last executing test programs:

22m2.980219598s ago: executing program 1 (id=179):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec8500000075000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
keyctl$instantiate(0xc, 0x0, 0x0, 0x0, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x80)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
ioprio_set$pid(0x2, 0x0, 0x0)
mkdir(&(0x7f0000000000)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x80, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f0000000440)='./bus\x00')
open(&(0x7f0000000580)='./file1\x00', 0x80242, 0x1df2a23c5997fa5f)

21m59.827407508s ago: executing program 1 (id=182):
r0 = creat(&(0x7f00000001c0)='./file0\x00', 0x0)
close(r0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x4206, r2)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e22}, 0x21)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
splice(r1, 0x0, r4, 0x0, 0xae6, 0x4)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x2, &(0x7f0000000500)=@gcm_256={{0x304}, "1f891d5b00", "11682d84dd05bb63ae661f051e1e79ceafeaa60a5bd1dc83db142ade2bd907fd", "dd6ed25e", "0000000400"}, 0x38)
read$FUSE(r0, &(0x7f000000c400)={0x2020}, 0x2020)
prlimit64(0x0, 0xe, &(0x7f0000000900)={0x7, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
ptrace(0x4208, r2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0xfffffffffffffffe)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)

21m56.289107598s ago: executing program 1 (id=191):
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x88000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, 0x0, 0xc000)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f0000000040), 0x0, 0x0)
read$msr(r1, &(0x7f0000001580)=""/102400, 0x19000)
socket$inet6_tcp(0xa, 0x1, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_clone3(&(0x7f0000001240)={0x2d000000, 0x0, 0x0, 0x0, {0x36}, 0x0, 0x0, 0x0, &(0x7f0000001200)=[0x0], 0x1}, 0x9c)
connect$pppoe(0xffffffffffffffff, &(0x7f0000000400)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e)
ioctl$PPPIOCGCHAN(0xffffffffffffffff, 0x80047437, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)

21m52.002369823s ago: executing program 1 (id=197):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000400)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYBLOB, @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r3, &(0x7f00000021c0)={0x2020, 0x0, <r4=>0x0, 0x0, <r5=>0x0}, 0x2020)
write$FUSE_INIT(r3, &(0x7f0000000040)={0x50, 0x0, r4, {0x7, 0x1f, 0xe0000000, 0x5e490420, 0x2, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}}, 0x50)
syz_fuse_handle_req(r3, &(0x7f000000e3c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d838aae8c05dd22d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r3, &(0x7f0000004200)="a28096c80abf3543ecde7564abff5085d2227ebcb0f164ae92706ad0b083a3f469a3efd15b4921e9c3063b98b3082068e7c31950dde842eac55df0f991453cad62a6956b0b6f7b8cf49b506a3060fe1127eca99663ade8efa89ee189acb5f3b92f6bc4c46621c803eed0d0bb5f32384870ed08f89d4f74445762fb99715e083c4c92a8878be19ffacc30d0f2da64f971cd40563163adc15670ecf25cd3ad96138967c4b53ad9d04b5193ab5fb674aa0030a9d703d1baf810ce897f969121f142161919e583c275671b999e7f363891dfdfdf3556d01b86ee29eca8fccbfeaf1771395148706cc6e6be7ce29fc9ffef061b5420950c1a525bf75ad06edec51538d1c5bbc77da72dc90fd9998936fffdda2427e5a68966c7e2208f76304680182ec73007e482f034195712af922db2726195d997708734db9e7825a864be00b2a4f800881fc0363f5e618398454f35b148b4ccb88d418269fac868a8ba4a2d5b4f06a1ac01b5ad158b842e05adca22c7372585bf4ce95560b6c1e021a3ed2ff7bd3b6b3c7734c3b66d7e4c460096312082f89b16baa6e73814aa60925780cd92cd65087e260ec046fc363264366a9df2c849c0644911303946adad544521ceb469a3e193ecc9a7876403fac461a4a70d6193b2451189a5c5120b3535e9edf619108af7f517b58abd3fa7fb1ab832213430d2e6901076fba9c9e1acc6c6f48ff0e419bbc45589745a176f52a7407ad5e3dd49acb31b47862806f47077dda04905e45a80a12cbcd4d2dd9fe66c2d1f99394fed8ec60961cd2dc7115a96ece432fac86d51bebb08b95f447a83792fe80291fca7b298c9043ef2c26f0f7e42798d3f54c84b94c24c76c555d83ecc53b99bb22d71845e5cf21a5ba7fbeffeb6306e1730db14561b950a3f24bcfd78d4ab0d97de8054bb1a6077ae7cca6e45d846d3df82298d07212922742cb0facac3b77edfbab90e9ee2d4f7b0ee9b17bb11ec5e5721340d84cb6bd93428167e69b47759172557acda313c3decdfc6fe9336bfade459f43b39d0f2289f9142db280f4ee668e650e12858c577e12e2b9a57ee66c834be97979bcbe94747fa5d8d0b7d3a9f8f218df1bf960f828429a1efe838616b18faf6629236ddbded43a093efae163228e5c38fd7714743c2fcca47e3382bcfb1ab893fd7377527b4ec43f3fa60ebd338161d8de7cad65b15579e4af258f5fe3a63c2637a15703207029b0899b5427767647baef11e291358e6e54f6f13d3d2ca7a5e7969e04d2733b3b9ab822c69a3cfac097384de5071a9b74a656136d55eb190df08747b509fd610ff62b4950ef71c934fe21a48a4931d3d9458b415f112cee65c660f5490e982341da1c58634b3967ca6f3596d20cc90f508382156e36f16539093240ef5f2aa6a2c0dff2a67df30dcf50bf6e0b82a3d49f2d532a8dde1b3ceefcf0837190b74186090d1c18b59917d7efce1adfb238ef4a7b1d22c4cef09320221de883e97e6882466508de06fcdabad3b741bdca2cff879d57ddda52f42b3dcb8a78cfc05826af7e4ff155960ff8491194f4d321ef195990abaeeefdcb852d1e1e3703f317385a9458b6c2dd9db830f757ec29c9939fc7313e639fe485bc1e41ddaaef3fbf1f7cc527c8fad0d21b8082482caad7bee440e5097665f636c3dfec82f8c98afb6243bc3944939675a594277d278ba4361461f7da52e224e4ce5dee4a467bf6ae9f67b61ac6eb0a440406abac2016eec907e241c57f5f44be47290fd0fef785ff04df3810ccd637b4d97a84bae8486a36f75d872e645fe46625969fc2d1f032c56ed44bd98ea27bd9b6ddc8eb2dc2ec9f90f2f1ca1bd20e37ac58b03c84c872f4ba47310654986641460dfdd531ac62a76ad87b89c103ac5c9c2e7e70c66447b3412d4a1e5cbc30e16939505116c04de33ae054ed366de8d1f971c2de439957a194e22a488f58d7efd46439177f3f3c45a1475927eecd846d3d2e6a2ab5c7f8addd99062c2fc6b272d1f51bb8f22f1b6f8bb3faf8aa85e5eb9abf7df5cf8f26267323808b0833a987989cbe59205e7ad06556e2d1b8a4873ca1cbcbc8d43abc145fd4eb832e7a58ab2c793d003ce7b1850ce45eb7480417a1e9eb9d39a1028a2a04a2aa649c098c4f8eee514db5f6021173bb254b8e22b150b2ca01dc7ff235db46ed78d07f43d1adab13b8445d1b32069eb45f9d389fcf5a3f7d3ebe243c5b1fe17b1f5a3d571b65f21b9e471e818172554dc956749b99cb7a5f303ec480d7194a2ba86e204f06aa1becdddc8c49082c527e7064ac2ad77dc05639d3d2a7778f6943ed6105ebf6f0b9e94fddbe05c236ec000f4d1d4e496b10068211ab68ada4c7f7ac61f5f5ba5f1810d5bbe87ff4f8356af0d3f682baedb0ad8f8488b277421f0a03fc5e3095ee34bc4472d8f17e3f7013cf2f79f5ff3ea4b6bae56d1365a33b09bfa9a496323f7da923b7e29dce4beb81035f13130004c96e56d7ef6ca6c101d20c27a218e623227c33c9e488b17e7ae9ac20da8240501f7b614a1730f164553fe479ef149866e4ea47296814284a3d3eb7cbb294289ffb996e0eb053b9c16e54cf267832e3d360eb196ed51305630223309ea97215628f01ec9d3ea48096418d5e962cac5063460f0a18772ec7ce66d14a1cce14b52c40bbbfafccbf1e76f09e57ff0718048e5b993157a6cf4718826b1e09430413a3596a15c4a620fa8c8e1d1663e5739f9f790ddbb3be0e00187d43717d659242467d8681ac10303346157f894d9037641417010e9654c6a5b22263e73a5a37128f50078a980c30930321aa5c5e7851d5d392ddce3a14a96916fa8421ae6728f37f5de7c3e98feb4babd4e1bd2315d595e209d52748f70adc2284fcdaa6ad880470d2a071f3490aaf3491fb64b4547419e8eccdc491a8921156cb4811ad1e66514a32b0b31b641438881f28c1e6461b4f451938999af671e8c6a5cd0c072a9fe4cdbefe24ca616f3d0a15ac97cca835b1a440e04fa28340c6044176c8ecc8ee0d033d47db8a0aacfa0eabdfa1c9509fc2604008f01cbafeb5bd2b503b809ed672340b9a576593f1ef388391b54b605e7a15bef7b1345627a34fca57738b0f8f4f19eea93c903495274a4425a1a1cc6c4c6e335b631df5185c95b485e4257867b5347a40e4e14dcc560f061fd4fd265137dc68afd548adde778f1330f769acb1ccf5da14ff6992c24e210ea6e6179421881b803393bc6974e37106c5b5b3b5d0b3469f8969bffb7e4ceb2c98e928e74366492d27235ae4c74a2f48511aeeaa53a2beafa7a331b50e454c507af1b63350a5cef35668a5b9325014192277e509561008b3601088f79d42eaa8b1e4ae2000b31749e2b8094312ddb7f3c1cd625ef885c11fa22a66e374b52b3425e0b8016154e1fd8471339e32e7373d63ab646d893fbe09ae07b06074c01401ea76b3c382a9d32f24f93c789964e16bc4206ecd75c10917ab84ffd8d6cdf4cd28fd90375ff28518f8c1a3befc538e1b9e427fb671988d29f2fb2fcd039f4d341c84eb4d7cf600ddaba88bb094e4d87a1419180149f491368e648b69985b05ac39a4ecdd3c5135f3a5c8ad7792dacb6470144bb9e67805a211efb3ec9ccaf8e0901345fb19e4da579e1fbe86a1207f4f13c3436009c2c640b7cf3f8b77ca7bd994bf93308027359c6dd1b7db1e153fc0821968ef36c003b6c73fe890f4de24f5c6458dbaaf3819edeaa91783c3cfc7e773689236248195c7bbd60113f2476fa3687621d668d1728ee433d2f8f4db707345d30f1e52ab87a2a0afd547c6bb06500f59f17facde48f693490e22494b75d11df1a143b85068d143ef6a9bb5937a9df380c8948f1a01e9675e18409edb0f6b9605b68e34632fcce472dc50b90b0f6dcd57931f78e1e8861a0fb62e72b0baad6f9d23c1cfb0f19b25013c8d9fcd786a2f6f79768b5fb398f7b2baa31ce8156d1fc4a46c1c463fdf30360d42aeed2ef11611d0b7f654bb51052fd4dc39328f8ec4c58bbda05e6f1b3c8f6d8adca0268f2410e9a4a7d63b6616006d0e02f6edacc10e5c54fd85f15a8bd7648a293f23d6a699bd9a675250475a73a96d7475e4fabb89fb5e7de5d7a3479aa485c0befc60d0ac4fd5ac6dbecceb06cad86e219fc0ce4720758917811a3215f8d13e413bfb64fc065fc421aede0b56691797dac428c7e463479fa591b9072c309b7533e427c5cc11a1f6cf9a5b995d328d796d874c5b55dfc12a5039b413ce319cf5ba1f355c4e0717d32650b43e18010f37f048731931c52c4f36eb969dda702afe96c2a5241350a67ba2d026946189c5e281293c9a8e2cff3784776f1de78b917101b54e5ab00c045ea15f28a0e3f509962cf8bd3385d85250737eae5c34ece86b86669c13b00308a3b13c0ac3c83ff26fb52a4aa83c1233a9490cb9ca917a056908931751bddb88a62379a713395f0764e4a393faf253a4026d0472270e6036287d56850df1751543484d65b3062155b6300e0024241c59a862ae769c1a9232a2d9fb24705177a09cceb3eefbf9f106f67e01be14cdeb4d2fc7d8661df3e75de5ccd09a7e559f028fb9837c621ea0045b4d1b679067f246339c974631aa7134d4e910efb28d3c48929cef1df7e6c73668762d55086b6c59c36ac90154135fd7ca4e4047dd0aa161fa982d8edf9c0cb9666477e096c55718f6e4742415fefd4f696d1f1ccd6322bc19496ddebd36282a7c707d5b44113e30678e6e33ab7d34be04a59ac614d6a54134490998be02636fa91633d6294781c2b9a54c611c0045cfcfe81f49aa21b29d835cd2047c854486fd8e65a2ebf629f7ced602b9dd107bfde483e5c9b5cbba4a08cdce09920bda9978b7fc2b4a89bf1573a26389e52090fdf5dccf22111dc8c42fd3c8c477092895398086cc22cca665269e193fc650742a361a44b857d258429f701f22e9b7615bc3dab78c1479a41cf8575cdb17169470b347adfc03e03daea3e269725cfc72df5664b9df36d2f2b55013b71133e0b80577a47182511ebb308b6248d457bd2af7b28e77182c305241178c4124ab102771fd5a8c3dacb8775de881301d71587c76bcf0a97a72ad244d0c42fd71aceec32dd48bb5c9a95b391166c832ac5bac8c7cae4d18b3f7d9f2e4782fdf97732e3d51f67bbb57f989ee0d7589dbd0c2a5c63840e914b9d7d720fa120acbffebf816b588b2ccc052e7fa78992e0ea39dd21a122add41195f8e2e1acd777c1a4e8ef4362fef441feb4d9252c6bfbd2742152300a32027776e3341620d3c8d9365e10e81adcca7d87a0e555c98a0353c692557d90ee9be3fbaab766abf93e2462149fd99c92a5fc58d899ee75535cd1fe1386c5ab0b157c2102039d6015258f59cef3f15b951893a30ae839f740402a30b34e7be73796286403c5beb0853d856d83f1b00b48328f56dcb32e1faab08a3435b1482bf18b21c95aefeaafa7fd761c7f28d416fcde06bf7aee5c6e9eb50e55874253ba3f1d0ce2505b4fc7c3fc996bfbb8446bafe84f5bea94bfd7ca5aeaf237fe793b66e5c521d4092e4e1f9bde1dfcfe53fa55005d21cfa833a338fd9792614129336060e10d1911862070761aa20c2902eb7c5a355eff4cf6253d7102a2ca1fead4c53b57d576d104c081310d92797e4e2e8c269d19910d0d4cedf30fa28ba680c00137f83de940624229b6a125ce5233c6cf4a3640b74f58f288dad8451fbe37641c5559a5f3caf1299c8bfb230723652278fe378efd8e459b9da26cffeb58468a6301dbc06d713ba2d8d43d9038f5f2dc8b831ba58a88eeb5b1786b21e398aeeeb7c1f3d6f01d82b3947862fb9e7cbd7da5d04c5fcd34da28d53e2246e3ac1e3a619ad174efa6435eaa0fc94d610799ce0158421dce046306eb5042143daa336d52206b12610ea6389cdda49bf5af1d4ee42ac090a94ae7b7612073f3a5c36a2205eda887f41478f7d20f18667f941f71eebcfa76c1ab28f2a49a3bd56bd3f4e6bd079ab3fe2d94782236e83585a03e52907abaef7456a95d5d3f3d37efdc035dbfd7c41b8ba0af2df8adf1cf24f7ff0beccd3d26bc91caf42314ef7e466f74e19ae0df2e2298fc2f694a7ec134632035585d530e7e19f65c256f001d75382d9825ef741bc213af186377d9ca10d3722354e1897ca5c23ac6a52c9ad0e6b686e1776f7ec65df033e8f4d5db80c1bc354093b319cb70df93d610667675816328c99322f14e636b95f04e6497f139d508b453f53ddb5c289d849fd5407c9bdcefd1642abd46e28cb4e94371bdc606eeb67c9fe17747c68f2d50e82711da4d3edb0eda06f41b7f93fa8fb4d83cf21c79da67000bac2275508217ade1659fa8d24e5f8efb9f4bd21073ebef3d06368eb03fa3cf0d638448bd055ed20d292033ffdba538559c8ff9a2a5c8f83b5c393643d6585d1df994c3be43e72b8f3f53114d2a5f6bcedb573842b23b6a3eb7fca8495bf03bd03fde7b19bd39a16cec49e01f38e671af33cae082d9788e3202799bc466babec2080528d0609c0b731964719093735b4c1e73bd0705637c47516922197c552baeaf3516b5e3bbc2cd1afa3ef8215196ed580d9561092f620b897e98e786a0c7cbb0eedda8063292ba6482497f5f6bb62fb5ab4c97cb7658dc6579718eb97b547fcf47ced1426561af93a15fb4dc6d3d93b868644943c2c94b23b0570bbb81df2666c24f5abccfcdd71e209f3bb43c01d17f9bc8b9af2c26762fc6a741a150b7d1186e4f35175f3c315243e1c11e92c43a1fc492eef5a13c77a81fcf514ebfd0f8e645dae15a07e86b2f01fda065db4505a5eea83cb616f744f6bee731be191c65449c02603556d5a51422cf9c2f19f8d6843e0c1091e0708aa271e91f71c8602b9fa72189e036b7cb6af1569f21269283de94a6d7fe5849fd433d5b719c80419873db0587fc29786cc598d896fb16360bddd2ce12e54d05418f4f5e5f2d7aafe9fcd6268cbe2e9e6329ffb6c67fab8f3ce673028cc06aaa6b857556bba3b44d3fab5b6e875e70a2f3ad4b2ff76f31ead3462d3801ba373b3c2f545e94f57021575e2947f81f53283fc0a5137fd44fa3d074c92de54a0a3465c858f5a7ef08313faddbc3663e4e0167f3cba39612057a7518fbfb031f5ad0f9f75831973ebd733b82e554bf3fdec84e51f65dab6028c6c51366d9d4700fdf255e4c7bd70766e7f2281b3f2a5363f85ce49f9135904d14bcb117ad754c2594dcdca2d30e40ff265b5accfb116f64ed99aad570c4c5a91efdbb984ac651d8721405a0342cf77f448c17a152eabf29e88950558a86d0074e1cefab1eb7c366682f686ee1338737e675ea58eb8b4c86b9f28a6f6e96459f29e3b4dc59ff044c61a0dcc5c31d803e6e98420e446229ccdec3d0f705e92ffe016bb3696373eadab7f35ccf65ab4d9be09a085ce21bbd7c0555376e4d7fe68b5e7a64f48b5127825fb2be598d991f9c1a54bf52713417dcc599e812d85513a537e6eafa738edc972b67e065595d11678449bce6cd3d69800a649b560d0e057c502ca3e72e97820829ecfea801192c3f4e2c8763c095a43ee6fe45fe8730130937668df1d4ee577ada28238be03286481f2d2a004cc4d48856e71fbd64f1a0043a4520ecbbf1b3abdc96b87a27be8495a20542967aa4cd3a44a11502419a083d84e97abfde0901b66dde48388649a0ed6d93b9f20c530e990c7c52370a114d800d6ab3f6687d6bbc105b63738fe05fa6cac98ad6663936bb18cb923264e44312c24c2ce8e642bb73c921012b68a26a70977446b8f15f9d62467d8b356560c183a6bd6cd76ec868c3bd94a595cd7bf996755a508a814980c5e588b275200c45afd900c8c2de329ec2484b0e3ecd7b0960e5e3425881d1ff7f8bd8b20f5cc98ffc3acb77f5e88775a4bd3ab9f9eb027e27d3af55ebdf4eebab48ea911128d668d00fc3f5b5480aa0d9a4af563ba577384448e5425157133d59e1cef3c722f33700bd372825046b1fa5824e405154a3af1440bc2b75acfbd07cf92e8c162587e74b5ab66b1c6aeab3ad5fa3ee91da4900ef30ad04baea326df912517dd96e1696b4a91faa66675978a375e81f25464a1073dc6737af08d7e25956bb31d438548a7da38662d49db812a8cf1d6cc65f5c63879fd9ee7fd2a66ca3fc1a768cb239aab88c87206470b4c60592afeb6d69ed97a8f990155862ba4e22b64804142c131a23792937aa8a8696e165c24d7692a04bb4471b0f0d2507fe7c8618421428fc7a0acc984ca5cc6bacb772e8a717bbaa646f9643275910a6037afaf5a80678d18edda138a4e13d06d04a5d06431eab48738225cf1567e960e765728dc12e91b91c6f2b33dfb6e033aa68c1c2334d24335abc4a7a1df5636dec29091da54d5f5a1fff41e4a35a0c2f04f968f7d78e2f51c73577e2192bb20f289aaba5a175c2ed533855bd9ed9a842ad482136dd5e0cf45eb5e2d31ff62a3be1cf8a94a58316e74f4ab9fc54f3a0bb83beef0f355993bdea2c83e61cdc796bf2564ae51fae616799e8711998cd88d35cd9824452fdd65226174b46792cb87f4dd282e4e6f67eb66da413ad877ed6ce775f7e19bc93f48bb9e5ec04009de3c042aeacf7f4b25ad6b30e017303f64fe07ac79e8744aab6926d117f13513d0469cef335fe1d0d787c2d0b2c031a9521786ac10e9f8b768271680337f2c3262abdccb5d3107c632bf1f74c83ee91f49988222fb080cc8faa9b1a02526d8b6087e0b2354173d29016b3309587c16f057dd812aa63c3169150de81f3af97d082a8f8da4ce4f909ff649821d7f96d97613552e8cc4902e046ecfa329b1d980ff5ece69b8f1615fdff5244f41cec0af924624ae1641ecae5fa26c5fb9006e57100ee71377ced7c255ae17a0845e2ee0287c62c1852f93877f9f86157ca9675d383fff5cd6f2b001ec0136c07cf37f5ace1853122c2baa1092d418e2a490c4a5c8f56b828ce1bafeef4e77f095d6b4ed99d56f66812cb19be540ebe5d52e7eff2d69cbb8477e11514f7e3604bf9999f78c2f1ca6f60a2216b87fa0f25269c425b7d50709b200912b3b7899c95e12d6e9c4dacc19e327721860e0477a53e6793fbb7fb9704a848f395f48c24a6e79b9e1358cc3497251de88b8d3a7b22c6d8af1a7fab81530d9f0cc98f62debb222b54780d89794238532717b447d71b46a60ed481c21db85b590b31720009695ecffd4ef029964e5d5149622233ac013e960a005c924f73ea82c318455546c53d74aa3f7e2ff26aa074c40a55aba8b08027fc19b596eec6c4f89bae39e74b9aad88344f7cc5ad3eefa5095f2ab47222e9a357ecd71c6700ac576025201490d9e446603dfd4bda7617dd500981b2d2ab8c43882a5208494cb3f8ebc720bca8a7cf6c80bd7aaaf89507bb3412ea490a78973f12cc30413e9df1458917ea3d68b438d424c1314bc8d01939c5a5a842438281e62d0c800dee704b2a6cd3e1e4b885a6b26b894a98765fa3308c9e4b87f93625faecdb17c29a27cd243bf6030a67874ec9f2443cf8154261ac2a834c01cbe1f314ee7aa3ca552e1648cf8b42a63f249e3538026e09e44d69dc259adb0d1a0cbccb5a5dd5d0dccc90d023da79d5634188ff060f7e35a5f9d7ad99546824d63975d4452de876093f4e997dc46eedcd80a9eebf5e4f077fbb10c7d9e19a3419e7b845972a3b62613c5404a209b16fa88e0ff49d7b4f21fecc1f773c5b4be61021e0cab8602c6e8257649303aaeafcbb178e7a460ff07f219c46eb6fe5bf8113723e454003bd707767c107daf4255751daaf8decf35262640058924eb6587868b2c08230b317e97396ebc928ba8d274ca0eed0bfcb637676003c64e8c1e1a0420b6c96a44226061ced41b8448382abd2f3d0c472afcde231fbc9ee90c2f1132f8e2391246f95ad93354c7460e20de996ad0f61b13b27646887a637cede90b94b7d8c3130f0fe060e8d955c711a2700b302a75bdeb32a0a6802ea795cb114f5f82a1a381a86bbff88b299e47728b746dff964c94c52b661b9429376b1320b46081426b7c340206dc0da151bf84be2a49e78b6b5938753d2b1be8d9e67c43c5d70e72519f5f90d0500e84ee38f82b191ac4d968b0a37901fd923cb289d585693ac3c3f8a94fca6df45e694e199a9cd0b1bc1fa7394bcc96aae670dca6605a998793b7e067ac410ba631057b8b76fcbe9524df820c02efef1608b743cd2aa6d60d3d8e476fa12d3acc329f8272b087d89471177ed531fec1f9c24a975ca2fcd8c246a33e291a3f00b7f234052067a0059c86762475256bb5e7dac6f121a0925506b18933c6e314915d4b3b2130aafc2483ef22ff8bb7b887565b1bd22fabca22037d8fc9437f675c5313526266f60bb7c7c47f30c7d567ed142ea5ec367c4298328d20e5344f01c0c90cf8a6302f4d84b6ba7495fba314a05ba29b63bb6d458fdb05a4411136958309f418fb178e19aa09ff9e62b29732fb2986c96e738f7a688cb2122dbb8f2ad9a5f28bc49ec0c462413552afee8e403259b55ad6dc334dde7f2d306929dd01f2aa6036cafd41874522689301b81c9e50e86828894140356db0a3317b081ed9d8148c41e77e6bda6287762532b86eb91f5480915680deb8a91fb8656b7f0109064865d2b846af0861f67d3f720d6e306540cd7b68f095ef3690b88ea93fb6a402ff5697597cda83171f159e85307d1a8c01611189bd4eb4f0453ab88d43ae181a562a76902a67c687514079d6f4304d9a7c0fa24b6e86074ea0a9fd8187c120312078f5ebfa674adc0303734bf8f6b5585943706594192ad24c9f7d9794fb83758924f862855ddd50bff58b522c43d73c03289baec628cd693cab93101b1e473b76532510e10f03e86812fea6f2d6f5467dcf29e6d7cf8524f383a0ded3f0951c3ffb171a6b8a6d97b5fa8899a19f1a3d0e934a1d4741076e4394ba225158f697bf7d5651717c6950229a0be22e8120d76a414edbcd03d505264b7ede8272ccbd6dbdcebaf11daf6a652f6f9eb74ba7a3ecc942892891388005ae5d971e4e79d696564906dffd44845b704a9abc2fa5ba1bb69a548423a08044ad6d0e365db7e6bea0f3844a452759716cb98dcf326001ec90c1c343174098cdf47ea2e13341058ca014d2a30e9ba3c526de72a6e387181bf76a278c9cbc518d8c374a3f1d9802a39464a100903dbec16f8f095f5d82d9d09507281e4f7fe0ce4fbeced193902a5f658af2a4c1d0952dabdc6ae5830b6b5a2c3f5b8d33a73665990822e5f4a7ce5366755a1615543bdf78299c71e890e0bedb6ec277b10a389d6a3ba9c037221421279e51ab50fb115de2076cc99444202e88ebd9d0fbe4e60234b7b761495ac6c9e615ddac8176164a88fb6d6cc2b52672c8949afe3efc1e87a598896bc93e421423844fcaafe65af898a015b3bcaf623ebeef9a57155af5278ceb52b995f7ca466d9e18b05e86380679e0257cff6d0c6750078462f2ee4701d6d8289ed848b877cf5918625b7937060d667c11119881c30809056892352c6c53c01e395af6866ea350e6f21fa3db772c1177c759999973b51e11ffc5908", 0x2000, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)={0x78, 0x0, 0x80, {0xc, 0x0, 0x0, {0x0, 0x0, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffff, 0xfffffffe, 0x0, 0x0, 0x8000, 0x0, 0x0, r5, 0x1, 0x4}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r6 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x20c01, 0x0)
writev(r6, &(0x7f0000000200)=[{&(0x7f00000003c0)='n', 0x1}], 0x1)
dup3(r3, r6, 0x6700000000000000)
r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r7, 0xffffffffffffffff, 0x0)

21m51.211109154s ago: executing program 1 (id=198):
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x88000)
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, 0x0, 0xc000)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f0000000040), 0x0, 0x0)
read$msr(r1, &(0x7f0000001580)=""/102400, 0x19000)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_clone3(&(0x7f0000001240)={0x2d000000, 0x0, 0x0, 0x0, {0x36}, 0x0, 0x0, 0x0, 0x0}, 0x58)
ioctl$PPPIOCGCHAN(0xffffffffffffffff, 0x80047437, 0x0)

21m49.888376964s ago: executing program 1 (id=200):
socket(0x10, 0x803, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020700000000000002030207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000100850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r3}, 0x18)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB], 0x1c}}, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socket$kcm(0x2, 0xa, 0x2)
r5 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
sendmsg$802154_dgram(r5, &(0x7f00000001c0)={&(0x7f0000000000), 0x14, &(0x7f00000000c0)={&(0x7f0000000100)="9f9cac", 0x3}}, 0x0)

21m33.128815182s ago: executing program 32 (id=200):
socket(0x10, 0x803, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020700000000000002030207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000100850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r3}, 0x18)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB], 0x1c}}, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socket$kcm(0x2, 0xa, 0x2)
r5 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
sendmsg$802154_dgram(r5, &(0x7f00000001c0)={&(0x7f0000000000), 0x14, &(0x7f00000000c0)={&(0x7f0000000100)="9f9cac", 0x3}}, 0x0)

20m10.644515949s ago: executing program 0 (id=332):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder1\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
io_setup(0x5, 0xffffffffffffffff)
ioctl$sock_bt_bnep_BNEPGETCONNLIST(0xffffffffffffffff, 0x800442d2, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x0, 0x0, 0x0, @broadcast}]})
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r1 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r1, &(0x7f0000002700)=""/102392, 0x18ff8)
futex(0x0, 0x80, 0x1, &(0x7f0000000840)={0x0, 0x3938700}, &(0x7f0000000880)=0x2, 0x2)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/crypto\x00', 0x0, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r2, &(0x7f0000000180)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x27}}, 0x10)
connect$inet(r2, 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x100, 0x2})
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
r4 = dup3(r3, r0, 0x0)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r5, 0x0)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000300)={@flat=@weak_binder={0x77622a85, 0x100a, 0x8000000000}, @flat=@weak_binder={0x77622a85, 0x1100, 0x3}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0})

20m6.743011282s ago: executing program 0 (id=337):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec8500000075000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
timer_create(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x80)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
ioprio_set$pid(0x2, 0x0, 0x0)
mkdir(&(0x7f0000000000)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x80, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f0000000440)='./bus\x00')
open(&(0x7f0000000580)='./file1\x00', 0x80242, 0x1df2a23c5997fa5f)

20m4.863362477s ago: executing program 0 (id=339):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="1400000015000103000000000070000001"], 0x14}}, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000003d80)=@broute={'broute\x00', 0x20, 0x2, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000003780], 0x0, 0x0, 0x0}, 0x1c6)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
getpid()
read(r0, &(0x7f0000000080)=""/186, 0xba)
socket$nl_generic(0x10, 0x3, 0x10)

20m4.300452569s ago: executing program 0 (id=340):
socket$igmp(0x2, 0x3, 0x2)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r2, &(0x7f00000021c0)={0x2020, 0x0, <r3=>0x0, 0x0, <r4=>0x0}, 0x2020)
write$FUSE_INIT(r2, &(0x7f0000000040)={0x50, 0x0, r3, {0x7, 0x1f, 0xe0000000, 0x5e490420, 0x2, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}}, 0x50)
syz_fuse_handle_req(r2, &(0x7f000000e3c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d838aae8c05dd22d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r2, &(0x7f0000004200)="a28096c80abf3543ecde7564abff5085d2227ebcb0f164ae92706ad0b083a3f469a3efd15b4921e9c3063b98b3082068e7c31950dde842eac55df0f991453cad62a6956b0b6f7b8cf49b506a3060fe1127eca99663ade8efa89ee189acb5f3b92f6bc4c46621c803eed0d0bb5f32384870ed08f89d4f74445762fb99715e083c4c92a8878be19ffacc30d0f2da64f971cd40563163adc15670ecf25cd3ad96138967c4b53ad9d04b5193ab5fb674aa0030a9d703d1baf810ce897f969121f142161919e583c275671b999e7f363891dfdfdf3556d01b86ee29eca8fccbfeaf1771395148706cc6e6be7ce29fc9ffef061b5420950c1a525bf75ad06edec51538d1c5bbc77da72dc90fd9998936fffdda2427e5a68966c7e2208f76304680182ec73007e482f034195712af922db2726195d997708734db9e7825a864be00b2a4f800881fc0363f5e618398454f35b148b4ccb88d418269fac868a8ba4a2d5b4f06a1ac01b5ad158b842e05adca22c7372585bf4ce95560b6c1e021a3ed2ff7bd3b6b3c7734c3b66d7e4c460096312082f89b16baa6e73814aa60925780cd92cd65087e260ec046fc363264366a9df2c849c0644911303946adad544521ceb469a3e193ecc9a7876403fac461a4a70d6193b2451189a5c5120b3535e9edf619108af7f517b58abd3fa7fb1ab832213430d2e6901076fba9c9e1acc6c6f48ff0e419bbc45589745a176f52a7407ad5e3dd49acb31b47862806f47077dda04905e45a80a12cbcd4d2dd9fe66c2d1f99394fed8ec60961cd2dc7115a96ece432fac86d51bebb08b95f447a83792fe80291fca7b298c9043ef2c26f0f7e42798d3f54c84b94c24c76c555d83ecc53b99bb22d71845e5cf21a5ba7fbeffeb6306e1730db14561b950a3f24bcfd78d4ab0d97de8054bb1a6077ae7cca6e45d846d3df82298d07212922742cb0facac3b77edfbab90e9ee2d4f7b0ee9b17bb11ec5e5721340d84cb6bd93428167e69b47759172557acda313c3decdfc6fe9336bfade459f43b39d0f2289f9142db280f4ee668e650e12858c577e12e2b9a57ee66c834be97979bcbe94747fa5d8d0b7d3a9f8f218df1bf960f828429a1efe838616b18faf6629236ddbded43a093efae163228e5c38fd7714743c2fcca47e3382bcfb1ab893fd7377527b4ec43f3fa60ebd338161d8de7cad65b15579e4af258f5fe3a63c2637a15703207029b0899b5427767647baef11e291358e6e54f6f13d3d2ca7a5e7969e04d2733b3b9ab822c69a3cfac097384de5071a9b74a656136d55eb190df08747b509fd610ff62b4950ef71c934fe21a48a4931d3d9458b415f112cee65c660f5490e982341da1c58634b3967ca6f3596d20cc90f508382156e36f16539093240ef5f2aa6a2c0dff2a67df30dcf50bf6e0b82a3d49f2d532a8dde1b3ceefcf0837190b74186090d1c18b59917d7efce1adfb238ef4a7b1d22c4cef09320221de883e97e6882466508de06fcdabad3b741bdca2cff879d57ddda52f42b3dcb8a78cfc05826af7e4ff155960ff8491194f4d321ef195990abaeeefdcb852d1e1e3703f317385a9458b6c2dd9db830f757ec29c9939fc7313e639fe485bc1e41ddaaef3fbf1f7cc527c8fad0d21b8082482caad7bee440e5097665f636c3dfec82f8c98afb6243bc3944939675a594277d278ba4361461f7da52e224e4ce5dee4a467bf6ae9f67b61ac6eb0a440406abac2016eec907e241c57f5f44be47290fd0fef785ff04df3810ccd637b4d97a84bae8486a36f75d872e645fe46625969fc2d1f032c56ed44bd98ea27bd9b6ddc8eb2dc2ec9f90f2f1ca1bd20e37ac58b03c84c872f4ba47310654986641460dfdd531ac62a76ad87b89c103ac5c9c2e7e70c66447b3412d4a1e5cbc30e16939505116c04de33ae054ed366de8d1f971c2de439957a194e22a488f58d7efd46439177f3f3c45a1475927eecd846d3d2e6a2ab5c7f8addd99062c2fc6b272d1f51bb8f22f1b6f8bb3faf8aa85e5eb9abf7df5cf8f26267323808b0833a987989cbe59205e7ad06556e2d1b8a4873ca1cbcbc8d43abc145fd4eb832e7a58ab2c793d003ce7b1850ce45eb7480417a1e9eb9d39a1028a2a04a2aa649c098c4f8eee514db5f6021173bb254b8e22b150b2ca01dc7ff235db46ed78d07f43d1adab13b8445d1b32069eb45f9d389fcf5a3f7d3ebe243c5b1fe17b1f5a3d571b65f21b9e471e818172554dc956749b99cb7a5f303ec480d7194a2ba86e204f06aa1becdddc8c49082c527e7064ac2ad77dc05639d3d2a7778f6943ed6105ebf6f0b9e94fddbe05c236ec000f4d1d4e496b10068211ab68ada4c7f7ac61f5f5ba5f1810d5bbe87ff4f8356af0d3f682baedb0ad8f8488b277421f0a03fc5e3095ee34bc4472d8f17e3f7013cf2f79f5ff3ea4b6bae56d1365a33b09bfa9a496323f7da923b7e29dce4beb81035f13130004c96e56d7ef6ca6c101d20c27a218e623227c33c9e488b17e7ae9ac20da8240501f7b614a1730f164553fe479ef149866e4ea47296814284a3d3eb7cbb294289ffb996e0eb053b9c16e54cf267832e3d360eb196ed51305630223309ea97215628f01ec9d3ea48096418d5e962cac5063460f0a18772ec7ce66d14a1cce14b52c40bbbfafccbf1e76f09e57ff0718048e5b993157a6cf4718826b1e09430413a3596a15c4a620fa8c8e1d1663e5739f9f790ddbb3be0e00187d43717d659242467d8681ac10303346157f894d9037641417010e9654c6a5b22263e73a5a37128f50078a980c30930321aa5c5e7851d5d392ddce3a14a96916fa8421ae6728f37f5de7c3e98feb4babd4e1bd2315d595e209d52748f70adc2284fcdaa6ad880470d2a071f3490aaf3491fb64b4547419e8eccdc491a8921156cb4811ad1e66514a32b0b31b641438881f28c1e6461b4f451938999af671e8c6a5cd0c072a9fe4cdbefe24ca616f3d0a15ac97cca835b1a440e04fa28340c6044176c8ecc8ee0d033d47db8a0aacfa0eabdfa1c9509fc2604008f01cbafeb5bd2b503b809ed672340b9a576593f1ef388391b54b605e7a15bef7b1345627a34fca57738b0f8f4f19eea93c903495274a4425a1a1cc6c4c6e335b631df5185c95b485e4257867b5347a40e4e14dcc560f061fd4fd265137dc68afd548adde778f1330f769acb1ccf5da14ff6992c24e210ea6e6179421881b803393bc6974e37106c5b5b3b5d0b3469f8969bffb7e4ceb2c98e928e74366492d27235ae4c74a2f48511aeeaa53a2beafa7a331b50e454c507af1b63350a5cef35668a5b9325014192277e509561008b3601088f79d42eaa8b1e4ae2000b31749e2b8094312ddb7f3c1cd625ef885c11fa22a66e374b52b3425e0b8016154e1fd8471339e32e7373d63ab646d893fbe09ae07b06074c01401ea76b3c382a9d32f24f93c789964e16bc4206ecd75c10917ab84ffd8d6cdf4cd28fd90375ff28518f8c1a3befc538e1b9e427fb671988d29f2fb2fcd039f4d341c84eb4d7cf600ddaba88bb094e4d87a1419180149f491368e648b69985b05ac39a4ecdd3c5135f3a5c8ad7792dacb6470144bb9e67805a211efb3ec9ccaf8e0901345fb19e4da579e1fbe86a1207f4f13c3436009c2c640b7cf3f8b77ca7bd994bf93308027359c6dd1b7db1e153fc0821968ef36c003b6c73fe890f4de24f5c6458dbaaf3819edeaa91783c3cfc7e773689236248195c7bbd60113f2476fa3687621d668d1728ee433d2f8f4db707345d30f1e52ab87a2a0afd547c6bb06500f59f17facde48f693490e22494b75d11df1a143b85068d143ef6a9bb5937a9df380c8948f1a01e9675e18409edb0f6b9605b68e34632fcce472dc50b90b0f6dcd57931f78e1e8861a0fb62e72b0baad6f9d23c1cfb0f19b25013c8d9fcd786a2f6f79768b5fb398f7b2baa31ce8156d1fc4a46c1c463fdf30360d42aeed2ef11611d0b7f654bb51052fd4dc39328f8ec4c58bbda05e6f1b3c8f6d8adca0268f2410e9a4a7d63b6616006d0e02f6edacc10e5c54fd85f15a8bd7648a293f23d6a699bd9a675250475a73a96d7475e4fabb89fb5e7de5d7a3479aa485c0befc60d0ac4fd5ac6dbecceb06cad86e219fc0ce4720758917811a3215f8d13e413bfb64fc065fc421aede0b56691797dac428c7e463479fa591b9072c309b7533e427c5cc11a1f6cf9a5b995d328d796d874c5b55dfc12a5039b413ce319cf5ba1f355c4e0717d32650b43e18010f37f048731931c52c4f36eb969dda702afe96c2a5241350a67ba2d026946189c5e281293c9a8e2cff3784776f1de78b917101b54e5ab00c045ea15f28a0e3f509962cf8bd3385d85250737eae5c34ece86b86669c13b00308a3b13c0ac3c83ff26fb52a4aa83c1233a9490cb9ca917a056908931751bddb88a62379a713395f0764e4a393faf253a4026d0472270e6036287d56850df1751543484d65b3062155b6300e0024241c59a862ae769c1a9232a2d9fb24705177a09cceb3eefbf9f106f67e01be14cdeb4d2fc7d8661df3e75de5ccd09a7e559f028fb9837c621ea0045b4d1b679067f246339c974631aa7134d4e910efb28d3c48929cef1df7e6c73668762d55086b6c59c36ac90154135fd7ca4e4047dd0aa161fa982d8edf9c0cb9666477e096c55718f6e4742415fefd4f696d1f1ccd6322bc19496ddebd36282a7c707d5b44113e30678e6e33ab7d34be04a59ac614d6a54134490998be02636fa91633d6294781c2b9a54c611c0045cfcfe81f49aa21b29d835cd2047c854486fd8e65a2ebf629f7ced602b9dd107bfde483e5c9b5cbba4a08cdce09920bda9978b7fc2b4a89bf1573a26389e52090fdf5dccf22111dc8c42fd3c8c477092895398086cc22cca665269e193fc650742a361a44b857d258429f701f22e9b7615bc3dab78c1479a41cf8575cdb17169470b347adfc03e03daea3e269725cfc72df5664b9df36d2f2b55013b71133e0b80577a47182511ebb308b6248d457bd2af7b28e77182c305241178c4124ab102771fd5a8c3dacb8775de881301d71587c76bcf0a97a72ad244d0c42fd71aceec32dd48bb5c9a95b391166c832ac5bac8c7cae4d18b3f7d9f2e4782fdf97732e3d51f67bbb57f989ee0d7589dbd0c2a5c63840e914b9d7d720fa120acbffebf816b588b2ccc052e7fa78992e0ea39dd21a122add41195f8e2e1acd777c1a4e8ef4362fef441feb4d9252c6bfbd2742152300a32027776e3341620d3c8d9365e10e81adcca7d87a0e555c98a0353c692557d90ee9be3fbaab766abf93e2462149fd99c92a5fc58d899ee75535cd1fe1386c5ab0b157c2102039d6015258f59cef3f15b951893a30ae839f740402a30b34e7be73796286403c5beb0853d856d83f1b00b48328f56dcb32e1faab08a3435b1482bf18b21c95aefeaafa7fd761c7f28d416fcde06bf7aee5c6e9eb50e55874253ba3f1d0ce2505b4fc7c3fc996bfbb8446bafe84f5bea94bfd7ca5aeaf237fe793b66e5c521d4092e4e1f9bde1dfcfe53fa55005d21cfa833a338fd9792614129336060e10d1911862070761aa20c2902eb7c5a355eff4cf6253d7102a2ca1fead4c53b57d576d104c081310d92797e4e2e8c269d19910d0d4cedf30fa28ba680c00137f83de940624229b6a125ce5233c6cf4a3640b74f58f288dad8451fbe37641c5559a5f3caf1299c8bfb230723652278fe378efd8e459b9da26cffeb58468a6301dbc06d713ba2d8d43d9038f5f2dc8b831ba58a88eeb5b1786b21e398aeeeb7c1f3d6f01d82b3947862fb9e7cbd7da5d04c5fcd34da28d53e2246e3ac1e3a619ad174efa6435eaa0fc94d610799ce0158421dce046306eb5042143daa336d52206b12610ea6389cdda49bf5af1d4ee42ac090a94ae7b7612073f3a5c36a2205eda887f41478f7d20f18667f941f71eebcfa76c1ab28f2a49a3bd56bd3f4e6bd079ab3fe2d94782236e83585a03e52907abaef7456a95d5d3f3d37efdc035dbfd7c41b8ba0af2df8adf1cf24f7ff0beccd3d26bc91caf42314ef7e466f74e19ae0df2e2298fc2f694a7ec134632035585d530e7e19f65c256f001d75382d9825ef741bc213af186377d9ca10d3722354e1897ca5c23ac6a52c9ad0e6b686e1776f7ec65df033e8f4d5db80c1bc354093b319cb70df93d610667675816328c99322f14e636b95f04e6497f139d508b453f53ddb5c289d849fd5407c9bdcefd1642abd46e28cb4e94371bdc606eeb67c9fe17747c68f2d50e82711da4d3edb0eda06f41b7f93fa8fb4d83cf21c79da67000bac2275508217ade1659fa8d24e5f8efb9f4bd21073ebef3d06368eb03fa3cf0d638448bd055ed20d292033ffdba538559c8ff9a2a5c8f83b5c393643d6585d1df994c3be43e72b8f3f53114d2a5f6bcedb573842b23b6a3eb7fca8495bf03bd03fde7b19bd39a16cec49e01f38e671af33cae082d9788e3202799bc466babec2080528d0609c0b731964719093735b4c1e73bd0705637c47516922197c552baeaf3516b5e3bbc2cd1afa3ef8215196ed580d9561092f620b897e98e786a0c7cbb0eedda8063292ba6482497f5f6bb62fb5ab4c97cb7658dc6579718eb97b547fcf47ced1426561af93a15fb4dc6d3d93b868644943c2c94b23b0570bbb81df2666c24f5abccfcdd71e209f3bb43c01d17f9bc8b9af2c26762fc6a741a150b7d1186e4f35175f3c315243e1c11e92c43a1fc492eef5a13c77a81fcf514ebfd0f8e645dae15a07e86b2f01fda065db4505a5eea83cb616f744f6bee731be191c65449c02603556d5a51422cf9c2f19f8d6843e0c1091e0708aa271e91f71c8602b9fa72189e036b7cb6af1569f21269283de94a6d7fe5849fd433d5b719c80419873db0587fc29786cc598d896fb16360bddd2ce12e54d05418f4f5e5f2d7aafe9fcd6268cbe2e9e6329ffb6c67fab8f3ce673028cc06aaa6b857556bba3b44d3fab5b6e875e70a2f3ad4b2ff76f31ead3462d3801ba373b3c2f545e94f57021575e2947f81f53283fc0a5137fd44fa3d074c92de54a0a3465c858f5a7ef08313faddbc3663e4e0167f3cba39612057a7518fbfb031f5ad0f9f75831973ebd733b82e554bf3fdec84e51f65dab6028c6c51366d9d4700fdf255e4c7bd70766e7f2281b3f2a5363f85ce49f9135904d14bcb117ad754c2594dcdca2d30e40ff265b5accfb116f64ed99aad570c4c5a91efdbb984ac651d8721405a0342cf77f448c17a152eabf29e88950558a86d0074e1cefab1eb7c366682f686ee1338737e675ea58eb8b4c86b9f28a6f6e96459f29e3b4dc59ff044c61a0dcc5c31d803e6e98420e446229ccdec3d0f705e92ffe016bb3696373eadab7f35ccf65ab4d9be09a085ce21bbd7c0555376e4d7fe68b5e7a64f48b5127825fb2be598d991f9c1a54bf52713417dcc599e812d85513a537e6eafa738edc972b67e065595d11678449bce6cd3d69800a649b560d0e057c502ca3e72e97820829ecfea801192c3f4e2c8763c095a43ee6fe45fe8730130937668df1d4ee577ada28238be03286481f2d2a004cc4d48856e71fbd64f1a0043a4520ecbbf1b3abdc96b87a27be8495a20542967aa4cd3a44a11502419a083d84e97abfde0901b66dde48388649a0ed6d93b9f20c530e990c7c52370a114d800d6ab3f6687d6bbc105b63738fe05fa6cac98ad6663936bb18cb923264e44312c24c2ce8e642bb73c921012b68a26a70977446b8f15f9d62467d8b356560c183a6bd6cd76ec868c3bd94a595cd7bf996755a508a814980c5e588b275200c45afd900c8c2de329ec2484b0e3ecd7b0960e5e3425881d1ff7f8bd8b20f5cc98ffc3acb77f5e88775a4bd3ab9f9eb027e27d3af55ebdf4eebab48ea911128d668d00fc3f5b5480aa0d9a4af563ba577384448e5425157133d59e1cef3c722f33700bd372825046b1fa5824e405154a3af1440bc2b75acfbd07cf92e8c162587e74b5ab66b1c6aeab3ad5fa3ee91da4900ef30ad04baea326df912517dd96e1696b4a91faa66675978a375e81f25464a1073dc6737af08d7e25956bb31d438548a7da38662d49db812a8cf1d6cc65f5c63879fd9ee7fd2a66ca3fc1a768cb239aab88c87206470b4c60592afeb6d69ed97a8f990155862ba4e22b64804142c131a23792937aa8a8696e165c24d7692a04bb4471b0f0d2507fe7c8618421428fc7a0acc984ca5cc6bacb772e8a717bbaa646f9643275910a6037afaf5a80678d18edda138a4e13d06d04a5d06431eab48738225cf1567e960e765728dc12e91b91c6f2b33dfb6e033aa68c1c2334d24335abc4a7a1df5636dec29091da54d5f5a1fff41e4a35a0c2f04f968f7d78e2f51c73577e2192bb20f289aaba5a175c2ed533855bd9ed9a842ad482136dd5e0cf45eb5e2d31ff62a3be1cf8a94a58316e74f4ab9fc54f3a0bb83beef0f355993bdea2c83e61cdc796bf2564ae51fae616799e8711998cd88d35cd9824452fdd65226174b46792cb87f4dd282e4e6f67eb66da413ad877ed6ce775f7e19bc93f48bb9e5ec04009de3c042aeacf7f4b25ad6b30e017303f64fe07ac79e8744aab6926d117f13513d0469cef335fe1d0d787c2d0b2c031a9521786ac10e9f8b768271680337f2c3262abdccb5d3107c632bf1f74c83ee91f49988222fb080cc8faa9b1a02526d8b6087e0b2354173d29016b3309587c16f057dd812aa63c3169150de81f3af97d082a8f8da4ce4f909ff649821d7f96d97613552e8cc4902e046ecfa329b1d980ff5ece69b8f1615fdff5244f41cec0af924624ae1641ecae5fa26c5fb9006e57100ee71377ced7c255ae17a0845e2ee0287c62c1852f93877f9f86157ca9675d383fff5cd6f2b001ec0136c07cf37f5ace1853122c2baa1092d418e2a490c4a5c8f56b828ce1bafeef4e77f095d6b4ed99d56f66812cb19be540ebe5d52e7eff2d69cbb8477e11514f7e3604bf9999f78c2f1ca6f60a2216b87fa0f25269c425b7d50709b200912b3b7899c95e12d6e9c4dacc19e327721860e0477a53e6793fbb7fb9704a848f395f48c24a6e79b9e1358cc3497251de88b8d3a7b22c6d8af1a7fab81530d9f0cc98f62debb222b54780d89794238532717b447d71b46a60ed481c21db85b590b31720009695ecffd4ef029964e5d5149622233ac013e960a005c924f73ea82c318455546c53d74aa3f7e2ff26aa074c40a55aba8b08027fc19b596eec6c4f89bae39e74b9aad88344f7cc5ad3eefa5095f2ab47222e9a357ecd71c6700ac576025201490d9e446603dfd4bda7617dd500981b2d2ab8c43882a5208494cb3f8ebc720bca8a7cf6c80bd7aaaf89507bb3412ea490a78973f12cc30413e9df1458917ea3d68b438d424c1314bc8d01939c5a5a842438281e62d0c800dee704b2a6cd3e1e4b885a6b26b894a98765fa3308c9e4b87f93625faecdb17c29a27cd243bf6030a67874ec9f2443cf8154261ac2a834c01cbe1f314ee7aa3ca552e1648cf8b42a63f249e3538026e09e44d69dc259adb0d1a0cbccb5a5dd5d0dccc90d023da79d5634188ff060f7e35a5f9d7ad99546824d63975d4452de876093f4e997dc46eedcd80a9eebf5e4f077fbb10c7d9e19a3419e7b845972a3b62613c5404a209b16fa88e0ff49d7b4f21fecc1f773c5b4be61021e0cab8602c6e8257649303aaeafcbb178e7a460ff07f219c46eb6fe5bf8113723e454003bd707767c107daf4255751daaf8decf35262640058924eb6587868b2c08230b317e97396ebc928ba8d274ca0eed0bfcb637676003c64e8c1e1a0420b6c96a44226061ced41b8448382abd2f3d0c472afcde231fbc9ee90c2f1132f8e2391246f95ad93354c7460e20de996ad0f61b13b27646887a637cede90b94b7d8c3130f0fe060e8d955c711a2700b302a75bdeb32a0a6802ea795cb114f5f82a1a381a86bbff88b299e47728b746dff964c94c52b661b9429376b1320b46081426b7c340206dc0da151bf84be2a49e78b6b5938753d2b1be8d9e67c43c5d70e72519f5f90d0500e84ee38f82b191ac4d968b0a37901fd923cb289d585693ac3c3f8a94fca6df45e694e199a9cd0b1bc1fa7394bcc96aae670dca6605a998793b7e067ac410ba631057b8b76fcbe9524df820c02efef1608b743cd2aa6d60d3d8e476fa12d3acc329f8272b087d89471177ed531fec1f9c24a975ca2fcd8c246a33e291a3f00b7f234052067a0059c86762475256bb5e7dac6f121a0925506b18933c6e314915d4b3b2130aafc2483ef22ff8bb7b887565b1bd22fabca22037d8fc9437f675c5313526266f60bb7c7c47f30c7d567ed142ea5ec367c4298328d20e5344f01c0c90cf8a6302f4d84b6ba7495fba314a05ba29b63bb6d458fdb05a4411136958309f418fb178e19aa09ff9e62b29732fb2986c96e738f7a688cb2122dbb8f2ad9a5f28bc49ec0c462413552afee8e403259b55ad6dc334dde7f2d306929dd01f2aa6036cafd41874522689301b81c9e50e86828894140356db0a3317b081ed9d8148c41e77e6bda6287762532b86eb91f5480915680deb8a91fb8656b7f0109064865d2b846af0861f67d3f720d6e306540cd7b68f095ef3690b88ea93fb6a402ff5697597cda83171f159e85307d1a8c01611189bd4eb4f0453ab88d43ae181a562a76902a67c687514079d6f4304d9a7c0fa24b6e86074ea0a9fd8187c120312078f5ebfa674adc0303734bf8f6b5585943706594192ad24c9f7d9794fb83758924f862855ddd50bff58b522c43d73c03289baec628cd693cab93101b1e473b76532510e10f03e86812fea6f2d6f5467dcf29e6d7cf8524f383a0ded3f0951c3ffb171a6b8a6d97b5fa8899a19f1a3d0e934a1d4741076e4394ba225158f697bf7d5651717c6950229a0be22e8120d76a414edbcd03d505264b7ede8272ccbd6dbdcebaf11daf6a652f6f9eb74ba7a3ecc942892891388005ae5d971e4e79d696564906dffd44845b704a9abc2fa5ba1bb69a548423a08044ad6d0e365db7e6bea0f3844a452759716cb98dcf326001ec90c1c343174098cdf47ea2e13341058ca014d2a30e9ba3c526de72a6e387181bf76a278c9cbc518d8c374a3f1d9802a39464a100903dbec16f8f095f5d82d9d09507281e4f7fe0ce4fbeced193902a5f658af2a4c1d0952dabdc6ae5830b6b5a2c3f5b8d33a73665990822e5f4a7ce5366755a1615543bdf78299c71e890e0bedb6ec277b10a389d6a3ba9c037221421279e51ab50fb115de2076cc99444202e88ebd9d0fbe4e60234b7b761495ac6c9e615ddac8176164a88fb6d6cc2b52672c8949afe3efc1e87a598896bc93e421423844fcaafe65af898a015b3bcaf623ebeef9a57155af5278ceb52b995f7ca466d9e18b05e86380679e0257cff6d0c6750078462f2ee4701d6d8289ed848b877cf5918625b7937060d667c11119881c30809056892352c6c53c01e395af6866ea350e6f21fa3db772c1177c759999973b51e11ffc5908", 0x2000, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)={0x78, 0x0, 0x80, {0xc, 0x0, 0x0, {0x0, 0x0, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffff, 0xfffffffe, 0x0, 0x0, 0x8000, 0x0, 0x0, r4, 0x1, 0x4}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x20c01, 0x0)
writev(r5, &(0x7f0000000200)=[{&(0x7f00000003c0)='n', 0x1}], 0x1)
dup3(r2, r5, 0x6700000000000000)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r6, 0xffffffffffffffff, 0x0)

20m3.233572947s ago: executing program 0 (id=343):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
timer_create(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x80)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
ioprio_set$pid(0x2, 0x0, 0x0)
mkdir(&(0x7f0000000000)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x80, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f0000000440)='./bus\x00')
open(&(0x7f0000000580)='./file1\x00', 0x80242, 0x1df2a23c5997fa5f)

20m0.264416792s ago: executing program 0 (id=347):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder1\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
io_setup(0x5, 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
ioctl$sock_bt_bnep_BNEPGETCONNLIST(0xffffffffffffffff, 0x800442d2, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
r1 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r1, &(0x7f0000002700)=""/102392, 0x18ff8)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
r3 = dup3(r2, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000300)={@flat=@weak_binder={0x77622a85, 0x100a, 0x8000000000}, @flat=@weak_binder={0x77622a85, 0x1100, 0x3}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0})

19m44.824796131s ago: executing program 33 (id=347):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder1\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
io_setup(0x5, 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
ioctl$sock_bt_bnep_BNEPGETCONNLIST(0xffffffffffffffff, 0x800442d2, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
r1 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r1, &(0x7f0000002700)=""/102392, 0x18ff8)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
r3 = dup3(r2, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000300)={@flat=@weak_binder={0x77622a85, 0x100a, 0x8000000000}, @flat=@weak_binder={0x77622a85, 0x1100, 0x3}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0})

4m39.813038183s ago: executing program 4 (id=1764):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r3}, 0x10)
r4 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r4, 0x4010640d, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r4, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000480)=[<r5=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r4, 0xc02064b6, &(0x7f00000001c0)={r5, <r6=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r4, 0xc02064b9, &(0x7f00000002c0)={&(0x7f0000000400)=[<r7=>0x0], 0x0, 0x1, r6})
ioctl$DRM_IOCTL_MODE_ATOMIC(r4, 0xc03864bc, &(0x7f0000000040)={0x0, 0x1, &(0x7f00000000c0)=[0x0], &(0x7f0000000280), &(0x7f0000000300)=[r7], &(0x7f0000000340)})
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f00000001c0)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
r10 = syz_io_uring_setup(0x88d, &(0x7f0000000140)={0x0, 0xcfe8, 0x0, 0xffffffff, 0x121}, &(0x7f0000000100)=<r11=>0x0, 0x0)
syz_io_uring_submit(r11, 0x0, 0x0)
r12 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r13 = syz_genetlink_get_family_id$nfc(&(0x7f0000000480), r12)
sendmsg$NFC_CMD_LLC_SET_PARAMS(r12, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000500)={0x1c, r13, 0x101, 0x0, 0x0, {}, [@NFC_ATTR_LLC_PARAM_MIUX={0x6, 0x11, 0xf00}]}, 0x1c}}, 0x0)
io_uring_enter(r10, 0x47f6, 0x0, 0x0, 0x0, 0x0)
recvmsg(r8, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, 0x0}, 0x1f00)
sendmsg$tipc(r9, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{0x0}], 0x1}, 0x0)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(0xffffffffffffffff, 0x4040534e, &(0x7f0000000000)={0x110, @tick=0x1, 0x78, {0x4, 0x1}, 0x3a, 0x0, 0x2})
ioctl$VIDIOC_G_FMT(0xffffffffffffffff, 0xc0d05604, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.cpu/syz0\x00', 0x1ff)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))

4m38.767232948s ago: executing program 4 (id=1765):
ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(0xffffffffffffffff, 0xc4c85512, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x4, &(0x7f00000002c0)={@local={0xac, 0x2, 0x44, 0xa}, @private=0x5000000}, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000300)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket(0x10, 0x803, 0x0)
r4 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000000080)={0xaa, 0x1})
ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ff2000/0xe000)=nil, 0xe000}, 0x3})
ioctl$UFFDIO_COPY(r4, 0xc028aa05, &(0x7f00000000c0)={&(0x7f0000ff9000/0x2000)=nil, &(0x7f0000ffe000/0x1000)=nil, 0x2000, 0x2})

4m37.375748025s ago: executing program 4 (id=1768):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r3}, 0x10)
r4 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r4, 0x4010640d, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r4, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000480)=[<r5=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r4, 0xc02064b6, &(0x7f00000001c0)={r5, <r6=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r4, 0xc02064b9, &(0x7f00000002c0)={&(0x7f0000000400)=[0x0], &(0x7f0000000280), 0x1, r6})
ioctl$DRM_IOCTL_MODE_ATOMIC(r4, 0xc03864bc, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f00000001c0)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
r9 = syz_io_uring_setup(0x88d, &(0x7f0000000140)={0x0, 0xcfe8, 0x0, 0xffffffff, 0x121}, &(0x7f0000000100)=<r10=>0x0, 0x0)
syz_io_uring_submit(r10, 0x0, 0x0)
r11 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r12 = syz_genetlink_get_family_id$nfc(&(0x7f0000000480), r11)
sendmsg$NFC_CMD_LLC_SET_PARAMS(r11, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000500)={0x1c, r12, 0x101, 0x0, 0x0, {}, [@NFC_ATTR_LLC_PARAM_MIUX={0x6, 0x11, 0xf00}]}, 0x1c}}, 0x0)
io_uring_enter(r9, 0x47f6, 0x0, 0x0, 0x0, 0x0)
recvmsg(r7, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, 0x0}, 0x1f00)
sendmsg$tipc(r8, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{0x0}], 0x1}, 0x0)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(0xffffffffffffffff, 0x4040534e, &(0x7f0000000000)={0x110, @tick=0x1, 0x78, {0x4, 0x1}, 0x3a, 0x0, 0x2})
ioctl$VIDIOC_G_FMT(0xffffffffffffffff, 0xc0d05604, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.cpu/syz0\x00', 0x1ff)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))

4m36.067706171s ago: executing program 4 (id=1769):
syz_open_dev$sndctrl(0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r2, 0x0, 0xd}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8d}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000540)=0x4)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
syz_io_uring_setup(0x5add, &(0x7f0000000040)={0x0, 0xc19d, 0x1, 0x5, 0x61}, &(0x7f00000000c0), &(0x7f0000000280))
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r5, 0x84, 0x6b, &(0x7f0000000140)=[@in={0x2, 0x4e22, @private=0xa010102}], 0x10)
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r6, 0x84, 0x6f, &(0x7f0000000300)={0x0, 0x10, &(0x7f0000000100)=[@in={0x2, 0x4e20, @private=0xa010103}]}, &(0x7f0000000380)=0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r6, 0x84, 0x1d, &(0x7f0000000000)={0x1, [<r7=>0x0]}, &(0x7f0000000080)=0x8)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r5, 0x84, 0x1f, &(0x7f0000000400)={r7, @in={{0x2, 0x4e22, @private=0xa010102}}, 0x9, 0x401}, &(0x7f0000000280)=0x90)
r8 = dup2(r2, r3)
bind$l2tp6(r8, 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r8, 0xc0502100, &(0x7f00000003c0)={0x0, <r9=>0x0})
prlimit64(r9, 0xa, &(0x7f0000000000)={0xffffffff, 0x7fffffff}, &(0x7f0000000180))
bind$inet(r4, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r4, &(0x7f0000000100)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r4, &(0x7f0000007fc0), 0x800001d, 0x1c)

4m30.816438578s ago: executing program 4 (id=1771):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendto$inet6(r0, 0x0, 0x0, 0x0, 0x0, 0x0)
preadv(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f00000003c0)=""/223, 0xdf}], 0x1, 0x5, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r1 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x141341)
ioctl$USBDEVFS_CONTROL(r1, 0xc0185500, &(0x7f00000000c0)={0x80, 0x6, 0x2fe, 0xe5, 0xe0, 0x0, 0x0})

4m30.684151457s ago: executing program 4 (id=1773):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000380), r0)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="18000000240001030000000000000000010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000)
recvmmsg(r0, &(0x7f0000002c00)=[{{0x0, 0x0, 0x0}, 0x6}, {{0x0, 0x0, 0x0}, 0x2046}, {{0x0, 0x0, 0x0}, 0x401}, {{0x0, 0x0, 0x0}, 0x101}, {{0x0, 0x0, 0x0}, 0x40}, {{0x0, 0x0, 0x0}, 0x80000007}, {{0x0, 0x0, &(0x7f0000000600)=[{&(0x7f0000000540)=""/107, 0x6b}, {&(0x7f0000004500)=""/4112, 0x1010}, {&(0x7f0000001900)=""/4093, 0xffd}, {&(0x7f0000000900)=""/100, 0x64}, {&(0x7f0000000040)=""/96, 0x60}, {&(0x7f0000000340)=""/63, 0x3f}, {&(0x7f00000000c0)=""/107, 0x6b}, {&(0x7f0000000800)=""/114, 0x72}, {&(0x7f0000001800)=""/203, 0xcb}], 0x9}, 0x4}, {{0x0, 0x0, 0x0}, 0x8}], 0x8, 0x2, 0x0)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
getsockopt$SO_J1939_ERRQUEUE(r1, 0x6b, 0x4, 0x0, &(0x7f0000000a40))
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xc, &(0x7f0000000c40)=ANY=[@ANYBLOB="1800000000000000000000004b000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000006000000850000002d000000a0bf118faa0b3f79d926bbf1151485000000110000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x3, &(0x7f0000000200)=[{0x1d, 0x0, 0x1}, {0x4}, {0x6, 0x40, 0x0, 0x6}]})
bpf$PROG_BIND_MAP(0xa, &(0x7f00000007c0)={r2}, 0xc)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000600)=@getnexthop={0x20, 0x6a, 0x3265e22d371e5647, 0x70bd2c, 0x25dfdbfd, {}, [@NHA_OIF={0x8}]}, 0x20}, 0x1, 0x0, 0x0, 0x4000000}, 0x10000000)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r4)
r6 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000180)={'wlan1\x00', <r8=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000004c0)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010027bd7000fcdbdf254400000008000300", @ANYRES32=r8, @ANYBLOB="0a001800030303030303000004005a8020005a8018000080140005"], 0x4c}}, 0x4040810)
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000240)={&(0x7f0000000a80)={0x1bc, r5, 0x100, 0x70bd27, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_TX_NO_CCK_RATE={0x4}, @NL80211_ATTR_TX_NO_CCK_RATE={0x4}, @NL80211_ATTR_TX_NO_CCK_RATE={0x4}, @NL80211_ATTR_OFFCHANNEL_TX_OK={0x4}, @NL80211_ATTR_CSA_C_OFFSETS_TX={0x6, 0xcd, [0x6]}, @NL80211_ATTR_FRAME={0x161, 0x33, @probe_request={{{0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1}, {0x9}, @broadcast, @broadcast, @initial, {0x9, 0xf61}, @value=@ver_80211n={0x0, 0x8, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1}}, @void, @void, @void, @val={0x2d, 0x1a, {0x800, 0x2, 0x0, 0x0, {0x8, 0xb38, 0x0, 0x8, 0x0, 0x1, 0x1, 0x1}, 0x300, 0x0, 0x8}}, @void, [{0xdd, 0x23, "dc909809ab18709a70b64b033984114b14ad785d01052666b47b4f9c1683e54f7c4875"}, {0xdd, 0xfe, "6ce0c7ec8893ef694aac8e8cfb0a6945dc3f95daa12c648e78e1c897e8d8524c31ce4bf219b233365d14eaed5ef3943aeb6a10ecaf6899c13d44435137c3620ae26caaa2cc26dc2ff6f5bdb92c63f94c54417ad50344becc4e30fb4d60cff0d956e5b061bc9b39a1ccf114a1fe2ced74651a43897666407476fc584d123b63e0e87f6f26f55c1681011fed4d628408c0515a4a1d977c97a3c4b9b27921dcaa001535a1001cc57d1323d5602989af57745d0a43952426958015859275e282906405f9b3c2f6d391c628d2957d3422a041cef48fa8f8abdc0db86458a71708a534e136398496ec2b283e4bda03fd1379b171144871d4849ad4e5496839b25c"}]}}, @NL80211_ATTR_CSA_C_OFFSETS_TX={0x14, 0xcd, [0x9, 0xd7, 0x76, 0x3, 0x401, 0x6, 0xb, 0x8613]}, @NL80211_ATTR_OFFCHANNEL_TX_OK={0x4}, @NL80211_ATTR_CSA_C_OFFSETS_TX={0xa, 0xcd, [0x1, 0xff72, 0xfffc]}]}, 0x1bc}, 0x1, 0x0, 0x0, 0x4000014}, 0x80)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000000), r0)
sendmsg$nl_route(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000740)=ANY=[@ANYBLOB="6c00000010001fff010000000000000000060000", @ANYRES32=0x0, @ANYBLOB="81ffffff00000000440012800b00010067656e6576650000340002800500090000000000050009000100000005000a000000000005000300f90000000500040040000000050004000800000008000a00", @ANYRES32], 0x6c}}, 0x40)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000d00), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r9, &(0x7f0000000100)={0x0, 0xf0, &(0x7f00000000c0)={&(0x7f0000000000)={0x34, r10, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_FEATURES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_FEATURES_WANTED={0x8, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x10, 0x3, 0x0, 0x1, [{0x0, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x0, 0x1, 0x22}]}]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x1}, 0x0)
getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, &(0x7f0000000440)=<r11=>0x0, &(0x7f0000000480)=0x4)
r12 = socket$igmp6(0xa, 0x3, 0x2)
r13 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r13, 0x8933, &(0x7f0000000080)={'geneve1\x00', <r14=>0x0})
ioctl$sock_inet6_SIOCADDRT(r12, 0x890b, &(0x7f00000005c0)={@dev={0xfe, 0x80, '\x00', 0x3c}, @remote, @remote, 0x9, 0x2, 0x0, 0x0, 0xb7, 0xc20022, r14})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r6, 0x89f1, &(0x7f0000000500)={'syztnl1\x00', &(0x7f00000006c0)={'ip6_vti0\x00', <r15=>0x0, 0x2, 0x38, 0x6, 0x2, 0x10, @empty, @rand_addr=' \x01\x00', 0x80, 0x8, 0x7, 0x9}})
sendmsg$ETHTOOL_MSG_COALESCE_GET(r0, &(0x7f0000000880)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000980)={0xb0, r10, 0x800, 0x70bd25, 0x25dfdbfe, {}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pimreg\x00'}]}, @HEADER={0x78, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r11}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg2\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r15}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}]}, 0xb0}, 0x1, 0x0, 0x0, 0x4000}, 0x24005880)

4m15.02710037s ago: executing program 34 (id=1773):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000380), r0)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="18000000240001030000000000000000010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000)
recvmmsg(r0, &(0x7f0000002c00)=[{{0x0, 0x0, 0x0}, 0x6}, {{0x0, 0x0, 0x0}, 0x2046}, {{0x0, 0x0, 0x0}, 0x401}, {{0x0, 0x0, 0x0}, 0x101}, {{0x0, 0x0, 0x0}, 0x40}, {{0x0, 0x0, 0x0}, 0x80000007}, {{0x0, 0x0, &(0x7f0000000600)=[{&(0x7f0000000540)=""/107, 0x6b}, {&(0x7f0000004500)=""/4112, 0x1010}, {&(0x7f0000001900)=""/4093, 0xffd}, {&(0x7f0000000900)=""/100, 0x64}, {&(0x7f0000000040)=""/96, 0x60}, {&(0x7f0000000340)=""/63, 0x3f}, {&(0x7f00000000c0)=""/107, 0x6b}, {&(0x7f0000000800)=""/114, 0x72}, {&(0x7f0000001800)=""/203, 0xcb}], 0x9}, 0x4}, {{0x0, 0x0, 0x0}, 0x8}], 0x8, 0x2, 0x0)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
getsockopt$SO_J1939_ERRQUEUE(r1, 0x6b, 0x4, 0x0, &(0x7f0000000a40))
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xc, &(0x7f0000000c40)=ANY=[@ANYBLOB="1800000000000000000000004b000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000006000000850000002d000000a0bf118faa0b3f79d926bbf1151485000000110000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x3, &(0x7f0000000200)=[{0x1d, 0x0, 0x1}, {0x4}, {0x6, 0x40, 0x0, 0x6}]})
bpf$PROG_BIND_MAP(0xa, &(0x7f00000007c0)={r2}, 0xc)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000600)=@getnexthop={0x20, 0x6a, 0x3265e22d371e5647, 0x70bd2c, 0x25dfdbfd, {}, [@NHA_OIF={0x8}]}, 0x20}, 0x1, 0x0, 0x0, 0x4000000}, 0x10000000)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r4)
r6 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000180)={'wlan1\x00', <r8=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000004c0)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010027bd7000fcdbdf254400000008000300", @ANYRES32=r8, @ANYBLOB="0a001800030303030303000004005a8020005a8018000080140005"], 0x4c}}, 0x4040810)
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000240)={&(0x7f0000000a80)={0x1bc, r5, 0x100, 0x70bd27, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_TX_NO_CCK_RATE={0x4}, @NL80211_ATTR_TX_NO_CCK_RATE={0x4}, @NL80211_ATTR_TX_NO_CCK_RATE={0x4}, @NL80211_ATTR_OFFCHANNEL_TX_OK={0x4}, @NL80211_ATTR_CSA_C_OFFSETS_TX={0x6, 0xcd, [0x6]}, @NL80211_ATTR_FRAME={0x161, 0x33, @probe_request={{{0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1}, {0x9}, @broadcast, @broadcast, @initial, {0x9, 0xf61}, @value=@ver_80211n={0x0, 0x8, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1}}, @void, @void, @void, @val={0x2d, 0x1a, {0x800, 0x2, 0x0, 0x0, {0x8, 0xb38, 0x0, 0x8, 0x0, 0x1, 0x1, 0x1}, 0x300, 0x0, 0x8}}, @void, [{0xdd, 0x23, "dc909809ab18709a70b64b033984114b14ad785d01052666b47b4f9c1683e54f7c4875"}, {0xdd, 0xfe, "6ce0c7ec8893ef694aac8e8cfb0a6945dc3f95daa12c648e78e1c897e8d8524c31ce4bf219b233365d14eaed5ef3943aeb6a10ecaf6899c13d44435137c3620ae26caaa2cc26dc2ff6f5bdb92c63f94c54417ad50344becc4e30fb4d60cff0d956e5b061bc9b39a1ccf114a1fe2ced74651a43897666407476fc584d123b63e0e87f6f26f55c1681011fed4d628408c0515a4a1d977c97a3c4b9b27921dcaa001535a1001cc57d1323d5602989af57745d0a43952426958015859275e282906405f9b3c2f6d391c628d2957d3422a041cef48fa8f8abdc0db86458a71708a534e136398496ec2b283e4bda03fd1379b171144871d4849ad4e5496839b25c"}]}}, @NL80211_ATTR_CSA_C_OFFSETS_TX={0x14, 0xcd, [0x9, 0xd7, 0x76, 0x3, 0x401, 0x6, 0xb, 0x8613]}, @NL80211_ATTR_OFFCHANNEL_TX_OK={0x4}, @NL80211_ATTR_CSA_C_OFFSETS_TX={0xa, 0xcd, [0x1, 0xff72, 0xfffc]}]}, 0x1bc}, 0x1, 0x0, 0x0, 0x4000014}, 0x80)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000000), r0)
sendmsg$nl_route(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000740)=ANY=[@ANYBLOB="6c00000010001fff010000000000000000060000", @ANYRES32=0x0, @ANYBLOB="81ffffff00000000440012800b00010067656e6576650000340002800500090000000000050009000100000005000a000000000005000300f90000000500040040000000050004000800000008000a00", @ANYRES32], 0x6c}}, 0x40)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000d00), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r9, &(0x7f0000000100)={0x0, 0xf0, &(0x7f00000000c0)={&(0x7f0000000000)={0x34, r10, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_FEATURES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_FEATURES_WANTED={0x8, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x10, 0x3, 0x0, 0x1, [{0x0, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x0, 0x1, 0x22}]}]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x1}, 0x0)
getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, &(0x7f0000000440)=<r11=>0x0, &(0x7f0000000480)=0x4)
r12 = socket$igmp6(0xa, 0x3, 0x2)
r13 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r13, 0x8933, &(0x7f0000000080)={'geneve1\x00', <r14=>0x0})
ioctl$sock_inet6_SIOCADDRT(r12, 0x890b, &(0x7f00000005c0)={@dev={0xfe, 0x80, '\x00', 0x3c}, @remote, @remote, 0x9, 0x2, 0x0, 0x0, 0xb7, 0xc20022, r14})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r6, 0x89f1, &(0x7f0000000500)={'syztnl1\x00', &(0x7f00000006c0)={'ip6_vti0\x00', <r15=>0x0, 0x2, 0x38, 0x6, 0x2, 0x10, @empty, @rand_addr=' \x01\x00', 0x80, 0x8, 0x7, 0x9}})
sendmsg$ETHTOOL_MSG_COALESCE_GET(r0, &(0x7f0000000880)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000980)={0xb0, r10, 0x800, 0x70bd25, 0x25dfdbfe, {}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pimreg\x00'}]}, @HEADER={0x78, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r11}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg2\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r15}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}]}, 0xb0}, 0x1, 0x0, 0x0, 0x4000}, 0x24005880)

13.670029289s ago: executing program 2 (id=2096):
r0 = syz_usb_connect(0x2, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="120100001a77aa4094225b4210a20102030109022400010000000009040000029233500009050602ff030000"], 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000440)={0x44, &(0x7f0000000240)=ANY=[@ANYBLOB="40010400000003"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

12.961056683s ago: executing program 2 (id=2100):
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000002700)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f000001b000)=ANY=[@ANYBLOB="381200003300000126bd7000fddbdf253010fb801d101380783cabcf3de8f3c211caac293bfba1f6c66248e2705bfdeaf3e518701e75b6870e949c9efe541264de467766dfe253da80bc4601fddfb29d68a356ca39cba5bb876bdee1d1f6640bb64e313f030da7715e4e5f282235c21405e318614f33083a4b615d83fbc2757362a21e81598dd1c94f416f7fe0291ee066acb78990917d93450dc091617b2b9b856b762e98782567c7ae32d25d68ac22ba4415ab4e9411b60459b5fe04a16c83cb50e70b539e77b39213d9c96b5f0eaa04346eb659528defaefebc201f6fd8a70ef275ffc1ccaf61d56015c4bb63039c3b5db172b76ef8c834ae9df36f8764c27785f4098f8bbe8190e92a2f53d0e17cbd0e3150c8839cfd779a96807dfb84d6d424978b1060dc0fe13a00d526681c018bd90b954e1dd4f36787f6cf693c4a428c8cc5a6c0c77a940f5911f6191babbb44ddb0874a2e573d9a4c41cc89134dc1498259ae3da6f5e2bb40631050a2b28b86f43fa397c8cb73698f2625d966e2695db75c2d719077e59f4278644ce09c0b5cd873f4ce68a6d88819c0caf1c3b58612897c74636701d99260c2ed0e29392f96e6b46a5d8e4797d49f7db2400f81bbdfe7fedab277d090a977eb6d3143e34ab570975d403d9d5975d8a1b373d0322ea31faf954d8921cca83c962e55959bb2b82ab789e617a67200d503f89c88d6e8f04deb2773349669e22cdc62f0d6037bc11334f3b7f3c203866d39f6f2f15215fa9a707960c2f6d5229ee00a879a842724c9f633dcb55114d5b4ae228f59001fdea972a1e2893ca0f1855a3918dda375af22d6531cf30c28f84ab3f45d7893f65a9ac09cca966c896c79172b1f8b8da2af3c82ad641eb3db53966e1f670fa1f94465c356331e7a9e39be91d6b2719780109b8e0fae2ad2c85814892d2bdc40d650d54e75277ba22818857a3ce176b85f447a52d43e52d621422695ce1bbeaaa3611d296953b63f08238844704293e37334ef7dc826b87704ffa5e634c89fe70223869ef8484d0dbab21bf206fae62fa6b645ecd4f1f0ea1107ec9ae55882dd92b099da4cd71ab2493b81a3eee6f617dd53af22ff15b01e97689db12b6fe53f941207303d1e822a7b98303617efdaa4e844df85dac246617b3aff4cd0bb5db224a59fa4e7161c4862114cdec7a7b9f4ffcbd7e8a9dc761dc3368a0f37541463227ae5cf525441ab99b9ba09d70b4c2ad9719a5c48258398e77adb9d1f8dcc64d8d658cfcd1b5fef2669f1b2c19f0988268611a644f02f13b86377a9203c36091545f09d62c96c98732c2619cc81dbd4ca19dd62141ce8421dbc28de8b32fa91631b8957025c89812d5fdd72d79aa5d1f765aaa08317915d35ebdfc8a880923596ffbbe4bc6bbd81427869350d59a206c96c813efb25bade849f515e6b6a47c6ccb2131e60c8c05891ea8f065baf49459218c32257c13a82b423cee266dbf51f500ce996d76a723e662f3c3d2fddaff5c050f2ef2e17d0fafb0c42a82184201d8732fa4f1c370384fed4b0d8ee842f2de5523aed2e09e2c484f940a1736359711eb655bd00504e76f3c72f26970d3c05b00ea25803e8be24d7751baadfda870d3e0e64514f0b290a052071cd8f71a2c6ff4850b891c3f1818e0774794c46c62d511db9ee5b960404c866850602205b15b287e6d3279e6a5d1dce653ef770f68af6a16dfa552145e18dd0b185571f29542c24b753ee6ee5f5fb448afcfe643d540e7a120ebf36f2e4f3a30b46d8497ad69b5a55ee023709f640d44e1ba6a4da79579fbaf66676c8e2f60a1a8e3fe123a70b4604e75db29ee19bb8805e22195aeda6b0412c750e0043a53c673e24f9bf68544089b1bc8fe1763e0b157106cec5b21847eeea377c258bac16ff48a208b4c7d3cd1fcf410d22148beb6f95317061c1de7e2d87c448bc2c00069d2e886a7a37c4ced954d2b06ee6de91785a967d4dd117b83fdf7786133abd08ac3399ba7e6f521d933e14966ca444056c4289ec24c76b9eed38ceae0c5493dbe53c20063ac6f9290663cad2b4c73b5276bc5a17847e9098563928694a0316d7d73c4a439bd0fb91fdb520d9b92c5c686ed1122383012b84f4846f4d5e0c5fedf74c9c07ec64da1f2157feee49aa476a4d2b830f528f1c8bf8b7b76ecf7d2266ed1b9d8278a5923501cf134fb9e59f1ee9a5c1397387c2959e0743e634cc41782b57f8c7ea51525150c443066b352f84050fbfb72f55680f24461c791024efa74022caa8d58f1e9985e910f25aa92bfe756ab3eacf8079e7eb7f970165b3ff1bf1ca457ab5f4d9a1a08448ffca704fcee8030a7d8aca43ae64b0be45efd5151bcea83845720d210aa76ef748810e46ffb0cdb7bad706a24d6cb076171a6b79f5de5ac6b8190919a68b1b41b173914dd37d599f7a78587c4ee606b31949a88e6a790e000000008d32f05a22e68d22793282b716d151d9de60e24cc049e3bf4cce36fe43b5ea824a7b3c854860ceed13d466439263353e81940e7ded03f31211cc714f4cdf240516025f1f5621cced4b88a4e48c940d6f46ff2f57f0583046b650a440c4ea8e9fab79e98d7529db2f11cc7529bb361cf8cb65600ffb36eb5fd93acbdd58398ecbb0befd277e267051f93dc3e7c6a5212c2ed990eb60d9d451b4458cb44cd691dac77ece483236e3006b7f7913e39f685ca41bcd1692494370acb70d0cfdc9e6de0bcd602040a0bc2de02a8cd477fef88b5410f5dfea1cd32d25464853d56c82abd3c11caebd992ca656e88a10ca2779f887472d5064fddd7397eb0205c419b23c2756a3b9b722ff273907c50f8b176834edcc1268e036214a2a25651c719541a4f7729ef7e32dee27c5b910bfea677c562138b30b3355b462c8f910874acc292f6787f8d94fa1cb2e648789cc67d05eb49d6d3c8788a024e3c523c4ee282764090044b44f30a9848daf2522b76448ecb9249ffe58dad4363b1d08181131a89af718ecbd5ffe44e032ca26664eecabc9aa57a875b5964ea492b7e745606a3f4ab36130a8a43a19be74709dea4eeebf5e53706685122e6603247996d672dacdf1bbadf5df111cfe7e72f5b2c6cdc32c1e4eed30147c9a51c5abd4214c577c4c8d1725daf906d145c6ff2c9ab0fc3da4edfb92be40b4af234c2bc147b2d08a801b539928cb754f2f6d2d4280ee0c834ee4f5eb8b0662ffa6f7154307b0fe55fe248a3f953a09b06244674adbf31dd7489be3f26423140ffe98671ca413d678047096fcad53f5bca7e602354553af02c225a67e4e8eabf298495a99de9653638405ebe78dc75e6d16c39e1547dadbc07a014369e39175991368d05be623656c4ecb3735612546b9a9c1490f834cab7567e61c8b2669aa62f156f2ff3b76b32e11b0e0acb6c7ccd6623bef1a5ccbe5f477ae90b3918899fc6b6075c514deaf387d5f09cd59f3fb3c0a9614f1eec092a8f7c6bd200e04da47085d58adc08f1f0651f7ce0cea5792a30aa2bee9970913fc9e79bcf0b5c55adfa6967a44b84ffcd3ce7fb47a610773eb9323b8ab3b5b9670f3ddc06e673e5ebe929f1ae4508decd56a2cefc34bab4703bbd3d83fcfdc27fc4e8a799a34742526848f6aae932ec98959f46ea50f12e0ad3ba4ef50a7b4defdf2fcf8dd2afdb8f29a1b7eed384b17c8b4ff4cfc220745cef2c083615eee226bccb8f2b7faf5a8948e60edc37a644b70011ff8b608da74a3873b2d8a6ba50dcce8a5ed6fe96c599c6d0b8a431f0b96789e974ea48400b94c2d1fbb7a8908de838cc64d4de93d506dfb450012df4af40d5980aed567e0b94281f8109ae7cb42f8253783a9ccb1cdd07245b31c0a00f13b42eedea9dd6d031f283a277f140f7ccacffc4e76829fede0479d59a542f873524651dbed995a00749e1b06182f073ebc3122ef1b007436d9eeb89d4f82ad366361ae8bb54e795b5c3d0594ccab1d5019f4b9191fd7c84598c866a8f98b2759738a65af53943b466aec83bb055e8f6c6e7755862de6c4c203fa67663702783f5f19459620a99f4de75fc85efedc44cf65adaaead7038406ebc507048b115c44209057f887f204a60ad9f6abc9b7983b930be5115cd91de9723bef58d29e421e123c7fa19ac3de2900827041d096ce0d589d45159c322ff3529687b89a10dd6c628977aedb1547ab6630995b48edba0a6f0e9ce99166dd7acdab5253f6bd4c3891c45d6ce4cf136a77eb9a343569b57559215f79051388cff4761a3a63f6c73d8d7aafa8053e4f764f1c37b8b57128ecea00d7046c7532576bd413e01bf6df40bb1c3bf0480efbb1407003a98b1014552d2a1ecf99ba29c063ba96b3555cca24a211c2c604766a6b503a875040039f23f7ed46566519ee1aed0167c774555b623bee2bcfe83459af5527b312a19298e8323cd9b3fe5e075ee0867aadae8bc81939919d6d36834a87c1bf9e47d467395892aa09f12cfc172a2a9a44a43ff880219487798a206fbaca25172b3f00867d3f100f355ccb987bd0c41c015d791bae97c258ea4138a377fee51219e917893248391b7b2fa8d1bedc3ac71e5dd6ac382a0c8e0753f16bda800108d9dcbf9ccb192136b1cc555129afd8821b007543ff2d14f07003fe05cdd5fd133295c36bd44aca53c8fd91428fbd72951d4a97006636456baeac6c4d2f75d864e5aec7e738d865f2a0e5bdfadccc2486241fb38c024f981b08c8ad06bd48e99ee116c764d894f39e603949a4644ab2ed942d933876f16949c833f0bf1962b908087ff77b9318945edd47cf5c6b329e0dc403944fc9fc49e0c88f0177ba649ce61b4758ccdce20df2abbc45fec9e350286898d3fbc0ace3f75a5d8667438217ad564903ce64ee98e90ea770e431bec58c7d624278c5dc5955a555056be562308c7a003abdeb13456d43c245bcaa63c4ed17a4fb73cd53d890130322ad78c9b53073e7146ee8cc36f29f632c0e554dbcf161ab7a01badd56a0d84c8f337a2a3248c4ec96445158cb59060c352df81f6b85cccda5a0d737d44101a413d9edf5ed0bf16537520bd544e25540124ac7fc202bb8db6b141fca9cc25e85b4d064535de0dc5b8868025b71f8950ddc35d6b1bf04d8440c8ea2660fa3476578981bb467e9a54a9ebb2561f1414d34a922168537cde92375d6bb4e35cf4e2655cb0daca2a1b75013a9a5f72768b061492a381d1e339970a322f07ff3d0b9af33af6a191ed778a99b721eb89a294ebf76748230837f75cb9f5f31a0dcc4b9f6dcc99487e5799e1ff5db60f7193308a4b40dcac5e9aa3a288c03d724a5e2da794590446c236234eb0b34cc60fde282400039d7a263fad5b2df94907c54b07cc0d3e6d97a64e7306131f741caec8bfca4e40b033f4633a63d0845db13b0b59b3eb0ad2cde32856ee356d8e910524f71aa75d1b527bd0c69c7126f7d18644c3547acedcac805f9077778362d40004e8fb4d6de7f3dd679e1519f8896174be1fb", @ANYRES32=0x0, @ANYBLOB="f7a0892a0f44ae21cef9bccdc148b946ddef45529a62c9e1934ed61f2ddf4fdbe9bb7c15cb11095e580d4d866f2d5b708e455bf1f43dde72df495711a095ce0940bf134854b7c70a45393aba65021b51892210c9adf6fc0b74be5275c5a5bfc70b89ce65a251c6dc9e451e17372dac7db685f334aede8004e23e65a6262763fdd5a03e445d8e6fe3057005af3edfe62bae75c6c7b84565ad0887bb7b6cc85ad5b78e19554efc5370000dc738b7bc8df535998f5912b0d94b1b2a6779e9a76e"], 0x1238}], 0x1, 0x0, 0x0, 0x10004800}, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0xffffffffffffffb3}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
shmat(0x0, &(0x7f0000ffc000/0x2000)=nil, 0x4000)
read$msr(r4, &(0x7f0000002000)=""/102400, 0x19000)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB, @ANYRES32, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002e00"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x94)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

10.591596938s ago: executing program 2 (id=2103):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[@ANYBLOB="4400000010000000000000000400002e00000040", @ANYRES32=0x0, @ANYBLOB="00000000400000002400128009000100626f6e64000000001400028008000a000000000005001d"], 0x44}}, 0x0)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r0, 0x84, 0x7, &(0x7f0000001900), &(0x7f0000001940)=0x4) (async)
getsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r0, 0x84, 0x7, &(0x7f0000001900), &(0x7f0000001940)=0x4)
pipe(&(0x7f0000000140)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket$inet_udp(0x2, 0x2, 0x0)
close(r3)
socket$netlink(0x10, 0x3, 0x0) (async)
socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="4808000010001fff3a4ee9bfd5c3a3696c40af0b", @ANYRES32=0x0, @ANYBLOB="0000000000000000280012800a00010076786c616e"], 0x3}}, 0x0) (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="4808000010001fff3a4ee9bfd5c3a3696c40af0b", @ANYRES32=0x0, @ANYBLOB="0000000000000000280012800a00010076786c616e"], 0x3}}, 0x0)
write$binfmt_misc(r2, &(0x7f0000000000), 0xfffffecc)
splice(r1, 0x0, r3, 0x0, 0x4ffe2, 0x0)

7.416264761s ago: executing program 3 (id=2104):
syz_emit_ethernet(0x2a, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000580)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r4}, 0x10)
r5 = syz_init_net_socket$ax25(0x3, 0x3, 0xc3)
ioctl$SIOCAX25GETINFOOLD(r5, 0x89e9, 0x0)

6.062293956s ago: executing program 3 (id=2105):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/10, @ANYRES32=0x0, @ANYRES32], 0x50)
openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x1, &(0x7f0000000300)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x5, 0xb9, &(0x7f0000000140)=""/185, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
stat(&(0x7f0000000040)='./file1\x00', &(0x7f0000000340))
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, 0x0, 0x0, 0x2, 0x0)
syz_emit_ethernet(0x11, &(0x7f0000000e00)=ANY=[@ANYBLOB], 0x0)
getgid()
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000000000/0x9000)=nil, 0x600000, 0x600000, 0x3, &(0x7f0000a00000/0x600000)=nil)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0xc, 0x17, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000000000000000000000100000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200000300", @ANYBLOB="0000000000000000b7020000000000408500000086000000bf91000000000000b70200000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x7, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

5.098992897s ago: executing program 3 (id=2106):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
pwritev(r0, &(0x7f0000000900)=[{0x0}, {&(0x7f0000000280)}, {&(0x7f0000000340)}, {&(0x7f0000000400)}, {&(0x7f00000002c0)="50c06db4147a05d3582392b34ff6cbc33a995d33142763ef2cef141004b9c763641ae6f3853ca1", 0x27}, {&(0x7f0000000480)}, {0x0}], 0x7, 0x0, 0x6)

4.976646569s ago: executing program 2 (id=2107):
r0 = syz_usb_connect(0x2, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="120100001a77aa4094225b4210a20102030109022400010000000009040000029233500009050602ff030000"], 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000440)={0x44, &(0x7f0000000240)=ANY=[@ANYBLOB="40010400000003"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

4.930930009s ago: executing program 3 (id=2108):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x4c483, 0x0)
io_uring_setup(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x28, 0x80008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='ns\x00')
r4 = socket$l2tp6(0xa, 0x2, 0x73)
bind$l2tp6(r4, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x20)
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = syz_io_uring_setup(0x70ca, &(0x7f0000000080)={0x0, 0x0, 0x10100, 0x3, 0x179}, &(0x7f0000000100)=<r6=>0x0, &(0x7f00000007c0)=<r7=>0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r5, 0x9, 0x0, 0x0)
r9 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000300)='attr/current\x00')
writev(r9, &(0x7f00000015c0)=[{&(0x7f00000000c0)='w', 0x1}], 0x1)
syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x18, 0x0, @fd=r5, 0xfffffffffffffffc, 0x0, 0x21, 0x0, 0x0, {0x0, r8}})
io_uring_enter(r5, 0x4d10, 0x2, 0x2, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={0x0}, 0x1, 0x0, 0x0, 0x4000811}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newtaction={0x64, 0x30, 0x871a15abc695fa3d, 0x0, 0x80004, {}, [{0x50, 0x1, [@m_vlan={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_VLAN_PARMS={0x1c, 0x2, {{0x4, 0x100, 0x0, 0x7, 0x6}, 0x1}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x1, 0x3}}}}]}]}, 0x64}, 0x1, 0x0, 0x0, 0x4000044}, 0x0)
sendmmsg(0xffffffffffffffff, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r10 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CHECK_EXTENSION_VM(r10, 0xae03, 0xffffffffffff3f81)

3.189380374s ago: executing program 2 (id=2109):
syz_open_dev$sndctrl(0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r2, 0x0, 0xd}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8d}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000540)=0x4)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
syz_io_uring_setup(0x5add, &(0x7f0000000040)={0x0, 0xc19d, 0x1, 0x5, 0x61}, &(0x7f00000000c0), &(0x7f0000000280))
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(0xffffffffffffffff, 0x84, 0x6b, &(0x7f0000000140)=[@in={0x2, 0x4e22, @private=0xa010102}], 0x10)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f0000000000)={0x1, [<r6=>0x0]}, &(0x7f0000000080)=0x8)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f0000000400)={r6, @in={{0x2, 0x4e22, @private=0xa010102}}, 0x9, 0x401}, &(0x7f0000000280)=0x90)
r7 = dup2(r2, r3)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r7, 0xc0502100, &(0x7f00000003c0))
connect$inet(r4, &(0x7f0000000100)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r4, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x4}, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, {}, 0x0, 0x0, 0x1}, {{@in6=@dev, 0x0, 0x33}, 0x0, @in=@private=0xa010100, 0x0, 0x0, 0x0, 0xb7, 0xffffffff}}, 0xe8)
sendmmsg(r4, &(0x7f0000007fc0), 0x800001d, 0x1c)

3.179855358s ago: executing program 3 (id=2110):
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000002700)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f000001b000)=ANY=[@ANYBLOB="381200003300000126bd7000fddbdf253010fb801d101380783cabcf3de8f3c211caac293bfba1f6c66248e2705bfdeaf3e518701e75b6870e949c9efe541264de467766dfe253da80bc4601fddfb29d68a356ca39cba5bb876bdee1d1f6640bb64e313f030da7715e4e5f282235c21405e318614f33083a4b615d83fbc2757362a21e81598dd1c94f416f7fe0291ee066acb78990917d93450dc091617b2b9b856b762e98782567c7ae32d25d68ac22ba4415ab4e9411b60459b5fe04a16c83cb50e70b539e77b39213d9c96b5f0eaa04346eb659528defaefebc201f6fd8a70ef275ffc1ccaf61d56015c4bb63039c3b5db172b76ef8c834ae9df36f8764c27785f4098f8bbe8190e92a2f53d0e17cbd0e3150c8839cfd779a96807dfb84d6d424978b1060dc0fe13a00d526681c018bd90b954e1dd4f36787f6cf693c4a428c8cc5a6c0c77a940f5911f6191babbb44ddb0874a2e573d9a4c41cc89134dc1498259ae3da6f5e2bb40631050a2b28b86f43fa397c8cb73698f2625d966e2695db75c2d719077e59f4278644ce09c0b5cd873f4ce68a6d88819c0caf1c3b58612897c74636701d99260c2ed0e29392f96e6b46a5d8e4797d49f7db2400f81bbdfe7fedab277d090a977eb6d3143e34ab570975d403d9d5975d8a1b373d0322ea31faf954d8921cca83c962e55959bb2b82ab789e617a67200d503f89c88d6e8f04deb2773349669e22cdc62f0d6037bc11334f3b7f3c203866d39f6f2f15215fa9a707960c2f6d5229ee00a879a842724c9f633dcb55114d5b4ae228f59001fdea972a1e2893ca0f1855a3918dda375af22d6531cf30c28f84ab3f45d7893f65a9ac09cca966c896c79172b1f8b8da2af3c82ad641eb3db53966e1f670fa1f94465c356331e7a9e39be91d6b2719780109b8e0fae2ad2c85814892d2bdc40d650d54e75277ba22818857a3ce176b85f447a52d43e52d621422695ce1bbeaaa3611d296953b63f08238844704293e37334ef7dc826b87704ffa5e634c89fe70223869ef8484d0dbab21bf206fae62fa6b645ecd4f1f0ea1107ec9ae55882dd92b099da4cd71ab2493b81a3eee6f617dd53af22ff15b01e97689db12b6fe53f941207303d1e822a7b98303617efdaa4e844df85dac246617b3aff4cd0bb5db224a59fa4e7161c4862114cdec7a7b9f4ffcbd7e8a9dc761dc3368a0f37541463227ae5cf525441ab99b9ba09d70b4c2ad9719a5c48258398e77adb9d1f8dcc64d8d658cfcd1b5fef2669f1b2c19f0988268611a644f02f13b86377a9203c36091545f09d62c96c98732c2619cc81dbd4ca19dd62141ce8421dbc28de8b32fa91631b8957025c89812d5fdd72d79aa5d1f765aaa08317915d35ebdfc8a880923596ffbbe4bc6bbd81427869350d59a206c96c813efb25bade849f515e6b6a47c6ccb2131e60c8c05891ea8f065baf49459218c32257c13a82b423cee266dbf51f500ce996d76a723e662f3c3d2fddaff5c050f2ef2e17d0fafb0c42a82184201d8732fa4f1c370384fed4b0d8ee842f2de5523aed2e09e2c484f940a1736359711eb655bd00504e76f3c72f26970d3c05b00ea25803e8be24d7751baadfda870d3e0e64514f0b290a052071cd8f71a2c6ff4850b891c3f1818e0774794c46c62d511db9ee5b960404c866850602205b15b287e6d3279e6a5d1dce653ef770f68af6a16dfa552145e18dd0b185571f29542c24b753ee6ee5f5fb448afcfe643d540e7a120ebf36f2e4f3a30b46d8497ad69b5a55ee023709f640d44e1ba6a4da79579fbaf66676c8e2f60a1a8e3fe123a70b4604e75db29ee19bb8805e22195aeda6b0412c750e0043a53c673e24f9bf68544089b1bc8fe1763e0b157106cec5b21847eeea377c258bac16ff48a208b4c7d3cd1fcf410d22148beb6f95317061c1de7e2d87c448bc2c00069d2e886a7a37c4ced954d2b06ee6de91785a967d4dd117b83fdf7786133abd08ac3399ba7e6f521d933e14966ca444056c4289ec24c76b9eed38ceae0c5493dbe53c20063ac6f9290663cad2b4c73b5276bc5a17847e9098563928694a0316d7d73c4a439bd0fb91fdb520d9b92c5c686ed1122383012b84f4846f4d5e0c5fedf74c9c07ec64da1f2157feee49aa476a4d2b830f528f1c8bf8b7b76ecf7d2266ed1b9d8278a5923501cf134fb9e59f1ee9a5c1397387c2959e0743e634cc41782b57f8c7ea51525150c443066b352f84050fbfb72f55680f24461c791024efa74022caa8d58f1e9985e910f25aa92bfe756ab3eacf8079e7eb7f970165b3ff1bf1ca457ab5f4d9a1a08448ffca704fcee8030a7d8aca43ae64b0be45efd5151bcea83845720d210aa76ef748810e46ffb0cdb7bad706a24d6cb076171a6b79f5de5ac6b8190919a68b1b41b173914dd37d599f7a78587c4ee606b31949a88e6a790e000000008d32f05a22e68d22793282b716d151d9de60e24cc049e3bf4cce36fe43b5ea824a7b3c854860ceed13d466439263353e81940e7ded03f31211cc714f4cdf240516025f1f5621cced4b88a4e48c940d6f46ff2f57f0583046b650a440c4ea8e9fab79e98d7529db2f11cc7529bb361cf8cb65600ffb36eb5fd93acbdd58398ecbb0befd277e267051f93dc3e7c6a5212c2ed990eb60d9d451b4458cb44cd691dac77ece483236e3006b7f7913e39f685ca41bcd1692494370acb70d0cfdc9e6de0bcd602040a0bc2de02a8cd477fef88b5410f5dfea1cd32d25464853d56c82abd3c11caebd992ca656e88a10ca2779f887472d5064fddd7397eb0205c419b23c2756a3b9b722ff273907c50f8b176834edcc1268e036214a2a25651c719541a4f7729ef7e32dee27c5b910bfea677c562138b30b3355b462c8f910874acc292f6787f8d94fa1cb2e648789cc67d05eb49d6d3c8788a024e3c523c4ee282764090044b44f30a9848daf2522b76448ecb9249ffe58dad4363b1d08181131a89af718ecbd5ffe44e032ca26664eecabc9aa57a875b5964ea492b7e745606a3f4ab36130a8a43a19be74709dea4eeebf5e53706685122e6603247996d672dacdf1bbadf5df111cfe7e72f5b2c6cdc32c1e4eed30147c9a51c5abd4214c577c4c8d1725daf906d145c6ff2c9ab0fc3da4edfb92be40b4af234c2bc147b2d08a801b539928cb754f2f6d2d4280ee0c834ee4f5eb8b0662ffa6f7154307b0fe55fe248a3f953a09b06244674adbf31dd7489be3f26423140ffe98671ca413d678047096fcad53f5bca7e602354553af02c225a67e4e8eabf298495a99de9653638405ebe78dc75e6d16c39e1547dadbc07a014369e39175991368d05be623656c4ecb3735612546b9a9c1490f834cab7567e61c8b2669aa62f156f2ff3b76b32e11b0e0acb6c7ccd6623bef1a5ccbe5f477ae90b3918899fc6b6075c514deaf387d5f09cd59f3fb3c0a9614f1eec092a8f7c6bd200e04da47085d58adc08f1f0651f7ce0cea5792a30aa2bee9970913fc9e79bcf0b5c55adfa6967a44b84ffcd3ce7fb47a610773eb9323b8ab3b5b9670f3ddc06e673e5ebe929f1ae4508decd56a2cefc34bab4703bbd3d83fcfdc27fc4e8a799a34742526848f6aae932ec98959f46ea50f12e0ad3ba4ef50a7b4defdf2fcf8dd2afdb8f29a1b7eed384b17c8b4ff4cfc220745cef2c083615eee226bccb8f2b7faf5a8948e60edc37a644b70011ff8b608da74a3873b2d8a6ba50dcce8a5ed6fe96c599c6d0b8a431f0b96789e974ea48400b94c2d1fbb7a8908de838cc64d4de93d506dfb450012df4af40d5980aed567e0b94281f8109ae7cb42f8253783a9ccb1cdd07245b31c0a00f13b42eedea9dd6d031f283a277f140f7ccacffc4e76829fede0479d59a542f873524651dbed995a00749e1b06182f073ebc3122ef1b007436d9eeb89d4f82ad366361ae8bb54e795b5c3d0594ccab1d5019f4b9191fd7c84598c866a8f98b2759738a65af53943b466aec83bb055e8f6c6e7755862de6c4c203fa67663702783f5f19459620a99f4de75fc85efedc44cf65adaaead7038406ebc507048b115c44209057f887f204a60ad9f6abc9b7983b930be5115cd91de9723bef58d29e421e123c7fa19ac3de2900827041d096ce0d589d45159c322ff3529687b89a10dd6c628977aedb1547ab6630995b48edba0a6f0e9ce99166dd7acdab5253f6bd4c3891c45d6ce4cf136a77eb9a343569b57559215f79051388cff4761a3a63f6c73d8d7aafa8053e4f764f1c37b8b57128ecea00d7046c7532576bd413e01bf6df40bb1c3bf0480efbb1407003a98b1014552d2a1ecf99ba29c063ba96b3555cca24a211c2c604766a6b503a875040039f23f7ed46566519ee1aed0167c774555b623bee2bcfe83459af5527b312a19298e8323cd9b3fe5e075ee0867aadae8bc81939919d6d36834a87c1bf9e47d467395892aa09f12cfc172a2a9a44a43ff880219487798a206fbaca25172b3f00867d3f100f355ccb987bd0c41c015d791bae97c258ea4138a377fee51219e917893248391b7b2fa8d1bedc3ac71e5dd6ac382a0c8e0753f16bda800108d9dcbf9ccb192136b1cc555129afd8821b007543ff2d14f07003fe05cdd5fd133295c36bd44aca53c8fd91428fbd72951d4a97006636456baeac6c4d2f75d864e5aec7e738d865f2a0e5bdfadccc2486241fb38c024f981b08c8ad06bd48e99ee116c764d894f39e603949a4644ab2ed942d933876f16949c833f0bf1962b908087ff77b9318945edd47cf5c6b329e0dc403944fc9fc49e0c88f0177ba649ce61b4758ccdce20df2abbc45fec9e350286898d3fbc0ace3f75a5d8667438217ad564903ce64ee98e90ea770e431bec58c7d624278c5dc5955a555056be562308c7a003abdeb13456d43c245bcaa63c4ed17a4fb73cd53d890130322ad78c9b53073e7146ee8cc36f29f632c0e554dbcf161ab7a01badd56a0d84c8f337a2a3248c4ec96445158cb59060c352df81f6b85cccda5a0d737d44101a413d9edf5ed0bf16537520bd544e25540124ac7fc202bb8db6b141fca9cc25e85b4d064535de0dc5b8868025b71f8950ddc35d6b1bf04d8440c8ea2660fa3476578981bb467e9a54a9ebb2561f1414d34a922168537cde92375d6bb4e35cf4e2655cb0daca2a1b75013a9a5f72768b061492a381d1e339970a322f07ff3d0b9af33af6a191ed778a99b721eb89a294ebf76748230837f75cb9f5f31a0dcc4b9f6dcc99487e5799e1ff5db60f7193308a4b40dcac5e9aa3a288c03d724a5e2da794590446c236234eb0b34cc60fde282400039d7a263fad5b2df94907c54b07cc0d3e6d97a64e7306131f741caec8bfca4e40b033f4633a63d0845db13b0b59b3eb0ad2cde32856ee356d8e910524f71aa75d1b527bd0c69c7126f7d18644c3547acedcac805f9077778362d40004e8fb4d6de7f3dd679e1519f8896174be1fb", @ANYRES32=0x0, @ANYBLOB="f7a0892a0f44ae21cef9bccdc148b946ddef45529a62c9e1934ed61f2ddf4fdbe9bb7c15cb11095e580d4d866f2d5b708e455bf1f43dde72df495711a095ce0940bf134854b7c70a45393aba65021b51892210c9adf6fc0b74be5275c5a5bfc70b89ce65a251c6dc9e451e17372dac7db685f334aede8004e23e65a6262763fdd5a03e445d8e6fe3057005af3edfe62bae75c6c7b84565ad0887bb7b6cc85ad5b78e19554efc5370000dc738b7bc8df535998f5912b0d94b1b2a6779e9a76eb43ca9"], 0x1238}], 0x1, 0x0, 0x0, 0x10004800}, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0xffffffffffffffb3}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
shmat(0x0, &(0x7f0000ffc000/0x2000)=nil, 0x4000)
read$msr(r4, &(0x7f0000002000)=""/102400, 0x19000)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB, @ANYRES32, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002e00"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x94)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

46.986099ms ago: executing program 3 (id=2111):
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sched_setaffinity(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
pread64(0xffffffffffffffff, &(0x7f0000001480)=""/4106, 0x100a, 0xfffffffffffffffc)
r1 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x1a, &(0x7f00000003c0)=0x6, 0x4)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f00000000c0)=[@in={0x2, 0x4e24, @remote}], 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = syz_io_uring_setup(0x50ca, &(0x7f00000035c0)={0x0, 0x0, 0x10100}, &(0x7f0000000180)=<r4=>0x0, &(0x7f0000003580)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f00000001c0)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r2, 0x80, &(0x7f0000000600)=@hci})
io_uring_enter(r3, 0x291c, 0x0, 0x0, 0x0, 0x0)

0s ago: executing program 2 (id=2112):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0xa, &(0x7f0000000100)=@raw=[@ringbuf_output={{0x18, 0x1, 0x1, 0x0, 0x1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}}, @alu={0x7, 0x1, 0xb, 0x3, 0x8, 0xc, 0xffffffffffffffff}], &(0x7f0000000040)='GPL\x00', 0x8, 0x1000, &(0x7f00000004c0)=""/4096, 0x40f00, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000180)={0x9, 0x5}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0x6, 0x4, 0xffffffc0}, 0x10, 0x0, 0x0, 0x7, &(0x7f00000002c0)=[0x1, 0xffffffffffffffff, 0x1, 0x1, 0x1], &(0x7f0000000300)=[{0x4, 0x2, 0x6, 0x6}, {0x1, 0x4, 0x6, 0x5}, {0x1, 0x3, 0x5, 0x3}, {0x1, 0x1, 0x9, 0x7}, {0x3, 0x5, 0x10}, {0x2, 0x1, 0x7, 0x8}, {0x3, 0x4, 0x3, 0xb}], 0x10, 0x80000001}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f00000000c0)='sys_exit\x00', r0}, 0x18)
r1 = socket$key(0xf, 0x3, 0x2)
r2 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
ioctl$EVIOCSREP(r2, 0x80004518, 0xffffffffffffffff)
sendmsg$key(r1, &(0x7f00000014c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)={0x2, 0xd, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, [@sadb_x_policy={0x8, 0x12, 0x30, 0x2, 0x0, 0x0, 0x0, {0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in=@broadcast}}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @local}}, @sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @private2}}]}, 0xa0}}, 0x0)
sysfs$2(0x2, 0x2000419, 0x0)
socket(0x3, 0x80000, 0xc)

kernel console output (not intermixed with test programs):

    C0] vkms_vblank_simulate: vblank timer overrun
[ 1217.472848][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1217.924394][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1217.973095][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1218.087529][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1218.375145][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1218.543164][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1218.861012][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1219.294626][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1219.315300][T12972] binder: 12970:12972 ioctl 81f8943c 200000000500 returned -22
[ 1219.485358][T12977] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1219.489801][T12977] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1220.402313][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1220.460335][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1220.530161][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1220.969879][T12982] binder: 12981:12982 ioctl 81f8943c 200000000500 returned -22
[ 1221.075693][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1221.855496][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1221.974039][   T59] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1222.007475][   T59] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1222.010365][   T59] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1222.021032][   T59] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1222.025369][   T59] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1222.152143][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1222.529384][T12995] binder: 12990:12995 ioctl c0306201 0 returned -14
[ 1223.700131][T12633] workqueue: Failed to create a rescuer kthread for wq "wg-crypt-wg2": -EINTR
[ 1223.775267][T13008] FAULT_INJECTION: forcing a failure.
[ 1223.775267][T13008] name failslab, interval 1, probability 0, space 0, times 0
[ 1223.775307][T13008] CPU: 0 UID: 0 PID: 13008 Comm: syz.4.1707 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1223.775341][T13008] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1223.775354][T13008] Call Trace:
[ 1223.775363][T13008]  <TASK>
[ 1223.775372][T13008]  dump_stack_lvl+0x189/0x250
[ 1223.775410][T13008]  ? __pfx____ratelimit+0x10/0x10
[ 1223.775438][T13008]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1223.775468][T13008]  ? __pfx__printk+0x10/0x10
[ 1223.775494][T13008]  ? __lock_acquire+0xab9/0xd20
[ 1223.775534][T13008]  should_fail_ex+0x46c/0x600
[ 1223.775566][T13008]  ? skb_clone+0x212/0x3a0
[ 1223.775592][T13008]  should_failslab+0xa8/0x100
[ 1223.775622][T13008]  ? skb_clone+0x212/0x3a0
[ 1223.775648][T13008]  kmem_cache_alloc_noprof+0x6e/0x310
[ 1223.775684][T13008]  skb_clone+0x212/0x3a0
[ 1223.775719][T13008]  __netlink_deliver_tap+0x404/0x850
[ 1223.775761][T13008]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1223.775799][T13008]  netlink_deliver_tap+0x19c/0x1b0
[ 1223.775827][T13008]  netlink_unicast+0x811/0xa10
[ 1223.775861][T13008]  ? __pfx_netlink_unicast+0x10/0x10
[ 1223.775887][T13008]  ? netlink_sendmsg+0x642/0xb30
[ 1223.775908][T13008]  ? skb_put+0x11b/0x210
[ 1223.775940][T13008]  netlink_sendmsg+0x805/0xb30
[ 1223.775976][T13008]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1223.776013][T13008]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1223.776034][T13008]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1223.776061][T13008]  __sock_sendmsg+0x219/0x270
[ 1223.776087][T13008]  ____sys_sendmsg+0x508/0x820
[ 1223.776125][T13008]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1223.776174][T13008]  ? import_iovec+0x74/0xa0
[ 1223.776203][T13008]  ___sys_sendmsg+0x21f/0x2a0
[ 1223.776235][T13008]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1223.776311][T13008]  ? __fget_files+0x2a/0x420
[ 1223.776347][T13008]  ? __fget_files+0x3a6/0x420
[ 1223.776390][T13008]  __x64_sys_sendmsg+0x1a1/0x260
[ 1223.776423][T13008]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1223.776465][T13008]  ? __pfx_ksys_write+0x10/0x10
[ 1223.776486][T13008]  ? rcu_is_watching+0x15/0xb0
[ 1223.776524][T13008]  ? do_syscall_64+0xbe/0x3b0
[ 1223.776557][T13008]  do_syscall_64+0xfa/0x3b0
[ 1223.776581][T13008]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1223.776606][T13008]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1223.776626][T13008]  ? clear_bhb_loop+0x60/0xb0
[ 1223.776652][T13008]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1223.776672][T13008] RIP: 0033:0x7f2cbc84ebe9
[ 1223.776692][T13008] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1223.776711][T13008] RSP: 002b:00007f2cbaa95038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1223.776736][T13008] RAX: ffffffffffffffda RBX: 00007f2cbca76090 RCX: 00007f2cbc84ebe9
[ 1223.776751][T13008] RDX: 0000000020000000 RSI: 0000200000000400 RDI: 0000000000000003
[ 1223.776766][T13008] RBP: 00007f2cbaa95090 R08: 0000000000000000 R09: 0000000000000000
[ 1223.776779][T13008] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1223.776792][T13008] R13: 00007f2cbca76128 R14: 00007f2cbca76090 R15: 00007ffcf77abf78
[ 1223.776829][T13008]  </TASK>
[ 1224.162506][   T59] Bluetooth: hci5: command tx timeout
[ 1224.781901][   T59] Bluetooth: hci3: unexpected event for opcode 0x0405
[ 1226.268159][   T59] Bluetooth: hci5: command tx timeout
[ 1228.315088][   T59] Bluetooth: hci5: command tx timeout
[ 1228.356299][T13025] fuse: Bad value for 'rootmode'
[ 1231.052474][   T59] Bluetooth: hci5: command tx timeout
[ 1233.331962][T13051] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1233.337008][T13051] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1233.413208][T12730] chnl_net:caif_netlink_parms(): no params data found
[ 1233.535087][T12986] chnl_net:caif_netlink_parms(): no params data found
[ 1234.706663][T13063] fuse: Bad value for 'rootmode'
[ 1235.717762][T12730] workqueue: Failed to create a rescuer kthread for wq "wg-crypt-wg2": -EINTR
[ 1236.977305][T12986] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1236.977587][T12986] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1236.977826][T12986] bridge_slave_0: entered allmulticast mode
[ 1236.981169][T12986] bridge_slave_0: entered promiscuous mode
[ 1237.133363][T12986] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1237.133536][T12986] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1237.133804][T12986] bridge_slave_1: entered allmulticast mode
[ 1237.138809][T12986] bridge_slave_1: entered promiscuous mode
[ 1238.810313][ T1325] ieee802154 phy0 wpan0: encryption failed: -22
[ 1238.810404][ T1325] ieee802154 phy1 wpan1: encryption failed: -22
[ 1239.027279][T13089] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1725'.
[ 1239.027350][T13089] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1725'.
[ 1239.280340][T13091] binder: 13088:13091 ioctl 81f8943c 200000000500 returned -22
[ 1240.178402][T12986] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1240.220431][T12986] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1241.589199][ T5838] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1241.595321][ T5838] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1241.605362][ T5838] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1241.606821][ T5838] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1241.608210][ T5838] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1242.691621][T13106] fuse: Unknown parameter 'use00000000000000000000'
[ 1243.102629][T12986] team0: Port device team_slave_0 added
[ 1243.342512][T12986] team0: Port device team_slave_1 added
[ 1243.583463][ T8979] Bluetooth: (null): Invalid header checksum
[ 1243.583651][ T8979] Bluetooth: (null): Invalid header checksum
[ 1243.693531][ T1363] Bluetooth: (null): Invalid header checksum
[ 1243.803176][ T6540] Bluetooth: (null): Invalid header checksum
[ 1244.880955][ T5838] Bluetooth: hci0: command tx timeout
[ 1245.665909][T12986] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1245.665946][T12986] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1245.665977][T12986] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1245.693934][T12986] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1245.693952][T12986] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1245.693978][T12986] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1247.082963][ T5838] Bluetooth: hci0: command tx timeout
[ 1248.896778][T13140] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1738'.
[ 1248.896823][T13140] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1738'.
[ 1249.135425][ T5838] Bluetooth: hci0: command tx timeout
[ 1250.771239][T12986] hsr_slave_0: entered promiscuous mode
[ 1250.775376][T12986] hsr_slave_1: entered promiscuous mode
[ 1250.776322][T12986] debugfs: 'hsr0' already exists in 'hsr'
[ 1250.776364][T12986] Cannot create hsr debugfs directory
[ 1250.893013][T13156] fuse: Unknown parameter 'use00000000000000000000'
[ 1250.993061][T10019] usb 4-1: new full-speed USB device number 65 using dummy_hcd
[ 1251.200504][T10019] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1251.200566][T10019] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1251.241196][T10019] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1251.241230][T10019] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 1251.241284][T10019] usb 4-1: SerialNumber: syz
[ 1251.432893][T10019] usb 4-1: config 0 descriptor??
[ 1251.450321][   T43] bridge_slave_1: left allmulticast mode
[ 1251.450361][   T43] bridge_slave_1: left promiscuous mode
[ 1251.450694][   T43] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1251.588411][ T5838] Bluetooth: hci0: command tx timeout
[ 1251.806087][ T5826] usb 4-1: USB disconnect, device number 65
[ 1252.364993][   T43] bridge_slave_0: left allmulticast mode
[ 1252.365032][   T43] bridge_slave_0: left promiscuous mode
[ 1252.365330][   T43] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1255.147817][T13180] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1749'.
[ 1255.148733][T13180] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1749'.
[ 1255.701946][   T43] bond0 (unregistering): Released all slaves
[ 1261.805156][T11888] usb 5-1: new full-speed USB device number 53 using dummy_hcd
[ 1261.966524][T11888] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xA3, changing to 0x83
[ 1261.966563][T11888] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 10
[ 1261.966609][T11888] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[ 1261.966633][T11888] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1261.990395][T11888] usb 5-1: config 0 descriptor??
[ 1262.636878][T11888] ath6kl: Failed to submit usb control message: -71
[ 1262.636936][T11888] ath6kl: unable to send the bmi data to the device: -71
[ 1262.636951][T11888] ath6kl: Unable to send get target info: -71
[ 1262.637821][T11888] ath6kl: Failed to init ath6kl core: -71
[ 1262.641976][T11888] ath6kl_usb 5-1:0.0: probe with driver ath6kl_usb failed with error -71
[ 1262.649449][T11888] usb 5-1: USB disconnect, device number 53
[ 1263.971996][T13215] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1759'.
[ 1265.531661][T11888] usb 4-1: new full-speed USB device number 66 using dummy_hcd
[ 1265.743175][T11888] usb 4-1: device descriptor read/64, error -71
[ 1266.681876][T11888] usb 4-1: new full-speed USB device number 67 using dummy_hcd
[ 1267.572534][T11888] usb 4-1: device descriptor read/64, error -71
[ 1267.701958][T11888] usb usb4-port1: attempt power cycle
[ 1267.806445][T13237] afs: Bad value for 'source'
[ 1267.856167][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1268.041353][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1268.323269][T11888] usb 4-1: new full-speed USB device number 68 using dummy_hcd
[ 1268.988926][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1269.172768][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1269.272851][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1269.635771][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1270.186179][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1270.447838][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1273.355128][T11888] usb 4-1: device descriptor read/8, error -110
[ 1273.642457][T11888] usb 4-1: new full-speed USB device number 69 using dummy_hcd
[ 1274.472735][T11888] usb 4-1: device descriptor read/8, error -32
[ 1274.597073][T11888] usb usb4-port1: unable to enumerate USB device
[ 1275.973419][   T43] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1276.672616][   T37] kauditd_printk_skb: 5 callbacks suppressed
[ 1276.672639][   T37] audit: type=1326 audit(1756441329.247:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13266 comm="syz.4.1773" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2cbc84ebe9 code=0x0
[ 1277.054338][   T43] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1277.109061][   T43] bond0 (unregistering): Released all slaves
[ 1277.169936][ T1183] Bluetooth: hci4: Frame reassembly failed (-84)
[ 1277.255509][T13277] geneve2: entered promiscuous mode
[ 1277.255543][T13277] geneve2: entered allmulticast mode
[ 1277.821664][T13281] FAULT_INJECTION: forcing a failure.
[ 1277.821664][T13281] name failslab, interval 1, probability 0, space 0, times 0
[ 1277.821685][T13281] CPU: 0 UID: 0 PID: 13281 Comm: syz.3.1775 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1277.821696][T13281] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1277.821701][T13281] Call Trace:
[ 1277.821705][T13281]  <TASK>
[ 1277.821709][T13281]  dump_stack_lvl+0x189/0x250
[ 1277.821726][T13281]  ? __pfx____ratelimit+0x10/0x10
[ 1277.821739][T13281]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1277.821751][T13281]  ? __pfx__printk+0x10/0x10
[ 1277.821764][T13281]  ? __pfx___might_resched+0x10/0x10
[ 1277.821775][T13281]  should_fail_ex+0x46c/0x600
[ 1277.821790][T13281]  ? prepare_creds+0x31/0x6c0
[ 1277.821802][T13281]  should_failslab+0xa8/0x100
[ 1277.821816][T13281]  ? prepare_creds+0x31/0x6c0
[ 1277.821829][T13281]  kmem_cache_alloc_noprof+0x6e/0x310
[ 1277.821843][T13281]  prepare_creds+0x31/0x6c0
[ 1277.821858][T13281]  copy_creds+0x106/0xa10
[ 1277.821874][T13281]  copy_process+0x95e/0x3ae0
[ 1277.821900][T13281]  ? __pfx_copy_process+0x10/0x10
[ 1277.821917][T13281]  kernel_clone+0x224/0x7c0
[ 1277.821930][T13281]  ? __pfx_kernel_clone+0x10/0x10
[ 1277.821954][T13281]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[ 1277.821974][T13281]  __x64_sys_clone+0x18b/0x1e0
[ 1277.821988][T13281]  ? __pfx___x64_sys_clone+0x10/0x10
[ 1277.822008][T13281]  ? __pfx_ksys_write+0x10/0x10
[ 1277.822018][T13281]  ? fput+0xa0/0xd0
[ 1277.822029][T13281]  ? do_syscall_64+0xbe/0x3b0
[ 1277.822042][T13281]  do_syscall_64+0xfa/0x3b0
[ 1277.822053][T13281]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1277.822069][T13281]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1277.822078][T13281]  ? clear_bhb_loop+0x60/0xb0
[ 1277.822088][T13281]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1277.822097][T13281] RIP: 0033:0x7f47654febe9
[ 1277.822106][T13281] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1277.822114][T13281] RSP: 002b:00007f4763765fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 1277.822126][T13281] RAX: ffffffffffffffda RBX: 00007f4765725fa0 RCX: 00007f47654febe9
[ 1277.822133][T13281] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1277.822138][T13281] RBP: 00007f4763766090 R08: 0000000000000000 R09: 0000000000000000
[ 1277.822144][T13281] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1277.822149][T13281] R13: 00007f4765726038 R14: 00007f4765725fa0 R15: 00007ffd3b59c248
[ 1277.822163][T13281]  </TASK>
[ 1277.987008][T13283] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[ 1277.987071][T13283] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 1278.270594][   T43] hsr_slave_0: left promiscuous mode
[ 1278.288508][   T43] hsr_slave_1: left promiscuous mode
[ 1278.289683][   T43] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1278.323585][   T43] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1279.059926][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1279.199188][ T5838] Bluetooth: hci4: command 0xfc11 tx timeout
[ 1279.199549][   T59] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[ 1279.544249][   T43] team0 (unregistering): Port device team_slave_1 removed
[ 1279.694856][   T43] team0 (unregistering): Port device team_slave_0 removed
[ 1279.777907][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1279.961932][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1280.027664][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1280.147723][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1280.561511][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1280.630854][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1280.799024][T13291] binder: 13290:13291 ioctl 81f8943c 200000000500 returned -22
[ 1280.809459][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1282.843672][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1283.176960][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1283.275185][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1283.334584][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1284.560869][ T5838] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1284.578420][ T5838] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1284.580349][ T5838] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1284.597843][ T5838] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1284.601102][ T5838] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1285.590442][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1285.984850][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1286.133624][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1286.203774][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1286.322683][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1286.381381][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1287.444928][ T5838] Bluetooth: hci4: command tx timeout
[ 1289.060253][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1289.207061][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1289.306135][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1289.335210][T11178] Bluetooth: (null): Invalid header checksum
[ 1289.335336][T11178] Bluetooth: (null): Invalid header checksum
[ 1289.504201][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1289.514141][ T5838] Bluetooth: hci4: command tx timeout
[ 1289.822471][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1291.751835][T13100] chnl_net:caif_netlink_parms(): no params data found
[ 1291.869422][ T5838] Bluetooth: hci4: command tx timeout
[ 1293.581720][   T59] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 1293.618317][   T59] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 1293.621659][   T59] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 1293.636447][   T59] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 1293.720747][   T59] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 1294.123280][   T59] Bluetooth: hci4: command tx timeout
[ 1295.706090][T13381] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1295.706111][T13381] IPv6: NLM_F_CREATE should be set when creating new route
[ 1295.706178][T13381] IPv6: NLM_F_CREATE should be set when creating new route
[ 1295.706216][T13381] IPv6: NLM_F_CREATE should be set when creating new route
[ 1295.707574][T13381] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1295.832587][   T59] Bluetooth: hci6: command tx timeout
[ 1297.912711][   T59] Bluetooth: hci6: command tx timeout
[ 1300.021659][   T59] Bluetooth: hci6: command tx timeout
[ 1300.739814][ T1325] ieee802154 phy0 wpan0: encryption failed: -22
[ 1300.751531][ T1325] ieee802154 phy1 wpan1: encryption failed: -22
[ 1302.072711][   T59] Bluetooth: hci6: command tx timeout
[ 1303.197166][T13317] chnl_net:caif_netlink_parms(): no params data found
[ 1304.372361][T13411] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[ 1304.372479][T13411] exFAT-fs (loop2): unable to read boot sector
[ 1304.372489][T13411] exFAT-fs (loop2): failed to read boot sector
[ 1304.372498][T13411] exFAT-fs (loop2): failed to recognize exfat type
[ 1304.591934][ T5838] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1304.622638][ T5838] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1304.629655][ T5838] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1304.631674][ T5838] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1304.634115][ T5838] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1306.168207][T13425] FAULT_INJECTION: forcing a failure.
[ 1306.168207][T13425] name failslab, interval 1, probability 0, space 0, times 0
[ 1306.168244][T13425] CPU: 1 UID: 0 PID: 13425 Comm: syz.2.1811 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1306.168269][T13425] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1306.168281][T13425] Call Trace:
[ 1306.168289][T13425]  <TASK>
[ 1306.168297][T13425]  dump_stack_lvl+0x189/0x250
[ 1306.168332][T13425]  ? __pfx____ratelimit+0x10/0x10
[ 1306.168359][T13425]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1306.168385][T13425]  ? __pfx__printk+0x10/0x10
[ 1306.168414][T13425]  ? __pfx___might_resched+0x10/0x10
[ 1306.168441][T13425]  should_fail_ex+0x46c/0x600
[ 1306.168474][T13425]  should_failslab+0xa8/0x100
[ 1306.168501][T13425]  __kmalloc_noprof+0xcb/0x430
[ 1306.168525][T13425]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[ 1306.168563][T13425]  genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[ 1306.168600][T13425]  genl_family_rcv_msg_doit+0xb8/0x300
[ 1306.168639][T13425]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1306.168670][T13425]  ? rcu_is_watching+0x15/0xb0
[ 1306.168700][T13425]  ? cap_capable+0x11f/0x460
[ 1306.168723][T13425]  ? safesetid_security_capable+0xa9/0x1a0
[ 1306.168750][T13425]  ? bpf_lsm_capable+0x9/0x20
[ 1306.168774][T13425]  ? security_capable+0x7e/0x2e0
[ 1306.168808][T13425]  genl_rcv_msg+0x60e/0x790
[ 1306.168846][T13425]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1306.168873][T13425]  ? __pfx_ethnl_default_set_doit+0x10/0x10
[ 1306.168904][T13425]  ? __lock_acquire+0xab9/0xd20
[ 1306.168950][T13425]  netlink_rcv_skb+0x205/0x470
[ 1306.168975][T13425]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1306.169004][T13425]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1306.169047][T13425]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1306.169070][T13425]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1306.169098][T13425]  genl_rcv+0x28/0x40
[ 1306.169124][T13425]  netlink_unicast+0x843/0xa10
[ 1306.169157][T13425]  ? __pfx_netlink_unicast+0x10/0x10
[ 1306.169182][T13425]  ? netlink_sendmsg+0x642/0xb30
[ 1306.169203][T13425]  ? skb_put+0x11b/0x210
[ 1306.169235][T13425]  netlink_sendmsg+0x805/0xb30
[ 1306.169271][T13425]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1306.169304][T13425]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1306.169324][T13425]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1306.169349][T13425]  __sock_sendmsg+0x219/0x270
[ 1306.169376][T13425]  ____sys_sendmsg+0x508/0x820
[ 1306.169410][T13425]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1306.169470][T13425]  ? import_iovec+0x74/0xa0
[ 1306.169497][T13425]  ___sys_sendmsg+0x21f/0x2a0
[ 1306.169528][T13425]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1306.169600][T13425]  ? __fget_files+0x2a/0x420
[ 1306.169626][T13425]  ? __fget_files+0x3a6/0x420
[ 1306.169666][T13425]  __x64_sys_sendmsg+0x1a1/0x260
[ 1306.169697][T13425]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1306.169737][T13425]  ? __pfx_ksys_write+0x10/0x10
[ 1306.169758][T13425]  ? rcu_is_watching+0x15/0xb0
[ 1306.169793][T13425]  ? do_syscall_64+0xbe/0x3b0
[ 1306.169824][T13425]  do_syscall_64+0xfa/0x3b0
[ 1306.169848][T13425]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1306.169872][T13425]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1306.169893][T13425]  ? clear_bhb_loop+0x60/0xb0
[ 1306.169928][T13425]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1306.169947][T13425] RIP: 0033:0x7f6f7cc0ebe9
[ 1306.169966][T13425] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1306.169984][T13425] RSP: 002b:00007f6f7ae76038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1306.170007][T13425] RAX: ffffffffffffffda RBX: 00007f6f7ce35fa0 RCX: 00007f6f7cc0ebe9
[ 1306.170023][T13425] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000003
[ 1306.170036][T13425] RBP: 00007f6f7ae76090 R08: 0000000000000000 R09: 0000000000000000
[ 1306.170050][T13425] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1306.170062][T13425] R13: 00007f6f7ce36038 R14: 00007f6f7ce35fa0 R15: 00007ffc5d5ab048
[ 1306.170098][T13425]  </TASK>
[ 1306.382456][T10900] usb 4-1: new full-speed USB device number 70 using dummy_hcd
[ 1306.712501][   T59] Bluetooth: hci1: command tx timeout
[ 1306.717691][T10900] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64
[ 1306.717731][T10900] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A
[ 1306.717756][T10900] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid maxpacket 121, setting to 64
[ 1306.720631][T10900] usb 4-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10
[ 1306.720668][T10900] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1306.720690][T10900] usb 4-1: Product: syz
[ 1306.720705][T10900] usb 4-1: Manufacturer: syz
[ 1306.720736][T10900] usb 4-1: SerialNumber: syz
[ 1306.802037][T10900] usb 4-1: config 0 descriptor??
[ 1306.818840][T13421] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[ 1306.819001][T13421] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[ 1306.853282][T10900] usb 4-1: ucan: probing device on interface #0
[ 1307.232126][T10900] usb 4-1: ucan: device reported invalid device info
[ 1307.232152][T10900] usb 4-1: ucan: probe failed; try to update the device firmware
[ 1307.501046][T13317] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1307.502004][T13317] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1307.502259][T13317] bridge_slave_0: entered allmulticast mode
[ 1307.528837][T13317] bridge_slave_0: entered promiscuous mode
[ 1307.583150][T13317] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1307.583325][T13317] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1307.583614][T13317] bridge_slave_1: entered allmulticast mode
[ 1307.608083][T13317] bridge_slave_1: entered promiscuous mode
[ 1307.718542][T13436] fuse: Bad value for 'fd'
[ 1308.795331][T13317] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1308.803255][   T59] Bluetooth: hci1: command tx timeout
[ 1308.822907][T13317] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1309.046569][T13317] team0: Port device team_slave_0 added
[ 1309.080011][T13317] team0: Port device team_slave_1 added
[ 1309.681922][T13445] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[ 1309.682052][T13445] exFAT-fs (loop2): unable to read boot sector
[ 1309.682064][T13445] exFAT-fs (loop2): failed to read boot sector
[ 1309.682075][T13445] exFAT-fs (loop2): failed to recognize exfat type
[ 1309.865839][ T8831] usb 4-1: USB disconnect, device number 70
[ 1309.873329][T13317] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1309.873350][T13317] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1309.873380][T13317] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1310.882352][   T59] Bluetooth: hci1: command tx timeout
[ 1312.461741][T13470] fuse: Bad value for 'fd'
[ 1313.177873][   T59] Bluetooth: hci1: command tx timeout
[ 1313.747029][T13317] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1313.747049][T13317] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1313.747076][T13317] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1318.203456][   T43] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1318.331362][T13370] chnl_net:caif_netlink_parms(): no params data found
[ 1318.781504][T13499] fuse: Bad value for 'fd'
[ 1321.754781][   T43] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1321.818171][T13317] hsr_slave_0: entered promiscuous mode
[ 1321.819954][T13317] hsr_slave_1: entered promiscuous mode
[ 1321.823237][T13317] debugfs: 'hsr0' already exists in 'hsr'
[ 1321.823269][T13317] Cannot create hsr debugfs directory
[ 1323.611931][   T43] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1331.029417][T13533] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1331.212217][T13542] fuse: Unknown parameter '0x0000000000000007'
[ 1332.380967][   T43] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1333.223122][T13370] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1333.223381][T13370] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1333.223640][T13370] bridge_slave_0: entered allmulticast mode
[ 1333.230731][T13370] bridge_slave_0: entered promiscuous mode
[ 1333.267115][T13412] chnl_net:caif_netlink_parms(): no params data found
[ 1333.308732][T13370] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1333.308907][T13370] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1333.309161][T13370] bridge_slave_1: entered allmulticast mode
[ 1333.334648][T13370] bridge_slave_1: entered promiscuous mode
[ 1333.816377][T13370] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1333.908985][T13370] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1334.238873][T13570] fuse: Unknown parameter '0x0000000000000007'
[ 1335.647791][T13575] vhci_hcd vhci_hcd.0: pdev(3) rhport(1) sockfd(7)
[ 1335.647809][T13575] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[ 1335.660935][T13575] vhci_hcd vhci_hcd.0: Device attached
[ 1335.666270][T13575] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[ 1335.668976][T13575] vhci_hcd vhci_hcd.0: pdev(3) rhport(3) sockfd(11)
[ 1335.669001][T13575] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1335.669150][T13575] vhci_hcd vhci_hcd.0: Device attached
[ 1335.671004][T13575] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[ 1335.672741][T13575] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[ 1335.675103][T13575] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[ 1335.678487][T13573] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(4)
[ 1335.678511][T13573] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1335.678640][T13573] vhci_hcd vhci_hcd.0: Device attached
[ 1335.679474][T13575] vhci_hcd vhci_hcd.0: pdev(3) rhport(7) sockfd(19)
[ 1335.679493][T13575] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[ 1335.679539][T13575] vhci_hcd vhci_hcd.0: Device attached
[ 1335.697690][T13579] vhci_hcd: connection closed
[ 1335.712430][T13581] vhci_hcd: connection closed
[ 1335.713511][ T1507] vhci_hcd: stop threads
[ 1335.714585][ T1507] vhci_hcd: release socket
[ 1335.714662][ T1507] vhci_hcd: disconnect device
[ 1335.715116][T13576] vhci_hcd: connection closed
[ 1335.715400][ T1507] vhci_hcd: stop threads
[ 1335.715410][ T1507] vhci_hcd: release socket
[ 1335.715440][ T1507] vhci_hcd: disconnect device
[ 1335.715716][ T1507] vhci_hcd: stop threads
[ 1335.715724][ T1507] vhci_hcd: release socket
[ 1335.715754][ T1507] vhci_hcd: disconnect device
[ 1335.776196][T13583] vhci_hcd: connection closed
[ 1335.778928][ T6540] vhci_hcd: stop threads
[ 1335.778950][ T6540] vhci_hcd: release socket
[ 1335.786370][ T6540] vhci_hcd: disconnect device
[ 1336.034882][T13587] FAULT_INJECTION: forcing a failure.
[ 1336.034882][T13587] name failslab, interval 1, probability 0, space 0, times 0
[ 1336.034922][T13587] CPU: 1 UID: 0 PID: 13587 Comm: syz.2.1849 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1336.034947][T13587] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1336.034960][T13587] Call Trace:
[ 1336.034969][T13587]  <TASK>
[ 1336.034979][T13587]  dump_stack_lvl+0x189/0x250
[ 1336.035015][T13587]  ? __pfx____ratelimit+0x10/0x10
[ 1336.035043][T13587]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1336.035074][T13587]  ? __pfx__printk+0x10/0x10
[ 1336.035104][T13587]  ? __pfx___might_resched+0x10/0x10
[ 1336.035125][T13587]  ? fs_reclaim_acquire+0x7d/0x100
[ 1336.035150][T13587]  should_fail_ex+0x46c/0x600
[ 1336.035184][T13587]  should_failslab+0xa8/0x100
[ 1336.035215][T13587]  __kvmalloc_node_noprof+0x15a/0x550
[ 1336.035243][T13587]  ? traverse+0xd9/0x570
[ 1336.035274][T13587]  traverse+0xd9/0x570
[ 1336.035306][T13587]  ? seq_read_iter+0xb8/0xe10
[ 1336.035333][T13587]  seq_read_iter+0xcff/0xe10
[ 1336.035375][T13587]  ? __asan_memset+0x22/0x50
[ 1336.035406][T13587]  seq_read+0x36c/0x480
[ 1336.035427][T13587]  ? __lock_acquire+0xab9/0xd20
[ 1336.035464][T13587]  ? __pfx_seq_read+0x10/0x10
[ 1336.035495][T13587]  ? __import_iovec+0x5d4/0x7f0
[ 1336.035530][T13587]  ? __pfx_seq_read+0x10/0x10
[ 1336.035551][T13587]  proc_reg_read+0x1f3/0x2f0
[ 1336.035582][T13587]  vfs_readv+0x5b3/0x850
[ 1336.035614][T13587]  ? __pfx_proc_reg_read+0x10/0x10
[ 1336.035642][T13587]  ? __pfx_vfs_readv+0x10/0x10
[ 1336.035691][T13587]  ? __fget_files+0x2a/0x420
[ 1336.035727][T13587]  ? __fget_files+0x3a6/0x420
[ 1336.035754][T13587]  ? __fget_files+0x2a/0x420
[ 1336.035794][T13587]  __x64_sys_preadv+0x19a/0x2a0
[ 1336.035826][T13587]  ? __pfx___x64_sys_preadv+0x10/0x10
[ 1336.035851][T13587]  ? rcu_is_watching+0x15/0xb0
[ 1336.035889][T13587]  ? do_syscall_64+0xbe/0x3b0
[ 1336.035922][T13587]  do_syscall_64+0xfa/0x3b0
[ 1336.035948][T13587]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1336.035974][T13587]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1336.035995][T13587]  ? clear_bhb_loop+0x60/0xb0
[ 1336.036021][T13587]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1336.036043][T13587] RIP: 0033:0x7f6f7cc0ebe9
[ 1336.036063][T13587] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1336.036082][T13587] RSP: 002b:00007f6f7ae76038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[ 1336.036106][T13587] RAX: ffffffffffffffda RBX: 00007f6f7ce35fa0 RCX: 00007f6f7cc0ebe9
[ 1336.036122][T13587] RDX: 0000000000000001 RSI: 00002000000004c0 RDI: 0000000000000004
[ 1336.036137][T13587] RBP: 00007f6f7ae76090 R08: 0000000000000000 R09: 0000000000000000
[ 1336.036151][T13587] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000001
[ 1336.036163][T13587] R13: 00007f6f7ce36038 R14: 00007f6f7ce35fa0 R15: 00007ffc5d5ab048
[ 1336.036200][T13587]  </TASK>
[ 1338.104746][T13595] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[ 1338.104903][T13595] exFAT-fs (loop2): unable to read boot sector
[ 1338.104944][T13595] exFAT-fs (loop2): failed to read boot sector
[ 1338.104953][T13595] exFAT-fs (loop2): failed to recognize exfat type
[ 1339.206638][T13599] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1339.207157][T13599] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1339.238407][T13370] team0: Port device team_slave_0 added
[ 1340.674082][T13370] team0: Port device team_slave_1 added
[ 1340.674832][T13412] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1340.674996][T13412] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1340.675220][T13412] bridge_slave_0: entered allmulticast mode
[ 1340.678466][T13412] bridge_slave_0: entered promiscuous mode
[ 1340.961624][T13412] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1340.961887][T13412] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1340.962131][T13412] bridge_slave_1: entered allmulticast mode
[ 1340.987489][T13412] bridge_slave_1: entered promiscuous mode
[ 1341.304092][T13370] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1341.304111][T13370] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1341.304136][T13370] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1341.437957][T13370] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1341.437997][T13370] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1341.438025][T13370] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1341.440083][   T43] bridge_slave_1: left allmulticast mode
[ 1341.440102][   T43] bridge_slave_1: left promiscuous mode
[ 1341.440255][   T43] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1341.554532][   T43] bridge_slave_0: left allmulticast mode
[ 1341.554573][   T43] bridge_slave_0: left promiscuous mode
[ 1341.554940][   T43] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1341.628174][   T43] bridge_slave_1: left allmulticast mode
[ 1341.628214][   T43] bridge_slave_1: left promiscuous mode
[ 1341.628502][   T43] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1341.694210][   T43] bridge_slave_0: left allmulticast mode
[ 1341.694249][   T43] bridge_slave_0: left promiscuous mode
[ 1341.694561][   T43] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1342.256574][   T43] bond0 (unregistering): Released all slaves
[ 1342.605869][T13610] fuse: Unknown parameter '0x0000000000000007'
[ 1343.723545][   T43] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1343.923496][   T43] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1344.289379][ T5838] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1344.590761][   T43] bond0 (unregistering): Released all slaves
[ 1344.740407][ T5838] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1344.912376][ T5838] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1344.914019][ T5838] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1344.915078][ T5838] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1345.972745][T12785] usb 4-1: new full-speed USB device number 71 using dummy_hcd
[ 1346.163206][T12785] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xA3, changing to 0x83
[ 1346.163244][T12785] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 10
[ 1346.163293][T12785] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[ 1346.163317][T12785] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1346.169520][T12785] usb 4-1: config 0 descriptor??
[ 1346.382178][T12785] ath6kl: Failed to submit usb control message: -71
[ 1346.382240][T12785] ath6kl: unable to send the bmi data to the device: -71
[ 1346.382255][T12785] ath6kl: Unable to send get target info: -71
[ 1346.436015][T12785] ath6kl: Failed to init ath6kl core: -71
[ 1346.437812][T12785] ath6kl_usb 4-1:0.0: probe with driver ath6kl_usb failed with error -71
[ 1346.460707][T12785] usb 4-1: USB disconnect, device number 71
[ 1346.954533][   T59] Bluetooth: hci0: command tx timeout
[ 1347.423934][   T43] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1347.493647][   T43] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1347.535354][   T43] bond0 (unregistering): Released all slaves
[ 1347.747738][   T43] bond0 (unregistering): Released all slaves
[ 1347.814441][T13412] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1348.739655][T13412] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1349.032479][   T59] Bluetooth: hci0: command tx timeout
[ 1349.469224][T13645] fuse: Unknown parameter '0x0000000000000007'
[ 1350.199423][T13642] block nbd3: Send control failed (result -22)
[ 1350.199537][T13642] block nbd3: Request send failed, requeueing
[ 1350.239214][T12641] block nbd3: Dead connection, failed to find a fallback
[ 1350.239256][T12641] block nbd3: shutting down sockets
[ 1350.239274][T12641] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 2
[ 1350.359159][T13642] netlink: 92 bytes leftover after parsing attributes in process `syz.3.1865'.
[ 1350.359191][T13642] netlink: 92 bytes leftover after parsing attributes in process `syz.3.1865'.
[ 1351.112654][   T59] Bluetooth: hci0: command tx timeout
[ 1351.141260][T13412] team0: Port device team_slave_0 added
[ 1351.381044][T13412] team0: Port device team_slave_1 added
[ 1351.525792][T13370] hsr_slave_0: entered promiscuous mode
[ 1351.539096][T13370] hsr_slave_1: entered promiscuous mode
[ 1351.542803][T13370] debugfs: 'hsr0' already exists in 'hsr'
[ 1351.542830][T13370] Cannot create hsr debugfs directory
[ 1351.844016][T13412] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1351.844036][T13412] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1351.844063][T13412] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1352.193365][T13412] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1352.193386][T13412] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1352.193415][T13412] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1352.484431][T13667] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1871'.
[ 1352.610690][   T43] hsr_slave_0: left promiscuous mode
[ 1352.715901][   T43] hsr_slave_1: left promiscuous mode
[ 1352.716978][   T43] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1352.767290][   T43] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1353.115960][   T43] hsr_slave_0: left promiscuous mode
[ 1353.192694][   T43] hsr_slave_1: left promiscuous mode
[ 1353.193768][   T43] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1353.193801][   T43] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1353.193850][   T59] Bluetooth: hci0: command tx timeout
[ 1353.253774][   T43] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1353.253813][   T43] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1353.414105][T13676] fuse: Unknown parameter '0x0000000000000007'
[ 1354.169616][ T5838] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1354.196249][ T5838] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1354.198258][ T5838] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1354.199698][ T5838] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1354.201087][ T5838] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1354.408435][   T43] veth1_macvtap: left promiscuous mode
[ 1354.408579][   T43] veth0_macvtap: left promiscuous mode
[ 1354.408925][   T43] veth1_vlan: left promiscuous mode
[ 1354.409187][   T43] veth0_vlan: left promiscuous mode
[ 1356.312490][   T59] Bluetooth: hci5: command tx timeout
[ 1356.403714][   T43] team0 (unregistering): Port device team_slave_1 removed
[ 1356.623715][   T43] team0 (unregistering): Port device team_slave_0 removed
[ 1358.392621][   T59] Bluetooth: hci5: command tx timeout
[ 1359.803518][   T43] team0 (unregistering): Port device team_slave_1 removed
[ 1360.083646][   T43] team0 (unregistering): Port device team_slave_0 removed
[ 1360.472551][   T59] Bluetooth: hci5: command tx timeout
[ 1361.702950][ T1325] ieee802154 phy0 wpan0: encryption failed: -22
[ 1361.703040][ T1325] ieee802154 phy1 wpan1: encryption failed: -22
[ 1362.552611][   T59] Bluetooth: hci5: command tx timeout
[ 1363.248400][T13667] tipc: Started in network mode
[ 1363.248427][T13667] tipc: Node identity c, cluster identity 4711
[ 1363.248441][T13667] tipc: Node number set to 12
[ 1366.997663][T13700] bpq0: entered allmulticast mode
[ 1367.434147][ T5838] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1367.452614][ T5838] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1367.455364][ T5838] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1367.457417][ T5838] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1367.458365][ T5838] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1368.681935][T13716] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1368.682498][T13716] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1369.768568][   T59] Bluetooth: hci1: command tx timeout
[ 1369.791895][T13718] block nbd3: Attempted send on invalid socket
[ 1369.791922][T13718] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 2
[ 1371.843203][   T59] Bluetooth: hci1: command tx timeout
[ 1372.138551][T13734] netlink: 160 bytes leftover after parsing attributes in process `syz.3.1884'.
[ 1372.180983][T13734] netlink: 160 bytes leftover after parsing attributes in process `syz.3.1884'.
[ 1372.238284][T13734] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1884'.
[ 1372.424611][T13625] chnl_net:caif_netlink_parms(): no params data found
[ 1373.181949][T13708] chnl_net:caif_netlink_parms(): no params data found
[ 1373.913311][   T59] Bluetooth: hci1: command tx timeout
[ 1374.482361][T13625] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1374.482555][T13625] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1374.482820][T13625] bridge_slave_0: entered allmulticast mode
[ 1374.486507][T13625] bridge_slave_0: entered promiscuous mode
[ 1374.571799][T13625] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1374.571974][T13625] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1374.587261][T13625] bridge_slave_1: entered allmulticast mode
[ 1374.590855][T13625] bridge_slave_1: entered promiscuous mode
[ 1374.632635][T13677] chnl_net:caif_netlink_parms(): no params data found
[ 1375.742171][T13625] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1376.005513][   T59] Bluetooth: hci1: command tx timeout
[ 1376.563329][T13625] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1376.568753][T13708] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1376.568956][T13708] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1376.569251][T13708] bridge_slave_0: entered allmulticast mode
[ 1376.597079][T13708] bridge_slave_0: entered promiscuous mode
[ 1376.659313][T13780] FAULT_INJECTION: forcing a failure.
[ 1376.659313][T13780] name failslab, interval 1, probability 0, space 0, times 0
[ 1376.659354][T13780] CPU: 1 UID: 0 PID: 13780 Comm: syz.3.1893 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1376.659380][T13780] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1376.659393][T13780] Call Trace:
[ 1376.659403][T13780]  <TASK>
[ 1376.659413][T13780]  dump_stack_lvl+0x189/0x250
[ 1376.659450][T13780]  ? __pfx____ratelimit+0x10/0x10
[ 1376.659479][T13780]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1376.659511][T13780]  ? __pfx__printk+0x10/0x10
[ 1376.659556][T13780]  should_fail_ex+0x46c/0x600
[ 1376.659591][T13780]  should_failslab+0xa8/0x100
[ 1376.659625][T13780]  __kmalloc_cache_noprof+0x6e/0x320
[ 1376.659653][T13780]  ? nfulnl_recv_config+0xc3c/0x1380
[ 1376.659685][T13780]  ? nfulnl_recv_config+0x191/0x1380
[ 1376.659710][T13780]  nfulnl_recv_config+0xc3c/0x1380
[ 1376.659753][T13780]  nfnetlink_rcv_msg+0xb69/0x1150
[ 1376.659775][T13780]  ? __lock_acquire+0xab9/0xd20
[ 1376.659803][T13780]  ? nfnetlink_rcv_msg+0x212/0x1150
[ 1376.659854][T13780]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[ 1376.659915][T13780]  ? __pfx_migrate_enable+0x10/0x10
[ 1376.659944][T13780]  ? __pfx_migrate_enable+0x10/0x10
[ 1376.659996][T13780]  netlink_rcv_skb+0x205/0x470
[ 1376.660036][T13780]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[ 1376.660060][T13780]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1376.660103][T13780]  ? bpf_lsm_capable+0x9/0x20
[ 1376.660128][T13780]  ? security_capable+0x7e/0x2e0
[ 1376.660167][T13780]  nfnetlink_rcv+0x26a/0x2530
[ 1376.660196][T13780]  ? __dev_queue_xmit+0x1d3d/0x3b70
[ 1376.660241][T13780]  ? __dev_queue_xmit+0x26f/0x3b70
[ 1376.660291][T13780]  ? __pfx_nfnetlink_rcv+0x10/0x10
[ 1376.660314][T13780]  ? __pfx___dev_queue_xmit+0x10/0x10
[ 1376.660367][T13780]  ? ref_tracker_free+0x61e/0x7c0
[ 1376.660397][T13780]  ? __asan_memcpy+0x40/0x70
[ 1376.660419][T13780]  ? __pfx_ref_tracker_free+0x10/0x10
[ 1376.660445][T13780]  ? __skb_clone+0x63/0x7a0
[ 1376.660483][T13780]  ? __skb_clone+0x483/0x7a0
[ 1376.660522][T13780]  ? skb_clone+0x246/0x3a0
[ 1376.660557][T13780]  ? __netlink_deliver_tap+0x807/0x850
[ 1376.660582][T13780]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1376.660624][T13780]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1376.660661][T13780]  netlink_unicast+0x843/0xa10
[ 1376.660695][T13780]  ? __pfx_netlink_unicast+0x10/0x10
[ 1376.660721][T13780]  ? netlink_sendmsg+0x642/0xb30
[ 1376.660744][T13780]  ? skb_put+0x11b/0x210
[ 1376.660777][T13780]  netlink_sendmsg+0x805/0xb30
[ 1376.660816][T13780]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1376.660852][T13780]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1376.660873][T13780]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1376.660900][T13780]  __sock_sendmsg+0x219/0x270
[ 1376.660927][T13780]  ____sys_sendmsg+0x508/0x820
[ 1376.660965][T13780]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1376.661008][T13780]  ? import_iovec+0x74/0xa0
[ 1376.661048][T13780]  ___sys_sendmsg+0x21f/0x2a0
[ 1376.661081][T13780]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1376.661166][T13780]  ? __fget_files+0x2a/0x420
[ 1376.661194][T13780]  ? __fget_files+0x3a6/0x420
[ 1376.661240][T13780]  __x64_sys_sendmsg+0x1a1/0x260
[ 1376.661274][T13780]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1376.661320][T13780]  ? __pfx_ksys_write+0x10/0x10
[ 1376.661342][T13780]  ? rcu_is_watching+0x15/0xb0
[ 1376.661382][T13780]  ? do_syscall_64+0xbe/0x3b0
[ 1376.661416][T13780]  do_syscall_64+0xfa/0x3b0
[ 1376.661442][T13780]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1376.661466][T13780]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1376.661487][T13780]  ? clear_bhb_loop+0x60/0xb0
[ 1376.661515][T13780]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1376.661535][T13780] RIP: 0033:0x7f47654febe9
[ 1376.661556][T13780] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1376.661574][T13780] RSP: 002b:00007f4763745038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1376.661598][T13780] RAX: ffffffffffffffda RBX: 00007f4765726090 RCX: 00007f47654febe9
[ 1376.661614][T13780] RDX: 0000000020000000 RSI: 0000200000000400 RDI: 0000000000000003
[ 1376.661629][T13780] RBP: 00007f4763745090 R08: 0000000000000000 R09: 0000000000000000
[ 1376.661641][T13780] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1376.661654][T13780] R13: 00007f4765726128 R14: 00007f4765726090 R15: 00007ffd3b59c248
[ 1376.661695][T13780]  </TASK>
[ 1377.195018][T13708] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1377.195970][T13708] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1377.196224][T13708] bridge_slave_1: entered allmulticast mode
[ 1377.208942][T13708] bridge_slave_1: entered promiscuous mode
[ 1377.466072][T13625] team0: Port device team_slave_0 added
[ 1377.798255][T13625] team0: Port device team_slave_1 added
[ 1377.800690][T13708] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1378.020947][T13708] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1378.159261][T13677] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1378.159531][T13677] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1378.159825][T13677] bridge_slave_0: entered allmulticast mode
[ 1378.170034][T13677] bridge_slave_0: entered promiscuous mode
[ 1379.120165][T13625] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1379.120184][T13625] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1379.120214][T13625] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1379.323830][T13677] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1379.324000][T13677] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1379.426327][T13677] bridge_slave_1: entered allmulticast mode
[ 1379.774960][T13677] bridge_slave_1: entered promiscuous mode
[ 1380.373062][T13625] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1380.373083][T13625] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1380.373112][T13625] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1380.582384][T13708] team0: Port device team_slave_0 added
[ 1381.034459][T13708] team0: Port device team_slave_1 added
[ 1381.117059][T13677] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1381.313083][ T5917] usb 4-1: new high-speed USB device number 72 using dummy_hcd
[ 1381.830501][T13677] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1381.852423][ T5917] usb 4-1: Using ep0 maxpacket: 8
[ 1381.862133][ T5917] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x1 has invalid maxpacket 1024, setting to 64
[ 1381.887681][ T5917] usb 4-1: config 0 interface 0 has no altsetting 0
[ 1381.909405][ T5917] usb 4-1: New USB device found, idVendor=0e41, idProduct=4142, bcdDevice=d4.6e
[ 1381.909428][ T5917] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1381.909440][ T5917] usb 4-1: Product: syz
[ 1381.909449][ T5917] usb 4-1: Manufacturer: syz
[ 1381.909457][ T5917] usb 4-1: SerialNumber: syz
[ 1381.960550][ T5917] usb 4-1: config 0 descriptor??
[ 1381.993587][ T5917] snd_usb_toneport 4-1:0.0: Line 6 TonePort UX2 found
[ 1382.379472][ T5917] snd_usb_toneport 4-1:0.0: Line 6 TonePort UX2 now disconnected
[ 1382.400947][ T5917] snd_usb_toneport 4-1:0.0: probe with driver snd_usb_toneport failed with error -22
[ 1382.405563][T13822] FAULT_INJECTION: forcing a failure.
[ 1382.405563][T13822] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1382.405596][T13822] CPU: 0 UID: 0 PID: 13822 Comm: syz.2.1905 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1382.405618][T13822] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1382.405629][T13822] Call Trace:
[ 1382.405638][T13822]  <TASK>
[ 1382.405646][T13822]  dump_stack_lvl+0x189/0x250
[ 1382.405678][T13822]  ? __pfx____ratelimit+0x10/0x10
[ 1382.405702][T13822]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1382.405728][T13822]  ? __pfx__printk+0x10/0x10
[ 1382.405764][T13822]  should_fail_ex+0x46c/0x600
[ 1382.405795][T13822]  _copy_to_user+0x31/0xb0
[ 1382.405818][T13822]  simple_read_from_buffer+0xe1/0x170
[ 1382.405848][T13822]  proc_fail_nth_read+0x1b6/0x220
[ 1382.405871][T13822]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1382.405895][T13822]  ? rw_verify_area+0x2ac/0x4e0
[ 1382.405916][T13822]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1382.405937][T13822]  vfs_read+0x203/0xa30
[ 1382.405975][T13822]  ? __pfx_vfs_read+0x10/0x10
[ 1382.405994][T13822]  ? try_to_take_rt_mutex+0x7fd/0xac0
[ 1382.406024][T13822]  ? mutex_lock_nested+0x154/0x1d0
[ 1382.406040][T13822]  ? fdget_pos+0x253/0x320
[ 1382.406076][T13822]  ksys_read+0x14b/0x260
[ 1382.406101][T13822]  ? __pfx_ksys_read+0x10/0x10
[ 1382.406119][T13822]  ? rcu_is_watching+0x15/0xb0
[ 1382.406151][T13822]  ? do_syscall_64+0xbe/0x3b0
[ 1382.406180][T13822]  do_syscall_64+0xfa/0x3b0
[ 1382.406200][T13822]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1382.406231][T13822]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1382.406249][T13822]  ? clear_bhb_loop+0x60/0xb0
[ 1382.406272][T13822]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1382.406290][T13822] RIP: 0033:0x7f6f7cc0d5fc
[ 1382.406307][T13822] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1382.406323][T13822] RSP: 002b:00007f6f7ae55030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1382.406345][T13822] RAX: ffffffffffffffda RBX: 00007f6f7ce36090 RCX: 00007f6f7cc0d5fc
[ 1382.406359][T13822] RDX: 000000000000000f RSI: 00007f6f7ae550a0 RDI: 0000000000000005
[ 1382.406371][T13822] RBP: 00007f6f7ae55090 R08: 0000000000000000 R09: 0000000000000000
[ 1382.406383][T13822] R10: 00002000000001c0 R11: 0000000000000246 R12: 0000000000000001
[ 1382.406395][T13822] R13: 00007f6f7ce36128 R14: 00007f6f7ce36090 R15: 00007ffc5d5ab048
[ 1382.406427][T13822]  </TASK>
[ 1382.554373][T13815] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1382.554817][T13815] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1382.682739][ T5917] usb 4-1: USB disconnect, device number 72
[ 1383.758507][T13708] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1383.758528][T13708] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1383.758559][T13708] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1384.344958][T13708] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1384.345006][T13708] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1384.345037][T13708] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1384.421938][T13625] hsr_slave_0: entered promiscuous mode
[ 1384.430237][T13625] hsr_slave_1: entered promiscuous mode
[ 1384.431530][T13625] debugfs: 'hsr0' already exists in 'hsr'
[ 1384.431560][T13625] Cannot create hsr debugfs directory
[ 1384.465170][T13677] team0: Port device team_slave_0 added
[ 1384.520094][T13677] team0: Port device team_slave_1 added
[ 1384.545594][ T1507] Bluetooth: hci4: Frame reassembly failed (-84)
[ 1385.686954][T13677] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1385.686983][T13677] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1385.687012][T13677] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1386.742307][   T59] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[ 1386.781267][T13708] hsr_slave_0: entered promiscuous mode
[ 1386.796102][T13708] hsr_slave_1: entered promiscuous mode
[ 1386.797304][T13708] debugfs: 'hsr0' already exists in 'hsr'
[ 1386.797331][T13708] Cannot create hsr debugfs directory
[ 1386.958776][T13677] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1386.958796][T13677] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1386.958827][T13677] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1387.118334][T13845] input: syz1 as /devices/virtual/input/input13
[ 1388.542814][T13677] hsr_slave_0: entered promiscuous mode
[ 1388.544777][T13677] hsr_slave_1: entered promiscuous mode
[ 1388.546086][T13677] debugfs: 'hsr0' already exists in 'hsr'
[ 1388.546116][T13677] Cannot create hsr debugfs directory
[ 1388.816673][   T43] bridge_slave_1: left allmulticast mode
[ 1388.817128][   T43] bridge_slave_1: left promiscuous mode
[ 1388.823835][   T43] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1388.939217][   T43] bridge_slave_0: left allmulticast mode
[ 1388.939238][   T43] bridge_slave_0: left promiscuous mode
[ 1388.939402][   T43] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1389.070031][   T43] bridge_slave_1: left allmulticast mode
[ 1389.070071][   T43] bridge_slave_1: left promiscuous mode
[ 1389.070390][   T43] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1389.177482][   T43] bridge_slave_0: left allmulticast mode
[ 1389.177519][   T43] bridge_slave_0: left promiscuous mode
[ 1389.177825][   T43] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1389.311485][   T43] bridge_slave_1: left allmulticast mode
[ 1389.311529][   T43] bridge_slave_1: left promiscuous mode
[ 1389.311877][   T43] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1389.613120][   T43] bridge_slave_0: left allmulticast mode
[ 1389.613159][   T43] bridge_slave_0: left promiscuous mode
[ 1389.613454][   T43] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1390.211804][   T12] Bluetooth: hci4: Frame reassembly failed (-84)
[ 1390.335286][   T43] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1390.399348][T13868] block nbd2: Attempted send on invalid socket
[ 1390.399376][T13868] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 2
[ 1390.492229][   T43] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1390.606805][   T43] bond0 (unregistering): Released all slaves
[ 1390.727587][T13875] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1390.728078][T13875] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1391.006335][   T43] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1391.082866][   T43] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1391.178065][   T43] bond0 (unregistering): Released all slaves
[ 1391.840685][T13879] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[ 1391.841000][T13879] exFAT-fs (loop2): unable to read boot sector
[ 1391.841013][T13879] exFAT-fs (loop2): failed to read boot sector
[ 1391.841022][T13879] exFAT-fs (loop2): failed to recognize exfat type
[ 1392.782379][ T5838] Bluetooth: hci4: command 0xfc11 tx timeout
[ 1392.789407][   T59] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[ 1393.007700][   T43] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1393.124633][   T43] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1393.534754][   T43] bond0 (unregistering): Released all slaves
[ 1396.596502][T13880] Bluetooth: hci2: unexpected event for opcode 0x0405
[ 1396.709004][   T43] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1396.883753][   T43] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1397.102577][   T43] hsr_slave_0: left promiscuous mode
[ 1397.142626][   T43] hsr_slave_1: left promiscuous mode
[ 1397.143757][   T43] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1397.213295][   T43] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1397.350642][   T43] hsr_slave_0: left promiscuous mode
[ 1397.655899][   T43] hsr_slave_1: left promiscuous mode
[ 1397.657057][   T43] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1398.067971][   T43] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1399.863758][   T43] team0 (unregistering): Port device team_slave_1 removed
[ 1400.002649][ T5917] usb 4-1: new low-speed USB device number 73 using dummy_hcd
[ 1400.038203][   T43] team0 (unregistering): Port device team_slave_0 removed
[ 1401.621578][ T5917] usb 4-1: unable to get BOS descriptor or descriptor too short
[ 1401.630945][ T5917] usb 4-1: unable to read config index 0 descriptor/start: -71
[ 1401.630988][ T5917] usb 4-1: can't read configurations, error -71
[ 1402.215633][T13930] FAULT_INJECTION: forcing a failure.
[ 1402.215633][T13930] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1402.215715][T13930] CPU: 1 UID: 0 PID: 13930 Comm: syz.3.1938 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1402.215740][T13930] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1402.215754][T13930] Call Trace:
[ 1402.215763][T13930]  <TASK>
[ 1402.215773][T13930]  dump_stack_lvl+0x189/0x250
[ 1402.215808][T13930]  ? __pfx____ratelimit+0x10/0x10
[ 1402.215837][T13930]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1402.215868][T13930]  ? __pfx__printk+0x10/0x10
[ 1402.215896][T13930]  ? __might_fault+0xb0/0x130
[ 1402.215936][T13930]  should_fail_ex+0x46c/0x600
[ 1402.215972][T13930]  _copy_from_user+0x2d/0xb0
[ 1402.215997][T13930]  memdup_user+0x5e/0xd0
[ 1402.216024][T13930]  strndup_user+0x68/0xd0
[ 1402.216059][T13930]  __se_sys_mount+0x9c/0x410
[ 1402.216086][T13930]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1402.216120][T13930]  ? __pfx___se_sys_mount+0x10/0x10
[ 1402.216158][T13930]  ? __x64_sys_mount+0x20/0xc0
[ 1402.216190][T13930]  do_syscall_64+0xfa/0x3b0
[ 1402.216220][T13930]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1402.216240][T13930]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 1402.216260][T13930]  ? clear_bhb_loop+0x60/0xb0
[ 1402.216286][T13930]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1402.216308][T13930] RIP: 0033:0x7f47654febe9
[ 1402.216327][T13930] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1402.216345][T13930] RSP: 002b:00007f4763724038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1402.216369][T13930] RAX: ffffffffffffffda RBX: 00007f4765726180 RCX: 00007f47654febe9
[ 1402.216385][T13930] RDX: 0000200000000080 RSI: 00002000000000c0 RDI: 0000000000000000
[ 1402.216400][T13930] RBP: 00007f4763724090 R08: 0000200000000380 R09: 0000000000000000
[ 1402.216415][T13930] R10: 0000000000000080 R11: 0000000000000246 R12: 0000000000000001
[ 1402.216429][T13930] R13: 00007f4765726218 R14: 00007f4765726180 R15: 00007ffd3b59c248
[ 1402.216466][T13930]  </TASK>
[ 1403.103627][   T43] team0 (unregistering): Port device team_slave_1 removed
[ 1403.293575][   T43] team0 (unregistering): Port device team_slave_0 removed
[ 1404.553507][   T43] team0 (unregistering): Port device team_slave_1 removed
[ 1404.733027][   T43] team0 (unregistering): Port device team_slave_0 removed
[ 1406.752487][ T6627] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1406.778189][ T6627] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1406.790440][ T6627] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1406.849808][ T6627] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1406.859602][ T6627] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1408.952505][T13880] Bluetooth: hci4: command tx timeout
[ 1411.062581][T13880] Bluetooth: hci4: command tx timeout
[ 1411.658712][T13957] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1946'.
[ 1411.903914][T13957] workqueue: Failed to create a rescuer kthread for wq "bond2": -EINTR
[ 1412.430711][T13967] binder: 13966:13967 ioctl 81f8943c 200000000500 returned -22
[ 1412.744444][ T5924] usb 4-1: new full-speed USB device number 75 using dummy_hcd
[ 1413.160572][T13880] Bluetooth: hci4: command tx timeout
[ 1414.547892][ T5924] usb 4-1: config 0 has an invalid interface number: 10 but max is 0
[ 1414.547928][ T5924] usb 4-1: config 0 has no interface number 0
[ 1414.547973][ T5924] usb 4-1: config 0 interface 10 has no altsetting 0
[ 1415.119464][ T5924] usb 4-1: New USB device found, idVendor=0c45, idProduct=62b3, bcdDevice=a2.72
[ 1415.119500][ T5924] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1415.119523][ T5924] usb 4-1: Product: syz
[ 1415.119538][ T5924] usb 4-1: Manufacturer: syz
[ 1415.119554][ T5924] usb 4-1: SerialNumber: syz
[ 1415.193316][T13880] Bluetooth: hci4: command tx timeout
[ 1415.758489][ T5924] usb 4-1: config 0 descriptor??
[ 1415.904214][ T5924] usb 4-1: can't set config #0, error -71
[ 1415.963027][ T5924] usb 4-1: USB disconnect, device number 75
[ 1416.127124][ T6627] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1416.157330][ T6627] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1416.159847][ T6627] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1416.190005][ T6627] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1416.220365][ T6627] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1417.312482][ T8831] usb 4-1: new full-speed USB device number 76 using dummy_hcd
[ 1417.485342][ T8831] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64
[ 1417.485388][ T8831] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A
[ 1417.485416][ T8831] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid maxpacket 121, setting to 64
[ 1417.488879][ T8831] usb 4-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10
[ 1417.488916][ T8831] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1417.488937][ T8831] usb 4-1: Product: syz
[ 1417.488953][ T8831] usb 4-1: Manufacturer: syz
[ 1417.488968][ T8831] usb 4-1: SerialNumber: syz
[ 1417.500667][ T8831] usb 4-1: config 0 descriptor??
[ 1417.501833][T13983] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[ 1417.502054][T13983] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[ 1417.505835][ T8831] usb 4-1: ucan: probing device on interface #0
[ 1417.765851][T13938] chnl_net:caif_netlink_parms(): no params data found
[ 1418.015484][ T8831] usb 4-1: ucan: device reported invalid device info
[ 1418.015498][ T8831] usb 4-1: ucan: probe failed; try to update the device firmware
[ 1419.275563][ T6627] Bluetooth: hci0: command tx timeout
[ 1420.213331][ T5924] usb 4-1: USB disconnect, device number 76
[ 1420.390650][T13938] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1420.390814][T13938] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1420.390983][T13938] bridge_slave_0: entered allmulticast mode
[ 1420.425594][T13938] bridge_slave_0: entered promiscuous mode
[ 1420.489511][T13938] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1420.489671][T13938] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1420.489923][T13938] bridge_slave_1: entered allmulticast mode
[ 1420.517337][T13938] bridge_slave_1: entered promiscuous mode
[ 1420.980171][T14012] overlayfs: missing 'lowerdir'
[ 1421.733693][ T6627] Bluetooth: hci0: command 0x041b tx timeout
[ 1423.119518][ T1325] ieee802154 phy0 wpan0: encryption failed: -22
[ 1423.119607][ T1325] ieee802154 phy1 wpan1: encryption failed: -22
[ 1423.832359][T13880] Bluetooth: hci0: command 0x041b tx timeout
[ 1424.278431][T13938] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1424.336628][T13938] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1424.595333][T13938] team0: Port device team_slave_0 added
[ 1424.603331][T13938] team0: Port device team_slave_1 added
[ 1424.917246][T13938] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1424.917267][T13938] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1424.917296][T13938] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1424.953386][T13938] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1424.953403][T13938] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1424.953429][T13938] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1425.753620][T13938] hsr_slave_0: entered promiscuous mode
[ 1425.755506][T13938] hsr_slave_1: entered promiscuous mode
[ 1425.758166][T13938] debugfs: 'hsr0' already exists in 'hsr'
[ 1425.758199][T13938] Cannot create hsr debugfs directory
[ 1425.764666][T13975] chnl_net:caif_netlink_parms(): no params data found
[ 1425.912552][T13880] Bluetooth: hci0: command 0x041b tx timeout
[ 1427.564144][ T6627] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1427.594216][ T6627] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1427.595787][ T6627] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1427.600835][ T6627] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1427.627043][ T6627] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1427.992534][ T6627] Bluetooth: hci0: command 0x041b tx timeout
[ 1429.682477][ T6627] Bluetooth: hci1: command tx timeout
[ 1431.752498][ T6627] Bluetooth: hci1: command tx timeout
[ 1433.234594][T14071] FAULT_INJECTION: forcing a failure.
[ 1433.234594][T14071] name failslab, interval 1, probability 0, space 0, times 0
[ 1433.234668][T14071] CPU: 1 UID: 0 PID: 14071 Comm: syz.3.1970 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1433.234694][T14071] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1433.234707][T14071] Call Trace:
[ 1433.234716][T14071]  <TASK>
[ 1433.234726][T14071]  dump_stack_lvl+0x189/0x250
[ 1433.234763][T14071]  ? __pfx____ratelimit+0x10/0x10
[ 1433.234792][T14071]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1433.234823][T14071]  ? __pfx__printk+0x10/0x10
[ 1433.234855][T14071]  ? __pfx___might_resched+0x10/0x10
[ 1433.234880][T14071]  ? fs_reclaim_acquire+0x7d/0x100
[ 1433.234906][T14071]  should_fail_ex+0x46c/0x600
[ 1433.234942][T14071]  should_failslab+0xa8/0x100
[ 1433.234974][T14071]  __kmalloc_noprof+0xcb/0x430
[ 1433.235000][T14071]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 1433.235037][T14071]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 1433.235069][T14071]  ? tomoyo_domain+0xda/0x130
[ 1433.235107][T14071]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 1433.235132][T14071]  tomoyo_path_number_perm+0x1e8/0x5a0
[ 1433.235162][T14071]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1433.235188][T14071]  ? irqentry_exit+0x74/0x90
[ 1433.235215][T14071]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1433.235242][T14071]  ? preempt_schedule+0xae/0xc0
[ 1433.235277][T14071]  ? __pfx_preempt_schedule+0x10/0x10
[ 1433.235346][T14071]  ? __pfx_current_check_access_path+0x10/0x10
[ 1433.235373][T14071]  ? d_alloc_parallel+0x2f0/0x1600
[ 1433.235401][T14071]  tomoyo_path_mknod+0x142/0x190
[ 1433.235444][T14071]  ? __pfx_tomoyo_path_mknod+0x10/0x10
[ 1433.235492][T14071]  security_path_mknod+0x17e/0x3a0
[ 1433.235538][T14071]  path_openat+0xd62/0x3840
[ 1433.235610][T14071]  ? __pfx_path_openat+0x10/0x10
[ 1433.235654][T14071]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[ 1433.235682][T14071]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1433.235710][T14071]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 1433.235744][T14071]  do_filp_open+0x1fa/0x410
[ 1433.235783][T14071]  ? __pfx_do_filp_open+0x10/0x10
[ 1433.235804][T14071]  ? rt_mutex_slowunlock+0x493/0x8a0
[ 1433.235860][T14071]  ? alloc_fd+0x64f/0x6c0
[ 1433.235906][T14071]  do_sys_openat2+0x121/0x1c0
[ 1433.235925][T14071]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1433.235955][T14071]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1433.235985][T14071]  ? __x64_sys_open+0xf0/0x150
[ 1433.236015][T14071]  __x64_sys_open+0x11e/0x150
[ 1433.236042][T14071]  do_syscall_64+0xfa/0x3b0
[ 1433.236072][T14071]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1433.236093][T14071]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 1433.236114][T14071]  ? clear_bhb_loop+0x60/0xb0
[ 1433.236141][T14071]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1433.236162][T14071] RIP: 0033:0x7f47654febe9
[ 1433.236181][T14071] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1433.236200][T14071] RSP: 002b:00007f4763724038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[ 1433.236225][T14071] RAX: ffffffffffffffda RBX: 00007f4765726180 RCX: 00007f47654febe9
[ 1433.236241][T14071] RDX: 1df2a23c5997fa5f RSI: 0000000000080242 RDI: 0000200000000580
[ 1433.236257][T14071] RBP: 00007f4763724090 R08: 0000000000000000 R09: 0000000000000000
[ 1433.236271][T14071] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1433.236285][T14071] R13: 00007f4765726218 R14: 00007f4765726180 R15: 00007ffd3b59c248
[ 1433.236324][T14071]  </TASK>
[ 1433.236368][T14071] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1433.837637][ T6627] Bluetooth: hci1: command tx timeout
[ 1433.956292][T13975] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1433.956556][T13975] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1433.956804][T13975] bridge_slave_0: entered allmulticast mode
[ 1433.962774][T13975] bridge_slave_0: entered promiscuous mode
[ 1434.171563][T13975] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1434.171753][T13975] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1434.171994][T13975] bridge_slave_1: entered allmulticast mode
[ 1434.402532][T13975] bridge_slave_1: entered promiscuous mode
[ 1435.146292][T14076] netlink: 64 bytes leftover after parsing attributes in process `syz.3.1973'.
[ 1435.956744][ T6627] Bluetooth: hci1: command tx timeout
[ 1436.761524][T13975] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1436.778380][ T5826] usb 4-1: new full-speed USB device number 77 using dummy_hcd
[ 1436.848325][T13975] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1437.297659][T14090] overlayfs: missing 'lowerdir'
[ 1437.305581][ T5826] usb 4-1: device descriptor read/64, error -71
[ 1438.602511][ T5826] usb 4-1: new full-speed USB device number 78 using dummy_hcd
[ 1439.260695][ T5826] usb 4-1: device descriptor read/64, error -71
[ 1439.282161][T13975] team0: Port device team_slave_0 added
[ 1439.305607][T13975] team0: Port device team_slave_1 added
[ 1439.365731][ T5826] usb usb4-port1: attempt power cycle
[ 1439.592959][   T43] bridge_slave_1: left allmulticast mode
[ 1439.593002][   T43] bridge_slave_1: left promiscuous mode
[ 1439.593324][   T43] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1439.634730][   T43] bridge_slave_0: left allmulticast mode
[ 1439.634769][   T43] bridge_slave_0: left promiscuous mode
[ 1439.635113][   T43] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1439.757903][   T43] bridge_slave_1: left allmulticast mode
[ 1439.757945][   T43] bridge_slave_1: left promiscuous mode
[ 1439.758278][   T43] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1439.844444][   T43] bridge_slave_0: left allmulticast mode
[ 1439.844485][   T43] bridge_slave_0: left promiscuous mode
[ 1439.844791][   T43] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1442.100304][   T43] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1442.223859][   T43] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1442.289128][T14117] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1442.290313][T14117] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1442.303889][   T43] bond0 (unregistering): Released all slaves
[ 1442.604569][   T43] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1442.698131][   T43] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1442.760325][   T43] bond0 (unregistering): Released all slaves
[ 1443.070749][T14124] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1443.071246][T14124] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1443.094232][T14119] block nbd3: Attempted send on invalid socket
[ 1443.094259][T14119] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 2
[ 1443.382574][T13975] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1443.382594][T13975] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1443.382626][T13975] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1443.385483][T13975] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1443.385500][T13975] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1443.385529][T13975] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1444.263139][T13975] hsr_slave_0: entered promiscuous mode
[ 1444.266711][T13975] hsr_slave_1: entered promiscuous mode
[ 1444.270119][T13975] debugfs: 'hsr0' already exists in 'hsr'
[ 1444.270150][T13975] Cannot create hsr debugfs directory
[ 1444.636259][T14139] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1444.636816][T14139] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1444.637000][   T43] hsr_slave_0: left promiscuous mode
[ 1444.696736][   T43] hsr_slave_1: left promiscuous mode
[ 1444.697829][   T43] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1444.755159][   T43] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1445.214174][   T43] hsr_slave_0: left promiscuous mode
[ 1445.238099][   T43] hsr_slave_1: left promiscuous mode
[ 1445.239365][   T43] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1445.273777][   T43] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1448.775804][T14167] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1448.776367][T14167] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1449.014499][   T43] team0 (unregistering): Port device team_slave_1 removed
[ 1449.798828][   T43] team0 (unregistering): Port device team_slave_0 removed
[ 1449.908704][T14174] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1449.909121][T14174] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1450.789803][T14179] tmpfs: Unsupported parameter 'huge'
[ 1452.183554][   T37] audit: type=1326 audit(1756441504.567:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14178 comm="syz.2.2006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f7cc0ebe9 code=0x7ffc0000
[ 1452.183619][   T37] audit: type=1326 audit(1756441504.567:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14178 comm="syz.2.2006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f7cc0ebe9 code=0x7ffc0000
[ 1452.183670][   T37] audit: type=1326 audit(1756441504.567:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14178 comm="syz.2.2006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f6f7cc0d550 code=0x7ffc0000
[ 1452.183720][   T37] audit: type=1326 audit(1756441504.577:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14178 comm="syz.2.2006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f6f7cc10417 code=0x7ffc0000
[ 1452.183770][   T37] audit: type=1326 audit(1756441504.577:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14178 comm="syz.2.2006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f6f7cc0ebe9 code=0x7ffc0000
[ 1452.183819][   T37] audit: type=1326 audit(1756441504.577:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14178 comm="syz.2.2006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f6f7cc10417 code=0x7ffc0000
[ 1452.183870][   T37] audit: type=1326 audit(1756441504.577:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14178 comm="syz.2.2006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f6f7cc0d84a code=0x7ffc0000
[ 1452.183919][   T37] audit: type=1326 audit(1756441504.577:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14178 comm="syz.2.2006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f7cc0ebe9 code=0x7ffc0000
[ 1452.183967][   T37] audit: type=1326 audit(1756441504.577:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14178 comm="syz.2.2006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f7cc0ebe9 code=0x7ffc0000
[ 1452.184016][   T37] audit: type=1326 audit(1756441504.597:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14178 comm="syz.2.2006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f6f7cc0d69f code=0x7ffc0000
[ 1452.682449][ T5826] usb 4-1: new full-speed USB device number 80 using dummy_hcd
[ 1452.862824][ T5826] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xA3, changing to 0x83
[ 1452.862864][ T5826] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 10
[ 1452.862912][ T5826] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[ 1452.862937][ T5826] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1452.875046][ T5826] usb 4-1: config 0 descriptor??
[ 1453.085437][ T5826] ath6kl: Failed to submit usb control message: -71
[ 1453.085500][ T5826] ath6kl: unable to send the bmi data to the device: -71
[ 1453.085510][ T5826] ath6kl: Unable to send get target info: -71
[ 1453.119710][ T5826] ath6kl: Failed to init ath6kl core: -71
[ 1453.121402][ T5826] ath6kl_usb 4-1:0.0: probe with driver ath6kl_usb failed with error -71
[ 1453.128953][ T5826] usb 4-1: USB disconnect, device number 80
[ 1453.137979][   T43] team0 (unregistering): Port device team_slave_1 removed
[ 1453.313252][   T43] team0 (unregistering): Port device team_slave_0 removed
[ 1454.216589][ T8831] kernel read not supported for file /2333/environ (pid: 8831 comm: kworker/1:0)
[ 1455.509806][T14031] chnl_net:caif_netlink_parms(): no params data found
[ 1463.557079][T14220] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1463.903595][T14222] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[ 1463.904373][T14222] exFAT-fs (loop2): unable to read boot sector
[ 1463.904416][T14222] exFAT-fs (loop2): failed to read boot sector
[ 1463.904456][T14222] exFAT-fs (loop2): failed to recognize exfat type
[ 1464.532958][T14219] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2016'.
[ 1464.532997][T14219] netlink: 'syz.3.2016': attribute type 12 has an invalid length.
[ 1464.533014][T14219] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2016'.
[ 1464.852602][  T993] usb 4-1: new high-speed USB device number 81 using dummy_hcd
[ 1464.918643][T14219] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2016'.
[ 1464.918678][T14219] netlink: 'syz.3.2016': attribute type 12 has an invalid length.
[ 1464.918694][T14219] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2016'.
[ 1465.043637][ T1507] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1465.052507][  T993] usb 4-1: Using ep0 maxpacket: 16
[ 1465.069797][  T993] usb 4-1: config 0 has an invalid interface number: 8 but max is 0
[ 1465.069828][  T993] usb 4-1: config 0 has no interface number 0
[ 1465.069910][  T993] usb 4-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1465.069940][  T993] usb 4-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[ 1465.073325][  T993] usb 4-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[ 1465.073356][  T993] usb 4-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[ 1465.073378][  T993] usb 4-1: Product: syz
[ 1465.073394][  T993] usb 4-1: SerialNumber: syz
[ 1465.080271][ T1507] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1465.080553][T14031] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1465.080774][T14031] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1465.081019][T14031] bridge_slave_0: entered allmulticast mode
[ 1465.084278][T14031] bridge_slave_0: entered promiscuous mode
[ 1465.090302][ T1507] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1465.109133][ T1507] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1465.109429][T14031] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1465.109664][T14031] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1465.109876][T14031] bridge_slave_1: entered allmulticast mode
[ 1465.114994][T14031] bridge_slave_1: entered promiscuous mode
[ 1465.221088][  T993] usb 4-1: config 0 descriptor??
[ 1465.239557][  T993] cm109 4-1:0.8: invalid payload size 0, expected 4
[ 1465.254112][  T993] input: CM109 USB driver as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.8/input/input14
[ 1465.513021][T14219] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1465.521343][    C0] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71
[ 1465.525080][    C0] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71
[ 1465.525366][    C0] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71
[ 1465.525639][    C0] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71
[ 1465.526062][    C0] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71
[ 1465.526372][    C0] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71
[ 1465.526635][    C0] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71
[ 1465.526886][    C0] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71
[ 1465.527835][    C0] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71
[ 1465.528018][  T993] usb 4-1: USB disconnect, device number 81
[ 1465.528132][    C0] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71
[ 1465.528154][    C0] cm109 4-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19
[ 1465.565409][T14031] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1465.621787][T14031] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1465.680927][  T993] cm109 4-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[ 1466.079819][T14031] team0: Port device team_slave_0 added
[ 1466.118750][T14031] team0: Port device team_slave_1 added
[ 1466.597975][T14031] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1466.597996][T14031] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1466.598025][T14031] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1466.722783][T14031] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1466.722805][T14031] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1466.722837][T14031] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1466.812727][T13975] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 1466.930364][T13975] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 1467.722827][T13975] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 1467.932909][T13975] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 1467.996847][T14031] hsr_slave_0: entered promiscuous mode
[ 1468.001190][T14031] hsr_slave_1: entered promiscuous mode
[ 1468.006701][T14031] debugfs: 'hsr0' already exists in 'hsr'
[ 1468.006731][T14031] Cannot create hsr debugfs directory
[ 1468.068477][T13880] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1468.109347][T13880] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1468.124920][T13880] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1468.130282][T13880] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1468.131574][T13880] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1470.679414][T13880] Bluetooth: hci4: command tx timeout
[ 1471.685055][T14266] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[ 1471.685619][T14266] exFAT-fs (loop2): unable to read boot sector
[ 1471.685661][T14266] exFAT-fs (loop2): failed to read boot sector
[ 1471.685703][T14266] exFAT-fs (loop2): failed to recognize exfat type
[ 1472.712424][ T6627] Bluetooth: hci4: command tx timeout
[ 1473.692982][T14272] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2026'.
[ 1473.693023][T14272] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2026'.
[ 1474.802892][ T6627] Bluetooth: hci4: command tx timeout
[ 1474.963960][T13880] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1474.980806][T13880] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1475.002943][T13880] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1475.029984][T13880] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1475.031010][T13880] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1477.145480][ T6627] Bluetooth: hci4: command tx timeout
[ 1477.145553][ T6627] Bluetooth: hci5: command tx timeout
[ 1477.412458][T10900] usb 4-1: new low-speed USB device number 82 using dummy_hcd
[ 1477.819487][T10900] usb 4-1: unable to get BOS descriptor or descriptor too short
[ 1477.820725][T10900] usb 4-1: unable to read config index 0 descriptor/start: -71
[ 1477.820767][T10900] usb 4-1: can't read configurations, error -71
[ 1477.966191][T14301] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[ 1477.966942][T14301] exFAT-fs (loop2): unable to read boot sector
[ 1477.966983][T14301] exFAT-fs (loop2): failed to read boot sector
[ 1477.967024][T14301] exFAT-fs (loop2): failed to recognize exfat type
[ 1479.081326][T14235] chnl_net:caif_netlink_parms(): no params data found
[ 1479.192528][T13880] Bluetooth: hci5: command tx timeout
[ 1480.484797][   T43] bridge_slave_1: left allmulticast mode
[ 1480.484834][   T43] bridge_slave_1: left promiscuous mode
[ 1480.485081][   T43] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1481.335353][T13880] Bluetooth: hci5: command tx timeout
[ 1481.734362][   T43] bridge_slave_0: left allmulticast mode
[ 1481.734409][   T43] bridge_slave_0: left promiscuous mode
[ 1481.734738][   T43] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1482.431627][   T43] bridge_slave_1: left allmulticast mode
[ 1482.431666][   T43] bridge_slave_1: left promiscuous mode
[ 1482.431958][   T43] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1482.504908][T14328] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1482.505434][T14328] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1482.544430][   T43] bridge_slave_0: left allmulticast mode
[ 1482.544468][   T43] bridge_slave_0: left promiscuous mode
[ 1482.544755][   T43] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1482.973733][   T43] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1483.053599][   T43] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1483.129826][   T43] bond0 (unregistering): Released all slaves
[ 1484.070907][T13880] Bluetooth: hci5: command tx timeout
[ 1485.178622][ T1325] ieee802154 phy0 wpan0: encryption failed: -22
[ 1485.178712][ T1325] ieee802154 phy1 wpan1: encryption failed: -22
[ 1485.316402][   T43] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1485.473749][   T43] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1485.562500][   T43] bond0 (unregistering): Released all slaves
[ 1485.975650][T14235] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1485.977841][T14235] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1485.978113][T14235] bridge_slave_0: entered allmulticast mode
[ 1486.007911][T14235] bridge_slave_0: entered promiscuous mode
[ 1486.324130][T14235] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1486.324393][T14235] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1486.324674][T14235] bridge_slave_1: entered allmulticast mode
[ 1486.328031][T14235] bridge_slave_1: entered promiscuous mode
[ 1487.052169][T14235] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1487.137976][T14235] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1487.170980][T14279] chnl_net:caif_netlink_parms(): no params data found
[ 1487.312659][   T43] hsr_slave_0: left promiscuous mode
[ 1487.339390][   T43] hsr_slave_1: left promiscuous mode
[ 1487.340658][   T43] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1487.395393][   T43] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1487.592563][   T43] hsr_slave_0: left promiscuous mode
[ 1487.612510][   T43] hsr_slave_1: left promiscuous mode
[ 1487.613513][   T43] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1487.653630][   T43] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1490.197298][ T6627] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1490.215583][ T6627] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1490.217280][ T6627] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1490.219402][ T6627] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1490.220527][ T6627] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1490.582640][   T43] team0 (unregistering): Port device team_slave_1 removed
[ 1490.950116][T14370] netlink: 64 bytes leftover after parsing attributes in process `syz.2.2049'.
[ 1491.532183][   T43] team0 (unregistering): Port device team_slave_0 removed
[ 1492.192400][T10900] usb 4-1: new full-speed USB device number 84 using dummy_hcd
[ 1492.312620][T13880] Bluetooth: hci0: command tx timeout
[ 1492.345520][T10900] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xA3, changing to 0x83
[ 1492.345559][T10900] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 10
[ 1492.345606][T10900] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[ 1492.345631][T10900] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1492.403462][T10900] usb 4-1: config 0 descriptor??
[ 1492.614016][T10900] ath6kl: Failed to submit usb control message: -71
[ 1492.614075][T10900] ath6kl: unable to send the bmi data to the device: -71
[ 1492.614091][T10900] ath6kl: Unable to send get target info: -71
[ 1492.648149][T10900] ath6kl: Failed to init ath6kl core: -71
[ 1492.649951][T10900] ath6kl_usb 4-1:0.0: probe with driver ath6kl_usb failed with error -71
[ 1492.663151][T10900] usb 4-1: USB disconnect, device number 84
[ 1493.679767][   T43] team0 (unregistering): Port device team_slave_1 removed
[ 1494.188491][   T43] team0 (unregistering): Port device team_slave_0 removed
[ 1494.410490][T13880] Bluetooth: hci0: command 0x041b tx timeout
[ 1496.501121][ T6627] Bluetooth: hci0: command 0x041b tx timeout
[ 1498.336319][T14235] team0: Port device team_slave_0 added
[ 1498.552846][T14235] team0: Port device team_slave_1 added
[ 1498.574754][T13880] Bluetooth: hci0: command 0x041b tx timeout
[ 1500.672333][ T6627] Bluetooth: hci0: command 0x041b tx timeout
[ 1500.856170][T14235] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1500.856192][T14235] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1500.856220][T14235] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1502.343159][T14235] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1502.343179][T14235] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1502.343193][T14235] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1502.723003][ T6627] Bluetooth: hci0: command 0x041b tx timeout
[ 1503.847306][T14437] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1503.847816][T14437] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1504.799207][T14279] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1504.799427][T14279] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1504.799663][T14279] bridge_slave_0: entered allmulticast mode
[ 1504.804928][T14279] bridge_slave_0: entered promiscuous mode
[ 1504.819327][T14279] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1504.819481][T14279] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1504.819698][T14279] bridge_slave_1: entered allmulticast mode
[ 1504.822777][T14279] bridge_slave_1: entered promiscuous mode
[ 1505.187523][T14279] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1505.493038][  T993] usb 4-1: new high-speed USB device number 85 using dummy_hcd
[ 1506.247097][T14279] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1506.318409][  T993] usb 4-1: Using ep0 maxpacket: 8
[ 1506.329468][  T993] usb 4-1: config 3 has an invalid interface number: 39 but max is 0
[ 1506.329499][  T993] usb 4-1: config 3 contains an unexpected descriptor of type 0x1, skipping
[ 1506.329519][  T993] usb 4-1: config 3 has no interface number 0
[ 1506.329577][  T993] usb 4-1: config 3 interface 39 altsetting 6 bulk endpoint 0xD has invalid maxpacket 16
[ 1506.329604][  T993] usb 4-1: config 3 interface 39 altsetting 6 has an invalid descriptor for endpoint zero, skipping
[ 1506.329632][  T993] usb 4-1: config 3 interface 39 altsetting 6 endpoint 0x5 has an invalid bInterval 0, changing to 7
[ 1506.329661][  T993] usb 4-1: config 3 interface 39 altsetting 6 has a duplicate endpoint with address 0xB, skipping
[ 1506.329686][  T993] usb 4-1: config 3 interface 39 altsetting 6 endpoint 0xA has invalid maxpacket 512, setting to 64
[ 1506.329715][  T993] usb 4-1: config 3 interface 39 altsetting 6 has a duplicate endpoint with address 0xB, skipping
[ 1506.329739][  T993] usb 4-1: config 3 interface 39 has no altsetting 0
[ 1506.438707][  T993] usb 4-1: New USB device found, idVendor=2020, idProduct=2031, bcdDevice=fb.fc
[ 1506.438741][  T993] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1506.438763][  T993] usb 4-1: Product: 㐼
[ 1506.438779][  T993] usb 4-1: Manufacturer: 夕↱ɘ쐭徉ᶇᨿত韫肩㕏礥ԋﳋ䛏賲ブ돶ꇫ༁숵簤夑ݑ㿡䥰ꐯ䳰돑ꋎᓒꪷ멬᧸꧲ⷈ翦Ꮧ⤽쐯Ꭰ䞐䄠꣥ꆩ鸉䁝췽㙝郮塶眱⬒䘓赤砗ꛪꫥ啚듊䭉攊鿮Љꋽ跨и觎澂䳊嗛甛늎䩀嶇
[ 1506.438808][  T993] usb 4-1: SerialNumber: 赕甽詵䡯鷭ᨣᬹ翯卒뷚鐷揵铢혌゗㟫ድ졌鄇憾ꝫ阒瞿糧ᦏ黸
[ 1506.534764][T14442] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[ 1506.537165][T14442] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[ 1506.925181][T14450] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1506.925681][T14450] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1507.121089][T14235] hsr_slave_0: entered promiscuous mode
[ 1507.123360][T14235] hsr_slave_1: entered promiscuous mode
[ 1507.126806][T14235] debugfs: 'hsr0' already exists in 'hsr'
[ 1507.126838][T14235] Cannot create hsr debugfs directory
[ 1507.757349][T14457] Invalid logical block size (-2)
[ 1507.821049][T14458] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1507.821551][T14458] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1508.319380][T14279] team0: Port device team_slave_0 added
[ 1508.325183][  T993] option 4-1:3.39: GSM modem (1-port) converter detected
[ 1508.447142][  T993] usb 4-1: USB disconnect, device number 85
[ 1508.606610][  T993] option 4-1:3.39: device disconnected
[ 1509.760206][T14279] team0: Port device team_slave_1 added
[ 1510.412484][ T8831] usb 4-1: new full-speed USB device number 86 using dummy_hcd
[ 1510.433408][T14469] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1510.433913][T14469] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1510.525197][T14279] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1510.525217][T14279] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1510.525247][T14279] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1510.546121][T14279] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1510.546139][T14279] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1510.546165][T14279] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1510.569754][ T8831] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1510.569814][ T8831] usb 4-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1510.569835][ T8831] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1510.573902][ T8831] usb 4-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10
[ 1510.573929][ T8831] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1510.573948][ T8831] usb 4-1: Product: syz
[ 1510.573962][ T8831] usb 4-1: Manufacturer: syz
[ 1510.573975][ T8831] usb 4-1: SerialNumber: syz
[ 1510.585033][ T8831] usb 4-1: config 0 descriptor??
[ 1510.597861][ T8831] usb 4-1: ucan: probing device on interface #0
[ 1510.597899][ T8831] usb 4-1: ucan: invalid EP count (0)
[ 1510.597915][ T8831] usb 4-1: ucan: probe failed; try to update the device firmware
[ 1511.189397][T14279] hsr_slave_0: entered promiscuous mode
[ 1511.198766][T14279] hsr_slave_1: entered promiscuous mode
[ 1511.201229][T14279] debugfs: 'hsr0' already exists in 'hsr'
[ 1511.201260][T14279] Cannot create hsr debugfs directory
[ 1512.091048][T14362] chnl_net:caif_netlink_parms(): no params data found
[ 1512.161644][T14476] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2077'.
[ 1512.161671][T14476] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2077'.
[ 1512.214921][T14476] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1512.215443][T14476] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1514.145026][ T5826] usb 4-1: USB disconnect, device number 86
[ 1516.752762][T14498] afs: Unknown parameter ''
[ 1518.990377][T14505] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1518.999880][T14505] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1520.314452][T14508] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2084'.
[ 1520.344881][T14362] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1520.345050][T14362] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1520.345317][T14362] bridge_slave_0: entered allmulticast mode
[ 1520.367471][T14362] bridge_slave_0: entered promiscuous mode
[ 1520.396735][T14362] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1520.396911][T14362] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1520.397153][T14362] bridge_slave_1: entered allmulticast mode
[ 1520.403016][T14362] bridge_slave_1: entered promiscuous mode
[ 1521.232093][T14523] FAULT_INJECTION: forcing a failure.
[ 1521.232093][T14523] name failslab, interval 1, probability 0, space 0, times 0
[ 1521.232161][T14523] CPU: 1 UID: 0 PID: 14523 Comm: syz.3.2087 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1521.232187][T14523] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1521.232204][T14523] Call Trace:
[ 1521.232214][T14523]  <TASK>
[ 1521.232223][T14523]  dump_stack_lvl+0x189/0x250
[ 1521.232259][T14523]  ? __pfx____ratelimit+0x10/0x10
[ 1521.232287][T14523]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1521.232318][T14523]  ? __pfx__printk+0x10/0x10
[ 1521.232349][T14523]  ? __pfx___might_resched+0x10/0x10
[ 1521.232371][T14523]  ? fs_reclaim_acquire+0x7d/0x100
[ 1521.232397][T14523]  should_fail_ex+0x46c/0x600
[ 1521.232432][T14523]  should_failslab+0xa8/0x100
[ 1521.232464][T14523]  __kmalloc_cache_node_noprof+0x78/0x340
[ 1521.232493][T14523]  ? __get_vm_area_node+0x172/0x350
[ 1521.232528][T14523]  __get_vm_area_node+0x172/0x350
[ 1521.232564][T14523]  __vmalloc_node_range_noprof+0x301/0x12f0
[ 1521.232596][T14523]  ? bpf_prog_alloc_no_stats+0x4a/0x510
[ 1521.232634][T14523]  ? rcu_is_watching+0x15/0xb0
[ 1521.232689][T14523]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1521.232735][T14523]  ? bpf_prog_alloc_no_stats+0x4a/0x510
[ 1521.232760][T14523]  __vmalloc_noprof+0xb1/0xf0
[ 1521.232790][T14523]  ? bpf_prog_alloc_no_stats+0x4a/0x510
[ 1521.232834][T14523]  bpf_prog_alloc_no_stats+0x4a/0x510
[ 1521.232869][T14523]  bpf_prog_alloc+0x3c/0x1a0
[ 1521.232899][T14523]  bpf_prog_create_from_user+0xa7/0x440
[ 1521.232931][T14523]  fanout_set_data+0x283/0x3c0
[ 1521.232960][T14523]  ? __pfx_fanout_set_data+0x10/0x10
[ 1521.232980][T14523]  ? rcu_preempt_deferred_qs_irqrestore+0x89c/0xce0
[ 1521.233029][T14523]  packet_setsockopt+0x7ee/0x12c0
[ 1521.233065][T14523]  ? __pfx_packet_setsockopt+0x10/0x10
[ 1521.233100][T14523]  ? rcu_is_watching+0x15/0xb0
[ 1521.233134][T14523]  ? rcu_read_unlock_special+0x35b/0x470
[ 1521.233164][T14523]  ? __pfx_rcu_read_unlock_special+0x10/0x10
[ 1521.233189][T14523]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1521.233233][T14523]  ? __rcu_read_unlock+0x84/0xe0
[ 1521.233258][T14523]  ? __fget_files+0x2a/0x420
[ 1521.233287][T14523]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[ 1521.233308][T14523]  ? __pfx_packet_setsockopt+0x10/0x10
[ 1521.233342][T14523]  do_sock_setsockopt+0x17c/0x1b0
[ 1521.233378][T14523]  __x64_sys_setsockopt+0x145/0x1b0
[ 1521.233414][T14523]  do_syscall_64+0xfa/0x3b0
[ 1521.233444][T14523]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1521.233464][T14523]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 1521.233484][T14523]  ? clear_bhb_loop+0x60/0xb0
[ 1521.233511][T14523]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1521.233531][T14523] RIP: 0033:0x7f47654febe9
[ 1521.233551][T14523] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1521.233570][T14523] RSP: 002b:00007f4763724038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[ 1521.233594][T14523] RAX: ffffffffffffffda RBX: 00007f4765726180 RCX: 00007f47654febe9
[ 1521.233611][T14523] RDX: 0000000000000016 RSI: 0000000000000107 RDI: 0000000000000006
[ 1521.233625][T14523] RBP: 00007f4763724090 R08: 0000000000000010 R09: 0000000000000000
[ 1521.233639][T14523] R10: 0000200000000100 R11: 0000000000000246 R12: 0000000000000001
[ 1521.233652][T14523] R13: 00007f4765726218 R14: 00007f4765726180 R15: 00007ffd3b59c248
[ 1521.233689][T14523]  </TASK>
[ 1521.233802][T14523] syz.3.2087: vmalloc error: size 4096, vm_struct allocation failed, mode:0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[ 1521.234072][T14523] CPU: 1 UID: 0 PID: 14523 Comm: syz.3.2087 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1521.234097][T14523] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1521.234110][T14523] Call Trace:
[ 1521.234119][T14523]  <TASK>
[ 1521.234128][T14523]  dump_stack_lvl+0x189/0x250
[ 1521.234160][T14523]  ? __pfx_rcu_read_unlock_special+0x10/0x10
[ 1521.234188][T14523]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1521.234219][T14523]  ? __pfx__printk+0x10/0x10
[ 1521.234243][T14523]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[ 1521.234267][T14523]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[ 1521.234300][T14523]  warn_alloc+0x22e/0x3b0
[ 1521.234332][T14523]  ? should_fail_ex+0x344/0x600
[ 1521.234365][T14523]  ? __pfx_warn_alloc+0x10/0x10
[ 1521.234399][T14523]  ? __get_vm_area_node+0x172/0x350
[ 1521.234434][T14523]  ? __get_vm_area_node+0x2e2/0x350
[ 1521.234472][T14523]  __vmalloc_node_range_noprof+0x326/0x12f0
[ 1521.234513][T14523]  ? rcu_is_watching+0x15/0xb0
[ 1521.234566][T14523]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1521.234611][T14523]  ? bpf_prog_alloc_no_stats+0x4a/0x510
[ 1521.234637][T14523]  __vmalloc_noprof+0xb1/0xf0
[ 1521.234666][T14523]  ? bpf_prog_alloc_no_stats+0x4a/0x510
[ 1521.234697][T14523]  bpf_prog_alloc_no_stats+0x4a/0x510
[ 1521.234731][T14523]  bpf_prog_alloc+0x3c/0x1a0
[ 1521.234762][T14523]  bpf_prog_create_from_user+0xa7/0x440
[ 1521.234793][T14523]  fanout_set_data+0x283/0x3c0
[ 1521.234835][T14523]  ? __pfx_fanout_set_data+0x10/0x10
[ 1521.234856][T14523]  ? rcu_preempt_deferred_qs_irqrestore+0x89c/0xce0
[ 1521.234905][T14523]  packet_setsockopt+0x7ee/0x12c0
[ 1521.234941][T14523]  ? __pfx_packet_setsockopt+0x10/0x10
[ 1521.234976][T14523]  ? rcu_is_watching+0x15/0xb0
[ 1521.235010][T14523]  ? rcu_read_unlock_special+0x35b/0x470
[ 1521.235039][T14523]  ? __pfx_rcu_read_unlock_special+0x10/0x10
[ 1521.235063][T14523]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1521.235107][T14523]  ? __rcu_read_unlock+0x84/0xe0
[ 1521.235133][T14523]  ? __fget_files+0x2a/0x420
[ 1521.235159][T14523]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[ 1521.235180][T14523]  ? __pfx_packet_setsockopt+0x10/0x10
[ 1521.235214][T14523]  do_sock_setsockopt+0x17c/0x1b0
[ 1521.235249][T14523]  __x64_sys_setsockopt+0x145/0x1b0
[ 1521.235285][T14523]  do_syscall_64+0xfa/0x3b0
[ 1521.235315][T14523]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1521.235335][T14523]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 1521.235354][T14523]  ? clear_bhb_loop+0x60/0xb0
[ 1521.235381][T14523]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1521.235401][T14523] RIP: 0033:0x7f47654febe9
[ 1521.235419][T14523] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1521.235439][T14523] RSP: 002b:00007f4763724038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[ 1521.235460][T14523] RAX: ffffffffffffffda RBX: 00007f4765726180 RCX: 00007f47654febe9
[ 1521.235476][T14523] RDX: 0000000000000016 RSI: 0000000000000107 RDI: 0000000000000006
[ 1521.235490][T14523] RBP: 00007f4763724090 R08: 0000000000000010 R09: 0000000000000000
[ 1521.235505][T14523] R10: 0000200000000100 R11: 0000000000000246 R12: 0000000000000001
[ 1521.235526][T14523] R13: 00007f4765726218 R14: 00007f4765726180 R15: 00007ffd3b59c248
[ 1521.235563][T14523]  </TASK>
[ 1521.235604][T14523] Mem-Info:
[ 1521.235643][T14523] active_anon:263 inactive_anon:6280 isolated_anon:0
[ 1521.235643][T14523]  active_file:26845 inactive_file:35855 isolated_file:0
[ 1521.235643][T14523]  unevictable:768 dirty:94 writeback:0
[ 1521.235643][T14523]  slab_reclaimable:12440 slab_unreclaimable:102123
[ 1521.235643][T14523]  mapped:32512 shmem:4239 pagetables:961
[ 1521.235643][T14523]  sec_pagetables:0 bounce:0
[ 1521.235643][T14523]  kernel_misc_reclaimable:0
[ 1521.235643][T14523]  free:1311838 free_pcp:4322 free_cma:0
[ 1521.235730][T14523] Node 0 active_anon:1052kB inactive_anon:25120kB active_file:107180kB inactive_file:143420kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:130048kB dirty:376kB writeback:0kB shmem:15420kB kernel_stack:12168kB pagetables:3708kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1521.235816][T14523] Node 1 active_anon:0kB inactive_anon:0kB active_file:200kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB kernel_stack:48kB pagetables:136kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1521.235894][T14523] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1521.236014][T14523] lowmem_reserve[]: 0 2512 2513 2513 2513
[ 1521.236177][T14523] Node 0 DMA32 free:1330504kB boost:0kB min:3940kB low:6484kB high:9028kB reserved_highatomic:0KB free_highatomic:0KB active_anon:1048kB inactive_anon:25080kB active_file:106164kB inactive_file:143352kB unevictable:1536kB writepending:376kB present:3129332kB managed:2572332kB mlocked:0kB bounce:0kB free_pcp:17284kB local_pcp:13216kB free_cma:0kB
[ 1521.236300][T14523] lowmem_reserve[]: 0 0 1 1 1
[ 1521.236545][T14523] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB free_highatomic:0KB active_anon:4kB inactive_anon:40kB active_file:1016kB inactive_file:68kB unevictable:0kB writepending:0kB present:1048580kB managed:1132kB mlocked:0kB bounce:0kB free_pcp:4kB local_pcp:4kB free_cma:0kB
[ 1521.236665][T14523] lowmem_reserve[]: 0 0 0 0 0
[ 1521.236866][T14523] Node 1 Normal free:3901488kB boost:0kB min:6364kB low:10472kB high:14580kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:200kB inactive_file:0kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1521.236988][T14523] lowmem_reserve[]: 0 0 0 0 0
[ 1521.237141][T14523] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[ 1521.237767][T14523] Node 0 DMA32: 3214*4kB (UE) 2414*8kB (UME) 836*16kB (UME) 279*32kB (UME) 182*64kB (UME) 76*128kB (UME) 45*256kB (UME) 16*512kB (UM) 18*1024kB (UM) 4*2048kB (UME) 295*4096kB (UM) = 1330504kB
[ 1521.238564][T14523] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[ 1521.239060][T14523] Node 1 Normal: 170*4kB (UE) 43*8kB (UME) 31*16kB (UME) 174*32kB (UME) 94*64kB (UME) 32*128kB (UME) 9*256kB (UM) 4*512kB (UME) 3*1024kB (UM) 1*2048kB (E) 946*4096kB (M) = 3901488kB
[ 1521.239754][T14523] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1521.239815][T14523] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1521.239863][T14523] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1521.239911][T14523] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1521.239958][T14523] 66936 total pagecache pages
[ 1521.239996][T14523] 0 pages in swap cache
[ 1521.240033][T14523] Free swap  = 124996kB
[ 1521.240077][T14523] Total swap = 124996kB
[ 1521.240116][T14523] 2097051 pages RAM
[ 1521.240152][T14523] 0 pages HighMem/MovableOnly
[ 1521.240190][T14523] 422070 pages reserved
[ 1521.240227][T14523] 0 pages cma reserved
[ 1524.250107][T14362] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1524.896748][T14362] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1525.881007][T14362] team0: Port device team_slave_0 added
[ 1525.894517][T14362] team0: Port device team_slave_1 added
[ 1526.273370][T12785] usb 4-1: new full-speed USB device number 87 using dummy_hcd
[ 1527.712629][T12785] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xA3, changing to 0x83
[ 1527.712668][T12785] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 10
[ 1527.712718][T12785] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[ 1527.712742][T12785] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1527.718103][T14235] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 1527.734604][T12785] usb 4-1: config 0 descriptor??
[ 1527.981696][T12785] ath6kl: Failed to submit usb control message: -71
[ 1527.981754][T12785] ath6kl: unable to send the bmi data to the device: -71
[ 1527.981771][T12785] ath6kl: Unable to send get target info: -71
[ 1527.984946][T12785] ath6kl: Failed to init ath6kl core: -71
[ 1527.986481][T12785] ath6kl_usb 4-1:0.0: probe with driver ath6kl_usb failed with error -71
[ 1527.998958][T12785] usb 4-1: USB disconnect, device number 87
[ 1528.471016][T14362] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1528.471037][T14362] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1528.471062][T14362] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1528.531010][T14362] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1528.531030][T14362] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1528.531060][T14362] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1529.260649][T14362] hsr_slave_0: entered promiscuous mode
[ 1529.268452][T14362] hsr_slave_1: entered promiscuous mode
[ 1529.269638][T14362] debugfs: 'hsr0' already exists in 'hsr'
[ 1529.269666][T14362] Cannot create hsr debugfs directory
[ 1532.823708][T14561] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1532.824218][T14561] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1532.948391][T13880] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1532.968019][T13880] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1532.973647][T13880] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1532.978910][T13880] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1532.979728][T13880] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1533.316110][T14570] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2099'.
[ 1533.364882][   T43] bridge_slave_1: left allmulticast mode
[ 1533.364922][   T43] bridge_slave_1: left promiscuous mode
[ 1533.365293][   T43] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1533.503976][   T43] bridge_slave_0: left allmulticast mode
[ 1533.504012][   T43] bridge_slave_0: left promiscuous mode
[ 1533.504349][   T43] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1533.655019][   T43] bridge_slave_1: left allmulticast mode
[ 1533.655060][   T43] bridge_slave_1: left promiscuous mode
[ 1533.655346][   T43] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1534.238800][   T43] bridge_slave_0: left allmulticast mode
[ 1534.238838][   T43] bridge_slave_0: left promiscuous mode
[ 1534.239144][   T43] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1535.056920][ T6627] Bluetooth: hci1: command tx timeout
[ 1535.704004][T13880] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1535.736307][T13880] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1535.738020][T13880] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1535.740226][T13880] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1535.741048][T13880] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1535.966053][T14586] netlink: 2048 bytes leftover after parsing attributes in process `syz.2.2103'.
[ 1535.966080][T14586] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2103'.
[ 1537.112462][ T6627] Bluetooth: hci1: command tx timeout
[ 1537.832479][ T6627] Bluetooth: hci4: command tx timeout
[ 1538.963967][   T43] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1539.192509][ T6627] Bluetooth: hci1: command tx timeout
[ 1539.940161][   T43] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1540.309500][ T6627] Bluetooth: hci4: command tx timeout
[ 1540.366968][   T43] bond0 (unregistering): Released all slaves
[ 1540.973317][   T43] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1541.071162][   T43] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1541.138127][   T43] bond0 (unregistering): Released all slaves
[ 1541.277691][ T6627] Bluetooth: hci1: command tx timeout
[ 1541.446752][T14601] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1541.447254][T14601] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1542.977328][ T6627] Bluetooth: hci4: command tx timeout
[ 1545.032568][T13880] Bluetooth: hci4: command tx timeout
[ 1546.028673][ T1325] ieee802154 phy0 wpan0: encryption failed: -22
[ 1546.028970][ T1325] ieee802154 phy1 wpan1: encryption failed: -22
[ 1546.343642][   T43] hsr_slave_0: left promiscuous mode
[ 1546.399455][   T43] hsr_slave_1: left promiscuous mode
[ 1546.400535][   T43] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1546.434521][   T43] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1546.892440][ T6627]  non-paged memory
[ 1546.892461][ T6627] list_del corruption, ffff888034fd6e00->next is LIST_POISON1 (dead000000000100)
[ 1546.893054][ T6627] ------------[ cut here ]------------
[ 1546.893064][ T6627] kernel BUG at lib/list_debug.c:58!
[ 1546.893088][ T6627] Oops: invalid opcode: 0000 [#1] SMP KASAN PTI
[ 1546.893113][ T6627] CPU: 0 UID: 0 PID: 6627 Comm: kworker/u9:4 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1546.893138][ T6627] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1546.893157][ T6627] Workqueue: hci4 hci_conn_timeout
[ 1546.893194][ T6627] RIP: 0010:__list_del_entry_valid_or_report+0x10e/0x190
[ 1546.893223][ T6627] Code: 80 11 62 8b 48 89 de e8 f0 a1 67 fc 90 0f 0b 4c 89 e7 e8 25 c7 3e fd 48 c7 c7 e0 11 62 8b 48 89 de 4c 89 e2 e8 d3 a1 67 fc 90 <0f> 0b 4c 89 e7 e8 08 c7 3e fd 48 c7 c7 40 12 62 8b 48 89 de 4c 89
[ 1546.893241][ T6627] RSP: 0018:ffffc9000a79f980 EFLAGS: 00010246
[ 1546.893259][ T6627] RAX: 000000000000004e RBX: ffff888034fd6e00 RCX: 2de17f084ba79100
[ 1546.893275][ T6627] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1546.893289][ T6627] RBP: ffffffff8a042b60 R08: 0000000000000000 R09: 0000000000000000
[ 1546.893303][ T6627] R10: dffffc0000000000 R11: ffffed1017104863 R12: dead000000000100
[ 1546.893319][ T6627] R13: dffffc0000000000 R14: dead000000000100 R15: dead000000000122
[ 1546.893336][ T6627] FS:  0000000000000000(0000) GS:ffff8881268c2000(0000) knlGS:0000000000000000
[ 1546.893354][ T6627] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1546.893369][ T6627] CR2: 00007f4763744f98 CR3: 000000005a9bc000 CR4: 00000000003526f0
[ 1546.893389][ T6627] Call Trace:
[ 1546.893397][ T6627]  <TASK>
[ 1546.893409][ T6627]  hci_cmd_sync_dequeue_once+0x24a/0x370
[ 1546.893434][ T6627]  hci_cancel_connect_sync+0xc8/0x120
[ 1546.893464][ T6627]  hci_abort_conn+0x191/0x330
[ 1546.893487][ T6627]  ? process_scheduled_works+0x9ef/0x17b0
[ 1546.893513][ T6627]  process_scheduled_works+0xade/0x17b0
[ 1546.893551][ T6627]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1546.893582][ T6627]  worker_thread+0x8a0/0xda0
[ 1546.893620][ T6627]  kthread+0x711/0x8a0
[ 1546.893651][ T6627]  ? __pfx_worker_thread+0x10/0x10
[ 1546.893677][ T6627]  ? __pfx_kthread+0x10/0x10
[ 1546.893709][ T6627]  ? __pfx_kthread+0x10/0x10
[ 1546.893738][ T6627]  ret_from_fork+0x3fc/0x770
[ 1546.893765][ T6627]  ? __pfx_ret_from_fork+0x10/0x10
[ 1546.893793][ T6627]  ? __switch_to_asm+0x39/0x70
[ 1546.893822][ T6627]  ? __switch_to_asm+0x33/0x70
[ 1546.893841][ T6627]  ? __pfx_kthread+0x10/0x10
[ 1546.893870][ T6627]  ret_from_fork_asm+0x1a/0x30
[ 1546.893898][ T6627]  </TASK>
[ 1546.893906][ T6627] Modules linked in:
[ 1546.893941][ T6627] ---[ end trace 0000000000000000 ]---
[ 1546.894000][ T6627] RIP: 0010:__list_del_entry_valid_or_report+0x10e/0x190
[ 1546.894044][ T6627] Code: 80 11 62 8b 48 89 de e8 f0 a1 67 fc 90 0f 0b 4c 89 e7 e8 25 c7 3e fd 48 c7 c7 e0 11 62 8b 48 89 de 4c 89 e2 e8 d3 a1 67 fc 90 <0f> 0b 4c 89 e7 e8 08 c7 3e fd 48 c7 c7 40 12 62 8b 48 89 de 4c 89
[ 1546.894062][ T6627] RSP: 0018:ffffc9000a79f980 EFLAGS: 00010246
[ 1546.894080][ T6627] RAX: 000000000000004e RBX: ffff888034fd6e00 RCX: 2de17f084ba79100
[ 1546.894094][ T6627] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1546.894106][ T6627] RBP: ffffffff8a042b60 R08: 0000000000000000 R09: 0000000000000000
[ 1546.894120][ T6627] R10: dffffc0000000000 R11: ffffed1017104863 R12: dead000000000100
[ 1546.894136][ T6627] R13: dffffc0000000000 R14: dead000000000100 R15: dead000000000122
[ 1546.894153][ T6627] FS:  0000000000000000(0000) GS:ffff8881268c2000(0000) knlGS:0000000000000000
[ 1546.894170][ T6627] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1546.894184][ T6627] CR2: 00007f4763744f98 CR3: 000000005a9bc000 CR4: 00000000003526f0
[ 1546.894205][ T6627] Kernel panic - not syncing: Fatal exception
[ 1546.894598][ T6627] Kernel Offset: disabled