last executing test programs:

1m6.302491403s ago: executing program 1 (id=178):
r0 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141121)
r1 = dup(r0)
r2 = syz_io_uring_setup(0x4e1, &(0x7f0000000380)={0x0, 0x33f8, 0x10100}, &(0x7f0000000180)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r2, 0x708, 0x41e3, 0x0, 0x0, 0x0)
clock_nanosleep(0xfffffff2, 0xca9a3b, &(0x7f0000000000)={0x77359400}, 0xfffffffffffffffe)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000000)=[{0x0, 0xdd12}], 0x1}, 0x10)

1m4.495359611s ago: executing program 1 (id=188):
fsopen(&(0x7f0000000300)='befs\x00', 0x1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = syz_io_uring_setup(0x8d0, &(0x7f00000000c0)={0x0, 0xc48a, 0x800, 0x3}, &(0x7f0000000000)=<r3=>0x0, &(0x7f0000000080)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r2, 0x47ba, 0x3e80, 0x0, 0x0, 0x0)
ioctl$int_in(r0, 0x5452, &(0x7f0000000040)=0x5)
connect$unix(r1, &(0x7f0000000100)=@file={0x0, './file0\x00'}, 0x6e)

1m2.063593009s ago: executing program 1 (id=207):
munmap(&(0x7f0000001000/0x4000)=nil, 0x4000)
r0 = fsopen(&(0x7f0000000180)='proc\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x1)
fchdir(r1)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000580)='.\x00', 0x8880, 0x85)
lseek(r2, 0x101, 0x1)
getdents64(r2, &(0x7f0000003340)=""/48, 0x30)

1m1.73840551s ago: executing program 1 (id=209):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
unshare(0x20060400)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)

1m1.319858892s ago: executing program 1 (id=211):
sched_setscheduler(0x0, 0x1, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x60})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
readv(r0, &(0x7f0000000240)=[{&(0x7f0000000140)=""/201, 0xc9}], 0x6)
close(r0)
mremap(&(0x7f0000638000/0x1000)=nil, 0x6aa000, 0x2021, 0x3, &(0x7f00005c0000/0x2000)=nil)

1m0.62214122s ago: executing program 1 (id=213):
open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x126)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000002100)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000100)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x8000}}, 0x50)
creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39ddc4)
lchown(&(0x7f0000000680)='./file0\x00', 0x0, 0xee01)
close(r0)

1m0.075704485s ago: executing program 32 (id=213):
open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x126)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000002100)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000100)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x8000}}, 0x50)
creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39ddc4)
lchown(&(0x7f0000000680)='./file0\x00', 0x0, 0xee01)
close(r0)

8.443144572s ago: executing program 3 (id=547):
r0 = getpid()
r1 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @empty}, 0x1c)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x14}}}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000300)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x317, 0x1, 0x34, 0x9}, 0x9c)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RELOAD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r3, 0x1, 0x0, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r0}}]}, 0x3c}}, 0x4000084)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)

6.660448785s ago: executing program 3 (id=563):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f00000007c0)=ANY=[@ANYBLOB="12010000ed3ec908cd0cb300ea2d010203010902120001000000000904"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f00000009c0)={0x44, &(0x7f0000000800)={0x40, 0xd}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000500)={0x44, &(0x7f0000000200)={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)

5.002558749s ago: executing program 5 (id=583):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001c40)=ANY=[@ANYBLOB="bf16000000000000b7070000ff030000487000000000000050000000000000009500000000000000e83d24a394a293b3bd23212fb56fa54f0b71d0e6adfefc41d86b60717142fa9ea4318123741c0a0f168c1886bf0fccf8d56ccb659427cf8593dbe3a2a3ad358061011fbc5ba1f07318988e6e01a41cc0990d0dc840a23f72eca0b2d89fc474c2a10000000077beee1cebf45fab73962fa8f6296b32a8343881dcc7b1b85f3c3da4cd36414e90a61965c3de4b3449abe802f5ab3e89cf6c662ed4048d3b3e22278d0054ce21fa41181a9580cfca031e5388ee5c9a7ddd04201f5200001fcadf95e5a4725837074e468ee23fd2f73902ebcfcf49822775985bf31b715f588cb211624f40401691721715f46e0500000000000000a663739a190a4e825c908c0abc85d457ec5a57cb706eef32a3ed12d63c9c4c508530e173650a8a8f2a9c81bcffe437bccbe158024d8d4939e6fd9adc43f0f4b049218db92bf466e934330ed79bc9f626d68b0000600057d14854eef851bc8c30f5d0df6b94ea0b852d495085ff4eabaac9606f0497958c2c357a7124a69f6770ea6702bc53896a15fad5e55c64efd217450a975221b20d78e445e3da74a3c1e59bae44546bde4ac6de55a480f3ad5dc0f2d1818b696492285f60d914283f8d687b0bdb46261277671bba2c550bfef679bddf38ab35eaaf0268c4efa45b56a188a9195044a222ec06bb49784d5608d87c4832e4305bf8889e5db2a70f6a83d4b3cdc12546d2e9f6720dec489b6276856de6d895704ba3e8ee12c8121ffc4f5d2ae03f0227dcc4f38699d3db16f69ed45e918b07ce58bf576e253364fe0000000084f897400d4f5503a6e9ea4a480e3221f3c247ee8c55e487eaa25a7689689c9c305da4b0181f0f653fec399fcc0cc800e82bde039cc29c19b538c76e65642875bddbef61e5985751d9ebd37d2f32375357b5d2b4dc24baa6a7010038380f7029a292f1ad05000000e4e801a819aef69d081e2cacaa8ad1b4ca6df5dc37962ebc5337379e00645b6d2bec249c0612510000000000a7060d8d9b9ad109b62d1dab0eec6beabc76d765b9caf70900000399772ddfe89be4338e70d0ecfed537780a31fcaf4acaf9bd3711a4359d68ec71b0693ede07e7d18e797697901fbae4a9d9966b68eadae75ef1b8931b0818a57e5136fb8c61d73b17d8fd55c2b8d321a6cba8743114fcff01e5c10200c512000800009a021d377e477ea807cc00919ee8bfbd090034f67609cfde8877b5bb072572b421d6b1fdae83e5e250190628d02d01f978323fe36685e652ceb218a9cc9e125a4880faccaf5ac2345f20b1ee403885790500d0bc75c7e95d23904dc446e0201aafea0d3f4cc0cf285ccd000000000100005aee4199a34686905441c1fa62ed20328a10690432f59a4d3e05bd00997ea2b6f5213cb883d05b620f31869f6cce80f1ae09009ed7e3c5f3aa61bfd240cb9726bc512ba0eb1f68579c76144feb0100809f12bcf79c4d57f66703c2aee08e52de3eff160623e1af555dc7481128ed0bab22dcb6e5b6ac5e4010eaf2510fa440aabfdc80c77108c769ed2d666c555c6c38b30899a688d96a6c6dc0dd4309f6548765d3f53261b4890aa004e7f667a230b22bc6e248bf56b219d9a547b6e1c5077c9ba463329323b53910e7358b4d0c6882c590cf25e4d044a6afb10a070f285e3c94ed405aa8dc41718dd3f4bf474868538aad9a23f85a707e325c10a9f22e37c4213d0ca2910726de8e62d2e3ae7f64e40c7af3dc00bab70cf607869c5a11a03bce8aa43fa010348bc2fb420ba5e344fcdcb302548e571157d323f5fd535800284d32ffff000088ccd685f07309101a3196b705479897f4c9d97c4c7b77db7b15bfb4305d5e954a34385418e665af882a7d505323070929b228bc94b70300000066dab8c4e63debff174621a0ac7dd85b14cb7616ca23f044bd0ccd1c79292c3aa8f6e4a1c27315ef8d55781edbe368f72aeb2f48256131aaab707451c14747dfa3bb5f8725a98f6d3c797573f18810bf378e38107ece5cb7cf3b98975e9254248af60de2f04e2429d9b6eba525fd1b1b665f77710fa494e2b619c975acd535fc78696fc980573c35e9916f0000000000002c8ee5ec55faffffffffffffffcd59cc0600000053d0a1f4ea4477022c9f376b3191efeb46be3c174fb24009379bbc949fd2923715540556450f12d1645177ce3eca0d65d17deff51a024f0180000000006100499e829bda469048c70e5968375feb39e6918e591a384851ba3079ad9c376bdaf0650e212eb4185cbbb6c0dc0e699afc34ca3b9a307cd2519cd9b192d678492ea2228ff0817d68f97b18402d271036067c141b911c4e0207e2c9d37ac203f440e1a065a2d227c6ec860c0104000000000000fe7144ec680c0dac7b5906a6197c8173080c9ab3ecb72820f04a42e4a43ee3f325f93edb3a204b9c9dc8953375e37c83876f248d91f166676b54781c6855c5e067ab2c2c6d22b20a703d68d77312333deff80883cb5a25c738f4e7cbb075e10f5c36396156abb221adebb9303342bfa2b745a5e045d5db847e4810270ed1c5bbb1548ec3184ff9b8ed1687333d0e0412d452ba6b390199bd684ff458d6c8114833efde87215e5f9569d92d24579f3ef473bce24e61eb21336ad441eea93cbcb69d2156b9b6e3000000000000000000fc411d2eadcadc7c0a2c12410e4b9d634807f2a6f1c3a13508e274ecef5cfccb707a1640973973fd2d1d60138d9b7a778827fd07fbd093a0ba779dcd32556613e1fac161825da91acde7fa964c689b1f0ea96047a98260270c3a3ccb2142b074db79aa88614663ff33f9966502a2361e49aabe58eb086c5827dd9d92fa4ff0c0e8b949d585f2cbc111de478905cb37f3cbfb019c6daace508b926718506a577234468f9279a52360d1a80b88b4eb1cda949ca77b6ec43bdf5f5a400989705746b86b400947891b33d591ec5ea9ae45983273f62027998d72f83625021a72e27e0449fa154ade55071546d4000000000000000000000000000000002f907c5db9c967a1f86c57bb5062fed7c37ec16a7e62b6e370c3c5a32adee9032367814394a7a7fd12c44b81fb5ac2ad92220a72aa3355e894cbefe344a6b5eb4c25128d5427a640faae401eccf3aca4294410461e946010c50f9ee556b38eae0b252ef288397672bbbd17e5306589f93dc130b6be5b19dfb2462348355ef24762509cf29becacf8515abe299b8a7dfd585f5dbf7578bfdbfa37deeb872c3291b59349238add315cd18e6f4196b404e48955657d680511c7ba7f5e0f9d97d649583190c78015aaf4db05aa2a6cc9d00084ce958406e09fe508a0ee5feb2d34f48d87000000000000001108780004ec696f618c20771a7ae436d733f603f20c9189567b63d47fae002e616969d888a418d139a25b11c0da7aecb8c14f1a879f7b985ab634b0f5cdb2090ad2c336e9a28289247ef4f3cfcafa393927d27711ed0543a5e8ec6c1c62082549791f75fccd54582f990234496954e6e54bcbb90f2756912ab7e511a55a9e0512e5c1c10bcd76ee4799af611179a39bd0c0323cae1aaaaaa8dafb55bca104ada3252c5d9de5b9cdb6217c35ca3d28b1d8b9d2fa79376c13167a9ef1b1f4b7509debbeacc153ca8bea4a0a65ee1d1d20a9106499f0bf7f416b051e835d790ac978b90143d9125224f74b6167f7a967c7e33eb5f43570b9f3c91371968a30e528968b233d0396db424e5fd73d380318e9676d074dd5ce552a222e250f9f6d0bdd9e46e7f22d9abfd4573b57e3b52d407b464b0146ea15560a2ce034b1623fecc84842928223d17ce4ab31ef4c2a9f9caebf65341fa3da1bbae7972097e24603b9db8edc25a152bd39af179eab23ed555040c2bbb89ea22c08b97264b3616a41abfad0ab12a79574c60cf1841ea45f10e9438e55e1e0eb645200993b08833bb14517b0d0e5ba72bdacd92d57b6029129c95ab0a93857c7205e8450b27aee5e684ece77f53112873f40247a998cc896ab4d55573c7a7ef2936a29425cab46cd4fdd1452ea8429c63c74d5673f5e4d47d1b001d0d3a9e1d5c840ab37a69cb30d17ff7591f01549e552dc43b672e0feff94408171d682565dc2d84476297c6901040000cb9f7f2eb690d7a032c09f0a3d48663fe5ece30f592d71755dd6cbfac96016a2ecd4e499ce9adce6e59db0494fa25117a2bc13275c9a94a3532c1b8417e9ed5e6cd5f51f8ccc878ba73305ad19b0cf05625439cdf688d33c8fd6cf52c5c5685444b65eb918884727d3a780bdac17d447745e4accd85d3aca4d63127bb3a58095cffa08a6cecae329dd5f47552c40b560b05e962363e99300d61931ddd97444c2bae02edb26383cb96ee7d2742d24dc7e9b6dac831674ae09b7d180ebb30b9221480ad78706dadf7ca3540eb6c6c43dc7e31b2c8d188f28d6ab10d3c0c97b9f6b5feb9abeb6a801975c0bbab0b1fed7485f2fca1730906a6dc1914386118646dab2618582c4ce0a8ce7a1a3ca7d56f6ca8c7d43cad0116c70751a0db051d9adc4ab34dafbca31fecd9191d38fa011a4c1fc19df0b9aac3a0de17dc01b413c4d4eccf9eb1cd90569508fc6479111544807f11dad193a170ac290f28d3e7f702c5bced7ed90c3251897446fdbb1195136d9092168e2deedb3e0afdf0f543363fbf8759df07270981c0bd7260998963e45a2c84e8b82ddfa98dab68a23cfb2ffa4fcc4ebcd38f273e9bdb240f77eb51e259bb88dc383b19107af39ffcc708a1278b3e53c2130a9c7150593794f8f22ae9b2ff0d46c8d175bf9ff227870f1dcecd5b564d20230ac32a10982cf1bbe5ca15ed6d85b2c447f3fb0872ea6170352fd4c76c75941d1c3684a466c81a5892e9f56c0b512be586381c2390aaf93347d318aa5de4322b11088435730c69bc1cfd96d869803a3113b2a33dbf7973434ba9e4ec15c0423bb384975498ff56bf8b51237dadf6264532fdca7c44e485e4c9b695cd000"/3569], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
socket$inet6(0xa, 0x3, 0x3c)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{0x1}, 0x0, &(0x7f00000001c0)=r2}, 0x20)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

4.365454007s ago: executing program 5 (id=587):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000029c0))
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x0, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000071127f000000000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x34)
bpf$MAP_LOOKUP_ELEM(0x5, &(0x7f00000000c0)={r0, &(0x7f0000000000), &(0x7f0000000040)=""/73}, 0x70)

4.10106074s ago: executing program 5 (id=589):
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
r0 = open$dir(&(0x7f0000000000)='./file1\x00', 0x880, 0x2)
mkdirat(r0, &(0x7f0000000040)='./bus\x00', 0x80)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
rmdir(&(0x7f0000000200)='./bus\x00')

4.084900942s ago: executing program 2 (id=590):
r0 = syz_io_uring_setup(0xd2, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x34f}, &(0x7f00000002c0)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000240)=0xffffffff, 0x0, 0x4)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
connect$inet(r3, &(0x7f0000000480)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x28}}, 0x10)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x30, 0x0, 0x0, 0x4}]}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x46, 0x0, @fd_index=0x9, 0x7, 0x0, 0x0, 0xa, 0x1, {0x1}})
io_uring_enter(r0, 0x47bc, 0x0, 0x0, 0x0, 0x0)

3.982304398s ago: executing program 3 (id=591):
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141121)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x38fe, &(0x7f0000000300)={0x0, 0x2355, 0x10100}, &(0x7f0000000180)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000140)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r0})
io_uring_enter(r2, 0x3023, 0x4000, 0x40, 0x0, 0x28)
pipe(&(0x7f00000001c0)={<r5=>0xffffffffffffffff})
read$FUSE(r5, &(0x7f00000033c0)={0x2020}, 0x2020)

3.622335205s ago: executing program 2 (id=592):
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x2, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='afs_send_data\x00', 0xffffffffffffffff, 0x0, 0x3}, 0x3c)
r0 = socket$kcm(0x10, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000240)={r1, &(0x7f0000000140), &(0x7f0000000000)=""/6, 0x2}, 0x20)
r2 = socket$kcm(0x2, 0x200000000000001, 0x0)
setsockopt$sock_attach_bpf(r2, 0x1, 0x3e, &(0x7f0000000100), 0x4)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000000c0)={r1, &(0x7f0000000100), &(0x7f0000000000), 0x2}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000011008108090f9becdb4cb92e264831371900000069bd6efb2502eaf60d002700020400bf050005001201", 0x2e}], 0x1}, 0x0)

3.37790756s ago: executing program 5 (id=593):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000000)={0x0, 0x0, 0xeeee0000, 0x2000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000500)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_NMI(r3, 0xae9a)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

3.114751979s ago: executing program 4 (id=595):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='smaps\x00')
mkdir(&(0x7f0000000400)='./file0\x00', 0x99)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000001b40)=ANY=[@ANYBLOB='huge=always'])
chdir(&(0x7f0000000140)='./file0\x00')
r1 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
truncate(&(0x7f0000000000)='./bus\x00', 0x8001)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27fffff, 0x4002011, r1, 0x0)
read$FUSE(r0, &(0x7f0000000640)={0x2020}, 0x2020)

2.849273331s ago: executing program 2 (id=596):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
syz_emit_ethernet(0xcf, &(0x7f0000000000)=ANY=[@ANYBLOB="0180c200000000000000000086dd6000000000993afffe880000000000000000000000000001ff0200000000000000000000000000018900907800000000fe800000c9f30cd4afe808fda3"], 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000640)={0x0, 0xd000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

2.793568047s ago: executing program 5 (id=597):
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r0 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
ioctl$int_in(r0, 0x5452, &(0x7f0000000140)=0x3)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416ca719300"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

2.785269069s ago: executing program 0 (id=598):
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
pipe2$9p(&(0x7f0000001900)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
newfstatat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, <r3=>0x0}, 0x100)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@access_uid={'access', 0x3d, r3}}], [], 0x6b}})
open(&(0x7f00009e1000)='./file0\x00', 0x48141, 0x0)

2.734747649s ago: executing program 4 (id=599):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000004c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r3 = dup(r2)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c)
r4 = syz_io_uring_setup(0x239, &(0x7f0000000740)={0x0, 0x1c2a, 0x10100, 0x0, 0x0, 0x0, r3}, &(0x7f0000000180)=<r5=>0x0, &(0x7f00000001c0)=<r6=>0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r2, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r4, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
recvmsg$unix(r0, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x10002)
write$cgroup_subtree(r1, &(0x7f0000000180)=ANY=[@ANYBLOB], 0x6)

2.729173814s ago: executing program 3 (id=600):
r0 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r0, &(0x7f0000000340)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r0, 0x8)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendto$inet(r1, &(0x7f00000002c0)="cc", 0x1, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f0000000100)={0x3}, 0x10)
sendto$inet(r1, &(0x7f0000000300)="b3", 0x1, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000200)={0x0, 0x2}, 0x8)
close(r1)

2.446354557s ago: executing program 2 (id=601):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r0, &(0x7f0000000440), 0x10)
listen(r0, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000100)={0x28, 0x0, 0x0, @local}, 0x10)
writev(r1, &(0x7f00000003c0)=[{&(0x7f0000000640)="98", 0x1}], 0x1)
r2 = accept4$unix(r0, 0x0, 0x0, 0x0)
recvmmsg(r2, &(0x7f0000001680)=[{{0x0, 0x0, &(0x7f0000003380)=[{&(0x7f0000000140)=""/120, 0x78}, {&(0x7f0000000040)=""/40, 0x28}, {&(0x7f0000003300)=""/107, 0x6b}], 0x3}}], 0x4000000000000a1, 0x2, 0x0)
recvmsg(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000740)=""/70, 0x46}], 0x1}, 0x4c2103a0)

2.403031505s ago: executing program 3 (id=602):
move_pages(0x0, 0x20a0, &(0x7f0000000040), &(0x7f0000001180), &(0x7f0000000000), 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x76, 0x0, 0x0)
sendmsg$NFQNL_MSG_VERDICT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={0x0}}, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

2.398751647s ago: executing program 0 (id=603):
dup(0xffffffffffffffff)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text16={0x10, &(0x7f0000000080)="260f422981870d0000000fc75c01dceb67f30f09f9baf80c66b8e63a2f8866efbafc0cb83cdfefba4200ec0f20e06635004000000f22e0640f232d", 0x3b}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

1.957536704s ago: executing program 0 (id=604):
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(r0, &(0x7f0000000480)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="400000001000390400"/20, @ANYRES32=r1, @ANYBLOB="01980000000000002000128008000100677265001400028008000100", @ANYRES32=r1], 0x40}, 0x1, 0x0, 0x0, 0x4014}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route_sched(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x44, 0x24, 0x5820a61ca228659, 0x0, 0xfffffffe, {0x0, 0x0, 0x0, r4, {0x0, 0x9}, {0xffff, 0xffff}, {0x0, 0x7}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_USC={0x10, 0x3, {0x6, 0x2}}}}]}, 0x44}}, 0x800)
sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001600)=@newtfilter={0x24, 0x28, 0xd27, 0x1004001, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, {0xd, 0x9}, {}, {0x2, 0xb}}}, 0x24}, 0x1, 0x0, 0x0, 0x40850}, 0x404c0c0)

1.956418672s ago: executing program 4 (id=605):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x35, &(0x7f0000000000)=0x8000, 0x4)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000140)=ANY=[], 0x8)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000080)=ANY=[], 0x8)
syz_emit_ethernet(0x86, &(0x7f0000000000)=ANY=[@ANYBLOB="ffffffffffff0180c200000086dd6012000800503a00fe8000000000000000000000000000bbfe8000000000000000000000000000aa0802907800000000600008100000000000000000000000000000fdff00000000fc02000000000000000000000000000000a800000000000005"], 0x0)
setsockopt$inet6_int(r0, 0x29, 0x3a, &(0x7f0000000040)=0x8, 0x4)
recvmmsg(r0, &(0x7f0000000040), 0x400000000000284, 0x2, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

1.894145446s ago: executing program 2 (id=606):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000240)=[@mss={0x2, 0x8}, @sack_perm, @timestamp, @sack_perm, @window, @window={0x3, 0x0, 0xfffc}, @timestamp, @timestamp], 0x5b)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000140)='cdg\x00', 0x4)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0xc7)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x11)
recvfrom$inet(r0, 0x0, 0x0, 0x700, 0x0, 0x0)

1.786226955s ago: executing program 5 (id=607):
r0 = socket$kcm(0x10, 0x2, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000), 0x4)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), r2)
sendmsg$DEVLINK_CMD_RATE_NEW(r2, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r3, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f0000000640)=0x1800, 0x4)
sendmsg$inet(r0, &(0x7f0000000140)={0x0, 0x2, &(0x7f0000000100)=[{&(0x7f0000000180)="5c00000013006bcd9e3fe3dc4e48aa31086b8703410000004000000000000000040014000d000a00100000009ee517d34460bc08eab556a705251e6182949a3651f60a84c9f5d1938837e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f000801}, 0x0)

1.759799662s ago: executing program 2 (id=608):
syz_usb_connect(0x2, 0x24, &(0x7f0000000200)={{0x12, 0x1, 0x200, 0x46, 0xae, 0x98, 0x20, 0x46d, 0x990, 0x22be, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x1, 0x7, 0xce32f8c6b27ab905, 0x4, [{{0x9, 0x4, 0x4a, 0xe, 0x0, 0x1, 0x1, 0x55}}]}}]}}, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='\'\x00\x00\x00\a'], 0x50)
pwrite64(0xffffffffffffffff, &(0x7f0000000000)='2', 0x1, 0x4fed0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r0, &(0x7f0000000000), 0xd)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f0000000000)={<r2=>0x0, 0x7, 0x20}, &(0x7f0000000040)=0xc)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000080)={r2, @in6={{0xa, 0x4e22, 0x7, @private2={0xfc, 0x2, '\x00', 0x1}, 0x2}}, 0x8a5e, 0x40, 0x7, 0x46, 0x20, 0x9, 0x6}, 0x9c)

1.713978833s ago: executing program 4 (id=609):
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(r0, &(0x7f0000000140)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="400000001000390400"/20, @ANYRES32=r1, @ANYBLOB="01980000000000002000128008000100677265001400028008000100", @ANYRES32=r1], 0x40}, 0x1, 0x0, 0x0, 0x4014}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route_sched(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x44, 0x24, 0x5820a61ca228659, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0x0, 0x9}, {0xffff, 0xffff}, {0x0, 0x7}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_USC={0xffffffffffffffdb, 0x3, {0x6, 0x2}}}}]}, 0x44}}, 0x800)
sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000007c0)=@newtfilter={0x34, 0x28, 0xd27, 0x1004001, 0x0, {0x0, 0x0, 0x0, r4, {0xffff, 0x9}, {0x0, 0x9}, {0x2, 0xb}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x48850}, 0x48c0)

1.687049753s ago: executing program 0 (id=610):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000280)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(cipher_null)\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0x5)
r2 = syz_io_uring_setup(0x9e, &(0x7f0000000640)={0x0, 0x4000000, 0x0, 0x5, 0x210d}, &(0x7f00000006c0)=<r3=>0x0, &(0x7f0000000040)=<r4=>0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f0000000240)=[{&(0x7f0000001800)=""/224, 0xe0}], 0x1})
io_uring_enter(r2, 0x47ba, 0x0, 0x0, 0x0, 0x0)

1.554183233s ago: executing program 3 (id=611):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000090024206d041cc340000000000109022400010000a00009040000010301010009210008000122010009058103"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000240)={0x24, &(0x7f0000000480)=ANY=[@ANYBLOB="00000c000000070001"], 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000180)={0x84, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB=' '], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000001200)={0x84, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x20, 0x0, 0x4, {0x1}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, &(0x7f0000000800)={0x84, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)={0x20, 0x0, 0x4, {0xa0, 0x2}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000600)={0x2c, &(0x7f00000003c0)={0x20, 0x1, 0x4, "6ee6d2b4"}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000f00)={0x2c, &(0x7f0000000cc0)={0x20, 0x1, 0x4, "82fecdff"}, 0x0, 0x0, 0x0, 0x0})

1.538469478s ago: executing program 4 (id=612):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
recvmsg(r2, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
sendmsg$tipc(r3, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0x6e9c84f3}], 0x1}, 0x0)

226.108919ms ago: executing program 0 (id=613):
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000180)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r0, &(0x7f00000077c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000100)={0x50, 0x0, r1, {0x7, 0x1f}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000015000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000001f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba523440000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a10000000000000000000000000000000000000000000000000000000000000000000000000000000093160000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000018000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fffffff3000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f40000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480000000000b13bc1e6d970884f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001b000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff0000000000000000000000000000002000", 0x2000, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
syz_fuse_handle_req(r0, &(0x7f0000002140)="c119ed7667ec1da6ce5ad10520d9f0d916f246337b0557963a20976c5c2e3b9c50442c3aa3ad8af4490e25e8a248ad6569c868927ce88fde8f6dd47700c012579d8f5517c15a8692ebbfe31637d24da9b182159a75eb201be82b5b3482e6f7d3344eb462be4e452a789b9246974e521beb91400d62ba27d79dc7e4a2511c941b7658a426f1b03867abe8958cf54e277c8c7eba60d65881156958563b415fdfb45237d979dfffc5a2399d245c064928d88f8f2ad57fc65556fc4404b0deb7fe8b794c8f853fc356646a4bd5a3bde17b164539cde75bfbcb82189d10658affc840871f99d48a657c0a490f44959ec808a7de09590156b5f4dbe9689884f22c3388c3d735ab0a38bfa911e234a40a7700258e36df5be8b1e6e8d229a9ad553628c9e2d099d87e54328d8e75a59b5add9aa55447c933e752fc3bd90aa92645449401e7a715f3b4bcc17c799eed78a917850f05886472640ec78ba017ae6e83683db81d999696d3ad34143e5d6be46724f4086dd8480e85b070e2980ee952ef91f8467bf542428b1958ead9f7a09641d0c33c1566e77a3c923d94bee7dc9046e8b6803dc5c5a6e34ba951d2a0fe9d6d03a57391560e2328e8c581474e38e40055b45f7467b4dba95d64dac57b6fc0dc8a40f054aa801a3c022dcfadc793ecfb9968d3121157b0a8b25b99b09038c58570205b4166f3bd749d7a0f8bf89033e11c0a456bb72788cf7ccfeb980ce085711f8ea531fcc57206d8e0e0aea1f3220066c7769d71026259468604a5cc7331cc971a4cd78d8552e0e0d9955deb21282a27f0a5f8364d0f9fe91016f086c10a3662a154316891ae4fb8cc3481b2253bbd09c64629f3ffcb5e82b495e6721dce47734254ab64cc119c2a446f34d6cac813a3c0444d9a13ebbc0fa4baf1bdf78b9a9cf6620fe488bf2a1bf7e857ad6ea157542761cc6a7da8d4c2242853a1fd14629491680253603b910466927c2dd4818464d7d9c246b9cd726d123d1dda95d0325370a0f1b5751796d13501a2aa1ec0dc70a5b749f8d171cb7569d9b74354883a2216f452cc712d0829c8c5f206cc7924652473931adfd2bd3940b3adaf54967c0af599d4968da74f25d2cc309dbdbe3d6faa08f2c08205365d3c4a2c8344b1047c7d0caf6b595e5d24c89ea1b532fe3094d7a16c716110b75deb22a5a281c0f133cfcfaf5238a3c493c4f97f890bb33769ea652c67149be70e62de16b65730b3bd2f547c084ee77d456a86bf8f1f7304703d2524443c4b66ceb7d2e5d97124a6ae48158c16cefa3eb94a7ec49ae43dd02f9edd0924d73c7cec977186442518b8dc642dea31dce2b79b4ec5400210817da04caf0198e933e8c618a5f0e7123ca5786c45b10a543e7de350aa4c072c85612a99ec9534f70130eebc0ef842416091a0adba1d30730d04080928c094d49a70f0a354b918725578b27a9b65f1a43a7dc9d8b6c9a23e08ba83bb8802e69454eb316a6a0188713704b30098479f5d99497e60ffb372dbbe07642dea12bf6f3f4b6c508f1e061b0211b9be792fda7bb86f51f018085f2fd5ae316c761b35d562dcfb783b87d6da0820947f5d055f0f7cd3c50f1c61f1da1a73c7ef107f0ad957977a33cdc67f6aa82e03490f5333c1ec0a1fbd14b2aa961d2b3f6315bd06029c4c9654414bd9256de44ecf3b0485a41a9f7183d0469bd327f549201924ab80e3227f228e20e9fd3b646b3134385ed058f4bff4f714cdaa855e2c364d7bbaaf26df65bdb9dfc4f6104d219e41684493c621588ca8d01ef3211c28d613bc67e498b4b80279249bd947d029315dcabea9362e0258a5a819530459df44f7c83972299e54a29afd836fb176cdc1d86398b6c7a75cd15b1f76a0070839b5a24366603a0aee35a9f784e4a633703de42e6648a9626160a25c9033242cd97eb07ffc54a01d94c48333e832ec0eefe51a266fcb526dd2954cd1147d2a2df260affac31e4cec7ece02dce3f61078b0111b94c3bbddd41487e33820ddc8cdf7a1ebc58531f280e2c12a8514bb4e7a176208b73ec6f4cf1b660393837dea00a8474fc41039db848ad6b0375a36ba35582736cf7bdb33a051d49f966fd17a80cef2f0c458d1d5c932e4193c5018105416ff1b27eddf56d4277a49d0adbf34c998a062db4c8263f5c03696cda85a6f0db49a5c58e2809d7519e6ecaa017d90e31eef725fdb3f26d77bb15a3d924d3ccb728535dfdb7517a10b9a54a551c1ec95c6770ee0901d18f24149678f1677d1f5c447aee584c6f1dbb7a952da6b91e8af3d98fe790201b89a05b61abacfe6acd7a774e3a12436d169f54b8e2572f0ed70ca78e801bbc3b783d73c96d5424b82de2d8ba84f585c67cb4c7d8175b8a2fd75a59b24db0403064924a4a6ea5423ee818b70d1c5403da14370fbc98ab4ea6a7fe78e7d3e8da1a3f04856edd96e8b9d7e80064daed38d0ca194a638a11175a9812569a640a8d373aed41e9a1e0118ff7ecade45238544dcf5864697c4d36e444fb82bbc222a8a2bec2869c623f61aa38299d3a4e8806721d579907c31a0cf50b82dcebe08d8c5a21d97a707d5a83de1fb145227d0303334e5cc73c628e818ab6901c001ef8f02557d5ec579189b620f0e3307df5273573f707ee91985823894f9ccd80415c91d7baadd31ceedb3b26212e09a62bc22392fbbf3aa5e340dd3408c1c9e3d1d144dd5260c904812952466ba31a2dc80b8826b1354335b0d754954bc93cfce0eaf93665600f67505595ed66eb38ac98a23ae6568aac700361e784fc8ff3cf0cd19e15a3508f42fb1bca1f95a6502b5ed09df0f75859527025798b890df2f0110cc20798a7096831c9822ed5a9341fd6afc85a78736b857bbfbcae5f61fb5a3ca5577c4bfb6b1ccac7f21e95cb2c1e3fbe91f5a46522bfc49a0e11b4ccae898b5215cebacac2ac8d6685b05a9df649d39e40c66f4f1373e77a722beb0ed05167fa206fd66cae5b01741f86cc1681ce7efcee5d67cf8a89627d7d02ca8ae96e32cd5d74dffa715b7c2e0f24648932930e69667939490cadcd06b4396800152fa3dfb4810ab6c4de8f0814a9fb211517d19932befe0c0613699d481ba2d3140836d9dd074ac5dbbc27284463f190442b453d4a06e1e0053d0e097420e1406b104cc8bdc486a1fc581cf1dca50f63ce3de1403eb4a5080971aa2a2a911c3d24d0370b1c062e6b21c6a694eda76e61b877e596d34ebc507f10c3bbf969793f5b71d026d03cfcc2bdda2acdeea4b7066f07be408f6bb35ba7f3b8196e9a1d1ea30ff709d8c0fa29c40056bd53e609b5217976c422efe8052e4cbda4b12dd2a1286a4460c57bb3a138c55408fa6a0888e32299cc47efb84ad61a98385854824ec253f1279f9d1ffe6becb8c427b53c57b537e6494f6acc7902347589230aa7316523108ab38842b3b97a0840d4c3eabd229232a71302edd1f3375d0092cb3a07312400c1be8a94da53a79d2fce38fed341193f6c4dc41f396774145aa18400bf108577e714f4a4c50ce408392f954eeae696d2605bb973b147ef98fa35d576c957a01f262d81157e1c8aaafc708634366afcebbf31cd4b7190d29e0b3a2960ab5ea952eecd38becbb7cf7659a95044a1ebe4240b0d26c7a932c14c1252eb24bad57be94c5632bc42aea31f722904306d39f1d0850ac029537c4425d048ecf3fcb5428638dbcb86e17d60164fc396c706c10f0a1ccb4dff2f36b47510a749dc03e32fd7f13893db135790d29a56fe1fae6d0202831d440242be2086c6e5dc71dae14089fc080a358f159faafb397da8ad8b48b1615112c76627a0e47a7cbfd2cb0e9a9c5316e96f8c2cf4ab7c875ed1bbd5a020ff2f265a1f63b6151a2288c3e83183e68cd12dce8094d392137f061d43421eeeee504e4db172c9fabc6297a5641a9a7696f16660489fd6f7ad9421068bd1294941e51b8d2b818627e3081369583e91c6b8b68c93173dc7fae27f3bb9a4c6a3d69cf5bf28b3f8b5c8fa8a8a90bfc228acd1df93c8b3f15fb318c7524ef2e8b6bc18010b4ac5b448dd3a134531654d610cfc9b393b5b1a22e90377b74ebc64aae95987881c0602311c0fa94cd612889125da49b810acf9617263b55e504b1b9160675cfbef83170fba4134640cc2be541bdb54077dd65304eddabcef91a3445804bcdbf00f53dbd3345c190c2ec117dfa986dd04c3f02b7ba9eee47538c5fda856d432cf343596c53cf3c109ada41fc6d7b09c3f14b60c2c8a4cdf5ee0791017cd25f7ad96d0c51a5cc52e2647826662a99266a2f2072b7b1acf805d44d8064d419999df38537ffcd78a78ce3837bfe1faf7dc79f5e0d32ea5e62c06e6aa716e0e048cd5c5fa8b4212ac668ffaca2a4e8afb91aa7425a800fef89fd97587569489088b434510a38a49e8ee3e1b96a307dcd999268967405f354dc0478bac5229203eb9d6aacc2db83e233ce852ad55b799b6923653d3d5788ac56ffdfeb206acac33010161536e3573d54eea1925b6f4edc6aa193e9e362681e34564d146b49ed916ab8d6aea1a78e526c7a0dc56f5ca90d07862d17cb3f21307f2e012ffd011ec64d4cc23faa4a08c4128c0892be5d5999f681dd28bd6796f83e1e0b80ab61249e5049e81c2e692e360194129d1c9aa13d5302d3cbc6060159632c6d3c2db27c3fab53e0919a81ff5878f6328536292905883095b65581b696ee94a8a0dd7d0d11a2e269959a6f848c87eefef283e57fadf325b665ade2d6591b283c33ce9092ceb39df5bf6ff92cd6180353d8021cd3b8a7efb9be4f79b37ee19e4b9eccfec49b1f526420aed78424d5129afca3e28e1e6cb5cfdd894289abd5ee69d29413c548f65baea4c99ae73055000adb0dab38e7bc6c9c562a3214e3b279decf1dc731ceed1e4def2d70360953886da1eb7b18b745fd6d8751d038c6cde166d4101df1418689468d3add001cc44c8f2ab8105fc362cf5792d5c270441af890ba4bd563ce68b57a0f99b80ba93f7fea3765ec1fdadfc7274d4d7c46da05fbaf47e29de56ffc53f71188f94cc3ea26197eb9274aea10f793e348541feda0cb82915fbc966d317b74ef23a851f3a7886fe99c4bf917d5932dc9576313518276f690f400b8de28cc92c2b753ae283c7fa1639af82ab939e3be687621a525dbed50d33cd6366d559a75f1bd1cf25a0bc421c79debae4263beb171539835e6e5447d411383c3d7ebc8157892ab6d5013d49b0b777dc27f629e9e0924d889702dec588045563cc09cf1bea68fcfd0a2c6943248009b95cb6055b5c2f521c4120ecb4233c47d7f0454afa93063d5b26b94530b3b3089b85b64ebc684e5c38a561ba437b09582d38fd379e48e752cffc532bb8bec2999b2ce70fb9e5d7101d740008c935680537e8992b576c9f5dbcfb35513c11fa48caaedf52a6bc350aa2acbf1ec561680d8ee9837d3373e2d51183279a95d41eeb9558dee0fa43256b9a19012b3091a4bc1e94961beb05c33869915e69413122a953e0be0fb9759c9b8ac1254aabcce151638d60d197458e9757a1d1b0e7286fd66dbbe9deb51ca7274b3e0efb464ff44aafd5024cc534ce0d725bdd4e43601279231b6fda22ec25a680588794f086a9c094b751c575d0e0251afa27381c55a9c190ee3af55af0d20424db2411233fe46c537b41dc576639979469925a8c8e515539bebba248d3372ec80875afd26a04ef5d1aeb61390901eccf4df562680445ccd6a90fc70cf0ec08910b23e108ba9b35a689fecbeeacccda80a2ac86d2e7ed2990ac386ff3cc7992ea29d94bbe7d13c96cd31763cb8a5a150c6ee1781160e27df9b51678e650d009e95322a0a63a9165288be42681e3dea6262e00ffdea6f076b9bc810880cfed87a609f1096dcf6af0f053b5ed80c2053157b97396d2876f6600149cda0fcbdac08621ae99e9fd24393d30c3911da7573c3675a695f9e014a3dc2d2e45296abaff428a733cb742a01df7059828f64e515099141081ab3a263c7c38459dbc0d32fa8768b8fc3550131d286637e25466d2a129d587663d9d0eaf4079a72cf37c9fccf5f2cdda2e9db69d82a87b4cf9c20dee03d935cf6099d1d1174344d551cb569a73c21ccafa6c59b988e0681bb175edd912cd64670598b444825c8f4a280dfee91ba18f50aa0f2fb529e5f73302fa09c4b9937f19ff6175af4f1321d3dc09e692ca7e1934f31ac91fb6e6fca4b1dda3a0063c8eeb5f68d43c820f8b9e1c6903ec1a2626ca3536bc386f42e7d865102daa82db5b2d2b580825afcfb65ca9c5cca7de06d838f84a84ee4f8381c05de2a0ec53bdcc447df8e8b9921c21cdd43312e1454790d727ae9c33487239195afc93149090e3c47dd9ec03feb51551ae92e9dc21ce5ebc4e8c8b99b9dd09ecd33a949aac69299024a52680c91244fcfefb9e2def28d0cdb621d7be8442c67c61b18a1228d341014a3116e9b8f2829e291f788e368b6e36460a6a76987918caa641f06184ab0a3910a43dfa97b3e5c31c837a12a436ee8796f9f507cfc438e6b061a59342be0c0bef0b646973d58830063a28c1cd3f434173f450c2ca3a846adcedf6b5d0bfd0813948e79fb8b6bdf9a5add644ab2a1d9795faae8ab680db6a4ad933848ec6ad09b212605ce497b2dba4eea307c45c17099a3f116508c73371d6f3dad906cf8ee9a9eab88e9365fc78112dfc8a4f865e627f1f6e11357632a3a1a2e9391f56376f8e181555ffc98ab9d93874392e81aa4183e8caec57a4a29613a3c4319595553143adf28bae56b719b8be0b2acc4b03038d48de63b19ca362945637d4a385becaaddad5b3dba297ffe71ca0cc9c9c1ff843ea5f0dff511b88ec7a6001a2570d09606c36d6bede06c4c7e93c77ca3da73f9933b16650df963a39ff34a3e83bad1c14a5a9457166f13c53502e9b9600982aa99598f711ef22720204282c9b02fea3eb55d568160f0fd62633787a77fd8acaed92f2607020c26f6f9386f9021f9123204a3f20e745caf37849b25f360e174718e1d78a32dbdab5d5aeb36c9b3366167b0fee60883a9b0f8bcd9695472ff4820462fa6f75801abe45c4ce02c6de61bddb434bf020b1145f0ca58f035f46107ca63a507498d7a1ffd9f6d3071479aec5999c1e7abc0e014c5be04b92486dce4d8bd88c321f3017050c599a6ed8888f810c75f2607fd35a8795b7478d1c346ce6694a0e1e3604cbe2ec7a31415d80508dd23ffe4db304a2ca1bc65681cff1135b95fc05f0a3b8cada0f5c83e8d0f3cdcbd4bfb48a7895cc9535d81d13ccc8f9534dfc542d9837e352eddd62577ee711d26bb07f41e9948d4b917a926eb8093944ae45cc6dd13ec9b61816950d158226ab7f1b8d8a1465f3eef2e9a63b3ff097282d2541fef5102c8b651ded051d3219f6527d4b5b6fcb1bd0fffe7080abde84ea1acbd2b89b0c9577fd7273675527a12dcaec02b3262389b05c2c09792ce465f7a879de0270fc2b6f28403a1dca0c5fc28f0687351c5bb346de8cfea7532b834904bb012731ef8fe83036c95251c757683834672fa80ba8383308e3e9e536fb0e906a9727e6b2870c3a8ee056d353a3fafe8e9ffde7b0ce951b60b35fc2f7d1e476ad1c45f2559ac66dd007fc27253256f98877a4476ad273880a874023e3f75b14b32366172bf860eb6dbcb0a98b83972e23b02fd02027ca7f9eaa0ee38eef55ccbace6ea3051d79c6017c34b5b502a9b0e52c8b4bd80391af549e6f4accb1cfdf2071de59ba903dde378d9e66ed0cbbddd66ac365e64c8fdb93b97305a55cb39beb745d4a824d1de5282b1b839a72603fe033f8c7aae2cbab65fcfb54eff28eb0bd4c72e3e892f953e3251b88ce178641e79ab5484bff93a8eaaf601be15368b46690ca10e70188f581f999eac931fe48f31b8951ccff1ba5d6cc007246595bdb22a3dcbfb2c9fe0d010bbab856f4c651dc5ab7e8fb0193b1c9924facf3c05a255ef328d589a0a89bfe67c7d971bd7b708517c8540391f6a6b9724069e572be3f85ca86e46e6fdedd22695fd8b364f3d10723a34971a39e1822eac8f51661ecd13c41e6349c030434a0dff79f441cb195bb08717345cf29401c834c35d9009895b6e5c03406b202ee333d7f531898967f93aaea74265fc605fb4b5a5750305ab82203f2fb49493a5d3deb285a2777c8641b3d5df1c7cdde888786d314ccdf20b60c5e05279160fae24073027d8b8b61aa4e4760d8d7d785d2fa1e551c2ff644bb83e69fc574c754a195efbca225e7a5e5ffb1f0852cc80187661295786fa35cca2baba685f744ec9e193e212823741437dde5ca003973261a167a389f2e5ead402feecbb4045a39d3ebd76c4bfcc65f60bc841f8488d08f258a95caf36cbac22671ac59a7e3ebd22d600bc417b15daaf296b562928ca6a2d7c11c5e96d3c1f56e683f1a55c07dde2cf889be2ca901606b613a299703312e74f80092ff6128835ea200fad70e0c2d094818ba6178200a211d6b2d2b068a4a0d757361535a73ad59a309c2167c874b23b2abf4e5eaf76e7e6851d4232303b8c9073ccea7398d34732289d0530f4183d004cc4c9827668005d28799ed2b23005f70bfbdcf2f4b6a821c2ca12b7915a5bd6098753218ebc41b16475c8611f492f85b08f551fee983915a5cfc82d24abd29a281963feadfe33cfe14735168b2e0528b0493011aa234d18450d9b29322d7094f3202f6a6b49094dad52707a3a80324835bf34daf557ac5f18695069601c6011f148084355af3b531fb0e16a6ff81a8f9708e1a610d38dda66365255c7aa3a3d37bd4b58baa13d1b910280567642f97bf4836a1fcf336bf6e9a0fb347abcd1cdccfda04acdca918766a64fe7904b2e67b8872afd4366f9feb944f9b9ae5577c76c55c24b85e44b48d464333ba1a9f6e1e8ba10b57d7d8aab05e86702637485998fecc12b3fb12ff7ba3fd26223881a06350f215a8bffc46eba2cba0af2e11439ce012c667c5cafe3d0690c77b3f1ba108caffd5726393e61f194295cf4c51d0d383632cd9b75daeceb84ec450a0d344b08596530f1b95ff8b034c04b263a530c59d822e9c8c5c7328e539a18a2905c117944e22eceb60247b7aaaabdf0859a9143ffe2935454b6a87f21bc1de97893c23b48ce03782252f60e880f56b839daae71aa8a19e753506b370739ea88294ca2e0c1af31438ea33b084c43c6fa1381b7f1b9423685c53f3438e1e8893c6d157b297b336cf7f032ab4c01248ea5b2222e24f90240d8f28f6455e36cc423dbd2888d56c3fe6bdbcacf397ac13a1983797f7ccb84a1cb83339d4e9f599a154ac406a3bee3d4b3749b4f0768b0b225f31c9c91dc26a45a2e109a218ddd22af93b86b6fe336d3a051f7e07ff1d1d5eb662de4cfda0dacce0e20c37f34c75a97815591da22aacaa1e3a8028af1b5e15e470e800fd1dbdc99f21687724f07737c2c315e0836cb169f71e689fca00a2c73fe666699cd6571ea106767bd7f0bca061f0b4a21991fd02b8e695b78474ee1c9bc13bcdb9e477c02acf2343d449f9b85bd618bf7a2bc353c356b9578d3316b17f8bd3fc20f2b1a7a4cdc518e79c77d472c5cb6762693388d3124579d884a49a69d7f07c332be891c3244525c2e6b9387c041b93706a0121365cdf69aa839346e5e180945d8af7da0a8f65cd1bad1377d13ff6d02e7ea54d4377a1d3d49d3d357e61890034409b19f44fc02f5574f40fe535bd423bbd96a0a542ccade1b478b78265b25c1322fbbb8ec99cb45b22d737ee248169fe08f8a2958b925ace6372bcf1d1be57e9b4de97bd0db62425c53d869794d4390312b67db5e61d1b42c5afa549065005f359c47734f54b7f30918be1e2d0ff21596258caa287159fbe6dc0090242c43815367bb45067a55e0658d58eefd081b1541cf393561a5a369fe90c6d5d8caba63198c84fa0467fae813ecd3fb740a3783a53dfad07c9493fb3936b802e1bd9fb558bae88c44d9a4795aa634c13a5fba50923636ac6e2952da6c8424cc616eb364c11f876663d105fed392c15dbb00f9caf50af20c44e4fea91480cb4bfecaf126451e6f19146bb2ff26d310416c62410c37b000a1d1f0480419e5f5f320827fce26fbb25c9ab882ad4bdf6a674aaee87b85309a9783bbd34606ed46f6f761c5e124825b0e5df507c505814c769323bfa36170015e1720e2cbf30f79cc8515df1fb7d58695ecf8825e924e098d0dfcd5e396093d996a2fd4a9c5de03254b12dfcd2342f49acbecf18dc3417382e5b507652b1d089eed0805479546eba0fc7d17ecf11d692b4ce817f270720cf20737d3f02e302cf5e18d649bf3405fd262dba305e916280a38e3511307033dd70d2cde39d528e676f6a051ebc73b6ff0d5f63b58970e38e39ea366977a0809e22eed665620f65bbdd2f94ad82f3faaba1bfac309f60f843fe89573787092c8f7a7b44018ba7daba13e6b093b496f79adc0732574cac1cc33e5234d7770ad6cb534dab9856e390e172a91532ae77f4ec98054f4c12b02d0438ddf8d8d173e6a59f66564accb785693897b335199d9d8338e242703ad120f465a19153a1a330dcc275a399af921e0dac2b6d79ea51ec72fe932be071352c12933367487d7385de66d62b2bf5cae6c4d54f099d7c4ee10919dcb33a2b31498d979504b619a6eaf64ed400e491859f9c78c1d9d434d6ac69d570796088d76a47b4999816eb3b15e8de155f1392b75c1517c91df38ef0793610451ad31a0906eecf14c80b679202a6df9f00c7d28d1449988410c652740dde2ace85080e2a4f16024cde15ec4023b1fc4537d6947f1e001d37c90acae2995aab5476a99d3a20af07ae2e564e27e31b30d7bc3b8aa016e3b5c38feb9fc947ace24e83e7ba4f69f72e92f8f26bda8dd09ca791fe9cb1d0e14278c89a20ee2896924e88ba9cb3b916aff3b7a5924a91b4495d0305fb4adb3e036a31e2f200f272d4fa7285f96ab7e7b934464227e108511ded2ae4337aee944e4067c7b741d2f55483243d641b8bcca425bb69f591065a3b45c6f9513b472aff95c1b3e71133b3479cd5fc51e9eefe5bf0f7c2f9256f8d49a2ceb2d11ca0f0eab1e42464cb7d6aaa0c023147c1f108c3d6d1fa379638979170cb6d94fa92e5cf5f69316fd64c027eb10ddfd9b91fc91829f347cd73433e5197fd97fb10e99d2ed8868d49e24d59efa6758667f6ffc18e5258f98afeb01a3d794813fc2b9190090ccceaca0526f06a948d45bc7e2e40cdec3cf78c10676a8bb8a3e5e7200b3726b3407bf666862f9038d8216f9505cf7aa9a04f934d6da311d6500452676dccfd60977c4c99d56dcb7bb45fb2081e19803841a8edd8cc55b08082d9798a5c3a80de66f4ba2ccd90566d393d94608f17724719393b9df7725baacdf0e4e984b454576ad4f793143f4c8dc5f1ca822fbcdc90e9636727ee0638fb26759e6ff79b19c97ad224e5a85e1075833fe7fd2f3424420a5197eaa9d440c52807fc3e96c647dd745e49189f427454aae6aede782a8ac40582d85acc9ae68f95af556945889ae1fe381e69ed18aecb08866f5558ae36b6ff61c86fdb2b6f3eca083dc41c0", 0x2000, &(0x7f0000000b00)={&(0x7f0000000280)={0x50, 0xffffffffffffffda, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
fsync(r2)

850.597µs ago: executing program 0 (id=614):
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
munlockall()
setsockopt$MRT_ADD_MFC(0xffffffffffffffff, 0x0, 0xcc, 0x0, 0x0)
syz_open_dev$sndmidi(0x0, 0x2, 0x141101)
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000140))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1})
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x19)
ioctl$UFFDIO_COPY(r0, 0xc028aa05, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000000/0x3000)=nil, 0x3000})

0s ago: executing program 4 (id=615):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000032680)=""/102400, 0x19000)
ioctl$VIDIOC_SUBSCRIBE_EVENT(0xffffffffffffffff, 0x4020565a, &(0x7f0000000340)={0x4, 0xfe})
ioctl$VIDIOC_TRY_FMT(0xffffffffffffffff, 0xc0d05640, 0x0)
clock_settime(0x0, &(0x7f0000000040)={0x77359400})

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.0.192' (ED25519) to the list of known hosts.
[   86.066549][ T5807] cgroup: Unknown subsys name 'net'
[   86.179842][ T5807] cgroup: Unknown subsys name 'cpuset'
[   86.188981][ T5807] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   87.948611][ T5807] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   91.767526][  T978] cfg80211: failed to load regulatory.db
[   92.183770][   T51] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   92.194402][ T5830] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   92.205025][ T5830] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   92.228749][ T5835] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   92.237181][ T5835] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   92.244497][ T5835] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   92.252987][ T5835] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   92.261305][ T5835] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   92.270439][ T5835] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   92.278570][ T5835] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   92.287159][ T5835] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   92.293521][ T5834] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   92.317039][ T5834] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   92.326228][ T5835] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   92.331072][ T5834] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   92.346935][ T5838] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   92.349313][ T5839] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   92.355913][ T5834] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   92.364563][ T5839] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   92.375983][ T5834] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   92.376004][ T5839] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   92.391329][ T5831] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   92.401998][ T5839] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   92.407272][ T5834] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   92.410854][ T5839] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   93.099258][ T5822] chnl_net:caif_netlink_parms(): no params data found
[   93.249058][ T5825] chnl_net:caif_netlink_parms(): no params data found
[   93.280305][ T5826] chnl_net:caif_netlink_parms(): no params data found
[   93.342694][ T5828] chnl_net:caif_netlink_parms(): no params data found
[   93.377432][ T5822] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.384755][ T5822] bridge0: port 1(bridge_slave_0) entered disabled state
[   93.392560][ T5822] bridge_slave_0: entered allmulticast mode
[   93.401406][ T5822] bridge_slave_0: entered promiscuous mode
[   93.424240][ T5833] chnl_net:caif_netlink_parms(): no params data found
[   93.442882][ T5822] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.450095][ T5822] bridge0: port 2(bridge_slave_1) entered disabled state
[   93.457320][ T5822] bridge_slave_1: entered allmulticast mode
[   93.464516][ T5822] bridge_slave_1: entered promiscuous mode
[   93.617040][ T5825] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.624300][ T5825] bridge0: port 1(bridge_slave_0) entered disabled state
[   93.632051][ T5825] bridge_slave_0: entered allmulticast mode
[   93.639400][ T5825] bridge_slave_0: entered promiscuous mode
[   93.652285][ T5822] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   93.680374][ T5825] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.687638][ T5825] bridge0: port 2(bridge_slave_1) entered disabled state
[   93.694891][ T5825] bridge_slave_1: entered allmulticast mode
[   93.703247][ T5825] bridge_slave_1: entered promiscuous mode
[   93.712294][ T5822] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   93.847646][ T5826] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.854908][ T5826] bridge0: port 1(bridge_slave_0) entered disabled state
[   93.863474][ T5826] bridge_slave_0: entered allmulticast mode
[   93.870755][ T5826] bridge_slave_0: entered promiscuous mode
[   93.893069][ T5825] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   93.905936][ T5822] team0: Port device team_slave_0 added
[   93.912127][ T5828] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.919512][ T5828] bridge0: port 1(bridge_slave_0) entered disabled state
[   93.927028][ T5828] bridge_slave_0: entered allmulticast mode
[   93.934397][ T5828] bridge_slave_0: entered promiscuous mode
[   93.942899][ T5826] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.951146][ T5826] bridge0: port 2(bridge_slave_1) entered disabled state
[   93.958557][ T5826] bridge_slave_1: entered allmulticast mode
[   93.965981][ T5826] bridge_slave_1: entered promiscuous mode
[   93.987547][ T5825] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   94.013032][ T5822] team0: Port device team_slave_1 added
[   94.040626][ T5828] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.047893][ T5828] bridge0: port 2(bridge_slave_1) entered disabled state
[   94.055054][ T5828] bridge_slave_1: entered allmulticast mode
[   94.063780][ T5828] bridge_slave_1: entered promiscuous mode
[   94.083522][ T5833] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.090856][ T5833] bridge0: port 1(bridge_slave_0) entered disabled state
[   94.098132][ T5833] bridge_slave_0: entered allmulticast mode
[   94.105332][ T5833] bridge_slave_0: entered promiscuous mode
[   94.131152][ T5825] team0: Port device team_slave_0 added
[   94.179799][ T5833] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.187111][ T5833] bridge0: port 2(bridge_slave_1) entered disabled state
[   94.194487][ T5833] bridge_slave_1: entered allmulticast mode
[   94.201994][ T5833] bridge_slave_1: entered promiscuous mode
[   94.211482][ T5825] team0: Port device team_slave_1 added
[   94.232757][ T5822] batman_adv: batadv0: Adding interface: batadv_slave_0
[   94.239903][ T5822] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   94.265990][ T5822] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   94.293812][ T5826] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   94.307132][ T5826] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   94.355676][ T5822] batman_adv: batadv0: Adding interface: batadv_slave_1
[   94.362908][ T5822] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   94.389499][ T5822] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   94.400943][ T5830] Bluetooth: hci1: command tx timeout
[   94.405905][   T51] Bluetooth: hci2: command tx timeout
[   94.414427][ T5828] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   94.440727][ T5833] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   94.453661][ T5833] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   94.463613][ T5825] batman_adv: batadv0: Adding interface: batadv_slave_0
[   94.471073][ T5825] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   94.497121][   T51] Bluetooth: hci3: command tx timeout
[   94.502682][ T5825] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   94.507076][   T51] Bluetooth: hci4: command tx timeout
[   94.513427][ T5830] Bluetooth: hci0: command tx timeout
[   94.527863][ T5825] batman_adv: batadv0: Adding interface: batadv_slave_1
[   94.534820][ T5825] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   94.561048][ T5825] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   94.591314][ T5828] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   94.673732][ T5826] team0: Port device team_slave_0 added
[   94.685721][ T5833] team0: Port device team_slave_0 added
[   94.699744][ T5822] hsr_slave_0: entered promiscuous mode
[   94.706298][ T5822] hsr_slave_1: entered promiscuous mode
[   94.730919][ T5828] team0: Port device team_slave_0 added
[   94.739628][ T5826] team0: Port device team_slave_1 added
[   94.747489][ T5833] team0: Port device team_slave_1 added
[   94.782394][ T5828] team0: Port device team_slave_1 added
[   94.888316][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_0
[   94.895299][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   94.922095][ T5833] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   94.940240][ T5825] hsr_slave_0: entered promiscuous mode
[   94.947227][ T5825] hsr_slave_1: entered promiscuous mode
[   94.953494][ T5825] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   94.962048][ T5825] Cannot create hsr debugfs directory
[   94.984915][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_0
[   94.991951][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   95.017930][ T5828] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   95.030627][ T5826] batman_adv: batadv0: Adding interface: batadv_slave_0
[   95.037830][ T5826] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   95.064473][ T5826] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   95.084287][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_1
[   95.091301][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   95.117610][ T5833] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   95.142524][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_1
[   95.149611][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   95.175932][ T5828] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   95.198764][ T5826] batman_adv: batadv0: Adding interface: batadv_slave_1
[   95.205721][ T5826] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   95.232124][ T5826] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   95.420184][ T5828] hsr_slave_0: entered promiscuous mode
[   95.427107][ T5828] hsr_slave_1: entered promiscuous mode
[   95.433248][ T5828] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   95.442463][ T5828] Cannot create hsr debugfs directory
[   95.494039][ T5833] hsr_slave_0: entered promiscuous mode
[   95.500972][ T5833] hsr_slave_1: entered promiscuous mode
[   95.507713][ T5833] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   95.515284][ T5833] Cannot create hsr debugfs directory
[   95.541522][ T5826] hsr_slave_0: entered promiscuous mode
[   95.548235][ T5826] hsr_slave_1: entered promiscuous mode
[   95.554476][ T5826] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   95.562269][ T5826] Cannot create hsr debugfs directory
[   95.952345][ T5822] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   95.971391][ T5822] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   96.006796][ T5822] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   96.026578][ T5822] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   96.109912][ T5825] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   96.123245][ T5825] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   96.144872][ T5825] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   96.169793][ T5825] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   96.226457][ T5833] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   96.248433][ T5833] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   96.264810][ T5833] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   96.277728][ T5833] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   96.384384][ T5828] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   96.398751][ T5828] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   96.411642][ T5828] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   96.422897][ T5828] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   96.476263][   T51] Bluetooth: hci2: command tx timeout
[   96.476269][ T5830] Bluetooth: hci1: command tx timeout
[   96.556352][   T51] Bluetooth: hci0: command tx timeout
[   96.556398][ T5830] Bluetooth: hci4: command tx timeout
[   96.561882][   T51] Bluetooth: hci3: command tx timeout
[   96.599219][ T5826] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   96.612107][ T5826] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   96.624238][ T5826] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   96.648108][ T5822] 8021q: adding VLAN 0 to HW filter on device bond0
[   96.662437][ T5826] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   96.704712][ T5825] 8021q: adding VLAN 0 to HW filter on device bond0
[   96.773340][ T5825] 8021q: adding VLAN 0 to HW filter on device team0
[   96.791564][ T5822] 8021q: adding VLAN 0 to HW filter on device team0
[   96.812396][ T5833] 8021q: adding VLAN 0 to HW filter on device bond0
[   96.822359][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[   96.829811][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[   96.842704][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[   96.849876][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[   96.883258][ T5828] 8021q: adding VLAN 0 to HW filter on device bond0
[   96.894833][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   96.901993][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   96.913286][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   96.920450][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   96.963840][ T5833] 8021q: adding VLAN 0 to HW filter on device team0
[   97.023053][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   97.030217][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   97.063007][ T5828] 8021q: adding VLAN 0 to HW filter on device team0
[   97.090208][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[   97.097475][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[   97.135319][ T5825] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   97.184271][  T152] bridge0: port 1(bridge_slave_0) entered blocking state
[   97.191505][  T152] bridge0: port 1(bridge_slave_0) entered forwarding state
[   97.232052][   T49] bridge0: port 2(bridge_slave_1) entered blocking state
[   97.239260][   T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[   97.353258][ T5826] 8021q: adding VLAN 0 to HW filter on device bond0
[   97.448395][ T5826] 8021q: adding VLAN 0 to HW filter on device team0
[   97.493202][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[   97.500427][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[   97.569433][ T3510] bridge0: port 2(bridge_slave_1) entered blocking state
[   97.576666][ T3510] bridge0: port 2(bridge_slave_1) entered forwarding state
[   97.679759][ T5822] 8021q: adding VLAN 0 to HW filter on device batadv0
[   97.831976][ T5825] 8021q: adding VLAN 0 to HW filter on device batadv0
[   97.862921][ T5822] veth0_vlan: entered promiscuous mode
[   97.942511][ T5833] 8021q: adding VLAN 0 to HW filter on device batadv0
[   97.954843][ T5822] veth1_vlan: entered promiscuous mode
[   98.047226][ T5828] 8021q: adding VLAN 0 to HW filter on device batadv0
[   98.140449][ T5822] veth0_macvtap: entered promiscuous mode
[   98.173396][ T5825] veth0_vlan: entered promiscuous mode
[   98.190727][ T5822] veth1_macvtap: entered promiscuous mode
[   98.223551][ T5825] veth1_vlan: entered promiscuous mode
[   98.249608][ T5833] veth0_vlan: entered promiscuous mode
[   98.276953][ T5822] batman_adv: batadv0: Interface activated: batadv_slave_0
[   98.305287][ T5822] batman_adv: batadv0: Interface activated: batadv_slave_1
[   98.329925][ T5833] veth1_vlan: entered promiscuous mode
[   98.347729][ T5822] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   98.359035][ T5822] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   98.367953][ T5822] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   98.376821][ T5822] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   98.408854][ T5825] veth0_macvtap: entered promiscuous mode
[   98.422924][ T5825] veth1_macvtap: entered promiscuous mode
[   98.430839][ T5828] veth0_vlan: entered promiscuous mode
[   98.455705][ T5828] veth1_vlan: entered promiscuous mode
[   98.473268][ T5826] 8021q: adding VLAN 0 to HW filter on device batadv0
[   98.519261][ T5833] veth0_macvtap: entered promiscuous mode
[   98.556349][   T51] Bluetooth: hci1: command tx timeout
[   98.563753][ T5833] veth1_macvtap: entered promiscuous mode
[   98.568153][   T51] Bluetooth: hci2: command tx timeout
[   98.615359][ T5825] batman_adv: batadv0: Interface activated: batadv_slave_0
[   98.635931][ T5839] Bluetooth: hci0: command tx timeout
[   98.641460][   T51] Bluetooth: hci4: command tx timeout
[   98.644314][ T5825] batman_adv: batadv0: Interface activated: batadv_slave_1
[   98.648412][ T5839] Bluetooth: hci3: command tx timeout
[   98.678725][ T5828] veth0_macvtap: entered promiscuous mode
[   98.693365][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_0
[   98.712444][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_1
[   98.735153][ T5828] veth1_macvtap: entered promiscuous mode
[   98.750040][ T5825] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   98.759896][ T5825] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   98.769225][ T5825] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   98.778584][ T5825] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   98.799846][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   98.808805][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   98.824239][ T5833] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   98.833883][ T5833] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   98.843762][ T5833] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   98.853232][ T5833] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   98.948232][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_0
[   99.000562][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_1
[   99.024141][   T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   99.041146][   T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   99.099121][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   99.136618][ T5828] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   99.145377][ T5828] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   99.163103][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   99.187209][ T5828] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   99.197105][ T5828] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   99.265487][ T5822] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   99.351378][   T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   99.364748][   T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   99.390819][ T3510] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   99.421759][ T3510] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   99.537189][ T3510] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   99.564691][ T3510] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   99.590073][ T5826] veth0_vlan: entered promiscuous mode
[   99.749229][ T5917] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   99.782131][ T3510] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   99.804479][ T5826] veth1_vlan: entered promiscuous mode
[   99.830187][ T3510] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   99.950955][  T152] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   99.981831][  T152] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  100.000284][ T5826] veth0_macvtap: entered promiscuous mode
[  100.128608][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[  100.138217][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  100.170210][ T5826] veth1_macvtap: entered promiscuous mode
[  100.194045][ T5826] batman_adv: batadv0: Interface activated: batadv_slave_0
[  100.214602][ T5826] batman_adv: batadv0: Interface activated: batadv_slave_1
[  100.330010][ T5826] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  100.343341][ T5826] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  100.352771][ T5826] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  100.361705][ T5826] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  100.370113][ T5921] tipc: Failed to remove unknown binding: 66,1,1/0:2171262690/2171262692
[  100.647378][   T51] Bluetooth: hci2: command tx timeout
[  100.650403][ T5839] Bluetooth: hci1: command tx timeout
[  100.711557][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  100.718586][ T5839] Bluetooth: hci3: command tx timeout
[  100.721902][   T51] Bluetooth: hci4: command tx timeout
[  100.762202][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  100.883354][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  100.914513][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  101.233034][ T5939] syzkaller1: entered promiscuous mode
[  101.244400][ T5939] syzkaller1: entered allmulticast mode
[  101.945522][   T30] audit: type=1326 audit(1748844018.004:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5952 comm="syz.2.16" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf4718e969 code=0x7fc00000
[  102.043707][ T5961] evm: overlay not supported
[  102.542677][   T30] audit: type=1326 audit(1748844018.634:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5952 comm="syz.2.16" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7fcf4718e969 code=0x7fc00000
[  103.307261][ T5984] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  103.877154][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  103.910440][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  103.976149][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  103.985082][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  104.126144][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  104.746527][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  104.755162][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  104.799709][ T6031] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  104.936185][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  106.838100][  T978] usb 3-1: new full-speed USB device number 2 using dummy_hcd
[  107.073038][  T978] usb 3-1: config 1 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  107.145613][  T978] usb 3-1: config 1 interface 0 has no altsetting 0
[  107.413301][  T978] usb 3-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 0.40
[  107.416753][ T6060] kvm: vcpu 2: requested 128 ns lapic timer period limited to 200000 ns
[  107.435025][ T6060] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  107.479443][  T978] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  107.562023][  T978] usb 3-1: Product: syz
[  107.585866][  T978] usb 3-1: Manufacturer: syz
[  107.611628][  T978] usb 3-1: SerialNumber: syz
[  107.986109][  T978] input: PXRC Flight Controller Adapter as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/input/input5
[  108.222415][  T978] usb 3-1: USB disconnect, device number 2
[  108.887645][   T30] audit: type=1800 audit(1748844024.964:4): pid=6080 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.0.51" name="file1" dev="tmpfs" ino=64 res=0 errno=0
[  109.665877][ T5897] usb 4-1: new low-speed USB device number 2 using dummy_hcd
[  110.280734][ T5897] usb 4-1: config 7 interface 0 has no altsetting 0
[  110.305093][ T5897] usb 4-1: string descriptor 0 read error: -22
[  110.476429][ T5897] usb 4-1: New USB device found, idVendor=0ace, idProduct=13a1, bcdDevice= 4.44
[  110.484156][ T6094] netlink: 24 bytes leftover after parsing attributes in process `syz.1.55'.
[  110.505162][ T5897] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  110.552662][ T5897] usb 4-1: dvb_usb_v2: found a 'ZyDAS ZD1301 reference design' in warm state
[  110.576076][ T6094] sch_tbf: burst 511 is lower than device bridge_slave_0 mtu (1514) !
[  110.641174][ T5897] usb 4-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  110.775508][ T5897] dvbdev: DVB: registering new adapter (ZyDAS ZD1301 reference design)
[  110.853068][ T6100] netlink: 24 bytes leftover after parsing attributes in process `syz.1.58'.
[  110.867779][ T6100] sch_tbf: burst 88 is lower than device veth0_to_bond mtu (1514) !
[  110.886026][ T5897] usb 4-1: media controller created
[  110.978826][ T5897] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  111.423129][ T5897] usb 4-1: USB disconnect, device number 2
[  111.531188][ T6116] Zero length message leads to an empty skb
[  111.668528][ T6114] KVM: debugfs: duplicate directory 6114-4
[  111.697365][ T6118] syz.2.64 uses obsolete (PF_INET,SOCK_PACKET)
[  112.005835][ T5897] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  112.185878][ T5897] usb 2-1: Using ep0 maxpacket: 8
[  112.218480][ T5897] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  112.235415][ T5897] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  112.311184][ T5897] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  112.326242][ T5897] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  112.379966][ T5897] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  112.398272][   T30] audit: type=1326 audit(1748844028.494:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6138 comm="syz.4.71" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f400f98e969 code=0x0
[  112.425215][ T5897] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  112.482158][ T5897] usbtmc 2-1:16.0: bulk endpoints not found
[  112.777410][ T6148] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  112.790677][ T5897] usb 2-1: USB disconnect, device number 2
[  112.827959][ T6148] netlink: 'syz.3.73': attribute type 12 has an invalid length.
[  112.849851][ T6148] netlink: 'syz.3.73': attribute type 29 has an invalid length.
[  112.870912][ T6148] netlink: 148 bytes leftover after parsing attributes in process `syz.3.73'.
[  112.910369][ T6148] netlink: 'syz.3.73': attribute type 2 has an invalid length.
[  112.921412][ T6148] netlink: 'syz.3.73': attribute type 3 has an invalid length.
[  112.947186][ T6148] netlink: 35 bytes leftover after parsing attributes in process `syz.3.73'.
[  113.108033][ T6152] xt_hashlimit: size too large, truncated to 1048576
[  113.193035][ T6156] netlink: 12 bytes leftover after parsing attributes in process `syz.2.76'.
[  113.286124][ T6156] vlan2: entered promiscuous mode
[  113.295090][ T6156] hsr0: entered promiscuous mode
[  114.576496][ T5878] usb 5-1: new full-speed USB device number 2 using dummy_hcd
[  114.737914][ T5878] usb 5-1: config 0 has an invalid interface number: 31 but max is 0
[  114.766212][ T5878] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  114.792746][ T5878] usb 5-1: config 0 has no interface number 0
[  114.796709][ T5878] usb 5-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16
[  114.796740][ T5878] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  114.796760][ T5878] usb 5-1: Product: syz
[  114.796775][ T5878] usb 5-1: Manufacturer: syz
[  114.796791][ T5878] usb 5-1: SerialNumber: syz
[  114.826948][ T5878] usb 5-1: config 0 descriptor??
[  114.833813][ T5878] hub 5-1:0.31: bad descriptor, ignoring hub
[  114.833852][ T5878] hub 5-1:0.31: probe with driver hub failed with error -5
[  114.862899][ T5878] usb 5-1: Found UVC 0.04 device syz (046d:08c3)
[  114.862994][ T5878] uvcvideo 5-1:0.31: Entity type for entity Output 6 was not initialized!
[  114.863321][ T5878] usb 5-1: Failed to create links for entity 6
[  114.863340][ T5878] usb 5-1: Failed to register entities (-22).
[  114.998572][ T6175] syzkaller1: entered promiscuous mode
[  114.998598][ T6175] syzkaller1: entered allmulticast mode
[  115.196850][  T978] usb 5-1: USB disconnect, device number 2
[  119.242704][ T6262] af_packet: tpacket_rcv: packet too big, clamped from 62183 to 3952. macoff=96
[  120.135290][ T6277] netlink: 12 bytes leftover after parsing attributes in process `syz.0.118'.
[  120.816553][ T6243] warning: `syz.1.105' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  120.931531][ T6269] syz_tun: entered allmulticast mode
[  120.941341][ T6269] syz_tun: left allmulticast mode
[  121.422308][ T6295] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  122.116070][ T5878] usb 3-1: new full-speed USB device number 3 using dummy_hcd
[  122.337696][ T5878] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1024, setting to 64
[  122.371672][ T5878] usb 3-1: New USB device found, idVendor=1430, idProduct=07bb, bcdDevice= 0.00
[  122.385197][ T5878] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  122.428234][ T5878] usb 3-1: config 0 descriptor??
[  122.434232][ T6303] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  122.526075][ T6314] netlink: 24 bytes leftover after parsing attributes in process `syz.0.132'.
[  122.900991][ T5878] sony 0003:1430:07BB.0001: item fetching failed at offset 1/3
[  122.933462][ T5878] sony 0003:1430:07BB.0001: parse failed
[  122.948745][ T5878] sony 0003:1430:07BB.0001: probe with driver sony failed with error -22
[  123.116995][ T5878] usb 3-1: USB disconnect, device number 3
[  123.790178][ T6344] syz_tun: entered allmulticast mode
[  123.856946][ T6344] dvmrp1: entered allmulticast mode
[  123.912683][ T6342] syz_tun: left allmulticast mode
[  123.968537][ T6342] dvmrp1: left allmulticast mode
[  130.173615][ T6483] ieee802154 phy0 wpan0: encryption failed: -22
[  131.188553][   T30] audit: type=1804 audit(1748844047.284:6): pid=6486 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.0.195" name="/newroot/45/bus" dev="tmpfs" ino=280 res=1 errno=0
[  131.721615][ T6504] ubi31: attaching mtd0
[  131.727625][ T6504] ubi31 error: ubi_attach_mtd_dev: bad VID header (16) or data offsets (80)
[  132.115862][ T5880] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  132.376173][ T5880] usb 1-1: Using ep0 maxpacket: 32
[  132.495368][ T5880] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  132.505984][ T5880] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  132.543706][ T5880] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  132.642184][ T5880] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  132.744654][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  132.745043][ T5880] usb 1-1: config 0 descriptor??
[  132.753451][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  133.464534][ T5897] usb 1-1: USB disconnect, device number 2
[  133.782779][ T6018] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  133.918916][ T6018] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  134.134940][ T6018] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  134.155767][ T6543] IPv4: Oversized IP packet from 172.20.20.24
[  134.164085][    C1] IPv4: Oversized IP packet from 172.20.20.24
[  134.170809][    C1] IPv4: Oversized IP packet from 172.20.20.24
[  134.319713][ T6018] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  134.677980][ T6018] bridge_slave_1: left allmulticast mode
[  134.692473][ T6018] bridge_slave_1: left promiscuous mode
[  134.705238][ T6018] bridge0: port 2(bridge_slave_1) entered disabled state
[  134.790564][ T6018] bridge_slave_0: left allmulticast mode
[  134.806002][ T6018] bridge_slave_0: left promiscuous mode
[  134.824287][ T6018] bridge0: port 1(bridge_slave_0) entered disabled state
[  134.889840][ T5878] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  134.948911][ T5878] hid-generic 0000:0000:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  135.091986][ T5839] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  135.100871][ T5839] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  135.109008][ T5839] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  135.124022][ T5839] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  135.133106][ T5839] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  135.560384][ T6568] fuse: root generation should be zero
[  135.961034][ T6577] mmap: syz.4.230 (6577) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  136.457640][ T6591] netlink: 452 bytes leftover after parsing attributes in process `syz.2.235'.
[  137.196044][   T51] Bluetooth: hci4: command tx timeout
[  137.943420][ T6018] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  138.041012][ T6018] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  138.077155][ T6018] bond0 (unregistering): Released all slaves
[  138.432121][ T6638] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  138.484445][ T6638] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  138.819537][ T6018] hsr_slave_0: left promiscuous mode
[  138.834127][ T6018] hsr_slave_1: left promiscuous mode
[  138.862972][ T6018] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  138.889027][ T6018] batman_adv: batadv0: Removing interface: batadv_slave_0
[  138.911781][ T6018] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  138.933901][ T6018] batman_adv: batadv0: Removing interface: batadv_slave_1
[  139.083132][ T6018] veth1_macvtap: left promiscuous mode
[  139.125414][ T6018] veth0_macvtap: left promiscuous mode
[  139.157631][ T6018] veth1_vlan: left promiscuous mode
[  139.163163][ T6018] veth0_vlan: left promiscuous mode
[  139.275960][   T51] Bluetooth: hci4: command tx timeout
[  140.704589][ T6671] netlink: 12 bytes leftover after parsing attributes in process `syz.3.258'.
[  141.224357][ T6679] netlink: 24 bytes leftover after parsing attributes in process `syz.4.260'.
[  141.366314][   T51] Bluetooth: hci4: command tx timeout
[  141.505997][    T9] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  141.559242][ T6018] team0 (unregistering): Port device team_slave_1 removed
[  141.655130][ T6018] team0 (unregistering): Port device team_slave_0 removed
[  141.697138][    T9] usb 3-1: Using ep0 maxpacket: 16
[  141.714099][    T9] usb 3-1: config 0 has an invalid interface number: 105 but max is 0
[  141.733106][    T9] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  141.754690][    T9] usb 3-1: config 0 has no interface number 0
[  141.784292][    T9] usb 3-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28
[  141.803750][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  141.818334][    T9] usb 3-1: Product: syz
[  141.845381][    T9] usb 3-1: Manufacturer: syz
[  141.853624][    T9] usb 3-1: SerialNumber: syz
[  141.891609][    T9] usb 3-1: config 0 descriptor??
[  141.911970][    T9] usb 3-1: Found UVC 0.00 device syz (046d:08f3)
[  141.921396][    T9] usb 3-1: No valid video chain found.
[  142.073778][ T5897] IPVS: starting estimator thread 0...
[  142.135676][ T5897] usb 3-1: USB disconnect, device number 4
[  142.186042][ T6688] IPVS: using max 25 ests per chain, 60000 per kthread
[  142.509550][ T6690] netlink: 12 bytes leftover after parsing attributes in process `syz.0.264'.
[  142.554156][ T6690] netlink: 28 bytes leftover after parsing attributes in process `syz.0.264'.
[  142.580293][ T6690] netlink: 12 bytes leftover after parsing attributes in process `syz.0.264'.
[  142.600466][ T6690] netlink: 28 bytes leftover after parsing attributes in process `syz.0.264'.
[  142.615061][ T6690] netlink: 'syz.0.264': attribute type 6 has an invalid length.
[  143.032197][ T6561] chnl_net:caif_netlink_parms(): no params data found
[  143.437223][   T51] Bluetooth: hci4: command tx timeout
[  143.721921][ T6561] bridge0: port 1(bridge_slave_0) entered blocking state
[  143.763319][ T6561] bridge0: port 1(bridge_slave_0) entered disabled state
[  143.807053][ T6561] bridge_slave_0: entered allmulticast mode
[  143.863095][ T6561] bridge_slave_0: entered promiscuous mode
[  143.948416][ T6561] bridge0: port 2(bridge_slave_1) entered blocking state
[  143.982607][ T6561] bridge0: port 2(bridge_slave_1) entered disabled state
[  144.008267][ T6561] bridge_slave_1: entered allmulticast mode
[  144.045492][ T6561] bridge_slave_1: entered promiscuous mode
[  144.274699][ T6561] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  144.300725][ T6561] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  144.807893][ T6561] team0: Port device team_slave_0 added
[  144.850931][ T6751] netlink: 96 bytes leftover after parsing attributes in process `syz.4.280'.
[  144.888982][ T6561] team0: Port device team_slave_1 added
[  145.075687][ T6561] batman_adv: batadv0: Adding interface: batadv_slave_0
[  145.112105][ T6561] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  145.150344][ T6561] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  145.168707][ T6561] batman_adv: batadv0: Adding interface: batadv_slave_1
[  145.178212][ T6561] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  145.480954][ T6561] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  145.765946][ T5909] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  145.832441][ T6561] hsr_slave_0: entered promiscuous mode
[  145.844806][ T6561] hsr_slave_1: entered promiscuous mode
[  145.864570][ T6561] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  145.887104][ T6561] Cannot create hsr debugfs directory
[  146.210753][ T5909] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  146.241550][ T6771] netlink: 24 bytes leftover after parsing attributes in process `syz.4.288'.
[  146.257545][ T5909] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  146.338366][ T5909] usb 1-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[  146.388317][ T5909] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  146.420545][ T5909] usb 1-1: config 0 descriptor??
[  146.868473][ T5909] cp2112 0003:10C4:EA90.0003: unknown main item tag 0x0
[  146.921722][ T5909] cp2112 0003:10C4:EA90.0003: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.0-1/input0
[  147.064745][ T5909] cp2112 0003:10C4:EA90.0003: Part Number: 0x82 Device Version: 0xFE
[  147.065517][ T6561] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  147.104008][ T6561] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  147.126435][ T6561] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  147.155247][ T6561] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  147.265985][ T5880] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  147.322381][ T6561] 8021q: adding VLAN 0 to HW filter on device bond0
[  147.355668][ T6561] 8021q: adding VLAN 0 to HW filter on device team0
[  147.371856][ T6023] bridge0: port 1(bridge_slave_0) entered blocking state
[  147.379085][ T6023] bridge0: port 1(bridge_slave_0) entered forwarding state
[  147.418735][ T5880] usb 4-1: Using ep0 maxpacket: 8
[  147.433229][ T5880] usb 4-1: config 150 has an invalid interface number: 204 but max is 1
[  147.434620][ T6023] bridge0: port 2(bridge_slave_1) entered blocking state
[  147.443446][ T5880] usb 4-1: config 150 has no interface number 0
[  147.448822][ T6023] bridge0: port 2(bridge_slave_1) entered forwarding state
[  147.521241][ T5880] usb 4-1: config 150 interface 204 has no altsetting 0
[  147.539557][ T5880] usb 4-1: config 150 interface 1 has no altsetting 0
[  147.578207][ T5880] usb 4-1: New USB device found, idVendor=04e2, idProduct=1424, bcdDevice=c7.eb
[  147.587562][ T5880] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  147.595590][ T5880] usb 4-1: Product: syz
[  147.619990][ T5880] usb 4-1: Manufacturer: syz
[  147.624646][ T5880] usb 4-1: SerialNumber: syz
[  147.681049][ T6767] cp2112 0003:10C4:EA90.0003: Multi-message I2C transactions not supported
[  147.712757][ T5909] cp2112 0003:10C4:EA90.0003: error reading lock byte: -71
[  147.753543][ T5909] usb 1-1: USB disconnect, device number 3
[  147.855365][ T5880] xr_serial 4-1:150.204: xr_serial converter detected
[  147.939063][ T6806] cgroup: fork rejected by pids controller in /syz4
[  148.191042][ T6561] 8021q: adding VLAN 0 to HW filter on device batadv0
[  148.670414][ T5880] usb 4-1: xr_serial converter now attached to ttyUSB0
[  148.892771][ T5880] usb 4-1: USB disconnect, device number 3
[  148.970481][ T5880] xr_serial ttyUSB0: xr_serial converter now disconnected from ttyUSB0
[  149.022665][ T5880] xr_serial 4-1:150.204: device disconnected
[  149.291931][ T6561] veth0_vlan: entered promiscuous mode
[  149.326179][ T6561] veth1_vlan: entered promiscuous mode
[  149.459113][ T6561] veth0_macvtap: entered promiscuous mode
[  149.512256][ T6561] veth1_macvtap: entered promiscuous mode
[  149.576857][ T6561] batman_adv: batadv0: Interface activated: batadv_slave_0
[  149.634738][ T6561] batman_adv: batadv0: Interface activated: batadv_slave_1
[  149.687917][ T6561] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  149.712603][ T6561] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  149.758682][ T6561] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  149.792164][ T6561] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  149.920611][ T5839] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  149.934361][ T5839] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  149.943524][ T5839] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  149.952568][ T5839] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  149.961684][ T5839] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  150.078135][ T6028] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  150.101091][ T6028] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  150.182713][ T6028] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  150.201071][ T6028] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  150.661087][ T6848] netlink: 8 bytes leftover after parsing attributes in process `syz.5.216'.
[  150.805066][ T6838] chnl_net:caif_netlink_parms(): no params data found
[  150.941119][ T5909] kernel read not supported for file /rfkill (pid: 5909 comm: kworker/1:7)
[  151.303591][ T6838] bridge0: port 1(bridge_slave_0) entered blocking state
[  151.323113][ T6838] bridge0: port 1(bridge_slave_0) entered disabled state
[  151.342732][ T6838] bridge_slave_0: entered allmulticast mode
[  151.361797][ T6838] bridge_slave_0: entered promiscuous mode
[  151.401663][ T6838] bridge0: port 2(bridge_slave_1) entered blocking state
[  151.422400][ T6838] bridge0: port 2(bridge_slave_1) entered disabled state
[  151.437143][ T6838] bridge_slave_1: entered allmulticast mode
[  151.452798][ T6838] bridge_slave_1: entered promiscuous mode
[  151.574998][ T6838] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  151.628840][ T6838] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  151.783609][ T6838] team0: Port device team_slave_0 added
[  151.842775][ T6838] team0: Port device team_slave_1 added
[  151.997279][   T51] Bluetooth: hci2: command tx timeout
[  152.072810][ T6838] batman_adv: batadv0: Adding interface: batadv_slave_0
[  152.111688][ T6838] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  152.168432][ T6838] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  152.203291][ T6838] batman_adv: batadv0: Adding interface: batadv_slave_1
[  152.225778][ T6838] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  152.305897][ T6838] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  152.507747][ T6838] hsr_slave_0: entered promiscuous mode
[  152.514504][ T6838] hsr_slave_1: entered promiscuous mode
[  152.532802][ T6838] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  152.558116][ T6838] Cannot create hsr debugfs directory
[  153.236718][ T6838] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  153.401971][ T6838] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  153.529962][ T6838] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  153.665178][ T6913] netlink: 'syz.2.333': attribute type 21 has an invalid length.
[  153.674503][ T6913] netlink: 128 bytes leftover after parsing attributes in process `syz.2.333'.
[  153.711997][ T6838] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  153.767759][ T6913] netlink: 'syz.2.333': attribute type 5 has an invalid length.
[  153.775455][ T6913] netlink: 'syz.2.333': attribute type 6 has an invalid length.
[  153.783259][ T6913] netlink: 3 bytes leftover after parsing attributes in process `syz.2.333'.
[  154.080549][   T51] Bluetooth: hci2: command tx timeout
[  154.543758][ T6932] netlink: 24 bytes leftover after parsing attributes in process `syz.3.339'.
[  156.162714][   T51] Bluetooth: hci2: command tx timeout
[  156.374528][ T6945] bridge_slave_0: left allmulticast mode
[  156.415229][ T6945] bridge_slave_0: left promiscuous mode
[  156.447511][ T6945] bridge0: port 1(bridge_slave_0) entered disabled state
[  156.559191][ T6945] bridge_slave_1: left allmulticast mode
[  156.579701][ T6945] bridge_slave_1: left promiscuous mode
[  156.595893][ T6945] bridge0: port 2(bridge_slave_1) entered disabled state
[  156.670371][ T6945] bond0: (slave bond_slave_0): Releasing backup interface
[  156.728429][ T6945] bond0: (slave bond_slave_1): Releasing backup interface
[  156.815592][ T6945] team0: Port device team_slave_0 removed
[  156.829887][ T6963] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  156.862814][ T6945] team0: Port device team_slave_1 removed
[  156.890289][ T6945] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  156.926069][ T6945] batman_adv: batadv0: Removing interface: batadv_slave_0
[  156.945379][ T6945] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  156.973914][ T6945] batman_adv: batadv0: Removing interface: batadv_slave_1
[  157.568823][ T6838] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  157.840538][ T6838] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  158.002055][ T6838] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  158.044639][ T6838] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  158.241893][   T51] Bluetooth: hci2: command tx timeout
[  158.527794][ T6982] netlink: 24 bytes leftover after parsing attributes in process `syz.0.358'.
[  158.698708][ T6838] 8021q: adding VLAN 0 to HW filter on device bond0
[  158.774124][ T6838] 8021q: adding VLAN 0 to HW filter on device team0
[  158.851875][ T6023] bridge0: port 1(bridge_slave_0) entered blocking state
[  158.859167][ T6023] bridge0: port 1(bridge_slave_0) entered forwarding state
[  158.911559][ T6023] bridge0: port 2(bridge_slave_1) entered blocking state
[  158.918899][ T6023] bridge0: port 2(bridge_slave_1) entered forwarding state
[  159.889019][ T6838] 8021q: adding VLAN 0 to HW filter on device batadv0
[  160.250182][   T30] audit: type=1800 audit(1748844076.344:7): pid=7021 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.0.371" name="file1" dev="tmpfs" ino=526 res=0 errno=0
[  160.556421][ T7026] sctp: [Deprecated]: syz.3.372 (pid 7026) Use of int in maxseg socket option.
[  160.556421][ T7026] Use struct sctp_assoc_value instead
[  161.064301][ T7029] netlink: 4 bytes leftover after parsing attributes in process `syz.5.373'.
[  161.133415][ T7031] netlink: 12 bytes leftover after parsing attributes in process `syz.5.373'.
[  161.429722][ T6838] veth0_vlan: entered promiscuous mode
[  161.481860][ T6838] veth1_vlan: entered promiscuous mode
[  161.573116][   T43] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  161.592153][ T6838] veth0_macvtap: entered promiscuous mode
[  161.634281][ T6838] veth1_macvtap: entered promiscuous mode
[  161.667821][ T6838] batman_adv: batadv0: Interface activated: batadv_slave_0
[  161.708106][ T6838] batman_adv: batadv0: Interface activated: batadv_slave_1
[  161.738921][ T6838] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  161.761068][ T6838] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  161.791869][ T6838] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  161.823862][ T6838] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  161.870784][   T43] usb 1-1: Using ep0 maxpacket: 8
[  161.900978][   T43] usb 1-1: config 168 descriptor has 1 excess byte, ignoring
[  161.916381][   T43] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  161.940041][   T43] usb 1-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  161.974002][   T43] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  161.994958][   T43] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  162.033242][   T43] usb 1-1: config 168 descriptor has 1 excess byte, ignoring
[  162.053403][   T43] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  162.103738][   T43] usb 1-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  162.133170][   T43] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  162.161902][   T43] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  162.169511][ T6010] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  162.224469][ T6010] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  162.234923][   T43] usb 1-1: config 168 descriptor has 1 excess byte, ignoring
[  162.267382][   T43] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  162.293546][   T43] usb 1-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  162.315371][ T6013] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  162.334011][   T43] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  162.339099][ T6013] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  162.375781][   T43] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  162.445301][   T43] usb 1-1: string descriptor 0 read error: -22
[  162.455977][   T43] usb 1-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  162.465058][   T43] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  162.572309][   T43] adutux 1-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  162.674149][ T7059] capability: warning: `syz.4.304' uses deprecated v2 capabilities in a way that may be insecure
[  162.982253][    T9] usb 1-1: USB disconnect, device number 4
[  163.237567][  T978] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  163.419899][  T978] usb 6-1: Using ep0 maxpacket: 8
[  163.429168][  T978] usb 6-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  163.462169][  T978] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  163.493167][  T978] usb 6-1: config 0 descriptor??
[  163.671850][ T7079] loop6: detected capacity change from 0 to 7
[  163.691744][ T5820] Dev loop6: unable to read RDB block 7
[  163.699479][ T5820]  loop6: unable to read partition table
[  163.705411][ T5820] loop6: partition table beyond EOD, truncated
[  163.723180][ T7079] Dev loop6: unable to read RDB block 7
[  163.741412][ T7079]  loop6: unable to read partition table
[  163.750809][ T7079] loop6: partition table beyond EOD, truncated
[  163.765513][ T7081] process 'syz.2.390' launched './file0' with NULL argv: empty string added
[  163.774460][ T7079] loop_reread_partitions: partition scan of loop6 (þ被xü—ŸÑà– ) failed (rc=-5)
[  163.811087][ T5879] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  163.985967][ T5879] usb 5-1: Using ep0 maxpacket: 8
[  163.993681][ T5879] usb 5-1: config 179 has an invalid interface number: 65 but max is 0
[  164.012560][ T5879] usb 5-1: config 179 has no interface number 0
[  164.032958][ T5879] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  164.063680][ T5879] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  164.101027][ T5879] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  164.136318][ T5879] usb 5-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  164.176197][ T5879] usb 5-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  164.203832][ T5879] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  164.240189][ T7076] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  164.913944][ T7076] netlink: 4 bytes leftover after parsing attributes in process `syz.4.388'.
[  164.996380][   T43] usb 5-1: USB disconnect, device number 3
[  164.996376][    C0] xpad 5-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  164.996436][    C0] xpad 5-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  165.334849][  T978] asix 6-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  165.345084][  T978] asix 6-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[  165.398305][  T978] asix 6-1:0.0: probe with driver asix failed with error -71
[  165.451888][  T978] usb 6-1: USB disconnect, device number 2
[  165.868298][ T7118] netlink: 12 bytes leftover after parsing attributes in process `syz.3.404'.
[  165.905976][  T978] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  166.087809][  T978] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  166.104145][  T978] usb 1-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02
[  166.114185][  T978] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  166.123636][  T978] usb 1-1: Product: syz
[  166.128355][  T978] usb 1-1: Manufacturer: syz
[  166.132989][  T978] usb 1-1: SerialNumber: syz
[  166.141129][  T978] usb 1-1: config 0 descriptor??
[  166.248328][ T5909] usb 6-1: new full-speed USB device number 3 using dummy_hcd
[  166.395060][ T5897] usb 1-1: USB disconnect, device number 5
[  166.415300][ T5909] usb 6-1: config 1 interface 0 has no altsetting 0
[  166.445171][ T5909] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  166.461226][ T5909] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  166.469674][ T7135] syz_tun: entered allmulticast mode
[  166.469795][ T5909] usb 6-1: Product: syz
[  166.481874][ T7134] syz_tun: left allmulticast mode
[  166.492420][ T5909] usb 6-1: Manufacturer: syz
[  166.500037][ T5909] usb 6-1: SerialNumber: syz
[  167.138899][ T5909] usblp 6-1:1.0: usblp0: USB Unidirectional printer dev 3 if 0 alt 253 proto 1 vid 0x0525 pid 0xA4A8
[  167.212465][ T7154] trusted_key: syz.2.419 sent an empty control message without MSG_MORE.
[  167.535953][ T5909] usb 6-1: USB disconnect, device number 3
[  167.566606][ T5909] usblp0: removed
[  168.804461][ T6023] Bluetooth: hci5: Frame reassembly failed (-84)
[  169.013686][ T7186] loop5: detected capacity change from 0 to 1263
[  169.101180][ T7186]  loop5: [POWERTEC] p1 p2 p3 p4 p5 p6
[  169.108205][ T7186] loop5: p1 start 1385603769 is beyond EOD, truncated
[  169.185356][ T7186] loop5: p2 start 3710877952 is beyond EOD, truncated
[  169.255947][ T7186] loop5: p3 start 94294898 is beyond EOD, truncated
[  169.270200][ T7186] loop5: p4 start 3497251699 is beyond EOD, truncated
[  169.284144][ T7186] loop5: p5 start 4193764943 is beyond EOD, truncated
[  169.299180][ T7186] loop5: p6 start 3896670348 is beyond EOD, truncated
[  170.026129][ T7192] netlink: 4 bytes leftover after parsing attributes in process `syz.2.434'.
[  170.051696][ T7192] netlink: 12 bytes leftover after parsing attributes in process `syz.2.434'.
[  170.795907][   T51] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  170.985866][ T5909] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  171.080285][ T7220] vlan2: entered promiscuous mode
[  171.126713][ T7220] vlan2: entered allmulticast mode
[  171.173654][ T7220] hsr_slave_1: entered allmulticast mode
[  171.215520][ T5909] usb 6-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[  171.254739][ T5909] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  171.280399][ T5909] usb 6-1: config 0 descriptor??
[  171.686855][  T978] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  171.875930][  T978] usb 3-1: Using ep0 maxpacket: 8
[  171.883890][  T978] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  171.902369][  T978] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  171.917420][  T978] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  171.955175][  T978] usb 3-1: config 0 descriptor??
[  172.193473][  T978] iowarrior 3-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  172.344923][ T7244] netlink: 4 bytes leftover after parsing attributes in process `syz.0.450'.
[  172.826196][    T9] usb 3-1: USB disconnect, device number 5
[  173.114045][ T5909] usb 6-1: Cannot set autoneg
[  173.121579][ T5909] MOSCHIP usb-ethernet driver 6-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71
[  173.155376][ T5909] usb 6-1: USB disconnect, device number 4
[  174.705446][ T7261] netlink: 44 bytes leftover after parsing attributes in process `syz.5.456'.
[  174.716561][ T7261] netlink: 43 bytes leftover after parsing attributes in process `syz.5.456'.
[  174.727182][ T7261] netlink: 'syz.5.456': attribute type 6 has an invalid length.
[  174.747106][ T7261] netlink: 'syz.5.456': attribute type 5 has an invalid length.
[  174.754917][ T7261] netlink: 43 bytes leftover after parsing attributes in process `syz.5.456'.
[  175.202276][ T7269] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  175.396070][ T5909] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  175.565977][ T5909] usb 5-1: Using ep0 maxpacket: 8
[  175.595042][ T5909] usb 5-1: unable to get BOS descriptor or descriptor too short
[  175.635232][ T5909] usb 5-1: unable to read config index 0 descriptor/start: -71
[  175.657657][ T5909] usb 5-1: can't read configurations, error -71
[  175.681023][ T7283] syz_tun: entered allmulticast mode
[  175.781520][ T7282] syz_tun: left allmulticast mode
[  178.163403][ T7335] netlink: 2028 bytes leftover after parsing attributes in process `syz.2.485'.
[  178.190002][ T7335] netlink: 12 bytes leftover after parsing attributes in process `syz.2.485'.
[  179.160725][   T30] audit: type=1800 audit(1748844095.244:8): pid=7342 uid=0 auid=0 ses=1 subj=_ op=collect_data cause=failed(directio) comm="syz.2.487" name="bus" dev="overlay" ino=615 res=0 errno=0
[  179.631373][ T7364] kvm: pic: single mode not supported
[  179.631506][ T7364] kvm: pic: level sensitive irq not supported
[  179.728241][ T7369] ubi31: attaching mtd0
[  179.810887][ T7369] ubi31: scanning is finished
[  179.815897][ T7369] ubi31: empty MTD device detected
[  179.834046][ T7364] kvm: pic: single mode not supported
[  180.422622][ T7373] netlink: 4 bytes leftover after parsing attributes in process `syz.3.497'.
[  180.552225][ T7369] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB)
[  180.577020][ T7369] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  180.588123][ T7369] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1
[  180.601462][ T7369] ubi31: VID header offset: 64 (aligned 64), data offset: 128
[  180.609916][ T7369] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  180.631067][ T7369] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23
[  180.643569][ T7369] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 1291033085
[  180.655947][ T7369] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  180.706456][ T7379] ubi31: background thread "ubi_bgt31d" started, PID 7379
[  180.975236][ T7386] mac80211_hwsim hwsim14 wlan0: entered promiscuous mode
[  181.055521][ T7386] mac80211_hwsim hwsim14 wlan0: left promiscuous mode
[  181.238764][ T7396] overlayfs: failed to clone upperpath
[  181.543947][ T7405] libceph: resolve '.' (ret=-3): failed
[  181.735840][ T5878] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  181.906020][ T5878] usb 3-1: Using ep0 maxpacket: 32
[  181.932937][ T5878] usb 3-1: config 0 has an invalid interface number: 12 but max is 0
[  181.952304][ T5878] usb 3-1: config 0 has no interface number 0
[  181.959546][ T5878] usb 3-1: config 0 interface 12 has no altsetting 0
[  181.970545][ T5878] usb 3-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  181.980603][ T5878] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  182.896794][ T5878] usb 3-1: Product: syz
[  182.901029][ T5878] usb 3-1: Manufacturer: syz
[  182.906094][ T5878] usb 3-1: SerialNumber: syz
[  182.926996][ T5878] usb 3-1: config 0 descriptor??
[  183.338064][ T7445] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[  183.540813][ T5878] f81534 3-1:0.12: f81534_get_register: reg: 1003 failed: -71
[  183.551625][ T5878] f81534 3-1:0.12: f81534_find_config_idx: read failed: -71
[  183.565480][ T5878] f81534 3-1:0.12: f81534_calc_num_ports: find idx failed: -71
[  183.576149][ T5878] f81534 3-1:0.12: probe with driver f81534 failed with error -71
[  183.592210][ T5878] usb 3-1: USB disconnect, device number 6
[  183.663752][ T7457] overlayfs: failed to clone upperpath
[  184.034751][ T7465] netlink: 'syz.0.534': attribute type 11 has an invalid length.
[  184.206808][   T43] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  184.381080][   T43] usb 6-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[  184.407751][   T43] usb 6-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18
[  184.436005][   T43] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  184.468082][   T43] gspca_main: stv0680-2.14.0 probing 041e:4007
[  184.529445][ T6039] Bluetooth: hci5: Frame reassembly failed (-84)
[  184.541882][ T7477] Bluetooth: hci5: Frame reassembly failed (-90)
[  185.536279][   T43] stv0680 6-1:4.0: STV(e): camera ping failed!!
[  185.546528][   T43] stv0680 6-1:4.0: last error: 20,  command = 0x55
[  185.829250][ T5879] usb 6-1: USB disconnect, device number 5
[  186.179565][ T7502] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  186.329499][ T7502] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  186.522441][ T7502] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  186.557898][ T5839] Bluetooth: hci5: command 0x1003 tx timeout
[  186.564859][   T51] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  186.976139][ T7502] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  187.165140][ T7502] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  187.210454][ T7502] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  187.261683][ T7502] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  187.291005][ T7502] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  187.735875][    T9] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  187.896459][    T9] usb 4-1: Using ep0 maxpacket: 8
[  187.919559][    T9] usb 4-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  187.935336][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  187.944236][    T9] usb 4-1: Product: syz
[  187.953402][    T9] usb 4-1: Manufacturer: syz
[  187.976950][    T9] usb 4-1: SerialNumber: syz
[  187.995520][    T9] usb 4-1: config 0 descriptor??
[  188.063255][ T7562] netlink: 'syz.2.572': attribute type 11 has an invalid length.
[  188.071563][ T7562] netlink: 36 bytes leftover after parsing attributes in process `syz.2.572'.
[  188.247483][    T9] usb 4-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  188.605609][ T7567] cgroup: fork rejected by pids controller in /syz0
[  189.262879][    T9] dvb_usb_rtl28xxu 4-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32
[  189.460402][ T5897] usb 4-1: USB disconnect, device number 4
[  190.105268][ T7639] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  190.820668][ T7648] netlink: 'syz.2.592': attribute type 39 has an invalid length.
[  192.204448][ T7683] netlink: 8 bytes leftover after parsing attributes in process `syz.0.604'.
[  192.439250][ T7693] netlink: 8 bytes leftover after parsing attributes in process `syz.4.609'.
[  192.534422][ T7697] netlink: 'syz.5.607': attribute type 10 has an invalid length.
[  192.619542][ T7697] netlink: 40 bytes leftover after parsing attributes in process `syz.5.607'.
[  192.636256][   T43] usb 3-1: new full-speed USB device number 7 using dummy_hcd
[  192.653469][ T7694] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  192.726563][ T7697] team0: Failed to send port change of device geneve0 via netlink (err -105)
[  192.740042][ T7697] team0: Failed to send options change via netlink (err -105)
[  192.753563][ T7697] team0: Port device geneve0 added
[  192.848040][ T5897] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  193.396838][   T43] usb 3-1: not running at top speed; connect to a high speed hub
[  193.718662][   T43] usb 3-1: config 1 has an invalid interface number: 74 but max is 0
[  193.743512][   T43] usb 3-1: config 1 has no interface number 0
[  193.753240][ T7694] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  193.778814][   T43] usb 3-1: config 1 interface 74 has no altsetting 0
[  193.796023][ T5897] usb 4-1: Using ep0 maxpacket: 32
[  193.808677][   T43] usb 3-1: New USB device found, idVendor=046d, idProduct=0990, bcdDevice=22.be
[  193.819733][ T5897] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  193.832795][   T43] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  193.846277][ T5897] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  193.865020][   T43] usb 3-1: Product: syz
[  193.872951][   T43] usb 3-1: Manufacturer: syz
[  193.888075][ T5897] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  193.897725][   T43] usb 3-1: SerialNumber: syz
[  193.924606][ T5897] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  193.952711][ T5897] usb 4-1: config 0 descriptor??
[  193.977910][ T5897] hub 4-1:0.0: USB hub found
[  194.025468][ T7694] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  194.136184][ T7690] Bluetooth: MGMT ver 1.23
[  194.153364][   T43] usb 3-1: unknown interface protocol 0x55, assuming v1
[  194.180946][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  194.188432][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  194.209187][ T5897] hub 4-1:0.0: 1 port detected
[  194.256025][   T43] usb 3-1: cannot find UAC_HEADER
[  299.305698][    C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  299.312767][    C0] rcu: 	1-...!: (1 GPs behind) idle=f2ec/1/0x4000000000000000 softirq=32471/32472 fqs=0
[  299.323443][    C0] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P5189/1:b..l P7694/1:b..l P43/1:b..l P7710/1:b..l
[  299.334737][    C0] rcu: 	(detected by 0, t=10505 jiffies, g=25277, q=285 ncpus=2)
[  299.342481][    C0] Sending NMI from CPU 0 to CPUs 1:
[  299.342522][    C1] NMI backtrace for cpu 1
[  299.342609][    C1] CPU: 1 UID: 0 PID: 7712 Comm: syz.4.615 Not tainted 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(full) 
[  299.342630][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  299.342641][    C1] RIP: 0010:rcu_is_watching+0x67/0xb0
[  299.342668][    C1] Code: 89 f7 e8 bc 93 7a 00 48 c7 c3 58 df 99 92 49 03 1e 48 89 d8 48 c1 e8 03 42 0f b6 04 38 84 c0 75 34 8b 03 65 ff 0d 29 ac f1 10 <74> 11 83 e0 04 c1 e8 02 5b 41 5e 41 5f e9 07 36 b9 09 cc e8 91 82
[  299.342682][    C1] RSP: 0018:ffffc90000a08d20 EFLAGS: 00000086
[  299.342697][    C1] RAX: 000000000008f2ec RBX: ffff8880b8732f58 RCX: a1a706aba545bd00
[  299.342709][    C1] RDX: ffff88802f539e00 RSI: ffffffff8be19b60 RDI: ffffffff8be19b20
[  299.342721][    C1] RBP: ffffc90000a08e90 R08: ffffffff8f9f92f7 R09: 1ffffffff1f3f25e
[  299.342734][    C1] R10: dffffc0000000000 R11: fffffbfff1f3f25f R12: ffff8880247c9340
[  299.342746][    C1] R13: 0000000000000000 R14: ffffffff8db81c68 R15: dffffc0000000000
[  299.342758][    C1] FS:  00007f33e6bb86c0(0000) GS:ffff888125d95000(0000) knlGS:0000000000000000
[  299.342772][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  299.342784][    C1] CR2: 0000200000034000 CR3: 0000000033c32000 CR4: 00000000003526f0
[  299.342798][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  299.342808][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  299.342818][    C1] Call Trace:
[  299.342830][    C1]  <IRQ>
[  299.342839][    C1]  ? __pfx_advance_sched+0x10/0x10
[  299.342858][    C1]  __hrtimer_run_queues+0x475/0xc60
[  299.342889][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  299.342908][    C1]  ? read_tsc+0x9/0x20
[  299.342924][    C1]  ? rcu_is_watching+0x15/0xb0
[  299.342946][    C1]  hrtimer_interrupt+0x45b/0xaa0
[  299.342981][    C1]  __sysvec_apic_timer_interrupt+0x108/0x410
[  299.343004][    C1]  sysvec_apic_timer_interrupt+0xa1/0xc0
[  299.343024][    C1]  </IRQ>
[  299.343030][    C1]  <TASK>
[  299.343036][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  299.343054][    C1] RIP: 0010:__sanitizer_cov_trace_pc+0x46/0x70
[  299.343082][    C1] Code: ff 00 74 11 81 fa 00 01 00 00 75 35 83 b9 3c 16 00 00 00 74 2c 8b 91 18 16 00 00 83 fa 02 75 21 48 8b 91 20 16 00 00 48 8b 32 <48> 8d 7e 01 8b 89 1c 16 00 00 48 39 cf 73 08 48 89 3a 48 89 44 f2
[  299.343095][    C1] RSP: 0018:ffffc9000fba7a00 EFLAGS: 00000246
[  299.343109][    C1] RAX: ffffffff81b4b22a RBX: 0000000000000000 RCX: ffff88802f539e00
[  299.343132][    C1] RDX: ffffc9000bd49000 RSI: 0000000000012391 RDI: 0000000000000000
[  299.343143][    C1] RBP: 0000000080000000 R08: ffffffff8f9f92f7 R09: 1ffffffff1f3f25e
[  299.343155][    C1] R10: dffffc0000000000 R11: ffffffff81701400 R12: 1ffff92001f74f51
[  299.343167][    C1] R13: 0000000000000000 R14: ffffc9000fba7a88 R15: dffffc0000000000
[  299.343181][    C1]  ? __pfx_native_send_call_func_single_ipi+0x10/0x10
[  299.343206][    C1]  ? smp_call_function_single_async+0xaa/0x110
[  299.343231][    C1]  smp_call_function_single_async+0xaa/0x110
[  299.343254][    C1]  rdmsr_safe_on_cpu+0x127/0x230
[  299.343277][    C1]  ? __pfx_rdmsr_safe_on_cpu+0x10/0x10
[  299.343298][    C1]  ? __pfx___rdmsr_safe_on_cpu+0x10/0x10
[  299.343317][    C1]  ? __might_fault+0xb0/0x130
[  299.343348][    C1]  msr_read+0x14d/0x250
[  299.343375][    C1]  ? __pfx_msr_read+0x10/0x10
[  299.343396][    C1]  ? security_file_permission+0x75/0x290
[  299.343419][    C1]  ? rw_verify_area+0x258/0x650
[  299.343434][    C1]  ? __pfx_msr_read+0x10/0x10
[  299.343457][    C1]  vfs_read+0x1fd/0x980
[  299.343476][    C1]  ? __pfx_vfs_read+0x10/0x10
[  299.343492][    C1]  ? __fget_files+0x2a/0x420
[  299.343513][    C1]  ? __fget_files+0x2a/0x420
[  299.343530][    C1]  ? __fget_files+0x3a0/0x420
[  299.343548][    C1]  ? __fget_files+0x2a/0x420
[  299.343571][    C1]  ksys_read+0x145/0x250
[  299.343587][    C1]  ? __pfx_ksys_read+0x10/0x10
[  299.343605][    C1]  ? do_syscall_64+0xbe/0x3b0
[  299.343629][    C1]  do_syscall_64+0xfa/0x3b0
[  299.343649][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  299.343667][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  299.343683][    C1]  ? clear_bhb_loop+0x60/0xb0
[  299.343702][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  299.343718][    C1] RIP: 0033:0x7f33e5d8e969
[  299.343737][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  299.343750][    C1] RSP: 002b:00007f33e6bb8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  299.343765][    C1] RAX: ffffffffffffffda RBX: 00007f33e5fb5fa0 RCX: 00007f33e5d8e969
[  299.343777][    C1] RDX: 0000000000019000 RSI: 0000200000032680 RDI: 0000000000000003
[  299.343788][    C1] RBP: 00007f33e5e10ab1 R08: 0000000000000000 R09: 0000000000000000
[  299.343798][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  299.343807][    C1] R13: 0000000000000000 R14: 00007f33e5fb5fa0 R15: 00007ffc0a1274f8
[  299.343827][    C1]  </TASK>
[  299.344510][    C0] task:syz.0.614       state:R  running task     stack:26152 pid:7710  tgid:7709  ppid:5822   task_flags:0x400040 flags:0x00004000
[  299.837204][    C0] Call Trace:
[  299.840510][    C0]  <TASK>
[  299.843477][    C0]  __schedule+0x16a2/0x4cb0
[  299.848034][    C0]  ? rcu_is_watching+0x15/0xb0
[  299.852834][    C0]  ? trace_sched_exit_tp+0x38/0x120
[  299.858059][    C0]  ? preempt_schedule_notrace+0xd1/0x110
[  299.863738][    C0]  ? __schedule+0x16c0/0x4cb0
[  299.868450][    C0]  ? __pfx___schedule+0x10/0x10
[  299.873357][    C0]  ? preempt_schedule_irq+0xb5/0x150
[  299.878684][    C0]  ? unwind_next_frame+0xa5/0x2390
[  299.883827][    C0]  preempt_schedule_notrace+0xd1/0x110
[  299.889328][    C0]  ? __pfx_preempt_schedule_notrace+0x10/0x10
[  299.895434][    C0]  ? unwind_next_frame+0xa5/0x2390
[  299.900590][    C0]  preempt_schedule_notrace_thunk+0x16/0x30
[  299.906527][    C0]  rcu_is_watching+0x7f/0xb0
[  299.911151][    C0]  ? unwind_next_frame+0xa5/0x2390
[  299.916290][    C0]  lock_release+0x4b/0x3e0
[  299.920738][    C0]  ? deref_stack_reg+0x19f/0x230
[  299.925713][    C0]  ? unwind_next_frame+0xa5/0x2390
[  299.930855][    C0]  unwind_next_frame+0x19a9/0x2390
[  299.936026][    C0]  ? unwind_next_frame+0xa5/0x2390
[  299.941170][    C0]  ? save_stack+0xf7/0x1f0
[  299.945707][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  299.951908][    C0]  arch_stack_walk+0x11c/0x150
[  299.956718][    C0]  ? __set_page_owner+0x8d/0x4a0
[  299.961702][    C0]  stack_trace_save+0x9c/0xe0
[  299.966417][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[  299.971840][    C0]  save_stack+0xf7/0x1f0
[  299.976113][    C0]  ? __pfx_save_stack+0x10/0x10
[  299.981007][    C0]  ? seqcount_lockdep_reader_access+0x102/0x180
[  299.987309][    C0]  __set_page_owner+0x8d/0x4a0
[  299.992133][    C0]  ? __pfx___set_page_owner+0x10/0x10
[  299.997544][    C0]  post_alloc_hook+0x240/0x2a0
[  300.002345][    C0]  get_page_from_freelist+0x21d5/0x22b0
[  300.007982][    C0]  ? __pfx_get_page_from_freelist+0x10/0x10
[  300.014006][    C0]  ? prepare_alloc_pages+0x213/0x610
[  300.019343][    C0]  __alloc_frozen_pages_noprof+0x181/0x370
[  300.025187][    C0]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  300.031638][    C0]  ? __pfx_rcu_preempt_deferred_qs_irqrestore+0x10/0x10
[  300.038606][    C0]  ? policy_nodemask+0x27c/0x720
[  300.043568][    C0]  ? __lock_acquire+0xab9/0xd20
[  300.048472][    C0]  alloc_pages_mpol+0x232/0x4a0
[  300.053364][    C0]  vma_alloc_folio_noprof+0xe4/0x200
[  300.058684][    C0]  ? __pfx_rcu_read_unlock_special+0x10/0x10
[  300.064692][    C0]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  300.070640][    C0]  folio_prealloc+0x30/0x180
[  300.075271][    C0]  __handle_mm_fault+0x2c88/0x5620
[  300.080441][    C0]  ? __pfx___handle_mm_fault+0x10/0x10
[  300.085948][    C0]  ? follow_page_pte+0x8d6/0x14b0
[  300.091024][    C0]  handle_mm_fault+0x2d5/0x7f0
[  300.095814][    C0]  ? vma_is_secretmem+0xd/0x50
[  300.100619][    C0]  __get_user_pages+0x1af4/0x30b0
[  300.105703][    C0]  ? mt_find+0x15c/0x5f0
[  300.110006][    C0]  ? __pfx___get_user_pages+0x10/0x10
[  300.115519][    C0]  populate_vma_page_range+0x26b/0x340
[  300.121020][    C0]  ? __pfx_populate_vma_page_range+0x10/0x10
[  300.127072][    C0]  ? apply_vma_lock_flags+0x344/0x3c0
[  300.132490][    C0]  ? down_read+0x1ad/0x2e0
[  300.136947][    C0]  __mm_populate+0x24c/0x380
[  300.141579][    C0]  ? __pfx___mm_populate+0x10/0x10
[  300.146736][    C0]  ? up_write+0x1c4/0x420
[  300.151111][    C0]  do_mlock+0x625/0x740
[  300.155312][    C0]  ? count_memcg_event_mm+0x21/0x260
[  300.160659][    C0]  ? __pfx_do_mlock+0x10/0x10
[  300.165383][    C0]  ? exc_page_fault+0x76/0xf0
[  300.170137][    C0]  __x64_sys_mlock+0x60/0x70
[  300.174773][    C0]  do_syscall_64+0xfa/0x3b0
[  300.179314][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  300.184538][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  300.190631][    C0]  ? clear_bhb_loop+0x60/0xb0
[  300.195338][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  300.201262][    C0] RIP: 0033:0x7fe73eb8e969
[  300.205702][    C0] RSP: 002b:00007fe73f9c8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000095
[  300.214247][    C0] RAX: ffffffffffffffda RBX: 00007fe73edb5fa0 RCX: 00007fe73eb8e969
[  300.222255][    C0] RDX: 0000000000000000 RSI: 0000000000800000 RDI: 0000200000000000
[  300.230275][    C0] RBP: 00007fe73ec10ab1 R08: 0000000000000000 R09: 0000000000000000
[  300.238288][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  300.246292][    C0] R13: 0000000000000001 R14: 00007fe73edb5fa0 R15: 00007ffc7fc08f38
[  300.254340][    C0]  </TASK>
[  300.257383][    C0] task:kworker/1:1     state:R  running task     stack:21128 pid:43    tgid:43    ppid:2      task_flags:0x4208060 flags:0x00004000
[  300.271011][    C0] Workqueue: usb_hub_wq hub_event
[  300.276087][    C0] Call Trace:
[  300.279380][    C0]  <TASK>
[  300.282331][    C0]  __schedule+0x16a2/0x4cb0
[  300.286880][    C0]  ? preempt_schedule_irq+0xb5/0x150
[  300.292198][    C0]  ? __pfx___schedule+0x10/0x10
[  300.297088][    C0]  ? preempt_schedule_irq+0xaa/0x150
[  300.302404][    C0]  preempt_schedule_irq+0xb5/0x150
[  300.307540][    C0]  ? __pfx_preempt_schedule_irq+0x10/0x10
[  300.313282][    C0]  ? __pfx_rcu_preempt_deferred_qs_irqrestore+0x10/0x10
[  300.320244][    C0]  ? rcu_irq_exit_check_preempt+0xdf/0x210
[  300.326075][    C0]  irqentry_exit+0x6f/0x90
[  300.330514][    C0]  asm_sysvec_reschedule_ipi+0x1a/0x20
[  300.335991][    C0] RIP: 0010:lock_acquire+0x175/0x360
[  300.341302][    C0] Code: 00 00 00 00 9c 8f 44 24 30 f7 44 24 30 00 02 00 00 0f 85 cd 00 00 00 f7 44 24 08 00 02 00 00 74 01 fb 65 48 8b 05 6b 9e fa 10 <48> 3b 44 24 58 0f 85 f2 00 00 00 48 83 c4 60 5b 41 5c 41 5d 41 5e
[  300.360929][    C0] RSP: 0018:ffffc90000b36578 EFLAGS: 00000206
[  300.367016][    C0] RAX: d394a52cd4a5d300 RBX: 0000000000000000 RCX: d394a52cd4a5d300
[  300.375031][    C0] RDX: 0000000000000000 RSI: ffffffff8db48e76 RDI: ffffffff8be19b80
[  300.383025][    C0] RBP: ffffffff81727e15 R08: 0000000000000000 R09: ffffffff81727e15
[  300.391013][    C0] R10: ffffc90000b36738 R11: ffffffff81acd490 R12: 0000000000000002
[  300.399008][    C0] R13: ffffffff8e13d080 R14: 0000000000000000 R15: 0000000000000246
[  300.407007][    C0]  ? unwind_next_frame+0xa5/0x2390
[  300.412161][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  300.418342][    C0]  ? unwind_next_frame+0xa5/0x2390
[  300.423495][    C0]  ? unwind_next_frame+0xa5/0x2390
[  300.428625][    C0]  ? __device_attach_driver+0x2ce/0x530
[  300.434197][    C0]  ? unwind_next_frame+0xa5/0x2390
[  300.439330][    C0]  unwind_next_frame+0xc2/0x2390
[  300.444292][    C0]  ? unwind_next_frame+0xa5/0x2390
[  300.449434][    C0]  ? unwind_next_frame+0xa5/0x2390
[  300.454568][    C0]  ? driver_probe_device+0x4f/0x430
[  300.459793][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  300.465979][    C0]  arch_stack_walk+0x11c/0x150
[  300.470782][    C0]  ? __device_attach_driver+0x2ce/0x530
[  300.476353][    C0]  stack_trace_save+0x9c/0xe0
[  300.481066][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[  300.486481][    C0]  kasan_save_track+0x3e/0x80
[  300.491173][    C0]  ? kasan_save_track+0x3e/0x80
[  300.496044][    C0]  ? __kasan_kmalloc+0x93/0xb0
[  300.500824][    C0]  ? __kmalloc_cache_noprof+0x230/0x3d0
[  300.506385][    C0]  ? device_add+0xbe/0xb50
[  300.510817][    C0]  ? snd_card_register+0x119/0x710
[  300.515950][    C0]  ? try_to_register_card+0x297/0x320
[  300.521340][    C0]  ? usb_audio_probe+0x1863/0x1dc0
[  300.526468][    C0]  ? usb_probe_interface+0x644/0xbc0
[  300.531768][    C0]  ? really_probe+0x26a/0x9a0
[  300.536464][    C0]  ? __driver_probe_device+0x18c/0x2f0
[  300.541944][    C0]  ? driver_probe_device+0x4f/0x430
[  300.547160][    C0]  ? __device_attach_driver+0x2ce/0x530
[  300.552777][    C0]  __kasan_kmalloc+0x93/0xb0
[  300.557396][    C0]  __kmalloc_cache_noprof+0x230/0x3d0
[  300.562788][    C0]  ? device_add+0xbe/0xb50
[  300.567226][    C0]  device_add+0xbe/0xb50
[  300.571483][    C0]  ? __pfx_dev_printk_emit+0x10/0x10
[  300.576834][    C0]  snd_card_register+0x119/0x710
[  300.581799][    C0]  ? __pfx_snd_card_register+0x10/0x10
[  300.587284][    C0]  ? _dev_err+0x10a/0x160
[  300.591641][    C0]  try_to_register_card+0x297/0x320
[  300.596865][    C0]  ? __pfx_try_to_register_card+0x10/0x10
[  300.602603][    C0]  ? usb_match_one_id+0x654/0x980
[  300.607657][    C0]  usb_audio_probe+0x1863/0x1dc0
[  300.612634][    C0]  ? __pfx_usb_audio_probe+0x10/0x10
[  300.617934][    C0]  ? ktime_get_mono_fast_ns+0x2af/0x2d0
[  300.623512][    C0]  ? pm_runtime_enable+0x1f3/0x340
[  300.628651][    C0]  usb_probe_interface+0x644/0xbc0
[  300.633795][    C0]  ? __pfx_usb_probe_interface+0x10/0x10
[  300.639443][    C0]  really_probe+0x26a/0x9a0
[  300.643977][    C0]  __driver_probe_device+0x18c/0x2f0
[  300.649295][    C0]  driver_probe_device+0x4f/0x430
[  300.654346][    C0]  __device_attach_driver+0x2ce/0x530
[  300.659749][    C0]  bus_for_each_drv+0x251/0x2e0
[  300.664627][    C0]  ? __pfx___device_attach_driver+0x10/0x10
[  300.670540][    C0]  ? __pfx_bus_for_each_drv+0x10/0x10
[  300.675949][    C0]  __device_attach+0x2b8/0x400
[  300.680744][    C0]  ? __pfx___device_attach+0x10/0x10
[  300.686050][    C0]  ? do_raw_spin_unlock+0x122/0x240
[  300.691283][    C0]  bus_probe_device+0x185/0x260
[  300.696164][    C0]  device_add+0x7b6/0xb50
[  300.700521][    C0]  usb_set_configuration+0x1a87/0x20e0
[  300.706053][    C0]  usb_generic_driver_probe+0x8d/0x150
[  300.711542][    C0]  usb_probe_device+0x1c4/0x390
[  300.716413][    C0]  ? __pfx_usb_probe_device+0x10/0x10
[  300.721804][    C0]  really_probe+0x26a/0x9a0
[  300.726336][    C0]  __driver_probe_device+0x18c/0x2f0
[  300.731644][    C0]  driver_probe_device+0x4f/0x430
[  300.736698][    C0]  __device_attach_driver+0x2ce/0x530
[  300.742113][    C0]  bus_for_each_drv+0x251/0x2e0
[  300.746997][    C0]  ? __pfx___device_attach_driver+0x10/0x10
[  300.752909][    C0]  ? __pfx_bus_for_each_drv+0x10/0x10
[  300.758319][    C0]  __device_attach+0x2b8/0x400
[  300.763105][    C0]  ? __pfx___device_attach+0x10/0x10
[  300.768419][    C0]  ? do_raw_spin_unlock+0x122/0x240
[  300.773651][    C0]  bus_probe_device+0x185/0x260
[  300.778536][    C0]  device_add+0x7b6/0xb50
[  300.782894][    C0]  usb_new_device+0xa39/0x16c0
[  300.787695][    C0]  ? __pfx_usb_new_device+0x10/0x10
[  300.792926][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  300.798145][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  300.803371][    C0]  hub_event+0x2941/0x4a00
[  300.807884][    C0]  ? __pfx_hub_event+0x10/0x10
[  300.812679][    C0]  ? process_scheduled_works+0x9ef/0x17b0
[  300.818427][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  300.823645][    C0]  ? process_scheduled_works+0x9ef/0x17b0
[  300.829384][    C0]  ? process_scheduled_works+0x9ef/0x17b0
[  300.835128][    C0]  process_scheduled_works+0xae1/0x17b0
[  300.840732][    C0]  ? __pfx_process_scheduled_works+0x10/0x10
[  300.846750][    C0]  worker_thread+0x8a0/0xda0
[  300.851369][    C0]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  300.857733][    C0]  ? __kthread_parkme+0x7b/0x200
[  300.862709][    C0]  kthread+0x711/0x8a0
[  300.866807][    C0]  ? __pfx_worker_thread+0x10/0x10
[  300.871946][    C0]  ? __pfx_kthread+0x10/0x10
[  300.876578][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  300.881798][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  300.887020][    C0]  ? __pfx_kthread+0x10/0x10
[  300.891659][    C0]  ret_from_fork+0x3fc/0x770
[  300.896277][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[  300.901426][    C0]  ? __switch_to_asm+0x39/0x70
[  300.906205][    C0]  ? __switch_to_asm+0x33/0x70
[  300.910990][    C0]  ? __pfx_kthread+0x10/0x10
[  300.915607][    C0]  ret_from_fork_asm+0x1a/0x30
[  300.920408][    C0]  </TASK>
[  300.923443][    C0] task:syz.5.607       state:R  running task     stack:21944 pid:7694  tgid:7691  ppid:6561   task_flags:0x400140 flags:0x00004006
[  300.936960][    C0] Call Trace:
[  300.940262][    C0]  <TASK>
[  300.943213][    C0]  __schedule+0x16a2/0x4cb0
[  300.947756][    C0]  ? preempt_schedule_irq+0xb5/0x150
[  300.953069][    C0]  ? __pfx___schedule+0x10/0x10
[  300.957958][    C0]  ? preempt_schedule_irq+0xaa/0x150
[  300.963277][    C0]  preempt_schedule_irq+0xb5/0x150
[  300.968414][    C0]  ? __pfx_preempt_schedule_irq+0x10/0x10
[  300.974152][    C0]  ? trace_sched_exit_tp+0x38/0x120
[  300.979380][    C0]  ? rcu_irq_exit_check_preempt+0xdf/0x210
[  300.985218][    C0]  irqentry_exit+0x6f/0x90
[  300.989657][    C0]  asm_sysvec_reschedule_ipi+0x1a/0x20
[  300.995137][    C0] RIP: 0010:lock_release+0x2b5/0x3e0
[  301.000440][    C0] Code: 51 48 c7 44 24 20 00 00 00 00 9c 8f 44 24 20 f7 44 24 20 00 02 00 00 75 56 f7 c3 00 02 00 00 74 01 fb 65 48 8b 05 fb 8b fa 10 <48> 3b 44 24 28 0f 85 8b 00 00 00 48 83 c4 30 5b 41 5c 41 5d 41 5e
[  301.020066][    C0] RSP: 0018:ffffc9000ba269b0 EFLAGS: 00000206
[  301.026164][    C0] RAX: d7a31c9806b17100 RBX: 0000000000000202 RCX: d7a31c9806b17100
[  301.034154][    C0] RDX: 0000000000000005 RSI: ffffffff8db48e76 RDI: ffffffff8be19b80
[  301.042146][    C0] RBP: ffff888053fd8bb8 R08: ffffc9000ba26bd0 R09: 0000000000000000
[  301.050137][    C0] R10: ffffc9000ba26b98 R11: fffff52001744d75 R12: 0000000000000005
[  301.058141][    C0] R13: 0000000000000005 R14: ffffffff8e13d080 R15: ffff888053fd8000
[  301.066180][    C0]  ? unwind_next_frame+0xa5/0x2390
[  301.071342][    C0]  ? unwind_next_frame+0xa5/0x2390
[  301.076483][    C0]  unwind_next_frame+0x19a9/0x2390
[  301.081631][    C0]  ? unwind_next_frame+0xa5/0x2390
[  301.086771][    C0]  ? arch_stack_walk+0xe4/0x150
[  301.091663][    C0]  __unwind_start+0x5b9/0x760
[  301.096371][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  301.102552][    C0]  arch_stack_walk+0xe4/0x150
[  301.107264][    C0]  ? stack_trace_save+0x9c/0xe0
[  301.112147][    C0]  stack_trace_save+0x9c/0xe0
[  301.116855][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[  301.122265][    C0]  ref_tracker_free+0xef/0x7d0
[  301.127059][    C0]  ? __pfx_ref_tracker_free+0x10/0x10
[  301.132453][    C0]  ? synchronize_rcu+0x11a/0x310
[  301.137434][    C0]  ? lockdep_unregister_key+0x29b/0x310
[  301.143008][    C0]  __qdisc_destroy+0x1ba/0x420
[  301.147805][    C0]  dev_shutdown+0x34c/0x440
[  301.152333][    C0]  unregister_netdevice_many_notify+0xea7/0x2320
[  301.158706][    C0]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  301.165498][    C0]  ? rcu_is_watching+0x15/0xb0
[  301.170285][    C0]  ? trace_contention_end+0x39/0x120
[  301.175597][    C0]  ? __mutex_lock+0x330/0xe80
[  301.180301][    C0]  ? rtnl_net_dev_lock+0x36/0x2f0
[  301.185381][    C0]  ? rtnl_is_locked+0x15/0x20
[  301.190094][    C0]  ? nsim_destroy+0xdb/0x670
[  301.194727][    C0]  unregister_netdevice_queue+0x33c/0x380
[  301.200657][    C0]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[  301.206943][    C0]  nsim_destroy+0x1f6/0x670
[  301.211490][    C0]  __nsim_dev_port_del+0x14d/0x1b0
[  301.216635][    C0]  nsim_dev_reload_destroy+0x288/0x490
[  301.222121][    C0]  nsim_dev_reload_down+0x8a/0xc0
[  301.227167][    C0]  devlink_reload+0x1b6/0x8d0
[  301.231883][    C0]  ? __pfx_devlink_reload+0x10/0x10
[  301.237121][    C0]  ? devlink_resources_validate+0xa7/0xd0
[  301.242871][    C0]  ? devlink_resources_validate+0xa7/0xd0
[  301.248614][    C0]  devlink_nl_reload_doit+0xb35/0xd50
[  301.254028][    C0]  ? __pfx_devlink_nl_reload_doit+0x10/0x10
[  301.259950][    C0]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[  301.266315][    C0]  genl_family_rcv_msg_doit+0x215/0x300
[  301.271894][    C0]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  301.278021][    C0]  ? bpf_lsm_capable+0x9/0x20
[  301.282744][    C0]  ? security_capable+0x7e/0x2e0
[  301.287730][    C0]  genl_rcv_msg+0x60e/0x790
[  301.292268][    C0]  ? __pfx_genl_rcv_msg+0x10/0x10
[  301.297312][    C0]  ? ref_tracker_free+0x63a/0x7d0
[  301.302373][    C0]  ? __pfx_devlink_nl_pre_doit_dev_lock+0x10/0x10
[  301.308828][    C0]  ? __pfx_devlink_nl_reload_doit+0x10/0x10
[  301.314751][    C0]  ? __pfx_devlink_nl_post_doit_dev_lock+0x10/0x10
[  301.321282][    C0]  ? __pfx_ref_tracker_free+0x10/0x10
[  301.326697][    C0]  netlink_rcv_skb+0x205/0x470
[  301.331495][    C0]  ? __pfx_genl_rcv_msg+0x10/0x10
[  301.336547][    C0]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  301.341892][    C0]  ? down_read+0x1ad/0x2e0
[  301.346350][    C0]  genl_rcv+0x28/0x40
[  301.350390][    C0]  netlink_unicast+0x758/0x8d0
[  301.355202][    C0]  netlink_sendmsg+0x805/0xb30
[  301.360009][    C0]  ? __pfx_netlink_sendmsg+0x10/0x10
[  301.365332][    C0]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  301.370643][    C0]  ? __pfx_netlink_sendmsg+0x10/0x10
[  301.375959][    C0]  __sock_sendmsg+0x219/0x270
[  301.380663][    C0]  ____sys_sendmsg+0x505/0x830
[  301.385458][    C0]  ? __pfx_____sys_sendmsg+0x10/0x10
[  301.390773][    C0]  ? import_iovec+0x74/0xa0
[  301.395304][    C0]  ___sys_sendmsg+0x21f/0x2a0
[  301.400003][    C0]  ? __pfx____sys_sendmsg+0x10/0x10
[  301.405263][    C0]  ? __fget_files+0x2a/0x420
[  301.409872][    C0]  ? __fget_files+0x3a0/0x420
[  301.414584][    C0]  __x64_sys_sendmsg+0x19b/0x260
[  301.419546][    C0]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  301.425034][    C0]  ? rcu_is_watching+0x15/0xb0
[  301.429831][    C0]  ? do_syscall_64+0xbe/0x3b0
[  301.434534][    C0]  do_syscall_64+0xfa/0x3b0
[  301.439059][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  301.444287][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  301.450373][    C0]  ? clear_bhb_loop+0x60/0xb0
[  301.455078][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  301.461093][    C0] RIP: 0033:0x7f37bc78e969
[  301.465533][    C0] RSP: 002b:00007f37bd5be038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  301.473969][    C0] RAX: ffffffffffffffda RBX: 00007f37bc9b5fa0 RCX: 00007f37bc78e969
[  301.481969][    C0] RDX: 0000000000000000 RSI: 0000200000000540 RDI: 0000000000000005
[  301.489957][    C0] RBP: 00007f37bc810ab1 R08: 0000000000000000 R09: 0000000000000000
[  301.497947][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  301.505938][    C0] R13: 0000000000000000 R14: 00007f37bc9b5fa0 R15: 00007ffecb051468
[  301.513945][    C0]  </TASK>
[  301.517067][    C0] task:udevd           state:R  running task     stack:25064 pid:5189  tgid:5189  ppid:1      task_flags:0x400140 flags:0x00004002
[  301.530665][    C0] Call Trace:
[  301.533959][    C0]  <TASK>
[  301.536908][    C0]  __schedule+0x16a2/0x4cb0
[  301.541452][    C0]  ? preempt_schedule_common+0x83/0xd0
[  301.546936][    C0]  ? __pfx___schedule+0x10/0x10
[  301.551849][    C0]  ? preempt_schedule+0xae/0xc0
[  301.556748][    C0]  preempt_schedule_common+0x83/0xd0
[  301.562078][    C0]  preempt_schedule+0xae/0xc0
[  301.566786][    C0]  ? __pfx_preempt_schedule+0x10/0x10
[  301.572189][    C0]  ? __wake_up_common_lock+0x190/0x1f0
[  301.577695][    C0]  preempt_schedule_thunk+0x16/0x30
[  301.582939][    C0]  _raw_spin_unlock_irqrestore+0xfd/0x110
[  301.588697][    C0]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  301.595074][    C0]  __wake_up_common_lock+0x190/0x1f0
[  301.600406][    C0]  sock_def_readable+0x1fb/0x550
[  301.605378][    C0]  ? sock_def_readable+0xbe/0x550
[  301.610436][    C0]  netlink_sendskb+0xa1/0x140
[  301.615148][    C0]  netlink_sendmsg+0x805/0xb30
[  301.619952][    C0]  ? unwind_get_return_address+0x4d/0x90
[  301.625630][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  301.631824][    C0]  ? __pfx_netlink_sendmsg+0x10/0x10
[  301.637160][    C0]  ? __lock_acquire+0xab9/0xd20
[  301.642048][    C0]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  301.647365][    C0]  ? __pfx_netlink_sendmsg+0x10/0x10
[  301.652694][    C0]  __sock_sendmsg+0x219/0x270
[  301.657407][    C0]  ____sys_sendmsg+0x505/0x830
[  301.662209][    C0]  ? __pfx_____sys_sendmsg+0x10/0x10
[  301.667530][    C0]  ? import_iovec+0x74/0xa0
[  301.672066][    C0]  ___sys_sendmsg+0x21f/0x2a0
[  301.676769][    C0]  ? __pfx____sys_sendmsg+0x10/0x10
[  301.682047][    C0]  __x64_sys_sendmsg+0x19b/0x260
[  301.687002][    C0]  ? kmem_cache_free+0x309/0x400
[  301.691968][    C0]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  301.697475][    C0]  ? do_syscall_64+0xbe/0x3b0
[  301.702187][    C0]  do_syscall_64+0xfa/0x3b0
[  301.706713][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  301.712798][    C0]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  301.718449][    C0]  ? clear_bhb_loop+0x60/0xb0
[  301.723158][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  301.729168][    C0] RIP: 0033:0x7f13cb4a7407
[  301.733600][    C0] RSP: 002b:00007ffed1ca2e80 EFLAGS: 00000202 ORIG_RAX: 000000000000002e
[  301.742032][    C0] RAX: ffffffffffffffda RBX: 00007f13cbb80880 RCX: 00007f13cb4a7407
[  301.750019][    C0] RDX: 0000000000000000 RSI: 00007ffed1ca2ee0 RDI: 0000000000000004
[  301.758015][    C0] RBP: 000055c05350d5f0 R08: 0000000000000000 R09: 0000000000000000
[  301.766003][    C0] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000076
[  301.773988][    C0] R13: 000055c0535059e0 R14: 0000000000000000 R15: 0000000000000000
[  301.781993][    C0]  </TASK>
[  301.785031][    C0] rcu: rcu_preempt kthread starved for 10505 jiffies! g25277 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
[  301.796240][    C0] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  301.806221][    C0] rcu: RCU grace-period kthread stack dump:
[  301.812117][    C0] task:rcu_preempt     state:R  running task     stack:27128 pid:16    tgid:16    ppid:2      task_flags:0x208040 flags:0x00004000
[  301.825643][    C0] Call Trace:
[  301.828937][    C0]  <TASK>
[  301.831885][    C0]  __schedule+0x16a2/0x4cb0
[  301.836432][    C0]  ? schedule+0x165/0x360
[  301.840807][    C0]  ? __pfx___schedule+0x10/0x10
[  301.845694][    C0]  ? schedule+0x91/0x360
[  301.849962][    C0]  schedule+0x165/0x360
[  301.854146][    C0]  schedule_timeout+0x12b/0x270
[  301.859022][    C0]  ? __pfx_schedule_timeout+0x10/0x10
[  301.864414][    C0]  ? __pfx_process_timeout+0x10/0x10
[  301.869731][    C0]  ? prepare_to_swait_event+0x341/0x380
[  301.875310][    C0]  rcu_gp_fqs_loop+0x301/0x1540
[  301.880210][    C0]  ? __pfx_rcu_gp_init+0x10/0x10
[  301.885191][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  301.890416][    C0]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[  301.895723][    C0]  ? _raw_spin_unlock_irq+0x2e/0x50
[  301.900946][    C0]  ? finish_swait+0xcd/0x1f0
[  301.905570][    C0]  rcu_gp_kthread+0x99/0x390
[  301.910187][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  301.915414][    C0]  ? __kthread_parkme+0x7b/0x200
[  301.920376][    C0]  ? __kthread_parkme+0x1a1/0x200
[  301.925436][    C0]  kthread+0x711/0x8a0
[  301.929538][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  301.934755][    C0]  ? __pfx_kthread+0x10/0x10
[  301.939372][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  301.944589][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  301.949813][    C0]  ? __pfx_kthread+0x10/0x10
[  301.954445][    C0]  ret_from_fork+0x3fc/0x770
[  301.959060][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[  301.964202][    C0]  ? __switch_to_asm+0x39/0x70
[  301.968981][    C0]  ? __switch_to_asm+0x33/0x70
[  301.973764][    C0]  ? __pfx_kthread+0x10/0x10
[  301.978387][    C0]  ret_from_fork_asm+0x1a/0x30
[  301.983186][    C0]  </TASK>
[  301.986221][    C0] rcu: Stack dump where RCU GP kthread last ran:
[  301.992559][    C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(full) 
[  302.003855][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  302.013936][    C0] RIP: 0010:pv_native_safe_halt+0x13/0x20
[  302.019699][    C0] Code: cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d e3 c0 2a 00 f3 0f 1e fa fb f4 <c3> cc cc cc cc cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90
[  302.039340][    C0] RSP: 0018:ffffffff8de07d80 EFLAGS: 000002c2
[  302.045435][    C0] RAX: 9a08f3a5ac14e900 RBX: ffffffff81973cf8 RCX: 9a08f3a5ac14e900
[  302.053439][    C0] RDX: 0000000000000001 RSI: ffffffff8d95cc77 RDI: ffffffff8be19b80
[  302.061443][    C0] RBP: ffffffff8de07ea8 R08: ffff8880b8632f5b R09: 1ffff110170c65eb
[  302.069446][    C0] R10: dffffc0000000000 R11: ffffed10170c65ec R12: ffffffff8f9f92f0
[  302.077450][    C0] R13: 0000000000000000 R14: 0000000000000000 R15: 1ffffffff1bd2a50
[  302.085441][    C0] FS:  0000000000000000(0000) GS:ffff888125c95000(0000) knlGS:0000000000000000
[  302.094566][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  302.101162][    C0] CR2: 000000110c2ae8b7 CR3: 0000000033c32000 CR4: 00000000003526f0
[  302.109153][    C0] DR0: 0000000000000000 DR1: 0000000000000097 DR2: 0000000000000000
[  302.117139][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  302.125128][    C0] Call Trace:
[  302.128426][    C0]  <TASK>
[  302.131372][    C0]  default_idle+0x13/0x20
[  302.135741][    C0]  default_idle_call+0x74/0xb0
[  302.140532][    C0]  do_idle+0x1e8/0x510
[  302.144645][    C0]  ? __pfx_do_idle+0x10/0x10
[  302.149289][    C0]  cpu_startup_entry+0x44/0x60
[  302.154101][    C0]  rest_init+0x2de/0x300
[  302.158375][    C0]  ? __pfx_x86_late_time_init+0x10/0x10
[  302.163956][    C0]  start_kernel+0x47d/0x500
[  302.168494][    C0]  x86_64_start_reservations+0x24/0x30
[  302.174073][    C0]  x86_64_start_kernel+0x143/0x1c0
[  302.179206][    C0]  common_startup_64+0x13e/0x147
[  302.184195][    C0]  </TASK>