad30eb6f2c4da1023ed59069e86d232912d85918d39e75a0845ea5dfc00e14e0515183200a8a0e91bb85d577c1b8908d38d939317831c9d320a5c91b621fc91f06613e289c572965e92238138756f1ca37e305d0337aef8d3ed55c44bbc7266c06c46237a6552d667b6a89a6fa0c5686b8a6e3e6aa683d4d47cde4e437bdcd3b2f22bc21c7924505034658b35b93aa2df925142a42f8b6b663d7a674f54548105b8b6e4263080f3968109c3af975b3827e78422c56f3d4c71a075fea8def3e2c9e0597454e667fa7ba8e6e6b6f16f46b09f74c516e2dc420965919ec534a6713c2f6997040ab7ab41891fb5fd320c55f8657af6bcf531088209dd3234364ba4569b6e1697a926b2dea959fe7e64b25ad283d9ef8534c80cc59012087afc34ddf59a8efc73f0cd7616271784bd492b08aa12929ae740023e442f1f3da0a2005ab138079d3540ce6eb610382610bdb15ec99fa17b7770ca2c4584aecc03ec760092bd8e63b7f8d7593958ec15779d9a676acaa51aff7ba532bed8136780852a996260da54e959840a6eff556084b928b83cbfd065dbd55f6d275dee93952996f60b2ed5e87a07c4d9cc09cebd11b63303db1e9f49867a555a8fc0587c76fc7374ca778a1b98f25bd25efea6b38dddb1ca2ec11447a2ad4b2b70f2ba45aeb50e756dc8fdf1cadacd6b946499ba4aab91b65b7a754f002bb0616d8fb16a5b71897bacf0a26686f068610aa9f734f4737d16b70b52e6e52b5ea4cbec5bf3f5bd462b74addb049f7619ece514dd2ced9da153b1ccf638c5d118dd6dd757702d2ef3afe4b57759559036e4a5b00f71417de8e7ab76ff8c27be1172a6d8b00522954cdc21c846a4304180ee09ae8b3d42d61f073e185f1b9d9f42dfaf13b6e81658dbaf8c72fcb5b39054c0fb1c3f8f83098dfe2705f3e1e7f5e6c604bb810b82715b292e50925a3b5e7badff4adf171904363a744b7bd91018f098b721de1a79941cf370114209bee940cd01285ac82d4c64ef0f38a5f4c21cc7305f3d4cea2f5ab164cc5a8330b0d70d9b5fd67deffee957ee07cf0ba211564623a90ecbd90e9f2c977f025eab7f911f56f277435101a6a9b153212367c5c43cea1170989013f8664707008fb7cd5d25da5db2c302e5550406bae972f1e76bb8135286a39261940eed732b540a438d7c5a667d8d54b22974fc055fac344e9698b8ee82e233b79d123f73198d97254e70e02bf0d72e69e4f01f5ffba7dbd9085e468e2ba7062977b404a1cd14d30c5b0568f6c6a87421316175b22f1dd3f5c5dea8e00a49d02193643f362e933922a664acd64ce1a1c943c014b8cfcc19caf57ab1229e16e3038f14d8f802bf33c1f77239f1933745a8140b87ce153c3175541c0fa5149feb4d47d5c75fd99d9f4e5617262fa49dc1a34812ee14acc06f16103434f94e7a130985ef630cddb775a9e620123d77cbed8f41a2f7b60e5be515d4ebaf175af3ca5d852b7428ed4cbc5a21968bd8b824267dd5c285082b482255187896dd07f871b7f3da71cfb8db4ddca4d75c77ec30ee4df35a6a57e86a6425f3fee9ea17e7e8c63ba521ecb7b63324b6f79352d5b7e6a734b3d93ad5f072c283e33cdc77f4ccebb01074cd2af03751f2e5435b5b4894a3dacb65d19805eaa4253873305e36d59324d1463b397873743caa7458ff8b8b5e0a7b0fb635bacae734291b8596421437061fe1dcff740c6b5be3846fbdcb59c9129642e1471e4cc304c7215da87b4d9e83b387facacaefc1da25071bd4a412f4cb45fccd43bb7585351c2be1b0a02042fe61313eb6f6fbbd81be238fd85583174fb053be88a6d79e9a8ee7341b824571ac451318f8181ace6691fcd772131106b2642abcded21ed91151f5c925a243712f4a8eef8b5c08f962a3c87d4ae7e75b1fd1d230db6afca412d8706b43c54f8d6a9ac97cb693d9f5454ae1513d78f99f7fecf853101f8bf761910913fb75dbdf0d7bbae9ca8dcdcfe86e40efaf8ada21efc6db5e302ce7a30a0647ca0efdaa28a2c84e8135a24968108f9ef0cdb2f90f0810e695e77dc70a0ce598f73b2343186049fe1933ccd0095824451c5cb4bc0937257fed84db5d04b99261a016c3f4d17d27381ff61a2aa7d87dcde8061cac8efff975b7189ec0b59073151155b4d5b6590a7c2b607cde2bf9d1f268d3526974031329f10ac0c1e13842e0c196bb69122c18a8566dbc78cf10d4707a6b512a598d24133845299d7eda764711675d5058dc89b4044a6e2064f047819a66f7559b841d6f2baffa62292d979d06e76df17d4a82eebff85104d2c42515e827315481306240d7d89bb9bee0e4623c44f7c67ebaf415d5afcc69bd9ded79c13811e3a1a19273e631ece2d6388f3b48e81142ddfc519684398df99c7a668e340aed3bad730d2036eb99c84d570a69b6e8a68924a43a0d9e5c1a928e01a0386ebf21da77cc4984c419b69f63fc9500bd0129906c19abe2aaedcc2d4ff9fcfdccf8bb67dface2f8d015d0be4fe05bae2c2eebbfc1503634af3f8c030d5014cc04ace102e02158b0a1e62b641255056788aae7997f93f4e01975072c2dd4bca29e8cf0747ba87f09ff74ba8f8d86322228f5b8ffbe0d052eddf334fb7793e1822bc58a422b9ed95707bfcff355811c39324a873a440cb54c16229ba7f3d74117656c7a85412d9e416766cfffaf61bb59217a6ca2f0d6437b38ffe35a2050ddbbd44f65fe88e2e5a0f4b7bea58b0f83a69f738b8312ec20720f424ad6458a00fc8630df7c62bfde9271ff36220c74fac1d1f94a7aa6384c89d6cac59f1d98485b972fd245f911ac8d1dade812041f1ab423d48b00e7e387234f51e77687c23d84a037eb4b7022e4fa22c7c56f375631c6fcba92e40a97eb643e726f48decf8f4c7bdf17fac7d236dc1c1cf6861fe2e90c0737e009732a1f71f47eb634cc469a11c44d66e0c09503e274f4c20be5b0465cc96281d1f1a2e08f00099f5257fb542a38359237ffa772cc376cc3ea9beaa902e7e09b309b361b04b7849dfbed3783850c84b40b4d6726b646d6f48ce036b812ae10d59ca169d5f4af23df8f1073d225c482a4b62014e97bc0629d52349697ff2331afbedb02a6e9fb62d823a5d2912e0d96c92717205b5c11f9a46403dd1717e3e4324cb6e59e8e8ac2f418f6318ad2e9035ddbab087924526284747ff1fa84a09ee640f0ed27722cea1795bfe188dbfc45c83ca28a676d552c34bdbf06fd866cc17ab947d1b97933a0c161d99dd465d1e9f6405717b8125fd84aacafd929362512583c9ef1dfd53836bf8487c02b57bb391257d5bcbee39bbb1e2a2151475722ededc2fa6c77bec031121205e2ae034574ca517ed4abb0a4e0c7df42a399704913f5639835ec21fbb37fc14aa0b6bdafc8e37b61f3f6cceae2e8b040f29f1c3ff41e239f4247403b5e0312519ce9569f9e9551352063c56959a35d1552a60b2b8d7252c33533b77ef56e04f62618b3b4bd83cb5db459bea9cb663da4b20bc36894c11d23dc7c618eada1a83b54e48c846e69837a553705e54ac2a37aa19abc5d55b64eb1fe73b21435cca4c55dbdded4168d7f33e69e2c39eb8fa2a53398285f77d8eb28d2fc66af90027a37c00373b73c3ded7916642b6869c2cdd6c45fa65f2c549"})
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000640)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = syz_io_uring_setup(0x2be, &(0x7f0000000140)={0x0, 0xa581, 0x0, 0x2, 0x1000111}, &(0x7f00000001c0)=<r8=>0x0, &(0x7f0000000040)=<r9=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r8, r9, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x0, 0x3, r6, 0x0, 0x0, 0x0, 0x80800})
io_uring_enter(r7, 0x3516, 0x3e44, 0x8, 0x0, 0x0)
syz_usb_control_io$hid(r1, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="00220500000003f43fdf81191c5f79f0e395"], 0x0}, 0x0)

3.424598858s ago: executing program 4 (id=3977):
syz_emit_ethernet(0x4e, &(0x7f0000000080)={@multicast, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, '\x00', 0x18, 0x87, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, @mcast2, {[@routing={0x4, 0x2, 0x1, 0xf, 0x0, [@empty]}]}}}}}, 0x0)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000040)={0x15, 0x65, 0xffff, 0x1000, 0x8, '9P2000.u'}, 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18, 0x0, 0x0, {0x2}}, 0x18)
write$FUSE_INIT(r2, &(0x7f0000000280)={0x50, 0x0, 0x0, {0x7, 0x21, 0x0, 0x0, 0xfff8, 0x4, 0x0, 0x2, 0x0, 0x0, 0x20, 0x4}}, 0x50)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000540)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@afid={'afid', 0x3d, 0x9}}, {@uname={'uname', 0x3d, '\x14*{%[]-(-['}}], [], 0x6b}})
syz_open_procfs(0x0, &(0x7f0000000dc0)='gid_map\x00')
getxattr(&(0x7f0000000140)='./file0/file0\x00', &(0x7f0000000200)=@random={'trusted.', ')\x00'}, &(0x7f0000000240)=""/64, 0x40)

3.302381373s ago: executing program 4 (id=3978):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
sendmsg$key(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00008feff0)={0x0}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000100)={0x4, 0x0, 0x0}, 0x0)
r3 = socket$key(0xf, 0x3, 0x2)
sendmmsg(r3, &(0x7f00000000c0), 0x2c8, 0x0)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x4000000)

1.508869388s ago: executing program 6 (id=3979):
syz_usb_connect(0x1, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x7f}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffeda}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f00000001c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
ptrace$setopts(0x4200, r1, 0x2, 0x3e)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000580)=ANY=[@ANYRES32=0x1, @ANYRES32=0x0, @ANYRES32, @ANYRESHEX=0x0], 0x50)
read$FUSE(0xffffffffffffffff, &(0x7f0000004180)={0x2020}, 0x2020)
socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$can_j1939(0x1d, 0x2, 0x7)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x7, 0x4, 0x6, 0xffda}, 0x1d, [0x6, 0xc95a, 0xfffffff3, 0x9, 0x7f, 0x2, 0x1, 0x7f, 0x6, 0xfffffff9, 0xfffffff2, 0x3, 0x8, 0x3, 0xffff2d37, 0x1dd2, 0x6, 0x7, 0x0, 0x80000001, 0x4, 0x7, 0x3, 0x3c5b, 0x8000001, 0x24, 0xffffffff, 0xfffffffe, 0x1f461e2c, 0x24000, 0xe661, 0x4, 0x9, 0x3, 0x7fff, 0x4c74, 0x8f00, 0x642, 0x3, 0xa, 0x8, 0x71, 0x7, 0x7, 0x103, 0x0, 0x5, 0x3c, 0x91, 0x6, 0x0, 0x3, 0x9, 0x4, 0x8, 0x0, 0x90, 0x0, 0x5, 0x6, 0x8, 0x4, 0x1, 0x40], [0x10000004, 0x8, 0x12f, 0x8000, 0x11, 0x8, 0x129432e2, 0xcb, 0x204f9, 0xd, 0x2bf, 0x6c9, 0x9, 0x1, 0x7, 0x0, 0x7, 0x5, 0x2f, 0xe, 0x312, 0x78, 0xea0, 0xa, 0x4, 0x4000, 0x8000, 0x9, 0x400, 0x1, 0x5, 0xf, 0xff, 0x1005, 0x7ff, 0x5f31, 0x4, 0x0, 0x6, 0x2, 0x19, 0x4, 0x9, 0x8, 0x9, 0x4, 0x1, 0xc681, 0x2, 0x8000, 0xffff, 0x600000, 0x7f, 0x9, 0x5, 0x10003, 0x4, 0x1, 0x7, 0xb, 0x9, 0x48c93690, 0x23, 0xff], [0x4, 0x4, 0x0, 0x64e, 0x3e8, 0x7fffffff, 0x8d2, 0x9, 0x5, 0x7fff, 0x0, 0x5, 0xb, 0x6, 0x5, 0x5, 0x2, 0x1ef, 0x5, 0x8, 0x86, 0x3, 0x665, 0x3e7, 0x9, 0x5, 0x2, 0x2, 0xf, 0x8, 0x4, 0x6d01, 0x5, 0x3b, 0x3, 0x10000, 0x80, 0x3, 0x4, 0x2, 0x0, 0xa2, 0xff, 0x53cf697b, 0x5, 0x6, 0x54fe12d6, 0xbf, 0x200, 0x3, 0x400002, 0xfffffff9, 0x0, 0x6, 0x5, 0x0, 0x6, 0xfffffffb, 0x120000, 0x3, 0x6, 0x9, 0x4, 0x3], [0x9, 0xbb2f, 0x3, 0x7, 0x5, 0x938, 0x6, 0x81, 0x0, 0x5, 0xce7, 0x1ff, 0x6, 0x8ad, 0x5, 0x3, 0x101, 0x10000, 0x6, 0x7fff, 0x8ffff, 0xa620, 0x2, 0x5, 0x4, 0x2, 0x14c, 0x60a7, 0x6, 0x5, 0xffffffff, 0x7ffffffe, 0x5, 0x8, 0xc8, 0x3, 0x4, 0x9, 0x3, 0x9, 0x100, 0x9602, 0xa, 0x2, 0x4, 0x6, 0x1, 0x10000, 0x1, 0x8, 0x2b91, 0xa1f, 0x8, 0x9, 0x1, 0x6c1b, 0x0, 0xb, 0x5, 0xb1c, 0x1, 0x200, 0xffff3441, 0x80000fff]}, 0x45c)
r5 = syz_open_dev$evdev(&(0x7f0000000000), 0x3, 0x822b01)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
write$char_usb(r5, &(0x7f0000000040)="e2", 0x918)
sendmsg$inet(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000007c0)}, 0x4048081)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r6 = socket(0x400000000010, 0x3, 0x0)
socket$unix(0x1, 0x1, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffffd, {0x0, 0x0, 0x0, 0x0, {0x0, 0x1}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x4)

1.359339091s ago: executing program 4 (id=3980):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_IOAS_UNMAP(r0, 0x3b86, &(0x7f0000000340)={0x18, r1, 0x2, 0x1c})
ioctl$IOMMU_IOAS_MAP(r0, 0x3b85, &(0x7f0000000440)={0x28, 0x7, r1, 0x0, 0x0, 0x0, 0x2})
ioctl$IOMMU_IOAS_UNMAP(r0, 0x3b86, &(0x7f0000000500)={0x18, 0x0, 0x3, 0x1c})
ioctl$IOMMU_IOAS_UNMAP$ALL(0xffffffffffffffff, 0x3b86, &(0x7f0000000580)={0xffffffffffffffeb, r1})
ioctl$IOMMU_OPTION$IOMMU_OPTION_RLIMIT_MODE(r0, 0x3b87, &(0x7f00000005c0)={0x18, 0x0, 0x1})
ioctl$IOMMU_OPTION$IOMMU_OPTION_HUGE_PAGES(r0, 0x3b87, &(0x7f0000000600)={0x18, 0x1, 0x1, 0x0, r1})
ioctl$IOMMU_IOAS_ALLOW_IOVAS(r0, 0x3b82, &(0x7f0000000640)={0x18, r1, 0x0, 0x0, &(0x7f0000000040)})
ioctl$IOMMU_TEST_OP_ADD_RESERVED(r0, 0x3ba0, &(0x7f00000006c0)={0x48, 0x1, r1, 0x0, 0x1000, 0x2000})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f00000007c0)={0x28, 0x7, r1, 0x0, &(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1004000})
ioctl$IOMMU_IOAS_UNMAP(r0, 0x3b86, &(0x7f0000000900)={0x18, r1, 0x1000, 0x1004000})
ioctl$IOMMU_IOAS_MAP(r0, 0x3b85, &(0x7f0000000680)={0x28, 0x4, r1, 0x0, &(0x7f0000000000)="4c4c4c4c4c4c4c4c4c4c4c4c4c4c4c4c834c4c4c4c4c4c4c4c4c4c4c", 0x8, 0x1})

1.051635902s ago: executing program 4 (id=3981):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a5c000000060a0b04000000000000000002000000300004802c00018009000100686173680000f1001c000280080002400000000c08000440fffffffa0800074000000001090001"], 0x84}, 0x1, 0x0, 0x0, 0x801}, 0x0)
r0 = socket$kcm(0x10, 0x400000002, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000280)=ANY=[@ANYBLOB="33fe488878009106000000000000004a07"], 0xfe33)

0s ago: executing program 2 (id=3982):
mknodat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x81c0, 0x0)
bpf$BPF_PROG_TEST_RUN(0x21, &(0x7f0000000240)={0xffffffffffffffff, 0x1f2f, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x1, 0x0)
landlock_create_ruleset(&(0x7f0000000140)={0x4000}, 0x18, 0x0)
socket$l2tp6(0xa, 0x2, 0x73)
socket$l2tp6(0xa, 0x2, 0x73)
socket$l2tp6(0xa, 0x2, 0x73)
signalfd4(0xffffffffffffffff, &(0x7f0000000500), 0x8, 0x0)
syz_io_uring_setup(0x2, &(0x7f0000000580)={0x0, 0x8b2, 0x13500, 0x0, 0x304}, 0x0, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0xe}, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000180), 0xfea7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$batadv(&(0x7f0000007580), 0xffffffffffffffff)
sendmsg$BATADV_CMD_SET_HARDIF(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="00008000", @ANYRES16, @ANYBLOB], 0x2c}}, 0x4000)
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000007680)={0x0, 0x0, &(0x7f0000007640)={&(0x7f0000000000)=ANY=[@ANYBLOB="46040000", @ANYRES16=r5, @ANYBLOB="ff830500000700ffffff", @ANYRES8=r0], 0x4}}, 0x0)
sendfile(r4, r3, 0x0, 0x100000002)

kernel console output (not intermixed with test programs):

nknown main item tag 0x0
[ 1381.497793][T15148] hid-generic 0003:0004:0000.0016: unknown main item tag 0x0
[ 1381.497828][T15148] hid-generic 0003:0004:0000.0016: unknown main item tag 0x0
[ 1381.606751][T15148] hid-generic 0003:0004:0000.0016: hidraw0: USB HID v0.00 Device [syz0] on syz1
[ 1381.735165][T17002] netlink: 112 bytes leftover after parsing attributes in process `syz.2.3226'.
[ 1383.494264][T17013] program syz.7.3228 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1384.011362][T17018] fuse: Unknown parameter 'euid'
[ 1384.195348][T17023] overlay: ./file0 is not a directory
[ 1385.149736][T17043] netlink: 129704 bytes leftover after parsing attributes in process `syz.0.3240'.
[ 1385.249397][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1385.816193][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1386.237755][T17053] lo: entered allmulticast mode
[ 1386.260327][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1386.294354][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1386.353317][T17057] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3243'.
[ 1386.508738][   T38] kauditd_printk_skb: 216 callbacks suppressed
[ 1386.508758][   T38] audit: type=1326 audit(2000000395.730:653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17059 comm="syz.7.3245" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f152cdbeec9 code=0x0
[ 1387.089374][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1387.346903][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1387.661367][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1387.864608][T17077] delete_channel: no stack
[ 1388.151094][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1388.989997][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1389.192929][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1390.095051][T17112] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1390.402414][T15148] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[ 1391.344784][T17117] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1391.390011][T15148] usb 3-1: Using ep0 maxpacket: 8
[ 1391.397677][T15148] usb 3-1: config 179 has an invalid interface number: 65 but max is 0
[ 1391.397706][T15148] usb 3-1: config 179 has no interface number 0
[ 1391.397761][T15148] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[ 1391.397780][T15148] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[ 1391.397809][T15148] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[ 1391.397827][T15148] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[ 1391.397843][T15148] usb 3-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[ 1391.397873][T15148] usb 3-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[ 1391.397889][T15148] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1391.523596][T17109] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1391.556695][T15148] xpad 3-1:179.65: probe with driver xpad failed with error -5
[ 1391.634053][T17122] tmpfs: Bad value for 'mpol'
[ 1391.740835][T15980] usb 3-1: USB disconnect, device number 22
[ 1393.322532][T17150] netlink: 72 bytes leftover after parsing attributes in process `syz.0.3275'.
[ 1394.823436][T17166] batman_adv: batadv0: adding TT local entry 06:e1:05:00:07:00 to non-existent VLAN 768
[ 1395.080149][ T5950] usb 3-1: new full-speed USB device number 23 using dummy_hcd
[ 1395.108033][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1395.333382][ T5950] usb 3-1: unable to get BOS descriptor or descriptor too short
[ 1395.334151][ T5950] usb 3-1: not running at top speed; connect to a high speed hub
[ 1395.335703][ T5950] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1395.335727][ T5950] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1396.886862][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1397.315738][ T5950] usb 3-1: string descriptor 0 read error: -71
[ 1397.315899][ T5950] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1397.315934][ T5950] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1397.382936][ T5950] usb 3-1: can't set config #1, error -71
[ 1397.400079][ T5950] usb 3-1: USB disconnect, device number 23
[ 1397.455833][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1399.883270][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1400.499454][ T5814] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci5/hci5:201'
[ 1400.499480][ T5814] CPU: 1 UID: 0 PID: 5814 Comm: kworker/u9:4 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1400.499506][ T5814] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1400.499527][ T5814] Workqueue: hci5 hci_rx_work
[ 1400.499562][ T5814] Call Trace:
[ 1400.499570][ T5814]  <TASK>
[ 1400.499580][ T5814]  dump_stack_lvl+0x189/0x250
[ 1400.499611][ T5814]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1400.499638][ T5814]  ? __pfx__printk+0x10/0x10
[ 1400.499669][ T5814]  ? kernfs_path_from_node+0x2c/0x280
[ 1400.499691][ T5814]  ? kernfs_path_from_node+0x243/0x280
[ 1400.499710][ T5814]  ? kernfs_path_from_node+0x2c/0x280
[ 1400.499734][ T5814]  sysfs_create_dir_ns+0x259/0x280
[ 1400.499754][ T5814]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[ 1400.499791][ T5814]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[ 1400.499814][ T5814]  ? rt_spin_unlock+0x161/0x200
[ 1400.499848][ T5814]  kobject_add_internal+0x5a5/0xb50
[ 1400.499886][ T5814]  kobject_add+0x155/0x220
[ 1400.499917][ T5814]  ? __pfx_kobject_add+0x10/0x10
[ 1400.499950][ T5814]  ? get_device_parent+0x370/0x3a0
[ 1400.499986][ T5814]  device_add+0x408/0xb50
[ 1400.500020][ T5814]  hci_conn_add_sysfs+0xd5/0x1e0
[ 1400.500051][ T5814]  le_conn_complete_evt+0xf39/0x1500
[ 1400.500089][ T5814]  ? __pfx_le_conn_complete_evt+0x10/0x10
[ 1400.500113][ T5814]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[ 1400.500137][ T5814]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1400.500164][ T5814]  ? skb_pull_data+0xfb/0x200
[ 1400.500197][ T5814]  hci_le_conn_complete_evt+0x187/0x450
[ 1400.500228][ T5814]  hci_event_packet+0x78f/0x1200
[ 1400.500262][ T5814]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 1400.500287][ T5814]  ? __pfx_hci_event_packet+0x10/0x10
[ 1400.500318][ T5814]  ? __rcu_read_unlock+0x84/0xe0
[ 1400.500352][ T5814]  ? hci_send_to_monitor+0xe2/0x570
[ 1400.500380][ T5814]  hci_rx_work+0x46a/0xe80
[ 1400.500420][ T5814]  ? process_scheduled_works+0x9ef/0x17b0
[ 1400.500448][ T5814]  process_scheduled_works+0xade/0x17b0
[ 1400.500504][ T5814]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1400.500556][ T5814]  worker_thread+0x8a0/0xda0
[ 1400.500611][ T5814]  kthread+0x711/0x8a0
[ 1400.500644][ T5814]  ? __pfx_worker_thread+0x10/0x10
[ 1400.500669][ T5814]  ? __pfx_kthread+0x10/0x10
[ 1400.500696][ T5814]  ? rt_spin_unlock+0x150/0x200
[ 1400.500731][ T5814]  ? rt_spin_unlock+0x161/0x200
[ 1400.500759][ T5814]  ? __pfx_kthread+0x10/0x10
[ 1400.500791][ T5814]  ret_from_fork+0x4b9/0x870
[ 1400.500818][ T5814]  ? __pfx_ret_from_fork+0x10/0x10
[ 1400.500850][ T5814]  ? __switch_to_asm+0x39/0x70
[ 1400.500876][ T5814]  ? __switch_to_asm+0x33/0x70
[ 1400.500901][ T5814]  ? __pfx_kthread+0x10/0x10
[ 1400.500931][ T5814]  ret_from_fork_asm+0x1a/0x30
[ 1400.500978][ T5814]  </TASK>
[ 1400.501049][ T5814] kobject: kobject_add_internal failed for hci5:201 with -EEXIST, don't try to register things with the same name in the same directory.
[ 1400.501095][ T5814] Bluetooth: hci5: failed to register connection device
[ 1401.001583][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1402.177685][T17233] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3302'.
[ 1402.177710][T17233] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3302'.
[ 1402.177737][T17233] netlink: 'syz.2.3302': attribute type 18 has an invalid length.
[ 1403.369244][T15148] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[ 1403.532758][T15148] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1403.532828][T15148] usb 6-1: config 1 interface 0 altsetting 32 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[ 1403.532858][T15148] usb 6-1: config 1 interface 0 has no altsetting 0
[ 1403.536160][T15148] usb 6-1: New USB device found, idVendor=05ac, idProduct=0245, bcdDevice= 0.40
[ 1403.536188][T15148] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1403.536209][T15148] usb 6-1: Product: syz
[ 1403.536233][T15148] usb 6-1: Manufacturer: syz
[ 1403.536249][T15148] usb 6-1: SerialNumber: syz
[ 1403.742068][T17244] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1404.322831][T15148] input: bcm5974 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/input/input32
[ 1404.398542][T15148] usb 6-1: USB disconnect, device number 10
[ 1404.756074][T17255] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1407.290668][T17288] netlink: 68 bytes leftover after parsing attributes in process `syz.7.3321'.
[ 1409.577325][T17311] netlink: 72 bytes leftover after parsing attributes in process `syz.5.3327'.
[ 1409.809938][ T5857] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[ 1409.892108][T17316] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3329'.
[ 1409.974365][ T5857] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 1409.974402][ T5857] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1409.974425][ T5857] usb 6-1: Product: syz
[ 1409.974440][ T5857] usb 6-1: Manufacturer: syz
[ 1409.974456][ T5857] usb 6-1: SerialNumber: syz
[ 1410.030469][ T5857] usb 6-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 1410.788554][ T5857] usb 5-1: new low-speed USB device number 9 using dummy_hcd
[ 1411.262771][ T9866] usb 6-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 1411.267177][ T5857] usb 5-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[ 1411.267208][ T5857] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1411.321720][ T5857] usb 5-1: config 0 descriptor??
[ 1411.691529][T15980] usb 6-1: USB disconnect, device number 11
[ 1412.387369][ T9866] ath9k_htc 6-1:1.0: ath9k_htc: Target is unresponsive
[ 1412.388305][ T9866] ath9k_htc: Failed to initialize the device
[ 1412.432073][T15980] usb 6-1: ath9k_htc: USB layer deinitialized
[ 1413.812427][T17360] netlink: 44 bytes leftover after parsing attributes in process `syz.7.3344'.
[ 1413.812472][T17360] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3344'.
[ 1414.341418][T17324] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1414.341844][T17324] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1414.432646][T17374] ip6_tunnel: non-ECT from fe80:0000:0000:0000:0000:0000:0000:0021 with DS=0x7
[ 1414.540996][T17376] netlink: 72 bytes leftover after parsing attributes in process `syz.0.3351'.
[ 1414.544434][T17368] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3348'.
[ 1414.631257][T17372] bond0: (slave bond_slave_1): Releasing backup interface
[ 1414.884356][T17383] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1415.197410][T17393] netlink: 'syz.4.3356': attribute type 2 has an invalid length.
[ 1415.197434][T17393] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3356'.
[ 1415.342128][T17397] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1415.342592][T17397] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1415.627836][T17408] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3363'.
[ 1416.672519][T17422] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1417.740120][T17443] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3375'.
[ 1417.740147][T17443] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3375'.
[ 1417.740177][T17443] netlink: 'syz.0.3375': attribute type 18 has an invalid length.
[ 1419.297342][T17452] bond2: entered allmulticast mode
[ 1419.298125][T17452] 8021q: adding VLAN 0 to HW filter on device bond2
[ 1419.369981][ T5857] asix 5-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -110
[ 1419.370013][ T5857] asix 5-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffff92
[ 1419.370288][ T5857] asix 5-1:0.0: probe with driver asix failed with error -110
[ 1419.625944][T17457] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1420.730284][T17464] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3382'.
[ 1420.741823][T17464] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1420.742288][T17464] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1421.483380][T17473] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1421.842077][T17486] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1421.925301][T17491] fuse: Unknown parameter 'ro'
[ 1421.987878][T17492] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1422.125727][T17500] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1422.126153][T17500] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1422.229956][T16742] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[ 1422.380010][T16742] usb 6-1: Using ep0 maxpacket: 16
[ 1422.384766][T16742] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1422.384802][T16742] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1422.384823][T16742] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1422.384857][T16742] usb 6-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1422.384875][T16742] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1422.389335][T16742] usb 6-1: config 0 descriptor??
[ 1422.938491][T16742] input: HID 045e:07da as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:045E:07DA.0017/input/input33
[ 1422.965499][T17511] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1423.017284][T16742] microsoft 0003:045E:07DA.0017: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.5-1/input0
[ 1423.087700][T17494] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1423.088165][T17494] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1423.108108][ T5892] usb 6-1: USB disconnect, device number 12
[ 1423.186620][T17518] 9pnet_fd: Insufficient options for proto=fd
[ 1423.249178][T17519] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1423.295567][T17523] FAULT_INJECTION: forcing a failure.
[ 1423.295567][T17523] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1423.295604][T17523] CPU: 0 UID: 0 PID: 17523 Comm: syz.2.3409 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1423.295630][T17523] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1423.295643][T17523] Call Trace:
[ 1423.295652][T17523]  <TASK>
[ 1423.295661][T17523]  dump_stack_lvl+0x189/0x250
[ 1423.295693][T17523]  ? __pfx____ratelimit+0x10/0x10
[ 1423.295716][T17523]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1423.295743][T17523]  ? __pfx__printk+0x10/0x10
[ 1423.295770][T17523]  ? __might_fault+0xb0/0x130
[ 1423.295812][T17523]  should_fail_ex+0x46c/0x600
[ 1423.295853][T17523]  _copy_from_user+0x2d/0xb0
[ 1423.295883][T17523]  video_usercopy+0x346/0x1450
[ 1423.295919][T17523]  ? smk_tskacc+0x2fc/0x370
[ 1423.295948][T17523]  ? __pfx___video_do_ioctl+0x10/0x10
[ 1423.295982][T17523]  ? __pfx_video_usercopy+0x10/0x10
[ 1423.296010][T17523]  ? smack_file_ioctl+0x2ac/0x340
[ 1423.296058][T17523]  ? __fget_files+0x3a6/0x420
[ 1423.296092][T17523]  v4l2_ioctl+0x190/0x1e0
[ 1423.296122][T17523]  ? __pfx_v4l2_ioctl+0x10/0x10
[ 1423.296145][T17523]  __se_sys_ioctl+0xff/0x170
[ 1423.296165][T17523]  do_syscall_64+0xfa/0xfa0
[ 1423.296183][T17523]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1423.296202][T17523]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1423.296219][T17523]  ? clear_bhb_loop+0x60/0xb0
[ 1423.296239][T17523]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1423.296255][T17523] RIP: 0033:0x7f19a687eec9
[ 1423.296270][T17523] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1423.296286][T17523] RSP: 002b:00007f19a4ae6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1423.296309][T17523] RAX: ffffffffffffffda RBX: 00007f19a6ad5fa0 RCX: 00007f19a687eec9
[ 1423.296320][T17523] RDX: 0000200000000000 RSI: 00000000c034564b RDI: 0000000000000003
[ 1423.296331][T17523] RBP: 00007f19a4ae6090 R08: 0000000000000000 R09: 0000000000000000
[ 1423.296342][T17523] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1423.296358][T17523] R13: 00007f19a6ad6038 R14: 00007f19a6ad5fa0 R15: 00007ffff86f6f48
[ 1423.296386][T17523]  </TASK>
[ 1424.006856][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1424.388631][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1424.522237][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1424.824370][T17543] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1425.030813][ T5894] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[ 1425.189952][ T5894] usb 6-1: Using ep0 maxpacket: 8
[ 1425.192721][ T5894] usb 6-1: unable to get BOS descriptor or descriptor too short
[ 1425.194308][ T5894] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1425.194368][ T5894] usb 6-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 5
[ 1425.197124][ T5894] usb 6-1: New USB device found, idVendor=0763, idProduct=1002, bcdDevice=5f.84
[ 1425.197154][ T5894] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1425.197176][ T5894] usb 6-1: Product: syz
[ 1425.197191][ T5894] usb 6-1: Manufacturer: syz
[ 1425.197208][ T5894] usb 6-1: SerialNumber: syz
[ 1425.203710][ T5894] usb 6-1: config 0 descriptor??
[ 1425.237365][ T5894] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[ 1425.335190][ T5894] snd-usb-audio 6-1:0.0: probe with driver snd-usb-audio failed with error -2
[ 1425.451252][T17538] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1425.452007][T17538] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1425.462200][ T5894] usb 6-1: USB disconnect, device number 13
[ 1425.816670][T17560] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1427.209311][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1427.355833][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1427.659873][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1427.919356][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1429.753669][T17592] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1431.294717][T17601] netlink: 72 bytes leftover after parsing attributes in process `syz.4.3437'.
[ 1431.310816][T17604] ipip1: entered allmulticast mode
[ 1431.314566][T17604] autofs: Unknown parameter '<'
[ 1431.320646][T17601] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1431.321162][T17601] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1431.457732][T17610] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3441'.
[ 1434.105150][T17643] IPv6: sit1: Disabled Multicast RS
[ 1434.106716][T17643] sit1: entered allmulticast mode
[ 1434.300230][T16753] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[ 1434.472451][T16753] usb 3-1: config index 0 descriptor too short (expected 23569, got 27)
[ 1434.472518][T16753] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1434.474073][T16753] usb 3-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[ 1434.474102][T16753] usb 3-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[ 1434.474123][T16753] usb 3-1: Manufacturer: syz
[ 1434.692206][T16753] usb 3-1: config 0 descriptor??
[ 1434.880218][T16753] rc_core: IR keymap rc-hauppauge not found
[ 1434.880240][T16753] Registered IR keymap rc-empty
[ 1434.881823][T16753] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0
[ 1434.884920][T16753] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input34
[ 1434.993688][    C1] igorplugusb 3-1:0.0: Error: urb status = -32
[ 1435.103487][T17642] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1435.103906][T17642] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1435.202873][T16753] usb 3-1: USB disconnect, device number 24
[ 1436.191795][T17637] Bluetooth: hci3: command 0x0406 tx timeout
[ 1436.191834][T17637] Bluetooth: hci2: command 0x0406 tx timeout
[ 1436.766857][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1436.912974][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1437.462201][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1437.662831][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1438.236956][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1438.299321][T17686] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1438.330004][T16753] IPVS: starting estimator thread 0...
[ 1438.330082][T17686] IPVS: ip_vs_add_dest(): lower threshold is higher than upper threshold
[ 1438.333580][T17686] iommufd_mock iommufd_mock1: Adding to iommu group 1
[ 1438.423485][T17688] IPVS: using max 7 ests per chain, 16800 per kthread
[ 1438.687901][ T1321] ieee802154 phy0 wpan0: encryption failed: -22
[ 1438.687986][ T1321] ieee802154 phy1 wpan1: encryption failed: -22
[ 1438.775883][T17694] tap0: tun_chr_ioctl cmd 1074025675
[ 1438.775907][T17694] tap0: persist disabled
[ 1439.067043][T17703] netlink: 7 bytes leftover after parsing attributes in process `syz.2.3471'.
[ 1439.067065][T17703] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3471'.
[ 1439.146137][T17703] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1439.244915][T17701] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1439.249686][T17701] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1439.852783][T17717] FAULT_INJECTION: forcing a failure.
[ 1439.852783][T17717] name failslab, interval 1, probability 0, space 0, times 0
[ 1439.852817][T17717] CPU: 1 UID: 0 PID: 17717 Comm: syz.7.3475 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1439.852839][T17717] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1439.852851][T17717] Call Trace:
[ 1439.852859][T17717]  <TASK>
[ 1439.852867][T17717]  dump_stack_lvl+0x189/0x250
[ 1439.852895][T17717]  ? __pfx____ratelimit+0x10/0x10
[ 1439.852915][T17717]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1439.852938][T17717]  ? __pfx__printk+0x10/0x10
[ 1439.852967][T17717]  ? __pfx___might_resched+0x10/0x10
[ 1439.852993][T17717]  should_fail_ex+0x46c/0x600
[ 1439.853028][T17717]  should_failslab+0xa8/0x100
[ 1439.853075][T17717]  __kmalloc_noprof+0xcc/0x7d0
[ 1439.853100][T17717]  ? kfree+0x51/0x950
[ 1439.853120][T17717]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 1439.853149][T17717]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 1439.853173][T17717]  ? tomoyo_domain+0xda/0x130
[ 1439.853206][T17717]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 1439.853236][T17717]  tomoyo_path_number_perm+0x1e8/0x5a0
[ 1439.853268][T17717]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1439.853301][T17717]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[ 1439.853324][T17717]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1439.853377][T17717]  ? __fget_files+0x2a/0x420
[ 1439.853409][T17717]  ? __fget_files+0x3a6/0x420
[ 1439.853434][T17717]  ? __fget_files+0x2a/0x420
[ 1439.853466][T17717]  security_file_ioctl+0xcb/0x2d0
[ 1439.853499][T17717]  __se_sys_ioctl+0x47/0x170
[ 1439.853523][T17717]  do_syscall_64+0xfa/0xfa0
[ 1439.853544][T17717]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1439.853566][T17717]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1439.853586][T17717]  ? clear_bhb_loop+0x60/0xb0
[ 1439.853617][T17717]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1439.853636][T17717] RIP: 0033:0x7f152cdbeec9
[ 1439.853654][T17717] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1439.853672][T17717] RSP: 002b:00007f152b01e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1439.853693][T17717] RAX: ffffffffffffffda RBX: 00007f152d015fa0 RCX: 00007f152cdbeec9
[ 1439.853709][T17717] RDX: 0000200000000300 RSI: 0000000000003b72 RDI: 0000000000000003
[ 1439.853721][T17717] RBP: 00007f152b01e090 R08: 0000000000000000 R09: 0000000000000000
[ 1439.853734][T17717] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1439.853745][T17717] R13: 00007f152d016038 R14: 00007f152d015fa0 R15: 00007ffede69d708
[ 1439.853778][T17717]  </TASK>
[ 1439.853948][T17717] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1439.870867][T17719] netlink: 'syz.5.3474': attribute type 1 has an invalid length.
[ 1439.872510][T17719] netlink: 'syz.5.3474': attribute type 10 has an invalid length.
[ 1439.872531][T17719] netlink: 206480 bytes leftover after parsing attributes in process `syz.5.3474'.
[ 1439.872579][T17719] openvswitch: netlink: Message has 512 unknown bytes.
[ 1440.718532][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1440.895810][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1442.361193][T17732] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1442.379412][T17732] netlink: 'syz.4.3480': attribute type 1 has an invalid length.
[ 1442.379435][T17732] netlink: 132 bytes leftover after parsing attributes in process `syz.4.3480'.
[ 1442.379452][T17732] netlink: 'syz.4.3480': attribute type 2 has an invalid length.
[ 1442.379464][T17732] netlink: 'syz.4.3480': attribute type 1 has an invalid length.
[ 1442.379475][T17732] netlink: 2 bytes leftover after parsing attributes in process `syz.4.3480'.
[ 1444.160636][T17746] hugetlbfs: Bad value for 'uid'
[ 1444.160658][T17746] hugetlbfs: Bad value for 'uid'
[ 1444.990338][T16742] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[ 1445.059217][ T3607] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1445.170034][T16742] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 1445.170066][T16742] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1445.170087][T16742] usb 3-1: Product: syz
[ 1445.170101][T16742] usb 3-1: Manufacturer: syz
[ 1445.170117][T16742] usb 3-1: SerialNumber: syz
[ 1445.210419][ T5814] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1445.217921][ T5814] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1445.219645][ T5814] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1445.237178][ T5814] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1445.238188][ T5814] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1445.338458][T16742] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 1445.427591][ T5894] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 1446.154209][T15980] usb 3-1: USB disconnect, device number 25
[ 1446.206164][ T3607] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1447.168907][ T5894] ath9k_htc 3-1:1.0: ath9k_htc: Target is unresponsive
[ 1447.169107][ T5894] ath9k_htc: Failed to initialize the device
[ 1447.447805][T10972] Bluetooth: hci1: command tx timeout
[ 1447.456260][T15980] usb 3-1: ath9k_htc: USB layer deinitialized
[ 1448.291285][T17777] workqueue: Failed to create a rescuer kthread for wq "bond2": -EINTR
[ 1448.385974][T17757] lo speed is unknown, defaulting to 1000
[ 1448.695076][T17788] IPVS: set_ctl: invalid protocol: 51 172.20.20.62:20002
[ 1448.887452][ T3607] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1450.028166][T10972] Bluetooth: hci1: command tx timeout
[ 1450.663899][ T3607] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1451.107557][T17757] chnl_net:caif_netlink_parms(): no params data found
[ 1451.129941][ T9866] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[ 1451.217795][T17830] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1451.218212][T17830] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1451.280030][ T9866] usb 3-1: Using ep0 maxpacket: 32
[ 1451.291551][ T9866] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x9 has an invalid bInterval 128, changing to 11
[ 1451.291591][ T9866] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[ 1451.291620][ T9866] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1451.291651][ T9866] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[ 1451.291682][ T9866] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 1451.317836][ T9866] usb 3-1: New USB device found, idVendor=0e6f, idProduct=582c, bcdDevice=31.68
[ 1451.317872][ T9866] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1451.317896][ T9866] usb 3-1: Product: syz
[ 1451.317914][ T9866] usb 3-1: Manufacturer: syz
[ 1451.317929][ T9866] usb 3-1: SerialNumber: syz
[ 1451.365415][ T9866] usb 3-1: config 0 descriptor??
[ 1451.377005][T17824] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1451.409249][ T9866] input: Generic X-Box pad as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input35
[ 1451.947055][ T5892] usb 3-1: USB disconnect, device number 26
[ 1452.041495][T10972] Bluetooth: hci1: command tx timeout
[ 1453.270200][ T5894] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[ 1453.550005][ T5894] usb 3-1: device descriptor read/64, error -71
[ 1453.819974][ T5894] usb 3-1: new high-speed USB device number 28 using dummy_hcd
[ 1453.974283][ T5894] usb 3-1: device descriptor read/64, error -71
[ 1454.083860][ T5894] usb usb3-port1: attempt power cycle
[ 1454.132777][T10972] Bluetooth: hci1: command tx timeout
[ 1454.453236][ T5894] usb 3-1: new high-speed USB device number 29 using dummy_hcd
[ 1454.470900][ T5894] usb 3-1: device descriptor read/8, error -71
[ 1454.710173][ T5894] usb 3-1: new high-speed USB device number 30 using dummy_hcd
[ 1454.730726][ T5894] usb 3-1: device descriptor read/8, error -71
[ 1454.840593][ T5894] usb usb3-port1: unable to enumerate USB device
[ 1454.880572][ T3607] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1454.950687][ T3607] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1454.996387][ T3607] bond0 (unregistering): Released all slaves
[ 1455.213632][T17757] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1455.213725][T17757] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1455.213887][T17757] bridge_slave_0: entered allmulticast mode
[ 1455.217308][T17757] bridge_slave_0: entered promiscuous mode
[ 1455.227516][T17757] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1455.227666][T17757] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1455.227892][T17757] bridge_slave_1: entered allmulticast mode
[ 1455.239090][T17757] bridge_slave_1: entered promiscuous mode
[ 1455.721669][T17866] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1456.170717][ T5892] usb 3-1: new high-speed USB device number 31 using dummy_hcd
[ 1457.065629][ T5892] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 1457.065661][ T5892] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1457.065682][ T5892] usb 3-1: Product: syz
[ 1457.065698][ T5892] usb 3-1: Manufacturer: syz
[ 1457.065713][ T5892] usb 3-1: SerialNumber: syz
[ 1457.093827][ T5892] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 1457.125717][ T5186] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 1457.377172][T17757] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1457.394981][T17757] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1457.942235][T17886] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3527'.
[ 1457.942262][T17886] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3527'.
[ 1459.050586][ T5186] ath9k_htc 3-1:1.0: ath9k_htc: Target is unresponsive
[ 1459.050788][ T5186] ath9k_htc: Failed to initialize the device
[ 1459.071716][T15980] usb 3-1: USB disconnect, device number 31
[ 1459.176576][T15980] usb 3-1: ath9k_htc: USB layer deinitialized
[ 1459.716599][T17757] team0: Port device team_slave_0 added
[ 1459.737147][T17757] team0: Port device team_slave_1 added
[ 1464.226928][ T3607] hsr_slave_0: left promiscuous mode
[ 1464.280151][ T3607] hsr_slave_1: left promiscuous mode
[ 1464.281244][ T3607] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1464.281274][ T3607] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1464.332446][ T3607] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1464.332476][ T3607] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1464.445893][ T3607] veth1_macvtap: left promiscuous mode
[ 1464.449010][ T3607] veth0_macvtap: left promiscuous mode
[ 1464.449313][ T3607] veth1_vlan: left promiscuous mode
[ 1464.449502][ T3607] veth0_vlan: left promiscuous mode
[ 1464.683327][T17943] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1464.801316][T17947] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1464.801814][T17947] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1466.039626][T17956] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3549'.
[ 1469.300772][ T3607] team0 (unregistering): Port device team_slave_1 removed
[ 1469.592991][ T3607] team0 (unregistering): Port device team_slave_0 removed
[ 1470.926533][T17994] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000).
[ 1470.927172][T17994] qnx6: wrong signature (magic) in superblock #1.
[ 1470.927181][T17994] qnx6: unable to read the first superblock
[ 1473.193175][T17757] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1473.193194][T17757] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1473.193221][T17757] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1473.196897][T17948] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3546'.
[ 1473.290757][T17757] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1473.290775][T17757] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1473.290806][T17757] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1473.364301][T17951] lo speed is unknown, defaulting to 1000
[ 1473.773943][T17757] hsr_slave_0: entered promiscuous mode
[ 1473.775355][T17757] hsr_slave_1: entered promiscuous mode
[ 1473.776307][T17757] debugfs: 'hsr0' already exists in 'hsr'
[ 1473.776329][T17757] Cannot create hsr debugfs directory
[ 1474.205751][T18012] geneve2: entered promiscuous mode
[ 1474.205783][T18012] geneve2: entered allmulticast mode
[ 1476.420293][T18026] fuse: Unknown parameter 'r›H¹àq½ˆ²ã)ò‹çiootmode'
[ 1479.714362][ T3607] IPVS: stop unused estimator thread 0...
[ 1479.739561][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1479.905278][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1480.351707][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1480.612144][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1480.779658][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1481.469918][ T5186] usb 3-1: new full-speed USB device number 32 using dummy_hcd
[ 1481.866231][ T5186] usb 3-1: unable to get BOS descriptor or descriptor too short
[ 1481.904586][ T5186] usb 3-1: not running at top speed; connect to a high speed hub
[ 1481.964713][ T5186] usb 3-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[ 1481.965105][ T5186] usb 3-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[ 1481.965547][ T5186] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1482.180989][ T5186] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1482.181094][ T5186] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1482.181539][ T5186] usb 3-1: Product: syz
[ 1482.182090][ T5186] usb 3-1: Manufacturer: syz
[ 1482.182557][ T5186] usb 3-1: SerialNumber: syz
[ 1482.313677][T18076] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1482.327399][T18076] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1482.567085][T18074] F2FS-fs: Value of option "test_dummy_encryption" is unrecognized
[ 1482.568568][T18074] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1482.568851][T18074] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1483.008995][ T5814] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1483.040465][ T5814] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1483.073141][ T5814] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1483.185156][ T5186] usb 3-1: 0:2 : does not exist
[ 1483.202251][ T5814] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1483.204587][ T5814] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1483.335306][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1483.345755][ T5186] usb 3-1: USB disconnect, device number 32
[ 1483.469486][T18083] netlink: 'syz.4.3589': attribute type 1 has an invalid length.
[ 1483.595647][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1483.808654][T18085] FAULT_INJECTION: forcing a failure.
[ 1483.808654][T18085] name failslab, interval 1, probability 0, space 0, times 0
[ 1483.808691][T18085] CPU: 0 UID: 0 PID: 18085 Comm: syz.2.3591 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1483.808726][T18085] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1483.808740][T18085] Call Trace:
[ 1483.808748][T18085]  <TASK>
[ 1483.808758][T18085]  dump_stack_lvl+0x189/0x250
[ 1483.808790][T18085]  ? __pfx____ratelimit+0x10/0x10
[ 1483.808814][T18085]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1483.808841][T18085]  ? __pfx__printk+0x10/0x10
[ 1483.808873][T18085]  ? __pfx___might_resched+0x10/0x10
[ 1483.808898][T18085]  ? fs_reclaim_acquire+0x7d/0x100
[ 1483.808933][T18085]  should_fail_ex+0x46c/0x600
[ 1483.808971][T18085]  ? sk_prot_alloc+0x57/0x220
[ 1483.808996][T18085]  should_failslab+0xa8/0x100
[ 1483.809028][T18085]  ? sk_prot_alloc+0x57/0x220
[ 1483.809050][T18085]  kmem_cache_alloc_noprof+0x6f/0x6b0
[ 1483.809076][T18085]  ? __lock_acquire+0xab9/0xd20
[ 1483.809113][T18085]  sk_prot_alloc+0x57/0x220
[ 1483.809136][T18085]  ? sk_alloc+0x24/0x370
[ 1483.809162][T18085]  sk_alloc+0x3a/0x370
[ 1483.809192][T18085]  __smc_create+0xed/0x280
[ 1483.809226][T18085]  __sock_create+0x4b0/0x9f0
[ 1483.809271][T18085]  __sys_socket+0xd7/0x1b0
[ 1483.809309][T18085]  __x64_sys_socket+0x7a/0x90
[ 1483.809344][T18085]  do_syscall_64+0xfa/0xfa0
[ 1483.809368][T18085]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1483.809393][T18085]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1483.809415][T18085]  ? clear_bhb_loop+0x60/0xb0
[ 1483.809442][T18085]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1483.809463][T18085] RIP: 0033:0x7f19a687eec9
[ 1483.809482][T18085] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1483.809501][T18085] RSP: 002b:00007f19a4ae6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[ 1483.809534][T18085] RAX: ffffffffffffffda RBX: 00007f19a6ad5fa0 RCX: 00007f19a687eec9
[ 1483.809550][T18085] RDX: 0000000000000001 RSI: 0000000000080801 RDI: 000000000000002b
[ 1483.809564][T18085] RBP: 00007f19a4ae6090 R08: 0000000000000000 R09: 0000000000000000
[ 1483.809578][T18085] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1483.809592][T18085] R13: 00007f19a6ad6038 R14: 00007f19a6ad5fa0 R15: 00007ffff86f6f48
[ 1483.809628][T18085]  </TASK>
[ 1484.025957][T18087] kvm: pic: non byte read
[ 1484.026046][T18087] kvm: pic: non byte read
[ 1484.026122][T18087] kvm: pic: non byte read
[ 1484.027508][T18087] kvm: pic: non byte read
[ 1484.027615][T18087] kvm: pic: non byte read
[ 1484.027694][T18087] kvm: pic: non byte read
[ 1484.027773][T18087] kvm: pic: non byte read
[ 1484.027850][T18087] kvm: pic: non byte read
[ 1484.027927][T18087] kvm: pic: non byte read
[ 1484.028011][T18087] kvm: pic: non byte read
[ 1484.359470][T18080] lo speed is unknown, defaulting to 1000
[ 1484.759116][ T3607] netdevsim netdevsim0 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1484.759157][ T3607] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1485.421718][T10972] Bluetooth: hci5: command tx timeout
[ 1486.497763][T18112] netlink: 52 bytes leftover after parsing attributes in process `syz.7.3600'.
[ 1487.534886][ T5814] Bluetooth: hci5: command tx timeout
[ 1487.553285][ T3607] netdevsim netdevsim0 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1487.553324][ T3607] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1487.825069][T18126] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1489.203859][ T3607] netdevsim netdevsim0 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1489.203899][ T3607] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1489.309870][T17757] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 1489.342977][T18143] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1489.343439][T18143] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1489.610260][T18151] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3610'.
[ 1489.955576][ T5814] Bluetooth: hci5: command tx timeout
[ 1490.013096][T18153] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1490.480642][ T3607] netdevsim netdevsim0 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1490.480682][ T3607] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1491.312405][T17757] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 1491.424311][T17757] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 1491.525506][T18171] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1491.534458][T15980] Process accounting resumed
[ 1491.543544][T17757] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 1491.613055][T18168] Process accounting resumed
[ 1491.959928][T10972] Bluetooth: hci5: command tx timeout
[ 1492.169104][T18080] chnl_net:caif_netlink_parms(): no params data found
[ 1492.323914][ T3607] bridge_slave_1: left allmulticast mode
[ 1492.323945][ T3607] bridge_slave_1: left promiscuous mode
[ 1492.325414][ T3607] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1492.402967][ T3607] bridge_slave_0: left allmulticast mode
[ 1492.402997][ T3607] bridge_slave_0: left promiscuous mode
[ 1492.403275][ T3607] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1492.586779][T18207] netlink: 'syz.7.3626': attribute type 1 has an invalid length.
[ 1493.360400][T15980] usb 3-1: new high-speed USB device number 33 using dummy_hcd
[ 1493.517302][T15980] usb 3-1: device descriptor read/64, error -71
[ 1493.692022][ T3607] team0: Port device gretap1 removed
[ 1493.800814][T15980] usb 3-1: new high-speed USB device number 34 using dummy_hcd
[ 1493.931962][T15980] usb 3-1: device descriptor read/64, error -71
[ 1494.042866][T15980] usb usb3-port1: attempt power cycle
[ 1494.389949][T15980] usb 3-1: new high-speed USB device number 35 using dummy_hcd
[ 1494.443328][T15980] usb 3-1: device descriptor read/8, error -71
[ 1494.720160][T15980] usb 3-1: new high-speed USB device number 36 using dummy_hcd
[ 1494.772130][T15980] usb 3-1: device descriptor read/8, error -71
[ 1494.881951][T15980] usb usb3-port1: unable to enumerate USB device
[ 1495.060864][ T3607] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1495.120652][ T3607] bond0 (unregistering): (slave 
c
@0Ù): Releasing backup interface
[ 1495.143890][ T3607] bond0 (unregistering): Released all slaves
[ 1496.024417][ T3607] bond1 (unregistering): Released all slaves
[ 1496.633517][   T38] audit: type=1326 audit(2000000505.860:654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18224 comm="syz.4.3631" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5e225eeec9 code=0x0
[ 1496.706901][T18080] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1496.707052][T18080] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1496.707241][T18080] bridge_slave_0: entered allmulticast mode
[ 1496.720910][T18080] bridge_slave_0: entered promiscuous mode
[ 1496.744324][T18080] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1496.744474][T18080] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1496.744723][T18080] bridge_slave_1: entered allmulticast mode
[ 1496.748494][T18226] fuse: Bad value for 'fd'
[ 1496.754040][T18080] bridge_slave_1: entered promiscuous mode
[ 1496.771037][T18226] netlink: 'syz.4.3631': attribute type 21 has an invalid length.
[ 1496.877495][T18217] program syz.2.3629 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1496.890802][T18226] netlink: 'syz.4.3631': attribute type 1 has an invalid length.
[ 1496.890825][T18226] netlink: 144 bytes leftover after parsing attributes in process `syz.4.3631'.
[ 1497.007755][T18080] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1497.028611][T18080] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1497.156194][T18230] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1497.156631][T18230] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1497.345635][T18080] team0: Port device team_slave_0 added
[ 1497.349996][T18080] team0: Port device team_slave_1 added
[ 1497.505471][T18080] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1497.505488][T18080] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1497.505518][T18080] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1497.509630][T18080] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1497.509643][T18080] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1497.509668][T18080] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1497.554895][T17757] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1497.740691][T18080] hsr_slave_0: entered promiscuous mode
[ 1497.742347][T18080] hsr_slave_1: entered promiscuous mode
[ 1497.743539][T18080] debugfs: 'hsr0' already exists in 'hsr'
[ 1497.743573][T18080] Cannot create hsr debugfs directory
[ 1497.768094][T18237] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1497.768573][T18237] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1498.106431][T18240] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3635'.
[ 1498.106457][T18240] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3635'.
[ 1498.431030][T17757] 8021q: adding VLAN 0 to HW filter on device team0
[ 1499.502043][ T1168] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1499.502253][ T1168] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1500.132035][ T1321] ieee802154 phy0 wpan0: encryption failed: -22
[ 1500.132114][ T1321] ieee802154 phy1 wpan1: encryption failed: -22
[ 1501.143370][ T3607] veth1_macvtap: left promiscuous mode
[ 1501.143492][ T3607] veth0_macvtap: left promiscuous mode
[ 1501.143760][ T3607] veth1_vlan: left promiscuous mode
[ 1501.143945][ T3607] veth0_vlan: left promiscuous mode
[ 1501.696256][T18273] picdev_read: 77 callbacks suppressed
[ 1501.696279][T18273] kvm: pic: non byte read
[ 1501.696352][T18273] kvm: pic: non byte read
[ 1501.696423][T18273] kvm: pic: non byte read
[ 1501.696505][T18273] kvm: pic: non byte read
[ 1501.696572][T18273] kvm: pic: non byte read
[ 1501.696639][T18273] kvm: pic: non byte read
[ 1501.696706][T18273] kvm: pic: non byte read
[ 1501.696791][T18273] kvm: pic: non byte read
[ 1501.743971][T18273] kvm: pic: non byte read
[ 1501.744086][T18273] kvm: pic: non byte read
[ 1501.996054][T18282] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3646'.
[ 1503.116745][T18287] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1503.183683][T18289] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1503.184159][T18289] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1503.210519][T18289] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1503.211043][T18289] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1504.430161][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1504.510058][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1504.533738][T18304] FAULT_INJECTION: forcing a failure.
[ 1504.533738][T18304] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1504.533889][T18304] CPU: 1 UID: 0 PID: 18304 Comm: syz.2.3656 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1504.533916][T18304] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1504.533930][T18304] Call Trace:
[ 1504.533939][T18304]  <TASK>
[ 1504.533948][T18304]  dump_stack_lvl+0x189/0x250
[ 1504.533979][T18304]  ? __pfx____ratelimit+0x10/0x10
[ 1504.534002][T18304]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1504.534029][T18304]  ? __pfx__printk+0x10/0x10
[ 1504.534055][T18304]  ? __might_fault+0xb0/0x130
[ 1504.534098][T18304]  should_fail_ex+0x46c/0x600
[ 1504.534137][T18304]  _copy_from_user+0x2d/0xb0
[ 1504.534167][T18304]  ___sys_sendmsg+0x158/0x2a0
[ 1504.534197][T18304]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1504.534263][T18304]  ? __fget_files+0x2a/0x420
[ 1504.534292][T18304]  ? __fget_files+0x3a6/0x420
[ 1504.534333][T18304]  __x64_sys_sendmsg+0x1a1/0x260
[ 1504.534362][T18304]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1504.534400][T18304]  ? __pfx_ksys_write+0x10/0x10
[ 1504.534431][T18304]  ? do_syscall_64+0xbe/0xfa0
[ 1504.534459][T18304]  do_syscall_64+0xfa/0xfa0
[ 1504.534482][T18304]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1504.534506][T18304]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1504.534528][T18304]  ? clear_bhb_loop+0x60/0xb0
[ 1504.534562][T18304]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1504.534583][T18304] RIP: 0033:0x7f19a687eec9
[ 1504.534603][T18304] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1504.534622][T18304] RSP: 002b:00007f19a4ae6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1504.534646][T18304] RAX: ffffffffffffffda RBX: 00007f19a6ad5fa0 RCX: 00007f19a687eec9
[ 1504.534662][T18304] RDX: 0000000000084000 RSI: 0000200000000140 RDI: 0000000000000003
[ 1504.534677][T18304] RBP: 00007f19a4ae6090 R08: 0000000000000000 R09: 0000000000000000
[ 1504.534691][T18304] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1504.534703][T18304] R13: 00007f19a6ad6038 R14: 00007f19a6ad5fa0 R15: 00007ffff86f6f48
[ 1504.534739][T18304]  </TASK>
[ 1504.819446][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1504.947417][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1505.021347][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1505.061500][ T5814] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1505.078596][ T5814] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1505.089212][ T5814] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1505.097609][ T5814] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1505.101521][ T5814] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1505.205470][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1505.277569][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1505.642812][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1505.772944][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1506.168511][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1506.239515][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1506.646794][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1506.709971][ T5894] usb 3-1: new high-speed USB device number 37 using dummy_hcd
[ 1506.890106][ T5894] usb 3-1: Using ep0 maxpacket: 8
[ 1506.899388][ T5894] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1506.899417][ T5894] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1506.903423][ T5894] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1506.903458][ T5894] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1506.903481][ T5894] usb 3-1: Product: �讃㑟晄�玔㞺輲俗��꼓좮�꧕��䪵�病䰜�罅꤬敉�徖쾱䧮⃷ೣ畇䜭俯ر㣂憮튄淥膲⓪洵㨫슅刟�뾎鬭��ꀭ껑駵蜓�ﬥᴅ綔�彎뀤�鮡Ｚ諛��冊킯㑚锢�籑挬鬗⻾調韩蕜
[ 1506.903516][ T5894] usb 3-1: Manufacturer: о
[ 1506.903538][ T5894] usb 3-1: SerialNumber: á �
[ 1506.955770][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1507.180872][T10972] Bluetooth: hci0: command tx timeout
[ 1507.208399][ T5894] usb 3-1: 0:2 : does not exist
[ 1507.228845][ T5894] usb 3-1: USB disconnect, device number 37
[ 1507.281891][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1507.534551][ T3607] team0 (unregistering): Port device team_slave_1 removed
[ 1507.573399][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1507.632861][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1507.699146][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1507.766633][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1507.840681][ T3607] team0 (unregistering): Port device team_slave_0 removed
[ 1507.854712][T18328] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1507.956847][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1507.978136][T18332] 9pnet_fd: Insufficient options for proto=fd
[ 1508.053014][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1508.120429][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1508.343666][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1509.424543][T10972] Bluetooth: hci0: command tx timeout
[ 1510.172062][T18341] xt_socket: unknown flags 0xd0
[ 1510.209760][T18342] ip6_tunnel: non-ECT from fe80:0071:0000:0000:0000:0000:0000:0021 with DS=0x7
[ 1511.388153][T18352] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1511.526418][T10972] Bluetooth: hci0: command tx timeout
[ 1513.560041][T10972] Bluetooth: hci0: command tx timeout
[ 1514.619430][ T8524] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1514.619553][ T8524] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1514.722179][T18363] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1514.722638][T18363] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1516.690873][T18380] netlink: 4476 bytes leftover after parsing attributes in process `syz.7.3683'.
[ 1517.022557][ T3607] IPVS: stop unused estimator thread 0...
[ 1517.507047][T18311] chnl_net:caif_netlink_parms(): no params data found
[ 1518.905095][T18399] loop9: detected capacity change from 0 to 7
[ 1518.941462][T18399] Dev loop9: unable to read RDB block 7
[ 1518.941493][T18399]  loop9: AHDI p1
[ 1518.941519][T18399] loop9: partition table partially beyond EOD, truncated
[ 1519.083723][T18405] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1519.086004][T18405] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1519.799655][T18417] program syz.4.3694 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1520.296783][T18311] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1520.297013][T18311] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1520.297237][T18311] bridge_slave_0: entered allmulticast mode
[ 1520.300952][T18311] bridge_slave_0: entered promiscuous mode
[ 1520.625529][T18311] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1520.625665][T18311] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1520.625926][T18311] bridge_slave_1: entered allmulticast mode
[ 1520.652118][T18311] bridge_slave_1: entered promiscuous mode
[ 1521.890905][T18080] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 1521.981397][T18311] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1522.213975][T18080] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 1522.257160][T18311] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1522.257561][T18080] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 1522.431807][   T38] audit: type=1326 audit(2000000531.650:655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18440 comm="syz.7.3703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f152cdbeec9 code=0x7ffc0000
[ 1522.431869][   T38] audit: type=1326 audit(2000000531.650:656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18440 comm="syz.7.3703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f152cdbeec9 code=0x7ffc0000
[ 1522.431916][   T38] audit: type=1326 audit(2000000531.650:657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18440 comm="syz.7.3703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=100 compat=0 ip=0x7f152cdbeec9 code=0x7ffc0000
[ 1522.431972][   T38] audit: type=1326 audit(2000000531.650:658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18440 comm="syz.7.3703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f152cdbeec9 code=0x7ffc0000
[ 1522.432021][   T38] audit: type=1326 audit(2000000531.650:659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18440 comm="syz.7.3703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f152cdbeec9 code=0x7ffc0000
[ 1522.432076][   T38] audit: type=1326 audit(2000000531.650:660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18440 comm="syz.7.3703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f152cdbeec9 code=0x7ffc0000
[ 1522.525858][T15980] IPVS: starting estimator thread 0...
[ 1522.527946][T18442] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[ 1522.557166][T18080] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 1522.612324][T18445] IPVS: using max 7 ests per chain, 16800 per kthread
[ 1522.729389][T18311] team0: Port device team_slave_0 added
[ 1522.765594][T18311] team0: Port device team_slave_1 added
[ 1522.780190][T18453] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[ 1523.087131][T18311] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1523.087144][T18311] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1523.087162][T18311] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1523.138344][T18311] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1523.138358][T18311] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1523.138378][T18311] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1523.466995][T18311] hsr_slave_0: entered promiscuous mode
[ 1523.480155][T18311] hsr_slave_1: entered promiscuous mode
[ 1523.484262][T18311] debugfs: 'hsr0' already exists in 'hsr'
[ 1523.484290][T18311] Cannot create hsr debugfs directory
[ 1523.486480][ T3607] bridge_slave_1: left allmulticast mode
[ 1523.486510][ T3607] bridge_slave_1: left promiscuous mode
[ 1523.486774][ T3607] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1523.548041][T18464] binder: Bad value for 'stats'
[ 1523.591051][ T3607] bridge_slave_0: left allmulticast mode
[ 1523.591073][ T3607] bridge_slave_0: left promiscuous mode
[ 1523.591280][ T3607] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1527.579361][T18494] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1527.592753][ T3607] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1527.890746][ T3607] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1527.964773][ T3607] bond0 (unregistering): Released all slaves
[ 1528.998791][ T3607] hsr_slave_0: left promiscuous mode
[ 1529.103154][T18513] xt_socket: unknown flags 0xd0
[ 1529.130682][ T3607] hsr_slave_1: left promiscuous mode
[ 1529.131859][ T3607] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1529.170887][ T3607] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1529.493368][T18520] GUP no longer grows the stack in syz.4.3728 (18520): 200000005000-200000008000 (200000004000)
[ 1529.493408][T18520] CPU: 0 UID: 0 PID: 18520 Comm: syz.4.3728 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1529.493434][T18520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1529.493447][T18520] Call Trace:
[ 1529.493455][T18520]  <TASK>
[ 1529.493465][T18520]  dump_stack_lvl+0x189/0x250
[ 1529.493500][T18520]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1529.493528][T18520]  ? __pfx__printk+0x10/0x10
[ 1529.493552][T18520]  ? find_vma+0xe7/0x160
[ 1529.493594][T18520]  fixup_user_fault+0x661/0x720
[ 1529.493629][T18520]  fault_in_user_writeable+0x72/0xe0
[ 1529.493655][T18520]  futex_lock_pi+0x765/0xa70
[ 1529.493696][T18520]  ? __pfx_futex_lock_pi+0x10/0x10
[ 1529.493750][T18520]  ? __pfx___cant_migrate+0x10/0x10
[ 1529.493780][T18520]  ? __pfx_futex_wake_mark+0x10/0x10
[ 1529.493817][T18520]  ? __seccomp_filter+0xaa6/0x1e10
[ 1529.493858][T18520]  do_futex+0x292/0x420
[ 1529.493891][T18520]  ? __pfx_do_futex+0x10/0x10
[ 1529.493919][T18520]  ? __vm_munmap+0x2c1/0x380
[ 1529.493959][T18520]  __se_sys_futex+0x36f/0x400
[ 1529.493994][T18520]  ? __pfx___se_sys_futex+0x10/0x10
[ 1529.494031][T18520]  ? __x64_sys_futex+0x21/0xf0
[ 1529.494061][T18520]  do_syscall_64+0xfa/0xfa0
[ 1529.494085][T18520]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1529.494109][T18520]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1529.494130][T18520]  ? clear_bhb_loop+0x60/0xb0
[ 1529.494158][T18520]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1529.494179][T18520] RIP: 0033:0x7f5e225eeec9
[ 1529.494198][T18520] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1529.494222][T18520] RSP: 002b:00007f5e2084e038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1529.494246][T18520] RAX: ffffffffffffffda RBX: 00007f5e22845fa0 RCX: 00007f5e225eeec9
[ 1529.494263][T18520] RDX: 00000000fffffffd RSI: 000000000000008d RDI: 0000200000004000
[ 1529.494278][T18520] RBP: 00007f5e22671f91 R08: 0000000000000000 R09: 0000000000000000
[ 1529.494291][T18520] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1529.494303][T18520] R13: 00007f5e22846038 R14: 00007f5e22845fa0 R15: 00007ffcea1bedb8
[ 1529.494337][T18520]  </TASK>
[ 1530.560909][ T3607] team0 (unregistering): Port device team_slave_1 removed
[ 1531.041113][ T3607] team0 (unregistering): Port device team_slave_0 removed
[ 1533.870168][T18536] fuse: Bad value for 'group_id'
[ 1533.870190][T18536] fuse: Bad value for 'group_id'
[ 1534.257365][T18543] fanotify: failed to encode fid (type=0, len=0, err=-2)
[ 1536.139671][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1536.407973][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1536.455624][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1536.624949][T18080] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1537.016274][T18080] 8021q: adding VLAN 0 to HW filter on device team0
[ 1537.056540][ T6209] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1537.057308][ T6209] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1537.134021][ T6219] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1537.134181][ T6219] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1537.250742][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1537.815935][T18311] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 1537.946984][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1537.964142][T18311] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 1538.019295][T18311] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 1538.068891][T18311] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 1538.299316][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1538.480645][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1539.044127][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1539.385671][T18080] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1539.886715][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1539.985139][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1541.048012][T18311] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1541.463172][T18311] 8021q: adding VLAN 0 to HW filter on device team0
[ 1541.506576][ T6209] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1541.510326][ T6209] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1541.535335][ T6209] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1541.568121][ T6209] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1544.031478][ T5814] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1544.050522][ T5814] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1544.053899][ T5814] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1544.058487][ T5814] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1544.076595][ T5814] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1544.112500][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1544.151713][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1544.657756][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1544.840342][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1545.431796][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1545.726104][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1545.912909][T18311] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1546.271834][ T5892] usb 3-1: new full-speed USB device number 38 using dummy_hcd
[ 1546.359902][ T5814] Bluetooth: hci1: command tx timeout
[ 1546.418359][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1546.447108][ T5892] usb 3-1: unable to get BOS descriptor or descriptor too short
[ 1546.447791][ T5892] usb 3-1: not running at top speed; connect to a high speed hub
[ 1546.472476][ T5892] usb 3-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[ 1546.472503][ T5892] usb 3-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[ 1546.472522][ T5892] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1546.524845][ T5892] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1546.524869][ T5892] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1546.524884][ T5892] usb 3-1: Product: syz
[ 1546.524894][ T5892] usb 3-1: Manufacturer: syz
[ 1546.524905][ T5892] usb 3-1: SerialNumber: syz
[ 1546.762867][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1547.371150][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1548.110902][ T5892] usb 3-1: 0:2 : does not exist
[ 1548.242945][ T5892] usb 3-1: USB disconnect, device number 38
[ 1548.439999][ T5814] Bluetooth: hci1: command tx timeout
[ 1548.791873][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1548.866168][T18669] trusted_key: encrypted_key: insufficient parameters specified
[ 1548.872694][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1549.679966][T16742] usb 3-1: new high-speed USB device number 39 using dummy_hcd
[ 1549.829853][T16742] usb 3-1: Using ep0 maxpacket: 8
[ 1549.833995][T16742] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[ 1549.834048][T16742] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1549.834077][T16742] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1549.834104][T16742] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1549.834152][T16742] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1549.834177][T16742] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1550.870351][ T5814] Bluetooth: hci1: command tx timeout
[ 1550.989990][T16742] usb 3-1: GET_CAPABILITIES returned 0
[ 1550.990040][T16742] usbtmc 3-1:16.0: can't read capabilities
[ 1551.071333][ T5894] usb 3-1: USB disconnect, device number 39
[ 1551.669408][T18634] chnl_net:caif_netlink_parms(): no params data found
[ 1551.955304][T18311] veth0_vlan: entered promiscuous mode
[ 1552.336570][T18311] veth1_vlan: entered promiscuous mode
[ 1552.476070][T18634] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1552.476211][T18634] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1552.476482][T18634] bridge_slave_0: entered allmulticast mode
[ 1552.479342][T18634] bridge_slave_0: entered promiscuous mode
[ 1552.538383][T18634] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1552.538600][T18634] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1552.538824][T18634] bridge_slave_1: entered allmulticast mode
[ 1552.562928][T18634] bridge_slave_1: entered promiscuous mode
[ 1552.920196][ T5814] Bluetooth: hci1: command tx timeout
[ 1552.967905][T18634] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1552.987519][T18634] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1553.113290][   T13] bridge_slave_1: left allmulticast mode
[ 1553.113330][   T13] bridge_slave_1: left promiscuous mode
[ 1553.113719][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1553.222952][   T13] bridge_slave_0: left allmulticast mode
[ 1553.222992][   T13] bridge_slave_0: left promiscuous mode
[ 1553.223462][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1553.905490][ T5894] usb 3-1: new high-speed USB device number 40 using dummy_hcd
[ 1554.130655][ T5894] usb 3-1: Using ep0 maxpacket: 16
[ 1554.151859][ T5894] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[ 1554.151898][ T5894] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2c2e, bcdDevice= 0.00
[ 1554.151915][ T5894] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1554.155503][ T5894] usb 3-1: config 0 descriptor??
[ 1555.735828][ T5894] hid_parser_main: 8 callbacks suppressed
[ 1555.735856][ T5894] lua 0003:1E7D:2C2E.0018: unknown main item tag 0x0
[ 1555.945404][ T5894] lua 0003:1E7D:2C2E.0018: hidraw0: USB HID v20.00 Device [HID 1e7d:2c2e] on usb-dummy_hcd.2-1/input0
[ 1555.995162][T18770] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1556.527773][T18776] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3803'.
[ 1556.527851][T18776] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3803'.
[ 1557.314095][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1557.393103][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1557.441898][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1557.504122][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1557.580420][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1557.661101][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1557.732571][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1557.810293][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1557.881090][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1557.952276][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1558.022481][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1558.093973][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1558.172449][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1558.236911][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1558.299092][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1558.350816][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1558.420773][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1558.442615][   T13] bond0 (unregistering): Released all slaves
[ 1558.597406][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1558.671415][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1558.740786][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1558.831240][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1558.867901][T18634] team0: Port device team_slave_0 added
[ 1558.917456][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1558.933503][T16742] usb 3-1: USB disconnect, device number 40
[ 1559.025173][T18634] team0: Port device team_slave_1 added
[ 1559.412196][   T38] audit: type=1326 audit(2000000568.640:661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18822 comm="syz.7.3814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f152cdbeec9 code=0x7ffc0000
[ 1559.412397][   T38] audit: type=1326 audit(2000000568.640:662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18822 comm="syz.7.3814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f152cdbeec9 code=0x7ffc0000
[ 1559.413211][   T38] audit: type=1326 audit(2000000568.640:663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18822 comm="syz.7.3814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f152cdbeec9 code=0x7ffc0000
[ 1559.413407][   T38] audit: type=1326 audit(2000000568.640:664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18822 comm="syz.7.3814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f152cdbeec9 code=0x7ffc0000
[ 1559.413561][   T38] audit: type=1326 audit(2000000568.640:665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18822 comm="syz.7.3814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f152cdbeec9 code=0x7ffc0000
[ 1559.414279][   T38] audit: type=1326 audit(2000000568.640:666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18822 comm="syz.7.3814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f152cdbeec9 code=0x7ffc0000
[ 1559.414434][   T38] audit: type=1326 audit(2000000568.640:667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18822 comm="syz.7.3814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f152cdbeec9 code=0x7ffc0000
[ 1559.414785][   T38] audit: type=1326 audit(2000000568.640:668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18822 comm="syz.7.3814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f152cdbeec9 code=0x7ffc0000
[ 1559.414936][   T38] audit: type=1326 audit(2000000568.640:669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18822 comm="syz.7.3814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f152cdbeec9 code=0x7ffc0000
[ 1559.415416][   T38] audit: type=1326 audit(2000000568.640:670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18822 comm="syz.7.3814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f152cdbeec9 code=0x7ffc0000
[ 1559.666177][   T13] hsr_slave_0: left promiscuous mode
[ 1559.720267][   T13] hsr_slave_1: left promiscuous mode
[ 1559.722086][T18825] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3814'.
[ 1559.722909][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1559.763044][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1560.780012][T16742] usb 3-1: new high-speed USB device number 41 using dummy_hcd
[ 1560.940017][T16742] usb 3-1: Using ep0 maxpacket: 16
[ 1560.942296][T16742] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[ 1560.942333][T16742] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2c2e, bcdDevice= 0.00
[ 1560.942350][T16742] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1560.946042][T16742] usb 3-1: config 0 descriptor??
[ 1561.246451][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1561.408484][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1561.472487][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1561.576269][ T1321] ieee802154 phy0 wpan0: encryption failed: -22
[ 1561.576333][ T1321] ieee802154 phy1 wpan1: encryption failed: -22
[ 1561.687995][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1561.689839][T18886] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1561.726242][T16742] lua 0003:1E7D:2C2E.0019: unknown main item tag 0x0
[ 1561.740418][T16742] lua 0003:1E7D:2C2E.0019: hidraw0: USB HID v20.00 Device [HID 1e7d:2c2e] on usb-dummy_hcd.2-1/input0
[ 1561.910137][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1561.972401][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1562.055507][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1562.072634][T18891] netlink: 'syz.4.3822': attribute type 2 has an invalid length.
[ 1562.072654][T18891] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3822'.
[ 1562.254710][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1562.451746][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1562.506543][T18895] ip6_tunnel: non-ECT from fe80:0071:0000:0000:0000:0000:0000:0021 with DS=0x7
[ 1563.311598][   T13] team0 (unregistering): Port device team_slave_1 removed
[ 1563.417266][T18899] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1563.417648][T18899] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1563.463088][T18899] Invalid source name
[ 1563.463102][T18899] UBIFS error (pid: 18899): cannot open "./file0", error -22
[ 1563.661255][   T13] team0 (unregistering): Port device team_slave_0 removed
[ 1565.080762][T10972] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1565.098015][T10972] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1565.100367][T10972] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1565.105913][T10972] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1565.107040][T10972] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1566.876153][T18311] veth0_macvtap: entered promiscuous mode
[ 1566.917445][T18825] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3814'.
[ 1567.044824][T16742] usb 3-1: USB disconnect, device number 41
[ 1567.349369][ T5814] Bluetooth: hci5: command tx timeout
[ 1567.410413][T18907] netlink: 165 bytes leftover after parsing attributes in process `syz.7.3826'.
[ 1567.463895][T18634] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1567.463914][T18634] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1567.463953][T18634] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1567.520859][T18634] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1567.520878][T18634] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1567.520911][T18634] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1568.150043][T16742] usb 3-1: new high-speed USB device number 42 using dummy_hcd
[ 1568.513558][T16742] usb 3-1: Using ep0 maxpacket: 32
[ 1568.515900][T16742] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1568.537350][T16742] usb 3-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80
[ 1568.537385][T16742] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1568.537408][T16742] usb 3-1: Product: syz
[ 1568.537425][T16742] usb 3-1: Manufacturer: syz
[ 1568.537441][T16742] usb 3-1: SerialNumber: syz
[ 1568.550912][T16742] usb 3-1: config 0 descriptor??
[ 1568.555211][T16742] usb 3-1: bad CDC descriptors
[ 1568.556591][T16742] usb 3-1: unsupported MDLM descriptors
[ 1568.838786][ T5885] usb 3-1: USB disconnect, device number 42
[ 1568.893956][T18634] hsr_slave_0: entered promiscuous mode
[ 1568.895506][T18634] hsr_slave_1: entered promiscuous mode
[ 1568.896652][T18634] debugfs: 'hsr0' already exists in 'hsr'
[ 1568.896680][T18634] Cannot create hsr debugfs directory
[ 1569.400681][T10972] Bluetooth: hci5: command tx timeout
[ 1569.863783][T18926] ip6_tunnel: non-ECT from fe80:0071:0000:0000:0000:0000:0000:0021 with DS=0x7
[ 1571.481830][T10972] Bluetooth: hci5: command tx timeout
[ 1571.839166][T18944] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[ 1572.090011][T18903] chnl_net:caif_netlink_parms(): no params data found
[ 1574.201769][T18973] ip6_tunnel: non-ECT from fe80:0071:0000:0000:0000:0000:0000:0021 with DS=0x7
[ 1574.653716][T10972] Bluetooth: hci5: command tx timeout
[ 1576.043891][T18903] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1576.045059][T18903] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1576.045532][T18903] bridge_slave_0: entered allmulticast mode
[ 1576.073991][T18903] bridge_slave_0: entered promiscuous mode
[ 1578.280260][T19013] xt_socket: unknown flags 0xd0
[ 1578.359481][T19015] ip6_tunnel: non-ECT from fe80:0071:0000:0000:0000:0000:0000:0021 with DS=0x7
[ 1579.451040][T18903] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1579.451185][T18903] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1579.451462][T18903] bridge_slave_1: entered allmulticast mode
[ 1579.457241][T18903] bridge_slave_1: entered promiscuous mode
[ 1581.024035][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1581.090538][T15980] usb 3-1: new high-speed USB device number 43 using dummy_hcd
[ 1581.219951][T15980] usb 3-1: device descriptor read/64, error -71
[ 1581.245712][T18903] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1581.268686][T18903] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1581.459873][T15980] usb 3-1: new high-speed USB device number 44 using dummy_hcd
[ 1581.599933][T15980] usb 3-1: device descriptor read/64, error -71
[ 1581.621643][T18903] team0: Port device team_slave_0 added
[ 1581.628589][T18634] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 1581.671001][T18903] team0: Port device team_slave_1 added
[ 1581.677215][T18634] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 1581.939328][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1581.949928][T15980] usb usb3-port1: attempt power cycle
[ 1582.052796][T19051] xt_socket: unknown flags 0xd0
[ 1582.104782][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1582.812681][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1582.960405][T18634] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 1583.051475][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1583.119929][T15980] usb 3-1: new high-speed USB device number 45 using dummy_hcd
[ 1583.140781][T15980] usb 3-1: device descriptor read/8, error -71
[ 1583.141806][T19058] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1583.142266][T19058] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1583.371197][T18634] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 1583.999864][T15980] usb 3-1: new high-speed USB device number 46 using dummy_hcd
[ 1584.141489][T18903] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1584.141505][T18903] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1584.141569][T18903] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1584.218825][T15980] usb 3-1: device descriptor read/8, error -71
[ 1584.310871][T18903] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1584.310891][T18903] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1584.310921][T18903] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1584.332357][T15980] usb usb3-port1: unable to enumerate USB device
[ 1584.651631][   T13] bridge_slave_1: left allmulticast mode
[ 1584.651664][   T13] bridge_slave_1: left promiscuous mode
[ 1584.651918][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1584.721699][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1584.761536][   T13] bridge_slave_0: left allmulticast mode
[ 1584.761570][   T13] bridge_slave_0: left promiscuous mode
[ 1584.761836][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1584.790093][ T5894] usb 3-1: new high-speed USB device number 47 using dummy_hcd
[ 1584.802066][T19080] FAULT_INJECTION: forcing a failure.
[ 1584.802066][T19080] name failslab, interval 1, probability 0, space 0, times 0
[ 1584.802109][T19080] CPU: 0 UID: 0 PID: 19080 Comm: syz.7.3874 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1584.802139][T19080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1584.802155][T19080] Call Trace:
[ 1584.802166][T19080]  <TASK>
[ 1584.802176][T19080]  dump_stack_lvl+0x189/0x250
[ 1584.802214][T19080]  ? __pfx____ratelimit+0x10/0x10
[ 1584.802241][T19080]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1584.802271][T19080]  ? __pfx__printk+0x10/0x10
[ 1584.802310][T19080]  ? __pfx___might_resched+0x10/0x10
[ 1584.802342][T19080]  should_fail_ex+0x46c/0x600
[ 1584.802395][T19080]  should_failslab+0xa8/0x100
[ 1584.802433][T19080]  __kmalloc_cache_noprof+0x6f/0x6c0
[ 1584.802467][T19080]  ? futex_lock_pi+0xff/0xa70
[ 1584.802498][T19080]  ? futex_lock_pi+0x92e/0xa70
[ 1584.802536][T19080]  futex_lock_pi+0x92e/0xa70
[ 1584.802581][T19080]  ? __pfx_futex_lock_pi+0x10/0x10
[ 1584.802642][T19080]  ? __pfx___cant_migrate+0x10/0x10
[ 1584.802674][T19080]  ? __pfx_futex_wake_mark+0x10/0x10
[ 1584.802718][T19080]  ? __seccomp_filter+0xaa6/0x1e10
[ 1584.802763][T19080]  do_futex+0x292/0x420
[ 1584.802795][T19080]  ? __pfx_vfs_write+0x10/0x10
[ 1584.802830][T19080]  ? __pfx_do_futex+0x10/0x10
[ 1584.802857][T19080]  ? rt_mutex_slowunlock+0x1be/0x2e0
[ 1584.802892][T19080]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[ 1584.802936][T19080]  __se_sys_futex+0x36f/0x400
[ 1584.802971][T19080]  ? ksys_write+0x230/0x260
[ 1584.803000][T19080]  ? __pfx___se_sys_futex+0x10/0x10
[ 1584.803039][T19080]  ? __x64_sys_futex+0x21/0xf0
[ 1584.803072][T19080]  do_syscall_64+0xfa/0xfa0
[ 1584.803099][T19080]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1584.803127][T19080]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1584.803151][T19080]  ? clear_bhb_loop+0x60/0xb0
[ 1584.803182][T19080]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1584.803206][T19080] RIP: 0033:0x7f152cdbeec9
[ 1584.803229][T19080] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1584.803250][T19080] RSP: 002b:00007f152b01e038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1584.803277][T19080] RAX: ffffffffffffffda RBX: 00007f152d015fa0 RCX: 00007f152cdbeec9
[ 1584.803296][T19080] RDX: 00000000fffffffd RSI: 000000000000008d RDI: 0000000000000000
[ 1584.803313][T19080] RBP: 00007f152b01e090 R08: 0000000000000000 R09: 0000000000000000
[ 1584.803330][T19080] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1584.803345][T19080] R13: 00007f152d016038 R14: 00007f152d015fa0 R15: 00007ffede69d708
[ 1584.803393][T19080]  </TASK>
[ 1585.007834][ T5894] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1585.007867][ T5894] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 3
[ 1585.007939][ T5894] usb 3-1: New USB device found, idVendor=0489, idProduct=e057, bcdDevice= 0.00
[ 1585.007969][ T5894] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1585.042801][ T5894] usb 3-1: config 0 descriptor??
[ 1585.289659][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1586.001079][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1586.177655][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1586.318825][ T5894] Bluetooth: Can't get state to change to load ram patch err
[ 1586.318841][ T5894] Bluetooth: Loading patch file failed
[ 1586.318871][ T5894] ath3k 3-1:0.0: probe with driver ath3k failed with error -71
[ 1586.321897][ T5894] usb 3-1: USB disconnect, device number 47
[ 1586.525545][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1586.618802][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1586.752726][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1586.888668][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1587.309286][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1587.380207][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1587.395241][   T38] kauditd_printk_skb: 38 callbacks suppressed
[ 1587.395266][   T38] audit: type=1326 audit(2000000597.623:709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19112 comm="syz.4.3884" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5e225eeec9 code=0x0
[ 1587.439899][ T5186] usb 3-1: new high-speed USB device number 48 using dummy_hcd
[ 1587.503158][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1587.629873][ T5186] usb 3-1: Using ep0 maxpacket: 8
[ 1587.632180][ T5186] usb 3-1: config 0 has an invalid interface number: 52 but max is 0
[ 1587.632211][ T5186] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1587.632234][ T5186] usb 3-1: config 0 has no interface number 0
[ 1587.632274][ T5186] usb 3-1: config 0 interface 52 altsetting 1 endpoint 0x8A has an invalid bInterval 0, changing to 7
[ 1587.632294][ T5186] usb 3-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1587.632314][ T5186] usb 3-1: config 0 interface 52 has no altsetting 0
[ 1587.633540][ T5186] usb 3-1: New USB device found, idVendor=06cb, idProduct=0003, bcdDevice=e8.00
[ 1587.633568][ T5186] usb 3-1: New USB device strings: Mfr=22, Product=0, SerialNumber=0
[ 1587.633587][ T5186] usb 3-1: Manufacturer: syz
[ 1587.637865][ T5186] usb 3-1: config 0 descriptor??
[ 1587.732521][ T5186] hub 3-1:0.52: bad descriptor, ignoring hub
[ 1587.732558][ T5186] hub 3-1:0.52: probe with driver hub failed with error -5
[ 1587.773866][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1587.858219][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1587.932477][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1587.953905][ T5186] input: syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.52/input/input37
[ 1588.022985][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1588.097461][ T5186] usb 3-1: Failed to suspend device, error -71
[ 1588.098429][ T5186] usb 3-1: USB disconnect, device number 48
[ 1588.168429][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1588.227524][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1588.322994][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1588.528582][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1588.640871][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1588.756153][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1588.843305][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1589.329457][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1589.331069][T19130] xt_socket: unknown flags 0xd0
[ 1589.372372][T19130] ip6_tunnel: non-ECT from fe80:0071:0000:0000:0000:0000:0000:0021 with DS=0x7
[ 1589.440361][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1589.662493][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1589.711022][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1589.762659][   T13] bond0 (unregistering): Released all slaves
[ 1590.024758][T18903] hsr_slave_0: entered promiscuous mode
[ 1590.026242][T18903] hsr_slave_1: entered promiscuous mode
[ 1590.027276][T18903] debugfs: 'hsr0' already exists in 'hsr'
[ 1590.027303][T18903] Cannot create hsr debugfs directory
[ 1590.235835][T19139] 9pnet_fd: Insufficient options for proto=fd
[ 1590.286968][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1590.520677][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1590.626985][T19147] FAULT_INJECTION: forcing a failure.
[ 1590.626985][T19147] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1590.627024][T19147] CPU: 1 UID: 0 PID: 19147 Comm: syz.4.3897 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1590.627051][T19147] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1590.627066][T19147] Call Trace:
[ 1590.627075][T19147]  <TASK>
[ 1590.627085][T19147]  dump_stack_lvl+0x189/0x250
[ 1590.627118][T19147]  ? __pfx____ratelimit+0x10/0x10
[ 1590.627143][T19147]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1590.627170][T19147]  ? __pfx__printk+0x10/0x10
[ 1590.627197][T19147]  ? __might_fault+0xb0/0x130
[ 1590.627240][T19147]  should_fail_ex+0x46c/0x600
[ 1590.627281][T19147]  _copy_from_user+0x2d/0xb0
[ 1590.627311][T19147]  __sys_connect+0x124/0x450
[ 1590.627338][T19147]  ? __pfx___sys_connect+0x10/0x10
[ 1590.627375][T19147]  ? __pfx_ksys_write+0x10/0x10
[ 1590.627410][T19147]  __x64_sys_connect+0x7a/0x90
[ 1590.627434][T19147]  do_syscall_64+0xfa/0xfa0
[ 1590.627458][T19147]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1590.627483][T19147]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1590.627506][T19147]  ? clear_bhb_loop+0x60/0xb0
[ 1590.627533][T19147]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1590.627555][T19147] RIP: 0033:0x7f5e225eeec9
[ 1590.627576][T19147] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1590.627595][T19147] RSP: 002b:00007f5e2084e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[ 1590.627620][T19147] RAX: ffffffffffffffda RBX: 00007f5e22845fa0 RCX: 00007f5e225eeec9
[ 1590.627637][T19147] RDX: 000000000000001c RSI: 0000200000000180 RDI: 0000000000000003
[ 1590.627652][T19147] RBP: 00007f5e2084e090 R08: 0000000000000000 R09: 0000000000000000
[ 1590.627667][T19147] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1590.627680][T19147] R13: 00007f5e22846038 R14: 00007f5e22845fa0 R15: 00007ffcea1bedb8
[ 1590.627717][T19147]  </TASK>
[ 1590.895121][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1591.144026][   T13] hsr_slave_0: left promiscuous mode
[ 1591.342807][T19162] 9pnet_fd: Insufficient options for proto=fd
[ 1591.470073][   T13] hsr_slave_1: left promiscuous mode
[ 1591.471420][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1591.492620][T19163] xt_socket: unknown flags 0xd0
[ 1591.546175][T19166] ip6_tunnel: non-ECT from fe80:0071:0000:0000:0000:0000:0000:0021 with DS=0x7
[ 1591.793668][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1591.805483][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1592.306079][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1592.850212][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1592.872437][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1592.932563][   T13] veth0_macvtap: left promiscuous mode
[ 1592.932946][   T13] veth1_vlan: left promiscuous mode
[ 1592.933148][   T13] veth0_vlan: left promiscuous mode
[ 1592.939940][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1593.050236][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1593.203002][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1593.282656][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1593.321565][T19175] 9pnet_fd: Insufficient options for proto=fd
[ 1593.409017][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1593.560871][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1593.620338][T19182] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1593.758075][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1593.904785][T19186] 9pnet_fd: Insufficient options for proto=fd
[ 1593.934294][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1595.105769][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1595.204610][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1595.268329][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1595.462805][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1595.554043][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1595.733317][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1595.814945][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1595.872284][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1595.995536][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1596.043459][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1596.167970][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1596.323786][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1596.570462][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1596.723899][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1596.980557][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1597.046708][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1597.116753][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1597.326095][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1597.391756][   T13] team0 (unregistering): Port device team_slave_1 removed
[ 1597.433400][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1597.493916][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1597.559119][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1597.622532][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1597.671069][   T13] team0 (unregistering): Port device team_slave_0 removed
[ 1597.710759][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1597.777377][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1597.830090][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1597.895807][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1597.969026][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1598.040656][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1598.111501][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1598.173577][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1598.223188][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1598.283319][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1598.347965][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1598.404107][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1603.538822][ T5814] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1603.548220][ T5814] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1603.549801][ T5814] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1603.554695][ T5814] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1603.556359][ T5814] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1605.014614][T10972] Bluetooth: hci4: Ignoring HCI_Connection_Complete for existing connection
[ 1605.646854][ T5814] Bluetooth: hci0: command tx timeout
[ 1605.977817][T19244] bridge0: entered promiscuous mode
[ 1605.978098][T19244] macvtap1: entered allmulticast mode
[ 1605.978114][T19244] bridge0: entered allmulticast mode
[ 1605.998121][T19244] bridge0: port 3(macvtap1) entered blocking state
[ 1605.998362][T19244] bridge0: port 3(macvtap1) entered disabled state
[ 1606.075768][T19244] bridge0: left allmulticast mode
[ 1606.075884][T19244] bridge0: left promiscuous mode
[ 1606.306001][T19254] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3929'.
[ 1606.369570][T19256] overlayfs: "xino" feature enabled using 3 upper inode bits.
[ 1607.111113][T19256] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3929'.
[ 1607.745576][ T5814] Bluetooth: hci0: command tx timeout
[ 1608.117824][T19225] chnl_net:caif_netlink_parms(): no params data found
[ 1608.480715][T18903] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 1608.700401][T18903] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 1608.755021][T18903] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 1608.801391][T18903] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 1608.976438][T19225] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1608.976632][T19225] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1608.976850][T19225] bridge_slave_0: entered allmulticast mode
[ 1608.979070][T19225] bridge_slave_0: entered promiscuous mode
[ 1608.998713][T19225] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1608.998880][T19225] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1608.999189][T19225] bridge_slave_1: entered allmulticast mode
[ 1609.002547][T19225] bridge_slave_1: entered promiscuous mode
[ 1609.199117][T19225] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1609.224198][T19225] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1609.415191][T19225] team0: Port device team_slave_0 added
[ 1609.441097][T19225] team0: Port device team_slave_1 added
[ 1609.512228][   T13] bridge_slave_1: left allmulticast mode
[ 1609.512260][   T13] bridge_slave_1: left promiscuous mode
[ 1609.512501][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1609.571557][   T13] bridge_slave_0: left allmulticast mode
[ 1609.571581][   T13] bridge_slave_0: left promiscuous mode
[ 1609.571777][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1609.800103][ T5814] Bluetooth: hci0: command tx timeout
[ 1610.085947][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1610.160965][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1610.222260][   T13] bond0 (unregistering): Released all slaves
[ 1610.593948][T19225] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1610.593968][T19225] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1610.593999][T19225] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1610.597780][T19225] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1610.597793][T19225] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1610.597814][T19225] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1610.740067][   T13] hsr_slave_0: left promiscuous mode
[ 1610.780140][   T13] hsr_slave_1: left promiscuous mode
[ 1610.780970][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1610.810847][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1611.540832][   T13] team0 (unregistering): Port device team_slave_1 removed
[ 1611.680562][   T13] team0 (unregistering): Port device team_slave_0 removed
[ 1611.889949][ T5814] Bluetooth: hci0: command tx timeout
[ 1612.583510][T19225] hsr_slave_0: entered promiscuous mode
[ 1612.584484][T19225] hsr_slave_1: entered promiscuous mode
[ 1612.585139][T19225] debugfs: 'hsr0' already exists in 'hsr'
[ 1612.585160][T19225] Cannot create hsr debugfs directory
[ 1613.047657][T18903] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1613.407810][T18903] 8021q: adding VLAN 0 to HW filter on device team0
[ 1613.428212][T18839] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1613.428421][T18839] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1613.450520][T18839] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1613.450732][T18839] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1614.088408][T19225] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 1614.127403][T18903] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1614.129611][T19225] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 1614.175930][T19225] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 1614.221171][T19225] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 1614.376455][T19225] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1614.406189][T19225] 8021q: adding VLAN 0 to HW filter on device team0
[ 1614.415694][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1614.416035][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1614.436077][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1614.436956][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1614.572318][T18903] veth0_vlan: entered promiscuous mode
[ 1614.582379][T18903] veth1_vlan: entered promiscuous mode
[ 1614.634993][T18903] veth0_macvtap: entered promiscuous mode
[ 1614.647633][T18903] veth1_macvtap: entered promiscuous mode
[ 1614.678464][T18903] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1614.703116][T18903] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1614.717537][   T13] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1614.717795][   T13] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1614.717838][   T13] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1614.717875][   T13] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1615.020106][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1615.020131][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1615.053743][T19225] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1615.116638][ T6211] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1615.116662][ T6211] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1615.421495][T19225] veth0_vlan: entered promiscuous mode
[ 1615.428902][T19225] veth1_vlan: entered promiscuous mode
[ 1615.477876][T19225] veth0_macvtap: entered promiscuous mode
[ 1615.489670][T19225] veth1_macvtap: entered promiscuous mode
[ 1615.525379][T19225] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1615.538927][T19225] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1615.556596][ T6211] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1615.557001][ T6211] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1615.557046][ T6211] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1615.557087][ T6211] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1615.857429][T18858] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1615.857449][T18858] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1615.926677][ T6211] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1615.926699][ T6211] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1623.006547][ T1321] ieee802154 phy0 wpan0: encryption failed: -22
[ 1623.006644][ T1321] ieee802154 phy1 wpan1: encryption failed: -22
[ 1632.169135][ T5814] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:201'
[ 1632.169168][ T5814] CPU: 1 UID: 0 PID: 5814 Comm: kworker/u9:4 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1632.169197][ T5814] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1632.169214][ T5814] Workqueue: hci0 hci_rx_work
[ 1632.169251][ T5814] Call Trace:
[ 1632.169261][ T5814]  <TASK>
[ 1632.169273][ T5814]  dump_stack_lvl+0x189/0x250
[ 1632.169307][ T5814]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1632.169335][ T5814]  ? __pfx__printk+0x10/0x10
[ 1632.169366][ T5814]  ? __rcu_read_unlock+0x84/0xe0
[ 1632.169408][ T5814]  ? kernfs_path_from_node+0x2c/0x280
[ 1632.169431][ T5814]  ? kernfs_path_from_node+0x243/0x280
[ 1632.169453][ T5814]  ? kernfs_path_from_node+0x2c/0x280
[ 1632.169480][ T5814]  sysfs_create_dir_ns+0x259/0x280
[ 1632.169503][ T5814]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[ 1632.169539][ T5814]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[ 1632.169560][ T5814]  ? __rcu_read_unlock+0x84/0xe0
[ 1632.169590][ T5814]  ? rt_spin_unlock+0x161/0x200
[ 1632.169625][ T5814]  kobject_add_internal+0x5a5/0xb50
[ 1632.169664][ T5814]  kobject_add+0x155/0x220
[ 1632.169691][ T5814]  ? irqentry_exit+0x74/0x90
[ 1632.169716][ T5814]  ? __pfx_kobject_add+0x10/0x10
[ 1632.169761][ T5814]  device_add+0x408/0xb50
[ 1632.169801][ T5814]  hci_conn_add_sysfs+0xd5/0x1e0
[ 1632.169836][ T5814]  le_conn_complete_evt+0xf39/0x1500
[ 1632.169877][ T5814]  ? __pfx_le_conn_complete_evt+0x10/0x10
[ 1632.169907][ T5814]  ? irqentry_exit+0x74/0x90
[ 1632.169930][ T5814]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1632.169957][ T5814]  ? skb_pull_data+0xfb/0x200
[ 1632.169992][ T5814]  hci_le_conn_complete_evt+0x187/0x450
[ 1632.170026][ T5814]  hci_event_packet+0x78f/0x1200
[ 1632.170063][ T5814]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 1632.170091][ T5814]  ? __pfx_hci_event_packet+0x10/0x10
[ 1632.170127][ T5814]  ? preempt_schedule_thunk+0x16/0x30
[ 1632.170168][ T5814]  ? hci_send_to_monitor+0xe2/0x570
[ 1632.170199][ T5814]  hci_rx_work+0x46a/0xe80
[ 1632.170241][ T5814]  ? process_scheduled_works+0x9ef/0x17b0
[ 1632.170271][ T5814]  process_scheduled_works+0xade/0x17b0
[ 1632.170333][ T5814]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1632.170386][ T5814]  worker_thread+0x8a0/0xda0
[ 1632.170445][ T5814]  kthread+0x711/0x8a0
[ 1632.170483][ T5814]  ? __pfx_worker_thread+0x10/0x10
[ 1632.170511][ T5814]  ? __pfx_kthread+0x10/0x10
[ 1632.170540][ T5814]  ? rt_spin_unlock+0x150/0x200
[ 1632.170577][ T5814]  ? rt_spin_unlock+0x161/0x200
[ 1632.170607][ T5814]  ? __pfx_kthread+0x10/0x10
[ 1632.170643][ T5814]  ret_from_fork+0x4b9/0x870
[ 1632.170673][ T5814]  ? __pfx_ret_from_fork+0x10/0x10
[ 1632.170710][ T5814]  ? __switch_to_asm+0x39/0x70
[ 1632.170737][ T5814]  ? __switch_to_asm+0x33/0x70
[ 1632.170764][ T5814]  ? __pfx_kthread+0x10/0x10
[ 1632.170798][ T5814]  ret_from_fork_asm+0x1a/0x30
[ 1632.170848][ T5814]  </TASK>
[ 1632.172129][ T5814] kobject: kobject_add_internal failed for hci0:201 with -EEXIST, don't try to register things with the same name in the same directory.
[ 1632.172587][ T5814] Bluetooth: hci0: failed to register connection device
[ 1635.972473][T18916] usb 10-1: new high-speed USB device number 5 using dummy_hcd
[ 1636.021278][T10972] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1636.025586][T10972] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1636.027437][T10972] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1636.033119][T10972] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1636.034216][T10972] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1636.130094][T18916] usb 10-1: Using ep0 maxpacket: 32
[ 1636.135574][T18916] usb 10-1: config 0 has an invalid descriptor of length 160, skipping remainder of the config
[ 1636.140052][T18916] usb 10-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80
[ 1636.140084][T18916] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1636.140106][T18916] usb 10-1: Product: syz
[ 1636.140123][T18916] usb 10-1: Manufacturer: syz
[ 1636.140139][T18916] usb 10-1: SerialNumber: syz
[ 1636.225194][T18916] usb 10-1: config 0 descriptor??
[ 1636.238922][T18916] usb 10-1: bad CDC descriptors
[ 1636.250844][T18916] usb 10-1: unsupported MDLM descriptors
[ 1636.429889][T19345] xt_socket: unknown flags 0xd0
[ 1636.480444][T18916] usb 10-1: USB disconnect, device number 5
[ 1636.481529][T19345] ip6_tunnel: non-ECT from fe80:0071:0000:0000:0000:0000:0000:0021 with DS=0x7
[ 1637.181951][T19342] chnl_net:caif_netlink_parms(): no params data found
[ 1637.420292][ T5892] usb 10-1: new high-speed USB device number 6 using dummy_hcd
[ 1637.590581][ T5892] usb 10-1: Using ep0 maxpacket: 32
[ 1637.599412][ T5892] usb 10-1: config 0 has an invalid descriptor of length 160, skipping remainder of the config
[ 1637.713765][ T5892] usb 10-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80
[ 1637.713797][ T5892] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1637.713820][ T5892] usb 10-1: Product: syz
[ 1637.713837][ T5892] usb 10-1: Manufacturer: syz
[ 1637.713853][ T5892] usb 10-1: SerialNumber: syz
[ 1637.756101][ T5892] usb 10-1: config 0 descriptor??
[ 1637.898700][ T5892] usb 10-1: bad CDC descriptors
[ 1637.910706][ T5892] usb 10-1: unsupported MDLM descriptors
[ 1638.090499][ T5892] usb 10-1: USB disconnect, device number 6
[ 1638.132925][ T5814] Bluetooth: hci1: command tx timeout
[ 1638.916097][ T5814] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201'
[ 1638.916125][ T5814] CPU: 0 UID: 0 PID: 5814 Comm: kworker/u9:4 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1638.916154][ T5814] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1638.916171][ T5814] Workqueue: hci2 hci_rx_work
[ 1638.916207][ T5814] Call Trace:
[ 1638.916217][ T5814]  <TASK>
[ 1638.916229][ T5814]  dump_stack_lvl+0x189/0x250
[ 1638.916264][ T5814]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1638.916293][ T5814]  ? __pfx__printk+0x10/0x10
[ 1638.916328][ T5814]  ? kernfs_path_from_node+0x2c/0x280
[ 1638.916353][ T5814]  ? kernfs_path_from_node+0x243/0x280
[ 1638.916375][ T5814]  ? kernfs_path_from_node+0x2c/0x280
[ 1638.916401][ T5814]  sysfs_create_dir_ns+0x259/0x280
[ 1638.916421][ T5814]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[ 1638.916457][ T5814]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[ 1638.916502][ T5814]  ? rt_spin_unlock+0x161/0x200
[ 1638.916538][ T5814]  kobject_add_internal+0x5a5/0xb50
[ 1638.916577][ T5814]  kobject_add+0x155/0x220
[ 1638.916612][ T5814]  ? __pfx_kobject_add+0x10/0x10
[ 1638.916656][ T5814]  ? get_device_parent+0x370/0x3a0
[ 1638.916695][ T5814]  device_add+0x408/0xb50
[ 1638.916734][ T5814]  hci_conn_add_sysfs+0xd5/0x1e0
[ 1638.916768][ T5814]  le_conn_complete_evt+0xf39/0x1500
[ 1638.916808][ T5814]  ? __pfx_le_conn_complete_evt+0x10/0x10
[ 1638.916835][ T5814]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[ 1638.916861][ T5814]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1638.916890][ T5814]  ? skb_pull_data+0xfb/0x200
[ 1638.916926][ T5814]  hci_le_conn_complete_evt+0x187/0x450
[ 1638.916958][ T5814]  hci_event_packet+0x78f/0x1200
[ 1638.917015][ T5814]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 1638.917043][ T5814]  ? __pfx_hci_event_packet+0x10/0x10
[ 1638.917088][ T5814]  ? hci_send_to_monitor+0xe2/0x570
[ 1638.917118][ T5814]  hci_rx_work+0x46a/0xe80
[ 1638.917162][ T5814]  ? process_scheduled_works+0x9ef/0x17b0
[ 1638.917193][ T5814]  process_scheduled_works+0xade/0x17b0
[ 1638.917256][ T5814]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1638.917305][ T5814]  worker_thread+0x8a0/0xda0
[ 1638.917366][ T5814]  kthread+0x711/0x8a0
[ 1638.917404][ T5814]  ? __pfx_worker_thread+0x10/0x10
[ 1638.917432][ T5814]  ? __pfx_kthread+0x10/0x10
[ 1638.917462][ T5814]  ? rt_spin_unlock+0x150/0x200
[ 1638.917500][ T5814]  ? rt_spin_unlock+0x161/0x200
[ 1638.917533][ T5814]  ? __pfx_kthread+0x10/0x10
[ 1638.917568][ T5814]  ret_from_fork+0x4b9/0x870
[ 1638.917598][ T5814]  ? __pfx_ret_from_fork+0x10/0x10
[ 1638.917635][ T5814]  ? __switch_to_asm+0x39/0x70
[ 1638.917669][ T5814]  ? __switch_to_asm+0x33/0x70
[ 1638.917697][ T5814]  ? __pfx_kthread+0x10/0x10
[ 1638.917733][ T5814]  ret_from_fork_asm+0x1a/0x30
[ 1638.917786][ T5814]  </TASK>
[ 1638.917892][ T5814] kobject: kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory.
[ 1638.917938][ T5814] Bluetooth: hci2: failed to register connection device
[ 1639.303517][T19342] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1639.304277][T19342] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1639.304560][T19342] bridge_slave_0: entered allmulticast mode
[ 1639.325337][T19342] bridge_slave_0: entered promiscuous mode
[ 1639.355212][T19342] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1639.355368][T19342] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1639.355644][T19342] bridge_slave_1: entered allmulticast mode
[ 1639.372403][T19342] bridge_slave_1: entered promiscuous mode
[ 1639.778047][T19342] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1639.826013][T19342] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1639.946332][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1640.211059][T10972] Bluetooth: hci1: command tx timeout
[ 1640.363948][T19342] team0: Port device team_slave_0 added
[ 1640.399861][ T5894] usb 10-1: new high-speed USB device number 7 using dummy_hcd
[ 1640.522266][T19342] team0: Port device team_slave_1 added
[ 1640.549852][ T5894] usb 10-1: Using ep0 maxpacket: 16
[ 1640.552249][ T5894] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[ 1640.552303][ T5894] usb 10-1: New USB device found, idVendor=1e7d, idProduct=2c2e, bcdDevice= 0.00
[ 1640.552331][ T5894] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1640.557882][ T5894] usb 10-1: config 0 descriptor??
[ 1640.974448][T19342] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1640.974470][T19342] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1640.974586][T19342] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1640.977117][T19342] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1640.977134][T19342] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1640.977171][T19342] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1641.845170][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1641.898618][T18916] usb 3-1: new high-speed USB device number 49 using dummy_hcd
[ 1641.917430][ T5894] lua 0003:1E7D:2C2E.001A: unknown main item tag 0x0
[ 1642.118577][ T5894] lua 0003:1E7D:2C2E.001A: hidraw0: USB HID v20.00 Device [HID 1e7d:2c2e] on usb-dummy_hcd.9-1/input0
[ 1642.149356][T15980] usb 10-1: USB disconnect, device number 7
[ 1642.179875][T18916] usb 3-1: Using ep0 maxpacket: 16
[ 1642.182257][T18916] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1642.182283][T18916] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1642.185344][T18916] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1642.185375][T18916] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1642.185398][T18916] usb 3-1: Product: syz
[ 1642.185414][T18916] usb 3-1: Manufacturer: syz
[ 1642.185430][T18916] usb 3-1: SerialNumber: syz
[ 1642.279861][T10972] Bluetooth: hci1: command tx timeout
[ 1642.460574][T19388] netlink: 52 bytes leftover after parsing attributes in process `syz.2.3955'.
[ 1642.601216][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1642.735392][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1642.801648][T19342] hsr_slave_0: entered promiscuous mode
[ 1642.803179][T19342] hsr_slave_1: entered promiscuous mode
[ 1642.804198][T19342] debugfs: 'hsr0' already exists in 'hsr'
[ 1642.804233][T19342] Cannot create hsr debugfs directory
[ 1643.507251][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1643.610927][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1643.793418][T18916] usb 3-1: 0:2 : does not exist
[ 1643.836889][T18916] usb 3-1: 5:0: failed to get current value for ch 0 (-22)
[ 1644.044410][T18916] usb 3-1: USB disconnect, device number 49
[ 1644.359854][T10972] Bluetooth: hci1: command tx timeout
[ 1644.935660][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1647.876371][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1647.890067][T18916] usb 10-1: new high-speed USB device number 8 using dummy_hcd
[ 1647.982943][T19342] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1648.044881][T18916] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1648.048011][T18916] usb 10-1: New USB device found, idVendor=04d8, idProduct=0083, bcdDevice=83.9c
[ 1648.048042][T18916] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1648.048064][T18916] usb 10-1: Product: syz
[ 1648.048081][T18916] usb 10-1: Manufacturer: syz
[ 1648.048097][T18916] usb 10-1: SerialNumber: syz
[ 1648.113948][T18916] usb 10-1: config 0 descriptor??
[ 1648.131351][T18916] ims_pcu 10-1:0.0: Missing CDC union descriptor
[ 1648.131423][T18916] ims_pcu 10-1:0.0: probe with driver ims_pcu failed with error -22
[ 1648.160058][ T9866] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[ 1648.403680][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1648.417364][T10972] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201'
[ 1648.417397][T10972] CPU: 0 UID: 0 PID: 10972 Comm: kworker/u9:2 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1648.417426][T10972] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1648.417445][T10972] Workqueue: hci3 hci_rx_work
[ 1648.417486][T10972] Call Trace:
[ 1648.417496][T10972]  <TASK>
[ 1648.417510][T10972]  dump_stack_lvl+0x189/0x250
[ 1648.417549][T10972]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1648.417582][T10972]  ? __pfx__printk+0x10/0x10
[ 1648.417618][T10972]  ? kernfs_path_from_node+0x2c/0x280
[ 1648.417645][T10972]  ? kernfs_path_from_node+0x243/0x280
[ 1648.417677][T10972]  ? kernfs_path_from_node+0x2c/0x280
[ 1648.417708][T10972]  sysfs_create_dir_ns+0x259/0x280
[ 1648.417731][T10972]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[ 1648.417772][T10972]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[ 1648.417803][T10972]  ? rt_spin_unlock+0x161/0x200
[ 1648.417845][T10972]  kobject_add_internal+0x5a5/0xb50
[ 1648.417888][T10972]  kobject_add+0x155/0x220
[ 1648.417926][T10972]  ? __pfx_kobject_add+0x10/0x10
[ 1648.417967][T10972]  ? get_device_parent+0x370/0x3a0
[ 1648.418030][T10972]  device_add+0x408/0xb50
[ 1648.418073][T10972]  hci_conn_add_sysfs+0xd5/0x1e0
[ 1648.418114][T10972]  le_conn_complete_evt+0xf39/0x1500
[ 1648.418162][T10972]  ? __pfx_le_conn_complete_evt+0x10/0x10
[ 1648.418192][T10972]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[ 1648.418223][T10972]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1648.418258][T10972]  ? skb_pull_data+0xfb/0x200
[ 1648.418301][T10972]  hci_le_conn_complete_evt+0x187/0x450
[ 1648.418339][T10972]  hci_event_packet+0x78f/0x1200
[ 1648.418383][T10972]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 1648.418412][T10972]  ? __pfx_hci_event_packet+0x10/0x10
[ 1648.418464][T10972]  ? hci_send_to_monitor+0xe2/0x570
[ 1648.418499][T10972]  hci_rx_work+0x46a/0xe80
[ 1648.418549][T10972]  ? process_scheduled_works+0x9ef/0x17b0
[ 1648.418585][T10972]  process_scheduled_works+0xade/0x17b0
[ 1648.418662][T10972]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1648.418723][T10972]  worker_thread+0x8a0/0xda0
[ 1648.418760][T10972]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1648.418805][T10972]  ? __kthread_parkme+0x7b/0x200
[ 1648.418855][T10972]  kthread+0x711/0x8a0
[ 1648.418900][T10972]  ? __pfx_worker_thread+0x10/0x10
[ 1648.418931][T10972]  ? __pfx_kthread+0x10/0x10
[ 1648.418966][T10972]  ? rt_spin_unlock+0x150/0x200
[ 1648.419010][T10972]  ? rt_spin_unlock+0x161/0x200
[ 1648.419045][T10972]  ? __pfx_kthread+0x10/0x10
[ 1648.419085][T10972]  ret_from_fork+0x4b9/0x870
[ 1648.419119][T10972]  ? __pfx_ret_from_fork+0x10/0x10
[ 1648.419160][T10972]  ? __switch_to_asm+0x39/0x70
[ 1648.419196][T10972]  ? __switch_to_asm+0x33/0x70
[ 1648.419229][T10972]  ? __pfx_kthread+0x10/0x10
[ 1648.419270][T10972]  ret_from_fork_asm+0x1a/0x30
[ 1648.419328][T10972]  </TASK>
[ 1648.419364][T10972] kobject: kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory.
[ 1648.419412][T10972] Bluetooth: hci3: failed to register connection device
[ 1648.423896][ T9866] usb 7-1: Using ep0 maxpacket: 16
[ 1648.450144][ T9866] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[ 1648.450207][ T9866] usb 7-1: New USB device found, idVendor=1e7d, idProduct=2c2e, bcdDevice= 0.00
[ 1648.450236][ T9866] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1648.463126][ T9866] usb 7-1: config 0 descriptor??
[ 1648.669433][ T5950] usb 10-1: USB disconnect, device number 8
[ 1650.013751][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1650.023646][ T9866] lua 0003:1E7D:2C2E.001B: unknown main item tag 0x0
[ 1650.028637][ T9866] lua 0003:1E7D:2C2E.001B: hidraw0: USB HID v20.00 Device [HID 1e7d:2c2e] on usb-dummy_hcd.6-1/input0
[ 1650.657630][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1650.748646][ T5950] usb 7-1: USB disconnect, device number 5
[ 1650.809892][T18916] usb 10-1: new high-speed USB device number 9 using dummy_hcd
[ 1650.815021][T19342] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1650.959966][T18916] usb 10-1: Using ep0 maxpacket: 16
[ 1650.963468][T18916] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[ 1650.963522][T18916] usb 10-1: New USB device found, idVendor=1e7d, idProduct=2c2e, bcdDevice= 0.00
[ 1650.963549][T18916] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1650.969486][T18916] usb 10-1: config 0 descriptor??
[ 1651.404512][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1651.573452][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1652.821319][T19342] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1652.853431][T18916] lua 0003:1E7D:2C2E.001C: unknown main item tag 0x0
[ 1652.881220][T18916] lua 0003:1E7D:2C2E.001C: hidraw0: USB HID v20.00 Device [HID 1e7d:2c2e] on usb-dummy_hcd.9-1/input0
[ 1654.207703][    C1] ------------[ cut here ]------------
[ 1654.207722][    C1] refcount_t: addition on 0; use-after-free.
[ 1654.208402][    C1] WARNING: CPU: 1 PID: 29 at lib/refcount.c:25 refcount_warn_saturate+0xfa/0x1d0
[ 1654.208458][    C1] Modules linked in:
[ 1654.208481][    C1] CPU: 1 UID: 0 PID: 29 Comm: ktimers/1 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1654.208509][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1654.208524][    C1] RIP: 0010:refcount_warn_saturate+0xfa/0x1d0
[ 1654.208556][    C1] Code: 00 00 e8 a9 81 3e fd 5b 41 5e e9 01 64 49 06 cc e8 9b 81 3e fd c6 05 ed d5 61 0a 01 90 48 c7 c7 60 9c 3e 8b e8 07 ca 02 fd 90 <0f> 0b 90 90 eb d7 e8 7b 81 3e fd c6 05 ce d5 61 0a 01 90 48 c7 c7
[ 1654.208578][    C1] RSP: 0018:ffffc90000a3f830 EFLAGS: 00010246
[ 1654.208599][    C1] RAX: 11dea9052c9ffc00 RBX: 0000000000000002 RCX: ffff88801c2f1e00
[ 1654.208617][    C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000100
[ 1654.208633][    C1] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000100
[ 1654.208647][    C1] R10: dffffc0000000000 R11: ffffed101712487b R12: 1ffff92000147f18
[ 1654.208665][    C1] R13: ffff888032e94258 R14: ffff888032e93e80 R15: dffffc0000000000
[ 1654.208684][    C1] FS:  0000000000000000(0000) GS:ffff888126ccb000(0000) knlGS:0000000000000000
[ 1654.208705][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1654.208722][    C1] CR2: 00007f5e233756c0 CR3: 0000000027656000 CR4: 00000000003526f0
[ 1654.208743][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1654.208758][    C1] DR3: 000000000000000e DR6: 00000000ffff0ff0 DR7: 0000000000000400
[ 1654.208774][    C1] Call Trace:
[ 1654.208784][    C1]  <TASK>
[ 1654.208797][    C1]  mptcp_schedule_work+0x164/0x1a0
[ 1654.208838][    C1]  mptcp_tout_timer+0x21/0xa0
[ 1654.208867][    C1]  call_timer_fn+0x17e/0x5f0
[ 1654.208900][    C1]  ? __pfx_mptcp_tout_timer+0x10/0x10
[ 1654.208924][    C1]  ? call_timer_fn+0xbe/0x5f0
[ 1654.208956][    C1]  ? __pfx_call_timer_fn+0x10/0x10
[ 1654.209000][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1654.209027][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1654.209052][    C1]  ? __pfx_mptcp_tout_timer+0x10/0x10
[ 1654.209080][    C1]  __run_timer_base+0x648/0x970
[ 1654.209143][    C1]  ? __pfx___run_timer_base+0x10/0x10
[ 1654.209195][    C1]  run_timer_softirq+0xb7/0x180
[ 1654.209227][    C1]  handle_softirqs+0x22f/0x710
[ 1654.209269][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[ 1654.209312][    C1]  run_ktimerd+0xcf/0x190
[ 1654.209345][    C1]  ? __pfx_run_ktimerd+0x10/0x10
[ 1654.209375][    C1]  ? schedule+0x91/0x360
[ 1654.209409][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[ 1654.209439][    C1]  smpboot_thread_fn+0x53f/0xa60
[ 1654.209471][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[ 1654.209513][    C1]  kthread+0x711/0x8a0
[ 1654.209552][    C1]  ? __pfx_smpboot_thread_fn+0x10/0x10
[ 1654.209583][    C1]  ? __pfx_kthread+0x10/0x10
[ 1654.209615][    C1]  ? rt_spin_unlock+0x150/0x200
[ 1654.209657][    C1]  ? rt_spin_unlock+0x161/0x200
[ 1654.209731][    C1]  ? __pfx_kthread+0x10/0x10
[ 1654.209769][    C1]  ret_from_fork+0x4b9/0x870
[ 1654.209801][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[ 1654.209837][    C1]  ? __switch_to_asm+0x39/0x70
[ 1654.209868][    C1]  ? __switch_to_asm+0x33/0x70
[ 1654.209898][    C1]  ? __pfx_kthread+0x10/0x10
[ 1654.209936][    C1]  ret_from_fork_asm+0x1a/0x30
[ 1654.209987][    C1]  </TASK>
[ 1654.210011][    C1] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 1654.210030][    C1] CPU: 1 UID: 0 PID: 29 Comm: ktimers/1 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1654.210059][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1654.210074][    C1] Call Trace:
[ 1654.210085][    C1]  <TASK>
[ 1654.210095][    C1]  dump_stack_lvl+0x99/0x250
[ 1654.210132][    C1]  ? __asan_memcpy+0x40/0x70
[ 1654.210159][    C1]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1654.210189][    C1]  ? __pfx__printk+0x10/0x10
[ 1654.210234][    C1]  vpanic+0x237/0x6d0
[ 1654.210258][    C1]  ? __pfx_vpanic+0x10/0x10
[ 1654.210294][    C1]  panic+0xb9/0xc0
[ 1654.210317][    C1]  ? __pfx_panic+0x10/0x10
[ 1654.210360][    C1]  __warn+0x31b/0x4b0
[ 1654.210382][    C1]  ? refcount_warn_saturate+0xfa/0x1d0
[ 1654.210417][    C1]  ? refcount_warn_saturate+0xfa/0x1d0
[ 1654.210448][    C1]  report_bug+0x2be/0x4f0
[ 1654.210472][    C1]  ? refcount_warn_saturate+0xfa/0x1d0
[ 1654.210504][    C1]  ? refcount_warn_saturate+0xfa/0x1d0
[ 1654.210534][    C1]  ? refcount_warn_saturate+0xfc/0x1d0
[ 1654.210565][    C1]  handle_bug+0x84/0x160
[ 1654.210596][    C1]  exc_invalid_op+0x1a/0x50
[ 1654.210627][    C1]  asm_exc_invalid_op+0x1a/0x20
[ 1654.210649][    C1] RIP: 0010:refcount_warn_saturate+0xfa/0x1d0
[ 1654.210681][    C1] Code: 00 00 e8 a9 81 3e fd 5b 41 5e e9 01 64 49 06 cc e8 9b 81 3e fd c6 05 ed d5 61 0a 01 90 48 c7 c7 60 9c 3e 8b e8 07 ca 02 fd 90 <0f> 0b 90 90 eb d7 e8 7b 81 3e fd c6 05 ce d5 61 0a 01 90 48 c7 c7
[ 1654.210703][    C1] RSP: 0018:ffffc90000a3f830 EFLAGS: 00010246
[ 1654.210725][    C1] RAX: 11dea9052c9ffc00 RBX: 0000000000000002 RCX: ffff88801c2f1e00
[ 1654.210743][    C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000100
[ 1654.210759][    C1] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000100
[ 1654.210773][    C1] R10: dffffc0000000000 R11: ffffed101712487b R12: 1ffff92000147f18
[ 1654.210793][    C1] R13: ffff888032e94258 R14: ffff888032e93e80 R15: dffffc0000000000
[ 1654.210835][    C1]  mptcp_schedule_work+0x164/0x1a0
[ 1654.210871][    C1]  mptcp_tout_timer+0x21/0xa0
[ 1654.210899][    C1]  call_timer_fn+0x17e/0x5f0
[ 1654.210931][    C1]  ? __pfx_mptcp_tout_timer+0x10/0x10
[ 1654.210955][    C1]  ? call_timer_fn+0xbe/0x5f0
[ 1654.210987][    C1]  ? __pfx_call_timer_fn+0x10/0x10
[ 1654.211031][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1654.211058][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1654.211082][    C1]  ? __pfx_mptcp_tout_timer+0x10/0x10
[ 1654.211120][    C1]  __run_timer_base+0x648/0x970
[ 1654.211169][    C1]  ? __pfx___run_timer_base+0x10/0x10
[ 1654.211225][    C1]  run_timer_softirq+0xb7/0x180
[ 1654.211257][    C1]  handle_softirqs+0x22f/0x710
[ 1654.211299][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[ 1654.211343][    C1]  run_ktimerd+0xcf/0x190
[ 1654.211376][    C1]  ? __pfx_run_ktimerd+0x10/0x10
[ 1654.211406][    C1]  ? schedule+0x91/0x360
[ 1654.211440][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[ 1654.211469][    C1]  smpboot_thread_fn+0x53f/0xa60
[ 1654.211501][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[ 1654.211543][    C1]  kthread+0x711/0x8a0
[ 1654.211582][    C1]  ? __pfx_smpboot_thread_fn+0x10/0x10
[ 1654.211611][    C1]  ? __pfx_kthread+0x10/0x10
[ 1654.211644][    C1]  ? rt_spin_unlock+0x150/0x200
[ 1654.211684][    C1]  ? rt_spin_unlock+0x161/0x200
[ 1654.211717][    C1]  ? __pfx_kthread+0x10/0x10
[ 1654.211754][    C1]  ret_from_fork+0x4b9/0x870
[ 1654.211786][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[ 1654.211824][    C1]  ? __switch_to_asm+0x39/0x70
[ 1654.211853][    C1]  ? __switch_to_asm+0x33/0x70
[ 1654.211883][    C1]  ? __pfx_kthread+0x10/0x10
[ 1654.211920][    C1]  ret_from_fork_asm+0x1a/0x30
[ 1654.211974][    C1]  </TASK>
[ 1654.212259][    C1] Kernel Offset: disabled