last executing test programs:

24m48.823739849s ago: executing program 1 (id=24):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
syz_init_net_socket$x25(0x9, 0x5, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = syz_io_uring_setup(0x184, &(0x7f0000000080)={0x0, 0x0, 0x13100, 0x4}, &(0x7f0000000480)=<r4=>0x0, &(0x7f0000000000)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x5, &(0x7f0000000200)={0x77359400}, 0x1, 0x4})
io_uring_enter(r3, 0x2def, 0x0, 0x0, 0x0, 0x0)
io_uring_register$IORING_REGISTER_SYNC_CANCEL(r3, 0x18, &(0x7f0000000140)={0x5, r3, 0x1c, {0x9, 0x1}, 0x6}, 0x1)
socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket$isdn_base(0x22, 0x3, 0x0)
sendmsg$sock(r6, &(0x7f0000000280)={&(0x7f00000000c0)=@generic={0x3, "c95bef742f79ffe34c47afb1e30756a9a9ba296e65271845d9e6e3dc29e9ed26c19dfa86374c48bb4f5777aa8ee77a0e42bdd7bb45edc372de76e6741477226f730c4efa3fe70e3699094e5ccb59799ec4f1fb99f4404ffed5b05c4e2ae29adedfaf3cd29798b8874eaa53c36163bbeafc4febb4598834de5661eccf7c5f"}, 0x80, &(0x7f0000000240)=[{&(0x7f0000000180)="05d01c256309ca0ac09370740e6ee100188204d5f7efc59c040c16e2f5b56a323d8d2e3b6de5332c203c1e433577c49712bc840a3705f49bb395b1fecb85578a734d83b7abd9acc86a02ed04fcd98963bf0924fdbec4ff1d033d1f225648dc85db8eea862f943775e7ba07fe16698462b3", 0x71}], 0x1}, 0x44040804)
r7 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x0)
ioctl$SG_GET_VERSION_NUM(r7, 0x2284, &(0x7f0000000080))

24m41.446157253s ago: executing program 1 (id=27):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={0x78, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @empty}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @loopback}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x14, 0x6, 0x0, 0x1, [@CTA_NAT_V4_MAXIP={0x8, 0x2, @loopback}, @CTA_NAT_V4_MINIP={0x8, 0x1, @multicast1}]}]}, 0x78}}, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x13}, "fd23c2b7b3c1784fd1c238f152ee3c215b8e88"}, 0x17)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x3, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="7a0a00fffaffffff7110b9000000000095"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x10, 0x4, &(0x7f0000000140)=@framed={{0x18, 0x2, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x7}, [@ldst={0x3, 0x0, 0x6, 0x2, 0xa, 0xfffffffffffffff0, 0x1}]}, &(0x7f0000000000)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)

24m40.55667278s ago: executing program 1 (id=32):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket(0xa, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000000)=0x2, 0x4)
ioctl$TCXONC(r0, 0x540a, 0x1)
bind$inet6(r1, &(0x7f00000002c0)={0xa, 0x4e24, 0x1, @empty, 0x65}, 0x1c)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000280)=0x2, 0x4)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x38, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x1c, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_RSSI_THRESHOLD={0x8, 0x14, 0xffffffffffffff19}, @NL80211_MESHCONF_FORWARDING={0x5, 0x13, 0x1}, @NL80211_MESHCONF_GATE_ANNOUNCEMENTS={0x5}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x48041}, 0x40840)
r4 = openat$vicodec1(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$VIDIOC_G_FMT(r4, 0xc0d05604, &(0x7f0000000180)={0x8, @sliced={0x4, [0x8, 0x8, 0x5, 0x3, 0x5, 0x3, 0x9, 0x5, 0x2, 0x9, 0xa, 0x7, 0x0, 0x7, 0x3, 0xf, 0x84, 0x4, 0x1, 0x800, 0x0, 0x200, 0x2, 0x5ef, 0xba, 0x0, 0x40, 0x1, 0x1, 0x72, 0xd, 0x930f, 0x81, 0x8001, 0x0, 0x9, 0x4, 0xc, 0x61a, 0x200, 0x401, 0x0, 0x6, 0xfff9, 0x8, 0x40, 0x4, 0x7], 0x256b}})
r5 = syz_usb_connect$hid(0x0, 0x90, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000105804125000000000000109022400010000c04009040000010300000009210900000122a00009058103"], 0x0)
syz_usb_control_io(r5, 0x0, 0x0)
r6 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r6, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r6, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r7=>0x0], 0x40000012})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=@getchain={0x24, 0x11, 0x839}, 0x24}}, 0x0)
ioctl$DRM_IOCTL_MODE_ATOMIC(r6, 0xc03864bc, &(0x7f0000000180)={0x300, 0x1, &(0x7f0000000340)=[r7], &(0x7f0000000040)=[0x1], &(0x7f0000000200), &(0x7f0000000240), 0x0, 0x7f})
syz_usb_control_io(r5, &(0x7f00000000c0)={0x2c, &(0x7f0000000100)=ANY=[@ANYBLOB="0000d2"], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_open_dev$evdev(&(0x7f00000000c0), 0x40, 0xa0000)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
r8 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r8, 0xffffffffffffffff, 0x0)

24m33.581083951s ago: executing program 1 (id=40):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20020008008f}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000002100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x94)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r3}, 0x10)
r5 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0)
write$P9_RSTATu(r5, &(0x7f0000000340)=ANY=[@ANYRESOCT=r4], 0xe9)
r6 = userfaultfd(0x801)
ioctl$UFFDIO_API(r6, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r6, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5})
ioctl$UFFDIO_CONTINUE(r6, 0xc020aa08, &(0x7f0000000180)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x4)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r7)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000080))
semop(0xffffffffffffffff, &(0x7f0000000300)=[{0x2, 0x5, 0x2000}], 0x1f4)
r8 = syz_open_procfs(0x0, &(0x7f0000000280)='net/ip6_mr_vif\x00')
preadv(r8, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/102, 0x66}], 0x1, 0x5, 0xffffc138)
ioctl$IOCTL_GET_NCIDEV_IDX(r8, 0x0, &(0x7f00000000c0))
r9 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0xc4)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27fffff, 0x4002011, r9, 0x0)

24m31.605205916s ago: executing program 1 (id=43):
mkdirat(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/custom0\x00', 0x1002, 0x0)
ioctl$BINDER_GET_NODE_INFO_FOR_REF(r1, 0xc018620c, 0x0)
r2 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000062d14406d0470084761000000010902120001000000000904"], 0x0)
syz_usb_control_io(r2, 0x0, 0x0)
syz_usb_control_io(r2, 0x0, 0x0)
mbind(&(0x7f00001af000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, 0x2)
syz_usb_control_io$printer(r2, 0x0, 0x0)
syz_usb_control_io$hid(r2, 0x0, 0x0)
syz_usb_control_io$printer(r2, 0x0, 0x0)
syz_usb_control_io$uac1(r2, 0x0, 0x0)
syz_usb_control_io$lan78xx(r2, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r3 = getpid()
lstat(&(0x7f00000000c0)='./file0\x00', 0x0)
syz_pidfd_open(r3, 0x0)
r4 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000080), 0x109200, 0x0)
setns(r4, 0x20000000)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f00000001c0)=ANY=[@ANYRESOCT=r3, @ANYRES16=r0, @ANYRESDEC=r2], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xb5, &(0x7f000000cf3d)=""/181, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000240), 0x8, 0x10, &(0x7f0000000000)={0x0, 0x0, 0x0, 0xfffffffc}, 0x10, 0x0, r4, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000002700)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000fc0)=ANY=[@ANYRES32=r1], 0x1140}], 0x1, 0x0, 0x0, 0x10004800}, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400), 0x141600, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = dup(r6)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000180)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r8, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f00000000c0)="c20000361e0f01c3660fd2eff30f10f1b961020000b80e000000ba000000000f30b98d0200000f320b99f3530000660f6af7c4e2f91d20", 0x37}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r6, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)

24m27.720384247s ago: executing program 1 (id=48):
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x1000, 0x1)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)=<r2=>0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
timer_settime(r2, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=ANY=[], &(0x7f0000000180), 0x0)
pipe2$9p(0x0, 0x80000)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r3, 0x1, 0x41, &(0x7f0000000080)=0x21e6, 0x4)
sendmmsg$inet(r3, &(0x7f0000003240)=[{{&(0x7f0000000100)={0x2, 0x4e23, @empty}, 0x10, &(0x7f00000016c0)=[{&(0x7f0000001540)="94", 0xffe3}], 0x1}}], 0x1, 0x4000800)
recvfrom(r3, &(0x7f0000000200)=""/131, 0xf92e58a67d38802c, 0x2101, 0x0, 0x0)
syz_usb_connect(0x3, 0x45, &(0x7f00000001c0)=ANY=[@ANYBLOB="120100003d1a1310210414017211010203010902330001000000000904b400000202ff0005241c00010524007f000d240f0101010000000802000006241a0c0010042402"], 0x0)
open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0x200000000000000)

24m11.494971828s ago: executing program 32 (id=48):
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x1000, 0x1)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)=<r2=>0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
timer_settime(r2, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=ANY=[], &(0x7f0000000180), 0x0)
pipe2$9p(0x0, 0x80000)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r3, 0x1, 0x41, &(0x7f0000000080)=0x21e6, 0x4)
sendmmsg$inet(r3, &(0x7f0000003240)=[{{&(0x7f0000000100)={0x2, 0x4e23, @empty}, 0x10, &(0x7f00000016c0)=[{&(0x7f0000001540)="94", 0xffe3}], 0x1}}], 0x1, 0x4000800)
recvfrom(r3, &(0x7f0000000200)=""/131, 0xf92e58a67d38802c, 0x2101, 0x0, 0x0)
syz_usb_connect(0x3, 0x45, &(0x7f00000001c0)=ANY=[@ANYBLOB="120100003d1a1310210414017211010203010902330001000000000904b400000202ff0005241c00010524007f000d240f0101010000000802000006241a0c0010042402"], 0x0)
open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0x200000000000000)

19m25.404122144s ago: executing program 5 (id=621):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f0000000580)=@updpolicy={0xcc, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x20, 0x1d, 0x0, 0xffffffffffffffff}, {0x0, 0xa7, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfffffffffffffffe}, {0x0, 0xa00, 0x40800000000000, 0x800000000000002}, 0x0, 0xfffffffc}, [@offload={0xc, 0x1c, {0x0, 0x2}}, @XFRMA_IF_ID={0x8, 0x1f, 0x1}]}, 0xcc}}, 0x0)

19m24.959386262s ago: executing program 5 (id=624):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='blkio.bfq.io_serviced\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000380), 0x1000a)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x10012, r0, 0x0)
msgsnd(0x0, 0x0, 0xfd1, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='smaps\x00')
read$FUSE(r1, &(0x7f00000005c0)={0x2020}, 0x2020)

19m23.409929757s ago: executing program 5 (id=626):
syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000280)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a00000804800200090581", @ANYBLOB="f7"], 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x40140, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r0, 0x800455c9, 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0) (async)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)

19m18.793874996s ago: executing program 5 (id=634):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x1000, 0xfffffff7)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
close(0x3)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x2000001, &(0x7f0000000500)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}})

19m17.35480223s ago: executing program 5 (id=635):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
set_mempolicy(0x6005, &(0x7f0000000080)=0xfffffffffffffffd, 0x4)
io_setup(0x8, &(0x7f0000000600)=<r0=>0x0)
r1 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000002740), 0x20080)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000580), r2)
sendmsg$IEEE802154_LIST_PHY(r2, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000000)={0x14, r3, 0x30b, 0x0, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x2400c0c3}, 0x20060000)
syz_genetlink_get_family_id$nbd(&(0x7f0000000540), r2)
io_submit(r0, 0x1, &(0x7f0000000080)=[&(0x7f0000000140)={0x0, 0x4, 0x0, 0x1, 0x0, r1, &(0x7f00000000c0)="01", 0x400000}])
syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000090000082502000000000000000109025c00020100f92a0904"], 0x0)
syz_usb_connect$uac1(0x3, 0x71, &(0x7f0000000080)={{0x12, 0x1, 0x201, 0x0, 0x0, 0x0, 0x20, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5f, 0x3, 0x1, 0x40, 0x10, 0xfe, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0x4e, 0x3}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x400, 0x40, 0x12, 0x6, {0x7, 0x25, 0x1, 0x0, 0x3, 0xa}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x40, 0x55, 0x2, 0x2, {0x7, 0x25, 0x1, 0x82, 0x2, 0x7}}}}}}}]}}, 0x0)
syz_usb_connect$uac1(0x2, 0x7a, &(0x7f0000000100)={{0x12, 0x1, 0x200, 0x0, 0x0, 0x0, 0x34cfc0a0c413c3ad, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x68, 0x3, 0x1, 0x1, 0x90, 0x9, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0x5, 0x9}, [@feature_unit={0x9, 0x24, 0x6, 0x2, 0x2, 0x1, [0x6], 0x3}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x3ff, 0x9e, 0x0, 0xff, {0x7, 0x25, 0x1, 0x1, 0x7f, 0x20}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x20, 0x40, 0xcc, 0xf, {0x7, 0x25, 0x1, 0x80, 0x0, 0x3}}}}}}}]}}, 0x0)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="043ef50d"], 0xf8)
io_getevents(r0, 0x0, 0x5, &(0x7f0000000380)=[{}, {}, {}, {}, {}], 0xfffffffffffffffc)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000300)='proc\x00', 0x0, 0x0)
chroot(&(0x7f0000000000)='./file0\x00')
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
r4 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), r2)
ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000240)={'wpan4\x00', <r5=>0x0})
sendmsg$NL802154_CMD_GET_INTERFACE(r2, &(0x7f00000004c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000440)={&(0x7f0000000280)={0x40, r4, 0x200, 0x70bd2c, 0x25dfdbfb, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r5}, @NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x40}}, 0x4000000)
r6 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
ioctl$UI_ABS_SETUP(r6, 0x401c5504, &(0x7f0000000340)={0x1, {0x0, 0xfffffffe, 0x0, 0x0, 0x4000000}})
pivot_root(&(0x7f0000000080)='./file0/file0\x00', &(0x7f00000000c0)='./file0/../file0\x00')

19m13.59110247s ago: executing program 5 (id=646):
syz_emit_ethernet(0x22, &(0x7f0000000280)=ANY=[@ANYBLOB="aaaaaaaaaaaa01cbde000000080045c000140001000080000000001414bbac14142c27bf747560cc1153951e36424d11323e4f2757cc7f1e5f30e58670f569ff2cdeebd79217d1234d602c7b05f85105a60aeb15a52cd376"], 0x0)
r0 = epoll_create1(0x0)
r1 = socket$unix(0x1, 0x5, 0x0)
bind$unix(r1, &(0x7f0000000200)=@file={0x1, './file0\x00'}, 0x6e)
close(0x3)
listen(r1, 0x0)
r2 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
r3 = socket(0x10, 0x3, 0x0)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000004640)={&(0x7f0000000540)=@newqdisc={0x68, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {0x0, 0x2}, {0xffff, 0xffff}, {0x7, 0x2}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x80000001, 0x0, 0x0, 0xffffffff}, 0x0, 0x0, 0x4, 0x8, 0x80000001, 0x14, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}}}}]}, 0x78}}, 0x0)
getsockname$packet(r2, &(0x7f00000007c0)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000800)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000840)={'batadv_slave_1\x00', <r7=>0x0})
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000880)={'team0\x00', <r8=>0x0})
r9 = socket(0x10, 0x3, 0x0)
r10 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000080)={'wlan1\x00', <r11=>0x0})
sendmsg$nl_route_sched(r9, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000004640)={&(0x7f0000000580)=@newqdisc={0x48, 0x24, 0xf0b, 0xffffffff, 0x25dfdbfb, {0x0, 0x0, 0x0, r11, {}, {0xffff, 0xffff}, {0xa, 0xa}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x29, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x10, '\x00', 0x5, 0x40000003, 0x200, 0x8001}}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x4000}, 0x8000)
r12 = socket$inet6(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r12, 0x8933, &(0x7f0000000040)={'sit0\x00', <r13=>0x0})
ioctl$sock_inet6_SIOCSIFDSTADDR(r12, 0x8918, &(0x7f0000000080)={@private2, 0x3b, r13})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000008c0)={'bond0\x00', <r14=>0x0})
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000900)={'team0\x00', <r15=>0x0})
sendmsg$TEAM_CMD_PORT_LIST_GET(r2, &(0x7f0000001180)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000001140)={&(0x7f00000011c0)={0x7d4, 0x0, 0x0, 0x70bd26, 0x25dfdbfe, {}, [{{0x8}, {0x80, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8}, {0x168, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x9}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x2}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x5}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x5f9}}, {0x8}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}]}}, {{0x8}, {0xd8, 0x2, 0x0, 0x1, [{0x54, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x24, 0x4, [{0x800, 0x7, 0x5, 0x4}, {0x3, 0x0, 0x48, 0x1}, {0x5, 0x7, 0xfd, 0x3f}, {0x6, 0x0, 0x1, 0x1}]}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0xe, 0x4, 'broadcast\x00'}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x10000}}, {0x8}}}]}}, {{0x8}, {0xc4, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x1}}, {0x8}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}]}}, {{0x8}, {0xb0, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x3}}}, {0x3c, 0x1, @priority={{{}, {}, {0x0, 0x4, 0xc}}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x2}}}]}}, {{0x8}, {0x1a4, 0x2, 0x0, 0x1, [{0xffffffffffffff6b, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r5}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x8}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0xffffffff}}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0xe3}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r6}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x5}}, {0x8, 0x6, r7}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}]}}, {{0x8, 0x1, r8}, {0xec, 0x2, 0x0, 0x1, [{0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r11}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r13}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x3ff}}}]}}, {{0x8, 0x1, r14}, {0xbc, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x1}}, {0x8}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8}}, {0x8, 0x6, r15}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x7fff}}}]}}]}, 0x7d4}}, 0x0)
fcntl$setsig(r2, 0xa, 0x13)
fcntl$setlease(r2, 0x400, 0x0)
fcntl$setlease(r2, 0x400, 0x2)
write$tun(r2, &(0x7f00000000c0)={@val={0x0, 0x9000}, @val={0x3, 0x1, 0x6, 0x7, 0x74c, 0xfff}, @x25={0x0, 0x8, 0xf7, "33c9293e7c87feaff7eef8ace047f55d580dc5830240642ca52437720932adb644bbea71104c12b92c08f2f60ab629"}}, 0x40)
r16 = dup(r1)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r16}, 0x2c, {'wfdno', 0x3d, r0}})

18m58.372284035s ago: executing program 33 (id=646):
syz_emit_ethernet(0x22, &(0x7f0000000280)=ANY=[@ANYBLOB="aaaaaaaaaaaa01cbde000000080045c000140001000080000000001414bbac14142c27bf747560cc1153951e36424d11323e4f2757cc7f1e5f30e58670f569ff2cdeebd79217d1234d602c7b05f85105a60aeb15a52cd376"], 0x0)
r0 = epoll_create1(0x0)
r1 = socket$unix(0x1, 0x5, 0x0)
bind$unix(r1, &(0x7f0000000200)=@file={0x1, './file0\x00'}, 0x6e)
close(0x3)
listen(r1, 0x0)
r2 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
r3 = socket(0x10, 0x3, 0x0)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000004640)={&(0x7f0000000540)=@newqdisc={0x68, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {0x0, 0x2}, {0xffff, 0xffff}, {0x7, 0x2}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x80000001, 0x0, 0x0, 0xffffffff}, 0x0, 0x0, 0x4, 0x8, 0x80000001, 0x14, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}}}}]}, 0x78}}, 0x0)
getsockname$packet(r2, &(0x7f00000007c0)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000800)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000840)={'batadv_slave_1\x00', <r7=>0x0})
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000880)={'team0\x00', <r8=>0x0})
r9 = socket(0x10, 0x3, 0x0)
r10 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000080)={'wlan1\x00', <r11=>0x0})
sendmsg$nl_route_sched(r9, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000004640)={&(0x7f0000000580)=@newqdisc={0x48, 0x24, 0xf0b, 0xffffffff, 0x25dfdbfb, {0x0, 0x0, 0x0, r11, {}, {0xffff, 0xffff}, {0xa, 0xa}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x29, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x10, '\x00', 0x5, 0x40000003, 0x200, 0x8001}}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x4000}, 0x8000)
r12 = socket$inet6(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r12, 0x8933, &(0x7f0000000040)={'sit0\x00', <r13=>0x0})
ioctl$sock_inet6_SIOCSIFDSTADDR(r12, 0x8918, &(0x7f0000000080)={@private2, 0x3b, r13})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000008c0)={'bond0\x00', <r14=>0x0})
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000900)={'team0\x00', <r15=>0x0})
sendmsg$TEAM_CMD_PORT_LIST_GET(r2, &(0x7f0000001180)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000001140)={&(0x7f00000011c0)={0x7d4, 0x0, 0x0, 0x70bd26, 0x25dfdbfe, {}, [{{0x8}, {0x80, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8}, {0x168, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x9}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x2}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x5}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x5f9}}, {0x8}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}]}}, {{0x8}, {0xd8, 0x2, 0x0, 0x1, [{0x54, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x24, 0x4, [{0x800, 0x7, 0x5, 0x4}, {0x3, 0x0, 0x48, 0x1}, {0x5, 0x7, 0xfd, 0x3f}, {0x6, 0x0, 0x1, 0x1}]}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0xe, 0x4, 'broadcast\x00'}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x10000}}, {0x8}}}]}}, {{0x8}, {0xc4, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x1}}, {0x8}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}]}}, {{0x8}, {0xb0, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x3}}}, {0x3c, 0x1, @priority={{{}, {}, {0x0, 0x4, 0xc}}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x2}}}]}}, {{0x8}, {0x1a4, 0x2, 0x0, 0x1, [{0xffffffffffffff6b, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r5}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x8}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0xffffffff}}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0xe3}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r6}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x5}}, {0x8, 0x6, r7}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}]}}, {{0x8, 0x1, r8}, {0xec, 0x2, 0x0, 0x1, [{0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r11}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r13}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x3ff}}}]}}, {{0x8, 0x1, r14}, {0xbc, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x1}}, {0x8}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8}}, {0x8, 0x6, r15}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x7fff}}}]}}]}, 0x7d4}}, 0x0)
fcntl$setsig(r2, 0xa, 0x13)
fcntl$setlease(r2, 0x400, 0x0)
fcntl$setlease(r2, 0x400, 0x2)
write$tun(r2, &(0x7f00000000c0)={@val={0x0, 0x9000}, @val={0x3, 0x1, 0x6, 0x7, 0x74c, 0xfff}, @x25={0x0, 0x8, 0xf7, "33c9293e7c87feaff7eef8ace047f55d580dc5830240642ca52437720932adb644bbea71104c12b92c08f2f60ab629"}}, 0x40)
r16 = dup(r1)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r16}, 0x2c, {'wfdno', 0x3d, r0}})

15m5.87477493s ago: executing program 3 (id=1199):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='mountinfo\x00')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8e}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
syz_usb_connect(0x0, 0x24, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0x45, 0xc3, 0x3f, 0x8, 0x5ac, 0x247, 0xb023, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x3, 0x10, 0x2}}]}}]}}, 0x0)
connect$unix(r2, &(0x7f0000000400)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000040), 0x40000, 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000100)='mountinfo\x00', &(0x7f0000000180)='mountinfo\x00', 0x0)
r5 = socket$inet_smc(0x2b, 0x1, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
ioctl$TIOCSPGRP(r0, 0x5410, &(0x7f0000000000)=r1)

15m3.010004459s ago: executing program 3 (id=1205):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4008040)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x9}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000004c00)=""/102392, 0x18ff8)
unshare(0x20000400)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe)

15m1.977965014s ago: executing program 3 (id=1207):
r0 = syz_create_resource$binfmt(&(0x7f0000001400)='./file0\x00')
openat$binfmt(0xffffffffffffff9c, r0, 0x42, 0x1ff) (async)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002040), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f00000020c0), 0x0, &(0x7f0000000340)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x8000}, 0x2c, {}, 0x2c, {}, 0x2c, {[{@allow_other}]}})
syz_fuse_handle_req(r1, &(0x7f00000022c0)="de98ee653502c564abeb97fc678bde22efebcf99c2d89952950acc703a3c6268a54c8b1bd1ee165c82980cd315b55a070dc41deeb2d4c1842d936a0bcde5fd7ed6031fdd9cb58ebfe8261528f097f309813b5722c24a1af8e6bc6ddaef7e85d2659690154bc5e6ee73c3fe7176509ad7b30e1098fc9873db91d3c1816825e710374de8d40693578b598922d9c523cfff93a630f121251d17ad40bce021d7fd57945fe2a186618a40b5f3995a9f0ceaa3e22b57e4f68e53fffeb5474fb83afaf5cde6b0aaf5cf0313ede442ddf1df6c280921e43d80dddfd005969272e1719b37fd8f749fcde83f8201826b4cf5b1c1da394568aa7d8833dd11309f46422b0152ede5ab29b17bc1ae80147346155b20a98d6fc2650bec3fe73327c45cad1b38f7c983cd070556a8f8ed5d58e1052f6436fad905099d18fb3e62c2c36a1c2209a94c820e30e5234e77be3beb4cd183015d281e7bf39cdcf0f1e541211c75d64a49b55ba4c2c444bef36d98df66bea814bab91ed65386d6a491a6295c24dbaf752a5e7a856e0dfe46a6f9e718ca3919c6f8978b0fd65c9e389114e5afd8e9e2a575b854463b63f46d08795f0f1d0d48d6d610fd74e9238de32ee3fa2ffef550336341803c083ac1d749be6c5440bbe4bd3bc3015bcde2b4e2160ba266d281a9641f74d9348fb6fa8550d1e8a8362999452e40b75c412cfa77ab8e1aaf1a9e83c855ec9b7ada38690f0d2e59f67a1f3babbcda8011595ea720816c24726b833beaca0a9d11e7b99373601d27d18c9e29940503d3a12149fdc4fe0065c3d023d6e7712eb853df19f2b4b886e08d61629288ff16c2597d7fae5bfc8b41f92fc325ffe0f61683b1f661409bdd7c3d88a854f8393484f4669b5d9654fd3a0819a32110b9064539a7419c332629b3fc71da35b783ef7c693842ce83733a63f2e6af37989cfcb768ab8cea5d21b82a0e9f6fdcec26b0107708867dec54c4e739fe9b931b3c6da013bfae097c57f1e16ba54f9028e672511938a0ad9d681d7feebc65a2f5f588abd66261393f3ba02d7b2cf650a9f7c6a4ca55b4d41132908dc9c90e26f0da8e2259e3a2b63b2d9e27754e278827ab80438070698c690ec375a9aeb4193079a28a2a062961ba0e65af01644af063f3ebefda92c4986379f7b099b2fd3960929578736f09887fc5816cb1b982e5b121b79662d1674dd0c6e82627cf8c63e576e5c1eb0af9415ddc10ff880e8ae3ce8c4fb87b8f9d364974c2a1d8eba4e04bc2bc018bfabc435683b2551c0e4908570b930c4fd7c03ddb95e9ec1d1994e3df0305fdac4e5b914641ae25b0c469b194c0bb78ab04887cdc4262da468475b926a18254d23b4c44705aeca34ef8a7b04dd55a43f39996529a23804e054655c5ba8661f7c02737e7539650364928d62b9b8d80988232009acb54214f06640e9bc6614c0ce02e4a22dc8b91a0aad711e4fd01d7020b7c7185e41e27ce266b9f5aec682cbd4bba3240d6277b17b564937254f37afe580cba0b78c6b0cc81830eaf10d7cc1f7e918d49e935629fe6c24b4368a04af1b99f6981340ee031874f3d4b3a9ebc31719b3b775bfe1fdfa0460a3820bff6f61b49b11ac2ca00836a0c4a74aed92a619f34231196669b942e761538e64f965d23d4f7814256e876263fe5307985c4e6eb69c974f66276764e80ab1de3f5c55e7b2cfdb78dd183a85473e968918ad73f29a266c818b9bf9f62eed86df25b2577bb6d98e3996e94f5bdf119b869541a94eb3536c979c3d77cc0df7c0c48a902ca2f03f5ba5a8ef9431cf95f6fc89744e8440e1d5ebb837e30ef7541fbc27672c31566ac3676a173cb9e466a2d206ba1ebc2b985eddcd6ff937375fbc8415eba46f5ec68cfa9f3a669d41b078867dd9f5160ba45fa4719f32cf877d4b7a6d77c977533659f7c7ac22c68f5e93c1df6c2a3d45b55a4afd3355680aed864f6bbe13da2da28a4851f73c88e555f3bb1c34a21fc45ab6c28287902e8b5fcae6899c804f364cd878a8d1734462bb075cb7bc709cc2c5d7747c4c29a2fa9259752301c26b852b7993adf889d45dbe39094c9b7b168756e5b939ed10bb6df57b8f5e14352cfc7d8b03cda5b978b06cf2430af5db17177b1ef664bc4b00307f970c4fc606a6bab72125f62b0f59655c35b104da7af188a953cfc09b3aa0785abf330830fefedcc8bf9a11d5dc4b5642f679d45cb44fe61ab1d906345c1c345f6b8027bae9585580c20115d2504d9c83ab54ea2557b6d2dd3bc65fa29f091aa46a215e77621836154104e6969fa9107139a19f2e45cc6bf55422a0e1a6d037ad9e63df5f9cd2045e13ac2d6a15bc12008c4cd23782df7d41bfecc0037292d22c7b42f2cc1a22db7502332d9f4fa85f7640c8635b9469681adb6bcec2dfdf6926f1815156d80a835ae918527f549ea6df45f350f618dc1f3ca139759be28e35013034f8bbfd3fa1a8f302594213c18015305911f42e287f2d86f17d76f8a0ea03fb574c60c808669f9f4454fc2eaf0e93873f688e34bd3341f6874d5d8fe754172a751d6ab23dc1642220e7fb1071df0ee3c7e07c338915494a3b360bdc0b38ed221c2c2bc86b29744448b255802b3ddfe600c1d0f9acabb2185e4e9dae5e456d5825f516c857f63e72e4a5f3d45eaf11a0e3a5ad0ba30a0bf0f94cc99586fd202d6118bb6f9c272f6cbe39dd9b8b36ea7fa51dfe0bb87a633be11c16a14d1bce8492387696e195fa3c5f172690b4434aa2e91ce7d225d73b1983d2605ec725aae0ae402cd2f79fc202a307f1896f3dfcf8c0fd8b841dcfeda5d65bb7d76f7c2d2eb1b164c0368e9984f320a224d7d438bc5c699acbc18a587b7589e960af114afbc9f59243646557962fc2e0cb5b5bf160a313bcfd9ade3e140b808e9f19415808aa312ae9c9e8bcd5a47fc721eda59d10670088714984a71d5c0df8b68e675a8e31ec15a92ff6a04d17e0ef849c782b302d11f742efe6486ab904fd65c0aac4ec25c6d877b453dce80e894de703aa8b1e5d00701850f149fe437fd0944cb95e54a924a49bd86bb9a602cf2904fbd9e399f1cdcd0b45b6d8f872e285f9dfeaa26aa760074651393c6451b36c643dd0b7236ec7803d69cec1b09bf1b63fbb68ad7c01507f00083b184ff01a62096f386f4c8fdc85e93eecf3f4b384aec1c10ccc60d8109a6d887bd389c3406163f9600879f0e944443d783e8644f69344f6f44f7bbf1883cda7369c9b9904d991c01552135f158a0bbb7f40c354f292c034824d82c209ebc770f5b756768ae51d45f8875b59904a07090689e65b40625566eed5d209130db812f287b966ae21ba46a3a7a3a0360a4e284d8d91ba9ed9806ea063827c8dda0fa98f758cbfa523ac645421f444a40b95bb065a64256c19354b1ad5002bb7b2add9b5236ad64e9052734b9d263515683db121b5e4dc1eab244dd8fc0fc62d962834ba0b21aad872b127afc0a33c7869a3f213519aa2ef51bab9ab28ed18859fd8239841a6668fc614dedd099121ae6c220a143c119cb9bff9068f65d0554b4c12105e59a22e91203a08ab8c718ec62c42d7ebb7b495e9e1be8fb7e4aab2777025da37b48d9d7b97578841a73898a6eab994e250106e096390c77b0600537be881ab7d81e3cb468bf1fe318b1e804d8df9875e9b8da22e6244997317391cce608085a28b8d070d654a29afab324ba3eecf427b6dfd43501ec0db919f71a932897eb37fe3bd64ab5a34ec60011696298b74ddd7a3710d3e444cedcc5cdc357f9dd58e67dc0ed3fc8df6dad82b3c00b4290c3280c28f78df052ec9cdd9df025abe8834616eddd5bb93379c69092911cd60761e7d14b426a83e335bfc8bf67a14e01df7cefb6023f0c6556534b975ed889de0d96d968526372402ce3d21a2c5c64a449dc3ba4ee0b5ceabc2fa29679e225681c8e946dc94b48af024bb1633e1860c7d8c14500967f24e2f8f46db537232a4e9f4abf8408f53bb52b035bdb89917a6f2f4bd22403ad002c2d936b785ecd965177e9f6235787a185d0eca92532f1aab16756ae86ece13925ba4a1fd08125102ae08c428d073aa426c4e792b5a4acf618605df1707021ce1eed62da4ee87334e34edf43338a0076b8ec739e2c31071e10c6a853e19fbf25b8a356527a67c8f7696dc184e374f4641f4e5b0aa345f1e6c4bfeba3a392d9a994bc271717a051c98d6c5b1f3296caf4c01d80ffb75b6fbdd0a0583f9d4695a44a2878df0c09a85aaab14522320cc3d2611603a34e52da03677a60cc87cc3c689975e5b5366c82e040b6643b8865d8bea0c84cef9ff85245a8b4bc41af1a50775b29fe55e42ac4b29fe80ddaf02e8c9bd07cab823f3d9021ac88236525ec045688a2fc9c6df66f549b10720cebf09ead919524f071cd128fb7575c84190c698b420f89b3c11195b5d83022d1f7e48afc21203995caf8f9286dcd5bd51b65c1af1caadf5a1b3f12579066855ff851075adb959dc3e086a7fb4e9a27fe80e8f3c0959b042486310ae7b785b0612e0385e36f50d4cae3474dd000c3957955534b4907b9480e2e5d83dedbeb76cb78d893c5b64dd51e31abc8e8b4c56b96f67c4b6e43861d91681af3270aae1a8f50712bd97326ee46a2640285b2902f051071d5a3400e99b76459956ac6908688c314bd8e54365383a65b186a6386cc5218e41e0b386759de81bccf5aa68f8608831a9d33ad1af2bdbd8579c5921cd8c3dd2f3bf1f123c742e118c76e2f43618bb7885e44826b7417c9ca5a139d774c16fbf74c8969c038ba6a54f27bab46ecc94d6455188d8dc1edf1da715c8d9976226877096df4158eeecced2248c7b88de0dd11a076db1f06bae4adba8286dc39aa62a55233886e011622ae1cf97238914a55078a78908145295777dbbc4e0d34364e0f3daa9eba6fa54c085777b18c0523818ff8710dee4bfeb3db549c3f38dde73b99a7b1b219282407a4e0ab3794089e21f6f2045ab6254ac3703903edb302fb2f0f97e47cca7969ad6b5b6cf27314137a04d5f4f29c193cfc5540592ab1342a1a9cbd514a7b4d6b23f724a5d7bfa6ffe8e3d9de29b8661139f179a0fafecf234f19bee75c25faffc765e02377d83e0ad0a0029c08f5c71595bc1b2fe88f0fe958f3f1f8ba6821ab834cab9bc902b2d47bd4b5ed52b5b0d7b3bc999b2f68879be39ddcb0428ce3a617b68c11459b746651f413d9e9a098cd2b5c0fcfd0ea1db2cde1672818d7bc73b053015692f9e9259a0153e3c9ac5e73e3343dd350cfbcaa57be93cc881a35063aec2db4ed71df2b1bd90b5ecbd84f399d4530c5450d622188423e151cec49673dc633e503c497d53843f4824750dc09abae9f2f465e92888715b6879f5edbab7bcd58f0899e1430ffb5f3063450945cb0fb3b5c3088ed6966c54dddae3aab489a80341b45a17cac02ae62749f209a7e16ecdfd86b43569c7b34511c65474acf2b2c18834e158e20957bf2320e4a6b9d63caea93b3a7dd4f7ba54443aba1ac2b6f2b27e1bf6f17d3fd1582462e0debc7069bb70e219654cbb99adfed54ab94329382163f2ab6710bb581d189cb3449a02c917c1f2d1d5f51958ce605fdb0e37ae5f3cb3f123276d43b2c26ea948dee863e0b679ecddf0fe41ce78bbca30167c9c7d6b0e9193c98090facd7205a490727e1ac49bb4d639348a32546007459c61c27bf8df87dd2ed3f3228b8193422a72d15f848bac13c6ffa7b8a767cf04866feb7c7a81267d7a8e890128d4709e4873223578aa7febdd562403c6092c0a3f6e0650772ede935ab6ef95e375bcbfa395e23ef1d73532388b845a95f158dc845a123f798176c73e177926d39abd38a910d40653006375110be2f2c5f6efc87b31908be36dd07c8ba5853519a37dfc4dea981af855293f49a3270bb67cdc17b780fbf2a418fcec8953dae927909a6bbbdce230d23113efad9c02474682dafc63311050cb4f3f86c282ff29728eefac5c678360122b4ce221bcec82d24e053b63972d2e9a631a180b48bb8d2d4de7254d91a856071df51a1d87ca7eb5d19ac3def1fdd6ebd8f57c2c9e43cb6ff2fa00d27f279368f5ee29a84ba219a51d1f0f1965781164edbb3aa6209fbce6d40284fbb4a33f59bf9e1248100a623de16613eebc11f510b7718dde9f13b4c9b2b6a10dd932696cdb7fa4b5733b0377453471462762457d42038ebf8c0fb392ca7656ad1f050c326de75fffc698c48f5d809ae360ddb9856b9a54b811073233294bf91e46414441b6665f432201da12e49718b0d7929b6cbcbf310a09ce0d22f07ee5cfa8ffb9f03acd224641171ffafdf50f18be8fa3c907226cc1a6f3b16a776781a6396dbf09f689ad6bba4d537dad490a6f036a45ee3e224e6f519e44b7352ee3e7d3f0d89f8c7c8f54b6d2698c0298a07866c9d9ca09c96c2ac8efd7974294df6dd1bb0598debadb6135e7123bbfddf84870de54476a291586fc0e64784e65fdf78d462e8b51cbac38e7ff1878b11418f188220e3deb5367a2d90ad7d44395f6965cc6d680c59daac268c16814d1085302d0453b48e4a8ae78b8a5b6951a875ef42776f6d11955da7e5734a72b61cefcc6889b8f8d58db51ee78d7b1a8ffebd90e15a64654054767aaec24dd3b5f338b572496c8731049c10622b7f54fdfa43aaea316946291fee7bc9e64640e8bccf33fd1e8693b67020b49cf77faaaa8269e2fecc4e2b43c8c3378a4a9b9b85a4fe2c346c5512cda631542e0ff5706eba996f4f72e629b076d6be1966d44b1835ce664e3c6a4f18c68f5e32f900a0a167e547d5aa79c0aede966f83d00366a623ef8107e328654c8558d5e606f69a12b6c2a6fcbe0e08f945c4ad2738ed0b28d79c98514abe0819569c6e4f4751c665fd651aaa9ee392c330560ef6d57c0a97f0764f88433b2bf7641ba391634316b0ee1dac23a63be21270e50ea1ac24ac3b429a0b46c38dbd48c540bfb1e141b8b3df6caa179c7e54f2b7b1371e8eb05a30f13da95200ab70dc58325f6bea0ee9fe1f04154998df393f2b4ff4431363f3a7450fa5210e883d67620ae63cc41f72e74e26a0244de1ac722b6f1c1d293f7483b331a0efda65a4e4e9144547fe6dce2f4535e29048b07079329b63754bb124b9e046a6e97929b1f4a387765bf93804530791c9f649db6efbebebf46fa4f9af7ff2587130d0e70a32d4aab1dfbee6aadd1f3e5317e3d4c8cde75b1479bc3dd16ea35db3dca11cf1eb1d2bbac60b83605e171619d85fd4b6d0e24be8db76df12efef05eb87473b832e59f3039df44ef034e5e7546b399cc817a41b2f020286ff139072a5b909ebb185a3c955cf88f4a9929b2112e0a9ab43da0288ce3ea268ccc9f46f852d387f5d0a2831dfc8cb0bf593905ba376c069b8c9b70558ec826c5bf9835031199c4c6d84c913da7e9e7db49c1d34511d917b9ad3c40af0598737d58fd61b8f2adc46b73a284957a99943cf73414412fa5440a5f85b63c20794d122c267fba72bfcd0e2741642fd8ff5a0ae1ffd8b30d852c053d0e31f505ca13a21c0223a8ee77cdd92de1b9f87ebee4ea332e9d4573d7efb2ad3f50c35fb7a596c4edb4b72bf6df5a16ffe3c8a236f2cab8c0712ac26c2cbcc68c1dc45209b579c952c7d645642aeed7d60407ee2dc168179d536da950108e962c5c976d3a05bf5142466ee38939ee94e707a0135f99c99b5d6376f63c711e4f64950f08dbc931c812f34735d9eb1c5997770d8159068cdca2e0f192311ca438d613728b544d6a3e50ae0e4e6b1eb611ce55a96bb2f991d49173073d8547f5ede69d8b587a34bb8f637297a15ab4fc45f1384bbd19b3feab5fb81322ba831386eeb6067e55af374c1b1eb9613a6c41dfe2bbbcfad157dd042c67c44400b350f0dc40a8611f2e947f32ea3ac3f609027b5dbc95b157c13216fe7c35edcc82950bd4e38bcb02b63d2576489c331a222e013e73b5333694889b184bedbbb6fdd6fd40a62b1d5d494e68cd2aefc264f74bf70ef38373e599faaa326f574ae32b1aad86854af22db8c9673d14666aa7c0c3bbe0d76a835ba4b391552777ed20c5c6cd0aa84f3be73ca0a3c128914107fb8fc02220317fb111cf13398480cd3325582a7e55f4c4ef5a258bcd01a97615e95f89c8064d41d04340b88cd5f4b1d827a030637145d98422facadbbbce97dc3060402a7bfa73d7b4dde53184a0923c0ee29c6e8e2c35e396808df2481af6aab053b619fcb2833f14f87051c5461567c5f8dd40383a7521971775493f896e18c78bad8219f88258ea686652780c03ebafb63ecbfcb23e24d52a2f88a77ed3b2280637807a5e155f4fad7149b76841772471a3b77aa42e8058c0af1ac2be9d88b5152851708f1a77582b3e31702864ee6a244a38f3f95d9797a60cddeb5ddf08cc48fc677f03f9e717ebe7f472883e5a6a7df31ca4272228f26991460c537ebc8aecb6a0c34a763eb1f57124fbfafd6db4c21bedf6723b252aeb21eb1fd9f4f811fd3e2e764422964761b2ef3aaaf986a48f7be66f6387578f9492feebc97dfbc6bc97380394a5635dbe582e52a1fb18ea8fc4e53974c63d198cf0d878ba8a8d58688a037c0f753c7073337ef3da4c134ef939c98c8806d09943591e6013a1342de7c722f993fd7eb36ba8e8407d1ea60eb5724b0d6262c70469dbd8ea1956b8d7f5a77707a9cbe2137079e7abda3966c5bee4fd86e8a3c4969bc88ff328a2adc8f4546f647575866d5ced16df06bf40d9a5f178f9d19e490bd76e187c441e7de0e571f6cea5512ec9bea48903d91a519dc82defe34a06b0244d623090b5a250786bbc66c1e76db6b18d81ed33c81a7c93782d5cdbe0a7cf7d1ab29c04be6ff4a9bbc10f716a67d52fd52d91425abd2002cf83c3797861db5fbeaec745a552ca4a50604340f2cf2c1b10e9ba76c8ea43b283c73f774f8be213f17f70cf93b9f6a8bab1f516a935e80c3cc6756945edafd572e6e00840eedf61fc40351869f03562d8c13006de585a1141c02f1311fbc8e45e4b3878c32810698e4764a6e8495f165eefee35714a1794f9ab50897c5565ab745425933d9d6272a172c1f2a274f9ca7bc8e1b01a27b8bd06fd9dc61880789696348c99e9a70c9dd2a62ca04d1f86dc87380b618c2a78b16229d614702fce242fa17ea90cda2648f9375bf7e78b4267d558983e08a9566d95871998d23cc6d22c23370ae067b677609844abc140df81cbd9addbf657fffaab5c22c479acca18f3e4b508cf01ff7b2ca308ff116389790f26f2c7635f89c747a5bc66f61de575653069349a89fd7e3dd785266b7bccf16eb8b4a8a86751de60d33e17d64f6e4e0f9d13a16d243ad7364114db7ad011f094c4debf20a39e35e7eeb440bbe8811db2857b965edd1e2675ceb1bc9a1691f123dedb341962fbbe539485d2241b0409adce2587d035187a0dd5a62076ac4eb5c3e2f4455569b6eac0fc16155da1774cbe505dc92e2087585a7846bae699bef32e3c5ec2356dd4433ed29d4b03ff7b38f7b3cb96b92874eefda6c2e0e326214e40f14cc2ef80e1cd3fe226257a423b8ff5bb368b87ac7066c5136487775b5b122a858334c37f6a3f53d758c3c866e2e79daf9aeab36a59eddbae2fa5b6d20973014196ef0a4cde1373c7297833e6f1e46828f4a42eebd829dd4f17999abe285218ed5dc6007b21bceb588a213b29dbb1ab1a79b41a12df26fe35f0cf6a310c9e50cf10d71ad5960626e4efec211032ec4ae52512001362ba4108d86eb774d2d4d0364cbb1dae68f03a774e328c2dc09899ee80c05ac2a8e3ba905b0b3b7a08a3df20b505901123e7dc0a15db48d09c84189ca4345c23c2010c12cc35287fad30211cab9631e148a7c1e8bfab61ced30e098d1c3cf7b6a7fbd8288dfdc48044d0d47c17f129f6b5d751af1984d395ab1b08ccca3e7309a89a8a36dfc3fb82d2a4269bffc32571438d04a7b98137b46ae1fea1bd9ea64f99e2f0c5f12ed84886b10bbd511993b0447036c4e57b9dae6d5bdad6aa3f2d12e62471194e43111613b8b6944c2baf1f539ea14dd76c356bfef7e3d4b6fb91f6d321a796a4bce5a4c6a5caaf0f3eccd914dea21ae909be7ba486075ff6139e7e351fdd7e98013ba51ff0248852398c734f245ffd7fde8cacfa4805496ad7350b1c96d7bf9da9be492f2f414e973937ac9109b6e8b8315aa9b81840f2c21239caf85a28f0e590bb6ad12148e75bd4d7ea69a9ffb053781db98d5fb5aca30a734017be7683a559c203c006ecd4b135afe3650b906e0aa208c889f2af09f3f8263260c3bd07cf8021124b6f0e0d021f9839e47996905c3d7562df810484552de3bcc9ae054b62a01af6a7991e4d63f30c7a92d8b58e01052e53818e64d7540a3208af321709a5d891ceecae5d27a999b00ed01616a73ec8854ca61973ed1fd3d82f8628b215c55eb7908e297d77098a7b0c362709005a7d13c89c54556589b2a926c6e08cc1c0afebc7eeb5d7ae4ef0507c91b8e706e6dbf83d898819192c812554ad1c6377871a8ca50f1325630f7b5266b807ef61d0c8d399fada49cb02a14c16d39f4fa7b81272573808e761c9dce7cfd12f4f18dd06b0ee471c166e095bf84aa4aaa2d82f1afcf09e5d960257c0a8dc404225b4b62187829c59e57da50bf848d72fabfb69362c117c6913541f84095a2a4ccdd2d30860cd96640bb2315e435a4af08c62c584ad129300adb02a871f3c548b96c4f6c47efdf4a1163a8a5ba9b4766b01437bc5957324660a8cd87df0f7e000d1309e896e3ce9f57b17562c9368a95a4cf66b3a5b57f0cca563b045452bbc8ad07b96fd0322728ccb3b05bfda14ef36ecfa2f32c5aa899811a67f2d62ed970db5723d6e4e4913c98c81ed6c03469112c23549f7e20be6401c6544db9078f34e6a4ad3cc868bace2e7ec6ea17225986f9e941ec67d9a3fc57958f9df8a60f585aa38b1769e26ed3f68dd85685b2cefae9dd72a18abc0de6b94689785df377ef4a812a6abc7f738a396f0e99ccbc5731801c36e746ab6b1dda88ca6ecb899528e18543cb3dfd439cd5be566594f01a4533da3638e6331fedf5b67870938ad044aa0dfdae33e3a6258ad40baadd726eacb1f3c1eb8d83ef4e185d7603a4f1eb006d90bf5849e2f65d37ffe750eb061bbad08a0c0cfabb9abf7f27d36ee5687d23feaa923e09d2ae905410a9193f21ed9b1d6331bb1f3babb90da2f2e023a6ceda4b4fe0f5d864738ee7f65a0b136021fbe076b4adf2d3af760e1361bad7ae35cb7ca010ddf4488255a2d3c492d0b26a1a5643f998b5d04a52a59f176d9bda85c916ff901329f09fe953b030b92f6415172476ad89d3e8cdcb4eda7dde5d4fcd5d6a584a312563558e784b0f9bcea7c53d26c3f2d3350c70a5e06a67c4c0373dd6279e29c320e6580fba8ab2df3039c289235c066af1b07dd112f25b25e292020f36c1aba246cba4e054d64b38f53ed57a712dffad7d3dc97f86af511638a2779107fc55da63b6498ea5f3ae36883163e5bf2324211a61a9889278f828e58daae797fdba9218d322da7aa23db7a48a00", 0x2000, &(0x7f0000007a80)={&(0x7f0000006400)={0x50, 0x0, 0x1ff, {0x7, 0x29, 0x1, 0xdb0078e66880d4ef, 0xdcf, 0x4005, 0xb, 0x800, 0x0, 0x0, 0x2, 0x3}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r1, &(0x7f00000042c0)="0d9ec529eb18ec94a35378619cb10ff8c913f67139447b7ee0cca809e36c363ba1d3975a7446b70c6bdd99e2cff540eda7589ea89efeb498df568916036f0848ede5f089bf502b483c67c0432c34b98b1bc085a99e2981103397e0b0eed2ec64c1075798b56a42ea532091f5326c97622a47c53fbf42e71c3ed4b954c559424b49a13598c6c63ef65b62384b038b3e6e98ebecd178289831eaecd986a01c751e8cca7a57c009f2b5310fe9dd8a63b91c4b5b13d1c44d2b874b32ae3e961b9e96a511ffaa3ed20248dfb470460d305e44ffcd287b355380319fd31f7538c6d00de06ddb8f72b3a59c4699c94d7379e1e190c6dd7786e12096f9e963a038b6b4375535047135ecc07b16035ceeb27ed09d77f52b6eae27a03071e060b05bf347b9ba44a984e5db346d230ae9c5324ecfd4e7725bc5019a9f4d20237c820359d73b82f9c668ae71f6b85d5350140a16f988bb2b8010effb52636e0b728be1b1ed37c1b8868ec67edd52951dbf65b479aa25e92667a98c755d88995e6303a48a64317bd4b201fc6dea59381abfb5e0fb1035bbd32a97a6324b08f404fe3991879a0c6362032864031737941d9cc534697da61a43c8723ecd1062906b65c504d86383cdf9631f228372b13aee64f8ea8db00dffc37fa092ab5daeb7431dab37091c44f91c9202df60876a6e06ceee3e6a095406fe5cc1f83de1a4adf36fbef5a94a622132cc85e56fb53a9cff67bc69a24d8c259ccfe19b1925061f0cad95d6b4158c1394b8acfa9a8f52a566c6cb4e0b14dd30c85b309289a5f395e01d981735f6fce6ab30994643d70b2f322b7a233a339e621ea2eb00a0082a175c231b330a58062680546c28db8ff5b7e66c0e3df0a9b74ab72abfd241fcbe1e3d27a2d1eab44cf88180dcef4482c866324133f9e4780b891a7c5000b005cab0c131c225e944fd1aab5de9e8d17b8770b4472b6e4a13b6cce90ba152e5144acf74cd8a9821ce3eae72dc7ddc81b76482226098329c3a8ecb923822610aa0b086f44329522dd8f9ae355b4666d1a1b911ef8e21377578b42fe6ee0b2a77917157488d6e0bb388951f80551dcaebf212b396d1f922aec595bd340390d310f6006c4b3efdd80838f39d25470db39d6205ba8f52bac634f8145a3c10ed007acc2f25c5dbfe911f18f44a0c57cee33725eb8c5f2d9112f91787c2c323b67b67d9d1f593d26430d77189d4678fd8d7c11c1f2d744ad59a03a8cffc52ee0293c90b00d61897c80184aa63fcf43c109b06af20c808035af0a0bf9cbe544681768f92a2ebe3b4458dd020fb0550822bc2f769631e00d63bd91e7100299bbc4ce53a35e993e24028dc5c81d46f5377d21f2f38a9688ed981044346b865161b68f3390a50c2e625052396cdb6637e9434904c63d8ca45aa2325626293cdd9cd0179b1d995be10281fa8d281db16320f520e42af268ff30dc2d8885aa3d9e7f294eadb4d827d195cd5d18632928f2153261345c231efd143288b881638b61dc5dab8114c1948d83b8ac4e278f131ec3eef4e87e43a36f4b41a699a741ef3a7cd4f0bc5dbd2dffb1d223a5c5b38b98e49092631a176d15c4f3c077d639726a3482bf2fdc73c2bdb09208aaf90bc64b5fee89d231bb1679de3e5d31662db2c5824ce9941f94500e5a11b8fe79da548efed8cc44e9bc1d5175dd77fc16f8219a83b83ccca2181bf411b0945312598817e08e5277530eccffff17d198613cc8c991349141ced56e79031ab6cb98f3f39e5f20bac76017083041a1ee99ca257d0e0cf95e59617139afb08cf0c6a607d3f2ac2b5d3f4394a4a063c9769bb884ec522d46138228c7e9b5c7ea5e3a6c70815b565ce15a13fd0a5deb28e710c15fe25c744b430b4f6482532fb96566381c56e12632cab5acb5e08d6f973003c96a7d81ff76966e0f93c83c462bfcef230939e48c4983bfed78f68b0f540d1fff2196cbd1f1c1a1c310ec10f5a2745407000bc6db1fcc8540282cc7e96cf5582c4eaf874a2fe6369534176429b7505eb0aade883260806be2d86a42e76b315a76e5f686ca669f49e1f9054a77b8eaff14a43e9a9801244e8e94ff50a17b60dee0122ea70819bae3375070466c7f202c4ea0fc0c9aaae50c43cb65febea224c2b554e937f67689b3e18ed543749a7ef0997a7a7530b918c4ef935137137e1ee7e6a8919fb76a8f008ddcc2d8b2e18f3eb90f7a13cf4f49170ccf50c75de82e92a5e2d1f311e59071ff202b6cae4d6243fc3787cb9fbd401938cc18dcf5620f8b8f74e9e3b13dcde85ef896f31f5a2458118addae77206ab1506882f91873b4828950a7b91ddae74888155a9c486c7c60492813ac0e33362dc4e21e00538e5b05b78271d82486a0d156d4a5a07085bb1cd74f5d63763f18648a489352b5d05107909fe54b5d332cde2900c82c150b11071e028eeb275cc9a9614f1eda4e4830b128870e732d473100c24152aff2aa1659daa65d7e9591ebfcae5dca4e84c9a0965a01668e59843ef4a093d9b01067a0ae9d09e3d810c2cb63600ee05b10fc8685e8cb150e2d6d75baecfb8762f7a7d131417eb0721e19e1d21f5adcc1e09489f06b81d91b48608107fc7b3853e214a3c786a9812113ccbcf09907506d0e9cd72c79793584b4fe06a18a627bd969f628a5936367961f1e7d117d03a8fabc85f5ecdd0ddcfae49aa293893a2e5ae376be11031abc0e05ff250b35926345b52f8d3dc02b7497f7513e759247353db9b8e493120e73981aef4c4d9747621537a089848754c14cda1cad18084274e98ea2bf7400ca846184e0e31a571f9bd770222b1038a4ce60dcf8fe9cca4d60048cc29c37c1345de992e9dc7128ef093c1ce80232a88a3da7ae8bc87120c5b1f405d5186141288998fed9e021cd0ad6b12b51c217849390be3ea00cbd6c755958140bfb9b2a2765ad1f51ac045fdc5c28ee5886b1436015b88bd90d19328f91394110b0d891678e63b63d6cc4d35279f6f616d7692c6fe177a79d80ae8f7e4ad5078d8d7096f3ee664dcdb2f634eba98f4788de1f5e34f32ef09e2f0aee4fdc5bec4bc4aeec5721ac3a2da1bf52da017c3312095403d50dcde39671242b610f11832773796557f71455376a7741ab242a9fc94464180bf224d5e8c79b462e3a816f6c08ab0f5503386d34ddfd808b4b8d5d333548d4b873923c6c297b2fa1abe433ec9264385c50dca40316c37ed85db382e7c853ba331c727043cb3345de9f89b1c804e98205eda3d6b6e042c9c41877d456dcb8f12663e6dc1ba809229536fbcc4c58d01a137eb80af8596dfc7b5fa7a044cd141238aa82e440526e55a28c4ed2f4b26157a0eebb4a77c5ab66fcce2602e1a70aea07e5e7e7e5321d58ad128a5ea6b574730037f24a7300e0ad6fc96bd18e03763bbbf21bd3c388aff1cc5ea13728ba2f8e1eb70148d2603e55bb01cce0763c2020b5627a0ccb35ae3a9b3df380e6d9800d9506219a90971a3b8bde1dae6a43fce2aaecbc026be8f4e9bd749e10c87ed7d78f92014342fa449eef28e7175548e5a8ec4fe7d31fc86737aee63ef40b54485380b6898161676f0d82f76113b12a529fbce4482dd278a90aa416077c677aea623ddb3761bc81527ab7e3d73a3b4c8c3e4352c7c083cee8953ebd972a83caed837587e8d7cf360f28ce6ca71de75c9174e8744ba1098513bb6c7fdc6a3c7c8e5870223d6cc0b18b5d6edea926d5376aeb85488d3712e8f67128f0d3fb2b42f82363a0d4c1c806ff283f6e4ddc10ce4a0803be66a247207d6606c7dd67cd293dada159016d7fd7e88c4df53d09bdd9fd9fa3c732da45fb92bdf6f442eda15edd97bf1928a7699008f0b482240a684ff5efef0cadbf1b4f16888650d59b2bdaeae0d1112a79c5522dd0933ccc16fed7cd0ccabe929f625de8947b3b1532dc04253cca988a1584df2b31492b19410d6f681d614eaa20029592c00c948a98973a9fba86c1397f8859ba543edeb5c0b0db92f65462a1103947d780b539433332d65bd1418bc00c9e815f73e0cc0aca5fcc9f95f707c455013a55a0c4a29093b05b94edc5b5284ec7ccf3ec091002b4229036c174e2927127f40769ece890612bbeb960d9392f442765a2ca8990c52ad7d4441e975a7cf079d139945f2b2a8a34f0e85d76cbc96efbb52cf8b5ae681234e14b6648244d41cfee2d9b189cd831cc2f31ae7e5f11aaaff1629f8c2cf73494ac38e58da7010dd986f8b6134ee0dabfdcb30617d15720cffbec7651f22253aea21696d2ece4fe026543ea2f3473e4c12e65dbb3cbf764ffa0b3a396382b9b7f0c24eaaf3495554b2319b66f3cabf01a8d6cfd1382d94ab71cd11eae2a42e4dc841d4a9732c395688d3377c8ccff7e3f88a3129855a5f41a7de6b6a9ac40a87c288f4821295edfc4f5b8fe5a1fc0162e9820205c809935cc6047e8a835c651be02fb41c21de30ac770d7a7f2108c6a3f1cf2649cac444f028a6ebf4db422cbbdb7fd0cb39109a3130ffae17810bb58f5c557c99670224c2678fa07f1064911e6c665c0d1c26cd2f40f7089789208a48eb339bb8885910e035b4b8c69b1c3ad79270ac6e70b963493a6628b90501822878cdfac866268d914d8af2814612b0198f9e4c6b48e739e414d61f34e2f69ff7cdc4fc7ffe45a64c5faf191ef6c4e31cecebe09a2f6a63d60926ebaa7e925ccea5c93e403c7ec0ee55423ce4893471440006d4c09c141e489dda5577f73b57ecfc764ee5bc1bc88f7866dc6a494e3ee560c956dc12ae51842030251f1cedf2caca15549d0bb4ee3bef03702197350cd7586b5916ef6a0abcb5f30548d22ce5d8c4dbd82030b8d7b5481c51676b7d14d35c20346c74dcc7d96ea0b13f890f755a219993e88739da8246283ebbd82eb1b15956b5ec16ad523768c19ceba9199f97d7bb43b85fa11349ff7fb89a97b463b34c584ae9e2af6c8f20ab528750a22ff6c2297e400065fbd9a4660ec2c658afff6db9b67070352d2aa5e6cfe534eeb5ff271575b828dfd7f537e3627a1a6419ed0c84297fc3d362a52f3860a2eb7ae0a50f06d3c68c4a1463ec331ead7af2dba792332218b04d5b585de1a471d296df6e10316852d50f211e07643f749a1d75410e66e47db40bfcefe4b708d0b2879a50ccbd85939b89fe4b905a6a89a2d5a4e28d18c048e66108a06d8b6a64ec5737b5ae283d914484167c8ac7dde7ec007aad1999854c4d6a0e5f887f99de3662610d5e8d49bac7d41d6fb7d90b4b04939638e2151ba67e75362aded50edfb7d9919b345b5b7df6a909193ce64b20470e3480c68bd764968f4d8a5779ffd9a35e58558272a214ae26a094360b9f2ec97c5e0a7693f4b7509b962cd8537e90ce7be70b54e9531e7295f894b94566df49c50c2265842392dff50e17ed3f7beb9ba4ad0520a73db1d8d3b39759e7fffcbf26517316bc74437fef944fc915ec24affc1a53748cfc883e3ddea9e25063ea8383b06f0d5c9db13a0ff335f52699226b391543060ae5e2c25b585b9efdd5ff9495a4873cac58b5feff5f08717b04e81bfea349accc58fcc6a6505de3aa6ff4985d9c38bb83e8daa663ccb356df3ed52343ed7723687e416816f987c565eae22c7548c1d6b56a5b6819583da0ddf92739f65e604e37b3275a6cb1252d4ef7a515c4b1e9068d714be80066bf0d422f1e4d2ce6f95c9eac081d6e4596a6a8e16a57b732b575b7de16f176ff0e34e84b293d3fd77fa30a7b7cf12a1edd54170e56bf7f2d40620ad56acbc5cc615556300ff9e95ce3dda93c8333f23f0d97a5da12a0fe58f95d6b911f614563d343ac6e4f9fee1d149c94fc75a97ac839b6d8d7b27c5efb870d2bfc6dbe6b688490b23597d83982d7858215c59011042b1957a0b386842621c72f89a9b524008794ffa0c179753ab48d0f73e5ff13624b3b90287edaf6a5367dcfe4094a21ffad3e881b428b77ccac6924d5bde9c781d4189654d8f29885fbde07e6334c6406dd3ece359c6ac7c6147f5c4906e56764e9980a669bfdddd9eb780e7f9988630d1eb098b3e4fd4c795f11441fb6d0ff7cf086eb291b1ec8d90092e1eaf9722ccdcd15408617cdb8c49043bf71a6ea0ee6b7e840344fbcd377b995bfb1faf22754fcb363f6c630501b619bbd87cc13d5df0948a176771d2d69236eb50dd313817d9687967e7d71f854db6bff803f4501d999dfe3da37ccfdf894a7914c4c113fa7a18c3468a52d646a5070614a6f02b7ff21c9f6927f5de55be85ba815f4bb9e29f26a94423c58338947c804e0627d69bc5a6e93fc5fe8cae851700253f2d494622c6127b4d77bf54a1ac27957234628cbe2fea1729ec53be7d90806d510ccddfd76fab1b9bf1207db8b05c3eaa88fa4c0a5db13cec9310f4e02c1d8114705446fd6649df3829aa12786b8d10b4540d8c1f1c8208c4b41998435e3fa1ec5199cb2d3d0c5c04c5e0b3ffd69112252106bb39333ff23b38d167a9b45ad1bdabf434c8695e2676d461b34c5f048e70b67a44d824baa090c8be13a22ef0d0970cc7a94ed4b77bfc3a40427c6c11abd2b415817243f6801d535a3adc9924a1671b645100e822a0c1876a37d9c9e230e3d762f1cfbb89a8b28255ba4cc5b46cb1635cf185578fa068b68bac93991982b48e7faacc09745a7e33bb12de6b25a2342a7e03cff06dde29b4d05de84e56c78fc6d9dcd180438da3136767d5846bfe7168faeac5b9434394bd747126c5c1ecc6621d10817ce9b6540433828a3bb8f6da0cd8f2b54a47cd5473f6bc3dc1234bd115a6890aa678d1bce7840d7a4559cda556740860079e46217c20e45ee59b8b7078d9b70cb6a249eb2e5e4071d044f456fb61649f261689b8d7a532afaf88eb30041242ce491fb7e654a1f06add370e2706f75c2fe1afe8e065804414c660ec4d96f496b1ad87592de8b7d04baa7ab142f580f262c64c57fce8ef933f18904f001809cfdf94eb679c9eced5d125b4f1d0064ca2ccf5eaf61bb7841bd408ae213deeb15d860f7ee7224b9d2dd38ee9f6c3fca6590335715c218db8f8c98e6339a6944817a1ce2e115ae984699861631b9893c143f594d6dde0895a0c7edb9912fe9cd8fd0765227b3963033306d15711387044bc373ac10d7be73cd80f1a79cf1ea0989ea9ae8a0dbbd1227bc33df652792a6bd95f1d21c6497c4c35b9a1eadc0217e322285a2eb832753aae74ef42fc983e58a126b7c23e4b0bac16f0de1eff7d41477bb25052f32cc9cc956ebd209d6b945b1fa9182857e180672a6be7edeb5234830668b1ea749d0a0dd3a244684d4dd76221c3bdf98c2f1eacb7a6dcccafd249b0ba2592c88790de40895799ea4dfb045cc2392dbb623bfe420b24e5a425b84a4b24d787a68bbec9db363ac4e9453df597f0224d8b7b21629e1989e53accbae97e189cf9b59ebf8bb89591fe3fda450af548ffc46eff98b5216e238a9246e2fb95810f8f4d89504633a6d223484a765b9e6e5497159b31c51fa6cc10641bafa81b10c5ab853f3136fa1b4334bcbde99cb4689f077ca3c29c2f1aca2a05762943073d5992aac4d9b0d411ba25905c34fd02b8eb7b9db375a6f6516446cc195eb55eda1e007e26328e9e2642a9c4e90c56440cc60a1db77713860a56820901b3022d55c621e9d54f759dd17fc5b59331c63cf30e07081bf0cdee6cc94ddfe8c6179e7ed86607d4ba7d5f1e97fbc1139b43ae5fd04c1c715f4600f028d0852a421d472b1b48e591b6edfebcd86be3db2caf967b06776096e14f0deffc9bb126ec329c49ada996b963e942d9c404967dc23bdbd0eee951b2879f2ef7ae224d4ff25edac4ddeb2c0b8e579af283e87c625d3fae5286fa855930e45207af7054763937a9247dc38e37e6dee2e325b617280846012e463707b6ccfa2fc399a66e534221a45626cd18c79d46f5c77c2d359e19ea870cd230709b5e33cd52fd43388ef91dea0a1e0df6c72688d9fd32bb67f489a3618604ef1dfa0d7f569d40cc68e39994e4edab4007c988998f59485ce4723c1eeb7c72f7e833418bab47735a91c7ab24e8555d2ccf3a812b6c634c0c3a68271ec8b536aaa442e056945feca6fb4e54d2cf60a0334f494b2bdb6fbd597de0ce9d2cf03333a0c7121e086aa4c657360fbfb60f3ce0fc0d90ff12b03464e8ff0e5e546ff79735c5c800a0f9b680a478c772f60173a760e280d8287681986038444f2103e2894d5809d062cfe8380e34bca86475da3d7634131c2a8cdc98c5927bc137db61f94eaf9a74f87cc85072c201766eae17fbd5b732859fb1b1c980b36e377aa41a95bca18ccea529420e742899af7b968c1fb9c0d181da9f86358dbeea877c3e9123a9289c362fa61d96c707ac94b427318a1e5f21078aa9d1fd7a52704e0d73e527f3ca65b7b459734dd30db5335c450f1dbcc1e4259d657d13b6d6b4adddc3d0eae034d1878cd0aa1825991d75f8e6b5b4c0d6d17e8ce709b19ff794a8ef856abdfac65cd13631f1b66b20f2ebf2f3122d18e03cbfff88206a5998fc3cb2b40634fcecdb8f5bdbfe044dbf169ccd2cd60f7bf033272f38f587943fcc75d2d65d9028c02891c8415706c2b2459b7a3c5cc82b0446088d3b3bcc033ad453136afd4ac4678320fc17288dbfa1c5180ad57508a2a298ed4ebc716ede34fded574d9779be5d56517d4dd40f197312390c488f46914b0927b13901ce70c1684801f2811168fab533998a1fdabbb6e683abfa021f6b80077f19455c34cecf5dbdb2fa6e3930eb5940cb14504050cc74249424310dff81116b8f2076b8ebece84c302e758fa90af5a1888aa8a5a2bff4aeb7ebd1c7a216bdbb84bf9c021caf3c8efbfdc5d3aede46381bcda372a5398c89868ad57287736fec2a7e8ed638974fde5875eafa506a6bd7f772d2b221f4bde4920fe0c56f8e0847e2a7e8387c64ddef4203d77a526c46d7871befe0c5f9128bd67319acd963fc040185aac4e7815f728bbd7ffd8f3d125e63320182f202fa9a52505be9585556a5d1308c118ccdf01978027cbace7ab339d6f53d15e795b7f3fedae4f86c3f257ed80ee634375dc2333ceed1ccaeab1b6be7a9611ff33d79dccdec2007558c06dfc06612d56d37882e5f1de340cf05f4fffbe1a5def6d045bc5bdaf633f07360f9028cedd103bf03fec8beb9fdbf8c5fc684d12efae1859c53e2cc3e2f508a9cd0410ec036648d3760dd591f7ae04e4cdd61a2566319c943f0b63d87e422dfe5c0d1edcb2dc515778a0d7bb2c93ced3b1435adbc51d3fdca9c13679397bc4490093d64869998d6a28bb862ead0fa411585289cc00dc199eac6c607b8a84123dad3be80dd8fd86aa202113131046336352235f34c05f5ea6d5265adda98edbbfd11d6839c5b1bfe4fad4e688558d633d4a281df44d9c0a35abd464e01f8ab01a1e272cc8cd155a40b8aca4c6b1dc894c0fdc02f15a8f67ce94c7f99b6fcc0e4a3a8a71365645ad7809d47bb26f46ed8bd02f6e8f3d277224f82f3d41695f367e343ac6d507413f4bdacf9e344a49156c4de36d68c075415f8004748055b38b8a4110f869fafcc59cdae5663eda72a05be365a50e98bfd4b00e35aef687afae7bd6622cdd725326776f6fb1476c8cf8c20a0e5223e2bea494a1bbe4e79b25a5e48ba34bc66a84ecc4a0aba98e74ca2b1f61893e61a29498d855a778a2a9ce7b7fcaa44b4aedcbd0e28d6c49bdb6776975bf69161f372b964e4288ce6a3b877c3126f90c4c9749d45b8c5c840983b035993e484a945be5fc9d2d1bd3f3de4e6de7bc74a7a07b13e9e82acc11db85454f1d928fe52ad42ca783fd20dd3e94471b498c2736af40d2a45ff74f9ef874639e33306daa8a667674571e2ed93a48f49b57e9e3382fa8090774bc795609ee510b6a1ca48d9833819cbe8ac77eeebb0e3b6c59ced2d1ab355264934ff1914a3f654249bba60a692dd36368b8a866b333320e57e9c7d3646c375696ff14e303780ffd7b957d89ccdf57823d2d1e158773c2075233dd2f331eafe3802da683c293eaa24cd8b63a7582ddb202cd6f8c837c74f823727641c7eb680fe52a396f51adb34956e4cab17b8a5f10edf144c700e376c682dd46c8fc89830fee1a44fafe0a5a2e7581d5d16ad6267d1dc2d5be8547f9352d1591b42de94f2559b44a80038360c6394541a77d95b196558a479b609882fc597b9cbe285ad7c7a41133ed85c8ab6e6dec5bf70f9e787985512d48865022705098a6703b255a6f2b05b62fc7ab32e67f06d785ccb33fb348205a76939e6c2991486c5aae8ec1556b2f8e30ca445a4a495cbf2c601304e62b8cea615e58899fccbbf1fc4f17a6dc37e46b17ada0be033dc67904fbd7903086d3417e423af64338426a84ca0c2a3252db62695f9cdf10ebc09b9da5747d30e7f4adfb374e1d2bb24542b0373b1fb897690b49fe24d8575ec9800f019c9c76459421c11f002989ac82c13c04a202cf7f9f38b053f9a680d4d5012887a11d25cad201df20a4eee6d2c0474055579ac729c7514a88b1675bbf6b773448c6c1a5ccd157f44f7e032a6b848f2e734d773f029e48fd13c90d41666f9bd4e9bea91950737b6e7502f9d2677938f240e3f905d6095bb0f8bbe961b99b2d025538c3888bfff8957e3592ee5b26a75399b59c697f59fcdfbbe3bcffb8777340875611bf75486d2378e68de771800bfffe0572fb36ca855ec5fc8cb90c76455773c36ec40b101fb30c48f8a8e775f5220e024b4da9dddc2fcf4da413e7c5db9e0567cbb5fad0c91d779a0939debd9247d3f7d8107fd986f73a9c9067e6594fabde0b9e887040cfbe7d31332f41259de57b38f33275597725392efea51f290b8e1b5c243ffd9eb4c0231600f9b4b204344736849d527156c4720a463bbe88fbbdc333099d949853d5c6fda98bcd35ad3f1fb1d5a7d00541a8a202c8590e35360bb9d25d6431476649e1898f901fad37975d6dce9833956e7a78d0306f533d4aa3c9676017c7abc7e1f8f2f117774a4f5beba55d1c3cd580fb18defccc349cce24e94a4cf1f4c6f45d783ee0167a55369c9b5e1eb6d0a836f3eb2354fad3cd771a9d777ff84c63120baee86ddc52b3e6817dce339ac9c240e75f3e2f77afbffbc1d54eb5936d045370ce3b77365c5320892dc7bc36e488019461d2e552969de9f25bd8de049d693be450c43c5d22d7569fc384e8d56ddb577c5f3c3471f5ba2998bc0c697a06b6d8ba5f2f7236e78aaed69b468e761a5f07145c0326ebb94f50aaa8c5666c92006d8d139036f981003933f8e2eba106a0e251fa9f5407544e44aedbbb271a3bf1c660a9cb8c74dbd0713aaebba2dd046af8b9428709646521d6bf387a92996b35748e1e67b602309b7da0fb642e89de19f550925f4db082ef7e9821ac4b2aee93c9cf791c086751c4cb4172608a4f903dc40727858046851529205b45786e294c17abf5e5f6bc730cbfb8fd977c5501a8140ac7984a267880b53cb94157be9ac157be1cf12d8a9e5612947772b734ed6ae30e548a3b2faecf94a7e03f86317f52ac797aefb957d2a29de8f8ced414ce22c800e0dc7e49d3672fca633248f3e68c", 0x2000, &(0x7f0000000f80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)={0x78, 0x0, 0x1, {0x3, 0x0, 0x0, {0x5, 0x7, 0x0, 0x80000001, 0x40000000000003, 0x7fff, 0x3, 0x35741061, 0x10000, 0xa593e9c1ca988eda, 0x9e7, 0xffffffffffffffff, 0x0, 0x40, 0x6}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) (async)
execveat$binfmt(0xffffffffffffff9c, r0, 0x0, 0x0, 0x0)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x2, 0xa, 0x4, 0x3, 0x7, 0x0, 0x70bd2a, 0x25dfdbfb, [@sadb_address={0x5, 0x17, 0x2b, 0x20, 0x0, @in6={0xa, 0x4e24, 0x5, @dev={0xfe, 0x80, '\x00', 0x1a}, 0x9}}]}, 0x38}}, 0x20004050) (async)
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000000), 0x4000)

15m0.881824401s ago: executing program 3 (id=1212):
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x8, 0x88}, 0x0) (async, rerun: 64)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) (async, rerun: 64)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000340)=@l2tp6={0xa, 0x0, 0x7f97, @loopback={0x0, 0xac14140c}, 0xff000000, 0x4}, 0x80, 0x0, 0x0, 0x0, 0x0, 0x900}, 0x60) (async)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0xc, &(0x7f00000001c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) (async)
r1 = getpid() (async)
r2 = syz_open_dev$sndpcmc(&(0x7f0000000000), 0xb, 0x0)
ioctl$SNDRV_PCM_IOCTL_HW_REFINE(r2, 0xc2604110, &(0x7f0000000040)={0x0, [[0x9ef8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff], [0x10000, 0x0, 0x0, 0x0, 0x8001], [0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff]], '\x00', [{}, {0xfffffffd}, {}, {0x0, 0x0, 0x0, 0x1, 0x1}, {0x80000001, 0x0, 0x0, 0x1, 0x1}, {0x7fff, 0xfffffffa}, {}, {0x8000000, 0x8f96}], '\x00', 0x1000})
sched_setscheduler(r1, 0x2, &(0x7f0000000480)=0x7)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) (async, rerun: 32)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) (async, rerun: 32)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$inet6(0xa, 0x800000000000002, 0x0)
getsockopt$inet6_int(r5, 0x29, 0x4c, 0x0, &(0x7f0000000200)) (async)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) (async, rerun: 32)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x8, 0x0, 0x0, 0x0, 0x4, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, @cgroup_skb}, 0x94) (async, rerun: 32)
rename(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='./file0\x00') (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
bpf$BPF_PROG_DETACH(0x1c, 0x0, 0x0) (async, rerun: 32)
r6 = socket$kcm(0x10, 0x2, 0x4) (rerun: 32)
sendmsg$kcm(r6, &(0x7f0000000240)={0x0, 0xf0ffffff, &(0x7f0000000140)=[{&(0x7f0000000280)="89000000120081ae08060cdc030000007f03e3f7000000006ee2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec001210000140200c0c00bdad446b9bbc7a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff", 0x89}], 0x1}, 0x0) (async)
r7 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c00000004000000020000000000000f0400000000005f"], 0x0, 0x28}, 0x20)
r8 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02aa41d7365b7bdb62de1b0400000004000000010000008000"/34, @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=r7, @ANYBLOB="000000000100"/28], 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0xc, 0x4, 0x4, 0xfffffffa, 0x0, r8, 0x0, '\x00', 0x0, r7, 0x0, 0x80}, 0x50) (async, rerun: 32)
ioctl$VIDIOC_S_OUTPUT(0xffffffffffffffff, 0xc004562f, &(0x7f00000000c0)=0x1) (rerun: 32)

14m57.346012162s ago: executing program 3 (id=1219):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20020008008f}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000002100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r3}, 0x10)
write$P9_RSTATu(0xffffffffffffffff, &(0x7f0000000340)=ANY=[], 0xe9)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
r4 = userfaultfd(0x801)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5})
ioctl$UFFDIO_CONTINUE(r4, 0xc020aa08, &(0x7f0000000180)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x4)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r5)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, 0x0)
semop(0xffffffffffffffff, &(0x7f0000000300)=[{0x2, 0x5, 0x2000}], 0x1f4)
r6 = syz_open_procfs(0x0, &(0x7f0000000280)='net/ip6_mr_vif\x00')
preadv(r6, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/102, 0x66}], 0x1, 0x5, 0xffffc138)
ioctl$IOCTL_GET_NCIDEV_IDX(r6, 0x0, &(0x7f00000000c0))
r7 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0xc4)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27fffff, 0x4002011, r7, 0x0)

14m56.324931328s ago: executing program 3 (id=1221):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0201, 0x0)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = getpid()
syz_pidfd_open(r3, 0x0)
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000980)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="fd9e1eee81000000c3000e00000008000300", @ANYRES32=r3, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x400c0c1}, 0x0)
r4 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f0000000080)=0xf7e)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x80, &(0x7f0000006680))
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x81000)
read$dsp(r4, &(0x7f00000002c0)=""/4096, 0x1000)
r5 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
write$rfkill(r5, &(0x7f0000000080)={0xd, 0x0, 0x3, 0x1}, 0x8)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r6, 0x400455c8, 0x0)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r7, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000580)=@allocspi={0x140, 0x16, 0x1, 0x0, 0x0, {{{@in, @in6=@private2, 0x4e20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {@in6=@local, 0x0, 0x33}, @in=@broadcast, {0x5, 0x1}, {0x5, 0x4}, {0x0, 0x1}, 0x0, 0x0, 0xa}, 0x5, 0x5}, [@algo_crypt={0x48, 0x2, {{'lrw(camellia)\x00'}}}]}, 0x140}, 0x1, 0x0, 0x0, 0x1}, 0x4000080)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb04001800"], 0x0, 0x55}, 0x28)
ioctl$TIOCSTI(r6, 0x5412, &(0x7f0000000040)=0x3)
write$dsp(r0, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000)

14m41.042281497s ago: executing program 34 (id=1221):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0201, 0x0)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = getpid()
syz_pidfd_open(r3, 0x0)
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000980)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="fd9e1eee81000000c3000e00000008000300", @ANYRES32=r3, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x400c0c1}, 0x0)
r4 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f0000000080)=0xf7e)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x80, &(0x7f0000006680))
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x81000)
read$dsp(r4, &(0x7f00000002c0)=""/4096, 0x1000)
r5 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
write$rfkill(r5, &(0x7f0000000080)={0xd, 0x0, 0x3, 0x1}, 0x8)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r6, 0x400455c8, 0x0)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r7, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000580)=@allocspi={0x140, 0x16, 0x1, 0x0, 0x0, {{{@in, @in6=@private2, 0x4e20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {@in6=@local, 0x0, 0x33}, @in=@broadcast, {0x5, 0x1}, {0x5, 0x4}, {0x0, 0x1}, 0x0, 0x0, 0xa}, 0x5, 0x5}, [@algo_crypt={0x48, 0x2, {{'lrw(camellia)\x00'}}}]}, 0x140}, 0x1, 0x0, 0x0, 0x1}, 0x4000080)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb04001800"], 0x0, 0x55}, 0x28)
ioctl$TIOCSTI(r6, 0x5412, &(0x7f0000000040)=0x3)
write$dsp(r0, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000)

10m33.139460912s ago: executing program 0 (id=1719):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
mount(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000400)='ramfs\x00', 0x2000000, 0x0)
chdir(&(0x7f0000000280)='./file0\x00')
creat(&(0x7f0000000300)='./bus\x00', 0x15d)
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14103e, 0x0)
r1 = open(&(0x7f0000000000)='./file0\x00', 0x143042, 0xfe)
ftruncate(r1, 0x2008002)
sendfile(r0, r1, 0x0, 0x80000001)

10m31.973809899s ago: executing program 0 (id=1723):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r3, 0xfff)
syz_emit_ethernet(0x4a, &(0x7f00000004c0)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000540)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa0086dd600a3ff200140600fe8000000000000000000000000000bbfe8000004c00000000000000000000aa00004e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB='P'], 0x0)
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket(0x10, 0x80003, 0x0)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'dummy0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}, {0x5}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0xf, "0000000000000000000100000e00"}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x2000000}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000840)={'syztnl2\x00', &(0x7f00000007c0)={'syztnl0\x00', <r7=>0x0, 0x29, 0xb2, 0x3, 0x100, 0x27, @private2, @mcast1, 0x20, 0xee259985ab270d32, 0x0, 0x8}})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000900)={'syztnl0\x00', &(0x7f0000000880)={'ip6_vti0\x00', <r8=>0x0, 0x4, 0x8, 0xa6, 0x4, 0x7a, @mcast2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x7, 0x20, 0x9, 0x2}})
getsockopt$inet6_mreq(r3, 0x29, 0x15, &(0x7f0000000940)={@private0, <r9=>0x0}, &(0x7f0000000980)=0x14)
r10 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000080)={'macvlan0\x00', <r11=>0x0})
sendmsg$nl_route(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=@newlink={0x44, 0x10, 0x503, 0x70bd3b, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MACADDR_MODE={0x8, 0x3, 0x2}]}}}, @IFLA_LINK={0x8, 0x5, r11}]}, 0x44}, 0x1, 0x0, 0x0, 0x24000080}, 0x800)
getsockopt$inet6_mreq(r3, 0x29, 0x1b, &(0x7f00000009c0)={@initdev, <r12=>0x0}, &(0x7f0000000a00)=0x14)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(0xffffffffffffffff, &(0x7f0000000c00)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000bc0)={&(0x7f0000000a40)={0x164, 0x0, 0x800, 0x70bd28, 0x25dfdbfc, {}, [@HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}]}, @HEADER={0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x60, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'nr0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pim6reg1\x00'}]}, @HEADER={0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6gretap0\x00'}]}, @HEADER={0x68, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_macvtap\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r11}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'erspan0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r12}]}]}, 0x164}, 0x1, 0x0, 0x0, 0x2000c080}, 0x1)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r13 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r13, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000000c0)=@newsa={0x104, 0x1a, 0x7, 0x0, 0x0, {{@in6=@dev={0xfe, 0x80, '\x00', 0x1b}, @in=@multicast2, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xee00}, {@in6=@mcast1, 0x0, 0x2b}, @in6=@private0, {0x0, 0x0, 0x2}, {0x0, 0x200000, 0x7, 0xfffffffffffffffd}, {0x40000, 0x0, 0xae8}, 0x0, 0x0, 0xa, 0x2, 0x0, 0x70}, [@coaddr={0x14, 0xe, @in6=@remote}]}, 0x104}}, 0x0)

10m25.87742609s ago: executing program 0 (id=1738):
syz_usb_connect(0x0, 0x2d, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000041436120410e5150e8d5000000010902f98a5c01"], 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000600)={0x26, 'hash\x00', 0x0, 0x0, 'xcbc(aes)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140), 0x0)
accept4(r0, 0x0, 0x0, 0x80000)
r1 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x88402)
bind(r0, &(0x7f0000000540)=@ieee802154, 0x80)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r1, 0xc4c85512, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x0, 0x0, 0x4, 0x0, 0x0, 0xbd, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x5, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd9, 0x2, 0x0, 0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x10000, 0x4, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x3, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0xde8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x20000000000800, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x1, 0x0, 0x20, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x1, 0x2, 0x0, 0x0, 0x6, 0x0, 0x0, 0xf2, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x5, 0xf, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x3f07, 0x1000000000000000]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
ioctl$SNDCTL_DSP_CHANNELS(0xffffffffffffffff, 0xc0045006, &(0x7f0000000040)=0xd)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
r3 = dup(r2)
sendmsg$inet_sctp(r3, 0x0, 0x8000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000002700)=""/102392, 0x18ff8)
r5 = syz_open_dev$vim2m(&(0x7f00000002c0), 0xf, 0x2)
socket$inet(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, 0x0}, 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(r5, 0xc0145608, &(0x7f0000000040)={0x80000001, 0x1, 0x4})
ioctl$vim2m_VIDIOC_STREAMOFF(r5, 0x40045612, &(0x7f0000000240)=0x1)

10m22.546245343s ago: executing program 0 (id=1746):
socketpair$unix(0x1, 0x3, 0x0, 0x0)
clock_nanosleep(0x2, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x0)
syz_clone(0x102311, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 3)

10m21.072753546s ago: executing program 0 (id=1749):
r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x75, 0x1c, 0x1, 0x10, 0xfe6, 0x9800, 0xd19a, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x29, 0x2, 0x2, 0xb4, 0x8c, 0xbb, 0x0, [], [{{0x9, 0x5, 0x4, 0x2, 0x10, 0x0, 0xfa}}, {{0x9, 0x5, 0x82, 0x2, 0x40}}]}}]}}]}}, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000800)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000640)={0x40, 0x13, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000040)={<r2=>0xffffffffffffffff}, 0x2, 0x6}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r1, &(0x7f00000002c0)={0xe, 0x18, 0xfa00, @id_afonly={&(0x7f0000000bc0)=0x200000, r2, 0x0, 0x2, 0x4}}, 0x20)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x1f, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000005000000000000008200000018080000", @ANYRES32, @ANYBLOB="0000000000000000b70800001cda00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000200000085000000a6000000850000005000000095"], &(0x7f0000000380)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
syz_emit_ethernet(0x90, &(0x7f00000003c0)={@local, @link_local, @void, {@mpls_mc={0x8848, {[{0xf, 0x0, 0x1}, {0xa4a}, {}, {0x9, 0x0, 0x1}, {0x1ff, 0x0, 0x1}, {0x1, 0x0, 0x1}], @generic="a291a604cdffc7099be8fe06190f8094d75b226b51f0596ad50f3ad1c4d9efdf10b5a97ecdcaf35764366898ae09d5bfebce077fb9250565d8a2ee63e557ea48739d9e5fe4cbe3e3e84080274c98d0ca6455c34ae4272762517ceb57b3b4fffc6fe5ed9a8c43c8701fb0"}}}}, &(0x7f0000000480)={0x1, 0x4, [0xa53, 0xe6e, 0x6bb, 0xca6]})
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
r4 = open(&(0x7f0000000000)='./file0\x00', 0x1607c0, 0x78e22799f4a46ffe)
fcntl$setlease(r4, 0x400, 0x0)
truncate(&(0x7f0000000040)='./file0\x00', 0x80000001)
fcntl$getflags(r4, 0x401)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r1, &(0x7f0000000180)={0x3, 0x40, 0xfa00, {{0xa, 0x4e23, 0xe, @empty, 0x2}, {0xa, 0x4e23, 0x7, @remote, 0x3}, r2, 0x7}}, 0x48)
r5 = openat$null(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x336, '\x00', 0x0, 0x0}, 0x50)
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0xa, 0x1c, &(0x7f0000000d80)=ANY=[@ANYBLOB="1808000007000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000b7020000000000007b9a00fe00000000b5090800000000007baaf0ff00000000be9800000000000004080000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018280000", @ANYRES32=r6, @ANYBLOB="000000000000050000080000004600000076000000bf9100000000000076080000020000009500000085000000b7000000000000009500"/64], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
dup2(r5, r1)
ioctl$HIDIOCGFIELDINFO(r5, 0xc038480a, &(0x7f0000000180)={0x2, 0x1, 0x8, 0xfffffff8, 0x1b5d, 0x6, 0x3, 0x8, 0x9, 0x2, 0x0, 0x40, 0x4b, 0x80000001})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
timer_create(0x0, &(0x7f0000001040)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_connect$cdc_ecm(0x1, 0x85, &(0x7f0000000080)={{0x12, 0x1, 0x200, 0x2, 0x0, 0x0, 0xff, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x73, 0x1, 0x1, 0x8b, 0x0, 0x3, [{{0x9, 0x4, 0x0, 0xb9, 0x2, 0x2, 0x6, 0x0, 0xff, {{0x7, 0x24, 0x6, 0x0, 0x0, "e034"}, {0x5, 0x24, 0x0, 0x5}, {0xd, 0x24, 0xf, 0x1, 0x3, 0x8, 0x4, 0x8}, [@mdlm={0x15, 0x24, 0x12, 0x101}, @obex={0x5, 0x24, 0x15, 0xff}, @mbim={0xc, 0x24, 0x1b, 0x0, 0x1, 0x9, 0x2, 0x2, 0x4}, @dmm={0x7, 0x24, 0x14, 0x1ff, 0x2}]}, {[{{0x9, 0x5, 0x81, 0x3, 0x8, 0x2, 0x1, 0x36}}], {{0x9, 0x5, 0x82, 0x2, 0x200, 0x81, 0xfa, 0x8}}, {{0x9, 0x5, 0x3, 0x2, 0x3ff, 0xda, 0x5, 0xff}}}}}]}}]}}, &(0x7f0000000340)={0xa, &(0x7f0000000000)={0xa, 0x6, 0x0, 0xfc, 0x4, 0x4, 0x8, 0x6}, 0x26, &(0x7f0000000140)=ANY=[@ANYBLOB="050f26000403000b1410040c0367f911939341b898b037b2e95f738d03100b07100206531e03"], 0x1, [{0xb9, &(0x7f0000000280)=ANY=[@ANYBLOB="b9033b79e43692d7f88ac505ffed43fe7653fbb4ae3da5d3a4cd2e2a6b2e1de6b6539aa0c6b8222531c2474357dcd9005f22e86ce6a651d1910502f6c80a58e239799f61665310ac2842b148a0eb9d0e0a9213a49b41351d21f4153c8200768079a69bc87a769d35c50a192a9c6c5d19b12099d35d45204e076ee284bd629846738d2fa276924fe1a3aec71ed26b688af4cb77fa73a7b9b478c283aeb5b41f99cc685f631f008d0eb9f440fb3bf4cffe63fea8de53d9d32318"]}]})
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
r8 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r8, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r8, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/53, 0x0})

10m14.985686335s ago: executing program 0 (id=1761):
r0 = syz_io_uring_setup(0x2466, &(0x7f0000000480)={0x0, 0x40007734, 0x0, 0x0, 0x20183}, &(0x7f00000000c0)=<r1=>0x0, &(0x7f00000001c0)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x30, 0x0, 0x40, 0x4}]}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
mlock2(&(0x7f0000d94000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x0)
r3 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0xa0107, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r3, 0x3b81, &(0x7f0000000280)={0xc, 0x0, <r4=>0x0})
ioctl$IOMMU_IOAS_MAP(r3, 0x3b85, &(0x7f0000000440)={0x28, 0x7, r4, 0x0, &(0x7f00000002c0)='L', 0x1, 0xfffffffffffffff9})
ioctl$IOMMU_IOAS_MAP(r3, 0x3b85, &(0x7f0000000000)={0x28, 0x3, r4, 0x0, &(0x7f0000000040)="7f", 0x1, 0xfffe})
ioctl$IOMMU_IOAS_MAP(r3, 0x3b85, &(0x7f0000000500)={0x28, 0x6, r4, 0x0, &(0x7f0000000380)='s', 0x1, 0x135})
ioctl$IOMMU_IOAS_MAP(r3, 0x3b85, &(0x7f00000000c0)={0x28, 0x6, r4, 0x0, &(0x7f0000000940)="d8", 0x1, 0xfffffffffffffff6})
r5 = syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00')
writev(r5, &(0x7f0000000100)=[{&(0x7f00000000c0)='4', 0x1}], 0x1)
r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r6, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2={0xff, 0x3}}, 0x1c)
setsockopt$SO_BINDTODEVICE(r6, 0x1, 0x19, &(0x7f0000000080)='batadv0\x00', 0x10)
sendto$inet6(r6, &(0x7f0000000140)="8469b66f", 0x20, 0x0, 0x0, 0x0)
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r3, 0x3ba0, &(0x7f0000000300)={0x48, 0x2, r4, 0x0, 0x0, 0x0, 0x0, 0x1})
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6)
io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
r7 = epoll_create1(0x80000)
r8 = socket$l2tp6(0xa, 0x2, 0x73)
r9 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_EPOLL_CTL=@del={0x1d, 0xa, 0x0, r7, 0x0, r8, 0x2, 0x0, 0x1, {0x0, r9}})
r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000140), r10)
sendmsg$NLBL_CIPSOV4_C_ADD(r10, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r11, @ANYBLOB="0100000000000000000002000000080001"], 0x50}, 0x1, 0x0, 0x0, 0x40}, 0x0)
io_uring_enter(r0, 0x1733, 0x0, 0x0, 0x0, 0x0)
read$msr(r5, &(0x7f0000000980)=""/4096, 0x1000)

9m59.685295776s ago: executing program 35 (id=1761):
r0 = syz_io_uring_setup(0x2466, &(0x7f0000000480)={0x0, 0x40007734, 0x0, 0x0, 0x20183}, &(0x7f00000000c0)=<r1=>0x0, &(0x7f00000001c0)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x30, 0x0, 0x40, 0x4}]}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
mlock2(&(0x7f0000d94000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x0)
r3 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0xa0107, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r3, 0x3b81, &(0x7f0000000280)={0xc, 0x0, <r4=>0x0})
ioctl$IOMMU_IOAS_MAP(r3, 0x3b85, &(0x7f0000000440)={0x28, 0x7, r4, 0x0, &(0x7f00000002c0)='L', 0x1, 0xfffffffffffffff9})
ioctl$IOMMU_IOAS_MAP(r3, 0x3b85, &(0x7f0000000000)={0x28, 0x3, r4, 0x0, &(0x7f0000000040)="7f", 0x1, 0xfffe})
ioctl$IOMMU_IOAS_MAP(r3, 0x3b85, &(0x7f0000000500)={0x28, 0x6, r4, 0x0, &(0x7f0000000380)='s', 0x1, 0x135})
ioctl$IOMMU_IOAS_MAP(r3, 0x3b85, &(0x7f00000000c0)={0x28, 0x6, r4, 0x0, &(0x7f0000000940)="d8", 0x1, 0xfffffffffffffff6})
r5 = syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00')
writev(r5, &(0x7f0000000100)=[{&(0x7f00000000c0)='4', 0x1}], 0x1)
r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r6, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2={0xff, 0x3}}, 0x1c)
setsockopt$SO_BINDTODEVICE(r6, 0x1, 0x19, &(0x7f0000000080)='batadv0\x00', 0x10)
sendto$inet6(r6, &(0x7f0000000140)="8469b66f", 0x20, 0x0, 0x0, 0x0)
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r3, 0x3ba0, &(0x7f0000000300)={0x48, 0x2, r4, 0x0, 0x0, 0x0, 0x0, 0x1})
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6)
io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
r7 = epoll_create1(0x80000)
r8 = socket$l2tp6(0xa, 0x2, 0x73)
r9 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_EPOLL_CTL=@del={0x1d, 0xa, 0x0, r7, 0x0, r8, 0x2, 0x0, 0x1, {0x0, r9}})
r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000140), r10)
sendmsg$NLBL_CIPSOV4_C_ADD(r10, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r11, @ANYBLOB="0100000000000000000002000000080001"], 0x50}, 0x1, 0x0, 0x0, 0x40}, 0x0)
io_uring_enter(r0, 0x1733, 0x0, 0x0, 0x0, 0x0)
read$msr(r5, &(0x7f0000000980)=""/4096, 0x1000)

9m56.427190176s ago: executing program 7 (id=1791):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=@newlink={0x20, 0x10, 0x401, 0x1fffd, 0x400, {0x0, 0x0, 0x0, 0x0, 0x908b, 0x4e310}}, 0x20}, 0x1, 0x0, 0x0, 0x240008c4}, 0x4c004)

9m55.985966782s ago: executing program 7 (id=1793):
r0 = socket$inet(0x2, 0x2, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000040)=0x8, 0x4)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x5e21, @local}, 0x10)
connect$inet(r0, 0x0, 0x0)

9m55.657106802s ago: executing program 7 (id=1795):
syz_usb_connect(0x0, 0x2d, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000041436120410e5150e8d5000000010902f98a5c01"], 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000600)={0x26, 'hash\x00', 0x0, 0x0, 'xcbc(aes)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140), 0x0)
accept4(r0, 0x0, 0x0, 0x80000)
r1 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x88402)
bind(r0, &(0x7f0000000540)=@ieee802154, 0x80)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r1, 0xc4c85512, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x0, 0x0, 0x4, 0x0, 0x0, 0xbd, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x5, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd9, 0x2, 0x0, 0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x10000, 0x4, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x3, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0xde8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x20000000000800, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x1, 0x0, 0x20, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x1, 0x2, 0x0, 0x0, 0x6, 0x0, 0x0, 0xf2, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x5, 0xf, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x3f07, 0x1000000000000000]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
ioctl$SNDCTL_DSP_CHANNELS(0xffffffffffffffff, 0xc0045006, &(0x7f0000000040)=0xd)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
r3 = dup(r2)
sendmsg$inet_sctp(r3, 0x0, 0x8000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000002700)=""/102392, 0x18ff8)
r5 = syz_open_dev$vim2m(&(0x7f00000002c0), 0xf, 0x2)
socket$inet(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, 0x0}, 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(r5, 0xc0145608, &(0x7f0000000040)={0x80000001, 0x1, 0x4})
ioctl$vim2m_VIDIOC_STREAMOFF(r5, 0x40045612, &(0x7f0000000240)=0x1)

9m50.426887904s ago: executing program 7 (id=1800):
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ff8000/0x3000)=nil, 0x0}, 0x68)
io_uring_setup(0x24, &(0x7f0000000040)={0x0, 0x73e9, 0x1f410, 0x1, 0x19c})
r0 = syz_io_uring_setup(0x1593, &(0x7f0000001900)={0x0, 0xe5dc, 0x8, 0x3, 0x2f0}, &(0x7f0000000280), &(0x7f0000002c00))
io_uring_register$IORING_UNREGISTER_RING_FDS(r0, 0x15, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3, 0x0, 0x0, 0x40f00}, 0x94)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000200)='syzkaller\x00', 0x9}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

9m48.322057273s ago: executing program 7 (id=1804):
syz_usb_connect(0x0, 0x2d, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000041436120410e5150e8d5000000010902f98a5c01"], 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000600)={0x26, 'hash\x00', 0x0, 0x0, 'xcbc(aes)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140), 0x0)
accept4(r0, 0x0, 0x0, 0x80000)
r1 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x88402)
bind(r0, &(0x7f0000000540)=@ieee802154, 0x80)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r1, 0xc4c85512, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x0, 0x0, 0x4, 0x0, 0x0, 0xbd, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x5, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd9, 0x2, 0x0, 0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x10000, 0x4, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x3, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0xde8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x20000000000800, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x1, 0x0, 0x20, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x1, 0x2, 0x0, 0x0, 0x6, 0x0, 0x0, 0xf2, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x5, 0xf, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x3f07, 0x1000000000000000]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
ioctl$SNDCTL_DSP_CHANNELS(0xffffffffffffffff, 0xc0045006, &(0x7f0000000040)=0xd)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
r3 = dup(r2)
sendmsg$inet_sctp(r3, 0x0, 0x8000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000002700)=""/102392, 0x18ff8)
r5 = syz_open_dev$vim2m(&(0x7f00000002c0), 0xf, 0x2)
socket$inet(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, 0x0}, 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(r5, 0xc0145608, &(0x7f0000000040)={0x80000001, 0x1, 0x4})
ioctl$vim2m_VIDIOC_STREAMOFF(r5, 0x40045612, &(0x7f0000000240)=0x1)

9m43.662057526s ago: executing program 7 (id=1814):
syz_create_resource$binfmt(0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x68}, 0x8080)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60005f, 0x19)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x8943, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$usbfs(&(0x7f0000000100), 0x6, 0x142)
ioctl$USBDEVFS_CLAIM_PORT(r2, 0x80045518, &(0x7f0000000240)=0x8)
r3 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/oss_mixer\x00', 0x2002, 0x0)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
sendmmsg$inet(r4, &(0x7f0000000940)=[{{&(0x7f0000000000)={0x2, 0x0, @private=0xa010101}, 0x10, &(0x7f0000000380)=[{&(0x7f0000000040)="93", 0x1}], 0x1}}], 0x1, 0x46054)
setsockopt$sock_linger(r4, 0x1, 0xd, &(0x7f0000000100)={0x1}, 0x8)
close(r4)
write$proc_mixer(r3, &(0x7f0000000180)=ANY=[], 0x86)
dup3(0xffffffffffffffff, r3, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x2)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0)
r5 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
writev(r5, &(0x7f00000000c0)=[{&(0x7f0000000140)='2', 0x1}], 0x1)

9m27.919728755s ago: executing program 36 (id=1814):
syz_create_resource$binfmt(0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x68}, 0x8080)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60005f, 0x19)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x8943, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$usbfs(&(0x7f0000000100), 0x6, 0x142)
ioctl$USBDEVFS_CLAIM_PORT(r2, 0x80045518, &(0x7f0000000240)=0x8)
r3 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/oss_mixer\x00', 0x2002, 0x0)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
sendmmsg$inet(r4, &(0x7f0000000940)=[{{&(0x7f0000000000)={0x2, 0x0, @private=0xa010101}, 0x10, &(0x7f0000000380)=[{&(0x7f0000000040)="93", 0x1}], 0x1}}], 0x1, 0x46054)
setsockopt$sock_linger(r4, 0x1, 0xd, &(0x7f0000000100)={0x1}, 0x8)
close(r4)
write$proc_mixer(r3, &(0x7f0000000180)=ANY=[], 0x86)
dup3(0xffffffffffffffff, r3, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x2)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0)
r5 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
writev(r5, &(0x7f00000000c0)=[{&(0x7f0000000140)='2', 0x1}], 0x1)

49.545380503s ago: executing program 4 (id=2604):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000001040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x14, 0x39, 0x301, 0x270bd24, 0x25dfdbfa, {0x1}}, 0x14}}, 0x4000000)
r1 = socket$kcm(0x11, 0x2, 0x300)
setsockopt$sock_attach_bpf(r1, 0x1, 0x28, &(0x7f0000000000), 0x4)
recvmsg(r1, &(0x7f00000017c0)={0x0, 0x0, 0x0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000004c0)=ANY=[@ANYBLOB="b702000047000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a876d839240d29c035055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7e8dc34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bb44b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334583239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bf4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc508afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd360000000000000000ae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c97a088a22e8b15c3e233db00002e30d46a0024d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c29c5c0ed5bcdf510c3c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ced92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f68fa8d7c2dfb28e1f05e46b0933c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d588afd80e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda6900002a070886df42b27098773b45198b4a34ac97febd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d63521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07afef12ef060cd4403a099f32468f658000b4082d43e12186195cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea209b53b230ef0f2ab85cbdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bd3339403004b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab900000000000000000000d71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdbf24a0c5441ce046078492b53467cfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89cb349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb15f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c00c57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137df47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b558982016b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8b49e3d0168bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85a3009a5d30f479e293a3302e11350ea857b37e76ca3f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c8ffe0d508dcee3070e8b42ac38545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f98117919472b61b20026d7e646174b55d251f7f8ca5ccc22a5efb33b217eff5597a3c3a5f3a9bb54abb40e54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4444e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24000000000000000000000000000000000000cd3211b3842b68a4eddca2eae28529e97a98d7ec3fd902df1ba8fc2ad2377e72d4e7aeacbbccef5614cd965511558f40720025c022bc9c213e407f6bc4b673c55aa8e729299a37fd6339acd906ac861ba56c9fa9b8b12b5e68a3cdadb906355e1f1d336a243172affe50d0fb36c3718a7498eed3d398f405a34d494414e87ef1ce1845510d43d00171d6b4b762f89564c22d542a119878709cd6822c3a3eb47a849b0737929fe9e1eecd1bff5a2b9880e2a6d8a3b3b7e88a673c96cda4455eff1c530db0e6598a2686aa09aeaf0f1aed95aeb8b0a2cc5ca31c0f56285cc05f7090a0e0583cf540d18cd8817e685c7b4ff176178ac1234f23e54445ec20b2689832d78409897a0307e89ebcd5f4ba042a3d10237a5a8a9a6eda36d2f337dc54537b80e8433341b135b4c5bb0173ffde46ccd260e1d4f2c51e8b07bb256f1317912cb1fc9e491e0bb9109e475cc795c23ad9f4f0042c5e9c655a4d865bc4a266e6a1d3d2b7ee53be9efb33a98933b5ba74ee3ac8d34b6af8c1fdbffade3abc80842b74354162f5b994ab5254cb068bc5e2ae242a1d37d0d49947c9317fa1a46c9e259ce0e1f9db992c53f7830a5e8f4fac6b187eb9f15ba61f730f86d7d7b63bbc7a1d9ff37e87a90a14e0655304da069f9009b62717649b6c6af94fcba713f8ee6fcce25aef44d009966614b61be9369ffc589a79051b0a0000000000000003ebd34c41afe268c33c9322c3a783772aec998f51a6e70fb932a8019e72ef5ab127bb30c79ebfd867441083546305fb39449c40a166ea389a6b77b7c87f66e8bf5806726b8fc50b943627314803a12c33312dce0a10f852da3e000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11}, 0x94)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='cgroup.controllers\x00', 0x275a, 0x0)
getsockname$inet(r3, &(0x7f0000000300), &(0x7f0000000380)=0x10)
fsetxattr(r3, &(0x7f0000000000)=ANY=[@ANYBLOB='security.c'], 0x0, 0x0, 0x0)
ioctl$KVM_SMI(r3, 0xaeb7)
r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x7, [@fwd={0x5}]}, {0x0, [0x0, 0x0, 0x0, 0x0, 0x61]}}, 0x0, 0x2b}, 0x28)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x11, 0xf, &(0x7f00000000c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x4000, 0x0, 0x0, 0x0, 0x3ff}, {}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f00000001c0)='syzkaller\x00', 0xa, 0x54, &(0x7f0000000240)=""/84, 0x40f00, 0x40, '\x00', 0x0, 0x0, r4, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000400)={0x4, 0x10, 0x9, 0x7}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
prctl$PR_SCHED_CORE(0x4d, 0x8, 0x0, 0x0, 0x0)
flistxattr(r3, 0x0, 0x19)
getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000040)={<r5=>0x0, 0x74}, &(0x7f0000000100)=0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='ata_tf_load\x00', r3, 0x0, 0xe}, 0x18)
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f00000002c0), 0x2, 0x3)
getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r3, 0x84, 0x13, &(0x7f0000000140)={r5, 0x4}, &(0x7f0000000180)=0x8)
r6 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_int(r6, 0x29, 0x17, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r2, 0x18000000000002a0, 0x1c, 0x0, &(0x7f0000000480)="b9ff03076844268cb89e14f088a847", 0x0, 0xfe, 0x60000009, 0x0, 0x0, 0x0, 0x0}, 0x50)

48.497545331s ago: executing program 4 (id=2606):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NL802154_CMD_SET_CCA_MODE(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB="0800feaa", @ANYRES16=0x0, @ANYBLOB="010025bd7000fbdbdf250d0000000800010001000000"], 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x20000)
bind$xdp(0xffffffffffffffff, &(0x7f0000000100)={0x2c, 0x2}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x35, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c0003800800014000000000080002400000000018000380140001007465616d3000000000000000000000005c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c00038014"], 0xfc}}, 0x0)
r1 = socket$inet6_sctp(0xa, 0x801, 0x84)
getsockopt$inet6_opts(r1, 0x29, 0x37, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x1000008, 0x4000000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x1c, 0x0, 0x20)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000300)=ANY=[@ANYRES32=r2], 0x20)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$SIOCX25SDTEFACILITIES(r3, 0x89eb, &(0x7f0000000380)={0xf, 0x1, 0x7ff, 0x0, 0x4, 0x1d, 0x2, "90852983f41a9b555de244744e81e96972bea61b", "e1a431ef442cc2863c4a9af219680faa6b16605a"})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
r5 = syz_open_procfs(0x0, &(0x7f0000000200)='map_files\x00')
bind$inet6(r1, &(0x7f00000001c0)={0xa, 0x4e23, 0xb, @mcast2, 0x10000}, 0x1c)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), r5)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x19, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1000000004000000080000000500000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00ffff000010008d40b610008ccbebeb56578dd4a200000000000000"], 0x48)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r6}, &(0x7f0000000080), &(0x7f0000000240)=r7}, 0x20)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r7, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000580)="b903076804268c989e14f088a800", 0x0, 0x500, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1}, 0x50)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)

47.095903451s ago: executing program 6 (id=2607):
r0 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$SMC_PNETID_ADD(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000900)={0x40, r0, 0x1, 0x1, 0x25dfdbfe, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'batadv_slave_1\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}]}, 0x40}}, 0x0)

47.063187458s ago: executing program 4 (id=2609):
socket$inet_sctp(0x2, 0x1, 0x84)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000480)=@base={0x15, 0x6, 0x1, 0x1, 0x400, 0x1, 0x135, '\x00', 0x0, 0xffffffffffffffff, 0x2}, 0x50)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
fcntl$getownex(r3, 0x10, 0x0)
sendto$inet6(r4, 0x0, 0x0, 0x4841, &(0x7f0000000040)={0xa, 0x4e22, 0x8, @empty}, 0x1c)
socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r5, 0x84, 0x9, &(0x7f00000003c0)={0x0, @in6={{0xa, 0x4e20, 0x0, @empty, 0x9}}, 0x0, 0x0, 0x3fc, 0x0, 0x32, 0x7}, 0x9c)
setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r5, 0x84, 0x13, 0x0, 0x0)
bind$inet6(r5, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x80000, @loopback}, 0x1c)
r6 = syz_init_net_socket$llc(0x1a, 0x801, 0x0)
bind$llc(r6, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x0, 0x81, 0x42}, 0x10)
bind$llc(0xffffffffffffffff, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x10)

45.353906481s ago: executing program 4 (id=2610):
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
getsockopt$inet6_opts(r0, 0x29, 0x37, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x1000008, 0x4000000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x1c, 0x0, 0x20)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000300)=ANY=[@ANYRES32=r1], 0x20)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = syz_open_procfs(0x0, &(0x7f0000000200)='map_files\x00')
getdents(r3, &(0x7f0000000000)=""/159, 0x9f)

45.26977956s ago: executing program 2 (id=2611):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000240)={0x0, 0x10000000, 0x0, 0x3d0, 0xffffffff})
ioctl$KDGKBDIACR(r0, 0x4b4a, &(0x7f0000000100)=""/153)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x16, &(0x7f0000000ec0)=ANY=[@ANYBLOB="61154c00000000006113500000000000bfa00000000000001503000008004e002d3501000000000095004100000000006916000000000000bf67000000000000350605000fff07206706000005000000160302000ee60060bf590000000000000f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ff3d4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf664e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab69a000248e167253472dc89a57c10bb08395fa64810b5b40d893ea8fe01c5473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e88158f0200000000c8fb730a5c1bf2b2bb845129361997a75fd552bdc2300000008ac86d8a297dff0445a15f21dce4de9f29eff65aadc841848c9b562a31e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076ebae3f55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932c9a6aa57f1ad2e99e0e67ab93716d20000009fbb0f53acbb40b4f8e2739670b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc401000000cc43010000207b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000f4000000000000000000000000c1eb2d91fb79ea00000000000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386ba3b543ccb5f0d7b63924f17c67b13631d22a11dc3c6939628950000000000000001c7205a6b068fff496d2da7d632bd1f61b007e1ff5f1be19637302f3b41eae50509fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b30410856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db88aa3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fb9fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff010404faf0a4da65396174b4563d54b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202ee1192b81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2b517dc4a29b9b5a8ded5de8206c812439ab129ae818837ee1562078fc524a3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da23c00d9ef418cf19e7a8c4c328be0ce95798adc2dca871073f6bd61dc18402cde8b0100010000000000abc86b94f8cbde4d470667bee722a6a2af483ad0d3415ed0f9db059acaba9eaea93f811d434e00000000000000000000d154ba10a8e51489a614e69722bac30000000000000000000000000000c5dfd188ff555285b9743d3aac000583f44fc00b69151d681a2f71373f20d92c9048407c91fabecfe8b3f2d545ffffffff00000000a1cfc4336324c86f3dcb43e9a58208077e90f6ec1c7ac756f61dcc372cdd30b82507489f0bbfbd3c3f21752e81319c0161e154ceb16e00bc7f5a6962dff317f4d014786e432817064874d69a39cb0da31bcc5f81894d8a80756447322207b4007dff12eb95066cc6bc256f0a12282224d718b06ca80b57aa183dd0c3eee45891441f2b89b4c67aa9882281393954972046974f18df232cd7fca610e33f51c2d062020f403d85ff36c26e2f6bd1d82f4d3ceb3472d9a77e0057a3bfe697d9ab7585f4a1b381343d2cf857689232f4fc5135790662dc1419a374be9d7b3e5be2886d23add90d862f1a682ff11c798e338af3e5bb0f9d3952b15bf3e0c618c89d20ca1e18a031397693bf3cfbd8417e5b55e641c898c280356f2da222d5d68919d98158578dcf18efa404e508bcbbb8cfcf70086821ebdf34c9a1dff45af873df904c2bdbef81f246d26f4b40df949e12bdac18533d4e11c608cc31d60cb591c40a7b386fa1c753336d7220a35118d4919b45eff32aab684ee54c0a263c806aabac2f66cbe8d23810052f847c62c6691de14e97aa7e9dc8ecf0cd50540246d2b746e41e5b4e2c095039dfe0f71db6265f7580d098be40ef36faee5d1695830d4242a23e541e6ce9fa1998d8961ef4fe3c8e8fbb566f148c8befc229614a4b7f80d237b8abc6fc0407de31d6e5532f360d379f20f054692b47207922fe6c14eba96c9a7ae906abc1ae1ae8c4fae92883cfa1978a04bb000000000000000000000000000000884efcecca45ea4ab2ec097668456a6ff12854997f5aed737d5205ace5c0b64f87ef10784d0479cb44ca077e0c4ce6ff880e2ce3de63853a9740e9233683bfc8636bee293aeeb680b399a296e6f44c07b5fc5d9d359af007f23004a7acb6df23664ea209620b4fe0f4df81c33bd8ca2335cb4b50881937379b45a301175c3e8eb32970564ec8e25c46ee3bae079faedaad94276cfa251be8256c4c37fc84a299fa176018054e9149a1c9d20a809ce3000000000000000000000000f6fad8476470bf4bb79d2ba2c0f7147577466f4229b364d6900ad22583c0ec630ea0c6177ad88014b074d88fea473d5ef91ed786bbd3371f0dfcc5ccf4aa82927192aa94fe70a261f1899e1f2f62d50b027f7e7cac8fe3691aa323e71d5e479d466512d1df57633a9006016322978a795431c745f0502e37b8884c368a3f9d5c05a7fb5bd25d95442d09f79c5bd656dccb450cb19c6df406ffcfc414334021df3e4654f84f10070846d3b0679544"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x1}, 0x8}, 0x94)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0xc, &(0x7f0000003f80)=ANY=[@ANYBLOB="18020000feffffff00000000000000008500000041000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000010400000850000000600000095"], &(0x7f00000001c0)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x44, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000004c0)={r3, 0x27, 0xe, 0x0, &(0x7f00000002c0)="f8ad00c5fce2b5cbaaadc5829fda", 0x0, 0x9, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0}, 0x50)
r4 = socket$unix(0x1, 0x2, 0x0)
setsockopt$SO_TIMESTAMP(r4, 0x1, 0x23, &(0x7f0000000080)=0x6, 0x26)
close_range(r4, r4, 0x0)
r5 = socket$key(0xf, 0x3, 0x2)
recvmmsg(r5, &(0x7f0000000440), 0x6f5, 0x2000000022, &(0x7f0000000480)={0x77359400})
setsockopt$sock_int(r5, 0x1, 0x4b, 0x0, 0x0)
sendmsg$key(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="021600"], 0x10}}, 0x0)
setsockopt$inet_sctp_SCTP_AUTH_CHUNK(0xffffffffffffffff, 0x84, 0x15, &(0x7f0000000140)={0x4}, 0x1)

45.136138067s ago: executing program 6 (id=2612):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r3, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r3, &(0x7f0000000000), 0xd)

44.27592961s ago: executing program 4 (id=2613):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
sendmmsg(r0, &(0x7f0000002940)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000001c0)}], 0x1}}], 0x1, 0x0)
ioctl$FS_IOC_GETFSLABEL(r0, 0x800452d2, &(0x7f0000000100))

43.34263432s ago: executing program 6 (id=2614):
r0 = syz_usb_connect(0x5, 0x24, &(0x7f0000000040)=ANY=[@ANYRESDEC=0x0], 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bind$unix(r2, &(0x7f00000000c0)=@abs={0x1, 0x0, 0x4e23}, 0x6e)
syz_usb_control_io(r0, 0x0, &(0x7f0000000140)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)={0x40, 0x13, 0x5e, @local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, &(0x7f0000000e00)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000ec0)={0x40, 0x19, 0x2, "0e03"}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000d00)={0x44, &(0x7f0000000a40)=ANY=[@ANYBLOB="40308b00000091"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_connect(0x5, 0x24, &(0x7f0000000040)=ANY=[@ANYRESDEC=0x0], 0x0) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) (async)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) (async)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) (async)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
bind$unix(r2, &(0x7f00000000c0)=@abs={0x1, 0x0, 0x4e23}, 0x6e) (async)
syz_usb_control_io(r0, 0x0, &(0x7f0000000140)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)={0x40, 0x13, 0x5e, @local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) (async)
syz_usb_control_io(r0, 0x0, &(0x7f0000000e00)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000ec0)={0x40, 0x19, 0x2, "0e03"}, 0x0, 0x0, 0x0, 0x0}) (async)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000d00)={0x44, &(0x7f0000000a40)=ANY=[@ANYBLOB="40308b00000091"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) (async)
syz_usb_control_io(r0, 0x0, 0x0) (async)
syz_usb_control_io$printer(r0, 0x0, 0x0) (async)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) (async)

43.197896545s ago: executing program 4 (id=2615):
r0 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @local}, 0xfc, 0x0}, 0x30004001)
sendmsg(r0, &(0x7f0000002140)={0x0, 0x0, &(0x7f0000001fc0)=[{&(0x7f0000001f80)="f2", 0x1}], 0x1}, 0x80)
r1 = socket$igmp6(0xa, 0x3, 0x2)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r3=>0x0})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), r2)
sendmsg$NL80211_CMD_SET_STATION(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x2c, r4, 0x1, 0x70bd27, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_STA_SUPPORT_P2P_PS={0x5, 0xe4, 0x1}, @NL80211_ATTR_STA_LISTEN_INTERVAL={0x6, 0x12, 0x60}]}, 0x2c}, 0x1, 0x0, 0x0, 0x48040}, 0x4004004)
setsockopt$sock_attach_bpf(r0, 0x6, 0xd, &(0x7f0000000000), 0x4)
sendmsg$kcm(r0, &(0x7f0000000980)={0x0, 0x0, 0x0}, 0x20008050)

43.161378238s ago: executing program 2 (id=2616):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$fou(&(0x7f0000000480), r0)
syz_open_dev$usbfs(0x0, 0x76, 0x101301)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
madvise(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x16)
io_submit(0x0, 0x0, 0x0)
sendmsg$FOU_CMD_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)={0x1c, r1, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@FOU_ATTR_AF={0x5, 0x2, 0xa}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4001}, 0x0) (fail_nth: 3)

41.688218689s ago: executing program 2 (id=2617):
r0 = signalfd4(0xffffffffffffffff, &(0x7f00000008c0), 0x8, 0x0)
r1 = signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x6ba]}, 0x8)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r0, @ANYBLOB="ac00"])
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000100)=0x100000001, 0x4)
connect$inet6(r2, &(0x7f0000000080)={0xa, 0x0, 0x0, @private0}, 0x1c)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
r4 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x141080)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r4, 0x40045532, &(0x7f00000000c0)=0x8004)
r5 = openat$audio(0xffffffffffffff9c, &(0x7f0000000100), 0x80002, 0x0)
r6 = syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65)
ioctl$SNDCTL_DSP_CHANNELS(r5, 0xc0045006, &(0x7f0000000700)=0x31)
ioctl$SNDRV_PCM_IOCTL_HW_FREE(r6, 0x4112, 0x0)
getsockopt$EBT_SO_GET_INIT_INFO(r3, 0x0, 0x82, 0x0, &(0x7f0000000140))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r7 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r7, &(0x7f0000002000)=""/102400, 0x19000)
gettid()
r8 = syz_open_dev$vim2m(&(0x7f00000002c0), 0x2000000f5, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r8, 0xc008561c, &(0x7f0000000400)={0xf0f071, 0x2})
r9 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r9, 0x8933, &(0x7f0000000280)={'vcan0\x00', <r10=>0x0})
connect$can_j1939(r9, &(0x7f0000000080)={0x1d, r10, 0x0, {0x0, 0xf0, 0x2}, 0xfe}, 0x18)
sendmsg$can_j1939(r9, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)='.', 0x1a000}}, 0x0)
r11 = fcntl$dupfd(r9, 0x406, r9)
bind$can_j1939(r11, &(0x7f0000000040)={0x1d, r10, 0x2, {0x0, 0xff}, 0xfe}, 0x18)
quotactl_fd$Q_SETINFO(r4, 0xffffffff80000601, 0x0, &(0x7f0000000240)={0xe9ce, 0xfffffffffffffff6, 0x1, 0x5})

29.438892207s ago: executing program 2 (id=2618):
socket$inet_sctp(0x2, 0x1, 0x84)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000480)=@base={0x15, 0x6, 0x1, 0x1, 0x400, 0x1, 0x135, '\x00', 0x0, 0xffffffffffffffff, 0x2}, 0x50)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
fcntl$getownex(r3, 0x10, 0x0)
sendto$inet6(r4, 0x0, 0x0, 0x4841, &(0x7f0000000040)={0xa, 0x4e22, 0x8, @empty}, 0x1c)
socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r5, 0x84, 0x9, &(0x7f00000003c0)={0x0, @in6={{0xa, 0x4e20, 0x0, @empty, 0x9}}, 0x0, 0x0, 0x3fc, 0x0, 0x32, 0x7}, 0x9c)
setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r5, 0x84, 0x13, 0x0, 0x0)
bind$inet6(r5, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x80000, @loopback}, 0x1c)
r6 = syz_init_net_socket$llc(0x1a, 0x801, 0x0)
bind$llc(r6, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x0, 0x81, 0x42}, 0x10)
bind$llc(0xffffffffffffffff, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x10)

29.321913047s ago: executing program 6 (id=2619):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
r4 = mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f00000002c0)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000004a40)={0xc, 0x0, &(0x7f0000000440)=[@free_buffer={0x40086303, r4}], 0x0, 0x0, 0x0})

27.857204709s ago: executing program 6 (id=2620):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_ADD(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000900)={0x40, 0x0, 0x1, 0x1, 0x25dfdbfe, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'batadv_slave_1\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}]}, 0x40}}, 0x0)

25.904302103s ago: executing program 37 (id=2615):
r0 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @local}, 0xfc, 0x0}, 0x30004001)
sendmsg(r0, &(0x7f0000002140)={0x0, 0x0, &(0x7f0000001fc0)=[{&(0x7f0000001f80)="f2", 0x1}], 0x1}, 0x80)
r1 = socket$igmp6(0xa, 0x3, 0x2)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r3=>0x0})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), r2)
sendmsg$NL80211_CMD_SET_STATION(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x2c, r4, 0x1, 0x70bd27, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_STA_SUPPORT_P2P_PS={0x5, 0xe4, 0x1}, @NL80211_ATTR_STA_LISTEN_INTERVAL={0x6, 0x12, 0x60}]}, 0x2c}, 0x1, 0x0, 0x0, 0x48040}, 0x4004004)
setsockopt$sock_attach_bpf(r0, 0x6, 0xd, &(0x7f0000000000), 0x4)
sendmsg$kcm(r0, &(0x7f0000000980)={0x0, 0x0, 0x0}, 0x20008050)

24.860237816s ago: executing program 6 (id=2622):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a14000000180a0101000600000000130001001000010000000000000000000000020a89538f88d4cefb3ab1ccb122bb4d74b921d3859d233e5e2cf5"], 0x3c}, 0x1, 0x0, 0x0, 0x44885}, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000001080)=ANY=[@ANYBLOB="1201000003010040720501cb65260102030109021200010000000009040000009c75b700"], 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000000000), 0x2, 0x28100)
ioctl$EVIOCREVOKE(r1, 0x40044591, &(0x7f0000000040)=0x6)
syz_usb_connect(0x0, 0x56, &(0x7f0000000080)=ANY=[], 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x60303, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r3 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000000)={'vxcan1\x00', <r4=>0x0})
sendmsg$can_raw(r3, &(0x7f00000001c0)={&(0x7f0000000180)={0x1d, r4}, 0x43, &(0x7f0000000140)={&(0x7f0000000340)=@canfd={{0x4, 0x1, 0x1, 0x1}, 0xe, 0x3, 0x0, 0x0, "555390508bff2b9e63477a98784ca217bae7ae597ea6ea5b806fcd257ce7cb9e0346b0e1ec5064937df2a6f9dd768ae61274d13f2ddf486eaacfb6af356771b9"}, 0x10}, 0x2, 0x0, 0x0, 0x844}, 0x4000855)
r5 = openat$cgroup_devices(r2, &(0x7f0000000000)='devices.allow\x00', 0x2, 0x0)
write$cgroup_devices(r5, &(0x7f0000000140)=ANY=[@ANYBLOB="62a02a3a3409777277"], 0xa)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/seq/clients\x00', 0x0, 0x0)
r7 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r7, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r6, 0xc01064b5, &(0x7f0000000140)={&(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6})
r8 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$USBDEVFS_SUBMITURB(r8, 0x8038550a, &(0x7f0000000740)=@urb_type_iso={0x0, {0x2d, 0x1}, 0x3, 0x20, &(0x7f0000000400)="1285a62e6ec2b5bcd46578e8bccb6c7d2ca5fb294a5985ffbfee51bf222c28e9110602264a72294815cfa28e0623248b362e478f9a9116cd", 0x38, 0xfffffffb, 0x7, 0x11, 0x6, 0x5, 0x0, [{0x83a, 0x1, 0x7}, {0x8, 0x80, 0x2000}, {0x7, 0x585, 0x2}, {0x9, 0x81, 0xe1a}, {0x1, 0xff, 0x1}, {0xffffffff, 0xffffffff, 0x10000}, {0xffff9b97, 0xff, 0x1}, {0x9, 0x92, 0xfff}, {0x4, 0x5f0, 0x2}, {0x10001, 0x0, 0x8001}, {0x9, 0x97, 0x3ff}, {0x7, 0x7, 0x80}, {0x8c7a, 0xf8, 0x7ff}, {0x40, 0x1, 0x9}, {0x1, 0x401, 0xff}, {0x8, 0x0, 0x7}, {0x1000, 0x730, 0x8}]})
ioctl$DRM_IOCTL_MODE_GETPLANE(r7, 0xc02064b6, &(0x7f00000001c0)={0x0, <r9=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_ATOMIC(r7, 0xc03864bc, &(0x7f0000000380)={0x0, 0x1, &(0x7f0000000240)=[r9], &(0x7f0000000200), &(0x7f00000000c0), 0x0, 0x0, 0x300})
openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f00000002c0), 0x80, 0x0)
ioctl$VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000200)=@multiplanar_fd={0x1, 0x6, 0x4, 0x10000, 0x3, {}, {0x3, 0xc, 0xf7, 0x6f, 0x1, 0x0, "932bf547"}, 0x7, 0x4, {0x0}, 0xd})
syz_io_uring_setup(0x4dcc, &(0x7f0000000100)={0x0, 0x59c4, 0x2, 0x1000, 0x5cc}, &(0x7f0000000300)=<r10=>0x0, &(0x7f0000000080))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r10, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)

23.58986591s ago: executing program 2 (id=2623):
r0 = syz_open_procfs(0x0, &(0x7f0000000240)='mountinfo\x00')
readv(r0, &(0x7f0000000a00)=[{0x0}, {&(0x7f0000000580)=""/225, 0xe1}], 0x2)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000340)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
ioctl$FS_IOC_GETFSLABEL(r4, 0x800452d2, &(0x7f0000000100))

20.797635655s ago: executing program 2 (id=2624):
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
r0 = syz_open_dev$dri(0x0, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000002c0)='contention_begin\x00', r1, 0x0, 0xd}, 0x18)
syz_io_uring_setup(0x111, 0x0, 0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000500)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x48, 0x0, 0x10000, 0x3, 0x0, 0xfffffffd, 0x0, 0x1, {0x3}})
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
socket$nl_route(0x10, 0x3, 0x0)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = epoll_create1(0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$int_in(r5, 0x5452, &(0x7f0000000040)=0xcd8)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r5, &(0x7f0000000100)={0x20000014})
close(r4)
r6 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
r7 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r7, 0x7a7, &(0x7f00000000c0)=0xb0000)
r8 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x4, 0x11, r8, 0x100000000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r7, 0x7a0, &(0x7f0000000000)={@hyper})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r7, 0x7a8, &(0x7f0000000080)={{@hyper, 0x9}, @local, 0xe, 0x0, 0x5e, 0x200000000000, 0x100000000000006})
ioctl$DRM_IOCTL_MODE_GETCRTC(r6, 0xc06864a1, 0x0)
ioctl$DRM_IOCTL_MODE_GETCRTC(r8, 0xc06864a1, &(0x7f0000000200)={&(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x7, 0x0, <r9=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r0, 0xc06864ce, &(0x7f0000000280)={r9, 0x0, 0x20000, 0x3, 0x1, [], [0x9, 0x9], [0x4, 0x40, 0x6], [0xffffffefffffffff, 0x1, 0x800040000000c]})

189.937437ms ago: executing program 38 (id=2622):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a14000000180a0101000600000000130001001000010000000000000000000000020a89538f88d4cefb3ab1ccb122bb4d74b921d3859d233e5e2cf5"], 0x3c}, 0x1, 0x0, 0x0, 0x44885}, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000001080)=ANY=[@ANYBLOB="1201000003010040720501cb65260102030109021200010000000009040000009c75b700"], 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000000000), 0x2, 0x28100)
ioctl$EVIOCREVOKE(r1, 0x40044591, &(0x7f0000000040)=0x6)
syz_usb_connect(0x0, 0x56, &(0x7f0000000080)=ANY=[], 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x60303, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r3 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000000)={'vxcan1\x00', <r4=>0x0})
sendmsg$can_raw(r3, &(0x7f00000001c0)={&(0x7f0000000180)={0x1d, r4}, 0x43, &(0x7f0000000140)={&(0x7f0000000340)=@canfd={{0x4, 0x1, 0x1, 0x1}, 0xe, 0x3, 0x0, 0x0, "555390508bff2b9e63477a98784ca217bae7ae597ea6ea5b806fcd257ce7cb9e0346b0e1ec5064937df2a6f9dd768ae61274d13f2ddf486eaacfb6af356771b9"}, 0x10}, 0x2, 0x0, 0x0, 0x844}, 0x4000855)
r5 = openat$cgroup_devices(r2, &(0x7f0000000000)='devices.allow\x00', 0x2, 0x0)
write$cgroup_devices(r5, &(0x7f0000000140)=ANY=[@ANYBLOB="62a02a3a3409777277"], 0xa)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/seq/clients\x00', 0x0, 0x0)
r7 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r7, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r6, 0xc01064b5, &(0x7f0000000140)={&(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6})
r8 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$USBDEVFS_SUBMITURB(r8, 0x8038550a, &(0x7f0000000740)=@urb_type_iso={0x0, {0x2d, 0x1}, 0x3, 0x20, &(0x7f0000000400)="1285a62e6ec2b5bcd46578e8bccb6c7d2ca5fb294a5985ffbfee51bf222c28e9110602264a72294815cfa28e0623248b362e478f9a9116cd", 0x38, 0xfffffffb, 0x7, 0x11, 0x6, 0x5, 0x0, [{0x83a, 0x1, 0x7}, {0x8, 0x80, 0x2000}, {0x7, 0x585, 0x2}, {0x9, 0x81, 0xe1a}, {0x1, 0xff, 0x1}, {0xffffffff, 0xffffffff, 0x10000}, {0xffff9b97, 0xff, 0x1}, {0x9, 0x92, 0xfff}, {0x4, 0x5f0, 0x2}, {0x10001, 0x0, 0x8001}, {0x9, 0x97, 0x3ff}, {0x7, 0x7, 0x80}, {0x8c7a, 0xf8, 0x7ff}, {0x40, 0x1, 0x9}, {0x1, 0x401, 0xff}, {0x8, 0x0, 0x7}, {0x1000, 0x730, 0x8}]})
ioctl$DRM_IOCTL_MODE_GETPLANE(r7, 0xc02064b6, &(0x7f00000001c0)={0x0, <r9=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_ATOMIC(r7, 0xc03864bc, &(0x7f0000000380)={0x0, 0x1, &(0x7f0000000240)=[r9], &(0x7f0000000200), &(0x7f00000000c0), 0x0, 0x0, 0x300})
openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f00000002c0), 0x80, 0x0)
ioctl$VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000200)=@multiplanar_fd={0x1, 0x6, 0x4, 0x10000, 0x3, {}, {0x3, 0xc, 0xf7, 0x6f, 0x1, 0x0, "932bf547"}, 0x7, 0x4, {0x0}, 0xd})
syz_io_uring_setup(0x4dcc, &(0x7f0000000100)={0x0, 0x59c4, 0x2, 0x1000, 0x5cc}, &(0x7f0000000300)=<r10=>0x0, &(0x7f0000000080))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r10, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)

0s ago: executing program 39 (id=2624):
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
r0 = syz_open_dev$dri(0x0, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000002c0)='contention_begin\x00', r1, 0x0, 0xd}, 0x18)
syz_io_uring_setup(0x111, 0x0, 0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000500)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x48, 0x0, 0x10000, 0x3, 0x0, 0xfffffffd, 0x0, 0x1, {0x3}})
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
socket$nl_route(0x10, 0x3, 0x0)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = epoll_create1(0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$int_in(r5, 0x5452, &(0x7f0000000040)=0xcd8)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r5, &(0x7f0000000100)={0x20000014})
close(r4)
r6 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
r7 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r7, 0x7a7, &(0x7f00000000c0)=0xb0000)
r8 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x4, 0x11, r8, 0x100000000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r7, 0x7a0, &(0x7f0000000000)={@hyper})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r7, 0x7a8, &(0x7f0000000080)={{@hyper, 0x9}, @local, 0xe, 0x0, 0x5e, 0x200000000000, 0x100000000000006})
ioctl$DRM_IOCTL_MODE_GETCRTC(r6, 0xc06864a1, 0x0)
ioctl$DRM_IOCTL_MODE_GETCRTC(r8, 0xc06864a1, &(0x7f0000000200)={&(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x7, 0x0, <r9=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r0, 0xc06864ce, &(0x7f0000000280)={r9, 0x0, 0x20000, 0x3, 0x1, [], [0x9, 0x9], [0x4, 0x40, 0x6], [0xffffffefffffffff, 0x1, 0x800040000000c]})

kernel console output (not intermixed with test programs):

> 4
[ 1327.562935][T10740] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1329.338702][   T87] team0 (unregistering): Port device team_slave_1 removed
[ 1329.628052][T10740] Bluetooth: hci0: command tx timeout
[ 1329.629743][   T87] team0 (unregistering): Port device team_slave_0 removed
[ 1331.707991][T10740] Bluetooth: hci0: command tx timeout
[ 1332.498081][T14827] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1332.804080][T14981] 8021q: adding VLAN 0 to HW filter on device bond3
[ 1333.809832][T10740] Bluetooth: hci0: command tx timeout
[ 1335.462067][T14827] team0: Port device team_slave_0 added
[ 1335.799976][T14827] team0: Port device team_slave_1 added
[ 1335.867975][T10740] Bluetooth: hci0: command tx timeout
[ 1337.857707][T14827] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1337.857728][T14827] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1337.857754][T14827] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1337.912443][T14992] lo speed is unknown, defaulting to 1000
[ 1337.973062][T14827] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1337.973078][T14827] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1337.973096][T14827] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1341.360146][T14827] hsr_slave_0: entered promiscuous mode
[ 1341.383060][T14827] hsr_slave_1: entered promiscuous mode
[ 1341.387839][T14827] debugfs: 'hsr0' already exists in 'hsr'
[ 1341.387872][T14827] Cannot create hsr debugfs directory
[ 1343.724554][T15077] netlink: 52 bytes leftover after parsing attributes in process `syz.6.2234'.
[ 1345.308520][T15084] bridge12: entered promiscuous mode
[ 1345.308553][T15084] bridge12: entered allmulticast mode
[ 1345.313168][T15084] team0: Port device bridge12 added
[ 1345.777316][T14992] chnl_net:caif_netlink_parms(): no params data found
[ 1346.177913][ T8354] usb 7-1: new high-speed USB device number 53 using dummy_hcd
[ 1346.351102][ T8354] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1346.351139][ T8354] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1346.351163][ T8354] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1346.351210][ T8354] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1346.351236][ T8354] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1346.370155][ T8354] usb 7-1: config 0 descriptor??
[ 1347.916392][ T8354] plantronics 0003:047F:FFFF.000F: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.6-1/input0
[ 1349.176171][T15106] syz.4.2240 (15106): drop_caches: 2
[ 1349.272884][T13073] usb 7-1: USB disconnect, device number 53
[ 1349.779973][T15120] FAULT_INJECTION: forcing a failure.
[ 1349.779973][T15120] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1349.780010][T15120] CPU: 1 UID: 0 PID: 15120 Comm: syz.6.2244 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1349.780035][T15120] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1349.780048][T15120] Call Trace:
[ 1349.780057][T15120]  <TASK>
[ 1349.780067][T15120]  dump_stack_lvl+0x189/0x250
[ 1349.780106][T15120]  ? __pfx____ratelimit+0x10/0x10
[ 1349.780138][T15120]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1349.780169][T15120]  ? __pfx__printk+0x10/0x10
[ 1349.780213][T15120]  should_fail_ex+0x46c/0x600
[ 1349.780251][T15120]  _copy_to_user+0x31/0xb0
[ 1349.780282][T15120]  simple_read_from_buffer+0xe1/0x170
[ 1349.780318][T15120]  proc_fail_nth_read+0x1b6/0x220
[ 1349.780345][T15120]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1349.780371][T15120]  ? rw_verify_area+0x2ac/0x4e0
[ 1349.780397][T15120]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1349.780422][T15120]  vfs_read+0x206/0xa30
[ 1349.780459][T15120]  ? __pfx_vfs_read+0x10/0x10
[ 1349.780481][T15120]  ? try_to_take_rt_mutex+0x7fd/0xac0
[ 1349.780525][T15120]  ? mutex_lock_nested+0x154/0x1d0
[ 1349.780549][T15120]  ? fdget_pos+0x253/0x320
[ 1349.780591][T15120]  ksys_read+0x14b/0x260
[ 1349.780620][T15120]  ? __pfx_ksys_read+0x10/0x10
[ 1349.780643][T15120]  ? rcu_is_watching+0x15/0xb0
[ 1349.780682][T15120]  ? do_syscall_64+0xbe/0x3b0
[ 1349.780708][T15120]  do_syscall_64+0xfa/0x3b0
[ 1349.780726][T15120]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1349.780766][T15120]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1349.780787][T15120]  ? clear_bhb_loop+0x60/0xb0
[ 1349.780813][T15120]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1349.780835][T15120] RIP: 0033:0x7fdcfa85d8dc
[ 1349.780862][T15120] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1349.780881][T15120] RSP: 002b:00007fdcf8a9d030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1349.780904][T15120] RAX: ffffffffffffffda RBX: 00007fdcfaab6090 RCX: 00007fdcfa85d8dc
[ 1349.780920][T15120] RDX: 000000000000000f RSI: 00007fdcf8a9d0a0 RDI: 0000000000000004
[ 1349.780934][T15120] RBP: 00007fdcf8a9d090 R08: 0000000000000000 R09: 0000000000000000
[ 1349.780948][T15120] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1349.780961][T15120] R13: 00007fdcfaab6128 R14: 00007fdcfaab6090 R15: 00007ffef05c10d8
[ 1349.780998][T15120]  </TASK>
[ 1351.457863][T14992] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1351.458014][T14992] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1351.464679][T14992] bridge_slave_0: entered allmulticast mode
[ 1351.467862][ T5963] usb 5-1: new high-speed USB device number 73 using dummy_hcd
[ 1351.472729][T14992] bridge_slave_0: entered promiscuous mode
[ 1351.487195][T14992] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1351.492039][T14992] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1351.492308][T14992] bridge_slave_1: entered allmulticast mode
[ 1351.505762][T14992] bridge_slave_1: entered promiscuous mode
[ 1351.617932][ T5963] usb 5-1: Using ep0 maxpacket: 16
[ 1351.622782][ T5963] usb 5-1: config 0 has an invalid interface number: 68 but max is 0
[ 1351.622814][ T5963] usb 5-1: config 0 has no interface number 0
[ 1351.622869][ T5963] usb 5-1: config 0 interface 68 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 1023
[ 1351.628765][ T5963] usb 5-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=dc.c4
[ 1351.628795][ T5963] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1351.628815][ T5963] usb 5-1: Product: syz
[ 1351.628830][ T5963] usb 5-1: Manufacturer: syz
[ 1351.628845][ T5963] usb 5-1: SerialNumber: syz
[ 1351.639858][ T5963] usb 5-1: config 0 descriptor??
[ 1351.641101][T15127] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 1351.733818][ T5963] usb 5-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[ 1352.127857][ T5928] usb 5-1: USB disconnect, device number 73
[ 1352.149335][ T4403] usb 5-1: Failed to submit usb control message: -71
[ 1352.149398][ T4403] usb 5-1: unable to send the bmi data to the device: -71
[ 1352.149435][ T4403] usb 5-1: unable to get target info from device
[ 1352.149453][ T4403] usb 5-1: could not get target info (-71)
[ 1352.149725][ T4403] usb 5-1: could not probe fw (-71)
[ 1352.577391][T14992] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1352.597215][T14992] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1353.225337][T14992] team0: Port device team_slave_0 added
[ 1353.326896][T14992] team0: Port device team_slave_1 added
[ 1353.973273][T15148] bridge9: entered promiscuous mode
[ 1353.973307][T15148] bridge9: entered allmulticast mode
[ 1353.978679][T15148] team0: Port device bridge9 added
[ 1354.798190][T13073] usb 3-1: new high-speed USB device number 49 using dummy_hcd
[ 1354.953049][T13073] usb 3-1: Using ep0 maxpacket: 8
[ 1354.975353][T13073] usb 3-1: unable to get BOS descriptor or descriptor too short
[ 1354.977059][T13073] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xEE, changing to 0x8E
[ 1354.977092][T13073] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 7
[ 1354.977119][T13073] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[ 1354.977142][T13073] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0xC has invalid maxpacket 1
[ 1354.977164][T13073] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[ 1354.977185][T13073] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[ 1354.977205][T13073] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0
[ 1355.049412][T14992] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1355.049438][T14992] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1355.049464][T14992] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1355.050214][   T87] bridge_slave_1: left allmulticast mode
[ 1355.050243][   T87] bridge_slave_1: left promiscuous mode
[ 1355.050588][   T87] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1355.124185][T13073] usb 3-1: New USB device found, idVendor=0763, idProduct=1002, bcdDevice=5f.84
[ 1355.124216][T13073] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1355.124238][T13073] usb 3-1: Manufacturer:  
[ 1355.124253][T13073] usb 3-1: SerialNumber: ͆쒜뵻畅Ꮏ쩊皎왧�䟿쿾盱좄湵�㦅ꉔ�ꡦ㾅솅푃ꇾﾆ꿊뫀㴃㎀�ᆀ酽◸䓲金ആ�⽾モꅾ〇爬Ԃ㓋ᦗ﷔땈퓓�쓱魸韶￩三�꒘�ćࣸᕒꃰ诞䬇侦䟱齙෌繑툺胻ᆳ钸ﵜ矃î�⭉쮉룀缽⟰
[ 1355.183076][T13073] usb 3-1: config 0 descriptor??
[ 1355.185220][T15155] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1355.206143][T13073] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[ 1355.275786][T13073] snd-usb-audio 3-1:0.0: probe with driver snd-usb-audio failed with error -12
[ 1355.435481][T12149] usb 3-1: USB disconnect, device number 49
[ 1355.532611][T15160] FAULT_INJECTION: forcing a failure.
[ 1355.532611][T15160] name failslab, interval 1, probability 0, space 0, times 0
[ 1355.532701][T15160] CPU: 1 UID: 0 PID: 15160 Comm: syz.4.2253 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1355.532727][T15160] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1355.532749][T15160] Call Trace:
[ 1355.532758][T15160]  <TASK>
[ 1355.532769][T15160]  dump_stack_lvl+0x189/0x250
[ 1355.532805][T15160]  ? __pfx____ratelimit+0x10/0x10
[ 1355.532845][T15160]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1355.532875][T15160]  ? __pfx__printk+0x10/0x10
[ 1355.532907][T15160]  ? __pfx___might_resched+0x10/0x10
[ 1355.532928][T15160]  ? fs_reclaim_acquire+0x7d/0x100
[ 1355.532955][T15160]  should_fail_ex+0x46c/0x600
[ 1355.532993][T15160]  should_failslab+0xa8/0x100
[ 1355.533024][T15160]  __kmalloc_node_track_caller_noprof+0xd0/0x450
[ 1355.533054][T15160]  ? smk_parse_smack+0x1b1/0x1f0
[ 1355.533082][T15160]  kstrndup+0x80/0x160
[ 1355.533111][T15160]  smk_parse_smack+0x1b1/0x1f0
[ 1355.533137][T15160]  smk_import_entry+0x20/0x1e0
[ 1355.533161][T15160]  smk_fill_rule+0x52/0x630
[ 1355.533190][T15160]  smk_parse_long_rule+0xbc3/0xee0
[ 1355.533222][T15160]  ? __pfx_smk_parse_long_rule+0x10/0x10
[ 1355.533264][T15160]  smk_write_rules_list+0x239/0x370
[ 1355.533293][T15160]  ? __pfx_smk_write_load_self2+0x10/0x10
[ 1355.533322][T15160]  vfs_write+0x287/0xb40
[ 1355.533361][T15160]  ? __pfx_vfs_write+0x10/0x10
[ 1355.533384][T15160]  ? try_to_take_rt_mutex+0x7fd/0xac0
[ 1355.533422][T15160]  ? mutex_lock_nested+0x154/0x1d0
[ 1355.533447][T15160]  ? fdget_pos+0x253/0x320
[ 1355.533487][T15160]  ksys_write+0x14b/0x260
[ 1355.533516][T15160]  ? __pfx_ksys_write+0x10/0x10
[ 1355.533558][T15160]  do_syscall_64+0xfa/0x3b0
[ 1355.533581][T15160]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1355.533601][T15160]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 1355.533623][T15160]  ? clear_bhb_loop+0x60/0xb0
[ 1355.533649][T15160]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1355.533671][T15160] RIP: 0033:0x7fa96566eec9
[ 1355.533690][T15160] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1355.533709][T15160] RSP: 002b:00007fa96388c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1355.533733][T15160] RAX: ffffffffffffffda RBX: 00007fa9658c6180 RCX: 00007fa96566eec9
[ 1355.533756][T15160] RDX: 0000000000000031 RSI: 0000200000000140 RDI: 0000000000000006
[ 1355.533770][T15160] RBP: 00007fa96388c090 R08: 0000000000000000 R09: 0000000000000000
[ 1355.533784][T15160] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1355.533803][T15160] R13: 00007fa9658c6218 R14: 00007fa9658c6180 R15: 00007ffc472c8ff8
[ 1355.533841][T15160]  </TASK>
[ 1356.449628][   T87] bridge_slave_0: left allmulticast mode
[ 1356.449669][   T87] bridge_slave_0: left promiscuous mode
[ 1356.449996][   T87] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1356.888952][   T87] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1357.038267][   T87] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1357.206091][   T87] bond0 (unregistering): Released all slaves
[ 1357.565922][ T5154] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1357.620178][ T5154] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1357.644555][ T5154] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1357.662257][ T5154] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1357.666302][ T5154] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1357.736015][T14992] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1357.736034][T14992] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1357.736065][T14992] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1359.783021][T15189] usb usb8: usbfs: process 15189 (syz.6.2259) did not claim interface 0 before use
[ 1361.069773][T10740] Bluetooth: hci1: command tx timeout
[ 1361.478725][T15200] bridge19: entered promiscuous mode
[ 1361.478760][T15200] bridge19: entered allmulticast mode
[ 1361.483759][T15200] team0: Port device bridge19 added
[ 1361.526515][T14992] hsr_slave_0: entered promiscuous mode
[ 1361.536084][T14992] hsr_slave_1: entered promiscuous mode
[ 1361.537319][T14992] debugfs: 'hsr0' already exists in 'hsr'
[ 1361.537347][T14992] Cannot create hsr debugfs directory
[ 1361.566331][T15209] binder: 15207:15209 ioctl c0306201 200000000640 returned -22
[ 1361.577166][T15209] netlink: 52 bytes leftover after parsing attributes in process `syz.2.2265'.
[ 1361.618067][T13075] usb 7-1: new high-speed USB device number 54 using dummy_hcd
[ 1361.708181][   T87] hsr_slave_0: left promiscuous mode
[ 1361.727762][   T87] hsr_slave_1: left promiscuous mode
[ 1361.728724][   T87] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1361.768124][T13075] usb 7-1: Using ep0 maxpacket: 8
[ 1361.769669][   T87] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1361.774832][T13075] usb 7-1: unable to get BOS descriptor or descriptor too short
[ 1361.777212][T13075] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xEE, changing to 0x8E
[ 1361.777248][T13075] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 7
[ 1361.777277][T13075] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[ 1361.777301][T13075] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0xC has invalid maxpacket 1
[ 1361.777326][T13075] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[ 1361.777349][T13075] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[ 1361.777381][T13075] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0
[ 1361.789463][T13075] usb 7-1: New USB device found, idVendor=0763, idProduct=1002, bcdDevice=5f.84
[ 1361.789493][T13075] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1361.789512][T13075] usb 7-1: Product: syz
[ 1361.789525][T13075] usb 7-1: Manufacturer: syz
[ 1361.789538][T13075] usb 7-1: SerialNumber: syz
[ 1361.797037][T13075] usb 7-1: config 0 descriptor??
[ 1361.799608][T15206] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1361.806917][T13075] usb 7-1: Quirk or no altset; falling back to MIDI 1.0
[ 1361.994945][T13075] snd-usb-audio 7-1:0.0: probe with driver snd-usb-audio failed with error -12
[ 1362.042172][T13075] usb 7-1: USB disconnect, device number 54
[ 1364.185108][T10740] Bluetooth: hci1: command tx timeout
[ 1364.271161][   T87] team0 (unregistering): Port device team_slave_1 removed
[ 1364.326059][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1364.404301][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1364.495505][T15225] overlayfs: upper fs does not support file handles, falling back to index=off.
[ 1364.792182][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1364.804206][   T87] team0 (unregistering): Port device team_slave_0 removed
[ 1364.860264][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1364.933389][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1365.084765][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1365.416740][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1365.566089][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1365.623661][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1365.819169][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1366.187918][T10740] Bluetooth: hci1: command tx timeout
[ 1366.251054][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1367.195487][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1367.298727][ T1323] ieee802154 phy1 wpan1: encryption failed: -22
[ 1367.348259][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1367.424302][T15238] overlayfs: failed to resolve './file0': -2
[ 1367.693290][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1367.872081][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1368.031946][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1368.141224][T15171] lo speed is unknown, defaulting to 1000
[ 1368.267724][T10740] Bluetooth: hci1: command tx timeout
[ 1368.391847][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1368.450663][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1368.909787][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1370.197658][T15268] usb usb8: usbfs: process 15268 (syz.4.2283) did not claim interface 0 before use
[ 1370.197844][T15268] FAULT_INJECTION: forcing a failure.
[ 1370.197844][T15268] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1370.197874][T15268] CPU: 0 UID: 0 PID: 15268 Comm: syz.4.2283 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1370.197898][T15268] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1370.197909][T15268] Call Trace:
[ 1370.197917][T15268]  <TASK>
[ 1370.197926][T15268]  dump_stack_lvl+0x189/0x250
[ 1370.197962][T15268]  ? __pfx____ratelimit+0x10/0x10
[ 1370.197991][T15268]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1370.198019][T15268]  ? __pfx__printk+0x10/0x10
[ 1370.198057][T15268]  should_fail_ex+0x46c/0x600
[ 1370.198091][T15268]  _copy_to_user+0x31/0xb0
[ 1370.198119][T15268]  simple_read_from_buffer+0xe1/0x170
[ 1370.198152][T15268]  proc_fail_nth_read+0x1b6/0x220
[ 1370.198176][T15268]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1370.198200][T15268]  ? rw_verify_area+0x2ac/0x4e0
[ 1370.198236][T15268]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1370.198257][T15268]  vfs_read+0x206/0xa30
[ 1370.198291][T15268]  ? __pfx_vfs_read+0x10/0x10
[ 1370.198310][T15268]  ? try_to_take_rt_mutex+0x7fd/0xac0
[ 1370.198353][T15268]  ? mutex_lock_nested+0x154/0x1d0
[ 1370.198375][T15268]  ? fdget_pos+0x253/0x320
[ 1370.198412][T15268]  ksys_read+0x14b/0x260
[ 1370.198433][T15268]  ? __fget_files+0x3a6/0x420
[ 1370.198461][T15268]  ? __pfx_ksys_read+0x10/0x10
[ 1370.198491][T15268]  ? do_syscall_64+0xbe/0x3b0
[ 1370.198514][T15268]  do_syscall_64+0xfa/0x3b0
[ 1370.198530][T15268]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1370.198556][T15268]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1370.198575][T15268]  ? clear_bhb_loop+0x60/0xb0
[ 1370.198600][T15268]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1370.198618][T15268] RIP: 0033:0x7fa96566d8dc
[ 1370.198637][T15268] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1370.198654][T15268] RSP: 002b:00007fa9638ce030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1370.198676][T15268] RAX: ffffffffffffffda RBX: 00007fa9658c5fa0 RCX: 00007fa96566d8dc
[ 1370.198691][T15268] RDX: 000000000000000f RSI: 00007fa9638ce0a0 RDI: 0000000000000004
[ 1370.198704][T15268] RBP: 00007fa9638ce090 R08: 0000000000000000 R09: 0000000000000000
[ 1370.198717][T15268] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1370.198729][T15268] R13: 00007fa9658c6038 R14: 00007fa9658c5fa0 R15: 00007ffc472c8ff8
[ 1370.198763][T15268]  </TASK>
[ 1370.567894][T15194] usb 5-1: new full-speed USB device number 74 using dummy_hcd
[ 1370.731124][T15194] usb 5-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1370.734701][T15194] usb 5-1: New USB device found, idVendor=4752, idProduct=0011, bcdDevice=32.4f
[ 1370.734733][T15194] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1370.734755][T15194] usb 5-1: Product: syz
[ 1370.734770][T15194] usb 5-1: Manufacturer: syz
[ 1370.734785][T15194] usb 5-1: SerialNumber: syz
[ 1370.742186][T15194] usb 5-1: config 0 descriptor??
[ 1370.753731][T15194] hub 5-1:0.0: bad descriptor, ignoring hub
[ 1370.753780][T15194] hub 5-1:0.0: probe with driver hub failed with error -5
[ 1370.777539][T15194] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[ 1371.113606][T15194] snd-usb-audio 5-1:0.0: probe with driver snd-usb-audio failed with error -2
[ 1371.158167][T15194] usb 5-1: USB disconnect, device number 74
[ 1371.603583][T15281] batadv0 speed is unknown, defaulting to 1000
[ 1371.620040][T15281] batadv0 speed is unknown, defaulting to 1000
[ 1371.621473][T15281] batadv0 speed is unknown, defaulting to 1000
[ 1371.983122][T15281] infiniband syz1: set active
[ 1371.983149][T15281] infiniband syz1: added batadv0
[ 1372.088658][T15281] RDS/IB: syz1: added
[ 1372.089725][T15281] smc: adding ib device syz1 with port count 1
[ 1372.090203][T15281] smc:    ib device syz1 port 1 has pnetid 
[ 1372.165759][T15281] batadv0 speed is unknown, defaulting to 1000
[ 1372.588278][T15281] batadv0 speed is unknown, defaulting to 1000
[ 1373.009944][T15281] batadv0 speed is unknown, defaulting to 1000
[ 1373.401248][T15281] batadv0 speed is unknown, defaulting to 1000
[ 1374.805390][T12149] batadv0 speed is unknown, defaulting to 1000
[ 1374.809586][T15281] batadv0 speed is unknown, defaulting to 1000
[ 1374.940989][    T9] batadv0 speed is unknown, defaulting to 1000
[ 1375.292216][T15281] batadv0 speed is unknown, defaulting to 1000
[ 1375.293702][T15171] chnl_net:caif_netlink_parms(): no params data found
[ 1375.834365][T15311] overlayfs: upper fs does not support file handles, falling back to index=off.
[ 1375.839116][T15311] FAULT_INJECTION: forcing a failure.
[ 1375.839116][T15311] name failslab, interval 1, probability 0, space 0, times 0
[ 1375.839153][T15311] CPU: 1 UID: 0 PID: 15311 Comm: syz.4.2293 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1375.839176][T15311] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1375.839188][T15311] Call Trace:
[ 1375.839197][T15311]  <TASK>
[ 1375.839206][T15311]  dump_stack_lvl+0x189/0x250
[ 1375.839241][T15311]  ? __pfx____ratelimit+0x10/0x10
[ 1375.839292][T15311]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1375.839322][T15311]  ? __pfx__printk+0x10/0x10
[ 1375.839352][T15311]  ? __pfx___might_resched+0x10/0x10
[ 1375.839372][T15311]  ? fs_reclaim_acquire+0x7d/0x100
[ 1375.839397][T15311]  should_fail_ex+0x46c/0x600
[ 1375.839430][T15311]  ? alloc_empty_file+0x55/0x1d0
[ 1375.839451][T15311]  should_failslab+0xa8/0x100
[ 1375.839480][T15311]  ? alloc_empty_file+0x55/0x1d0
[ 1375.839497][T15311]  kmem_cache_alloc_noprof+0x6e/0x310
[ 1375.839538][T15311]  alloc_empty_file+0x55/0x1d0
[ 1375.839560][T15311]  path_openat+0x10d/0x3840
[ 1375.839591][T15311]  ? try_to_take_rt_mutex+0x840/0xb00
[ 1375.839616][T15311]  ? arch_stack_walk+0xfc/0x150
[ 1375.839658][T15311]  ? rtlock_slowlock_locked+0xd8/0x4010
[ 1375.839699][T15311]  ? __pfx_path_openat+0x10/0x10
[ 1375.839733][T15311]  ? do_raw_spin_lock+0x121/0x290
[ 1375.839768][T15311]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[ 1375.839800][T15311]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1375.839831][T15311]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 1375.839871][T15311]  do_filp_open+0x1fa/0x410
[ 1375.839895][T15311]  ? __pfx_do_filp_open+0x10/0x10
[ 1375.839916][T15311]  ? rt_mutex_slowunlock+0x493/0x8a0
[ 1375.839968][T15311]  ? alloc_fd+0x64f/0x6c0
[ 1375.840010][T15311]  do_sys_openat2+0x121/0x1c0
[ 1375.840036][T15311]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1375.840059][T15311]  ? ksys_write+0x230/0x260
[ 1375.840086][T15311]  ? __pfx_ksys_write+0x10/0x10
[ 1375.840107][T15311]  ? rcu_is_watching+0x15/0xb0
[ 1375.840151][T15311]  __x64_sys_openat+0x138/0x170
[ 1375.840180][T15311]  do_syscall_64+0xfa/0x3b0
[ 1375.840199][T15311]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1375.840228][T15311]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1375.840249][T15311]  ? clear_bhb_loop+0x60/0xb0
[ 1375.840273][T15311]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1375.840291][T15311] RIP: 0033:0x7fa96566eec9
[ 1375.840310][T15311] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1375.840342][T15311] RSP: 002b:00007fa9638ce038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1375.840365][T15311] RAX: ffffffffffffffda RBX: 00007fa9658c5fa0 RCX: 00007fa96566eec9
[ 1375.840388][T15311] RDX: 000000000000275a RSI: 0000200000000080 RDI: ffffffffffffff9c
[ 1375.840403][T15311] RBP: 00007fa9638ce090 R08: 0000000000000000 R09: 0000000000000000
[ 1375.840416][T15311] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1375.840429][T15311] R13: 00007fa9658c6038 R14: 00007fa9658c5fa0 R15: 00007ffc472c8ff8
[ 1375.840465][T15311]  </TASK>
[ 1376.558642][T15281] batadv0 speed is unknown, defaulting to 1000
[ 1377.552900][ T8354] usb 3-1: new high-speed USB device number 50 using dummy_hcd
[ 1377.739736][ T8354] usb 3-1: Using ep0 maxpacket: 16
[ 1377.740707][ T8354] usb 3-1: too many configurations: 87, using maximum allowed: 8
[ 1377.749066][ T8354] usb 3-1: unable to read config index 0 descriptor/start: -61
[ 1377.749111][ T8354] usb 3-1: can't read configurations, error -61
[ 1377.907820][ T8354] usb 3-1: new high-speed USB device number 51 using dummy_hcd
[ 1377.948340][T15171] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1377.948526][T15171] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1377.948835][T15171] bridge_slave_0: entered allmulticast mode
[ 1377.952382][T15171] bridge_slave_0: entered promiscuous mode
[ 1378.077638][ T8354] usb 3-1: Using ep0 maxpacket: 16
[ 1378.083855][ T8354] usb 3-1: too many configurations: 87, using maximum allowed: 8
[ 1378.093759][ T8354] usb 3-1: unable to read config index 0 descriptor/start: -61
[ 1378.093804][ T8354] usb 3-1: can't read configurations, error -61
[ 1378.097677][ T8354] usb usb3-port1: attempt power cycle
[ 1378.169902][T15171] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1378.170152][T15171] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1378.170420][T15171] bridge_slave_1: entered allmulticast mode
[ 1378.173437][T15171] bridge_slave_1: entered promiscuous mode
[ 1378.348626][T15324] bridge20: entered promiscuous mode
[ 1378.348661][T15324] bridge20: entered allmulticast mode
[ 1378.353357][T15324] team0: Port device bridge20 added
[ 1378.497689][ T8354] usb 3-1: new high-speed USB device number 52 using dummy_hcd
[ 1378.520278][ T8354] usb 3-1: Using ep0 maxpacket: 16
[ 1378.521362][ T8354] usb 3-1: too many configurations: 87, using maximum allowed: 8
[ 1378.547785][ T8354] usb 3-1: unable to read config index 0 descriptor/start: -61
[ 1378.547831][ T8354] usb 3-1: can't read configurations, error -61
[ 1378.837902][ T8354] usb 3-1: new high-speed USB device number 53 using dummy_hcd
[ 1378.858591][ T8354] usb 3-1: Using ep0 maxpacket: 16
[ 1378.859491][ T8354] usb 3-1: too many configurations: 87, using maximum allowed: 8
[ 1378.861502][ T8354] usb 3-1: unable to read config index 0 descriptor/start: -61
[ 1378.861541][ T8354] usb 3-1: can't read configurations, error -61
[ 1378.862107][ T8354] usb usb3-port1: unable to enumerate USB device
[ 1378.934681][T15171] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1379.067209][T15171] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1381.065013][T15171] team0: Port device team_slave_0 added
[ 1381.112542][T14992] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 1381.536409][T15171] team0: Port device team_slave_1 added
[ 1382.112796][T14992] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 1383.059515][T14992] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 1383.401307][T14992] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 1383.454703][T15171] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1383.454723][T15171] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1383.454752][T15171] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1383.526759][T15171] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1383.526780][T15171] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1383.526822][T15171] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1383.578596][   T87] bridge_slave_1: left allmulticast mode
[ 1383.578638][   T87] bridge_slave_1: left promiscuous mode
[ 1383.578970][   T87] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1383.649743][   T87] bridge_slave_0: left allmulticast mode
[ 1383.649784][   T87] bridge_slave_0: left promiscuous mode
[ 1383.650146][   T87] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1385.002148][   T87] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1385.078662][   T87] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1385.146527][   T87] bond0 (unregistering): Released all slaves
[ 1385.312536][T14992] kthread_run failed with err -4
[ 1385.799331][T15380] FAULT_INJECTION: forcing a failure.
[ 1385.799331][T15380] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1385.799413][T15380] CPU: 0 UID: 0 PID: 15380 Comm: syz.4.2310 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1385.799438][T15380] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1385.799451][T15380] Call Trace:
[ 1385.799461][T15380]  <TASK>
[ 1385.799472][T15380]  dump_stack_lvl+0x189/0x250
[ 1385.799509][T15380]  ? __pfx____ratelimit+0x10/0x10
[ 1385.799542][T15380]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1385.799573][T15380]  ? __pfx__printk+0x10/0x10
[ 1385.799597][T15380]  ? __might_fault+0xb0/0x130
[ 1385.799642][T15380]  should_fail_ex+0x46c/0x600
[ 1385.799680][T15380]  _copy_from_user+0x2d/0xb0
[ 1385.799709][T15380]  drm_ioctl+0x590/0xb20
[ 1385.799738][T15380]  ? smk_tskacc+0x2fc/0x370
[ 1385.799774][T15380]  ? __pfx_drm_mode_setcrtc+0x10/0x10
[ 1385.799801][T15380]  ? __pfx_drm_ioctl+0x10/0x10
[ 1385.799848][T15380]  ? __fget_files+0x2a/0x420
[ 1385.799882][T15380]  ? bpf_lsm_file_ioctl+0x9/0x20
[ 1385.799908][T15380]  ? __pfx_drm_ioctl+0x10/0x10
[ 1385.799939][T15380]  __se_sys_ioctl+0xff/0x170
[ 1385.799967][T15380]  do_syscall_64+0xfa/0x3b0
[ 1385.799990][T15380]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1385.800010][T15380]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 1385.800030][T15380]  ? clear_bhb_loop+0x60/0xb0
[ 1385.800056][T15380]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1385.800076][T15380] RIP: 0033:0x7fa96566eec9
[ 1385.800096][T15380] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1385.800115][T15380] RSP: 002b:00007fa96388c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1385.800136][T15380] RAX: ffffffffffffffda RBX: 00007fa9658c6180 RCX: 00007fa96566eec9
[ 1385.800151][T15380] RDX: 0000200000000400 RSI: 00000000c06864a2 RDI: 0000000000000004
[ 1385.800166][T15380] RBP: 00007fa96388c090 R08: 0000000000000000 R09: 0000000000000000
[ 1385.800179][T15380] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1385.800193][T15380] R13: 00007fa9658c6218 R14: 00007fa9658c6180 R15: 00007ffc472c8ff8
[ 1385.800229][T15380]  </TASK>
[ 1386.709265][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1386.794825][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1387.081293][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1387.794841][T15171] hsr_slave_0: entered promiscuous mode
[ 1388.112119][T15171] hsr_slave_1: entered promiscuous mode
[ 1388.225310][T15387] FAULT_INJECTION: forcing a failure.
[ 1388.225310][T15387] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1388.225386][T15387] CPU: 1 UID: 0 PID: 15387 Comm: syz.2.2312 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1388.225410][T15387] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1388.225424][T15387] Call Trace:
[ 1388.225432][T15387]  <TASK>
[ 1388.225442][T15387]  dump_stack_lvl+0x189/0x250
[ 1388.225479][T15387]  ? __pfx____ratelimit+0x10/0x10
[ 1388.225511][T15387]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1388.225542][T15387]  ? __pfx__printk+0x10/0x10
[ 1388.225566][T15387]  ? __might_fault+0xb0/0x130
[ 1388.225610][T15387]  should_fail_ex+0x46c/0x600
[ 1388.225647][T15387]  _copy_from_user+0x2d/0xb0
[ 1388.225676][T15387]  video_usercopy+0x354/0x14f0
[ 1388.225710][T15387]  ? __pfx___video_do_ioctl+0x10/0x10
[ 1388.225731][T15387]  ? __pfx_video_usercopy+0x10/0x10
[ 1388.225769][T15387]  ? __pfx_v4l2_ioctl+0x10/0x10
[ 1388.225810][T15387]  v4l2_ioctl+0x18d/0x1e0
[ 1388.225843][T15387]  ? __pfx_v4l2_ioctl+0x10/0x10
[ 1388.225874][T15387]  __se_sys_ioctl+0xff/0x170
[ 1388.225902][T15387]  do_syscall_64+0xfa/0x3b0
[ 1388.225925][T15387]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1388.225945][T15387]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 1388.225966][T15387]  ? clear_bhb_loop+0x60/0xb0
[ 1388.225992][T15387]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1388.226013][T15387] RIP: 0033:0x7f25c0daeec9
[ 1388.226033][T15387] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1388.226051][T15387] RSP: 002b:00007f25befd4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1388.226075][T15387] RAX: ffffffffffffffda RBX: 00007f25c1006180 RCX: 00007f25c0daeec9
[ 1388.226089][T15387] RDX: 0000200000000200 RSI: 00000000c0205647 RDI: 0000000000000006
[ 1388.226104][T15387] RBP: 00007f25befd4090 R08: 0000000000000000 R09: 0000000000000000
[ 1388.226118][T15387] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1388.226132][T15387] R13: 00007f25c1006218 R14: 00007f25c1006180 R15: 00007ffe0818ffa8
[ 1388.226168][T15387]  </TASK>
[ 1388.909714][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1388.928929][ T5154] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 1389.113060][ T5154] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 1389.114984][ T5154] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 1389.117125][ T5154] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 1389.134064][ T5154] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 1389.599635][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1389.947953][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1390.678068][T15383] bridge21: entered promiscuous mode
[ 1390.678103][T15383] bridge21: entered allmulticast mode
[ 1390.699917][T15383] team0: Port device bridge21 added
[ 1391.473304][ T5154] Bluetooth: hci6: command tx timeout
[ 1391.567804][   T87] hsr_slave_0: left promiscuous mode
[ 1391.608256][   T87] hsr_slave_1: left promiscuous mode
[ 1391.609430][   T87] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1391.644479][   T87] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1393.049376][T12149] usb 7-1: new low-speed USB device number 55 using dummy_hcd
[ 1393.270260][T12149] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1393.270300][T12149] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 32, setting to 8
[ 1393.270357][T12149] usb 7-1: New USB device found, idVendor=05ac, idProduct=0240, bcdDevice= 0.00
[ 1393.270383][T12149] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1393.276794][T12149] usb 7-1: config 0 descriptor??
[ 1393.278341][T15417] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1393.347946][T12149] input: bcm5974 as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/input/input34
[ 1393.548353][ T5154] Bluetooth: hci6: command tx timeout
[ 1393.827664][ T5190] bcm5974 7-1:0.0: could not read from device
[ 1394.306920][ T5190] bcm5974 7-1:0.0: could not read from device
[ 1394.733124][T12149] usb 7-1: USB disconnect, device number 55
[ 1394.736600][ T5190] bcm5974 7-1:0.0: could not read from device
[ 1394.875412][   T87] team0 (unregistering): Port device team_slave_1 removed
[ 1395.559115][   T87] team0 (unregistering): Port device team_slave_0 removed
[ 1395.628045][ T5154] Bluetooth: hci6: command tx timeout
[ 1396.629738][T15441] bridge13: entered promiscuous mode
[ 1396.629772][T15441] bridge13: entered allmulticast mode
[ 1396.636208][T15441] team0: Port device bridge13 added
[ 1397.108740][T15388] lo speed is unknown, defaulting to 1000
[ 1397.274586][T15388] batadv0 speed is unknown, defaulting to 1000
[ 1397.707990][ T5154] Bluetooth: hci6: command tx timeout
[ 1400.516007][T15463] FAULT_INJECTION: forcing a failure.
[ 1400.516007][T15463] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1400.516041][T15463] CPU: 0 UID: 0 PID: 15463 Comm: syz.6.2331 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1400.516065][T15463] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1400.516078][T15463] Call Trace:
[ 1400.516087][T15463]  <TASK>
[ 1400.516096][T15463]  dump_stack_lvl+0x189/0x250
[ 1400.516130][T15463]  ? __pfx____ratelimit+0x10/0x10
[ 1400.516160][T15463]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1400.516215][T15463]  ? __pfx__printk+0x10/0x10
[ 1400.516238][T15463]  ? __might_fault+0xb0/0x130
[ 1400.516281][T15463]  should_fail_ex+0x46c/0x600
[ 1400.516316][T15463]  _copy_from_user+0x2d/0xb0
[ 1400.516342][T15463]  drm_ioctl+0x590/0xb20
[ 1400.516371][T15463]  ? smk_tskacc+0x2fc/0x370
[ 1400.516403][T15463]  ? __pfx_drm_mode_setcrtc+0x10/0x10
[ 1400.516429][T15463]  ? __pfx_drm_ioctl+0x10/0x10
[ 1400.516474][T15463]  ? __fget_files+0x2a/0x420
[ 1400.516505][T15463]  ? bpf_lsm_file_ioctl+0x9/0x20
[ 1400.516529][T15463]  ? __pfx_drm_ioctl+0x10/0x10
[ 1400.516556][T15463]  __se_sys_ioctl+0xff/0x170
[ 1400.516583][T15463]  do_syscall_64+0xfa/0x3b0
[ 1400.516601][T15463]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1400.516629][T15463]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1400.516648][T15463]  ? clear_bhb_loop+0x60/0xb0
[ 1400.516673][T15463]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1400.516691][T15463] RIP: 0033:0x7fdcfa85eec9
[ 1400.516709][T15463] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1400.516726][T15463] RSP: 002b:00007fdcf8a7c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1400.516749][T15463] RAX: ffffffffffffffda RBX: 00007fdcfaab6180 RCX: 00007fdcfa85eec9
[ 1400.516764][T15463] RDX: 0000200000000400 RSI: 00000000c06864a2 RDI: 0000000000000003
[ 1400.516778][T15463] RBP: 00007fdcf8a7c090 R08: 0000000000000000 R09: 0000000000000000
[ 1400.516791][T15463] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1400.516803][T15463] R13: 00007fdcfaab6218 R14: 00007fdcfaab6180 R15: 00007ffef05c10d8
[ 1400.516837][T15463]  </TASK>
[ 1401.242412][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1401.767616][T13073] usb 7-1: new high-speed USB device number 56 using dummy_hcd
[ 1401.940836][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1402.821132][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1402.891880][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1403.571558][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1404.291772][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1404.308682][T15499] FAULT_INJECTION: forcing a failure.
[ 1404.308682][T15499] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1404.308721][T15499] CPU: 1 UID: 0 PID: 15499 Comm: syz.2.2339 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1404.308745][T15499] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1404.308759][T15499] Call Trace:
[ 1404.308769][T15499]  <TASK>
[ 1404.308778][T15499]  dump_stack_lvl+0x189/0x250
[ 1404.308814][T15499]  ? __pfx____ratelimit+0x10/0x10
[ 1404.308860][T15499]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1404.308891][T15499]  ? __pfx__printk+0x10/0x10
[ 1404.308915][T15499]  ? __might_fault+0xb0/0x130
[ 1404.308959][T15499]  should_fail_ex+0x46c/0x600
[ 1404.308996][T15499]  _copy_from_iter+0x589/0x1790
[ 1404.309050][T15499]  ? __pfx__copy_from_iter+0x10/0x10
[ 1404.309079][T15499]  ? dev_get_by_index+0x22/0x2e0
[ 1404.309102][T15499]  ? dev_get_by_index+0x22/0x2e0
[ 1404.309134][T15499]  packet_sendmsg+0x3072/0x5080
[ 1404.309159][T15499]  ? __lock_acquire+0xab9/0xd20
[ 1404.309208][T15499]  ? __lock_acquire+0xab9/0xd20
[ 1404.309253][T15499]  ? smack_socket_sendmsg+0x1fa/0x520
[ 1404.309286][T15499]  ? __pfx_smack_socket_sendmsg+0x10/0x10
[ 1404.309322][T15499]  ? __pfx_packet_sendmsg+0x10/0x10
[ 1404.309357][T15499]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x300
[ 1404.309394][T15499]  ? __lock_acquire+0xab9/0xd20
[ 1404.309425][T15499]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1404.309446][T15499]  ? __pfx_packet_sendmsg+0x10/0x10
[ 1404.309471][T15499]  __sock_sendmsg+0x21c/0x270
[ 1404.309503][T15499]  ____sys_sendmsg+0x508/0x820
[ 1404.309532][T15499]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1404.309566][T15499]  ? import_iovec+0x74/0xa0
[ 1404.309596][T15499]  ___sys_sendmsg+0x21f/0x2a0
[ 1404.309621][T15499]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1404.309687][T15499]  ? __fget_files+0x2a/0x420
[ 1404.309734][T15499]  ? __fget_files+0x3a6/0x420
[ 1404.309777][T15499]  __x64_sys_sendmsg+0x1a1/0x260
[ 1404.309802][T15499]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1404.309837][T15499]  ? __pfx_ksys_write+0x10/0x10
[ 1404.309868][T15499]  ? rcu_is_watching+0x15/0xb0
[ 1404.309906][T15499]  ? do_syscall_64+0xbe/0x3b0
[ 1404.309932][T15499]  do_syscall_64+0xfa/0x3b0
[ 1404.309951][T15499]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1404.309981][T15499]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1404.310002][T15499]  ? clear_bhb_loop+0x60/0xb0
[ 1404.310028][T15499]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1404.310048][T15499] RIP: 0033:0x7f25c0daeec9
[ 1404.310068][T15499] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1404.310087][T15499] RSP: 002b:00007f25bf016038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1404.310109][T15499] RAX: ffffffffffffffda RBX: 00007f25c1005fa0 RCX: 00007f25c0daeec9
[ 1404.310125][T15499] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[ 1404.310139][T15499] RBP: 00007f25bf016090 R08: 0000000000000000 R09: 0000000000000000
[ 1404.310152][T15499] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1404.310164][T15499] R13: 00007f25c1006038 R14: 00007f25c1005fa0 R15: 00007ffe0818ffa8
[ 1404.310199][T15499]  </TASK>
[ 1405.414388][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1407.116032][T15388] chnl_net:caif_netlink_parms(): no params data found
[ 1408.142710][T15513] bridge22: entered promiscuous mode
[ 1408.142731][T15513] bridge22: entered allmulticast mode
[ 1408.159641][T15513] team0: Port device bridge22 added
[ 1408.452993][T15171] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 1408.863932][T15171] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 1408.893796][T15388] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1408.894042][T15388] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1408.894266][T15388] bridge_slave_0: entered allmulticast mode
[ 1408.896277][T15388] bridge_slave_0: entered promiscuous mode
[ 1408.942369][T15171] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 1408.986535][T15388] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1408.986796][T15388] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1408.987097][T15388] bridge_slave_1: entered allmulticast mode
[ 1408.991140][T15388] bridge_slave_1: entered promiscuous mode
[ 1409.009951][T15171] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 1409.450991][T15388] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1409.462095][T15388] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1409.598249][   T87] bridge_slave_1: left allmulticast mode
[ 1409.598290][   T87] bridge_slave_1: left promiscuous mode
[ 1409.598593][   T87] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1409.696004][   T87] bridge_slave_0: left allmulticast mode
[ 1409.696030][   T87] bridge_slave_0: left promiscuous mode
[ 1409.696236][   T87] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1410.269427][   T87] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1410.465600][   T87] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1410.570670][   T87] bond0 (unregistering): Released all slaves
[ 1410.845709][T15388] team0: Port device team_slave_0 added
[ 1410.853696][T15388] team0: Port device team_slave_1 added
[ 1410.907680][ T5927] usb 5-1: new high-speed USB device number 75 using dummy_hcd
[ 1411.060459][ T5927] usb 5-1: config 1 has an invalid descriptor of length 220, skipping remainder of the config
[ 1411.060644][ T5927] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 22
[ 1411.062133][ T5927] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1411.062153][ T5927] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 1411.062165][ T5927] usb 5-1: SerialNumber: syz
[ 1411.922863][ T5927] usb 5-1: USB disconnect, device number 75
[ 1411.928535][T15388] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1411.928555][T15388] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1411.928584][T15388] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1412.003742][T15388] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1412.003762][T15388] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1412.003793][T15388] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1412.313605][T15560] FAULT_INJECTION: forcing a failure.
[ 1412.313605][T15560] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1412.313642][T15560] CPU: 0 UID: 0 PID: 15560 Comm: syz.4.2354 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1412.313667][T15560] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1412.313681][T15560] Call Trace:
[ 1412.313690][T15560]  <TASK>
[ 1412.313700][T15560]  dump_stack_lvl+0x189/0x250
[ 1412.313736][T15560]  ? __pfx____ratelimit+0x10/0x10
[ 1412.313768][T15560]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1412.313798][T15560]  ? __pfx__printk+0x10/0x10
[ 1412.313834][T15560]  ? __might_fault+0xb0/0x130
[ 1412.313879][T15560]  should_fail_ex+0x46c/0x600
[ 1412.313917][T15560]  _copy_from_user+0x2d/0xb0
[ 1412.313944][T15560]  memdup_user+0x5e/0xd0
[ 1412.313971][T15560]  strndup_user+0x68/0xd0
[ 1412.313997][T15560]  bpf_uprobe_multi_link_attach+0x31c/0xed0
[ 1412.314046][T15560]  ? __pfx_bpf_uprobe_multi_link_attach+0x10/0x10
[ 1412.314070][T15560]  ? __fget_files+0x2a/0x420
[ 1412.314104][T15560]  ? __fget_files+0x2a/0x420
[ 1412.314131][T15560]  ? __fget_files+0x3a6/0x420
[ 1412.314160][T15560]  ? __fget_files+0x2a/0x420
[ 1412.314193][T15560]  ? bpf_prog_attach_check_attach_type+0x453/0x540
[ 1412.314229][T15560]  link_create+0x67c/0x850
[ 1412.314264][T15560]  __sys_bpf+0x6dc/0x870
[ 1412.314293][T15560]  ? __pfx___sys_bpf+0x10/0x10
[ 1412.314335][T15560]  ? ksys_write+0x230/0x260
[ 1412.314365][T15560]  ? __pfx_ksys_write+0x10/0x10
[ 1412.314387][T15560]  ? rcu_is_watching+0x15/0xb0
[ 1412.314428][T15560]  __x64_sys_bpf+0x7c/0x90
[ 1412.314453][T15560]  do_syscall_64+0xfa/0x3b0
[ 1412.314473][T15560]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1412.314504][T15560]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1412.314525][T15560]  ? clear_bhb_loop+0x60/0xb0
[ 1412.314552][T15560]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1412.314572][T15560] RIP: 0033:0x7fa96566eec9
[ 1412.314592][T15560] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1412.314612][T15560] RSP: 002b:00007fa9638ce038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1412.314635][T15560] RAX: ffffffffffffffda RBX: 00007fa9658c5fa0 RCX: 00007fa96566eec9
[ 1412.314651][T15560] RDX: 0000000000000040 RSI: 00002000000003c0 RDI: 000000000000001c
[ 1412.314665][T15560] RBP: 00007fa9638ce090 R08: 0000000000000000 R09: 0000000000000000
[ 1412.314678][T15560] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1412.314692][T15560] R13: 00007fa9658c6038 R14: 00007fa9658c5fa0 R15: 00007ffc472c8ff8
[ 1412.314727][T15560]  </TASK>
[ 1413.539498][T15571] 9pnet_fd: Insufficient options for proto=fd
[ 1413.622456][   T87] hsr_slave_0: left promiscuous mode
[ 1413.658032][   T87] hsr_slave_1: left promiscuous mode
[ 1413.659458][   T87] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1413.722495][   T87] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1414.629253][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1414.705704][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1414.855819][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1414.918327][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1416.151324][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1416.463551][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1416.511811][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1416.921253][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1417.520054][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1417.582765][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1417.738904][   T87] team0 (unregistering): Port device team_slave_1 removed
[ 1417.790014][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1417.866647][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1417.902564][   T87] team0 (unregistering): Port device team_slave_0 removed
[ 1417.954912][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1418.025298][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1418.112805][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1418.167732][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1418.254836][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1418.324078][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1418.408712][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1418.462391][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1418.685195][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1418.769456][T15388] hsr_slave_0: entered promiscuous mode
[ 1418.783136][T15388] hsr_slave_1: entered promiscuous mode
[ 1418.784323][T15388] debugfs: 'hsr0' already exists in 'hsr'
[ 1418.784353][T15388] Cannot create hsr debugfs directory
[ 1418.879678][T10740] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1418.887861][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1418.928381][T10740] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1418.959278][T10740] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1418.979427][T10740] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1418.983484][T10740] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1421.079798][T10740] Bluetooth: hci0: command tx timeout
[ 1421.476141][T15591] lo speed is unknown, defaulting to 1000
[ 1421.595896][T15591] batadv0 speed is unknown, defaulting to 1000
[ 1423.284777][ T5154] Bluetooth: hci0: command tx timeout
[ 1425.307889][ T5154] Bluetooth: hci0: command tx timeout
[ 1426.961256][T15643] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2378'.
[ 1426.961296][T15643] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2378'.
[ 1427.905495][ T5154] Bluetooth: hci0: command tx timeout
[ 1430.173448][ T1323] ieee802154 phy1 wpan1: encryption failed: -22
[ 1430.571864][T15649] FAULT_INJECTION: forcing a failure.
[ 1430.571864][T15649] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1430.571928][T15649] CPU: 0 UID: 0 PID: 15649 Comm: syz.4.2377 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1430.571953][T15649] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1430.571965][T15649] Call Trace:
[ 1430.571975][T15649]  <TASK>
[ 1430.571985][T15649]  dump_stack_lvl+0x189/0x250
[ 1430.572021][T15649]  ? __pfx____ratelimit+0x10/0x10
[ 1430.572053][T15649]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1430.572081][T15649]  ? __pfx__printk+0x10/0x10
[ 1430.572106][T15649]  ? fs_reclaim_acquire+0x7d/0x100
[ 1430.572136][T15649]  should_fail_ex+0x46c/0x600
[ 1430.572172][T15649]  prepare_alloc_pages+0x213/0x670
[ 1430.572202][T15649]  __alloc_frozen_pages_noprof+0x123/0x370
[ 1430.572231][T15649]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1430.572272][T15649]  alloc_pages_mpol+0xd1/0x380
[ 1430.572306][T15649]  alloc_pages_noprof+0xcf/0x1e0
[ 1430.572337][T15649]  get_free_pages_noprof+0xf/0x80
[ 1430.572359][T15649]  kasan_populate_vmalloc+0x38/0x270
[ 1430.572385][T15649]  ? __rcu_read_unlock+0x84/0xe0
[ 1430.572415][T15649]  alloc_vmap_area+0xd62/0x14a0
[ 1430.572464][T15649]  ? __pfx_alloc_vmap_area+0x10/0x10
[ 1430.572492][T15649]  ? __kasan_kmalloc+0x93/0xb0
[ 1430.572520][T15649]  ? __kmalloc_cache_node_noprof+0x1bf/0x340
[ 1430.572549][T15649]  ? __get_vm_area_node+0x172/0x350
[ 1430.572575][T15649]  ? bpf_prog_alloc_no_stats+0x4a/0x510
[ 1430.572604][T15649]  __get_vm_area_node+0x227/0x350
[ 1430.572637][T15649]  __vmalloc_node_range_noprof+0x301/0x12f0
[ 1430.572668][T15649]  ? bpf_prog_alloc_no_stats+0x4a/0x510
[ 1430.572694][T15649]  ? irqentry_exit+0x74/0x90
[ 1430.572724][T15649]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1430.572771][T15649]  ? trace_irq_disable+0x37/0x110
[ 1430.572797][T15649]  ? preempt_schedule_irq+0xde/0x150
[ 1430.572846][T15649]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1430.572889][T15649]  ? irqentry_exit+0x74/0x90
[ 1430.572918][T15649]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1430.572953][T15649]  ? bpf_prog_alloc_no_stats+0x4a/0x510
[ 1430.572978][T15649]  __vmalloc_noprof+0xb1/0xf0
[ 1430.573008][T15649]  ? bpf_prog_alloc_no_stats+0x4a/0x510
[ 1430.573039][T15649]  bpf_prog_alloc_no_stats+0x4a/0x510
[ 1430.573072][T15649]  bpf_prog_alloc+0x3c/0x1a0
[ 1430.573103][T15649]  bpf_prog_load+0x735/0x1930
[ 1430.573152][T15649]  ? __pfx_bpf_prog_load+0x10/0x10
[ 1430.573178][T15649]  ? irqentry_exit+0x74/0x90
[ 1430.573226][T15649]  ? __sys_bpf+0x260/0x870
[ 1430.573251][T15649]  ? __sanitizer_cov_trace_switch+0x8b/0x150
[ 1430.573280][T15649]  ? security_bpf+0x7e/0x300
[ 1430.573334][T15649]  __sys_bpf+0x528/0x870
[ 1430.573362][T15649]  ? __pfx___sys_bpf+0x10/0x10
[ 1430.573384][T15649]  ? preempt_schedule_irq+0xde/0x150
[ 1430.573443][T15649]  __x64_sys_bpf+0x7c/0x90
[ 1430.573468][T15649]  do_syscall_64+0xfa/0x3b0
[ 1430.573489][T15649]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1430.573509][T15649]  ? asm_sysvec_call_function_single+0x1a/0x20
[ 1430.573529][T15649]  ? clear_bhb_loop+0x60/0xb0
[ 1430.573555][T15649]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1430.573575][T15649] RIP: 0033:0x7fa96566eec9
[ 1430.573594][T15649] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1430.573612][T15649] RSP: 002b:00007fa9638ad038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1430.573635][T15649] RAX: ffffffffffffffda RBX: 00007fa9658c6090 RCX: 00007fa96566eec9
[ 1430.573651][T15649] RDX: 0000000000000043 RSI: 00002000000054c0 RDI: 0000000000000005
[ 1430.573665][T15649] RBP: 00007fa9638ad090 R08: 0000000000000000 R09: 0000000000000000
[ 1430.573679][T15649] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1430.573692][T15649] R13: 00007fa9658c6128 R14: 00007fa9658c6090 R15: 00007ffc472c8ff8
[ 1430.573728][T15649]  </TASK>
[ 1430.574505][T15649] syz.4.2377: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1
[ 1430.574571][T15649] CPU: 0 UID: 0 PID: 15649 Comm: syz.4.2377 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1430.574592][T15649] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1430.574603][T15649] Call Trace:
[ 1430.574612][T15649]  <TASK>
[ 1430.574620][T15649]  dump_stack_lvl+0x189/0x250
[ 1430.574654][T15649]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1430.574684][T15649]  ? __pfx__printk+0x10/0x10
[ 1430.574717][T15649]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[ 1430.574740][T15649]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[ 1430.574764][T15649]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[ 1430.574788][T15649]  warn_alloc+0x22e/0x3b0
[ 1430.574813][T15649]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1430.574902][T15649]  ? __pfx_warn_alloc+0x10/0x10
[ 1430.574919][T15649]  ? __get_vm_area_node+0x240/0x350
[ 1430.574948][T15649]  ? kfree+0x195/0x550
[ 1430.574971][T15649]  ? __get_vm_area_node+0x172/0x350
[ 1430.575000][T15649]  ? bpf_prog_alloc_no_stats+0x4a/0x510
[ 1430.575029][T15649]  ? __get_vm_area_node+0x240/0x350
[ 1430.575066][T15649]  __vmalloc_node_range_noprof+0x326/0x12f0
[ 1430.575096][T15649]  ? irqentry_exit+0x74/0x90
[ 1430.575125][T15649]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1430.575174][T15649]  ? trace_irq_disable+0x37/0x110
[ 1430.575199][T15649]  ? preempt_schedule_irq+0xde/0x150
[ 1430.575229][T15649]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1430.575260][T15649]  ? irqentry_exit+0x74/0x90
[ 1430.575287][T15649]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1430.575320][T15649]  ? bpf_prog_alloc_no_stats+0x4a/0x510
[ 1430.575345][T15649]  __vmalloc_noprof+0xb1/0xf0
[ 1430.575374][T15649]  ? bpf_prog_alloc_no_stats+0x4a/0x510
[ 1430.575406][T15649]  bpf_prog_alloc_no_stats+0x4a/0x510
[ 1430.575439][T15649]  bpf_prog_alloc+0x3c/0x1a0
[ 1430.575469][T15649]  bpf_prog_load+0x735/0x1930
[ 1430.575509][T15649]  ? __pfx_bpf_prog_load+0x10/0x10
[ 1430.575532][T15649]  ? irqentry_exit+0x74/0x90
[ 1430.575573][T15649]  ? __sys_bpf+0x260/0x870
[ 1430.575593][T15649]  ? __sanitizer_cov_trace_switch+0x8b/0x150
[ 1430.575616][T15649]  ? security_bpf+0x7e/0x300
[ 1430.575641][T15649]  __sys_bpf+0x528/0x870
[ 1430.575664][T15649]  ? __pfx___sys_bpf+0x10/0x10
[ 1430.575680][T15649]  ? preempt_schedule_irq+0xde/0x150
[ 1430.575732][T15649]  __x64_sys_bpf+0x7c/0x90
[ 1430.575751][T15649]  do_syscall_64+0xfa/0x3b0
[ 1430.575768][T15649]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1430.575784][T15649]  ? asm_sysvec_call_function_single+0x1a/0x20
[ 1430.575800][T15649]  ? clear_bhb_loop+0x60/0xb0
[ 1430.575819][T15649]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1430.575850][T15649] RIP: 0033:0x7fa96566eec9
[ 1430.575865][T15649] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1430.575879][T15649] RSP: 002b:00007fa9638ad038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1430.575903][T15649] RAX: ffffffffffffffda RBX: 00007fa9658c6090 RCX: 00007fa96566eec9
[ 1430.575923][T15649] RDX: 0000000000000043 RSI: 00002000000054c0 RDI: 0000000000000005
[ 1430.575935][T15649] RBP: 00007fa9638ad090 R08: 0000000000000000 R09: 0000000000000000
[ 1430.575954][T15649] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1430.575965][T15649] R13: 00007fa9658c6128 R14: 00007fa9658c6090 R15: 00007ffc472c8ff8
[ 1430.576002][T15649]  </TASK>
[ 1430.581765][T15649] Mem-Info:
[ 1430.581995][T15649] active_anon:260 inactive_anon:24027 isolated_anon:0
[ 1430.581995][T15649]  active_file:19828 inactive_file:38471 isolated_file:0
[ 1430.581995][T15649]  unevictable:768 dirty:100 writeback:0
[ 1430.581995][T15649]  slab_reclaimable:13024 slab_unreclaimable:114778
[ 1430.581995][T15649]  mapped:36423 shmem:20293 pagetables:1218
[ 1430.581995][T15649]  sec_pagetables:0 bounce:0
[ 1430.581995][T15649]  kernel_misc_reclaimable:0
[ 1430.581995][T15649]  free:1271271 free_pcp:6790 free_cma:0
[ 1430.582115][T15649] Node 0 active_anon:1040kB inactive_anon:96108kB active_file:79112kB inactive_file:153884kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:145692kB dirty:396kB writeback:0kB shmem:79636kB kernel_stack:13136kB pagetables:4748kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1430.582229][T15649] Node 1 active_anon:0kB inactive_anon:0kB active_file:200kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB kernel_stack:48kB pagetables:124kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1430.585390][T15649] Node 0 DMA free:15328kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1430.585521][T15649] lowmem_reserve[]: 0 2512 2513 2513 2513
[ 1430.597847][T15649] Node 0 DMA32 free:1170864kB boost:0kB min:3940kB low:6484kB high:9028kB reserved_highatomic:0KB free_highatomic:0KB active_anon:1036kB inactive_anon:96060kB active_file:78092kB inactive_file:153824kB unevictable:1536kB writepending:392kB present:3129332kB managed:2572288kB mlocked:0kB bounce:0kB free_pcp:27160kB local_pcp:2460kB free_cma:0kB
[ 1430.597982][T15649] lowmem_reserve[]: 0 0 1 1 1
[ 1430.598307][T15649] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB free_highatomic:0KB active_anon:4kB inactive_anon:48kB active_file:1020kB inactive_file:60kB unevictable:0kB writepending:4kB present:1048580kB managed:1132kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1430.598536][T15649] lowmem_reserve[]: 0 0 0 0 0
[ 1430.598609][T15649] Node 1 Normal free:3898892kB boost:0kB min:6364kB low:10472kB high:14580kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:200kB inactive_file:0kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1430.598659][T15649] lowmem_reserve[]: 0 0 0 0 0
[ 1430.598689][T15649] Node 0 DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 1*64kB (U) 1*128kB (U) 1*256kB (U) 1*512kB (U) 0*1024kB 1*2048kB (M) 3*4096kB (M) = 15328kB
[ 1430.599311][T15649] Node 0 DMA32: 2820*4kB (UE) 32*8kB (UE) 112*16kB (UME) 527*32kB (UME) 593*64kB (UME) 131*128kB (UME) 50*256kB (UME) 22*512kB (M) 7*1024kB (ME) 5*2048kB (ME) 255*4096kB (UM) = 1170864kB
[ 1430.600866][T15649] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[ 1430.601560][T15649] Node 1 Normal: 217*4kB (UME) 35*8kB (UME) 37*16kB (UME) 188*32kB (UME) 85*64kB (UME) 27*128kB (UME) 13*256kB (UME) 6*512kB (UM) 3*1024kB (UME) 3*2048kB (UME) 944*4096kB (M) = 3898892kB
[ 1430.602761][T15649] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1430.602913][T15649] Node 0 hugepages_total=3 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1430.602954][T15649] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1430.603000][T15649] Node 1 hugepages_total=1 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[ 1430.603046][T15649] 78589 total pagecache pages
[ 1430.603088][T15649] 0 pages in swap cache
[ 1430.603183][T15649] Free swap  = 124996kB
[ 1430.603222][T15649] Total swap = 124996kB
[ 1430.603295][T15649] 2097051 pages RAM
[ 1430.603333][T15649] 0 pages HighMem/MovableOnly
[ 1430.603370][T15649] 422081 pages reserved
[ 1430.603408][T15649] 0 pages cma reserved
[ 1431.513293][T15653] FAULT_INJECTION: forcing a failure.
[ 1431.513293][T15653] name failslab, interval 1, probability 0, space 0, times 0
[ 1431.526355][T15653] CPU: 0 UID: 0 PID: 15653 Comm: syz.2.2379 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1431.526385][T15653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1431.526397][T15653] Call Trace:
[ 1431.526405][T15653]  <TASK>
[ 1431.526414][T15653]  dump_stack_lvl+0x189/0x250
[ 1431.526447][T15653]  ? __pfx____ratelimit+0x10/0x10
[ 1431.526474][T15653]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1431.526500][T15653]  ? __pfx__printk+0x10/0x10
[ 1431.526527][T15653]  ? __pfx___might_resched+0x10/0x10
[ 1431.526546][T15653]  ? fs_reclaim_acquire+0x7d/0x100
[ 1431.526568][T15653]  should_fail_ex+0x46c/0x600
[ 1431.526606][T15653]  ? getname_flags+0xb8/0x540
[ 1431.526631][T15653]  should_failslab+0xa8/0x100
[ 1431.526656][T15653]  ? getname_flags+0xb8/0x540
[ 1431.526679][T15653]  kmem_cache_alloc_noprof+0x6e/0x310
[ 1431.526710][T15653]  getname_flags+0xb8/0x540
[ 1431.526734][T15653]  ? _copy_from_user+0x94/0xb0
[ 1431.526760][T15653]  user_path_at+0x24/0x60
[ 1431.526781][T15653]  __se_sys_mount+0x2d3/0x410
[ 1431.526813][T15653]  ? __pfx___se_sys_mount+0x10/0x10
[ 1431.526844][T15653]  ? do_syscall_64+0xbe/0x3b0
[ 1431.526860][T15653]  ? __x64_sys_mount+0x20/0xc0
[ 1431.526888][T15653]  do_syscall_64+0xfa/0x3b0
[ 1431.526907][T15653]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1431.526930][T15653]  ? asm_sysvec_call_function_single+0x1a/0x20
[ 1431.526948][T15653]  ? clear_bhb_loop+0x60/0xb0
[ 1431.526970][T15653]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1431.526988][T15653] RIP: 0033:0x7f25c0daeec9
[ 1431.527006][T15653] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1431.527021][T15653] RSP: 002b:00007f25beff5038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1431.527042][T15653] RAX: ffffffffffffffda RBX: 00007f25c1006090 RCX: 00007f25c0daeec9
[ 1431.527055][T15653] RDX: 00002000000000c0 RSI: 00002000000003c0 RDI: 0000000000000000
[ 1431.527067][T15653] RBP: 00007f25beff5090 R08: 0000000000000000 R09: 0000000000000000
[ 1431.527079][T15653] R10: 0000000000010012 R11: 0000000000000246 R12: 0000000000000001
[ 1431.527091][T15653] R13: 00007f25c1006128 R14: 00007f25c1006090 R15: 00007ffe0818ffa8
[ 1431.527123][T15653]  </TASK>
[ 1432.989753][T15668] fuse: Unknown parameter 'g/¯œ¡cÕj00000000000000000000'
[ 1436.399453][T15591] chnl_net:caif_netlink_parms(): no params data found
[ 1438.297661][T15388] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 1438.437939][   T87] bridge_slave_1: left allmulticast mode
[ 1438.437979][   T87] bridge_slave_1: left promiscuous mode
[ 1438.438291][   T87] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1438.619776][   T87] bridge_slave_0: left allmulticast mode
[ 1438.619825][   T87] bridge_slave_0: left promiscuous mode
[ 1438.620138][   T87] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1440.174877][   T87] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1440.309655][   T87] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1440.357155][   T87] bond0 (unregistering): Released all slaves
[ 1440.405008][T15720] bridge14: entered promiscuous mode
[ 1440.405043][T15720] bridge14: entered allmulticast mode
[ 1440.409902][T15720] team0: Port device bridge14 added
[ 1440.654252][T15388] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 1440.792401][T15732] sctp: [Deprecated]: syz.6.2398 (pid 15732) Use of int in maxseg socket option.
[ 1440.792401][T15732] Use struct sctp_assoc_value instead
[ 1440.971330][T15388] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 1441.157413][   T37] audit: type=1326 audit(1758737873.297:488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15737 comm="syz.4.2399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa96566eec9 code=0x7ffc0000
[ 1441.158943][   T37] audit: type=1326 audit(1758737873.297:489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15737 comm="syz.4.2399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa96566eec9 code=0x7ffc0000
[ 1441.161177][T15739] audit: audit_lost=1 audit_rate_limit=0 audit_backlog_limit=64
[ 1441.161197][T15739] audit: out of memory in audit_log_start
[ 1441.161962][   T37] audit: type=1326 audit(1758737873.307:490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15737 comm="syz.4.2399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa96566d710 code=0x7ffc0000
[ 1441.162014][   T37] audit: type=1326 audit(1758737873.307:491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15737 comm="syz.4.2399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fa96566d97f code=0x7ffc0000
[ 1441.162063][   T37] audit: type=1326 audit(1758737873.307:492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15737 comm="syz.4.2399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7fa96566d8dc code=0x7ffc0000
[ 1441.162114][   T37] audit: type=1326 audit(1758737873.307:493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15737 comm="syz.4.2399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fa96566d97f code=0x7ffc0000
[ 1441.162162][   T37] audit: type=1326 audit(1758737873.307:494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15737 comm="syz.4.2399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fa96566db2a code=0x7ffc0000
[ 1441.162211][   T37] audit: type=1326 audit(1758737873.307:495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15737 comm="syz.4.2399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa96566eec9 code=0x7ffc0000
[ 1441.206478][T15388] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 1442.396523][T15591] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1442.413674][T15591] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1442.413965][T15591] bridge_slave_0: entered allmulticast mode
[ 1442.558651][T15591] bridge_slave_0: entered promiscuous mode
[ 1442.576329][T15591] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1442.577110][T15591] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1442.589246][T15591] bridge_slave_1: entered allmulticast mode
[ 1442.812105][T15591] bridge_slave_1: entered promiscuous mode
[ 1443.247977][T12573] usb 7-1: new high-speed USB device number 57 using dummy_hcd
[ 1443.429812][T12573] usb 7-1: Using ep0 maxpacket: 32
[ 1443.435930][T12573] usb 7-1: config 0 has an invalid interface number: 123 but max is 0
[ 1443.435961][T12573] usb 7-1: config 0 has an invalid descriptor of length 48, skipping remainder of the config
[ 1443.435983][T12573] usb 7-1: config 0 has no interface number 0
[ 1443.476844][T12573] usb 7-1: New USB device found, idVendor=20df, idProduct=0001, bcdDevice=97.6d
[ 1443.476879][T12573] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1443.476899][T12573] usb 7-1: Product: syz
[ 1443.476914][T12573] usb 7-1: Manufacturer: syz
[ 1443.476928][T12573] usb 7-1: SerialNumber: syz
[ 1443.521034][T12573] usb 7-1: config 0 descriptor??
[ 1443.669128][T12573] cdc_acm 7-1:0.123: More than one union descriptor, skipping ...
[ 1443.669154][T12573] cdc_acm 7-1:0.123: skipping garbage
[ 1443.877912][   T87] hsr_slave_0: left promiscuous mode
[ 1443.908312][   T87] hsr_slave_1: left promiscuous mode
[ 1443.909923][   T87] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1443.976619][   T87] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1444.333346][ T5928] usb 7-1: USB disconnect, device number 57
[ 1446.342821][   T87] team0 (unregistering): Port device team_slave_1 removed
[ 1446.509003][   T87] team0 (unregistering): Port device team_slave_0 removed
[ 1446.970667][T15786] netlink: 452 bytes leftover after parsing attributes in process `syz.2.2412'.
[ 1448.565593][T15779] bridge23: entered promiscuous mode
[ 1448.565630][T15779] bridge23: entered allmulticast mode
[ 1448.570723][T15779] team0: Port device bridge23 added
[ 1448.809983][T10740] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1448.814671][T10740] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1448.834454][T10740] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1448.849705][T10740] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1448.849771][T15591] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1448.851451][T10740] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1448.923723][T15591] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1450.493008][T15591] team0: Port device team_slave_0 added
[ 1450.502738][T15591] team0: Port device team_slave_1 added
[ 1450.687957][ T5920] usb 5-1: new high-speed USB device number 76 using dummy_hcd
[ 1450.837689][ T5920] usb 5-1: Using ep0 maxpacket: 32
[ 1450.842204][ T5920] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 72, changing to 10
[ 1450.842261][ T5920] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 32
[ 1450.845968][ T5920] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1450.846001][ T5920] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1450.846022][ T5920] usb 5-1: Product: syz
[ 1450.846037][ T5920] usb 5-1: Manufacturer: syz
[ 1450.846052][ T5920] usb 5-1: SerialNumber: syz
[ 1450.908947][ T5154] Bluetooth: hci1: command tx timeout
[ 1451.028917][T15800] lo speed is unknown, defaulting to 1000
[ 1451.046146][T15800] batadv0 speed is unknown, defaulting to 1000
[ 1451.103981][T15591] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1451.104002][T15591] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1451.104133][T15591] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1451.127955][T15591] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1451.127976][T15591] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1451.128003][T15591] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1451.192940][T15811] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1451.196381][T15811] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1451.221534][ T5920] cdc_ncm 5-1:1.0: CDC Union missing and no IAD found
[ 1451.221588][ T5920] cdc_ncm 5-1:1.0: bind() failure
[ 1451.402342][ T5920] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found
[ 1451.402374][ T5920] cdc_ncm 5-1:1.1: bind() failure
[ 1451.464696][ T5920] usb 5-1: USB disconnect, device number 76
[ 1452.548225][T15591] hsr_slave_0: entered promiscuous mode
[ 1452.549868][T15591] hsr_slave_1: entered promiscuous mode
[ 1452.987942][ T5154] Bluetooth: hci1: command tx timeout
[ 1453.989251][T15838] bridge10: entered promiscuous mode
[ 1453.989288][T15838] bridge10: entered allmulticast mode
[ 1453.993519][T15838] team0: Port device bridge10 added
[ 1455.193136][ T5154] Bluetooth: hci1: command tx timeout
[ 1457.227958][ T5154] Bluetooth: hci1: command tx timeout
[ 1458.339407][T12573] usb 5-1: new full-speed USB device number 77 using dummy_hcd
[ 1458.559859][T12573] usb 5-1: New USB device found, idVendor=0b48, idProduct=3007, bcdDevice=4f.64
[ 1458.559907][T12573] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1458.559929][T12573] usb 5-1: Product: syz
[ 1458.559942][T12573] usb 5-1: Manufacturer: syz
[ 1458.559958][T12573] usb 5-1: SerialNumber: syz
[ 1458.665902][T12573] usb 5-1: config 0 descriptor??
[ 1458.708251][T12573] dvb-usb: found a 'Technotrend TT Connect S2-3600' in warm state.
[ 1458.708308][T12573] pctv452e: pctv452e_power_ctrl: 1
[ 1458.708308][T12573] 
[ 1458.708364][T12573] usb 5-1: selecting invalid altsetting 3
[ 1458.708381][T12573] pctv452e: pctv452e_power_ctrl: Warning set interface returned: -22
[ 1458.708381][T12573] 
[ 1458.708399][T12573] dvb-usb: bulk message failed: -22 (5/0)
[ 1458.832051][T12573] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[ 1458.889028][T15865] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[ 1458.943889][T12573] dvb-usb: Technotrend TT Connect S2-3600 error while loading driver (-19)
[ 1458.964569][T12573] usb 5-1: USB disconnect, device number 77
[ 1461.203630][T15800] chnl_net:caif_netlink_parms(): no params data found
[ 1466.534833][   T87] bridge_slave_1: left allmulticast mode
[ 1466.534874][   T87] bridge_slave_1: left promiscuous mode
[ 1466.535174][   T87] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1466.615963][   T87] bridge_slave_0: left allmulticast mode
[ 1466.616004][   T87] bridge_slave_0: left promiscuous mode
[ 1466.616384][   T87] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1468.229896][   T87] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1468.309347][   T87] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1468.383737][   T87] bond0 (unregistering): Released all slaves
[ 1468.821387][T15800] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1468.821562][T15800] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1468.821837][T15800] bridge_slave_0: entered allmulticast mode
[ 1468.879729][T15800] bridge_slave_0: entered promiscuous mode
[ 1468.928003][T15800] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1468.928206][T15800] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1468.928687][T15800] bridge_slave_1: entered allmulticast mode
[ 1469.072717][T15800] bridge_slave_1: entered promiscuous mode
[ 1470.363210][T15800] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1470.486263][T15800] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1470.530889][T15939] fuse: Bad value for 'fd'
[ 1471.074599][T15939] bridge11: entered promiscuous mode
[ 1471.074623][T15939] bridge11: entered allmulticast mode
[ 1471.077528][T15939] team0: Port device bridge11 added
[ 1471.884260][   T67] Bluetooth: hci6: Frame reassembly failed (-84)
[ 1471.998088][   T87] hsr_slave_0: left promiscuous mode
[ 1472.037777][   T87] hsr_slave_1: left promiscuous mode
[ 1472.044822][   T87] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1472.134736][   T87] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1472.149276][ T5920] usb 7-1: new high-speed USB device number 58 using dummy_hcd
[ 1472.297875][ T5920] usb 7-1: Using ep0 maxpacket: 16
[ 1472.307945][ T5920] usb 7-1: config 1 has an invalid descriptor of length 255, skipping remainder of the config
[ 1472.307975][ T5920] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1472.314202][ T5920] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1472.314231][ T5920] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1472.314249][ T5920] usb 7-1: Product: syz
[ 1472.314263][ T5920] usb 7-1: Manufacturer: syz
[ 1472.314276][ T5920] usb 7-1: SerialNumber: syz
[ 1473.867918][ T5154] Bluetooth: hci6: Opcode 0x1003 failed: -110
[ 1473.890578][   T87] team0 (unregistering): Port device team_slave_1 removed
[ 1474.421989][   T87] team0 (unregistering): Port device team_slave_0 removed
[ 1476.263124][T15591] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 1476.561707][T15591] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 1476.678876][T15800] team0: Port device team_slave_0 added
[ 1476.700708][T15591] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 1476.826183][T15800] team0: Port device team_slave_1 added
[ 1476.981305][ T5920] usb 7-1: 0:2 : does not exist
[ 1477.093084][ T5920] usb 7-1: 5:0: failed to get current value for ch 0 (-22)
[ 1477.203504][T15591] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 1477.236947][ T5920] usb 7-1: USB disconnect, device number 58
[ 1477.666247][T15970] 9pnet_fd: Insufficient options for proto=fd
[ 1478.399093][T15800] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1478.399113][T15800] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1478.399142][T15800] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1478.411032][T15800] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1478.411053][T15800] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1478.411082][T15800] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1478.538220][T15591] kthread_run failed with err -4
[ 1480.041431][T15800] hsr_slave_0: entered promiscuous mode
[ 1480.043202][T15800] hsr_slave_1: entered promiscuous mode
[ 1480.044286][T15800] debugfs: 'hsr0' already exists in 'hsr'
[ 1480.044315][T15800] Cannot create hsr debugfs directory
[ 1480.888601][T10740] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 1480.896135][T10740] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 1480.913832][T10740] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 1480.946762][T10740] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 1480.955504][T10740] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 1481.304188][T16005] fuse: Bad value for 'fd'
[ 1481.503393][ T6114] Bluetooth: hci0: Frame reassembly failed (-84)
[ 1481.724710][T15989] bridge24: entered promiscuous mode
[ 1481.724745][T15989] bridge24: entered allmulticast mode
[ 1481.730533][T15989] team0: Port device bridge24 added
[ 1482.953144][T15996] lo speed is unknown, defaulting to 1000
[ 1482.978768][T15996] batadv0 speed is unknown, defaulting to 1000
[ 1483.130049][T10740] Bluetooth: hci6: command tx timeout
[ 1484.385929][T10740] Bluetooth: hci0: command 0x1003 tx timeout
[ 1484.391450][ T5154] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 1486.046194][ T5154] Bluetooth: hci6: command tx timeout
[ 1486.588674][T16051] netlink: 'syz.2.2473': attribute type 39 has an invalid length.
[ 1487.857534][T16055] bridge12: entered promiscuous mode
[ 1487.857569][T16055] bridge12: entered allmulticast mode
[ 1487.865460][T16055] team0: Port device bridge12 added
[ 1488.109136][ T5154] Bluetooth: hci6: command tx timeout
[ 1490.918900][ T1323] ieee802154 phy1 wpan1: encryption failed: -22
[ 1491.046072][ T5154] Bluetooth: hci6: command tx timeout
[ 1493.840788][T16089] misc userio: Invalid payload size
[ 1493.842381][T16089] misc userio: No port type given on /dev/userio
[ 1494.810582][T16101] bridge15: entered promiscuous mode
[ 1494.810619][T16101] bridge15: entered allmulticast mode
[ 1494.815366][T16101] team0: Port device bridge15 added
[ 1496.264414][T15996] chnl_net:caif_netlink_parms(): no params data found
[ 1496.491808][T15800] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 1496.691560][T15800] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 1496.755076][T15800] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 1496.819239][   T87] bridge_slave_1: left allmulticast mode
[ 1496.819279][   T87] bridge_slave_1: left promiscuous mode
[ 1496.819600][   T87] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1496.870548][   T87] bridge_slave_0: left allmulticast mode
[ 1496.870588][   T87] bridge_slave_0: left promiscuous mode
[ 1496.872068][   T87] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1497.104264][T16115] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1497.203331][T16118] FAULT_INJECTION: forcing a failure.
[ 1497.203331][T16118] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1497.203369][T16118] CPU: 1 UID: 0 PID: 16118 Comm: syz.6.2489 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1497.203394][T16118] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1497.203407][T16118] Call Trace:
[ 1497.203417][T16118]  <TASK>
[ 1497.203426][T16118]  dump_stack_lvl+0x189/0x250
[ 1497.203464][T16118]  ? __pfx____ratelimit+0x10/0x10
[ 1497.203497][T16118]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1497.203527][T16118]  ? __pfx__printk+0x10/0x10
[ 1497.203551][T16118]  ? __might_fault+0xb0/0x130
[ 1497.203592][T16118]  should_fail_ex+0x46c/0x600
[ 1497.203625][T16118]  _copy_from_user+0x2d/0xb0
[ 1497.203652][T16118]  ___sys_sendmsg+0x158/0x2a0
[ 1497.203678][T16118]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1497.203740][T16118]  ? __fget_files+0x2a/0x420
[ 1497.203769][T16118]  ? __fget_files+0x3a6/0x420
[ 1497.203809][T16118]  __x64_sys_sendmsg+0x1a1/0x260
[ 1497.203835][T16118]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1497.203869][T16118]  ? __pfx_ksys_write+0x10/0x10
[ 1497.203893][T16118]  ? rcu_is_watching+0x15/0xb0
[ 1497.203931][T16118]  ? do_syscall_64+0xbe/0x3b0
[ 1497.203957][T16118]  do_syscall_64+0xfa/0x3b0
[ 1497.203975][T16118]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1497.204005][T16118]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1497.204027][T16118]  ? clear_bhb_loop+0x60/0xb0
[ 1497.204062][T16118]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1497.204083][T16118] RIP: 0033:0x7fdcfa85eec9
[ 1497.204102][T16118] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1497.204121][T16118] RSP: 002b:00007fdcf8abe038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1497.204144][T16118] RAX: ffffffffffffffda RBX: 00007fdcfaab5fa0 RCX: 00007fdcfa85eec9
[ 1497.204160][T16118] RDX: 0000000000000001 RSI: 0000200000000080 RDI: 0000000000000005
[ 1497.204174][T16118] RBP: 00007fdcf8abe090 R08: 0000000000000000 R09: 0000000000000000
[ 1497.204187][T16118] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1497.204200][T16118] R13: 00007fdcfaab6038 R14: 00007fdcfaab5fa0 R15: 00007ffef05c10d8
[ 1497.204236][T16118]  </TASK>
[ 1500.919758][   T87] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1501.022102][T16145] ieee802154 phy1 wpan1: encryption failed: -22
[ 1501.051872][   T87] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1501.114839][   T87] bond0 (unregistering): Released all slaves
[ 1501.158075][T15800] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 1503.318332][T15996] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1503.318505][T15996] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1503.318792][T15996] bridge_slave_0: entered allmulticast mode
[ 1503.369677][T15996] bridge_slave_0: entered promiscuous mode
[ 1503.381522][T15996] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1503.381724][T15996] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1503.382181][T15996] bridge_slave_1: entered allmulticast mode
[ 1503.398300][T15996] bridge_slave_1: entered promiscuous mode
[ 1504.121582][T15996] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1504.435487][T16176] 9pnet_fd: Insufficient options for proto=fd
[ 1505.757933][   T87] hsr_slave_0: left promiscuous mode
[ 1505.798772][   T87] hsr_slave_1: left promiscuous mode
[ 1505.819940][   T87] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1505.839839][   T87] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1507.925009][   T87] team0 (unregistering): Port device team_slave_1 removed
[ 1508.139012][   T87] team0 (unregistering): Port device team_slave_0 removed
[ 1508.898495][T10740] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1508.934756][T10740] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1508.960279][T10740] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1508.961950][T10740] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1508.965852][T10740] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1509.029647][T15996] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1509.973212][T15996] team0: Port device team_slave_0 added
[ 1510.127203][T15996] team0: Port device team_slave_1 added
[ 1510.831803][T16226] input: syz1 as /devices/virtual/input/input36
[ 1511.106520][T10740] Bluetooth: hci0: command tx timeout
[ 1512.282030][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1512.653904][T15996] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1512.653924][T15996] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1512.653955][T15996] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1512.664952][T15996] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1512.664970][T15996] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1512.665000][T15996] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1512.698824][T16210] lo speed is unknown, defaulting to 1000
[ 1512.852019][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1512.943850][T16210] batadv0 speed is unknown, defaulting to 1000
[ 1513.054103][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1513.167897][ T5154] Bluetooth: hci0: command tx timeout
[ 1513.266294][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1513.437003][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1513.460613][T15996] hsr_slave_0: entered promiscuous mode
[ 1513.462194][T15996] hsr_slave_1: entered promiscuous mode
[ 1513.788289][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1514.446647][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1514.497163][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1514.631397][T16256] bridge25: entered promiscuous mode
[ 1514.631420][T16256] bridge25: entered allmulticast mode
[ 1514.634225][T16256] team0: Port device bridge25 added
[ 1514.872902][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1514.906914][T16260] netlink: 'syz.6.2518': attribute type 1 has an invalid length.
[ 1514.906970][T16260] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2518'.
[ 1514.930869][T16260] netlink: 20 bytes leftover after parsing attributes in process `syz.6.2518'.
[ 1514.931239][T16260] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0
[ 1515.104159][T16262] FAULT_INJECTION: forcing a failure.
[ 1515.104159][T16262] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1515.104198][T16262] CPU: 0 UID: 0 PID: 16262 Comm: syz.2.2519 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1515.104223][T16262] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1515.104236][T16262] Call Trace:
[ 1515.104245][T16262]  <TASK>
[ 1515.104255][T16262]  dump_stack_lvl+0x189/0x250
[ 1515.104291][T16262]  ? __pfx____ratelimit+0x10/0x10
[ 1515.104323][T16262]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1515.104353][T16262]  ? __pfx__printk+0x10/0x10
[ 1515.104378][T16262]  ? fs_reclaim_acquire+0x7d/0x100
[ 1515.104409][T16262]  should_fail_ex+0x46c/0x600
[ 1515.104447][T16262]  prepare_alloc_pages+0x213/0x670
[ 1515.104477][T16262]  __alloc_frozen_pages_noprof+0x123/0x370
[ 1515.104504][T16262]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1515.104537][T16262]  ? policy_nodemask+0x27c/0x720
[ 1515.104571][T16262]  alloc_pages_mpol+0xd1/0x380
[ 1515.104605][T16262]  alloc_pages_noprof+0xcf/0x1e0
[ 1515.104647][T16262]  pte_alloc_one+0x21/0x190
[ 1515.104679][T16262]  handle_mm_fault+0x1c43/0x3400
[ 1515.104721][T16262]  ? handle_mm_fault+0xdb/0x3400
[ 1515.104781][T16262]  ? __pfx_handle_mm_fault+0x10/0x10
[ 1515.104825][T16262]  ? __pfx_find_vma+0x10/0x10
[ 1515.104854][T16262]  ? vma_is_secretmem+0xd/0x50
[ 1515.104890][T16262]  __get_user_pages+0x16e4/0x2b60
[ 1515.104960][T16262]  populate_vma_page_range+0x29f/0x3a0
[ 1515.104996][T16262]  ? __pfx_populate_vma_page_range+0x10/0x10
[ 1515.105026][T16262]  ? rt_mutex_slowunlock+0x493/0x8a0
[ 1515.105052][T16262]  __mm_populate+0x24c/0x380
[ 1515.105081][T16262]  ? __pfx___mm_populate+0x10/0x10
[ 1515.105107][T16262]  ? do_mlock+0x5fb/0x740
[ 1515.105140][T16262]  do_mlock+0x625/0x740
[ 1515.105166][T16262]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[ 1515.105201][T16262]  ? __pfx_do_mlock+0x10/0x10
[ 1515.105227][T16262]  ? fput+0xa0/0xd0
[ 1515.105247][T16262]  ? ksys_write+0x230/0x260
[ 1515.105276][T16262]  ? __pfx_ksys_write+0x10/0x10
[ 1515.105299][T16262]  ? rcu_is_watching+0x15/0xb0
[ 1515.105341][T16262]  __x64_sys_mlock+0x60/0x70
[ 1515.105366][T16262]  do_syscall_64+0xfa/0x3b0
[ 1515.105388][T16262]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1515.105409][T16262]  ? asm_sysvec_call_function_single+0x1a/0x20
[ 1515.105429][T16262]  ? clear_bhb_loop+0x60/0xb0
[ 1515.105455][T16262]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1515.105476][T16262] RIP: 0033:0x7f25c0daeec9
[ 1515.105495][T16262] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1515.105514][T16262] RSP: 002b:00007f25beff5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000095
[ 1515.105538][T16262] RAX: ffffffffffffffda RBX: 00007f25c1006090 RCX: 00007f25c0daeec9
[ 1515.105554][T16262] RDX: 0000000000000000 RSI: 0000000000800000 RDI: 0000200000000000
[ 1515.105569][T16262] RBP: 00007f25beff5090 R08: 0000000000000000 R09: 0000000000000000
[ 1515.105583][T16262] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1515.105596][T16262] R13: 00007f25c1006128 R14: 00007f25c1006090 R15: 00007ffe0818ffa8
[ 1515.105640][T16262]  </TASK>
[ 1515.232923][T10740] Bluetooth: hci0: command tx timeout
[ 1517.158688][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1517.287646][ T5928] usb 7-1: new high-speed USB device number 59 using dummy_hcd
[ 1517.310496][T10740] Bluetooth: hci0: command 0x0419 tx timeout
[ 1517.484736][ T5928] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1517.484774][ T5928] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1517.484817][ T5928] usb 7-1: New USB device found, idVendor=04b4, idProduct=de61, bcdDevice= 0.00
[ 1517.484841][ T5928] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1517.564314][ T5928] usb 7-1: config 0 descriptor??
[ 1518.088555][T16268] smc: ib device syz1 ibport 1 applied user defined pnetid SYZ2
[ 1518.153807][ T5928] cypress 0003:04B4:DE61.0010: item fetching failed at offset 5/7
[ 1518.154802][ T5928] cypress 0003:04B4:DE61.0010: parse failed
[ 1518.154882][ T5928] cypress 0003:04B4:DE61.0010: probe with driver cypress failed with error -22
[ 1520.096283][ T5154] Bluetooth: hci0: command 0x0419 tx timeout
[ 1520.257968][    T9] usb 7-1: USB disconnect, device number 59
[ 1520.802194][T12148] usb 5-1: new high-speed USB device number 78 using dummy_hcd
[ 1520.955148][T12148] usb 5-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad
[ 1520.955184][T12148] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1520.962961][T12148] usb 5-1: config 0 descriptor??
[ 1520.979879][T12148] gspca_main: spca508-2.14.0 probing 8086:0110
[ 1521.207405][T12148] gspca_spca508: reg_read err -32
[ 1521.438168][T12148] gspca_spca508: reg_read err -71
[ 1521.438710][T12148] gspca_spca508: reg_read err -71
[ 1521.439302][T12148] gspca_spca508: reg_read err -71
[ 1521.439758][T12148] gspca_spca508: reg write: error -71
[ 1521.439936][T12148] spca508 5-1:0.0: probe with driver spca508 failed with error -71
[ 1521.443711][T12148] usb 5-1: USB disconnect, device number 78
[ 1524.302078][T16210] chnl_net:caif_netlink_parms(): no params data found
[ 1526.263621][T16330] bridge26: entered promiscuous mode
[ 1526.263657][T16330] bridge26: entered allmulticast mode
[ 1526.268791][T16330] team0: Port device bridge26 added
[ 1526.281504][T13075] usb 3-1: new high-speed USB device number 54 using dummy_hcd
[ 1526.407601][T12148] usb 7-1: new high-speed USB device number 60 using dummy_hcd
[ 1526.467809][T13075] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1526.467847][T13075] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1526.468007][T13075] usb 3-1: New USB device found, idVendor=04b4, idProduct=de61, bcdDevice= 0.00
[ 1526.468034][T13075] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1526.522058][T13075] usb 3-1: config 0 descriptor??
[ 1526.567634][T12148] usb 7-1: Using ep0 maxpacket: 8
[ 1526.570877][T12148] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 7
[ 1526.574449][T12148] usb 7-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b
[ 1526.574478][T12148] usb 7-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3
[ 1526.574499][T12148] usb 7-1: Product: syz
[ 1526.574512][T12148] usb 7-1: Manufacturer: syz
[ 1526.574526][T12148] usb 7-1: SerialNumber: syz
[ 1526.894722][T12148] usb 7-1: palm_os_3_probe - error -110 getting connection information
[ 1526.894829][T12148] visor 7-1:1.0: probe with driver visor failed with error -110
[ 1526.906009][T12148] usb 7-1: USB disconnect, device number 60
[ 1526.984283][T13075] usbhid 3-1:0.0: can't add hid device: -71
[ 1526.984423][T13075] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[ 1527.021067][T13075] usb 3-1: USB disconnect, device number 54
[ 1527.082450][T16337] FAULT_INJECTION: forcing a failure.
[ 1527.082450][T16337] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1527.082488][T16337] CPU: 0 UID: 0 PID: 16337 Comm: syz.6.2536 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1527.082513][T16337] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1527.082526][T16337] Call Trace:
[ 1527.082535][T16337]  <TASK>
[ 1527.082545][T16337]  dump_stack_lvl+0x189/0x250
[ 1527.082592][T16337]  ? __pfx____ratelimit+0x10/0x10
[ 1527.082626][T16337]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1527.082656][T16337]  ? __pfx__printk+0x10/0x10
[ 1527.082679][T16337]  ? __might_fault+0xb0/0x130
[ 1527.082723][T16337]  should_fail_ex+0x46c/0x600
[ 1527.082761][T16337]  _copy_from_user+0x2d/0xb0
[ 1527.082789][T16337]  kstrtouint_from_user+0xc4/0x170
[ 1527.082813][T16337]  ? __pfx_kstrtouint_from_user+0x10/0x10
[ 1527.082857][T16337]  proc_fail_nth_write+0x88/0x200
[ 1527.082880][T16337]  ? __pfx_proc_fail_nth_write+0x10/0x10
[ 1527.082910][T16337]  ? __pfx_proc_fail_nth_write+0x10/0x10
[ 1527.082934][T16337]  vfs_write+0x287/0xb40
[ 1527.082973][T16337]  ? __pfx_vfs_write+0x10/0x10
[ 1527.082995][T16337]  ? try_to_take_rt_mutex+0x7fd/0xac0
[ 1527.083033][T16337]  ? mutex_lock_nested+0x154/0x1d0
[ 1527.083057][T16337]  ? fdget_pos+0x253/0x320
[ 1527.083098][T16337]  ksys_write+0x14b/0x260
[ 1527.083129][T16337]  ? __pfx_ksys_write+0x10/0x10
[ 1527.083152][T16337]  ? rcu_is_watching+0x15/0xb0
[ 1527.083191][T16337]  ? do_syscall_64+0xbe/0x3b0
[ 1527.083215][T16337]  do_syscall_64+0xfa/0x3b0
[ 1527.083233][T16337]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1527.083264][T16337]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1527.083285][T16337]  ? clear_bhb_loop+0x60/0xb0
[ 1527.083312][T16337]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1527.083333][T16337] RIP: 0033:0x7fdcfa85d97f
[ 1527.083352][T16337] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[ 1527.083370][T16337] RSP: 002b:00007fdcf8abe030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 1527.083394][T16337] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fdcfa85d97f
[ 1527.083410][T16337] RDX: 0000000000000001 RSI: 00007fdcf8abe0a0 RDI: 0000000000000006
[ 1527.083424][T16337] RBP: 00007fdcf8abe090 R08: 0000000000000000 R09: 0000000000000000
[ 1527.083446][T16337] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[ 1527.083459][T16337] R13: 00007fdcfaab6038 R14: 00007fdcfaab5fa0 R15: 00007ffef05c10d8
[ 1527.083497][T16337]  </TASK>
[ 1527.217155][T16210] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1527.217300][T16210] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1527.217991][T16210] bridge_slave_0: entered allmulticast mode
[ 1527.228039][T16210] bridge_slave_0: entered promiscuous mode
[ 1527.313917][T16210] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1527.314059][T16210] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1527.314320][T16210] bridge_slave_1: entered allmulticast mode
[ 1527.319662][T16210] bridge_slave_1: entered promiscuous mode
[ 1529.603311][T16210] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1529.701827][T16210] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1532.235729][T15996] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 1532.245970][T16373] 9pnet_fd: Insufficient options for proto=fd
[ 1532.289570][   T87] bridge_slave_1: left allmulticast mode
[ 1532.289610][   T87] bridge_slave_1: left promiscuous mode
[ 1532.289914][   T87] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1532.528236][   T87] bridge_slave_0: left allmulticast mode
[ 1532.528279][   T87] bridge_slave_0: left promiscuous mode
[ 1532.528615][   T87] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1535.307706][   T87] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1535.419521][   T87] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1535.480553][   T87] bond0 (unregistering): Released all slaves
[ 1535.729576][T15996] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 1535.970685][T16210] team0: Port device team_slave_0 added
[ 1535.985892][T15996] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 1536.136842][T16210] team0: Port device team_slave_1 added
[ 1536.137175][T15996] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 1538.437760][   T87] hsr_slave_0: left promiscuous mode
[ 1538.487644][   T87] hsr_slave_1: left promiscuous mode
[ 1538.488805][   T87] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1538.539568][   T87] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1540.498937][   T87] team0 (unregistering): Port device team_slave_1 removed
[ 1542.175429][   T87] team0 (unregistering): Port device team_slave_0 removed
[ 1542.829960][T10740] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1542.854009][T10740] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1542.879540][T10740] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1542.885708][T10740] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1542.886795][T10740] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1543.159732][T16453] 9pnet_fd: Insufficient options for proto=fd
[ 1545.169014][ T5154] Bluetooth: hci1: command tx timeout
[ 1545.190535][T16210] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1545.190554][T16210] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1545.190582][T16210] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1545.279468][T16210] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1545.279488][T16210] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1545.279517][T16210] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1545.317803][ T5928] usb 3-1: new high-speed USB device number 55 using dummy_hcd
[ 1545.470913][ T5928] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1545.470948][ T5928] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1545.470989][ T5928] usb 3-1: New USB device found, idVendor=04b4, idProduct=de61, bcdDevice= 0.00
[ 1545.471011][ T5928] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1545.519830][ T5928] usb 3-1: config 0 descriptor??
[ 1545.620128][T16449] lo speed is unknown, defaulting to 1000
[ 1545.773964][T16449] batadv0 speed is unknown, defaulting to 1000
[ 1545.852721][T16210] hsr_slave_0: entered promiscuous mode
[ 1545.881375][T16210] hsr_slave_1: entered promiscuous mode
[ 1545.882451][T16210] debugfs: 'hsr0' already exists in 'hsr'
[ 1545.882479][T16210] Cannot create hsr debugfs directory
[ 1546.017689][    T9] usb 5-1: new full-speed USB device number 79 using dummy_hcd
[ 1546.052098][ T5928] usbhid 3-1:0.0: can't add hid device: -71
[ 1546.052595][ T5928] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[ 1546.186237][    T9] usb 5-1: device descriptor read/64, error -71
[ 1546.278899][ T5928] usb 3-1: USB disconnect, device number 55
[ 1546.428146][    T9] usb 5-1: new full-speed USB device number 80 using dummy_hcd
[ 1546.558788][T16472] FAULT_INJECTION: forcing a failure.
[ 1546.558788][T16472] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1546.558828][T16472] CPU: 1 UID: 0 PID: 16472 Comm: syz.6.2567 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1546.558853][T16472] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1546.558865][T16472] Call Trace:
[ 1546.558874][T16472]  <TASK>
[ 1546.558884][T16472]  dump_stack_lvl+0x189/0x250
[ 1546.558920][T16472]  ? __pfx____ratelimit+0x10/0x10
[ 1546.558952][T16472]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1546.558981][T16472]  ? __pfx__printk+0x10/0x10
[ 1546.559004][T16472]  ? __might_fault+0xb0/0x130
[ 1546.559046][T16472]  should_fail_ex+0x46c/0x600
[ 1546.559083][T16472]  core_sys_select+0x726/0xa20
[ 1546.559125][T16472]  ? __pfx_core_sys_select+0x10/0x10
[ 1546.559182][T16472]  ? __pfx_set_user_sigmask+0x10/0x10
[ 1546.559207][T16472]  ? rt_mutex_slowunlock+0x1be/0x2e0
[ 1546.559234][T16472]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[ 1546.559270][T16472]  __se_sys_pselect6+0x27a/0x300
[ 1546.559305][T16472]  ? __pfx___se_sys_pselect6+0x10/0x10
[ 1546.559332][T16472]  ? __pfx_ksys_write+0x10/0x10
[ 1546.559365][T16472]  ? __x64_sys_pselect6+0x21/0xf0
[ 1546.559397][T16472]  do_syscall_64+0xfa/0x3b0
[ 1546.559418][T16472]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1546.559446][T16472]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 1546.559467][T16472]  ? clear_bhb_loop+0x60/0xb0
[ 1546.559493][T16472]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1546.559514][T16472] RIP: 0033:0x7fdcfa85eec9
[ 1546.559533][T16472] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1546.559551][T16472] RSP: 002b:00007fdcf8a8a038 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
[ 1546.559575][T16472] RAX: ffffffffffffffda RBX: 00007fdcfaab6090 RCX: 00007fdcfa85eec9
[ 1546.559590][T16472] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000040
[ 1546.559604][T16472] RBP: 00007fdcf8a8a090 R08: 0000000000000000 R09: 0000000000000000
[ 1546.559618][T16472] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000000000000001
[ 1546.559632][T16472] R13: 00007fdcfaab6128 R14: 00007fdcfaab6090 R15: 00007ffef05c10d8
[ 1546.559667][T16472]  </TASK>
[ 1546.569661][    T9] usb 5-1: device descriptor read/64, error -71
[ 1546.678441][    T9] usb usb5-port1: attempt power cycle
[ 1547.046686][    T9] usb 5-1: new full-speed USB device number 81 using dummy_hcd
[ 1547.207662][    T9] usb 5-1: device descriptor read/8, error -71
[ 1547.251018][ T5154] Bluetooth: hci1: command tx timeout
[ 1547.628193][    T9] usb 5-1: new full-speed USB device number 82 using dummy_hcd
[ 1547.662188][    T9] usb 5-1: device descriptor read/8, error -71
[ 1547.810451][    T9] usb usb5-port1: unable to enumerate USB device
[ 1547.964381][T16481] 9pnet_fd: Insufficient options for proto=fd
[ 1549.307662][ T5154] Bluetooth: hci1: command tx timeout
[ 1550.567661][ T5928] usb 5-1: new high-speed USB device number 83 using dummy_hcd
[ 1550.738087][ T5928] usb 5-1: Using ep0 maxpacket: 8
[ 1550.745086][ T5928] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1550.765648][ T5928] usb 5-1: New USB device found, idVendor=0421, idProduct=798f, bcdDevice=86.54
[ 1550.765684][ T5928] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1550.765705][ T5928] usb 5-1: Product: syz
[ 1550.765721][ T5928] usb 5-1: Manufacturer: syz
[ 1550.765736][ T5928] usb 5-1: SerialNumber: syz
[ 1550.834358][ T5928] usb 5-1: config 0 descriptor??
[ 1550.851924][ T5928] cdc_phonet 5-1:0.0: probe with driver cdc_phonet failed with error -22
[ 1552.327728][ T5154] Bluetooth: hci1: command tx timeout
[ 1552.328448][ T1323] ieee802154 phy1 wpan1: encryption failed: -22
[ 1552.425507][ T5928] usb 5-1: USB disconnect, device number 83
[ 1554.634889][T16540] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1554.641956][   T37] kauditd_printk_skb: 5 callbacks suppressed
[ 1554.641979][   T37] audit: type=1326 audit(1758737986.777:501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16536 comm="syz.6.2584" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fdcfa85eec9 code=0x0
[ 1554.994559][T16543] FAULT_INJECTION: forcing a failure.
[ 1554.994559][T16543] name failslab, interval 1, probability 0, space 0, times 0
[ 1554.994598][T16543] CPU: 0 UID: 0 PID: 16543 Comm: syz.2.2583 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1554.994624][T16543] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1554.994637][T16543] Call Trace:
[ 1554.994646][T16543]  <TASK>
[ 1554.994656][T16543]  dump_stack_lvl+0x189/0x250
[ 1554.994693][T16543]  ? __pfx____ratelimit+0x10/0x10
[ 1554.994727][T16543]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1554.994759][T16543]  ? __pfx__printk+0x10/0x10
[ 1554.994791][T16543]  ? __pfx___might_resched+0x10/0x10
[ 1554.994816][T16543]  ? fs_reclaim_acquire+0x7d/0x100
[ 1554.994843][T16543]  should_fail_ex+0x46c/0x600
[ 1554.994881][T16543]  should_failslab+0xa8/0x100
[ 1554.994914][T16543]  __kmalloc_noprof+0xcb/0x430
[ 1554.994941][T16543]  ? vb2_core_reqbufs+0x97f/0x1420
[ 1554.994978][T16543]  vb2_core_reqbufs+0x97f/0x1420
[ 1554.995033][T16543]  ? __pfx_vb2_core_reqbufs+0x10/0x10
[ 1554.995071][T16543]  ? __kasan_kmalloc+0x93/0xb0
[ 1554.995109][T16543]  ? __kmalloc_cache_noprof+0x1a8/0x320
[ 1554.995136][T16543]  ? __vb2_init_fileio+0x1e8/0xff0
[ 1554.995163][T16543]  __vb2_init_fileio+0x318/0xff0
[ 1554.995209][T16543]  __vb2_perform_fileio+0x284/0x1600
[ 1554.995243][T16543]  ? mutex_lock_interruptible_nested+0x154/0x1d0
[ 1554.995270][T16543]  ? vb2_fop_read+0x101/0x360
[ 1554.995306][T16543]  vb2_fop_read+0x27c/0x360
[ 1554.995346][T16543]  v4l2_read+0x19f/0x2c0
[ 1554.995383][T16543]  vfs_readv+0x5b0/0x850
[ 1554.995416][T16543]  ? __pfx_v4l2_read+0x10/0x10
[ 1554.995451][T16543]  ? __pfx_vfs_readv+0x10/0x10
[ 1554.995503][T16543]  ? __fget_files+0x2a/0x420
[ 1554.995536][T16543]  ? __fget_files+0x3a6/0x420
[ 1554.995563][T16543]  ? __fget_files+0x2a/0x420
[ 1554.995602][T16543]  __x64_sys_preadv+0x19a/0x2a0
[ 1554.995634][T16543]  ? __pfx___x64_sys_preadv+0x10/0x10
[ 1554.995660][T16543]  ? rcu_is_watching+0x15/0xb0
[ 1554.995699][T16543]  ? do_syscall_64+0xbe/0x3b0
[ 1554.995727][T16543]  do_syscall_64+0xfa/0x3b0
[ 1554.995746][T16543]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1554.995778][T16543]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1554.995800][T16543]  ? clear_bhb_loop+0x60/0xb0
[ 1554.995828][T16543]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1554.995849][T16543] RIP: 0033:0x7f25c0daeec9
[ 1554.995868][T16543] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1554.995886][T16543] RSP: 002b:00007f25befd4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[ 1554.995910][T16543] RAX: ffffffffffffffda RBX: 00007f25c1006180 RCX: 00007f25c0daeec9
[ 1554.995926][T16543] RDX: 0000000000000001 RSI: 0000200000000c00 RDI: 0000000000000005
[ 1554.995940][T16543] RBP: 00007f25befd4090 R08: 0000000000000005 R09: 0000000000000000
[ 1554.995954][T16543] R10: 0000000080000000 R11: 0000000000000246 R12: 0000000000000001
[ 1554.995968][T16543] R13: 00007f25c1006218 R14: 00007f25c1006180 R15: 00007ffe0818ffa8
[ 1554.996006][T16543]  </TASK>
[ 1557.158335][T16556] vivid-009: kernel_thread() failed
[ 1558.399455][T16569] overlayfs: failed lookup in lower (newroot/668, name='file1', err=-40): overlapping layers
[ 1559.507613][T16506] usb 3-1: new high-speed USB device number 56 using dummy_hcd
[ 1559.657662][T16506] usb 3-1: Using ep0 maxpacket: 8
[ 1559.664258][T16506] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4
[ 1559.664311][T16506] usb 3-1: New USB device found, idVendor=1b1c, idProduct=1b09, bcdDevice= 0.00
[ 1559.664335][T16506] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1559.720458][T16506] usb 3-1: config 0 descriptor??
[ 1570.067569][T16506] usbhid 3-1:0.0: can't add hid device: -32
[ 1570.067710][T16506] usbhid 3-1:0.0: probe with driver usbhid failed with error -32
[ 1570.211602][T16506] usb 3-1: USB disconnect, device number 56
[ 1570.378567][T16449] chnl_net:caif_netlink_parms(): no params data found
[ 1571.297785][T16449] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1571.297950][T16449] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1571.298241][T16449] bridge_slave_0: entered allmulticast mode
[ 1571.302865][T16449] bridge_slave_0: entered promiscuous mode
[ 1571.354362][T16449] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1571.354623][T16449] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1571.355022][T16449] bridge_slave_1: entered allmulticast mode
[ 1571.367635][T16449] bridge_slave_1: entered promiscuous mode
[ 1571.856491][ T5154] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1571.903072][   T87] bridge_slave_1: left allmulticast mode
[ 1571.903112][   T87] bridge_slave_1: left promiscuous mode
[ 1571.903419][   T87] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1571.904225][T16609] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1571.941643][T16609] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1571.988432][T16609] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1572.005475][T16609] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1572.019394][   T87] bridge_slave_0: left allmulticast mode
[ 1572.019430][   T87] bridge_slave_0: left promiscuous mode
[ 1572.019711][   T87] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1572.798114][   T87] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1573.179340][   T87] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1573.372901][   T87] bond0 (unregistering): Released all slaves
[ 1573.425355][T16614] bridge16: entered promiscuous mode
[ 1573.425392][T16614] bridge16: entered allmulticast mode
[ 1573.431625][T16614] team0: Port device bridge16 added
[ 1573.886269][T16623] FAULT_INJECTION: forcing a failure.
[ 1573.886269][T16623] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1573.886490][T16623] CPU: 0 UID: 0 PID: 16623 Comm: syz.2.2608 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1573.886517][T16623] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1573.886529][T16623] Call Trace:
[ 1573.886537][T16623]  <TASK>
[ 1573.886547][T16623]  dump_stack_lvl+0x189/0x250
[ 1573.886584][T16623]  ? __pfx____ratelimit+0x10/0x10
[ 1573.886615][T16623]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1573.886643][T16623]  ? __pfx__printk+0x10/0x10
[ 1573.886685][T16623]  should_fail_ex+0x46c/0x600
[ 1573.886732][T16623]  _copy_to_user+0x31/0xb0
[ 1573.886762][T16623]  simple_read_from_buffer+0xe1/0x170
[ 1573.886797][T16623]  proc_fail_nth_read+0x1b6/0x220
[ 1573.886823][T16623]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1573.886849][T16623]  ? rw_verify_area+0x2ac/0x4e0
[ 1573.886874][T16623]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1573.886898][T16623]  vfs_read+0x206/0xa30
[ 1573.886935][T16623]  ? __pfx_vfs_read+0x10/0x10
[ 1573.886957][T16623]  ? try_to_take_rt_mutex+0x7fd/0xac0
[ 1573.886995][T16623]  ? mutex_lock_nested+0x154/0x1d0
[ 1573.887018][T16623]  ? fdget_pos+0x253/0x320
[ 1573.887056][T16623]  ksys_read+0x14b/0x260
[ 1573.887093][T16623]  ? __pfx_ksys_read+0x10/0x10
[ 1573.887116][T16623]  ? rcu_is_watching+0x15/0xb0
[ 1573.887154][T16623]  ? do_syscall_64+0xbe/0x3b0
[ 1573.887179][T16623]  do_syscall_64+0xfa/0x3b0
[ 1573.887201][T16623]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1573.887220][T16623]  ? asm_sysvec_call_function_single+0x1a/0x20
[ 1573.887241][T16623]  ? clear_bhb_loop+0x60/0xb0
[ 1573.887267][T16623]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1573.887287][T16623] RIP: 0033:0x7f25c0dad8dc
[ 1573.887306][T16623] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1573.887323][T16623] RSP: 002b:00007f25beff5030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1573.887347][T16623] RAX: ffffffffffffffda RBX: 00007f25c1006090 RCX: 00007f25c0dad8dc
[ 1573.887362][T16623] RDX: 000000000000000f RSI: 00007f25beff50a0 RDI: 0000000000000005
[ 1573.887375][T16623] RBP: 00007f25beff5090 R08: 0000000000000000 R09: 0000000000000000
[ 1573.887388][T16623] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1573.887406][T16623] R13: 00007f25c1006128 R14: 00007f25c1006090 R15: 00007ffe0818ffa8
[ 1573.887438][T16623]  </TASK>
[ 1574.156216][T10740] Bluetooth: hci0: command tx timeout
[ 1576.202089][T10740] Bluetooth: hci0: command tx timeout
[ 1576.614914][T16639] Bluetooth: MGMT ver 1.23
[ 1578.030248][T16449] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1578.536344][T16449] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1579.047675][T10740] Bluetooth: hci0: command tx timeout
[ 1579.182317][T16656] 9pnet_fd: Insufficient options for proto=fd
[ 1581.068066][T16609] Bluetooth: hci0: command tx timeout
[ 1587.526677][T12148] usb 7-1: new high-speed USB device number 61 using dummy_hcd
[ 1599.687456][    C0] sched: DL replenish lagged too much
[ 1608.629550][T12148] usb 7-1: device descriptor read/64, error -71
[ 1613.785755][T12148] usb 7-1: new high-speed USB device number 62 using dummy_hcd
[ 1620.092347][T14993] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 1620.099788][T14993] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[ 1620.112241][T14993] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 1620.114796][T14993] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[ 1620.150265][ T5154] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[ 1620.207644][ T5154] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 1620.282153][ T5154] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[ 1620.283187][ T5154] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[ 1620.349215][T14993] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 1620.350187][T14993] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 1620.819413][T12148] usb 7-1: device descriptor read/64, error -110
[ 1621.755459][T14993] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[ 1621.807910][T14993] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[ 1621.811099][T14993] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[ 1621.812496][T14993] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[ 1621.813436][T14993] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[ 1621.951005][T14993] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[ 1621.967999][T12148] usb usb7-port1: attempt power cycle
[ 1621.985314][T14993] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[ 1622.002369][T14993] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[ 1622.006471][T14993] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[ 1622.027839][T14993] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[ 1623.023087][T14993] Bluetooth: hci7: command tx timeout
[ 1623.024060][T14993] Bluetooth: hci6: command tx timeout
[ 1623.983384][T14993] Bluetooth: hci8: command tx timeout
[ 1625.997523][T10740] Bluetooth: hci6: command tx timeout
[ 1625.997567][T10740] Bluetooth: hci7: command tx timeout
[ 1626.115488][T14993] Bluetooth: hci8: command tx timeout
[ 1628.997486][T10740] Bluetooth: hci6: command tx timeout
[ 1628.997529][T10740] Bluetooth: hci7: command tx timeout
[ 1628.997554][T10740] Bluetooth: hci8: command tx timeout
[ 1629.983361][T12148] usb 7-1: new high-speed USB device number 63 using dummy_hcd
[ 1631.211298][T14993] Bluetooth: hci7: command tx timeout
[ 1631.211343][T14993] Bluetooth: hci8: command tx timeout
[ 1631.211367][T14993] Bluetooth: hci6: command tx timeout
[ 1632.078366][T12148] usb 7-1: device descriptor read/8, error -32
[ 1644.962170][ T1323] ieee802154 phy1 wpan1: encryption failed: -22
[ 1655.272233][T12148] raw-gadget.0 gadget.6: failed to queue reset event
[ 1657.299026][T12148] raw-gadget.0 gadget.6: failed to queue resume event
[ 1659.701571][T12148] usb 7-1: new high-speed USB device number 64 using dummy_hcd
[ 1662.095703][    C0] raw-gadget.0 gadget.6: ignoring, device is not running
[ 1663.004133][T12148] usb 7-1: device descriptor read/8, error -32
[ 1664.070252][T12148] raw-gadget.0 gadget.6: failed to queue suspend event
[ 1665.071232][T12148] usb usb7-port1: unable to enumerate USB device
[ 1668.037898][T14993] Bluetooth: hci1: command 0x0406 tx timeout
[ 1700.197935][T16703] Bluetooth: hci0: command tx timeout
[ 1741.719426][T16724] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1
[ 1741.755437][T16724] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9
[ 1741.779977][T16724] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9
[ 1741.782690][T16724] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4
[ 1741.784357][T16726] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2
[ 1741.813963][T16688] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1
[ 1741.880633][T16726] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9
[ 1741.907864][T16726] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9
[ 1741.909409][T16726] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4
[ 1741.910412][T16726] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2
[ 1742.084506][T16714] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1
[ 1742.119418][T16714] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9
[ 1742.123475][T16714] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9
[ 1742.125007][T16714] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4
[ 1742.150508][T16714] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2
[ 1742.689421][T16725] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1
[ 1742.723891][T16725] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9
[ 1742.725820][T16725] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9
[ 1742.745326][T16725] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4
[ 1742.746317][T16725] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2
[ 1743.226734][T16730] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1
[ 1743.276181][T16730] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9
[ 1743.286576][T16730] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9
[ 1743.307866][T16730] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4
[ 1743.310267][T16730] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2
[ 1743.714127][T16730] Bluetooth: hci7: command 0x0406 tx timeout
[ 1743.714180][T16730] Bluetooth: hci6: command 0x0406 tx timeout
[ 1743.782354][ T1323] ieee802154 phy1 wpan1: encryption failed: -22
[ 1743.796609][ T1323] ieee802154 phy1 wpan1: encryption failed: -22
[ 1748.033983][T16732] Bluetooth: hci8: command 0x0406 tx timeout
[ 1784.783605][   T38] INFO: tas[ 1784.783605][   T38] INFO: task dhcpcd:16687 blocked for more than 144 seconds.
[ 1784.783632][   T38]       Not tainted syzkaller #0
[ 1784.783642][   T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1784.783651][   T38] task:dhcpcd          state:D stack:23944 pid:16687 tgid:16687 ppid:5500   task_flags:0x400140 flags:0x00004002
[ 1784.783701][   T38] Call Trace:
[ 1784.783709][   T38]  <TASK>
[ 1784.783725][   T38]  __schedule+0x16f3/0x4c20
[ 1784.783780][   T38]  ? __lock_acquire+0xab9/0xd20
[ 1784.783805][   T38]  ? __pfx___schedule+0x10/0x10
[ 1784.783847][   T38]  ? schedule+0x91/0x360
[ 1784.783874][   T38]  schedule+0x165/0x360
[ 1784.783899][   T38]  schedule_timeout+0x9a/0x270
[ 1784.783923][   T38]  ? __pfx_schedule_timeout+0x10/0x10
[ 1784.783962][   T38]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1784.783988][   T38]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1784.784012][   T38]  ? wait_for_completion+0x267/0x5d0
[ 1784.784041][   T38]  wait_for_completion+0x2bf/0x5d0
[ 1784.784080][   T38]  ? __pfx_wait_for_completion+0x10/0x10
[ 1784.784102][   T38]  ? start_poll_synchronize_rcu_common+0x149/0x290
[ 1784.784130][   T38]  ? __init_swait_queue_head+0xa9/0x150
[ 1784.784154][   T38]  synchronize_rcu_normal+0x17d/0x260
[ 1784.784172][   T38]  ? __pfx_synchronize_rcu_normal+0x10/0x10
[ 1784.784218][   T38]  ? __pfx___might_resched+0x10/0x10
[ 1784.784256][   T38]  synchronize_rcu_expedited+0x161/0x730
[ 1784.784275][   T38]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1784.784300][   T38]  ? __pfx_synchronize_rcu_expedited+0x10/0x10
[ 1784.784357][   T38]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[ 1784.784384][   T38]  ? rt_spin_unlock+0x65/0x80
[ 1784.784410][   T38]  __unregister_prot_hook+0x50c/0x6e0
[ 1784.784433][   T38]  ? packet_do_bind+0x98/0xcd0
[ 1784.784457][   T38]  ? packet_do_bind+0x98/0xcd0
[ 1784.784478][   T38]  packet_do_bind+0x536/0xcd0
[ 1784.784502][   T38]  ? packet_do_bind+0x98/0xcd0
[ 1784.784526][   T38]  __sys_bind+0x2cc/0x3e0
[ 1784.784556][   T38]  ? __pfx___sys_bind+0x10/0x10
[ 1784.784605][   T38]  __x64_sys_bind+0x7a/0x90
[ 1784.784628][   T38]  do_syscall_64+0xfa/0x3b0
[ 1784.784644][   T38]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1784.784667][   T38]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1784.784685][   T38]  ? clear_bhb_loop+0x60/0xb0
[ 1784.784706][   T38]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1784.784723][   T38] RIP: 0033:0x7f386d0782d7
[ 1784.784739][   T38] RSP: 002b:00007ffe475cdc08 EFLAGS: 00000213 ORIG_RAX: 0000000000000031
[ 1784.784759][   T38] RAX: ffffffffffffffda RBX: 000055b27b343040 RCX: 00007f386d0782d7
[ 1784.784772][   T38] RDX: 0000000000000014 RSI: 00007ffe475cdc20 RDI: 0000000000000003
[ 1784.784783][   T38] RBP: 000055b24eafc4b0 R08: 00007f386d147ac0 R09: 0000000000000000
[ 1784.784794][   T38] R10: 0000000000000002 R11: 0000000000000213 R12: 0000000000000000
[ 1784.784805][   T38] R13: 000055b27b33d170 R14: 0000000000000000 R15: 000055b24eb11ac0
[ 1784.784835][   T38]  </TASK>
[ 1784.784862][   T38] 
[ 1784.784862][   T38] Showing all locks held in the system:
[ 1784.784871][   T38] 4 locks held by kworker/0:0/9:
[ 1784.784881][   T38]  #0: ffff888019899938 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 1784.784929][   T38]  #1: ffffc900000e7bc0 ((work_completion)(&(&tbl->managed_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 1784.784973][   T38]  #2: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[ 1784.785017][   T38]  #3: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[ 1784.785058][   T38] 2 locks held by ksoftirqd/0/15:
[ 1784.785068][   T38]  #0: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[ 1784.785107][   T38]  #1: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[ 1784.785148][   T38] 2 locks held by ktimers/0/16:
[ 1784.785157][   T38]  #0: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[ 1784.785220][   T38]  #1: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[ 1784.785263][   T38] 2 locks held by rcuc/0/20:
[ 1784.785272][   T38]  #0: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[ 1784.785313][   T38]  #1: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[ 1784.785364][   T38] 13 locks held by ktimers/1/29:
[ 1784.785373][   T38]  #0: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[ 1784.785413][   T38]  #1: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[ 1784.785453][   T38]  #2: ffffffff8d9a8d80 (rcu_read_lock){....}-{1:3}, at: rt_spin_lock+0x1bb/0x2c0
[ 1784.785494][   T38]  #3: ffffffff8d9a8d80 (rcu_read_lock){....}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[ 1784.785536][   T38]  #4: ffffffff8d9a8d80 (rcu_read_lock){....}-{1:3}, at: process_backlog+0x27b/0x900
[ 1784.785582][   T38]  #5: ffffffff8d9a8d80 (rcu_read_lock){....}-{1:3}, at: NF_HOOK+0x9a/0x3a0
[ 1784.785627][   T38]  #6: ffffffff8d9a8d80 (rcu_read_lock){....}-{1:3}, at: ip_output+0x60/0x3c0
[ 1784.785663][   T38]  #7: ffffffff8d9a8d80 (rcu_read_lock){....}-{1:3}, at: ip_finish_output2+0x452/0x11d0
[ 1784.785702][   T38]  #8: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[ 1784.785753][   T38]  #9: ffffffff8d9a8de0 (rcu_read_lock_bh){....}-{1:3}, at: __dev_queue_xmit+0x26f/0x3b70
[ 1784.785792][   T38]  #10: ffff8880234d8318 (dev->qdisc_tx_busylock ?: &qdisc_tx_busylock#7){+...}-{3:3}, at: __dev_queue_xmit+0xd58/0x3b70
[ 1784.880463][   T38]  #11: ffffffff8d9a8d80 (rcu_read_lock){....}-{1:3}, at: rt_spin_lock+0x1bb/0x2c0
[ 1784.880540][   T38]  #12: ffff88803121e398 (&p->pi_lock){-...}-{2:2}, at: try_to_wake_up+0x67/0x12b0
[ 1784.880600][   T38] 2 locks held by ksoftirqd/1/30:
[ 1784.880613][   T38]  #0: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[ 1784.880667][   T38]  #1: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[ 1784.880723][   T38] 1 lock held by khungtaskd/38:
[ 1784.880736][   T38]  #0: ffffffff8d9a8d80 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[ 1784.880786][   T38] 4 locks held by kworker/u8:2/43:
[ 1784.880798][   T38]  #0: ffff888037d96938 ((wq_completion)wg-kex-wg1#9){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 1784.880856][   T38]  #1: ffffc90000b47bc0 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 1784.880910][   T38]  #2: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[ 1784.880962][   T38]  #3: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[ 1784.881018][   T38] 6 locks held by kworker/u8:4/67:
[ 1784.881030][   T38]  #0: ffff88801dac5138 ((wq_completion)wg-kex-wg1#11){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 1784.881087][   T38]  #1: ffffc9000152fbc0 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 1784.881139][   T38]  #2: ffff88805b49d5f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x10a/0x7e0
[ 1784.881193][   T38]  #3: ffff8880238b2e58 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x11b/0x7e0
[ 1784.881245][   T38]  #4: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[ 1784.881296][   T38]  #5: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[ 1784.881359][   T38] 4 locks held by kworker/u8:5/87:
[ 1784.881372][   T38]  #0: ffff88801a6f4138 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 1784.881424][   T38]  #1: ffffc9000159fbc0 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 1784.881475][   T38]  #2: ffffffff8ecc6a20 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xf7/0x800
[ 1784.881532][   T38]  #3: ffffffff8ecd3938 (rtnl_mutex){+.+.}-{4:4}, at: default_device_exit_batch+0xdc/0x890
[ 1784.881592][   T38] 4 locks held by kworker/u8:6/816:
[ 1784.881604][   T38]  #0: ffff88802a9cb138 ((wq_completion)wg-kex-wg0#9){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 1784.881662][   T38]  #1: ffffc9000442fbc0 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 1784.881716][   T38]  #2: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[ 1784.881765][   T38]  #3: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[ 1784.881823][   T38] 6 locks held by kworker/u8:8/1174:
[ 1784.881835][   T38]  #0: ffff88803d905138 ((wq_completion)wg-kex-wg2#9){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 1784.881892][   T38]  #1: ffffc90004b47bc0 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 1784.881944][   T38]  #2: ffff88803cc4d5f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x10a/0x7e0
[ 1784.881995][   T38]  #3: ffff888039cec388 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x11b/0x7e0
[ 1784.882046][   T38]  #4: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[ 1784.882098][   T38]  #5: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[ 1784.882162][   T38] 7 locks held by kworker/u8:9/3538:
[ 1784.882174][   T38]  #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 1784.882228][   T38]  #1: ffffc9000d32fbc0 ((work_completion)(&(&nsim_dev->trap_data->trap_report_dw)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 1784.882283][   T38]  #2: ffff88805add4300 (&devlink->lock_key#2){+.+.}-{4:4}, at: nsim_dev_trap_report_work+0x57/0xbc0
[ 1784.882356][   T38]  #3: ffff88805ae09520 (&nsim_trap_data->trap_lock){+.+.}-{3:3}, at: nsim_dev_trap_report_work+0x1ad/0xbc0
[ 1784.882413][   T38]  #4: ffffffff8d9a8d80 (rcu_read_lock){....}-{1:3}, at: rt_spin_lock+0x1bb/0x2c0
[ 1784.882464][   T38]  #5: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[ 1784.882514][   T38]  #6: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[ 1784.882566][   T38] 6 locks held by kworker/u8:11/4403:
[ 1784.882577][   T38]  #0: ffff88802a9cb138 ((wq_completion)wg-kex-wg0#9){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 1784.882633][   T38]  #1: ffffc9000eb9fbc0 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 1784.882686][   T38]  #2: ffff88805b1e55f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x10a/0x7e0
[ 1784.882737][   T38]  #3: ffff888039cea3c0 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x11b/0x7e0
[ 1784.882787][   T38]  #4: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[ 1784.882838][   T38]  #5: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[ 1784.882890][   T38] 3 locks held by kworker/u8:12/4604:
[ 1784.882902][   T38]  #0: ffff88814ce91138 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 1784.882953][   T38]  #1: ffffc9000ef4fbc0 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 1784.883006][   T38]  #2: ffffffff8ecd3938 (rtnl_mutex){+.+.}-{4:4}, at: addrconf_verify_work+0x19/0x30
[ 1784.883061][   T38] 6 locks held by kworker/u9:1/5154:
[ 1784.883072][   T38]  #0: ffff88803986e138 ((wq_completion)hci0#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 1784.883128][   T38]  #1: ffffc9000fb17bc0 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 1784.883181][   T38]  #2: ffff888073a48e80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d4/0x3a0
[ 1784.883230][   T38]  #3: ffff888073a480a8 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x242/0xe30
[ 1784.883286][   T38]  #4: ffffffff8ee3b398 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x310
[ 1784.883350][   T38]  #5: ffff88805a9ed358 (&conn->lock#2){+.+.}-{4:4}, at: l2cap_conn_del+0x70/0x680
[ 1784.883403][   T38] 2 locks held by getty/5596:
[ 1784.883414][   T38]  #0: ffff88823bf6c8a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[ 1784.883472][   T38]  #1: ffffc90003e732e0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x444/0x1410
[ 1784.883525][   T38] 3 locks held by syz-executor/5824:
[ 1784.883538][   T38]  #0: ffff88803822a1d0 (sk_lock-AF_INET){+.+.}-{0:0}, at: tcp_recvmsg+0xd3/0x560
[ 1784.883590][   T38]  #1: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[ 1784.883641][   T38]  #2: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[ 1784.883694][   T38] 4 locks held by kworker/R-wg-cr/5875:
[ 1784.883707][   T38]  #0: ffff888030742538 ((wq_completion)wg-crypt-wg0#4){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 1784.883765][   T38]  #1: ffffc90005897ba0 ((work_completion)(&peer->transmit_packet_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 1784.883819][   T38]  #2: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[ 1784.883870][   T38]  #3: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[ 1784.883923][   T38] 4 locks held by kworker/R-wg-cr/5879:
[ 1784.883935][   T38]  #0: ffff888058de3138 ((wq_completion)wg-crypt-wg1#4){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 1784.883992][   T38]  #1: ffffc900058f7ba0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 1784.884062][   T38]  #2: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[ 1784.884110][   T38]  #3: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[ 1784.884163][   T38] 4 locks held by kworker/R-wg-cr/5888:
[ 1784.884175][   T38]  #0: ffff888036959938 ((wq_completion)wg-crypt-wg2#3){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 1784.884233][   T38]  #1: ffffc90005977ba0 ((work_completion)(&peer->transmit_packet_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 1784.884285][   T38]  #2: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[ 1784.884344][   T38]  #3: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[ 1784.884399][   T38] 6 locks held by kworker/u8:14/5982:
[ 1784.884410][   T38]  #0: ffff888058e23138 ((wq_completion)wg-kex-wg1#7){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 1784.884469][   T38]  #1: ffffc90005dbfbc0 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 1784.884523][   T38]  #2: ffff888058e4d5f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x10a/0x7e0
[ 1784.884575][   T38]  #3: ffff888021b3ce20 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x11b/0x7e0
[ 1784.884626][   T38]  #4: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[ 1784.884677][   T38]  #5: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[ 1784.884739][   T38] 6 locks held by kworker/u8:17/6112:
[ 1784.884752][   T38]  #0: ffff888041b9e938 ((wq_completion)wg-kex-wg2#7){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 1784.884809][   T38]  #1: ffffc9000ba87bc0 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 1784.884863][   T38]  #2: ffff888058fb55f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x10a/0x7e0
[ 1784.884914][   T38]  #3: ffff888021b3e350 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x11b/0x7e0
[ 1784.884965][   T38]  #4: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[ 1784.885016][   T38]  #5: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[ 1784.885070][   T38] 6 locks held by kworker/u8:18/6113:
[ 1784.885082][   T38]  #0: ffff888035cf5138 ((wq_completion)wg-kex-wg2#5){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 1784.885139][   T38]  #1: ffffc90005c67bc0 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 1784.885212][   T38]  #2: ffff888039aa95f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x10a/0x7e0
[ 1784.885264][   T38]  #3: ffff88805af36de8 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x11b/0x7e0
[ 1784.885314][   T38]  #4: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[ 1784.885375][   T38]  #5: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[ 1784.885427][   T38] 7 locks held by kworker/u8:19/6114:
[ 1784.885442][   T38] 2 locks held by dhcpcd/7117:
[ 1784.885453][   T38]  #0: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[ 1784.885504][   T38]  #1: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[ 1784.885556][   T38] 2 locks held by dhcpcd/7118:
[ 1784.885568][   T38]  #0: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[ 1784.885620][   T38]  #1: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[ 1784.885673][   T38] 2 locks held by dhcpcd/7120:
[ 1784.885684][   T38]  #0: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[ 1784.885736][   T38]  #1: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[ 1784.885788][   T38] 2 locks held by dhcpcd/7127:
[ 1784.885800][   T38]  #0: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[ 1784.885851][   T38]  #1: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[ 1784.885905][   T38] 4 locks held by kworker/R-wg-cr/8876:
[ 1784.885918][   T38]  #0: ffff888035169d38 ((wq_completion)wg-crypt-wg0#6){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 1784.885976][   T38]  #1: ffffc9001d9bfba0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 1784.886044][   T38]  #2: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[ 1784.886096][   T38]  #3: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[ 1784.886150][   T38] 4 locks held by kworker/u8:3/10047:
[ 1784.886162][   T38]  #0: ffff888058e23138 ((wq_completion)wg-kex-wg1#7){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 1784.886219][   T38]  #1: ffffc9000ea27bc0 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 1784.886273][   T38]  #2: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[ 1784.886334][   T38]  #3: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[ 1784.886387][   T38] 5 locks held by kworker/u9:0/10740:
[ 1784.886400][   T38]  #0: ffff88805b31d138 ((wq_completion)hci6){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 1784.886451][   T38]  #1: ffffc9001ea1fbc0 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 1784.886504][   T38]  #2: ffff8880543ace80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d4/0x3a0
[ 1784.886554][   T38]  #3: ffff8880543ac0a8 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x242/0xe30
[ 1784.886610][   T38]  #4: ffffffff8ee3b398 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x310
[ 1784.886667][   T38] 6 locks held by kworker/1:8/13073:
[ 1784.886680][   T38]  #0: ffff888058de2d38 ((wq_completion)wg-kex-wg1#8){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 1784.886737][   T38]  #1: ffffc9000e57fbc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 1784.886805][   T38]  #2: ffff888058e4d5f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_create_response+0x115/0x970
[ 1784.886856][   T38]  #3: ffff888021b3d8b8 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_create_response+0x126/0x970
[ 1784.886908][   T38]  #4: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[ 1784.886959][   T38]  #5: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[ 1784.887011][   T38] 2 locks held by kworker/1:9/13075:
[ 1784.887024][   T38] 5 locks held by kworker/R-bond2/13792:
[ 1784.887036][   T38]  #0: ffff888029007938 ((wq_completion)bond2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 1784.887089][   T38]  #1: ffffc90004bd7ba0 ((work_completion)(&(&bond->alb_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 1784.887142][   T38]  #2: ffffffff8d9a8d80 (rcu_read_lock){....}-{1:3}, at: bond_alb_monitor+0xf2/0x1840
[ 1784.887193][   T38]  #3: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[ 1784.887244][   T38]  #4: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[ 1784.887297][   T38] 4 locks held by kworker/u8:0/13798:
[ 1784.887387][   T38]  #0: ffff888031093138 ((wq_completion)bat_events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 1784.887443][   T38]  #1: ffffc90005b67bc0 ((work_completion)(&(&bat_priv->nc.work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 1784.887497][   T38]  #2: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[ 1784.887548][   T38]  #3: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[ 1784.887601][   T38] 4 locks held by kworker/u9:2/14993:
[ 1784.887613][   T38]  #0: ffff88805dcac938 ((wq_completion)hci9#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 1784.887670][   T38]  #1: ffffc90004c67bc0 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 1784.887724][   T38]  #2: ffff888070c940a8 (&hdev->lock){+.+.}-{4:4}, at: le_conn_complete_evt+0xb1/0x1220
[ 1784.887780][   T38]  #3: ffffffff8ee3b398 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_connect_cfm+0x2c/0x140
[ 1784.887837][   T38] 7 locks held by kworker/u8:1/16133:
[ 1784.887849][   T38]  #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 1784.887902][   T38]  #1: ffffc90009e4fbc0 ((work_completion)(&(&nsim_dev->trap_data->trap_report_dw)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 1784.887956][   T38]  #2: ffff888037f4b300 (&devlink->lock_key#6){+.+.}-{4:4}, at: nsim_dev_trap_report_work+0x57/0xbc0
[ 1784.888018][   T38]  #3: ffff888030041d20 (&nsim_trap_data->trap_lock){+.+.}-{3:3}, at: nsim_dev_trap_report_work+0x1ad/0xbc0
[ 1784.888077][   T38]  #4: ffffffff8d9a8d80 (rcu_read_lock){....}-{1:3}, at: rt_spin_lock+0x1bb/0x2c0
[ 1784.888128][   T38]  #5: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[ 1784.888179][   T38]  #6: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[ 1784.888236][   T38] 2 locks held by syz-executor/16606:
[ 1784.888249][   T38]  #0: ffffffff8ecc6a20 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x304/0x4d0
[ 1784.888302][   T38]  #1: ffffffff8ecd3938 (rtnl_mutex){+.+.}-{4:4}, at: register_netdevice_notifier_net+0x1a/0xa0
[ 1784.888367][   T38] 4 locks held by kworker/u9:3/16609:
[ 1784.888379][   T38]  #0: ffff88803afa8138 ((wq_completion)hci1){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 1784.888431][   T38]  #1: ffffc900058b7bc0 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 1784.888484][   T38]  #2: ffff88805fba8e80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d4/0x3a0
[ 1784.888533][   T38]  #3: ffff88805fba80a8 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x242/0xe30
[ 1784.888590][   T38] 4 locks held by kworker/u8:7/16680:
[ 1784.888602][   T38]  #0: ffff88803d905138 ((wq_completion)wg-kex-wg2#9){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 1784.888660][   T38]  #1: ffffc90004a57bc0 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 1784.888712][   T38]  #2: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[ 1784.888764][   T38]  #3: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[ 1784.888816][   T38] 1 lock held by syz-executor/16682:
[ 1784.888828][   T38]  #0: ffffffff8ecd3938 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8db/0x1c70
[ 1784.888882][   T38] 1 lock held by syz-executor/16683:
[ 1784.888894][   T38]  #0: ffffffff8ecd3938 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8db/0x1c70
[ 1784.888969][   T38] 1 lock held by dhcpcd/16687:
[ 1784.888981][   T38]  #0: ffff88803cd28350 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcd0
[ 1784.889034][   T38] 4 locks held by kworker/u9:4/16688:
[ 1784.889047][   T38]  #0: ffff88805dcad938 ((wq_completion)hci10#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 1784.889104][   T38]  #1: ffffc90004e47bc0 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 1784.889156][   T38]  #2: ffff88804ecd40a8 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x8e0
[ 1784.889219][   T38]  #3: ffffffff8ee3b398 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x516/0x8e0
[ 1784.889271][   T38] 1 lock held by dhcpcd/16689:
[ 1784.889283][   T38]  #0: ffff88805a66e7b8 (&sb->s_type->i_mutex_key#10){+.+.}-{4:4}, at: sock_close+0x9b/0x240
[ 1784.889349][   T38] 4 locks held by dhcpcd/16690:
[ 1784.889361][   T38]  #0: ffff88805a66da38 (&sb->s_type->i_mutex_key#10){+.+.}-{4:4}, at: sock_close+0x9b/0x240
[ 1784.889416][   T38]  #1: ffff888019948350 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_release+0x798/0xd30
[ 1784.889465][   T38]  #2: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[ 1784.889509][   T38]  #3: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[ 1784.889559][   T38] 1 lock held by dhcpcd/16691:
[ 1784.889570][   T38]  #0: ffff88805a66aaf8 (&sb->s_type->i_mutex_key#10){+.+.}-{4:4}, at: sock_close+0x9b/0x240
[ 1784.889624][   T38] 1 lock held by syz-executor/16694:
[ 1784.889636][   T38]  #0: ffffffff8ecd3938 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8db/0x1c70
[ 1784.889690][   T38] 1 lock held by syz-executor/16696:
[ 1784.889701][   T38]  #0: ffffffff8ecd3938 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8db/0x1c70
[ 1784.889755][   T38] 6 locks held by kworker/u8:10/16698:
[ 1784.889767][   T38]  #0: ffff888035cf2938 ((wq_completion)wg-kex-wg1#5){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 1784.889823][   T38]  #1: ffffc90004a47bc0 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 1784.889876][   T38]  #2: ffff8880590ad5f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x10a/0x7e0
[ 1784.889929][   T38]  #3: ffff88805af34e20 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x11b/0x7e0
[ 1784.889992][   T38]  #4: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[ 1784.890043][   T38]  #5: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[ 1784.890096][   T38] 7 locks held by kworker/u8:13/16699:
[ 1784.890108][   T38]  #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 1784.890161][   T38]  #1: ffffc90004cb7bc0 ((work_completion)(&(&nsim_dev->trap_data->trap_report_dw)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 1784.890216][   T38]  #2: ffff8880370fb300 (&devlink->lock_key#7){+.+.}-{4:4}, at: nsim_dev_trap_report_work+0x57/0xbc0
[ 1784.890278][   T38]  #3: ffff88805b6d7520 (&nsim_trap_data->trap_lock){+.+.}-{3:3}, at: nsim_dev_trap_report_work+0x1ad/0xbc0
[ 1784.890344][   T38]  #4: ffffffff8d9a8d80 (rcu_read_lock){....}-{1:3}, at: rt_spin_lock+0x1bb/0x2c0
[ 1784.890395][   T38]  #5: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[ 1784.890446][   T38]  #6: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[ 1784.890499][   T38] 4 locks held by kworker/1:3/16700:
[ 1784.890511][   T38]  #0: ffff888019899138 ((wq_completion)events_long){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 1784.890564][   T38]  #1: ffffc90004c27bc0 ((work_completion)(&(&ipvs->defense_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 1784.890615][   T38]  #2: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[ 1784.890666][   T38]  #3: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[ 1784.890719][   T38] 4 locks held by kworker/u8:15/16701:
[ 1784.890732][   T38]  #0: ffff888035cf2938 ((wq_completion)wg-kex-wg1#5){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 1784.890790][   T38]  #1: ffffc900046d7bc0 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 1784.890843][   T38]  #2: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[ 1784.890895][   T38]  #3: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[ 1784.890948][   T38] 5 locks held by kworker/u9:5/16703:
[ 1784.890961][   T38]  #0: ffff88805a3b9138 ((wq_completion)hci7){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 1784.891013][   T38]  #1: ffffc90004c17bc0 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 1784.891078][   T38]  #2: ffff888038718e80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d4/0x3a0
[ 1784.891128][   T38]  #3: ffff8880387180a8 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x242/0xe30
[ 1784.891184][   T38]  #4: ffffffff8ee3b398 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x310
[ 1784.891241][   T38] 4 locks held by kworker/u8:16/16705:
[ 1784.891253][   T38]  #0: ffff888035cf5138 ((wq_completion)wg-kex-wg2#5){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 1784.891310][   T38]  #1: ffffc90004a97bc0 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 1784.891371][   T38]  #2: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[ 1784.891421][   T38]  #3: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[ 1784.891473][   T38] 6 locks held by kworker/u8:20/16706:
[ 1784.891485][   T38]  #0: ffff88805edbd938 ((wq_completion)wg-kex-wg2#11){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 1784.891544][   T38]  #1: ffffc90004a87bc0 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 1784.891596][   T38]  #2: ffff8880322815f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x10a/0x7e0
[ 1784.891648][   T38]  #3: ffff8880238b4388 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x11b/0x7e0
[ 1784.891698][   T38]  #4: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[ 1784.891748][   T38]  #5: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[ 1784.891801][   T38] 6 locks held by kworker/u8:21/16707:
[ 1784.891813][   T38]  #0: ffff88801dac5138 ((wq_completion)wg-kex-wg1#11){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 1784.891871][   T38]  #1: ffffc90004a77bc0 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 1784.891924][   T38]  #2: ffff88805b49d5f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x10a/0x7e0
[ 1784.891977][   T38]  #3: ffff8880238b23c0 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x11b/0x7e0
[ 1784.892028][   T38]  #4: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[ 1784.892080][   T38]  #5: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[ 1784.892132][   T38] 4 locks held by kworker/u8:22/16708:
[ 1784.892144][   T38]  #0: ffff888058bb7938 ((wq_completion)wg-kex-wg0#6){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 1784.892202][   T38]  #1: ffffc90005927bc0 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 1784.892255][   T38]  #2: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[ 1784.892326][   T38]  #3: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[ 1784.892379][   T38] 7 locks held by kworker/u8:23/16709:
[ 1784.892391][   T38]  #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 1784.892443][   T38]  #1: ffffc90004a37bc0 ((work_completion)(&(&nsim_dev->trap_data->trap_report_dw)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 1784.892497][   T38]  #2: ffff888023132300 (&devlink->lock_key#5){+.+.}-{4:4}, at: nsim_dev_trap_report_work+0x57/0xbc0
[ 1784.892558][   T38]  #3: ffff88803dff0520 (&nsim_trap_data->trap_lock){+.+.}-{3:3}, at: nsim_dev_trap_report_work+0x1ad/0xbc0
[ 1784.892612][   T38]  #4: ffffffff8d9a8d80 (rcu_read_lock){....}-{1:3}, at: rt_spin_lock+0x1bb/0x2c0
[ 1784.892664][   T38]  #5: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[ 1784.892734][   T38]  #6: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[ 1784.892797][   T38] 4 locks held by kworker/u9:6/16714:
[ 1784.892809][   T38]  #0: ffff888033b86138 ((wq_completion)hci12#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 1784.892866][   T38]  #1: ffffc90004f77bc0 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 1784.892929][   T38]  #2: ffff888088e380a8 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x8e0
[ 1784.892981][   T38]  #3: ffffffff8ee3b398 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x516/0x8e0
[ 1784.893033][   T38] 1 lock held by syz-executor/16715:
[ 1784.893045][   T38]  #0: ffffffff8ecd3938 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[ 1784.893095][   T38] 1 lock held by syz-executor/16718:
[ 1784.893108][   T38]  #0: ffffffff8ecd3938 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[ 1784.893157][   T38] 1 lock held by syz-executor/16721:
[ 1784.893169][   T38]  #0: ffffffff8ecd3938 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[ 1784.893218][   T38] 4 locks held by kworker/u9:7/16723:
[ 1784.893230][   T38]  #0: ffff888035d2b138 ((wq_completion)hci13#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 1784.893287][   T38]  #1: ffffc900044bfbc0 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 1784.893349][   T38]  #2: ffff888085e9c0a8 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x8e0
[ 1784.893401][   T38]  #3: ffffffff8ee3b398 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x516/0x8e0
[ 1784.893452][   T38] 5 locks held by kworker/u9:8/16724:
[ 1784.893465][   T38]  #0: ffff88805dcac138 ((wq_completion)hci8){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 1784.893516][   T38]  #1: ffffc900044afbc0 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 1784.893569][   T38]  #2: ffff888023d50e80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d4/0x3a0
[ 1784.893616][   T38]  #3: ffff888023d500a8 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x242/0xe30
[ 1784.893672][   T38]  #4: ffffffff8ee3b398 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x310
[ 1784.893730][   T38] 4 locks held by kworker/u9:9/16725:
[ 1784.893742][   T38]  #0: ffff888035d2e138 ((wq_completion)hci14#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 1784.893798][   T38]  #1: ffffc900040cfbc0 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 1784.893851][   T38]  #2: ffff888082c6c0a8 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x8e0
[ 1784.893902][   T38]  #3: ffffffff8ee3b398 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x516/0x8e0
[ 1784.893955][   T38] 4 locks held by kworker/u9:10/16726:
[ 1784.893968][   T38]  #0: ffff88802841e138 ((wq_completion)hci11#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 1784.894025][   T38]  #1: ffffc900040afbc0 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 1784.894078][   T38]  #2: ffff8880499d40a8 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x8e0
[ 1784.894129][   T38]  #3: ffffffff8ee3b398 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x516/0x8e0
[ 1784.894181][   T38] 1 lock held by syz-executor/16727:
[ 1784.894194][   T38]  #0: ffffffff8ecd3938 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[ 1784.894254][   T38] 1 lock held by syz-executor/16729:
[ 1784.894266][   T38]  #0: ffffffff8ecd3938 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[ 1784.894323][   T38] 6 locks held by kworker/u9:12/16732:
[ 1784.894337][   T38] 6 locks held by kworker/u8:24/16733:
[ 1784.894349][   T38]  #0: ffff888041b9e938 ((wq_completion)wg-kex-wg2#7){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 1784.894406][   T38]  #1: ffffc90004a27bc0 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 1784.894460][   T38]  #2: ffff888058fb55f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x10a/0x7e0
[ 1784.894512][   T38]  #3: ffff888021b3ede8 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x11b/0x7e0
[ 1784.894564][   T38]  #4: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[ 1784.894614][   T38]  #5: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[ 1784.894667][   T38] 5 locks held by kworker/u8:25/16734:
[ 1784.894679][   T38]  #0: ffff88803303c138 ((wq_completion)bond1){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 1784.894731][   T38]  #1: ffffc9000404fbc0 ((work_completion)(&(&bond->alb_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 1784.894783][   T38]  #2: ffffffff8d9a8d80 (rcu_read_lock){....}-{1:3}, at: bond_alb_monitor+0xf2/0x1840
[ 1784.894833][   T38]  #3: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[ 1784.894884][   T38]  #4: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[ 1784.894937][   T38] 6 locks held by kworker/u8:26/16735:
[ 1784.894960][   T38]  #0: ffff888037d96938 ((wq_completion)wg-kex-wg1#9){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 1784.895017][   T38]  #1: ffffc900049f7bc0 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 1784.895071][   T38]  #2: ffff88803cc495f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x10a/0x7e0
[ 1784.895123][   T38]  #3: ffff888039ceae58 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x11b/0x7e0
[ 1784.895174][   T38]  #4: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[ 1784.895225][   T38]  #5: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[ 1784.895278][   T38] 5 locks held by kworker/u8:27/16736:
[ 1784.895295][   T38] 
[ 1784.895301][   T38] =============================================
[ 1784.895301][   T38] 
[ 1784.895311][   T38] NMI backtrace for cpu 0
[ 1784.895345][   T38] CPU: 0 UID: 0 PID: 38 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1784.895369][   T38] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1784.895382][   T38] Call Trace:
[ 1784.895392][   T38]  <TASK>
[ 1784.895403][   T38]  dump_stack_lvl+0x189/0x250
[ 1784.895439][   T38]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1784.895469][   T38]  ? __pfx__printk+0x10/0x10
[ 1784.895508][   T38]  nmi_cpu_backtrace+0x39e/0x3d0
[ 1784.895538][   T38]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[ 1784.895568][   T38]  ? __pfx__printk+0x10/0x10
[ 1784.895595][   T38]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 1784.895624][   T38]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[ 1784.895656][   T38]  watchdog+0xf93/0xfe0
[ 1784.895689][   T38]  ? watchdog+0x1de/0xfe0
[ 1784.895723][   T38]  kthread+0x70e/0x8a0
[ 1784.895757][   T38]  ? __pfx_watchdog+0x10/0x10
[ 1784.895782][   T38]  ? __pfx_kthread+0x10/0x10
[ 1784.895819][   T38]  ? __pfx_kthread+0x10/0x10
[ 1784.895851][   T38]  ret_from_fork+0x436/0x7d0
[ 1784.895882][   T38]  ? __pfx_ret_from_fork+0x10/0x10
[ 1784.895915][   T38]  ? __switch_to_asm+0x39/0x70
[ 1784.895934][   T38]  ? __switch_to_asm+0x33/0x70
[ 1784.895953][   T38]  ? __pfx_kthread+0x10/0x10
[ 1784.895985][   T38]  ret_from_fork_asm+0x1a/0x30
[ 1784.896023][   T38]  </TASK>
[ 1784.896032][   T38] Sending NMI from CPU 0 to CPUs 1:
[ 1784.896063][    C1] NMI backtrace for cpu 1
[ 1784.896080][    C1] CPU: 1 UID: 0 PID: 6114 Comm: kworker/u8:19 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1784.896100][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1784.896111][    C1] Workqueue: events_unbound nsim_dev_trap_report_work
[ 1784.896137][    C1] RIP: 0010:lock_release+0x44/0x3e0
[ 1784.896161][    C1] Code: 8b 05 40 2c 5a 10 48 89 44 24 28 0f 1f 44 00 00 65 8b 05 43 2c 5a 10 83 f8 08 0f 83 9a 02 00 00 89 c0 48 0f a3 05 2c 4f 81 0d <73> 16 e8 a5 03 09 00 84 c0 75 0d f6 05 6a 57 6b 0d 01 0f 84 ad 02
[ 1784.896175][    C1] RSP: 0018:ffffc9000bebe550 EFLAGS: 00000297
[ 1784.896190][    C1] RAX: 0000000000000001 RBX: ffffffff90259201 RCX: 3950c1039eb28100
[ 1784.896202][    C1] RDX: ffffc9000bebe601 RSI: ffffffff8172c165 RDI: ffffffff8d9a8d80
[ 1784.896214][    C1] RBP: dffffc0000000000 R08: ffffc9000bebf440 R09: 0000000000000000
[ 1784.896225][    C1] R10: ffffc9000bebe6d8 R11: fffff520017d7cdd R12: ffffc9000bebf450
[ 1784.896237][    C1] R13: ffffffff8172c165 R14: ffffffff8d9a8d80 R15: ffffffff8172c165
[ 1784.896250][    C1] FS:  0000000000000000(0000) GS:ffff8881269bc000(0000) knlGS:0000000000000000
[ 1784.896264][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1784.896276][    C1] CR2: 00007f7f2d574542 CR3: 000000003e988000 CR4: 00000000003526f0
[ 1784.896293][    C1] Call Trace:
[ 1784.896300][    C1]  <TASK>
[ 1784.896307][    C1]  ? deref_stack_reg+0x19f/0x230
[ 1784.896331][    C1]  ? unwind_next_frame+0xa5/0x2390
[ 1784.896352][    C1]  unwind_next_frame+0x19a9/0x2390
[ 1784.896376][    C1]  ? unwind_next_frame+0xa5/0x2390
[ 1784.896398][    C1]  ? __netif_receive_skb+0x143/0x380
[ 1784.896421][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1784.896439][    C1]  arch_stack_walk+0x11c/0x150
[ 1784.896464][    C1]  ? process_backlog+0x31e/0x900
[ 1784.896487][    C1]  stack_trace_save+0x9c/0xe0
[ 1784.896503][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[ 1784.896526][    C1]  kasan_save_track+0x3e/0x80
[ 1784.896544][    C1]  ? kasan_save_track+0x3e/0x80
[ 1784.896560][    C1]  ? __kasan_slab_alloc+0x6c/0x80
[ 1784.896587][    C1]  ? kmem_cache_alloc_node_noprof+0x14e/0x330
[ 1784.896609][    C1]  ? __alloc_skb+0x112/0x2d0
[ 1784.896630][    C1]  ? synproxy_send_client_synack+0x16c/0xe20
[ 1784.896652][    C1]  ? nft_synproxy_eval_v4+0x36e/0x560
[ 1784.896669][    C1]  ? nft_synproxy_do_eval+0x345/0x570
[ 1784.896685][    C1]  ? nft_do_chain+0x40c/0x1920
[ 1784.896700][    C1]  ? nft_do_chain_inet+0x25d/0x340
[ 1784.896716][    C1]  ? nf_hook_slow+0xc2/0x220
[ 1784.896736][    C1]  ? NF_HOOK+0x206/0x3a0
[ 1784.896756][    C1]  ? NF_HOOK+0x30c/0x3a0
[ 1784.896774][    C1]  ? __netif_receive_skb+0x143/0x380
[ 1784.896820][    C1]  __kasan_slab_alloc+0x6c/0x80
[ 1784.896840][    C1]  ? __alloc_skb+0x112/0x2d0
[ 1784.896860][    C1]  kmem_cache_alloc_node_noprof+0x14e/0x330
[ 1784.896885][    C1]  __alloc_skb+0x112/0x2d0
[ 1784.896908][    C1]  synproxy_send_client_synack+0x16c/0xe20
[ 1784.896937][    C1]  ? __pfx_synproxy_send_client_synack+0x10/0x10
[ 1784.896959][    C1]  ? nft_synproxy_do_eval+0x4c0/0x570
[ 1784.896976][    C1]  ? synproxy_pernet+0x45/0x270
[ 1784.896996][    C1]  nft_synproxy_eval_v4+0x36e/0x560
[ 1784.897017][    C1]  ? __pfx_nft_synproxy_eval_v4+0x10/0x10
[ 1784.897036][    C1]  ? nf_ip_checksum+0x13c/0x510
[ 1784.897055][    C1]  nft_synproxy_do_eval+0x345/0x570
[ 1784.897076][    C1]  ? __pfx_nft_synproxy_do_eval+0x10/0x10
[ 1784.897093][    C1]  ? __pfx___ip_vs_conn_in_get+0x10/0x10
[ 1784.897118][    C1]  nft_do_chain+0x40c/0x1920
[ 1784.897142][    C1]  ? __pfx_nft_do_chain+0x10/0x10
[ 1784.897162][    C1]  ? __pfx_ip_vs_conn_out_get_proto+0x10/0x10
[ 1784.897190][    C1]  ? ip_vs_out_hook+0x9b5/0xef0
[ 1784.897211][    C1]  ? __pfx_ip_vs_in_hook+0x10/0x10
[ 1784.897232][    C1]  nft_do_chain_inet+0x25d/0x340
[ 1784.897249][    C1]  ? __pfx_nft_do_chain_inet+0x10/0x10
[ 1784.897272][    C1]  ? NF_HOOK+0x9a/0x3a0
[ 1784.897293][    C1]  ? __pfx_nft_do_chain_inet+0x10/0x10
[ 1784.897316][    C1]  nf_hook_slow+0xc2/0x220
[ 1784.897340][    C1]  NF_HOOK+0x206/0x3a0
[ 1784.897362][    C1]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[ 1784.897383][    C1]  ? NF_HOOK+0x9a/0x3a0
[ 1784.897403][    C1]  ? __pfx_NF_HOOK+0x10/0x10
[ 1784.897422][    C1]  ? ip_rcv_finish_core+0xda3/0x1c00
[ 1784.897445][    C1]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[ 1784.897467][    C1]  ? skb_dst+0x4f/0xd0
[ 1784.897488][    C1]  ? ip_local_deliver+0x12a/0x1b0
[ 1784.897510][    C1]  NF_HOOK+0x30c/0x3a0
[ 1784.897532][    C1]  ? __pfx_ip_rcv_finish+0x10/0x10
[ 1784.897553][    C1]  ? NF_HOOK+0x9a/0x3a0
[ 1784.897579][    C1]  ? __pfx_NF_HOOK+0x10/0x10
[ 1784.897601][    C1]  ? __pfx_ip_rcv_finish+0x10/0x10
[ 1784.897628][    C1]  ? __pfx_ip_rcv+0x10/0x10
[ 1784.897648][    C1]  __netif_receive_skb+0x143/0x380
[ 1784.897667][    C1]  ? rt_spin_unlock+0x65/0x80
[ 1784.897688][    C1]  ? process_backlog+0x27b/0x900
[ 1784.897708][    C1]  process_backlog+0x31e/0x900
[ 1784.897734][    C1]  __napi_poll+0xb3/0x540
[ 1784.897756][    C1]  net_rx_action+0x707/0xe00
[ 1784.897787][    C1]  ? __pfx_net_rx_action+0x10/0x10
[ 1784.897810][    C1]  ? kvm_sched_clock_read+0x11/0x20
[ 1784.897836][    C1]  ? __pfx_sched_clock_cpu+0x10/0x10
[ 1784.897860][    C1]  handle_softirqs+0x22f/0x710
[ 1784.897885][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[ 1784.897910][    C1]  __local_bh_enable_ip+0x179/0x270
[ 1784.897930][    C1]  ? __pfx___local_bh_enable_ip+0x10/0x10
[ 1784.897948][    C1]  ? rt_spin_lock+0x1bb/0x2c0
[ 1784.897967][    C1]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[ 1784.897989][    C1]  ? rt_spin_unlock+0x65/0x80
[ 1784.898009][    C1]  ? nsim_dev_trap_report_work+0x72e/0xbc0
[ 1784.898033][    C1]  nsim_dev_trap_report_work+0x7f2/0xbc0
[ 1784.898064][    C1]  ? process_scheduled_works+0x9ef/0x17b0
[ 1784.898085][    C1]  process_scheduled_works+0xade/0x17b0
[ 1784.898119][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1784.898146][    C1]  worker_thread+0x8a0/0xda0
[ 1784.898179][    C1]  kthread+0x70e/0x8a0
[ 1784.898203][    C1]  ? __pfx_worker_thread+0x10/0x10
[ 1784.898222][    C1]  ? __pfx_kthread+0x10/0x10
[ 1784.898247][    C1]  ? __pfx_kthread+0x10/0x10
[ 1784.898270][    C1]  ret_from_fork+0x436/0x7d0
[ 1784.898292][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[ 1784.898315][    C1]  ? __switch_to_asm+0x39/0x70
[ 1784.898330][    C1]  ? __switch_to_asm+0x33/0x70
[ 1784.898344][    C1]  ? __pfx_kthread+0x10/0x10
[ 1784.898367][    C1]  ret_from_fork_asm+0x1a/0x30
[ 1784.898392][    C1]  </TASK>
[ 1784.908033][   T38] Kernel panic - not syncing: hung_task: blocked tasks
[ 1784.908054][   T38] CPU: 0 UID: 0 PID: 38 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1784.908076][   T38] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1784.908087][   T38] Call Trace:
[ 1784.908096][   T38]  <TASK>
[ 1784.908106][   T38]  dump_stack_lvl+0x99/0x250
[ 1784.908137][   T38]  ? __asan_memcpy+0x40/0x70
[ 1784.908158][   T38]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1784.908192][   T38]  ? __pfx__printk+0x10/0x10
[ 1784.908225][   T38]  vpanic+0x281/0x750
[ 1784.908254][   T38]  ? __pfx_vpanic+0x10/0x10
[ 1784.908277][   T38]  ? irqentry_exit+0x74/0x90
[ 1784.908302][   T38]  ? preempt_schedule+0xae/0xc0
[ 1784.908336][   T38]  ? preempt_schedule_common+0x83/0xd0
[ 1784.908367][   T38]  panic+0xb9/0xc0
[ 1784.908392][   T38]  ? __pfx_panic+0x10/0x10
[ 1784.908418][   T38]  ? preempt_schedule_thunk+0x16/0x30
[ 1784.908445][   T38]  ? nmi_trigger_cpumask_backtrace+0x2bb/0x300
[ 1784.908472][   T38]  watchdog+0xfd2/0xfe0
[ 1784.908501][   T38]  ? watchdog+0x1de/0xfe0
[ 1784.908530][   T38]  kthread+0x70e/0x8a0
[ 1784.908561][   T38]  ? __pfx_watchdog+0x10/0x10
[ 1784.908582][   T38]  ? __pfx_kthread+0x10/0x10
[ 1784.908613][   T38]  ? __pfx_kthread+0x10/0x10
[ 1784.908640][   T38]  ret_from_fork+0x436/0x7d0
[ 1784.908666][   T38]  ? __pfx_ret_from_fork+0x10/0x10
[ 1784.908695][   T38]  ? __switch_to_asm+0x39/0x70
[ 1784.908712][   T38]  ? __switch_to_asm+0x33/0x70
[ 1784.908728][   T38]  ? __pfx_kthread+0x10/0x10
[ 1784.908754][   T38]  ret_from_fork_asm+0x1a/0x30
[ 1784.908796][   T38]  </TASK>
[ 1784.908948][   T38] Kernel Offset: disabled