last executing test programs:

57.339878765s ago: executing program 1 (id=133):
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000001000)={{}, &(0x7f0000000040), 0x0}, 0x20)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0xa, 0x10000000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
socket$inet6_udp(0xa, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0/file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x2, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000063060000bca30000000000002403000020fef6ff720af0fff8ffffff71a4f0ff000000001f030000000000002e100200000000002604fdffffff000014010000630000001d130000000000007a0a00fe0000001f0f14000000000000b503f7fff80000009500000000000000093bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f300020000fe275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98dde20358d1148272abd23da767f8c549ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff61623604000000000000006a89adaf17b0a6041bdeebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb46ffffffffffffff7f1569b33d21dae356e5c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d22891202d0f5ad94b081fcd507acc9b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101ab062cd54e67051d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48153baae244e7bf573eac34b781337ad5905c6bbf1137548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44022a579dfc0229cc0dc98816106dec28eaeb9439901fb39f1d78aa60ead1883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10880fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab51380d7b4ead35a385e0b4a26b702396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1b9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb11883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcd857ab15e355713767c536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa2000000000000000906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ced301efeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef0900000000fbff00ff0f40b1888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554b15dca5f77a08a83431a87881fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fc08001011e32f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e3f753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f783e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bb25b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963342aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ecab5d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bcb0addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f0100e0eda300a43a13bd1b9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43737a3926937e84fb478199dc1020f4beb98b8074bf7df8b5e783637da740800000000000000c55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab7493c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a44434600e64a6a274000000000088b3e63a000000000000000000000000000009dd14b38f2f4426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4100260ffcd8f1d04166d291ebcef893e1b9ccb6797d0646fe0e727bf10d6335332f45b8e87383930f1a4724434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc946acfb3d1a56e9ec13ca74aa6ad4bf50c1acb3928143be1c1023a375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10baa804a707f0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdce1f7ffffffffffffcf4cebf04f4bc1eebf560a26d34d3757b1450fdb0a9a69f432e277f3a0386eb2bd3305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b338a59c0c0247bc9412e19204caaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07618b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e040000003c3ffad44d2a376def42e41e9fc31678257e040fa7cf32c221aaac08000000000000001a00000000000000000000173570f0c11ae694b0f7a4f9c2f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d641ef02e4d5295d756e110522a7a945b93fb705b95b6aae27a8fb33732ce1da1c0b1af8eb9222a06e984ab1e6984c8bdc12360627137ab67b6b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481efe46a4ce86be0b1d8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0c6cb4bed8594a39bd76d3ef8a7ab014e787596db796bd93a36c2880423291e3bccc86f66ba792ff4d87b3f80e5908779e51c5e9055fc5b23605cd000c723187ef09dcf4b07b06a9342f3f62ee7acddff292082c1f4d8eb9561f80873a09a1ae0c9af11210200000000000000484502009759264a5729f07c2b218fa36ba2316a99aaad0130df83d0bda1e711290f78c143ea143967b00adcd77e6ad5e48d839ea61aadb83e4d071c54691924a3830d3e7b5c198bb0ed623153590000000000000000004b985ea170ab651a039d7102923e810ed567e3f1979b9ed1a4bf6a10dac825c96a0828b335de445a4880bb6474157efd1a72ca46ae4cbe3ab648c9bc4867a5a4cb87d7d6d55475b34b3cb6aa9e2337d4e04a37e35109752522ac9b187ab8e0d179e6ad0dc758975e9cf77f703e742b77521149d8fdeae4b92d5edc232ca356fb86784b865adda7c921dc475276837b2619922de4d96850172602fac7d165e32419a622bdef7c91385c87c30b8a144d9b01784a8060670455f76b207517f66cf32fa0772975e0963b7373dba424beadf60d5bd08ea73e2b5620a5754455006934679b10e596821e2bd380d472c9096ca4c55d6106d0b88e38f6c54abc952c81617a06f93465241070fea3d9fc786e2625572ff2068ff84361b3883cc2c8b9a0a2f70119db13b47c924c73216bb12d1e68a03a08aa682ede113691db07b50f5e6fde6252f1520c"], &(0x7f00000001c0)='GPL\x00', 0xa, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffef3, 0x10, &(0x7f00000000c0), 0xfffffffffffffd00}, 0x48)

50.993993876s ago: executing program 2 (id=144):
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000002dc0), 0x60081, 0x0)
ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000002e00)={0xd}) (fail_nth: 1)

50.99361696s ago: executing program 3 (id=145):
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000940)={0x4c, 0x0, &(0x7f0000000000)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x7624f2802272dfee, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x400}], 0x0, 0x0, 0x0})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = socket$rds(0x15, 0x5, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000140)=ANY=[@ANYBLOB="7915a8000000000061138c0000000000bfa000000000000007000000080000002d0301000000000095000000000000006916000000000000bf67000000000000350607000fff07206706000002000000160304000ee60060bf500000000000000f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04a19e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44e2a2235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000007b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d632bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db88aa3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0a4da65396174b4563d54b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2b517dc4a29b9cba8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da23c00d9ef418cf19e7a8c4c328be0ce91798adc2dca871073f6bd61dc18402cde8bf777b2eaa45c940aabc86b94f8cbde4d470667bee722a6a2af483ad0d3415ed0f9db009acaba9eaea93f811d434e00000000000000000000d154ba10a8e51489a614e69722bac300"/1546], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2}, 0x48)
setsockopt$SO_RDS_TRANSPORT(r1, 0x114, 0x8, &(0x7f0000000380), 0x4)
setsockopt$RDS_FREE_MR(r1, 0x114, 0x3, &(0x7f00000007c0), 0x10)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b800000013"], 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x0)
write$binfmt_script(r3, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000003, 0x28011, r3, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000440), 0x6de21f3c31fc36e3, 0x0)
preadv(r3, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x1000, &(0x7f000062f000/0x1000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x44, 0x0, 0x0)
sendmsg$NFQNL_MSG_VERDICT_BATCH(r3, &(0x7f00000005c0)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000540)={&(0x7f00000004c0)={0x50, 0x3, 0x3, 0x801, 0x0, 0x0, {0x3, 0x0, 0x2}, [@NFQA_MARK={0x8, 0x3, 0x1, 0x0, 0x8}, @NFQA_VERDICT_HDR={0xc, 0x2, {0xfffffffffffffffe, 0x7}}, @NFQA_MARK={0x8, 0x3, 0x1, 0x0, 0x1}, @NFQA_VERDICT_HDR={0xc, 0x2, {0x0, 0x2b1fed7c}}, @NFQA_MARK={0x8, 0x3, 0x1, 0x0, 0x3}, @NFQA_VERDICT_HDR={0xc, 0x2, {0xfffffffffffffffc, 0x8}}]}, 0x50}, 0x1, 0x0, 0x0, 0x4044000}, 0x8800)
r5 = accept4$inet(r3, &(0x7f0000000780)={0x2, 0x0, @broadcast}, &(0x7f0000000800)=0x10, 0x80000)
getsockopt$inet_mreqsrc(r5, 0x0, 0x25, &(0x7f0000000840)={@broadcast, @rand_addr, @multicast1}, &(0x7f0000000880)=0xc)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x6, 0x2, &(0x7f0000000200))
ioctl$KVM_SET_FPU(r3, 0x41a0ae8d, &(0x7f0000000240)={'\x00', 0x4, 0x9, 0xbd, 0x0, 0xffff, 0x2, 0x2, '\x00', 0x654})
ioctl$KVM_RUN(r4, 0xae80, 0x0)

50.416750321s ago: executing program 2 (id=148):
writev(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000000180)}], 0x1)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010000d0428bd7000fcdbff2500008000", @ANYRES32=0x0, @ANYBLOB="1000000000000000280012800b00010062726964676500001800028005001900840000000c001e"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x1, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40010}, 0x840)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x18)
r1 = syz_open_dev$sg(&(0x7f0000000280), 0x0, 0x62c42)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)=ANY=[])
r2 = socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x1, &(0x7f0000000200)=0x7)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r4, &(0x7f0000000400)=ANY=[], 0x1df)
write$binfmt_misc(r4, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(0xffffffffffffffff, 0x4c0a, &(0x7f00000002c0)={r4, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x2, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00"}})
getsockopt$EBT_SO_GET_INFO(r4, 0x0, 0x80, &(0x7f0000000380)={'nat\x00', 0x0, 0x0, 0x0, [0x7ff, 0x9, 0xe2, 0x1, 0xc5, 0x4e1]}, &(0x7f0000000240)=0x78)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f0000000400)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r7, 0x0, 0x0)
accept4(r7, 0x0, 0x0, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000002cc0)=@newtaction={0x894, 0x30, 0xffff, 0x0, 0x0, {}, [{0x880, 0x1, [@m_police={0x87c, 0x1, 0x0, 0x0, {{0xb}, {0x850, 0x2, 0x0, 0x1, [[@TCA_POLICE_RATE={0x404, 0x2, [0xfffffffc, 0x0, 0x0, 0x0, 0x20000, 0x733f, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0xcff, 0x0, 0x0, 0xffffffff, 0x4, 0x0, 0x5, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3a, 0x0, 0x0, 0x0, 0x200, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x1, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x1, 0x0, 0x0, 0x0, 0x0, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x1000, 0x0, 0x40, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5b3, 0x0, 0xfffffffd, 0x0, 0x0, 0xffffffff, 0xfffffffd, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xd, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0xb, 0x1000, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x80000, 0x9, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1800]}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x80000000, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4c692401, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0xfffffffc, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x800, 0x20000000, 0x0, 0x4, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x4, 0x0, 0x0, 0x0, 0x0, 0xd50, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x4000006, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4, 0x0, 0x0, 0x4756, 0x4, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0xd4, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6c6d, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4]}, @TCA_POLICE_RESULT={0x8, 0x5, 0x4}], [@TCA_POLICE_TBF={0x3c, 0x1, {0xe, 0x3, 0x4, 0x80000004, 0x4, {0x5, 0x0, 0x8, 0x1, 0x7, 0x1f7}, {0x5, 0x0, 0x6, 0x800, 0x1ff, 0x4}, 0x2, 0x82e, 0x9}}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa}}}]}]}, 0x894}}, 0x0)
r8 = socket(0x10, 0x3, 0x0)
sendto$inet6(r8, &(0x7f0000000000)="7800000018002507b9409b14ffff00000204be04020506050e0204095c0009003f0000000a0000000d0085a168d0bf46d32345653600648d0a0015000200000049935ade4a460c89b6ec0cff3959547f509058ba86c902000000004a32000400160005000a0000000000e000e218d1ddf66ed538f2523250", 0x78, 0x0, 0x0, 0x0)

50.413913423s ago: executing program 1 (id=149):
r0 = syz_open_dev$vim2m(&(0x7f00000000c0), 0x8000, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000280)={0x51, 0x2, 0x3, "d5470000002f1a0e0000000700", 0x51424752})

50.202949533s ago: executing program 4 (id=150):
r0 = socket$inet6(0xa, 0x1, 0x100)
sendmsg$inet(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000000c0)="5980a642beaf34ff0f0000121690ad0d2b", 0x11}], 0x1}, 0x20040015)
r1 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r1, &(0x7f0000000540)={0x0, 0xc027, &(0x7f0000000340)=[{&(0x7f00000000c0)="97eb000014006bcd9e", 0xeb97}], 0x1, 0x0, 0x0, 0x1f000000}, 0x600)
r2 = fanotify_init(0x200, 0x0)
read(r2, 0x0, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r3=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x4370, 0x5})
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
timer_settime(r3, 0x1, &(0x7f0000000040), 0x0)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/oops_count', 0x28200, 0x80)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = getpgid(0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000180)={r5, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000002c0)=[0xfffffffffffffff9], 0x0, 0x0, 0x1, 0x0, r6}}, 0x40)
getsockopt$inet_IP_XFRM_POLICY(r4, 0x0, 0x11, &(0x7f0000000380)={{{@in6=@loopback, @in6=@mcast2}}, {{}, 0x0, @in6=@private1}}, &(0x7f00000001c0)=0xe8)
sendmsg$nl_generic(r4, &(0x7f0000000180)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000140)={&(0x7f0000001bc0)={0x14, 0x16, 0x200, 0x70bd29, 0x25dfdbff, {0x1b}}, 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x4000010)
ioctl$vim2m_VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, &(0x7f0000000280)={0x51, 0x2, 0x3, "d55cd41b00411a0e00001200", 0x31384142})

50.16999834s ago: executing program 1 (id=151):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=@ipv6_deladdrlabel={0x1c, 0x48, 0x117, 0x70bd2c, 0x25dfdbfc, {0xa, 0x0, 0x0, 0x0, 0x0, 0x3}}, 0x1c}}, 0xc010)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=@newqdisc={0x7c, 0x10, 0x1, 0x0, 0xeffffffc, {0x6, 0x0, 0x8100, 0x0, {0x1, 0x10}, {0xd, 0x10}, {0xe, 0x7}}, [@TCA_RATE={0x6}, @TCA_STAB={0x50, 0x8, 0x0, 0x1, [{{0x1c, 0x11, {0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x8, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}, {{0x1c, 0x1, {0x8, 0x80, 0x8, 0x6, 0x2, 0x4, 0x3, 0x3}}, {0xa, 0x2, [0x7, 0xc, 0x80]}}]}]}, 0x7c}, 0x1, 0x0, 0x0, 0x400c010}, 0x0)

50.112860872s ago: executing program 3 (id=152):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f00000000c0)={0xfffc, 0x8, 0xfffc}, 0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x10, &(0x7f0000000080)=[@in={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_AUTOCLOSE(r0, 0x84, 0x4, &(0x7f00000001c0), &(0x7f0000000240)=0x4)

49.999682912s ago: executing program 1 (id=153):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f00000000c0)={0xfffc, 0x8, 0xfffc}, 0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x10, &(0x7f0000000080)=[@in={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_AUTOCLOSE(r0, 0x84, 0x4, &(0x7f00000001c0), &(0x7f0000000240)=0x4) (fail_nth: 1)

49.044239652s ago: executing program 4 (id=154):
socket$netlink(0x10, 0x3, 0x14)
r0 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2a, &(0x7f0000000480)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}, 0x1}}, {{0xa, 0x0, 0x0, @rand_addr=' \x01\x00', 0x2}}}, 0x108)
r1 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r1, 0x29, 0x2a, &(0x7f0000000080)={0x20, {{0xa, 0x3, 0x0, @mcast1={0xff, 0x7}, 0x8a}}, {{0xa, 0x0, 0x10001, @local}}}, 0x108)
setsockopt$inet6_group_source_req(r1, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x3}}}, 0x108)
socket$netlink(0x10, 0x3, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeea, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000009000000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b70200000303000000c001ae2e66e90085000000840000feb600"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
r6 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r6, 0xc0045005, &(0x7f0000001180)=0x2000000)
mmap$dsp(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x3, 0x12, r6, 0x0)
epoll_create1(0x0)
ioctl$SNDCTL_DSP_GETOPTR(r6, 0x5008, 0x0)
ioctl$SNDCTL_DSP_SYNC(r6, 0x5001, 0x0)
ioctl$SNDCTL_DSP_GETOSPACE(r6, 0x8010500c, &(0x7f00000000c0))

48.616712465s ago: executing program 1 (id=155):
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff})
sendmmsg$inet(r0, &(0x7f0000000280)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000540)="7ddb889a", 0xfffffcda}], 0x1}}], 0x1, 0x20000054)
mount$9p_fd(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000480), 0x8084, &(0x7f00000002c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r0}})
r1 = socket$packet(0x11, 0x3, 0x300)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=ANY=[@ANYBLOB="700000001000810500"/20, @ANYRES32=0x0, @ANYBLOB="0580040000000000500012800b00010067656e657665000040000280050008000000000005000d000100000005000d000200000008000b"], 0x70}}, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
accept4$packet(r1, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f00000000c0)=0x14, 0x800)
r5 = socket(0x10, 0x3, 0x0)
syz_io_uring_setup(0x837, &(0x7f0000000180)={0x0, 0x679a, 0x80, 0x3, 0x10001}, &(0x7f0000000040)=<r6=>0x0, &(0x7f0000000140)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0x40, 0x0, r5, 0x80, &(0x7f00000000c0)=@qipcrtr={0x2a, 0x4, 0x7fff}})
getsockname$packet(r5, &(0x7f0000000240)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000001200)=ANY=[@ANYBLOB="380000001000390400"/20, @ANYRES32=r8, @ANYBLOB="01980000000000001800128008000100677265000c00028008000700ac141400"], 0x38}}, 0x20000080)
sendto$packet(r1, &(0x7f0000000000)='5', 0x1, 0x40, &(0x7f0000000200)={0x11, 0x8100, r8, 0x1, 0x9, 0x6, @broadcast}, 0x14)
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1) (async)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)) (async)
sendmmsg$inet(r0, &(0x7f0000000280)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000540)="7ddb889a", 0xfffffcda}], 0x1}}], 0x1, 0x20000054) (async)
mount$9p_fd(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000480), 0x8084, &(0x7f00000002c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r0}}) (async)
socket$packet(0x11, 0x3, 0x300) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=ANY=[@ANYBLOB="700000001000810500"/20, @ANYRES32=0x0, @ANYBLOB="0580040000000000500012800b00010067656e657665000040000280050008000000000005000d000100000005000d000200000008000b"], 0x70}}, 0x0) (async)
socket(0x10, 0x803, 0x0) (async)
sendmsg$nl_route(r4, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0) (async)
accept4$packet(r1, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f00000000c0)=0x14, 0x800) (async)
socket(0x10, 0x3, 0x0) (async)
syz_io_uring_setup(0x837, &(0x7f0000000180)={0x0, 0x679a, 0x80, 0x3, 0x10001}, &(0x7f0000000040), &(0x7f0000000140)) (async)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) (async)
syz_io_uring_submit(r6, r7, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0x40, 0x0, r5, 0x80, &(0x7f00000000c0)=@qipcrtr={0x2a, 0x4, 0x7fff}}) (async)
getsockname$packet(r5, &(0x7f0000000240)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) (async)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000001200)=ANY=[@ANYBLOB="380000001000390400"/20, @ANYRES32=r8, @ANYBLOB="01980000000000001800128008000100677265000c00028008000700ac141400"], 0x38}}, 0x20000080) (async)
sendto$packet(r1, &(0x7f0000000000)='5', 0x1, 0x40, &(0x7f0000000200)={0x11, 0x8100, r8, 0x1, 0x9, 0x6, @broadcast}, 0x14) (async)

48.546415272s ago: executing program 3 (id=156):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
mkdir(0x0, 0x92)
mount(0x0, &(0x7f0000000200)='./file1\x00', 0x0, 0x8, &(0x7f0000000300)='usrquota')
syz_open_dev$vim2m(0x0, 0x7, 0x2)
r1 = creat(0x0, 0x0)
r2 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x8)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x40000000}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
write$binfmt_format(r1, 0x0, 0x0)
write$qrtrtun(r1, &(0x7f0000000300), 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={0xffffffffffffffff, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000340)=[0x1, 0x2], 0x0, 0x0, 0x2}}, 0x40)
chdir(&(0x7f0000000280)='./file1\x00')
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
quotactl_fd$Q_SETQUOTA(r7, 0xffffffff80000802, 0x0, &(0x7f00000003c0)={0x80000000, 0x5, 0x1000, 0x476, 0x1000000008, 0x7f, 0x3, 0xffffffffffffffdf, 0xa})
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000340)=ANY=[@ANYBLOB="ec0000000008010300000000b3c1b80e0300000a06000240600500001c0004800800064000000084080004400000007208000240000001ff0900010073797a300000000005000300800000000900010073797a310000000006000240655800000900010073797a31000000004c00048008000a4000000d26080005400000000508000740000000740800084000000006080002400000800008000440000000000800074000000009080009400000fbeb08000840000000012c0004820800024000000081080002400000002408000140000000ff08000140000000030800014000008c630500030084"], 0xec}, 0x1, 0x0, 0x0, 0x4000000}, 0x4) (fail_nth: 1)

47.159750892s ago: executing program 3 (id=157):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
mkdir(0x0, 0x92)
mount(0x0, &(0x7f0000000200)='./file1\x00', 0x0, 0x8, &(0x7f0000000300)='usrquota')
syz_open_dev$vim2m(0x0, 0x7, 0x2)
r1 = creat(0x0, 0x0)
r2 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x8)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x40000000}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
write$binfmt_format(r1, 0x0, 0x0)
write$qrtrtun(r1, &(0x7f0000000300), 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={0xffffffffffffffff, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000340)=[0x1, 0x2], 0x0, 0x0, 0x2}}, 0x40)
chdir(&(0x7f0000000280)='./file1\x00')
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
quotactl_fd$Q_SETQUOTA(r7, 0xffffffff80000802, 0x0, &(0x7f00000003c0)={0x80000000, 0x5, 0x1000, 0x476, 0x1000000008, 0x7f, 0x3, 0xffffffffffffffdf, 0xa})
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000340)=ANY=[@ANYBLOB="ec0000000008010300000000b3c1b80e0300000a06000240600500001c0004800800064000000084080004400000007208000240000001ff0900010073797a300000000005000300800000000900010073797a310000000006000240655800000900010073797a31000000004c00048008000a4000000d26080005400000000508000740000000740800084000000006080002400000800008000440000000000800074000000009080009400000fbeb08000840000000012c0004820800024000000081080002400000002408000140000000ff08000140000000030800014000008c630500030084"], 0xec}, 0x1, 0x0, 0x0, 0x4000000}, 0x4)

46.899765955s ago: executing program 4 (id=158):
openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000000)='io.max\x00', 0x2, 0x0) (async)
r0 = openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000000)='io.max\x00', 0x2, 0x0)
write$cgroup_int(r0, &(0x7f0000000040)=0x7, 0x12)
r1 = dup(r0)
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f0000000080)={<r2=>0x0, 0x3ff, 0xff}, &(0x7f00000000c0)=0x8)
setsockopt$inet_sctp_SCTP_RTOINFO(r1, 0x84, 0x0, &(0x7f0000000100)={r2, 0x80, 0x3, 0x2715}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000140)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x38, 0x38, 0xb, [@fwd={0x2}, @const={0x4, 0x0, 0x0, 0xa, 0x1}, @decl_tag={0xb, 0x0, 0x0, 0x11, 0x4, 0xa}, @var={0xb, 0x0, 0x0, 0xe, 0x1}]}, {0x0, [0x61, 0x2e, 0x61, 0x0, 0x5f, 0x2e, 0x61, 0x0, 0x71]}}, &(0x7f00000001c0)=""/25, 0x5b, 0x19, 0x3, 0x5}, 0x28)
ioctl$VHOST_SET_VRING_ENDIAN(r1, 0x4008af13, &(0x7f0000000240)={0x3, 0x3}) (async)
ioctl$VHOST_SET_VRING_ENDIAN(r1, 0x4008af13, &(0x7f0000000240)={0x3, 0x3})
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000300)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000002c0)={<r3=>0xffffffffffffffff}, 0x13f, 0x6}}, 0x20)
write$RDMA_USER_CM_CMD_DESTROY_ID(r1, &(0x7f0000000340)={0x1, 0x10, 0xfa00, {&(0x7f0000000280), r3}}, 0x18)
r4 = syz_genetlink_get_family_id$wireguard(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$WG_CMD_GET_DEVICE(r1, &(0x7f00000004c0)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x5c, r4, 0x800, 0x70bd2b, 0x25dfdbff, {}, [@WGDEVICE_A_PRIVATE_KEY={0x24}, @WGDEVICE_A_LISTEN_PORT={0x6, 0x6, 0x4e24}, @WGDEVICE_A_LISTEN_PORT={0x6, 0x6, 0x4e24}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg0\x00'}]}, 0x5c}}, 0x41)
recvmmsg(r1, &(0x7f0000001b00)=[{{&(0x7f0000000500)=@nfc, 0x80, &(0x7f0000000640)=[{&(0x7f0000000580)=""/174, 0xae}], 0x1, &(0x7f0000000680)=""/4096, 0x1000}, 0x2}, {{&(0x7f0000001680)=@ethernet={0x0, @multicast}, 0x80, &(0x7f00000017c0)=[{&(0x7f0000001700)=""/133, 0x85}], 0x1, &(0x7f0000001800)=""/70, 0x46}, 0x8cf}, {{0x0, 0x0, &(0x7f0000001a00)=[{&(0x7f0000001880)=""/184, 0xb8}, {&(0x7f0000001940)=""/86, 0x56}, {&(0x7f00000019c0)=""/8, 0x8}], 0x3, &(0x7f0000001a40)=""/182, 0xb6}, 0x82}], 0x3, 0x40000003, &(0x7f0000001bc0))
ioctl$SIOCRSGL2CALL(r1, 0x89e5, &(0x7f0000001c00)=@null) (async)
ioctl$SIOCRSGL2CALL(r1, 0x89e5, &(0x7f0000001c00)=@null)
setsockopt$IP_VS_SO_SET_EDITDEST(r1, 0x0, 0x489, &(0x7f0000001c40)={{0x89, @remote, 0x4e22, 0x0, 'lc\x00', 0x22, 0x401, 0x34}, {@local, 0x4e20, 0x1, 0x2, 0x3, 0x8}}, 0x44)
setsockopt$inet_sctp6_SCTP_ADD_STREAMS(r1, 0x84, 0x79, &(0x7f0000001cc0)={r2, 0x5, 0x6}, 0x8)
ioctl$VIDIOC_QBUF(r1, 0xc058560f, &(0x7f0000001d40)=@userptr={0x8, 0x3, 0x4, 0x1, 0x2a, {0x0, 0xea60}, {0x4, 0x8, 0x7, 0x47, 0xfc, 0x8, "dd09c14d"}, 0x3, 0x2, {&(0x7f0000001d00)}, 0x5, 0x0, <r5=>0xffffffffffffffff})
r6 = syz_genetlink_get_family_id$tipc(&(0x7f0000001e00), r1)
sendmsg$TIPC_CMD_SET_LINK_PRI(r1, &(0x7f0000001ec0)={&(0x7f0000001dc0), 0xc, &(0x7f0000001e80)={&(0x7f0000001e40)={0x30, r6, 0x200, 0x70bd27, 0x25dfdbfd, {{}, {}, {0x14, 0x18, {0x6, @bearer=@udp='udp:syz0\x00'}}}, ["", "", "", ""]}, 0x30}, 0x1, 0x0, 0x0, 0x24048001}, 0x88840)
sysfs$2(0x2, 0x4, &(0x7f0000001f00)=""/242) (async)
sysfs$2(0x2, 0x4, &(0x7f0000001f00)=""/242)
write$RDMA_USER_CM_CMD_NOTIFY(r1, &(0x7f0000002000)={0xf, 0x8, 0xfa00, {r3, 0xb}}, 0x10) (async)
write$RDMA_USER_CM_CMD_NOTIFY(r1, &(0x7f0000002000)={0xf, 0x8, 0xfa00, {r3, 0xb}}, 0x10)
sendmsg$BATADV_CMD_TP_METER(r1, &(0x7f0000002140)={&(0x7f0000002040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000002100)={&(0x7f0000002080)={0x50, 0x0, 0x100, 0x70bd2c, 0x25dfdbfc, {}, [@BATADV_ATTR_BONDING_ENABLED={0x5}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x8}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @remote}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x1}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0xa9}]}, 0x50}, 0x1, 0x0, 0x0, 0x4010}, 0x800) (async)
sendmsg$BATADV_CMD_TP_METER(r1, &(0x7f0000002140)={&(0x7f0000002040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000002100)={&(0x7f0000002080)={0x50, 0x0, 0x100, 0x70bd2c, 0x25dfdbfc, {}, [@BATADV_ATTR_BONDING_ENABLED={0x5}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x8}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @remote}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x1}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0xa9}]}, 0x50}, 0x1, 0x0, 0x0, 0x4010}, 0x800)
openat$fuse(0xffffffffffffff9c, &(0x7f0000002180), 0x2, 0x0)
flock(0xffffffffffffffff, 0x8) (async)
flock(0xffffffffffffffff, 0x8)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000021c0), &(0x7f0000002200)=0xc) (async)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000021c0)={0x0, <r7=>0x0}, &(0x7f0000002200)=0xc)
quotactl_fd$Q_QUOTAOFF(r1, 0xffffffff80000300, r7, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000002280)={'team0\x00', <r8=>0x0})
sendmsg$GTP_CMD_GETPDP(r1, &(0x7f0000002380)={&(0x7f0000002240)={0x10, 0x0, 0x0, 0x1080}, 0xc, &(0x7f0000002340)={&(0x7f00000022c0)={0x6c, 0x0, 0x100, 0x70bd26, 0x25dfdbfb, {}, [@GTPA_LINK={0x8, 0x1, r8}, @GTPA_I_TEI={0x8, 0x8, 0x3}, @GTPA_I_TEI={0x8, 0x8, 0x4}, @GTPA_MS_ADDRESS={0x8, 0x5, @rand_addr=0x64010100}, @GTPA_PEER_ADDRESS={0x8, 0x4, @dev={0xac, 0x14, 0x14, 0x11}}, @GTPA_NET_NS_FD={0x8, 0x7, r1}, @GTPA_PEER_ADDR6={0x14, 0xb, @private2}, @GTPA_I_TEI={0x8}, @GTPA_TID={0xc, 0x3, 0x1}]}, 0x6c}, 0x1, 0x0, 0x0, 0x4008044}, 0x4080) (async)
sendmsg$GTP_CMD_GETPDP(r1, &(0x7f0000002380)={&(0x7f0000002240)={0x10, 0x0, 0x0, 0x1080}, 0xc, &(0x7f0000002340)={&(0x7f00000022c0)={0x6c, 0x0, 0x100, 0x70bd26, 0x25dfdbfb, {}, [@GTPA_LINK={0x8, 0x1, r8}, @GTPA_I_TEI={0x8, 0x8, 0x3}, @GTPA_I_TEI={0x8, 0x8, 0x4}, @GTPA_MS_ADDRESS={0x8, 0x5, @rand_addr=0x64010100}, @GTPA_PEER_ADDRESS={0x8, 0x4, @dev={0xac, 0x14, 0x14, 0x11}}, @GTPA_NET_NS_FD={0x8, 0x7, r1}, @GTPA_PEER_ADDR6={0x14, 0xb, @private2}, @GTPA_I_TEI={0x8}, @GTPA_TID={0xc, 0x3, 0x1}]}, 0x6c}, 0x1, 0x0, 0x0, 0x4008044}, 0x4080)
syz_genetlink_get_family_id$nl80211(&(0x7f0000002400), r1) (async)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000002400), r1)
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r1, &(0x7f00000024c0)={&(0x7f00000023c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000002480)={&(0x7f0000002440)={0x34, r9, 0x220, 0x70bd29, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0xb8e, 0xf}}}}, [@chandef_params=[@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x5}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xa}], @NL80211_ATTR_CH_SWITCH_BLOCK_TX={0x4}]}, 0x34}, 0x1, 0x0, 0x0, 0x4004000}, 0x4850)
ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f00000025c0)={0x1, 0x3, 0xa9, &(0x7f0000002500)=""/169})

46.495372534s ago: executing program 4 (id=159):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
mkdir(0x0, 0x92)
mount(0x0, &(0x7f0000000200)='./file1\x00', 0x0, 0x8, &(0x7f0000000300)='usrquota')
syz_open_dev$vim2m(0x0, 0x7, 0x2)
r1 = creat(0x0, 0x16d)
r2 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x8)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000300)={'hsr0\x00', <r5=>0x0})
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB="640000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="ffc30000000000003c0012800c0001006d6163766c616e002c0002800a000900ffffbfffffff00000a000400aaaaaaaaaabb00000600020001000000440003000000000008000500", @ANYRES32=r5], 0x64}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x47)
r7 = getpid()
sched_setscheduler(r7, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, r1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
connect$unix(r8, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x40000000}, 0x6e)
sendmmsg$unix(r9, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r8, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(r7, 0x1, &(0x7f0000000000)=0x8001)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
write$binfmt_format(r1, 0x0, 0x0)
write$qrtrtun(r1, &(0x7f0000000300), 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={0xffffffffffffffff, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000340)=[0x1, 0x2], 0x0, 0x0, 0x2}}, 0x40)
chdir(&(0x7f0000000280)='./file1\x00')
r10 = openat$cgroup_ro(r1, &(0x7f0000000180)='blkio.bfq.io_service_time_recursive\x00', 0x275a, 0x0)
quotactl_fd$Q_SETQUOTA(r10, 0xffffffff80000802, 0x0, &(0x7f00000000c0)={0x80000003, 0x5, 0xffe, 0x476, 0x1000000008, 0x7f, 0x3, 0x7b6e, 0x80006})
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000340)=ANY=[@ANYBLOB="ec0000000008010300000000b3c1b80e0300000a06000240600500001c0004800800064000000084080004400000007208000240000001ff0900010073797a300000000005000300800000000900010073797a310000000006000240655800000900010073797a31000000004c00048008000a4000000d26080005400000000508000740000000740800084000000006080002400000800008000440000000000800074000000009080009400000fbeb08000840000000012c0004820800024000000081080002400000002408000140000000ff08000140000000030800014000008c630500030084"], 0xec}, 0x1, 0x0, 0x0, 0x4000000}, 0x44)

45.972363901s ago: executing program 1 (id=160):
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0)
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
ioprio_set$uid(0x3, 0x0, 0x0)
r1 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'bond0\x00', <r2=>0x0})
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000000c0)=@newqdisc={0xa4, 0x24, 0xf0b, 0x70bd2b, 0x0, {0x0, 0x0, 0x12, r2, {}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x74, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], 0x0, [0x5, 0x4, 0x22, 0x1, 0x8, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], [0x0, 0x8]}}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x18, 0x2, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_CMD={0x5, 0x2, 0x8}, @TCA_TAPRIO_SCHED_ENTRY_GATE_MASK={0x8, 0x3, 0x6}]}]}]}}]}, 0xa4}}, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r4, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}, 0x6}, 0x1c)
listen(r4, 0x5)
flistxattr(r0, &(0x7f0000000800)=""/4096, 0x1000)
accept(r4, &(0x7f0000000100)=@can, 0x0)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffc}, 0x6e)
sendto$inet6(r5, &(0x7f0000000180)="1a", 0x34000, 0x0, &(0x7f0000000480)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r6 = dup(r0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001e40)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000004c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021100011800c000100636f756e74657200541300000c0a010100000000000000000700000a0900020073797a31000000000900010073797a300000000028130380241300800800034000000002140007800c000100636f756e7465720004000280090009"], 0x13e8}, 0x1, 0x0, 0x0, 0xc800}, 0x0)
sendfile(r6, r6, 0x0, 0xffffffff)

45.69605848s ago: executing program 2 (id=161):
r0 = fsopen(&(0x7f0000000040)='fuseblk\x00', 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x66)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000580)='\xc1J\xaf\xfd,\x86\xbc\xa9\x02\xf2\xf6\xe2\xcd\x9f\xf6\x83\xeb\xba_6\xfdR\xd0\x8d\xc1\xf6.$w\xab|*`\x11H+^\xbb\x8ar\xb1\x8ec\xec,\xd5\xfd,\xce`\x9f\x92\xb4\xbe\x06?\xaa\x16Q\x94\x15\xbe\x80E\x9c\x93Hq?<(+\xceb0\xcc\xad\xdd\x1c\xee\x19\x1b\x91Z\x85\xb7\x04\xe7\xaf\xe0W,G\xc8\xc0\xbcR\x90\x17\x19@m\xa5\x19\x16i\xc8\x99)\xa5\xb0\xba\xbc\xe0rV\x06\xd0B\x0f\xcdF\xbc\x8e\x8a^%8k\x849S\x15=kxS\x1c\xc1\xdaT\x9c\b\xb6\xd8\xa0st~\xf1\x93\xb8\xba\xa5gV\x18F\x8f\xe4b\xdc\x19_P\x81\xa4\xc3\\g\x11\xd1\xc8 U\xba\x03\xc9\xf17\x88\r\xb99]\xdfM\xc8AQB\xc3\xf0\xf7t\xee\x95&w\xc3;', &(0x7f0000000180), 0x0) (fail_nth: 1)

45.685388714s ago: executing program 3 (id=162):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = syz_open_dev$dri(&(0x7f0000000080), 0x0, 0x0)
ioctl$DRM_IOCTL_SET_VERSION(r4, 0xc0106407, &(0x7f00000000c0)={0x1, 0x2})
ioctl$DRM_IOCTL_SET_VERSION(r4, 0xc0106407, &(0x7f0000000140)={0x1, 0x1, 0x0, 0xfffffffe})

45.275874037s ago: executing program 2 (id=163):
r0 = fsopen(&(0x7f0000000040)='fuseblk\x00', 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x66)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000580)='\xc1J\xaf\xfd,\x86\xbc\xa9\x02\xf2\xf6\xe2\xcd\x9f\xf6\x83\xeb\xba_6\xfdR\xd0\x8d\xc1\xf6.$w\xab|*`\x11H+^\xbb\x8ar\xb1\x8ec\xec,\xd5\xfd,\xce`\x9f\x92\xb4\xbe\x06?\xaa\x16Q\x94\x15\xbe\x80E\x9c\x93Hq?<(+\xceb0\xcc\xad\xdd\x1c\xee\x19\x1b\x91Z\x85\xb7\x04\xe7\xaf\xe0W,G\xc8\xc0\xbcR\x90\x17\x19@m\xa5\x19\x16i\xc8\x99)\xa5\xb0\xba\xbc\xe0rV\x06\xd0B\x0f\xcdF\xbc\x8e\x8a^%8k\x849S\x15=kxS\x1c\xc1\xdaT\x9c\b\xb6\xd8\xa0st~\xf1\x93\xb8\xba\xa5gV\x18F\x8f\xe4b\xdc\x19_P\x81\xa4\xc3\\g\x11\xd1\xc8 U\xba\x03\xc9\xf17\x88\r\xb99]\xdfM\xc8AQB\xc3\xf0\xf7t\xee\x95&w\xc3;', &(0x7f0000000180), 0x0)

45.102108609s ago: executing program 2 (id=164):
bind$netlink(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_generic(0x11, 0x3, 0x10)
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@local, @random="a538ae464632", @void, {@ipv4={0x800, @igmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}, {0x11, 0x0, 0x0, @multicast1}}}}}, 0x0)
sendmsg(0xffffffffffffffff, 0x0, 0x0)
sendmsg(r0, &(0x7f0000000640)={&(0x7f00000000c0)=@caif=@dgm={0x25, 0xd}, 0x80, &(0x7f00000005c0)=[{&(0x7f0000000000)="4ba72c4cfd81685544f46c3f0800", 0x36}], 0x2, 0x0, 0x0, 0x11000000}, 0x0)

44.682021792s ago: executing program 2 (id=165):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001880), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)={0x28, r1, 0xacf5e67dd0b583a1, 0x0, 0x0, {{0x5}, {@val={0x8, 0x3, r2}, @val={0xc}}}}, 0x28}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a010300000000000000000100fffd0900010073797a300000000040000000030a01020000000000000000010000000900030073797a3200000000140004800800024032658aeb08000140000000010900010073797a300000000044000000060a010400000000000001040100000008000b40000000000900010073797a30000000001c000480180001800d00010073796e70726f7879000000000400028014000000110001"], 0xcc}}, 0x0)
syz_emit_ethernet(0x46, &(0x7f00000002c0)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x2, 0x38, 0x0, 0x0, 0x2, 0x6, 0x0, @empty, @empty}, {{0x10, 0x4e26, 0x41424344, 0x41424344, 0x0, 0x0, 0x9, 0xc2, 0x1, 0x0, 0x0, {[@timestamp={0x8, 0xa, 0x4, 0xd}, @mss={0x2, 0x4, 0x5df4}, @sack={0x5, 0x2}]}}}}}}}, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYRES8=0x0], 0x38}, 0x1, 0x0, 0x0, 0x40}, 0x200400d1)

43.70155785s ago: executing program 3 (id=167):
syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000000)={0x0, &(0x7f0000000100)=[@code={0xa, 0x4f, {"3ef30f090f20c035010000000f22c0c441c9e513c462f94196d5bc589d66b83e018ed8b9800000c00f3235000100000f30f3dcfc0f015d010fc719440f30"}}], 0x4f})
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x560, 0x0, 0x6}]})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_SET_LAPIC(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000100)={"b46474f815e8d5535f0887c44335cc824dc6121bc72a77f532ff5dad4d643a9cab29d2310e04be14eb26c0af4985fe45e3b3b0680b3ec92725d74b9716e0f7c3119a2c9a0ae65ff4772e2e12733cb013c4308fe40863480747c0a7ddb9361b1578015ca1bb2c1677ebae096f08345476f567443842946ed946434c75916d1db83fe305920de65bfaf9bd940672216846cb16b8ae67cd3affc61375381f91b3b9f1cc5e38cafe5239aee71dcd481fbe1ecd2547ffbaad4469a74697c28fb9beefa6a5d736712a55eb9110c2cf7964062ba8cbc1c038e84f0f5db7fc7053118bf5221e3efa6fc3edb5d0ca3cde7054dd0751a332520aa8478b1775d552c5cc24d3c2df9eb333e5ca3aa06c1c2cf8526714f5caff2f55b41976fc20b64f1fc61d5b44f50953582a1825d32130a31abfeafd1987317879e29ac51b93c9659e023fff3ddb5e39dd19cc3ef1d883c78b9e073d08a9197fb3717df238b9831831214b186693be9dd2568bb77272e80df5dfed03e8c467627bedfbd93359a9f79a3aa37e873dc1357b37b43d813ea85267b0dc8b1c4cc51bd985328833beb2679b7fb762555bbea2da936b36f8f1673fd5f606b2b6eb23b72bf947206e8dbfeb40ca6f265a3485c8446e0f0da652860b88328073d2282c14b48a7774e62754a968b60e92205e8fafcdd70a55c3c4d1a4821ff44e6e3681f15ae091262e3a3290a24d8ceae30ebbf9d24287bb8a5d73c608d47d287f9e716cf02b4796a83fb0c05e45b89de9ef8bce834e6d7a0be6e30d2c66cb6e640cb01898454ad361bc0701d8fe56113335ae6adec59300db04691cc4a689034272a8e086a32ce7061b4f79fa8afbb48a6ce4b62bdc44af013d78980457e1fa61eb9204818606f4c3b03c0f33cd2a841ac9bc2b73151a96e31ab99e6ec969b5f2c3edd5f9abc69845e487af992758ba445368da93dae1d44360d52a534a88276b8aaf349841d8a4788c60408618437c442308dbf70efeda2e54e9b9e4fe5f76997c9dcb945a26bd75748c85d19ca8b99264dce50580e8d4dbda401dad7df31e9a7a6a3a83bfbdfb5394abd581ac0824fbcd75d2f5205c0b7c9188e6f26bfd97734d9a20433f6cdba9d14a5f32a4d97a57f4603b21146fd1aebf082e863d463c224ad623c17d8043d3bf083f0322408dd6ead6915ac6a4222ab51480eb6e11a8913348219515170d9df90d72d7363bbda3e327d19f98c0a856f98076380e788e602e8a2ae0a1930786874dc21a2e99abda15f35457cf1dcb440c4b41350d0eda352aad7f57a0adc8a6914da06460635ed21c4c11cd1a8ec778064c9f62efba2927828b23f94b16619a5520731c2c40ab8583c9f2e73233d74b84f4877ce6b35bb1180300"})
ioctl$KVM_XEN_HVM_CONFIG(0xffffffffffffffff, 0x4038ae7a, &(0x7f0000000100)={0x0, 0xaaa, &(0x7f0000000240)="23591363adf94c4a3525c373b8be3e8d267254", 0x0, 0x13})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000003c0)={[0x60000000004, 0x1000000000, 0x5, 0x41, 0x2000000, 0x0, 0x2004cb, 0x0, 0xa1d, 0x68ff, 0x5, 0x0, 0x3, 0x2], 0x10000, 0x202})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000100)={{0xd000, 0x17d739293968d0b1, 0x0, 0x0, 0x8, 0x0, 0x7, 0x2, 0x0, 0x8, 0x6, 0x40}, {0xffff1000, 0x10000, 0x3, 0x0, 0x2, 0x0, 0x7, 0x0, 0x7, 0xff, 0x4}, {0xeeee0000, 0x1000, 0xc, 0x0, 0x7, 0xc4, 0x0, 0x0, 0x48, 0x3, 0x0, 0xfc}, {0x1, 0x0, 0x9, 0x1, 0x1, 0x0, 0x9, 0x0, 0x8, 0x0, 0x4}, {0xdddd0000, 0xffff1000, 0x3, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x38}, {0x0, 0x0, 0xe, 0x78, 0x5, 0x0, 0x2, 0x0, 0x0, 0xff, 0x40}, {0x0, 0x8080000, 0xa, 0x0, 0x4, 0x0, 0xa1, 0x20}, {0x0, 0x6000, 0x10, 0x0, 0x0, 0x7, 0x8, 0x40, 0x26, 0x0, 0x0, 0x2}, {0x80a0000, 0xdf}, {0xdddd1000}, 0xddf8ffdb, 0x0, 0x0, 0x0, 0x0, 0xf801, 0x0, [0x80000001, 0x0, 0x5]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

42.171094253s ago: executing program 4 (id=168):
socket$netlink(0x10, 0x3, 0x14)
r0 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2a, &(0x7f0000000480)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}, 0x1}}, {{0xa, 0x0, 0x0, @rand_addr=' \x01\x00', 0x2}}}, 0x108)
r1 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r1, 0x29, 0x2a, &(0x7f0000000080)={0x20, {{0xa, 0x3, 0x0, @mcast1={0xff, 0x7}, 0x8a}}, {{0xa, 0x0, 0x10001, @local}}}, 0x108)
setsockopt$inet6_group_source_req(r1, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x3}}}, 0x108)
socket$netlink(0x10, 0x3, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeea, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000009000000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b70200000303000000c001ae2e66e90085000000840000feb600"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
r6 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r6, 0xc0045005, &(0x7f0000001180)=0x2000000)
mmap$dsp(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x3, 0x12, r6, 0x0)
epoll_create1(0x0)
ioctl$SNDCTL_DSP_GETOPTR(r6, 0x5008, 0x0)
ioctl$SNDCTL_DSP_SYNC(r6, 0x5001, 0x0)
ioctl$SNDCTL_DSP_GETOSPACE(r6, 0x8010500c, &(0x7f00000000c0))

38.569250508s ago: executing program 4 (id=170):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x87f}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x8080}, 0x40020)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETTABLE(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)={0x14, 0x1, 0xa, 0x101, 0x0, 0x0, {0x0, 0x0, 0x5}}, 0x14}, 0x1, 0x0, 0x0, 0xa8b82511714f5670}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000001300)=@newtfilter={0x88c, 0x2c, 0xd27, 0x70bd25, 0x5, {0x0, 0x0, 0x0, r3, {0x0, 0xfffc}, {}, {0x4, 0x2}}, [@filter_kind_options=@f_bpf={{0x8}, {0x858, 0x2, [@TCA_BPF_POLICE={0x848, 0x2, [@TCA_POLICE_TBF={0x3c, 0x1, {0xe, 0x7, 0x4, 0xc, 0x9, {0xd, 0x2, 0x4, 0x4, 0x7, 0x401}, {0x4, 0x1, 0x5, 0x10, 0xfff7, 0x4b2}, 0x6, 0x14ff, 0x3ff}}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x38, 0x1, 0x1, 0x8, 0x7f, 0x6, 0x3, 0x6, 0x1, 0x86, 0x9, 0x6, 0x5, 0x9, 0x5f, 0x0, 0x0, 0x13f, 0xfffffffe, 0x0, 0xd31, 0xf54, 0x9, 0x4, 0x4, 0x6, 0x9, 0x7fffffff, 0xfffffffd, 0x7fffffff, 0x8, 0x0, 0xfffffffe, 0x5, 0x5dbd0fd8, 0x8, 0x1887, 0x2, 0x95f, 0x7, 0x6, 0xa, 0x7f, 0xfffffffe, 0x8, 0x2, 0x6, 0x4, 0x6, 0x402f, 0xd, 0x5, 0x6f9d, 0x0, 0x800, 0x3ff, 0x8, 0xa, 0x9, 0x4, 0xd, 0x3, 0xb8f, 0x6, 0x0, 0xffffffff, 0x8000, 0xffffffff, 0x8, 0xfffffffc, 0xffff8f94, 0x4, 0x9, 0x2, 0x54eef174, 0xc, 0x9, 0x5, 0xe2, 0x20004, 0x1, 0xffff, 0x5, 0x5, 0x7, 0x5, 0x7, 0x4, 0x4, 0x7, 0x100, 0x8, 0x2, 0x9, 0x0, 0x0, 0xe32, 0x6, 0x8, 0x6, 0x66, 0x7, 0x7, 0x8, 0x5b, 0x7625, 0x51, 0x6, 0xfffffffe, 0x0, 0xa4d, 0x2, 0x10001, 0x7, 0x8, 0x3, 0x8, 0x3, 0x6, 0x6, 0xffffffff, 0x3, 0x0, 0x400000, 0xc55b, 0x8000, 0xf943, 0x4, 0x3000000, 0x2, 0x10000, 0xd, 0xffffffff, 0x9, 0xd3, 0xfffffffb, 0x4, 0x9, 0x401, 0x82baa23, 0xd, 0x0, 0x6, 0x21a, 0xe, 0x1, 0x1430, 0x8, 0x4, 0x7, 0xe, 0x7dab, 0x4, 0x5, 0x4, 0x3, 0xfffffffe, 0x7, 0x6, 0x8ef6, 0x7239, 0x80000001, 0x0, 0xd41, 0x6, 0x2, 0x4, 0x200, 0x8, 0x5, 0xc14, 0x7324, 0x4, 0x50f6, 0x5, 0x4, 0x3, 0x2, 0x7, 0x4, 0x6, 0x5, 0x3, 0x7767, 0x8, 0xe0ba, 0x4f, 0x3, 0x4, 0x7, 0x7fffffff, 0x3, 0x3, 0x5, 0x8, 0x4, 0x80, 0x401, 0x7, 0x1, 0x0, 0x8, 0x7c4, 0x3, 0x6, 0x6, 0xe8, 0x0, 0x6, 0x6, 0x3, 0x8a4, 0x1, 0x9, 0x9, 0x9, 0x200, 0x7, 0xd235, 0x9, 0x7fffffff, 0xf7d, 0x8001, 0x2, 0x7fff, 0x9f7c, 0x7, 0x4, 0xf, 0x1, 0x2, 0x6, 0x400, 0x5, 0x80, 0x400, 0x5, 0xc, 0xff, 0xffff7002, 0x63c, 0x9, 0x1ff, 0xfff, 0x8, 0x8c, 0x40, 0x8, 0xed6, 0xf6, 0x0, 0x3, 0x9, 0x10, 0x9, 0x6]}, @TCA_POLICE_RATE={0x404, 0x2, [0x8, 0x6, 0x8, 0x8000, 0x8, 0x2, 0x9, 0x5, 0xfff, 0x3, 0x101, 0xbf7, 0x8, 0xff, 0x6, 0x113, 0xffff, 0x1, 0x8, 0x7fffffff, 0x6, 0x9, 0x33, 0x5, 0x2f7, 0x100, 0x21, 0x4, 0x7, 0xff, 0x6, 0xfffffffe, 0x7, 0x8, 0x1, 0x8, 0xf33c, 0x3, 0x1, 0x80000000, 0x62e, 0x3, 0xdb2, 0x0, 0xe00, 0x4, 0x2, 0x3, 0x2, 0xfffffff6, 0x5, 0x3, 0x7, 0x8, 0x1, 0x7f, 0x8, 0x6, 0x4, 0x3, 0x0, 0x803, 0x1, 0x5, 0x0, 0x8000, 0xfffffffa, 0xb7, 0xc8b6f5a2, 0x6, 0x2f, 0x7ff, 0x9, 0x8, 0x6, 0x0, 0x8, 0x9, 0x0, 0x5, 0x8b34, 0x2, 0x7e, 0x4, 0x4, 0xfeffffff, 0x1, 0xa, 0xfffffffb, 0x3, 0xffffffff, 0x0, 0x4, 0xd6, 0x7, 0x4, 0x3, 0x8, 0x9, 0x8, 0x2de0, 0x5191, 0x6, 0x401, 0x7, 0x9, 0x7, 0x3, 0x6, 0x1, 0xfffffffb, 0xb839, 0xfffffffa, 0x4, 0x768, 0x7, 0x7f, 0x6, 0x7, 0x4, 0x8b, 0x4, 0x0, 0x5, 0xf0, 0x42490, 0xd, 0x3, 0x5c, 0x80, 0x2, 0x800, 0x8, 0x6, 0xff, 0xffff0000, 0x3, 0x10000, 0x80000001, 0x5, 0xffffffff, 0x4be24694, 0x2, 0x2, 0x100, 0x5, 0x1, 0x7, 0x4, 0xffffff95, 0x5, 0x0, 0xc, 0x6, 0x1000, 0xa, 0x7, 0x4, 0x340, 0x0, 0x0, 0x7, 0x101, 0x2, 0x7ce2352, 0x7fffffff, 0x5e, 0x8e5b, 0x3, 0x8, 0x9, 0x1, 0x80000000, 0x7, 0x301, 0x91, 0x3, 0x80000001, 0x9, 0x1, 0x3e79, 0xffffffff, 0x8, 0x525, 0x7, 0x6, 0x2470a614, 0xe, 0x8, 0x5, 0x7, 0x0, 0x5, 0x4, 0x1, 0x1, 0xfffffc1f, 0x6, 0x2, 0x1, 0x9, 0x7fff, 0xffffffff, 0x4, 0xffff2b7d, 0x4, 0xcdff, 0x9, 0x0, 0x49, 0x6, 0x0, 0x5, 0x9, 0x7, 0x8, 0x7, 0xea, 0x7, 0x7, 0x2, 0x5, 0xff, 0x6, 0xffff, 0x4cd, 0x7, 0x3, 0x3, 0x10001, 0x0, 0x6, 0x7, 0xffffffff, 0xe000000, 0x1, 0x4, 0x7, 0x8, 0xb, 0x7, 0x0, 0xcb65, 0x6, 0xe, 0x240000, 0x9, 0x8, 0x8, 0xfffffff8, 0x9, 0xf, 0x8, 0x5, 0x9, 0x100]}]}, @TCA_BPF_OPS={{0x6}, {0x4}}]}}, @TCA_RATE={0x6, 0x5, {0x2, 0x10}}]}, 0x88c}, 0x1, 0x0, 0x0, 0xc004884}, 0x0)
r5 = io_uring_setup(0x41d9, &(0x7f0000000100)={0x0, 0xcfcd, 0x2, 0x3, 0x44})
io_uring_setup(0x5f2b, &(0x7f0000000000)={0x0, 0x33b4, 0x22, 0x0, 0x2b5, 0x0, r5})

30.846667272s ago: executing program 0 (id=177):
r0 = fsopen(&(0x7f0000000040)='fuseblk\x00', 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nbd(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NBD_CMD_CONNECT(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000340)={0x3c, r2, 0x1, 0x70bd27, 0x25dfdbff, {}, [@NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x64de00}, @NBD_ATTR_SOCKETS={0x4}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x8001}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x2}]}, 0x3c}, 0x1, 0x0, 0x0, 0x2001000}, 0xc014)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$FS_IOC_FIEMAP(r0, 0xc020660b, &(0x7f0000000080)={0x6, 0x8, 0x6, 0x5, 0x2, 0x0, [{0x5c46, 0x7, 0x328, '\x00', 0x4}, {0x1, 0x1, 0x4, '\x00', 0x2282}]})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x66)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000580)='\xc1J\xaf\xfd,\x86\xbc\xa9\x02\xf2\xf6\xe2\xcd\x9f\xf6\x83\xeb\xba_6\xfdR\xd0\x8d\xc1\xf6.$w\xab|*`\x11H+^\xbb\x8ar\xb1\x8ec\xec,\xd5\xfd,\xce`\x9f\x92\xb4\xbe\x06?\xaa\x16Q\x94\x15\xbe\x80E\x9c\x93Hq?<(+\xceb0\xcc\xad\xdd\x1c\xee\x19\x1b\x91Z\x85\xb7\x04\xe7\xaf\xe0W,G\xc8\xc0\xbcR\x90\x17\x19@m\xa5\x19\x16i\xc8\x99)\xa5\xb0\xba\xbc\xe0rV\x06\xd0B\x0f\xcdF\xbc\x8e\x8a^%8k\x849S\x15=kxS\x1c\xc1\xdaT\x9c\b\xb6\xd8\xa0st~\xf1\x93\xb8\xba\xa5gV\x18F\x8f\xe4b\xdc\x19_P\x81\xa4\xc3\\g\x11\xd1\xc8 U\xba\x03\xc9\xf17\x88\r\xb99]\xdfM\xc8AQB\xc3\xf0\xf7t\xee\x95&w\xc3;', &(0x7f0000000180), 0x0)
ioctl$BTRFS_IOC_ADD_DEV(r0, 0x5000940a, &(0x7f0000000680)={{r0}, "1d9fd0b3251217cdd5ba5a0cdcd318be360f9a4eeb05fccf1ef727b1b190c904b584ef25dea62699d2c9a1b714205fd39e8dba906b4532142f4b0252be7a0e10ff0d2d56226eabdc8828e6acb2ef9ef700f9ccbe636461db19e6358a82df2502cb1662e1339ca20eb33c94cc2c7fbbc15e31c33d9b184da22ebb1a6e8fcdccf38ed2240cab07f08f6e0c2579107f7e5327dd417731ce879ef9124b1acec9a42995bf3fd3336533c3a94c62fd3aa801dab220ea1cc2d650ad678f325dd99f6248cda1718df4a3c02ef4dfc868d7f842204217c38c2aba33b2a4a8e06aad2317c0776df891c6ff2d5e286ca2d913672b6278e4279ddf9560aa5bcb7b286893679d0474e05e3c13f9aaaccb71fba1200d2fc8f51f812d5e0cc87c5ed7b735495550b820f2ad83d3af51525a5cb04d24dce13f5930826507c9512a088f2745ba7ec4d5f3a4855f9933f9d2eea88e3cc6b3b14cb3c3a6fd732907e16eff6df9bc231120ee17491a47f024da6734cd599a2ea0917871c5c0cd114d126a054b576cfd54421000e4084502fcac43fa4b99d10cffebbc4f1a2a494742c20a4d022279dfd7aa97b81ebe7489b9049856e1fef3ed359ae0896a6e654eeacce94289629dfd5f9d92a2fda80455c39183e4504ab244bdf0a03c1324aae4fafe8833e7445c053e1f653ec864dc40bf610bfa6baf34cd64584ee67dd68bc69c4e96c1be1f5181c44dea1eafa364767b8e5f419932d738d7eadb6ad54f29b13f2089ee9e221d26fdada69a6108ca8f32fb1da4041b1e7ec8aeecb315dc798b00fb7568b55a517a197271b81cc2fcc187868f56224697299e39a38201cfcbe6f0d79b3687b16259d0501c66e8b81541ffc23c7bdc41127b5a21bb3d034e17170f1c0118e55e239fe325819e4f6be766e416b4211a6cb7409be2fda06c293b5a3248af95b9c5a8e10c0c18127189d526cf6aa9b6fff2c171dfd176551b83204fa2a03a22d9c024f5b94cfdc1bc071073012661b56e081d5e5b9160d03d15f6a7837eabf2731d17a6d39015ace71a1439530623014467c3b02d1b61dc6f97ec7a39d1ad25c835535e622497221ae3094e6fe9b193fc66202c34e53806e185f412dd0ac0bd1a38942005795b685f790f57a51fe8f2c596643e68147133c41c3b7d34dbdb87522732dff635a67d791409d8b46d9d4f7b1c85b3f3fe990e97b223a61c5201b7bfb5ae352d121901be15c97693bb4996d8a8be9222c6709e9447c5ddbe5d99f3b0259763337a1469c1d6fe68696979b2660a3b04de3c56030357353990eca6db67d5eb7b168e868200055c352c20f13dd17f79592ebfcfbf10e5b2dd073e6a17b0bc16d292cde9bf706374452a09d4087c73efc58631bec2818a185d856c2cad0cda0572a16b9244d98217f253c678f78c452a169290df2fd6316256fc5e542623bd469b5ac5d4809be420a57fd2288e24bc2389f943ad02917f31f31b582b3af5996380c9c78735afe6dab7a361ef1008cd7d5210a6b66f8c0a5e09552d53cf36229ca35dcd533997a15cfadf40d5473786f59737451c245304daa5264a2f5b6ecc9e4a01dd1d49b2fc299e347c949aea96ed851f097dee50e7c608961daae8b9f6cfbc40c860d2a65fd6f8d8db029d0ecfa46011202e29453a62fe63ded12f0cb88455764ff573c6ff18bcbf2042c921fffe89b4b9108852cbec4d0dc75778ee34d949aa4a26b8782526b19f43b94658c23870f44d0bed0e877a83612b21ba669f13d2ea07cf0d2e68f0fc743a8d471ac31ba0559e0cfe6e15dd493b035c31bd34263623aba251b8ac5732c1a6155419e42f256cd01af003bb34c245baf5014f48b1dcd6f6046a09a2f2321a7d0d9a4313f8bf112997c54aa58d5e364f54622e1f7450e326529d89a143b110792e9736fad2cabebfaac2d1831c96cb8c659e7d8ae558bccf6836075c534a8fd7de2bc18ef8d22f39e4fecea60e06a9f539afd37fb6f3ff7b71dd67603f6c277e0f6f7e1d3438d1b1fc25eee1dc0bd4b46354c541af9b95b79ea73e4e12176c012d4d4c926b7853105d8c25e9a5350ec1d7017ecf342c9ccdbacf9d1b418009565e3021acc6fb101ae8baff3e02e40f38376a6cef266ceb08b6ccc40cf0e4ecdbdd88c4a2a4f10f400bd26563a181e81b15f51c053f312fdb210d04cb4a096a2c402db1368e55f6f36ab3376b895e712bbdc51030b7c1f256908a5477005ecb19c271753e0d380d94b885f52100789e462a1a754886992ba36e71486298e124ae46e0a7583606e0c35529ceecf7401065a052557c952c8f933f45a6f1289b68f41b8a5aa014de9b69d2f9b638506ea2bb12d3c5250ec299b76e94e4a95eb2689806417d50d2c799b5eafee7c66a94997a4e45921bc0920524eb93c74adcbc4ba9fc9adabad9e6e0b2dbf1ab19f439619b5d9b19eadc6c5670590f894e88dab1a35bc2986c5554351abc0bb66424d89db33e1726f06807c471ec8f19d636dbbf11d6463a104f378c1931fc07260b53c2be0aea4049f71b4004b3d1d27d1f61a12ae437f41b8ef3ea3f6373d9f01857d1c2a52e628a7f389f1cabe2d85d1d29a22a72168849a0ab0ffe439f12cefa628aedd429118811f840dda2e6eee51e75b22c8e44de90e9db3838a2dc8625abd3e480e00314ce8f59b283150ed6261fb9e625b9ba3684a102fdaa834200dab46e555df56ad20c7cead59fd4db9ba86b6bebb05555e7bee520eb317cb93972079401bcfb3461f1a0b5edec53749f2b777b0ec812853f64e67f51afe6bc16e3e1a849b1487925c01395b649e8e34efe6384113fc71f2a12bd0ca63a6f28b6975531d0eb522f414e6055cfa7f7246cf6d04c57ac23bd355a2839b8c096db70f6e20a9022659b88e9abe5ef2ac06f4b1a3d7755f00b567cacc14a2b9e91d9bb78b32e22792c630629482bc1a50f018e1b7122ae30f2c6db2885905388d6ab20db422c61d995de05aeb58bb3c6ca07ab02b2e73d677698cbb57920384cb0074990670690c821ab4a1dc118b75945a6a7d12f160024ae9239a323864c1d364c79608490e5a4ebcaeaee4694588e35d7b90139808818cf6aa8e0458a7f8d25c9fd9c210ab216cbca9e6d5711c35aa3c41bd2542b43489da28d97f8817843162160966b88e1ae1a6701d591751390f58dae3f7f499c643ba319399faeff88429f1b9f6d053f23138d4439d457c315cf54d21449becad62ccf7f1316f90ab9a5dfead78a6ac7a5f2b5d9f6ec2e5ea4535d264cb22db48cbd405661d08c98cb1c6c8840539f13b28c2541591817bb85ae1a28435264d17e3bc4d05c7d7e457db0c665b3f30ed5ed4818b7442f49014017f08257b7023d371fcfee55e641a5e4c2d22eb65675a54752b6e1c2d1ba25ec1d828569f1093175ff16c7d911ac581bcc1f97c02901d8a553101cb9dbc3a2f8ff0fa9968927bb57ba73138a9956929c2d47a6b463c36d5c41e0f3b9d88568217413af1b11d436405ba95a8849904966362aeac7a639ac244cb1711cf1aa048e51ed47805052ad9a6851eca3d78f1f96d2f56862aed5a691ce0daf9624744ed464de48860a59b69479fa4b2a59c08840ce09c6d9a94b7bc50a8ec120c804e65d2e440a62529932d92a311ac0763dde44616a4107f5fcdefd06e20169f786d581ae6a6bebc464dfdbd1b638ff65bf522aae64b27d74225024ad7c1330b14c253da21dbc35ff4abaf9ab7d73df7ee80a981b88e664624825a3d3a7b89a3bd56b66540dec6c2eab65b19ecf62a30dfd58b7c5d8fa389713835dd9063f0f04d251671c5b3a08e2d831ca6c2e39a1492e4b79a320ebecc3eb015036bf22c8164c1c5da4d84a599ba12be4f40d966dda11d21828bea41722a29c58eca5c71ca000e98f0cdefb19dda65d5ab6865595a23ec73bdaca4dcc1035f69864533f3338301d546e8cf7a1e236ed76fc76eef421a302749d627a6990bd70815f1768a33b1d1a2c05eadb1b05ec9418689726b9a14147fd7f8fdb76ea33474d402c06ac3589cdd3d20faac05091601aa0201ca018f60f1820c90ad9f10388f36816ef0c5629d4217e8079fb3c3ff97cf42c8f292abc06cb1c8cf447a0c6efacae8574600edc8d5df642d5999116d5e2e329098927d3a087d2dd4d400b415ef2d7df287bbac98206d2ee1c4d9d6991be21a962bc8d4a50022d820f2d16b8c579e3247269eb4b6f636a2578a3ee0122201f25150809bc31df2fd28fa0cf41e97d9ad6cf6827fffdef9aae27952053179b6eb37fd9c8f91bb6aea49f241ab64cb16bd24031584536c74a8461d6f4cb8db00c78ded989cbcc4b9c15415a6550922e57f030c67a89c576884d7e8c3dc7fdcc2bb9a0b13385835156efb18154b110e0cadab41764a6cf99eac70f2bc897ceb09f2dd0de3b5520a0c93b725895f7232f2850b7411466cb74f768501532a89801edb44048cddf6aa32a45592247b705040bb54c582e101a340f26ee47e0d2a01adec945ea9dec21eec83749ca967013dbc5e492000ffc544ef23ec912a5eb1d2fa80fdf8e3a0df3316b846b9170ed8d3f3b34da1408b387f220eab80e77d1b171f75704f052f5e38aeb5189daeb13a4f6c8d8c050de752286ed1c3fbe4c35f3874dfd79dd657fb7c3c895e6bfa9a3b1f1a1adc283ac1a603811e8ac81fd4c81b9dfa4748a60a4bfdae8367024c1f51bc3702e40f525a6287024e66fdcfc9034873bed5d0ad84ca2ee352c64a02ed91fe972f3d640b21c14903051088f28b20cc7671f6f56562ce1a96337941f61bf303303de60080e59aa8f2dc0dd548e826e1fa51645d8e517db69d772d1e0d2a329f71956577c66e70b6f8d06615f0fdbcf6e9b316eee9a750d9ac3eb9dd97b2820e147e5767b736bc0f3fe73f79a5bf68ab4fce185aaf71f157418fd17ba162dde8546981b35b80f2f72b1e480a7d0696a826bcb5e04d10f7ea47f143158d5677e60f66bb712ccdf53d9ccc0ea1bf1c0f6881fd261e7247efdf5633b5c4b00ab27ca67757834a6e88689b1e4e284293a62d29b046a50cefc1d8eba2016c33ac3c565dd520e60d5cf07290060d95f25e4163be986374ab157865843b3873e1ee50ece5d0b568409d63c3c9c5dc185f446758e9df1cc9e39cdd3c334cf76224674637899a750c89c8df32c2ec50e88eaee6f3cabe1b8e9d4dba547a46e1b42a521b1c510d6ddbf62aa8e63b655fe0ea8cf6f54b1b9078b01e939615e3f88b51020bc9a485048d394690ef761d217657049d8bf0e17c4b2d1930c892f70cb8d927e25b204b3239a11c2930cdc68124a62ae2fcc3a86e1e91422b25ab80b07c75fd56d7537b8248c15eb438eca6e5c122a75825d2a3c5555ffedce1c10168b808b059cbb6db1d271e378cdf0332c4d01361ddbcfd94604b3419a19f10d1d755271b77a9d077518730355ef3d78722f8d94ec34bdbce1436055b859f37a8a3bc573cadadf14a9d615c0d3de73758372d473116c5bccd6e9bb04c09a05d1831d6a28a537163c5f7478b99a06e5abe051736ec72d431d0e31b06d5b67dc629ee9cf7e06b2e06becd7de90fc4cc92e144b17d3d9a8edb36de0b50c0498c38f1bf62ce8c7b9e14787fab9a8157969b367cfb0671de723b9b8a69fff7613722ff6f27824a07ddc9e6e20d20b7b233a490cc55a10009ecbc9498b08b1ec2b6b7eae49e4ed8ca64922910347d01f923f60196a17a32f4309a6a6a7be02228507796747d73a4b56ca42a0b7c9c1bfe1cd8f08b1e77716b9989df25cca91f8ede5ed4be7642f15a3"})

30.68507841s ago: executing program 32 (id=160):
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0)
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
ioprio_set$uid(0x3, 0x0, 0x0)
r1 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'bond0\x00', <r2=>0x0})
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000000c0)=@newqdisc={0xa4, 0x24, 0xf0b, 0x70bd2b, 0x0, {0x0, 0x0, 0x12, r2, {}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x74, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], 0x0, [0x5, 0x4, 0x22, 0x1, 0x8, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], [0x0, 0x8]}}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x18, 0x2, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_CMD={0x5, 0x2, 0x8}, @TCA_TAPRIO_SCHED_ENTRY_GATE_MASK={0x8, 0x3, 0x6}]}]}]}}]}, 0xa4}}, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r4, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}, 0x6}, 0x1c)
listen(r4, 0x5)
flistxattr(r0, &(0x7f0000000800)=""/4096, 0x1000)
accept(r4, &(0x7f0000000100)=@can, 0x0)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffc}, 0x6e)
sendto$inet6(r5, &(0x7f0000000180)="1a", 0x34000, 0x0, &(0x7f0000000480)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r6 = dup(r0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001e40)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000004c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021100011800c000100636f756e74657200541300000c0a010100000000000000000700000a0900020073797a31000000000900010073797a300000000028130380241300800800034000000002140007800c000100636f756e7465720004000280090009"], 0x13e8}, 0x1, 0x0, 0x0, 0xc800}, 0x0)
sendfile(r6, r6, 0x0, 0xffffffff)

30.504298799s ago: executing program 0 (id=179):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x44004000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fsopen(0x0, 0x1)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000003c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWRULE={0x94, 0x6, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x801}, [@NFTA_RULE_EXPRESSIONS={0x54, 0x4, 0x0, 0x1, [{0x50, 0x1, 0x0, 0x1, @target={{0xb}, @val={0x40, 0x2, 0x0, 0x1, [@NFTA_TARGET_REV={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_TARGET_INFO={0x2c, 0x3, "7339f2f10455afb9fdd672bad09dfb78c7699c74e891a0c700"/40}, @NFTA_TARGET_NAME={0x8, 0x1, 'TEE\x00'}]}}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_COMPAT={0x14, 0x5, 0x0, 0x1, [@NFTA_RULE_COMPAT_PROTO_BRIDGE={0x8}, @NFTA_RULE_COMPAT_FLAGS={0x8, 0x2, 0x1, 0x0, 0x2}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0xbc}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840)

28.978984913s ago: executing program 33 (id=165):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001880), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)={0x28, r1, 0xacf5e67dd0b583a1, 0x0, 0x0, {{0x5}, {@val={0x8, 0x3, r2}, @val={0xc}}}}, 0x28}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a010300000000000000000100fffd0900010073797a300000000040000000030a01020000000000000000010000000900030073797a3200000000140004800800024032658aeb08000140000000010900010073797a300000000044000000060a010400000000000001040100000008000b40000000000900010073797a30000000001c000480180001800d00010073796e70726f7879000000000400028014000000110001"], 0xcc}}, 0x0)
syz_emit_ethernet(0x46, &(0x7f00000002c0)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x2, 0x38, 0x0, 0x0, 0x2, 0x6, 0x0, @empty, @empty}, {{0x10, 0x4e26, 0x41424344, 0x41424344, 0x0, 0x0, 0x9, 0xc2, 0x1, 0x0, 0x0, {[@timestamp={0x8, 0xa, 0x4, 0xd}, @mss={0x2, 0x4, 0x5df4}, @sack={0x5, 0x2}]}}}}}}}, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYRES8=0x0], 0x38}, 0x1, 0x0, 0x0, 0x40}, 0x200400d1)

27.840692815s ago: executing program 34 (id=167):
syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000000)={0x0, &(0x7f0000000100)=[@code={0xa, 0x4f, {"3ef30f090f20c035010000000f22c0c441c9e513c462f94196d5bc589d66b83e018ed8b9800000c00f3235000100000f30f3dcfc0f015d010fc719440f30"}}], 0x4f})
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x560, 0x0, 0x6}]})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_SET_LAPIC(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000100)={"b46474f815e8d5535f0887c44335cc824dc6121bc72a77f532ff5dad4d643a9cab29d2310e04be14eb26c0af4985fe45e3b3b0680b3ec92725d74b9716e0f7c3119a2c9a0ae65ff4772e2e12733cb013c4308fe40863480747c0a7ddb9361b1578015ca1bb2c1677ebae096f08345476f567443842946ed946434c75916d1db83fe305920de65bfaf9bd940672216846cb16b8ae67cd3affc61375381f91b3b9f1cc5e38cafe5239aee71dcd481fbe1ecd2547ffbaad4469a74697c28fb9beefa6a5d736712a55eb9110c2cf7964062ba8cbc1c038e84f0f5db7fc7053118bf5221e3efa6fc3edb5d0ca3cde7054dd0751a332520aa8478b1775d552c5cc24d3c2df9eb333e5ca3aa06c1c2cf8526714f5caff2f55b41976fc20b64f1fc61d5b44f50953582a1825d32130a31abfeafd1987317879e29ac51b93c9659e023fff3ddb5e39dd19cc3ef1d883c78b9e073d08a9197fb3717df238b9831831214b186693be9dd2568bb77272e80df5dfed03e8c467627bedfbd93359a9f79a3aa37e873dc1357b37b43d813ea85267b0dc8b1c4cc51bd985328833beb2679b7fb762555bbea2da936b36f8f1673fd5f606b2b6eb23b72bf947206e8dbfeb40ca6f265a3485c8446e0f0da652860b88328073d2282c14b48a7774e62754a968b60e92205e8fafcdd70a55c3c4d1a4821ff44e6e3681f15ae091262e3a3290a24d8ceae30ebbf9d24287bb8a5d73c608d47d287f9e716cf02b4796a83fb0c05e45b89de9ef8bce834e6d7a0be6e30d2c66cb6e640cb01898454ad361bc0701d8fe56113335ae6adec59300db04691cc4a689034272a8e086a32ce7061b4f79fa8afbb48a6ce4b62bdc44af013d78980457e1fa61eb9204818606f4c3b03c0f33cd2a841ac9bc2b73151a96e31ab99e6ec969b5f2c3edd5f9abc69845e487af992758ba445368da93dae1d44360d52a534a88276b8aaf349841d8a4788c60408618437c442308dbf70efeda2e54e9b9e4fe5f76997c9dcb945a26bd75748c85d19ca8b99264dce50580e8d4dbda401dad7df31e9a7a6a3a83bfbdfb5394abd581ac0824fbcd75d2f5205c0b7c9188e6f26bfd97734d9a20433f6cdba9d14a5f32a4d97a57f4603b21146fd1aebf082e863d463c224ad623c17d8043d3bf083f0322408dd6ead6915ac6a4222ab51480eb6e11a8913348219515170d9df90d72d7363bbda3e327d19f98c0a856f98076380e788e602e8a2ae0a1930786874dc21a2e99abda15f35457cf1dcb440c4b41350d0eda352aad7f57a0adc8a6914da06460635ed21c4c11cd1a8ec778064c9f62efba2927828b23f94b16619a5520731c2c40ab8583c9f2e73233d74b84f4877ce6b35bb1180300"})
ioctl$KVM_XEN_HVM_CONFIG(0xffffffffffffffff, 0x4038ae7a, &(0x7f0000000100)={0x0, 0xaaa, &(0x7f0000000240)="23591363adf94c4a3525c373b8be3e8d267254", 0x0, 0x13})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000003c0)={[0x60000000004, 0x1000000000, 0x5, 0x41, 0x2000000, 0x0, 0x2004cb, 0x0, 0xa1d, 0x68ff, 0x5, 0x0, 0x3, 0x2], 0x10000, 0x202})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000100)={{0xd000, 0x17d739293968d0b1, 0x0, 0x0, 0x8, 0x0, 0x7, 0x2, 0x0, 0x8, 0x6, 0x40}, {0xffff1000, 0x10000, 0x3, 0x0, 0x2, 0x0, 0x7, 0x0, 0x7, 0xff, 0x4}, {0xeeee0000, 0x1000, 0xc, 0x0, 0x7, 0xc4, 0x0, 0x0, 0x48, 0x3, 0x0, 0xfc}, {0x1, 0x0, 0x9, 0x1, 0x1, 0x0, 0x9, 0x0, 0x8, 0x0, 0x4}, {0xdddd0000, 0xffff1000, 0x3, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x38}, {0x0, 0x0, 0xe, 0x78, 0x5, 0x0, 0x2, 0x0, 0x0, 0xff, 0x40}, {0x0, 0x8080000, 0xa, 0x0, 0x4, 0x0, 0xa1, 0x20}, {0x0, 0x6000, 0x10, 0x0, 0x0, 0x7, 0x8, 0x40, 0x26, 0x0, 0x0, 0x2}, {0x80a0000, 0xdf}, {0xdddd1000}, 0xddf8ffdb, 0x0, 0x0, 0x0, 0x0, 0xf801, 0x0, [0x80000001, 0x0, 0x5]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

26.799685157s ago: executing program 0 (id=182):
semctl$SEM_STAT(0x0, 0x1, 0x12, &(0x7f0000000200)=""/144)

26.596045262s ago: executing program 0 (id=183):
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x1e)
mount$bind(&(0x7f0000000000)='./file0\x00', &(0x7f00000001c0)='./file0/../file0\x00', 0x0, 0x3010dd, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(0xffffffffffffff9c, &(0x7f0000008080)='./file0\x00', r0, 0x0, 0x160) (fail_nth: 1)

22.517874477s ago: executing program 35 (id=170):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x87f}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x8080}, 0x40020)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETTABLE(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)={0x14, 0x1, 0xa, 0x101, 0x0, 0x0, {0x0, 0x0, 0x5}}, 0x14}, 0x1, 0x0, 0x0, 0xa8b82511714f5670}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000001300)=@newtfilter={0x88c, 0x2c, 0xd27, 0x70bd25, 0x5, {0x0, 0x0, 0x0, r3, {0x0, 0xfffc}, {}, {0x4, 0x2}}, [@filter_kind_options=@f_bpf={{0x8}, {0x858, 0x2, [@TCA_BPF_POLICE={0x848, 0x2, [@TCA_POLICE_TBF={0x3c, 0x1, {0xe, 0x7, 0x4, 0xc, 0x9, {0xd, 0x2, 0x4, 0x4, 0x7, 0x401}, {0x4, 0x1, 0x5, 0x10, 0xfff7, 0x4b2}, 0x6, 0x14ff, 0x3ff}}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x38, 0x1, 0x1, 0x8, 0x7f, 0x6, 0x3, 0x6, 0x1, 0x86, 0x9, 0x6, 0x5, 0x9, 0x5f, 0x0, 0x0, 0x13f, 0xfffffffe, 0x0, 0xd31, 0xf54, 0x9, 0x4, 0x4, 0x6, 0x9, 0x7fffffff, 0xfffffffd, 0x7fffffff, 0x8, 0x0, 0xfffffffe, 0x5, 0x5dbd0fd8, 0x8, 0x1887, 0x2, 0x95f, 0x7, 0x6, 0xa, 0x7f, 0xfffffffe, 0x8, 0x2, 0x6, 0x4, 0x6, 0x402f, 0xd, 0x5, 0x6f9d, 0x0, 0x800, 0x3ff, 0x8, 0xa, 0x9, 0x4, 0xd, 0x3, 0xb8f, 0x6, 0x0, 0xffffffff, 0x8000, 0xffffffff, 0x8, 0xfffffffc, 0xffff8f94, 0x4, 0x9, 0x2, 0x54eef174, 0xc, 0x9, 0x5, 0xe2, 0x20004, 0x1, 0xffff, 0x5, 0x5, 0x7, 0x5, 0x7, 0x4, 0x4, 0x7, 0x100, 0x8, 0x2, 0x9, 0x0, 0x0, 0xe32, 0x6, 0x8, 0x6, 0x66, 0x7, 0x7, 0x8, 0x5b, 0x7625, 0x51, 0x6, 0xfffffffe, 0x0, 0xa4d, 0x2, 0x10001, 0x7, 0x8, 0x3, 0x8, 0x3, 0x6, 0x6, 0xffffffff, 0x3, 0x0, 0x400000, 0xc55b, 0x8000, 0xf943, 0x4, 0x3000000, 0x2, 0x10000, 0xd, 0xffffffff, 0x9, 0xd3, 0xfffffffb, 0x4, 0x9, 0x401, 0x82baa23, 0xd, 0x0, 0x6, 0x21a, 0xe, 0x1, 0x1430, 0x8, 0x4, 0x7, 0xe, 0x7dab, 0x4, 0x5, 0x4, 0x3, 0xfffffffe, 0x7, 0x6, 0x8ef6, 0x7239, 0x80000001, 0x0, 0xd41, 0x6, 0x2, 0x4, 0x200, 0x8, 0x5, 0xc14, 0x7324, 0x4, 0x50f6, 0x5, 0x4, 0x3, 0x2, 0x7, 0x4, 0x6, 0x5, 0x3, 0x7767, 0x8, 0xe0ba, 0x4f, 0x3, 0x4, 0x7, 0x7fffffff, 0x3, 0x3, 0x5, 0x8, 0x4, 0x80, 0x401, 0x7, 0x1, 0x0, 0x8, 0x7c4, 0x3, 0x6, 0x6, 0xe8, 0x0, 0x6, 0x6, 0x3, 0x8a4, 0x1, 0x9, 0x9, 0x9, 0x200, 0x7, 0xd235, 0x9, 0x7fffffff, 0xf7d, 0x8001, 0x2, 0x7fff, 0x9f7c, 0x7, 0x4, 0xf, 0x1, 0x2, 0x6, 0x400, 0x5, 0x80, 0x400, 0x5, 0xc, 0xff, 0xffff7002, 0x63c, 0x9, 0x1ff, 0xfff, 0x8, 0x8c, 0x40, 0x8, 0xed6, 0xf6, 0x0, 0x3, 0x9, 0x10, 0x9, 0x6]}, @TCA_POLICE_RATE={0x404, 0x2, [0x8, 0x6, 0x8, 0x8000, 0x8, 0x2, 0x9, 0x5, 0xfff, 0x3, 0x101, 0xbf7, 0x8, 0xff, 0x6, 0x113, 0xffff, 0x1, 0x8, 0x7fffffff, 0x6, 0x9, 0x33, 0x5, 0x2f7, 0x100, 0x21, 0x4, 0x7, 0xff, 0x6, 0xfffffffe, 0x7, 0x8, 0x1, 0x8, 0xf33c, 0x3, 0x1, 0x80000000, 0x62e, 0x3, 0xdb2, 0x0, 0xe00, 0x4, 0x2, 0x3, 0x2, 0xfffffff6, 0x5, 0x3, 0x7, 0x8, 0x1, 0x7f, 0x8, 0x6, 0x4, 0x3, 0x0, 0x803, 0x1, 0x5, 0x0, 0x8000, 0xfffffffa, 0xb7, 0xc8b6f5a2, 0x6, 0x2f, 0x7ff, 0x9, 0x8, 0x6, 0x0, 0x8, 0x9, 0x0, 0x5, 0x8b34, 0x2, 0x7e, 0x4, 0x4, 0xfeffffff, 0x1, 0xa, 0xfffffffb, 0x3, 0xffffffff, 0x0, 0x4, 0xd6, 0x7, 0x4, 0x3, 0x8, 0x9, 0x8, 0x2de0, 0x5191, 0x6, 0x401, 0x7, 0x9, 0x7, 0x3, 0x6, 0x1, 0xfffffffb, 0xb839, 0xfffffffa, 0x4, 0x768, 0x7, 0x7f, 0x6, 0x7, 0x4, 0x8b, 0x4, 0x0, 0x5, 0xf0, 0x42490, 0xd, 0x3, 0x5c, 0x80, 0x2, 0x800, 0x8, 0x6, 0xff, 0xffff0000, 0x3, 0x10000, 0x80000001, 0x5, 0xffffffff, 0x4be24694, 0x2, 0x2, 0x100, 0x5, 0x1, 0x7, 0x4, 0xffffff95, 0x5, 0x0, 0xc, 0x6, 0x1000, 0xa, 0x7, 0x4, 0x340, 0x0, 0x0, 0x7, 0x101, 0x2, 0x7ce2352, 0x7fffffff, 0x5e, 0x8e5b, 0x3, 0x8, 0x9, 0x1, 0x80000000, 0x7, 0x301, 0x91, 0x3, 0x80000001, 0x9, 0x1, 0x3e79, 0xffffffff, 0x8, 0x525, 0x7, 0x6, 0x2470a614, 0xe, 0x8, 0x5, 0x7, 0x0, 0x5, 0x4, 0x1, 0x1, 0xfffffc1f, 0x6, 0x2, 0x1, 0x9, 0x7fff, 0xffffffff, 0x4, 0xffff2b7d, 0x4, 0xcdff, 0x9, 0x0, 0x49, 0x6, 0x0, 0x5, 0x9, 0x7, 0x8, 0x7, 0xea, 0x7, 0x7, 0x2, 0x5, 0xff, 0x6, 0xffff, 0x4cd, 0x7, 0x3, 0x3, 0x10001, 0x0, 0x6, 0x7, 0xffffffff, 0xe000000, 0x1, 0x4, 0x7, 0x8, 0xb, 0x7, 0x0, 0xcb65, 0x6, 0xe, 0x240000, 0x9, 0x8, 0x8, 0xfffffff8, 0x9, 0xf, 0x8, 0x5, 0x9, 0x100]}]}, @TCA_BPF_OPS={{0x6}, {0x4}}]}}, @TCA_RATE={0x6, 0x5, {0x2, 0x10}}]}, 0x88c}, 0x1, 0x0, 0x0, 0xc004884}, 0x0)
r5 = io_uring_setup(0x41d9, &(0x7f0000000100)={0x0, 0xcfcd, 0x2, 0x3, 0x44})
io_uring_setup(0x5f2b, &(0x7f0000000000)={0x0, 0x33b4, 0x22, 0x0, 0x2b5, 0x0, r5})

20.002562619s ago: executing program 0 (id=185):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_open_dev$video(0x0, 0x485, 0x40000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_procfs(r1, 0x0)
keyctl$set_reqkey_keyring(0xe, 0x4)
request_key(&(0x7f0000000000)='asymmetric\x00', &(0x7f00000001c0)={'syz', 0x2}, &(0x7f0000000380)='\x00\xb2\xd1)\xda\xff|\xd1\x85b\xad77\x00\fJ\xfc\xb4\x1e\xae\xe8:`\xe9\x9ew\xf5l\xee\x8dg\xc2\'\x88\xe9\xf3\x05\xe02\xe6\v_\xe9\x89\x86s\x8dh#%\xe4\xb1\xd0\x93\xceh\xfcsP)\xd9\xce5+?\xc6\xf7\xc0[G\x15\xde-x\xa9\xe5,\xec\xf6\xfb\xc9~2\xa1\xeb\xb3Pp\x93\x90\x17\xb2\x95\xe7\r\xae^\x92n\xbd\xf3\xb1\xac\xe3sf\xc9X\x05j:\xb6~\xa6#\xbf\x06t\xf2\xb5gd\xd7\xcc\"A_\xecu\xe8<dR}\x8e\b\x16\x8c\xa6\x01\x11\x97S\x99k\x1e\x03\x8e\xea\v}+\".\xda,\xfe\xb7\xbf\x01T\x99\xbdF\xd4\x925[\xd1\xeb\xdf\x98\xfa\xb0\x93\xc3>\x84\xe3\x92J\xaa!\xae\xa2\xd7\xf3\xc6J\xb9i\x9d\xb4{\xee\xf0|\xd9\x05\xaa\xbb\xfe\x12\xa0\xbb\xecY\x0f \xa3\xba?#\x90\x8c,nNQ<pCoa\xf2\xd1\x96\x8f\xf3>\xa1\xed', 0x0)
r4 = socket$can_j1939(0x1d, 0x2, 0x7)
getsockopt$SO_J1939_ERRQUEUE(r4, 0x6b, 0x4, &(0x7f0000000000), 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x20, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb7020000080000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x73cea2d47785b264, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$nl_rdma(0x10, 0x3, 0x14)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000010c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$inet(r5, &(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000940)=ANY=[@ANYBLOB="48000000000000000000000007000000440cef310a0101028000000000018628000000010509e7c2dc36f59185060b7fbd99b7f857f7e63c02059aeb680709d6644734ae138600001400000000000b"], 0xa8}, 0x4000000)

15.288077681s ago: executing program 0 (id=186):
r0 = openat$comedi(0xffffff9c, &(0x7f0000000040)='/dev/comedi2\x00', 0xa400, 0x0)
r1 = socket$tipc(0x1e, 0x5, 0x0)
recvfrom(r1, &(0x7f0000000080)=""/41, 0x29, 0x20, 0x0, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000001c0)=ANY=[@ANYBLOB="540000001000010029bd70000000000000000000", @ANYRES32=0x0, @ANYBLOB="8427000000000000140003006e657464657673696d3000000000000008002900449d00001800168014000180100006"], 0x54}, 0x1, 0x0, 0x0, 0x20000084}, 0x4804)
fcntl$setflags(r0, 0x2, 0x0)
mount$afs(&(0x7f0000000000)=@cell={0x6, '', 'syz0', '.backup'}, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000100), 0x40060, &(0x7f0000000300)={[{}, {@dyn}, {}, {@flock_strict}, {@dyn}, {@flock_write}, {}], [{@appraise_type}, {@fsmagic={'fsmagic', 0x3d, 0xfffffffffffffff5}}, {@uid_eq}, {@func={'func', 0x3d, 'FIRMWARE_CHECK'}}, {@fscontext={'fscontext', 0x3d, 'system_u'}}, {@rootcontext={'rootcontext', 0x3d, 'unconfined_u'}}, {@pcr={'pcr', 0x3d, 0x2}}]})
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f0000000140)={'c6xdigio\x00', [0xb02f, 0x7ff, 0xe2, 0x3, 0x88d7, 0x8d, 0x1007, 0x1, 0x1002, 0x1, 0x203, 0x7, 0x10000009, 0x1, 0x5, 0x401, 0x8, 0x3, 0x9, 0x8e, 0x10c, 0x4003, 0x7, 0xa, 0xc, 0x1, 0xb0c4, 0xe, 0xff, 0x400002, 0xff]})

0s ago: executing program 36 (id=186):
r0 = openat$comedi(0xffffff9c, &(0x7f0000000040)='/dev/comedi2\x00', 0xa400, 0x0)
r1 = socket$tipc(0x1e, 0x5, 0x0)
recvfrom(r1, &(0x7f0000000080)=""/41, 0x29, 0x20, 0x0, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000001c0)=ANY=[@ANYBLOB="540000001000010029bd70000000000000000000", @ANYRES32=0x0, @ANYBLOB="8427000000000000140003006e657464657673696d3000000000000008002900449d00001800168014000180100006"], 0x54}, 0x1, 0x0, 0x0, 0x20000084}, 0x4804)
fcntl$setflags(r0, 0x2, 0x0)
mount$afs(&(0x7f0000000000)=@cell={0x6, '', 'syz0', '.backup'}, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000100), 0x40060, &(0x7f0000000300)={[{}, {@dyn}, {}, {@flock_strict}, {@dyn}, {@flock_write}, {}], [{@appraise_type}, {@fsmagic={'fsmagic', 0x3d, 0xfffffffffffffff5}}, {@uid_eq}, {@func={'func', 0x3d, 'FIRMWARE_CHECK'}}, {@fscontext={'fscontext', 0x3d, 'system_u'}}, {@rootcontext={'rootcontext', 0x3d, 'unconfined_u'}}, {@pcr={'pcr', 0x3d, 0x2}}]})
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f0000000140)={'c6xdigio\x00', [0xb02f, 0x7ff, 0xe2, 0x3, 0x88d7, 0x8d, 0x1007, 0x1, 0x1002, 0x1, 0x203, 0x7, 0x10000009, 0x1, 0x5, 0x401, 0x8, 0x3, 0x9, 0x8e, 0x10c, 0x4003, 0x7, 0xa, 0xc, 0x1, 0xb0c4, 0xe, 0xff, 0x400002, 0xff]})

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.0.155' (ED25519) to the list of known hosts.
[   76.411282][ T5828] cgroup: Unknown subsys name 'net'
[   76.683661][ T5828] cgroup: Unknown subsys name 'cpuset'
[   76.739622][ T5828] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   78.396376][ T5828] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   81.035338][   T59] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   81.037965][   T59] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   81.038770][   T59] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   81.042659][   T59] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   81.043495][   T59] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   81.065441][ T5159] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   81.067515][ T5159] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   81.068248][ T5159] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   81.069526][ T5159] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   81.070262][ T5159] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   81.214964][ T5159] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   81.231193][ T5842] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   81.232000][ T5842] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   81.235565][ T5842] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   81.237498][ T5842] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   81.259899][ T5853] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   81.260986][ T5853] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   81.266093][ T5853] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   81.270144][   T59] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   81.270915][   T59] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   81.312129][ T5857] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   81.314157][ T5857] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   81.314938][ T5857] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   81.316107][ T5857] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   81.316862][ T5857] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   82.137314][ T5843] chnl_net:caif_netlink_parms(): no params data found
[   82.256186][ T5838] chnl_net:caif_netlink_parms(): no params data found
[   82.479149][ T5847] chnl_net:caif_netlink_parms(): no params data found
[   82.730408][ T5850] chnl_net:caif_netlink_parms(): no params data found
[   82.800761][ T5848] chnl_net:caif_netlink_parms(): no params data found
[   82.934023][ T5843] bridge0: port 1(bridge_slave_0) entered blocking state
[   82.935104][ T5843] bridge0: port 1(bridge_slave_0) entered disabled state
[   82.935455][ T5843] bridge_slave_0: entered allmulticast mode
[   82.937086][ T5843] bridge_slave_0: entered promiscuous mode
[   83.059631][ T5843] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.059805][ T5843] bridge0: port 2(bridge_slave_1) entered disabled state
[   83.059976][ T5843] bridge_slave_1: entered allmulticast mode
[   83.062814][ T5843] bridge_slave_1: entered promiscuous mode
[   83.140710][ T5857] Bluetooth: hci0: command tx timeout
[   83.140836][ T5857] Bluetooth: hci1: command tx timeout
[   83.300056][ T5842] Bluetooth: hci2: command tx timeout
[   83.358254][ T5838] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.358394][ T5838] bridge0: port 1(bridge_slave_0) entered disabled state
[   83.358686][ T5838] bridge_slave_0: entered allmulticast mode
[   83.361713][ T5838] bridge_slave_0: entered promiscuous mode
[   83.388791][ T5842] Bluetooth: hci4: command tx timeout
[   83.389690][ T5857] Bluetooth: hci3: command tx timeout
[   83.518673][ T5838] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.518747][ T5838] bridge0: port 2(bridge_slave_1) entered disabled state
[   83.520177][ T5838] bridge_slave_1: entered allmulticast mode
[   83.529165][ T5838] bridge_slave_1: entered promiscuous mode
[   83.606427][ T5843] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   83.730630][ T5847] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.730768][ T5847] bridge0: port 1(bridge_slave_0) entered disabled state
[   83.730940][ T5847] bridge_slave_0: entered allmulticast mode
[   83.733686][ T5847] bridge_slave_0: entered promiscuous mode
[   83.751652][ T5843] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   83.890569][ T5847] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.890833][ T5847] bridge0: port 2(bridge_slave_1) entered disabled state
[   83.891008][ T5847] bridge_slave_1: entered allmulticast mode
[   83.894880][ T5847] bridge_slave_1: entered promiscuous mode
[   84.104949][ T5838] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   84.310331][ T5850] bridge0: port 1(bridge_slave_0) entered blocking state
[   84.310598][ T5850] bridge0: port 1(bridge_slave_0) entered disabled state
[   84.311220][ T5850] bridge_slave_0: entered allmulticast mode
[   84.313925][ T5850] bridge_slave_0: entered promiscuous mode
[   84.318427][ T5838] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   84.524962][ T5848] bridge0: port 1(bridge_slave_0) entered blocking state
[   84.525133][ T5848] bridge0: port 1(bridge_slave_0) entered disabled state
[   84.525327][ T5848] bridge_slave_0: entered allmulticast mode
[   84.528083][ T5848] bridge_slave_0: entered promiscuous mode
[   84.561883][ T5843] team0: Port device team_slave_0 added
[   84.562685][ T5850] bridge0: port 2(bridge_slave_1) entered blocking state
[   84.562813][ T5850] bridge0: port 2(bridge_slave_1) entered disabled state
[   84.563043][ T5850] bridge_slave_1: entered allmulticast mode
[   84.565801][ T5850] bridge_slave_1: entered promiscuous mode
[   84.667390][ T5847] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   84.667873][ T5848] bridge0: port 2(bridge_slave_1) entered blocking state
[   84.667998][ T5848] bridge0: port 2(bridge_slave_1) entered disabled state
[   84.668170][ T5848] bridge_slave_1: entered allmulticast mode
[   84.700763][ T5848] bridge_slave_1: entered promiscuous mode
[   84.705575][ T5843] team0: Port device team_slave_1 added
[   84.864749][ T5847] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   85.068736][ T5838] team0: Port device team_slave_0 added
[   85.219089][ T5842] Bluetooth: hci1: command tx timeout
[   85.219121][ T5842] Bluetooth: hci0: command tx timeout
[   85.300089][ T5850] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   85.302667][ T5838] team0: Port device team_slave_1 added
[   85.374751][ T5848] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   85.378228][ T5843] batman_adv: batadv0: Adding interface: batadv_slave_0
[   85.378238][ T5843] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   85.378251][ T5843] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   85.379160][ T5842] Bluetooth: hci2: command tx timeout
[   85.387493][ T5850] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   85.459232][ T5842] Bluetooth: hci3: command tx timeout
[   85.459250][ T5857] Bluetooth: hci4: command tx timeout
[   85.502880][ T5847] team0: Port device team_slave_0 added
[   85.506043][ T5848] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   85.506647][ T5843] batman_adv: batadv0: Adding interface: batadv_slave_1
[   85.506658][ T5843] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   85.506672][ T5843] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   85.901488][ T5847] team0: Port device team_slave_1 added
[   86.042522][ T5838] batman_adv: batadv0: Adding interface: batadv_slave_0
[   86.042539][ T5838] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   86.042562][ T5838] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   86.204361][ T5850] team0: Port device team_slave_0 added
[   86.205579][ T5838] batman_adv: batadv0: Adding interface: batadv_slave_1
[   86.205593][ T5838] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   86.205615][ T5838] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   86.291934][ T5848] team0: Port device team_slave_0 added
[   86.309824][ T5850] team0: Port device team_slave_1 added
[   86.311435][ T5847] batman_adv: batadv0: Adding interface: batadv_slave_0
[   86.311448][ T5847] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   86.311471][ T5847] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   86.313980][ T5848] team0: Port device team_slave_1 added
[   86.471879][ T5847] batman_adv: batadv0: Adding interface: batadv_slave_1
[   86.471893][ T5847] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   86.471906][ T5847] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   86.823241][ T1234] cfg80211: failed to load regulatory.db
[   86.851528][ T5843] hsr_slave_0: entered promiscuous mode
[   86.854087][ T5843] hsr_slave_1: entered promiscuous mode
[   87.041145][ T5850] batman_adv: batadv0: Adding interface: batadv_slave_0
[   87.041167][ T5850] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   87.041185][ T5850] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   87.047278][ T5848] batman_adv: batadv0: Adding interface: batadv_slave_0
[   87.047291][ T5848] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   87.047304][ T5848] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   87.161839][ T5850] batman_adv: batadv0: Adding interface: batadv_slave_1
[   87.161855][ T5850] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   87.161876][ T5850] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   87.165713][ T5848] batman_adv: batadv0: Adding interface: batadv_slave_1
[   87.165728][ T5848] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   87.165749][ T5848] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   87.178860][ T5838] hsr_slave_0: entered promiscuous mode
[   87.180598][ T5838] hsr_slave_1: entered promiscuous mode
[   87.181596][ T5838] debugfs: 'hsr0' already exists in 'hsr'
[   87.181708][ T5838] Cannot create hsr debugfs directory
[   87.299202][ T5857] Bluetooth: hci0: command tx timeout
[   87.299296][ T5842] Bluetooth: hci1: command tx timeout
[   87.461339][ T5842] Bluetooth: hci2: command tx timeout
[   87.490634][ T5847] hsr_slave_0: entered promiscuous mode
[   87.492086][ T5847] hsr_slave_1: entered promiscuous mode
[   87.492960][ T5847] debugfs: 'hsr0' already exists in 'hsr'
[   87.492982][ T5847] Cannot create hsr debugfs directory
[   87.539351][ T5857] Bluetooth: hci3: command tx timeout
[   87.539480][ T5842] Bluetooth: hci4: command tx timeout
[   88.040912][ T5850] hsr_slave_0: entered promiscuous mode
[   88.042939][ T5850] hsr_slave_1: entered promiscuous mode
[   88.043439][ T5850] debugfs: 'hsr0' already exists in 'hsr'
[   88.043461][ T5850] Cannot create hsr debugfs directory
[   88.241833][ T5848] hsr_slave_0: entered promiscuous mode
[   88.242622][ T5848] hsr_slave_1: entered promiscuous mode
[   88.243107][ T5848] debugfs: 'hsr0' already exists in 'hsr'
[   88.243127][ T5848] Cannot create hsr debugfs directory
[   89.380777][ T5857] Bluetooth: hci0: command tx timeout
[   89.380820][ T5842] Bluetooth: hci1: command tx timeout
[   89.496749][ T5843] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   89.527237][ T5843] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   89.539523][ T5842] Bluetooth: hci2: command tx timeout
[   89.567731][ T5843] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   89.619165][ T5842] Bluetooth: hci4: command tx timeout
[   89.619195][ T5842] Bluetooth: hci3: command tx timeout
[   89.633796][ T5843] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   89.767976][ T5838] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   89.820643][ T5838] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   89.858677][ T5838] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   89.909603][ T5838] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   90.054203][ T5847] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   90.092718][ T5847] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   90.134046][ T5847] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   90.193633][ T5847] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   90.376912][ T5848] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   90.417392][ T5848] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   90.457657][ T5848] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   90.503274][ T5848] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   90.625320][ T5843] 8021q: adding VLAN 0 to HW filter on device bond0
[   90.696915][ T5850] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   90.737636][ T5850] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   90.787502][ T5850] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   90.830195][ T5850] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   90.862043][ T5843] 8021q: adding VLAN 0 to HW filter on device team0
[   90.921679][ T1152] bridge0: port 1(bridge_slave_0) entered blocking state
[   90.922178][ T1152] bridge0: port 1(bridge_slave_0) entered forwarding state
[   90.965288][ T5838] 8021q: adding VLAN 0 to HW filter on device bond0
[   90.972658][ T1153] bridge0: port 2(bridge_slave_1) entered blocking state
[   90.972797][ T1153] bridge0: port 2(bridge_slave_1) entered forwarding state
[   91.096609][ T5838] 8021q: adding VLAN 0 to HW filter on device team0
[   91.146351][ T1156] bridge0: port 1(bridge_slave_0) entered blocking state
[   91.146492][ T1156] bridge0: port 1(bridge_slave_0) entered forwarding state
[   91.178015][ T5847] 8021q: adding VLAN 0 to HW filter on device bond0
[   91.212215][ T1153] bridge0: port 2(bridge_slave_1) entered blocking state
[   91.212341][ T1153] bridge0: port 2(bridge_slave_1) entered forwarding state
[   91.308012][ T5847] 8021q: adding VLAN 0 to HW filter on device team0
[   91.356480][ T5848] 8021q: adding VLAN 0 to HW filter on device bond0
[   91.381809][ T1152] bridge0: port 1(bridge_slave_0) entered blocking state
[   91.381959][ T1152] bridge0: port 1(bridge_slave_0) entered forwarding state
[   91.464150][ T1138] bridge0: port 2(bridge_slave_1) entered blocking state
[   91.464342][ T1138] bridge0: port 2(bridge_slave_1) entered forwarding state
[   91.595420][ T5848] 8021q: adding VLAN 0 to HW filter on device team0
[   91.653503][ T5850] 8021q: adding VLAN 0 to HW filter on device bond0
[   91.669053][   T57] bridge0: port 1(bridge_slave_0) entered blocking state
[   91.669274][   T57] bridge0: port 1(bridge_slave_0) entered forwarding state
[   91.738703][ T4906] bridge0: port 2(bridge_slave_1) entered blocking state
[   91.738848][ T4906] bridge0: port 2(bridge_slave_1) entered forwarding state
[   91.898775][ T5850] 8021q: adding VLAN 0 to HW filter on device team0
[   91.932621][ T5843] 8021q: adding VLAN 0 to HW filter on device batadv0
[   91.971090][ T1152] bridge0: port 1(bridge_slave_0) entered blocking state
[   91.971239][ T1152] bridge0: port 1(bridge_slave_0) entered forwarding state
[   92.045702][ T1153] bridge0: port 2(bridge_slave_1) entered blocking state
[   92.046036][ T1153] bridge0: port 2(bridge_slave_1) entered forwarding state
[   92.222026][ T5838] 8021q: adding VLAN 0 to HW filter on device batadv0
[   92.390534][ T5843] veth0_vlan: entered promiscuous mode
[   92.447808][ T5847] 8021q: adding VLAN 0 to HW filter on device batadv0
[   92.481844][ T5843] veth1_vlan: entered promiscuous mode
[   92.642334][ T5838] veth0_vlan: entered promiscuous mode
[   92.738616][ T5848] 8021q: adding VLAN 0 to HW filter on device batadv0
[   92.748051][ T5838] veth1_vlan: entered promiscuous mode
[   92.837511][ T5843] veth0_macvtap: entered promiscuous mode
[   92.846847][ T5847] veth0_vlan: entered promiscuous mode
[   92.871153][ T5843] veth1_macvtap: entered promiscuous mode
[   92.917943][ T5847] veth1_vlan: entered promiscuous mode
[   92.991882][ T5850] 8021q: adding VLAN 0 to HW filter on device batadv0
[   93.003298][ T5843] batman_adv: batadv0: Interface activated: batadv_slave_0
[   93.017546][ T5838] veth0_macvtap: entered promiscuous mode
[   93.065780][ T5843] batman_adv: batadv0: Interface activated: batadv_slave_1
[   93.080092][ T5838] veth1_macvtap: entered promiscuous mode
[   93.131091][ T1156] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   93.148202][ T1156] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   93.166796][ T1156] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   93.188405][ T1156] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   93.268703][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_0
[   93.293931][ T5847] veth0_macvtap: entered promiscuous mode
[   93.363140][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_1
[   93.412281][ T5847] veth1_macvtap: entered promiscuous mode
[   93.466540][ T1156] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   93.491385][ T1156] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   93.498774][ T1156] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   93.537714][ T1156] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   93.592980][ T1153] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   93.593069][ T1153] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   93.611893][ T5850] veth0_vlan: entered promiscuous mode
[   93.685124][ T5847] batman_adv: batadv0: Interface activated: batadv_slave_0
[   93.781572][ T5847] batman_adv: batadv0: Interface activated: batadv_slave_1
[   93.820926][ T5850] veth1_vlan: entered promiscuous mode
[   93.904001][ T1138] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   93.904021][ T1138] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   93.944532][   T57] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   93.962802][ T5848] veth0_vlan: entered promiscuous mode
[   93.964291][   T57] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   93.988668][   T57] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   94.023914][   T57] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   94.102848][ T4758] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   94.102867][ T4758] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   94.105623][ T5848] veth1_vlan: entered promiscuous mode
[   94.378852][ T5850] veth0_macvtap: entered promiscuous mode
[   94.387518][   T57] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   94.387537][   T57] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   94.405603][ T5850] veth1_macvtap: entered promiscuous mode
[   94.505904][ T5848] veth0_macvtap: entered promiscuous mode
[   94.535845][ T5848] veth1_macvtap: entered promiscuous mode
[   94.559665][ T5850] batman_adv: batadv0: Interface activated: batadv_slave_0
[   94.588253][ T5850] batman_adv: batadv0: Interface activated: batadv_slave_1
[   94.683200][   T57] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   95.449000][   T57] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   95.483785][ T5848] batman_adv: batadv0: Interface activated: batadv_slave_0
[   95.483868][   T57] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   95.635463][ T1138] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   95.642571][ T1138] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   95.642590][ T1138] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   95.686375][ T5848] batman_adv: batadv0: Interface activated: batadv_slave_1
[   95.744811][ T5965] capability: warning: `syz.0.1' uses deprecated v2 capabilities in a way that may be insecure
[   96.743104][ T4758] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   96.789102][ T4758] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   96.833085][ T4758] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   97.068685][ T4758] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   97.828290][   T57] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   97.828312][   T57] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  101.605029][ T1154] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  101.605050][ T1154] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  101.718976][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  101.778965][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  103.351254][ T4758] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  103.351273][ T4758] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  103.370380][ T5996] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  104.486350][  T999] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  104.486372][  T999] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  104.790331][   T37] audit: type=1326 audit(1759079826.796:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6002 comm="syz.0.13" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ba7eeeec9 code=0x7ffc0000
[  104.790375][   T37] audit: type=1326 audit(1759079826.806:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6002 comm="syz.0.13" exe="/root/syz-executor" sig=0 arch=c000003e syscall=47 compat=0 ip=0x7f0ba7eeeec9 code=0x7ffc0000
[  104.790409][   T37] audit: type=1326 audit(1759079826.806:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6002 comm="syz.0.13" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ba7eeeec9 code=0x7ffc0000
[  104.790448][   T37] audit: type=1326 audit(1759079826.806:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6002 comm="syz.0.13" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f0ba7eeeec9 code=0x7ffc0000
[  104.979001][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  104.988345][  T999] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  104.988364][  T999] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  105.488421][ T6014] mmap: syz.1.15 (6014) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  105.669008][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  105.669051][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  105.669083][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  105.669116][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  105.669148][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  105.669180][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  105.669212][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  110.461945][ T5857] block nbd0: Receive control failed (result -32)
[  112.833124][ T6022] nbd0: detected capacity change from 0 to 127
[  112.984554][ T5902] block nbd0: Dead connection, failed to find a fallback
[  112.984581][ T5902] block nbd0: shutting down sockets
[  112.984675][ T5902] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  112.984749][ T5902] Buffer I/O error on dev nbd0, logical block 0, async page read
[  112.985073][ T5902] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  112.985096][ T5902] Buffer I/O error on dev nbd0, logical block 1, async page read
[  112.985244][ T5902] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  112.985266][ T5902] Buffer I/O error on dev nbd0, logical block 2, async page read
[  112.985411][ T5902] I/O error, dev nbd0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  112.985431][ T5902] Buffer I/O error on dev nbd0, logical block 3, async page read
[  112.986472][ T5902] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  112.986496][ T5902] Buffer I/O error on dev nbd0, logical block 0, async page read
[  112.986651][ T5902] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  112.986672][ T5902] Buffer I/O error on dev nbd0, logical block 1, async page read
[  112.986816][ T5902] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  112.986837][ T5902] Buffer I/O error on dev nbd0, logical block 2, async page read
[  112.986980][ T5902] I/O error, dev nbd0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  112.987009][ T5902] Buffer I/O error on dev nbd0, logical block 3, async page read
[  112.987166][ T5902] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  112.987187][ T5902] Buffer I/O error on dev nbd0, logical block 0, async page read
[  112.987337][ T5902] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  112.987357][ T5902] Buffer I/O error on dev nbd0, logical block 1, async page read
[  113.227899][ T5902] ldm_validate_partition_table(): Disk read failed.
[  113.271577][ T5902] Dev nbd0: unable to read RDB block 0
[  113.275144][ T5902]  nbd0: unable to read partition table
[  113.375515][ T5902] ldm_validate_partition_table(): Disk read failed.
[  113.378226][ T5902] Dev nbd0: unable to read RDB block 0
[  113.467577][ T5902]  nbd0: unable to read partition table
[  113.480232][ T6041] netlink: 8 bytes leftover after parsing attributes in process `syz.0.19'.
[  113.787588][ T6052] 9pnet_fd: Insufficient options for proto=fd
[  113.995623][ T6056] netlink: 4 bytes leftover after parsing attributes in process `syz.3.22'.
[  114.120022][ T6057] netlink: 'syz.3.22': attribute type 12 has an invalid length.
[  114.892183][ T6057] netlink: 40 bytes leftover after parsing attributes in process `syz.3.22'.
[  114.892218][ T6057] netlink: 40 bytes leftover after parsing attributes in process `syz.3.22'.
[  114.892943][ T6057] A link change request failed with some changes committed already. Interface ip6_vti0 may have been left with an inconsistent configuration, please check.
[  115.020239][ T5854] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  115.220997][ T5854] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  115.221046][ T5854] usb 2-1: New USB device found, idVendor=05ac, idProduct=0323, bcdDevice= 0.00
[  115.221066][ T5854] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  115.525987][ T5854] usb 2-1: config 0 descriptor??
[  116.033462][ T5854] magicmouse 0003:05AC:0323.0001: item fetching failed at offset 5/7
[  116.034297][ T5854] magicmouse 0003:05AC:0323.0001: magicmouse hid parse failed
[  116.034401][ T5854] magicmouse 0003:05AC:0323.0001: probe with driver magicmouse failed with error -22
[  116.193635][ T6052] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  116.194244][ T6052] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  116.212313][ T6052] netlink: 'syz.1.23': attribute type 1 has an invalid length.
[  116.220763][ T5852] usb 5-1: new low-speed USB device number 2 using dummy_hcd
[  116.257491][ T5854] usb 2-1: USB disconnect, device number 2
[  116.349328][    T9] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  116.389710][ T5852] usb 5-1: Invalid ep0 maxpacket: 32
[  116.519059][    T9] usb 4-1: Using ep0 maxpacket: 32
[  116.522370][    T9] usb 4-1: New USB device found, idVendor=2040, idProduct=c602, bcdDevice= 1.8e
[  116.522397][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  116.529383][ T5852] usb 5-1: new low-speed USB device number 3 using dummy_hcd
[  116.565608][    T9] usb 4-1: config 0 descriptor??
[  116.599956][    T9] usb 4-1: dvb_usb_v2: found a 'HCW 126xxx' in warm state
[  116.627021][    T9] usb 4-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  116.627921][    T9] dvbdev: DVB: registering new adapter (HCW 126xxx)
[  116.627996][    T9] usb 4-1: media controller created
[  116.681950][ T5852] usb 5-1: Invalid ep0 maxpacket: 32
[  116.684182][ T5852] usb usb5-port1: attempt power cycle
[  116.735019][    T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  116.793749][ T6068] warning: `syz.3.26' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  116.847139][    T9] usb 4-1: selecting invalid altsetting 1
[  116.847162][    T9] set interface failed
[  116.847602][    T9] usb 4-1: dvb_usb_v2: usb_bulk_msg() failed=-22
[  116.847628][    T9] error writing reg: 0xff, val: 0x00
[  116.876471][ T6072] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  116.876996][ T6072] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  116.978281][    T9] dvb_usb_mxl111sf 4-1:0.0: probe with driver dvb_usb_mxl111sf failed with error -22
[  116.980446][ T6068] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  117.029850][ T5852] usb 5-1: new low-speed USB device number 4 using dummy_hcd
[  117.051379][ T5852] usb 5-1: Invalid ep0 maxpacket: 32
[  117.082946][ T6072] 9pnet: Could not find request transport: vd
[  117.189164][ T5852] usb 5-1: new low-speed USB device number 5 using dummy_hcd
[  117.212248][ T5852] usb 5-1: Invalid ep0 maxpacket: 32
[  117.212605][ T5852] usb usb5-port1: unable to enumerate USB device
[  117.249150][ T5852] usb 4-1: USB disconnect, device number 2
[  117.559179][ T5854] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  117.640938][ T6085] FAULT_INJECTION: forcing a failure.
[  117.640938][ T6085] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  117.640993][ T6085] CPU: 1 UID: 0 PID: 6085 Comm: syz.2.31 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  117.641013][ T6085] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  117.641033][ T6085] Call Trace:
[  117.641040][ T6085]  <TASK>
[  117.641048][ T6085]  dump_stack_lvl+0x189/0x250
[  117.641083][ T6085]  ? __pfx____ratelimit+0x10/0x10
[  117.641107][ T6085]  ? __pfx_dump_stack_lvl+0x10/0x10
[  117.641130][ T6085]  ? __pfx__printk+0x10/0x10
[  117.641150][ T6085]  ? __might_fault+0xb0/0x130
[  117.641182][ T6085]  should_fail_ex+0x46c/0x600
[  117.641211][ T6085]  _copy_to_iter+0x1de/0x1790
[  117.641241][ T6085]  ? __pfx___ldsem_down_read_nested+0x10/0x10
[  117.641264][ T6085]  ? __pfx__copy_to_iter+0x10/0x10
[  117.641281][ T6085]  ? __pfx_woken_wake_function+0x10/0x10
[  117.641306][ T6085]  ? __lock_acquire+0xab9/0xd20
[  117.641335][ T6085]  tty_read+0x29e/0x690
[  117.641359][ T6085]  ? __pfx_tty_read+0x10/0x10
[  117.641384][ T6085]  ? __lock_acquire+0xab9/0xd20
[  117.641414][ T6085]  do_iter_readv_writev+0x62e/0x8d0
[  117.641443][ T6085]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  117.641475][ T6085]  ? rw_verify_area+0x2ac/0x4e0
[  117.641496][ T6085]  vfs_readv+0x259/0x850
[  117.641525][ T6085]  ? __pfx_vfs_readv+0x10/0x10
[  117.641564][ T6085]  ? __fget_files+0x2a/0x420
[  117.641591][ T6085]  ? __fget_files+0x3a6/0x420
[  117.641611][ T6085]  ? __fget_files+0x2a/0x420
[  117.641642][ T6085]  do_readv+0x153/0x2d0
[  117.641667][ T6085]  ? __pfx_do_readv+0x10/0x10
[  117.641688][ T6085]  ? rcu_is_watching+0x15/0xb0
[  117.641716][ T6085]  ? do_syscall_64+0xbe/0x3b0
[  117.641749][ T6085]  do_syscall_64+0xfa/0x3b0
[  117.641765][ T6085]  ? lockdep_hardirqs_on+0x9c/0x150
[  117.641788][ T6085]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  117.641804][ T6085]  ? clear_bhb_loop+0x60/0xb0
[  117.641824][ T6085]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  117.641840][ T6085] RIP: 0033:0x7f38c52ceec9
[  117.641863][ T6085] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  117.641876][ T6085] RSP: 002b:00007f38c3536038 EFLAGS: 00000246 ORIG_RAX: 0000000000000013
[  117.641901][ T6085] RAX: ffffffffffffffda RBX: 00007f38c5525fa0 RCX: 00007f38c52ceec9
[  117.641914][ T6085] RDX: 0000000000000001 RSI: 0000200000000000 RDI: 0000000000000003
[  117.641924][ T6085] RBP: 00007f38c3536090 R08: 0000000000000000 R09: 0000000000000000
[  117.641934][ T6085] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  117.641943][ T6085] R13: 00007f38c5526038 R14: 00007f38c5525fa0 R15: 00007ffeb33023f8
[  117.641972][ T6085]  </TASK>
[  117.729295][ T5854] usb 1-1: Using ep0 maxpacket: 16
[  117.734262][ T5854] usb 1-1: unable to get BOS descriptor or descriptor too short
[  117.737401][ T5854] usb 1-1: config 9 has an invalid interface number: 48 but max is 0
[  117.737441][ T5854] usb 1-1: config 9 has no interface number 0
[  117.737474][ T5854] usb 1-1: config 9 interface 48 has no altsetting 0
[  117.769376][ T5854] usb 1-1: New USB device found, idVendor=0ac8, idProduct=c301, bcdDevice=f3.7b
[  117.769405][ T5854] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  117.769425][ T5854] usb 1-1: Product: syz
[  117.769438][ T5854] usb 1-1: Manufacturer: syz
[  117.769451][ T5854] usb 1-1: SerialNumber: syz
[  118.065808][ T5854] gspca_main: vc032x-2.14.0 probing 0ac8:c301
[  118.120494][ T6088] FAULT_INJECTION: forcing a failure.
[  118.120494][ T6088] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  118.120528][ T6088] CPU: 1 UID: 0 PID: 6088 Comm: syz.2.33 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  118.120548][ T6088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  118.120559][ T6088] Call Trace:
[  118.120566][ T6088]  <TASK>
[  118.120573][ T6088]  dump_stack_lvl+0x189/0x250
[  118.120605][ T6088]  ? __pfx____ratelimit+0x10/0x10
[  118.120630][ T6088]  ? __pfx_dump_stack_lvl+0x10/0x10
[  118.120652][ T6088]  ? __pfx__printk+0x10/0x10
[  118.120671][ T6088]  ? __might_fault+0xb0/0x130
[  118.120703][ T6088]  should_fail_ex+0x46c/0x600
[  118.120732][ T6088]  _copy_from_user+0x2d/0xb0
[  118.120754][ T6088]  ___sys_sendmsg+0x158/0x2a0
[  118.120776][ T6088]  ? __pfx____sys_sendmsg+0x10/0x10
[  118.120835][ T6088]  ? __fget_files+0x2a/0x420
[  118.120856][ T6088]  ? __fget_files+0x3a6/0x420
[  118.120889][ T6088]  __sys_sendmmsg+0x22d/0x430
[  118.120912][ T6088]  ? __pfx___sys_sendmmsg+0x10/0x10
[  118.120939][ T6088]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  118.120958][ T6088]  ? lock_release+0x2b5/0x3e0
[  118.120992][ T6088]  ? ksys_write+0x230/0x260
[  118.121015][ T6088]  ? __pfx_ksys_write+0x10/0x10
[  118.121033][ T6088]  ? rcu_is_watching+0x15/0xb0
[  118.121063][ T6088]  __x64_sys_sendmmsg+0xa0/0xc0
[  118.121083][ T6088]  do_syscall_64+0xfa/0x3b0
[  118.121099][ T6088]  ? lockdep_hardirqs_on+0x9c/0x150
[  118.121121][ T6088]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  118.121138][ T6088]  ? clear_bhb_loop+0x60/0xb0
[  118.121159][ T6088]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  118.121176][ T6088] RIP: 0033:0x7f38c52ceec9
[  118.121192][ T6088] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  118.121205][ T6088] RSP: 002b:00007f38c3536038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  118.121225][ T6088] RAX: ffffffffffffffda RBX: 00007f38c5525fa0 RCX: 00007f38c52ceec9
[  118.121238][ T6088] RDX: 0000000000000001 RSI: 0000200000000e40 RDI: 0000000000000003
[  118.121249][ T6088] RBP: 00007f38c3536090 R08: 0000000000000000 R09: 0000000000000000
[  118.121260][ T6088] R10: 0000000004000880 R11: 0000000000000246 R12: 0000000000000001
[  118.121271][ T6088] R13: 00007f38c5526038 R14: 00007f38c5525fa0 R15: 00007ffeb33023f8
[  118.121299][ T6088]  </TASK>
[  118.488861][ T5854] gspca_vc032x: reg_w err -71
[  118.488898][ T5854] gspca_vc032x: I2c Bus Busy Wait 00
[  118.488908][ T5854] gspca_vc032x: I2c Bus Busy Wait 00
[  118.488915][ T5854] gspca_vc032x: I2c Bus Busy Wait 00
[  118.488922][ T5854] gspca_vc032x: I2c Bus Busy Wait 00
[  118.489074][ T5854] gspca_vc032x: I2c Bus Busy Wait 00
[  118.489084][ T5854] gspca_vc032x: I2c Bus Busy Wait 00
[  118.489092][ T5854] gspca_vc032x: I2c Bus Busy Wait 00
[  118.489099][ T5854] gspca_vc032x: I2c Bus Busy Wait 00
[  118.489107][ T5854] gspca_vc032x: I2c Bus Busy Wait 00
[  118.489116][ T5854] gspca_vc032x: I2c Bus Busy Wait 00
[  118.489124][ T5854] gspca_vc032x: I2c Bus Busy Wait 00
[  118.489132][ T5854] gspca_vc032x: I2c Bus Busy Wait 00
[  118.489140][ T5854] gspca_vc032x: I2c Bus Busy Wait 00
[  118.489148][ T5854] gspca_vc032x: I2c Bus Busy Wait 00
[  118.489157][ T5854] gspca_vc032x: I2c Bus Busy Wait 00
[  118.489165][ T5854] gspca_vc032x: I2c Bus Busy Wait 00
[  118.489173][ T5854] gspca_vc032x: I2c Bus Busy Wait 00
[  118.489181][ T5854] gspca_vc032x: I2c Bus Busy Wait 00
[  118.489189][ T5854] gspca_vc032x: I2c Bus Busy Wait 00
[  118.489196][ T5854] gspca_vc032x: Unknown sensor...
[  118.489280][ T5854] vc032x 1-1:9.48: probe with driver vc032x failed with error -22
[  118.733822][ T5854] usb 1-1: USB disconnect, device number 2
[  119.571258][ T6118] 9pnet_fd: Insufficient options for proto=fd
[  119.620482][ T6016] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  119.660632][ T6120] FAULT_INJECTION: forcing a failure.
[  119.660632][ T6120] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  119.660653][ T6120] CPU: 1 UID: 0 PID: 6120 Comm: syz.2.40 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  119.660664][ T6120] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  119.660670][ T6120] Call Trace:
[  119.660674][ T6120]  <TASK>
[  119.660679][ T6120]  dump_stack_lvl+0x189/0x250
[  119.660698][ T6120]  ? __pfx____ratelimit+0x10/0x10
[  119.660714][ T6120]  ? __pfx_dump_stack_lvl+0x10/0x10
[  119.660727][ T6120]  ? __pfx__printk+0x10/0x10
[  119.660738][ T6120]  ? __might_fault+0xb0/0x130
[  119.660758][ T6120]  should_fail_ex+0x46c/0x600
[  119.660774][ T6120]  _copy_from_user+0x2d/0xb0
[  119.660787][ T6120]  core_sys_select+0x4b9/0xa20
[  119.660806][ T6120]  ? __pfx_core_sys_select+0x10/0x10
[  119.660831][ T6120]  ? __pfx_set_user_sigmask+0x10/0x10
[  119.660843][ T6120]  ? rt_mutex_slowunlock+0x1be/0x2e0
[  119.660855][ T6120]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  119.660870][ T6120]  __se_sys_pselect6+0x27a/0x300
[  119.660889][ T6120]  ? __pfx___se_sys_pselect6+0x10/0x10
[  119.660901][ T6120]  ? __pfx_ksys_write+0x10/0x10
[  119.660912][ T6120]  ? rcu_is_watching+0x15/0xb0
[  119.660929][ T6120]  ? __x64_sys_pselect6+0x21/0xf0
[  119.660944][ T6120]  do_syscall_64+0xfa/0x3b0
[  119.660959][ T6120]  ? lockdep_hardirqs_on+0x9c/0x150
[  119.660981][ T6120]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  119.660997][ T6120]  ? clear_bhb_loop+0x60/0xb0
[  119.661016][ T6120]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  119.661033][ T6120] RIP: 0033:0x7f38c52ceec9
[  119.661046][ T6120] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  119.661059][ T6120] RSP: 002b:00007f38c3536038 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
[  119.661077][ T6120] RAX: ffffffffffffffda RBX: 00007f38c5525fa0 RCX: 00007f38c52ceec9
[  119.661089][ T6120] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000040
[  119.661100][ T6120] RBP: 00007f38c3536090 R08: 0000000000000000 R09: 0000000000000000
[  119.661109][ T6120] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000000000000001
[  119.661119][ T6120] R13: 00007f38c5526038 R14: 00007f38c5525fa0 R15: 00007ffeb33023f8
[  119.661147][ T6120]  </TASK>
[  119.794303][ T6016] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  119.794349][ T6016] usb 5-1: New USB device found, idVendor=05ac, idProduct=0323, bcdDevice= 0.00
[  119.794371][ T6016] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  119.809041][   T44] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  119.967110][   T44] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  119.967159][   T44] usb 1-1: New USB device found, idVendor=05ac, idProduct=0323, bcdDevice= 0.00
[  119.967181][   T44] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  120.037378][ T6016] usb 5-1: config 0 descriptor??
[  120.137618][   T44] usb 1-1: config 0 descriptor??
[  120.318102][ T6126] openvswitch: netlink: Key type 784 is out of range max 32
[  120.348720][ T6126] tmpfs: Bad value for 'mpol'
[  120.559856][    C0] vkms_vblank_simulate: vblank timer overrun
[  120.602333][ T6016] magicmouse 0003:05AC:0323.0002: item fetching failed at offset 5/7
[  120.603729][ T6016] magicmouse 0003:05AC:0323.0002: magicmouse hid parse failed
[  120.603809][ T6016] magicmouse 0003:05AC:0323.0002: probe with driver magicmouse failed with error -22
[  120.790811][    C0] vkms_vblank_simulate: vblank timer overrun
[  120.820127][    C0] vkms_vblank_simulate: vblank timer overrun
[  120.883472][    C0] vkms_vblank_simulate: vblank timer overrun
[  121.110788][ T6113] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  121.117349][ T6113] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  121.152295][ T6113] netlink: 'syz.4.37': attribute type 1 has an invalid length.
[  121.156491][ T6016] usb 5-1: USB disconnect, device number 6
[  121.409662][   T44] magicmouse 0003:05AC:0323.0003: item fetching failed at offset 5/7
[  121.410478][   T44] magicmouse 0003:05AC:0323.0003: magicmouse hid parse failed
[  121.410580][   T44] magicmouse 0003:05AC:0323.0003: probe with driver magicmouse failed with error -22
[  121.595412][ T6138] Zero length message leads to an empty skb
[  121.627730][ T6118] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  121.628272][ T6118] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  121.643918][ T6118] netlink: 'syz.0.39': attribute type 1 has an invalid length.
[  121.649833][   T44] usb 1-1: USB disconnect, device number 3
[  121.837430][    C0] vkms_vblank_simulate: vblank timer overrun
[  122.051055][    C0] vkms_vblank_simulate: vblank timer overrun
[  122.205030][    C0] vkms_vblank_simulate: vblank timer overrun
[  122.321997][    C0] vkms_vblank_simulate: vblank timer overrun
[  122.511488][    C0] vkms_vblank_simulate: vblank timer overrun
[  122.578314][    C0] vkms_vblank_simulate: vblank timer overrun
[  122.952193][ T6150] FAULT_INJECTION: forcing a failure.
[  122.952193][ T6150] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  122.952225][ T6150] CPU: 1 UID: 0 PID: 6150 Comm: syz.0.48 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  122.952253][ T6150] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  122.952264][ T6150] Call Trace:
[  122.952271][ T6150]  <TASK>
[  122.952279][ T6150]  dump_stack_lvl+0x189/0x250
[  122.952308][ T6150]  ? __pfx____ratelimit+0x10/0x10
[  122.952341][ T6150]  ? __pfx_dump_stack_lvl+0x10/0x10
[  122.952363][ T6150]  ? __pfx__printk+0x10/0x10
[  122.952382][ T6150]  ? __might_fault+0xb0/0x130
[  122.952416][ T6150]  should_fail_ex+0x46c/0x600
[  122.952443][ T6150]  copy_fpstate_to_sigframe+0xa7d/0xce0
[  122.952473][ T6150]  ? __pfx_copy_fpstate_to_sigframe+0x10/0x10
[  122.952494][ T6150]  ? do_raw_spin_lock+0x121/0x290
[  122.952517][ T6150]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  122.952547][ T6150]  ? fpu__alloc_mathframe+0xad/0x130
[  122.952570][ T6150]  get_sigframe+0x58d/0x7d0
[  122.952592][ T6150]  ? __pfx_get_sigframe+0x10/0x10
[  122.952610][ T6150]  ? rt_mutex_slowunlock+0x493/0x8a0
[  122.952637][ T6150]  ? rt_spin_lock+0x1bb/0x2c0
[  122.952658][ T6150]  x64_setup_rt_frame+0x15c/0xd40
[  122.952674][ T6150]  ? rt_spin_unlock+0x65/0x80
[  122.952694][ T6150]  ? get_signal+0x1122/0x1310
[  122.952716][ T6150]  ? __pfx_x64_setup_rt_frame+0x10/0x10
[  122.952738][ T6150]  arch_do_signal_or_restart+0x3dc/0x750
[  122.952758][ T6150]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  122.952785][ T6150]  ? exit_to_user_mode_loop+0x40/0x110
[  122.952805][ T6150]  exit_to_user_mode_loop+0x75/0x110
[  122.952822][ T6150]  do_syscall_64+0x2bd/0x3b0
[  122.952833][ T6150]  ? lockdep_hardirqs_on+0x9c/0x150
[  122.952852][ T6150]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  122.952866][ T6150]  ? clear_bhb_loop+0x60/0xb0
[  122.952882][ T6150]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  122.952894][ T6150] RIP: 0033:0x7f0ba7eeeec7
[  122.952907][ T6150] Code: ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 <0f> 05 48 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89
[  122.952917][ T6150] RSP: 002b:00007f0ba614e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  122.952932][ T6150] RAX: 0000000000000000 RBX: 00007f0ba8145fa0 RCX: 00007f0ba7eeeec9
[  122.952941][ T6150] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[  122.952949][ T6150] RBP: 00007f0ba614e090 R08: 0000000000000000 R09: 0000000000000000
[  122.952957][ T6150] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  122.952964][ T6150] R13: 00007f0ba8146038 R14: 00007f0ba8145fa0 R15: 00007ffd28f96628
[  122.952986][ T6150]  </TASK>
[  123.520650][ T6158] FAULT_INJECTION: forcing a failure.
[  123.520650][ T6158] name failslab, interval 1, probability 0, space 0, times 1
[  123.520682][ T6158] CPU: 1 UID: 0 PID: 6158 Comm: syz.4.45 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  123.520703][ T6158] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  123.520713][ T6158] Call Trace:
[  123.520720][ T6158]  <TASK>
[  123.520728][ T6158]  dump_stack_lvl+0x189/0x250
[  123.520757][ T6158]  ? __pfx____ratelimit+0x10/0x10
[  123.520782][ T6158]  ? __pfx_dump_stack_lvl+0x10/0x10
[  123.520805][ T6158]  ? __pfx__printk+0x10/0x10
[  123.520829][ T6158]  ? __pfx___might_resched+0x10/0x10
[  123.520849][ T6158]  ? fs_reclaim_acquire+0x7d/0x100
[  123.520870][ T6158]  should_fail_ex+0x46c/0x600
[  123.520907][ T6158]  should_failslab+0xa8/0x100
[  123.520932][ T6158]  __kmalloc_cache_noprof+0x6e/0x320
[  123.520953][ T6158]  ? do_mq_timedreceive+0x3bf/0xb00
[  123.520979][ T6158]  do_mq_timedreceive+0x3bf/0xb00
[  123.521010][ T6158]  ? __pfx_do_mq_timedreceive+0x10/0x10
[  123.521029][ T6158]  ? try_to_take_rt_mutex+0x7fd/0xac0
[  123.521054][ T6158]  ? rt_mutex_slowunlock+0x1be/0x2e0
[  123.521091][ T6158]  __x64_sys_mq_timedreceive+0x172/0x210
[  123.521115][ T6158]  ? __pfx___x64_sys_mq_timedreceive+0x10/0x10
[  123.521141][ T6158]  ? do_syscall_64+0xbe/0x3b0
[  123.521162][ T6158]  do_syscall_64+0xfa/0x3b0
[  123.521180][ T6158]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.521196][ T6158]  ? asm_sysvec_call_function_single+0x1a/0x20
[  123.521213][ T6158]  ? clear_bhb_loop+0x60/0xb0
[  123.521234][ T6158]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.521250][ T6158] RIP: 0033:0x7f533fddeec9
[  123.521266][ T6158] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  123.521280][ T6158] RSP: 002b:00007f533dffc038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f3
[  123.521299][ T6158] RAX: ffffffffffffffda RBX: 00007f5340036180 RCX: 00007f533fddeec9
[  123.521312][ T6158] RDX: 0000000000000053 RSI: 00002000000003c0 RDI: 0000000000000006
[  123.521323][ T6158] RBP: 00007f533dffc090 R08: 0000000000000000 R09: 0000000000000000
[  123.521341][ T6158] R10: 8000000000002003 R11: 0000000000000246 R12: 0000000000000001
[  123.521352][ T6158] R13: 00007f5340036218 R14: 00007f5340036180 R15: 00007ffd9b9b7d78
[  123.521381][ T6158]  </TASK>
[  123.551941][    C0] vkms_vblank_simulate: vblank timer overrun
[  124.581883][ T6016] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  125.421592][   T44] hid-generic 0001:0009:0001.0004: item fetching failed at offset 0/4
[  125.422356][   T44] hid-generic 0001:0009:0001.0004: probe with driver hid-generic failed with error -22
[  125.533743][ T6016] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  125.533790][ T6016] usb 1-1: New USB device found, idVendor=044e, idProduct=121e, bcdDevice= 0.00
[  125.533811][ T6016] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  125.551413][ T6016] usb 1-1: config 0 descriptor??
[  125.639115][ T5854] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  126.453201][ T6016] hid-alps 0003:044E:121E.0005: unknown main item tag 0x0
[  126.453850][ T6016] hid-alps 0003:044E:121E.0005: unknown main item tag 0x0
[  126.454332][ T6016] hid-alps 0003:044E:121E.0005: unknown main item tag 0x0
[  126.454802][ T6016] hid-alps 0003:044E:121E.0005: unknown main item tag 0x0
[  126.455183][ T6016] hid-alps 0003:044E:121E.0005: unknown main item tag 0x0
[  126.455747][ T6016] hid-alps 0003:044E:121E.0005: unknown main item tag 0x0
[  126.456255][ T6016] hid-alps 0003:044E:121E.0005: unknown main item tag 0x0
[  126.549025][ T6016] hid-alps 0003:044E:121E.0005: hidraw0: USB HID v0.05 Device [HID 044e:121e] on usb-dummy_hcd.0-1/input0
[  126.659207][ T6183] binder: BINDER_SET_CONTEXT_MGR already set
[  126.659221][ T6183] binder: 6168:6183 ioctl 4018620d 200000000040 returned -16
[  126.742125][ T5854] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xA1, changing to 0x81
[  126.742155][ T5854] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  126.742179][ T5854] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  126.742213][ T5854] usb 2-1: New USB device found, idVendor=054c, idProduct=024b, bcdDevice= 0.00
[  126.742234][ T5854] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  126.831857][ T5854] usb 2-1: config 0 descriptor??
[  127.190561][ T6198] 9pnet_fd: Insufficient options for proto=fd
[  127.234866][ T5852] usb 1-1: USB disconnect, device number 4
[  127.280550][ T6190] kernel profiling enabled (shift: 63)
[  127.280563][ T6190] profiling shift: 63 too large
[  127.346696][ T6186] fido_id[6186]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:044E:121E.0005/report_descriptor': No such file or directory
[  127.361399][ T5854] sony 0003:054C:024B.0006: unexpected long global item
[  127.362206][ T5854] sony 0003:054C:024B.0006: parse failed
[  127.362305][ T5854] sony 0003:054C:024B.0006: probe with driver sony failed with error -22
[  127.627337][ T6016] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  127.977890][ T6016] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  127.978137][ T6016] usb 4-1: New USB device found, idVendor=05ac, idProduct=0323, bcdDevice= 0.00
[  127.978184][ T6016] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  128.521995][ T6016] usb 4-1: config 0 descriptor??
[  128.681099][ T6208] netlink: 'syz.0.62': attribute type 3 has an invalid length.
[  128.887050][ T6212] FAULT_INJECTION: forcing a failure.
[  128.887050][ T6212] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  128.887083][ T6212] CPU: 1 UID: 0 PID: 6212 Comm: syz.2.63 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  128.887103][ T6212] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  128.887114][ T6212] Call Trace:
[  128.887121][ T6212]  <TASK>
[  128.887129][ T6212]  dump_stack_lvl+0x189/0x250
[  128.887156][ T6212]  ? __pfx____ratelimit+0x10/0x10
[  128.887181][ T6212]  ? __pfx_dump_stack_lvl+0x10/0x10
[  128.887203][ T6212]  ? __pfx__printk+0x10/0x10
[  128.887222][ T6212]  ? __might_fault+0xb0/0x130
[  128.887256][ T6212]  should_fail_ex+0x46c/0x600
[  128.887286][ T6212]  _copy_from_user+0x2d/0xb0
[  128.887307][ T6212]  ___sys_sendmsg+0x158/0x2a0
[  128.887329][ T6212]  ? __pfx____sys_sendmsg+0x10/0x10
[  128.887382][ T6212]  ? __fget_files+0x2a/0x420
[  128.887411][ T6212]  ? __fget_files+0x3a6/0x420
[  128.887443][ T6212]  __x64_sys_sendmsg+0x1a1/0x260
[  128.887464][ T6212]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  128.887492][ T6212]  ? __pfx_ksys_write+0x10/0x10
[  128.887511][ T6212]  ? rcu_is_watching+0x15/0xb0
[  128.887540][ T6212]  ? do_syscall_64+0xbe/0x3b0
[  128.887560][ T6212]  do_syscall_64+0xfa/0x3b0
[  128.887574][ T6212]  ? lockdep_hardirqs_on+0x9c/0x150
[  128.887598][ T6212]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  128.887615][ T6212]  ? clear_bhb_loop+0x60/0xb0
[  128.887636][ T6212]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  128.887652][ T6212] RIP: 0033:0x7f38c52ceec9
[  128.887668][ T6212] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  128.887681][ T6212] RSP: 002b:00007f38c3536038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  128.887700][ T6212] RAX: ffffffffffffffda RBX: 00007f38c5525fa0 RCX: 00007f38c52ceec9
[  128.887713][ T6212] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  128.887724][ T6212] RBP: 00007f38c3536090 R08: 0000000000000000 R09: 0000000000000000
[  128.887734][ T6212] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  128.887745][ T6212] R13: 00007f38c5526038 R14: 00007f38c5525fa0 R15: 00007ffeb33023f8
[  128.887774][ T6212]  </TASK>
[  129.114059][ T6215] overlayfs: failed to resolve './file0': -2
[  129.143064][ T6016] magicmouse 0003:05AC:0323.0007: item fetching failed at offset 5/7
[  129.143942][ T6198] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  129.144495][ T6198] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  129.144949][ T6016] magicmouse 0003:05AC:0323.0007: magicmouse hid parse failed
[  129.145075][ T6016] magicmouse 0003:05AC:0323.0007: probe with driver magicmouse failed with error -22
[  129.161999][ T6198] netlink: 'syz.3.59': attribute type 1 has an invalid length.
[  129.233811][ T6016] usb 4-1: USB disconnect, device number 3
[  129.243787][ T6217] FAULT_INJECTION: forcing a failure.
[  129.243787][ T6217] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  129.243818][ T6217] CPU: 1 UID: 0 PID: 6217 Comm: syz.4.66 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  129.243838][ T6217] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  129.243848][ T6217] Call Trace:
[  129.243855][ T6217]  <TASK>
[  129.243862][ T6217]  dump_stack_lvl+0x189/0x250
[  129.243891][ T6217]  ? __pfx____ratelimit+0x10/0x10
[  129.243915][ T6217]  ? __pfx_dump_stack_lvl+0x10/0x10
[  129.243941][ T6217]  ? __pfx__printk+0x10/0x10
[  129.243960][ T6217]  ? __might_fault+0xb0/0x130
[  129.243996][ T6217]  should_fail_ex+0x46c/0x600
[  129.244025][ T6217]  _copy_from_user+0x2d/0xb0
[  129.244046][ T6217]  ___sys_sendmsg+0x158/0x2a0
[  129.244072][ T6217]  ? __pfx____sys_sendmsg+0x10/0x10
[  129.244122][ T6217]  ? __fget_files+0x2a/0x420
[  129.244144][ T6217]  ? __fget_files+0x3a6/0x420
[  129.244194][ T6217]  __x64_sys_sendmsg+0x1a1/0x260
[  129.244214][ T6217]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  129.244240][ T6217]  ? __pfx_ksys_write+0x10/0x10
[  129.244258][ T6217]  ? rcu_is_watching+0x15/0xb0
[  129.244287][ T6217]  ? do_syscall_64+0xbe/0x3b0
[  129.244307][ T6217]  do_syscall_64+0xfa/0x3b0
[  129.244322][ T6217]  ? lockdep_hardirqs_on+0x9c/0x150
[  129.244345][ T6217]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  129.244361][ T6217]  ? clear_bhb_loop+0x60/0xb0
[  129.244381][ T6217]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  129.244400][ T6217] RIP: 0033:0x7f533fddeec9
[  129.244416][ T6217] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  129.244429][ T6217] RSP: 002b:00007f533e03e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  129.244447][ T6217] RAX: ffffffffffffffda RBX: 00007f5340035fa0 RCX: 00007f533fddeec9
[  129.244460][ T6217] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003
[  129.244471][ T6217] RBP: 00007f533e03e090 R08: 0000000000000000 R09: 0000000000000000
[  129.244481][ T6217] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  129.244491][ T6217] R13: 00007f5340036038 R14: 00007f5340035fa0 R15: 00007ffd9b9b7d78
[  129.244519][ T6217]  </TASK>
[  129.674442][ T5854] usb 2-1: USB disconnect, device number 3
[  129.899469][ T5852] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  130.200805][ T5852] usb 1-1: Using ep0 maxpacket: 16
[  130.202854][ T5852] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  130.202887][ T5852] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  130.202911][ T5852] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  130.202922][ T5852] usb 1-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  130.203998][ T5852] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  130.204013][ T5852] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  130.204023][ T5852] usb 1-1: SerialNumber: syz
[  130.327483][ T5852] hub 1-1:1.0: bad descriptor, ignoring hub
[  130.327507][ T5852] hub 1-1:1.0: probe with driver hub failed with error -5
[  130.479862][ T5852] cdc_ether 1-1:1.0: probe with driver cdc_ether failed with error -22
[  130.585586][ T6235] FAULT_INJECTION: forcing a failure.
[  130.585586][ T6235] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  130.585610][ T6235] CPU: 1 UID: 0 PID: 6235 Comm: syz.3.70 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  130.585631][ T6235] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  130.585641][ T6235] Call Trace:
[  130.585645][ T6235]  <TASK>
[  130.585649][ T6235]  dump_stack_lvl+0x189/0x250
[  130.585669][ T6235]  ? __pfx____ratelimit+0x10/0x10
[  130.585684][ T6235]  ? __pfx_dump_stack_lvl+0x10/0x10
[  130.585698][ T6235]  ? __pfx__printk+0x10/0x10
[  130.585716][ T6235]  should_fail_ex+0x46c/0x600
[  130.585733][ T6235]  _copy_to_user+0x31/0xb0
[  130.585747][ T6235]  simple_read_from_buffer+0xe1/0x170
[  130.585763][ T6235]  proc_fail_nth_read+0x1b6/0x220
[  130.585775][ T6235]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  130.585788][ T6235]  ? rw_verify_area+0x2ac/0x4e0
[  130.585805][ T6235]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  130.585821][ T6235]  vfs_read+0x203/0xa30
[  130.585847][ T6235]  ? __pfx_vfs_read+0x10/0x10
[  130.585862][ T6235]  ? try_to_take_rt_mutex+0x7fd/0xac0
[  130.585891][ T6235]  ? mutex_lock_nested+0x154/0x1d0
[  130.585908][ T6235]  ? fdget_pos+0x253/0x320
[  130.585936][ T6235]  ksys_read+0x14b/0x260
[  130.585953][ T6235]  ? __fget_files+0x3a6/0x420
[  130.585977][ T6235]  ? __pfx_ksys_read+0x10/0x10
[  130.586002][ T6235]  ? do_syscall_64+0xbe/0x3b0
[  130.586021][ T6235]  do_syscall_64+0xfa/0x3b0
[  130.586031][ T6235]  ? lockdep_hardirqs_on+0x9c/0x150
[  130.586045][ T6235]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  130.586054][ T6235]  ? clear_bhb_loop+0x60/0xb0
[  130.586066][ T6235]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  130.586075][ T6235] RIP: 0033:0x7f68c809d8dc
[  130.586085][ T6235] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  130.586093][ T6235] RSP: 002b:00007f68c62e5030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  130.586105][ T6235] RAX: ffffffffffffffda RBX: 00007f68c82f6090 RCX: 00007f68c809d8dc
[  130.586112][ T6235] RDX: 000000000000000f RSI: 00007f68c62e50a0 RDI: 0000000000000004
[  130.586118][ T6235] RBP: 00007f68c62e5090 R08: 0000000000000000 R09: 0000000000000000
[  130.586124][ T6235] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  130.586129][ T6235] R13: 00007f68c82f6128 R14: 00007f68c82f6090 R15: 00007fff548d6b68
[  130.586145][ T6235]  </TASK>
[  130.897090][ T6210] netlink: 'syz.0.64': attribute type 3 has an invalid length.
[  131.009509][ T5852] usb 1-1: USB disconnect, device number 5
[  131.142917][ T6233] tty tty1: ldisc open failed (-12), clearing slot 0
[  131.516861][ T6253] overlayfs: failed to resolve './file0': -2
[  131.584674][ T6260] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  131.585193][ T6260] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  131.973883][ T6265] FAULT_INJECTION: forcing a failure.
[  131.973883][ T6265] name failslab, interval 1, probability 0, space 0, times 0
[  131.974016][ T6265] CPU: 1 UID: 0 PID: 6265 Comm: syz.1.78 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  131.974037][ T6265] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  131.974047][ T6265] Call Trace:
[  131.974053][ T6265]  <TASK>
[  131.974058][ T6265]  dump_stack_lvl+0x189/0x250
[  131.974077][ T6265]  ? __pfx____ratelimit+0x10/0x10
[  131.974092][ T6265]  ? __pfx_dump_stack_lvl+0x10/0x10
[  131.974105][ T6265]  ? __pfx__printk+0x10/0x10
[  131.974119][ T6265]  ? __pfx___might_resched+0x10/0x10
[  131.974136][ T6265]  ? fs_reclaim_acquire+0x7d/0x100
[  131.974156][ T6265]  should_fail_ex+0x46c/0x600
[  131.974185][ T6265]  should_failslab+0xa8/0x100
[  131.974208][ T6265]  __kmalloc_noprof+0xcb/0x430
[  131.974228][ T6265]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  131.974257][ T6265]  tomoyo_realpath_from_path+0xe3/0x5d0
[  131.974279][ T6265]  ? tomoyo_domain+0xda/0x130
[  131.974295][ T6265]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  131.974306][ T6265]  tomoyo_path_number_perm+0x1e8/0x5a0
[  131.974319][ T6265]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  131.974331][ T6265]  ? __pfx_rcu_preempt_deferred_qs_irqrestore+0x10/0x10
[  131.974363][ T6265]  ? __rcu_read_unlock+0x84/0xe0
[  131.974374][ T6265]  ? __fget_files+0x2a/0x420
[  131.974387][ T6265]  ? __fget_files+0x3a6/0x420
[  131.974399][ T6265]  ? __fget_files+0x2a/0x420
[  131.974413][ T6265]  security_file_ioctl+0xcb/0x2d0
[  131.974427][ T6265]  __se_sys_ioctl+0x47/0x170
[  131.974439][ T6265]  do_syscall_64+0xfa/0x3b0
[  131.974450][ T6265]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.974458][ T6265]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  131.974467][ T6265]  ? clear_bhb_loop+0x60/0xb0
[  131.974478][ T6265]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.974487][ T6265] RIP: 0033:0x7f3f0460eacb
[  131.974497][ T6265] Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 1c 48 8b 44 24 18 64 48 2b 04 25 28 00 00
[  131.974504][ T6265] RSP: 002b:00007f3f0282a490 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  131.974515][ T6265] RAX: ffffffffffffffda RBX: 00007f3f0282abe0 RCX: 00007f3f0460eacb
[  131.974522][ T6265] RDX: 00007f3f0282abe0 RSI: 000000004020ae46 RDI: 0000000000000004
[  131.974529][ T6265] RBP: 0000000000000004 R08: 0000000000000001 R09: 0000000000000048
[  131.974534][ T6265] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000001
[  131.974540][ T6265] R13: 0000200000fe8000 R14: 0000200000fe7000 R15: 00000000fec00000
[  131.974555][ T6265]  </TASK>
[  131.974591][ T6265] ERROR: Out of memory at tomoyo_realpath_from_path.
[  132.289141][   T10] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  132.439161][   T10] usb 4-1: device descriptor read/64, error -71
[  132.510638][ T6271] 9pnet_fd: Insufficient options for proto=fd
[  132.679392][   T10] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  132.849650][ T5852] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  132.977296][   T10] usb 4-1: device descriptor read/64, error -71
[  132.980603][ T1327] ieee802154 phy0 wpan0: encryption failed: -22
[  132.980706][ T1327] ieee802154 phy1 wpan1: encryption failed: -22
[  133.267385][ T6279] netlink: 20 bytes leftover after parsing attributes in process `syz.2.82'.
[  133.438890][ T5852] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  133.439294][ T5852] usb 5-1: New USB device found, idVendor=05ac, idProduct=0323, bcdDevice= 0.00
[  133.439342][ T5852] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  133.939242][   T10] usb usb4-port1: attempt power cycle
[  134.042857][ T5852] usb 5-1: config 0 descriptor??
[  134.160288][ T6278] netlink: 28 bytes leftover after parsing attributes in process `syz.1.83'.
[  134.160312][ T6278] A link change request failed with some changes committed already. Interface veth0_virt_wifi may have been left with an inconsistent configuration, please check.
[  134.169125][    T9] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  134.429833][   T10] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  134.534779][ T5852] magicmouse 0003:05AC:0323.0008: item fetching failed at offset 5/7
[  134.536470][ T5852] magicmouse 0003:05AC:0323.0008: magicmouse hid parse failed
[  134.542534][ T5852] magicmouse 0003:05AC:0323.0008: probe with driver magicmouse failed with error -22
[  134.790040][ T6271] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  134.820462][ T6271] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  134.964058][ T6271] netlink: 'syz.4.81': attribute type 1 has an invalid length.
[  135.080897][ T6060] usb 5-1: USB disconnect, device number 7
[  135.190297][    T9] usb 1-1: config 255 contains an unexpected descriptor of type 0x2, skipping
[  135.190324][    T9] usb 1-1: config 255 has an invalid descriptor of length 0, skipping remainder of the config
[  135.190342][    T9] usb 1-1: config 255 has 0 interfaces, different from the descriptor's value: 1
[  135.203736][    T9] usb 1-1: New USB device found, idVendor=041e, idProduct=3f19, bcdDevice=74.47
[  135.203763][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  136.379129][   T10] usb 4-1: device descriptor read/8, error -71
[  137.204638][    T9] usb 1-1: can't set config #255, error -71
[  137.207099][    T9] usb 1-1: USB disconnect, device number 6
[  137.525804][ T6289] kvm: kvm [6288]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x11e) = 0x100000000
[  137.525903][ T6289] kvm: kvm [6288]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0x11e) = 0xbe702111
[  137.528212][ T6289] kvm: kvm [6288]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x186) = 0x15
[  137.671594][ T6306] overlayfs: failed to resolve './file0': -2
[  137.851877][ T6308] FAULT_INJECTION: forcing a failure.
[  137.851877][ T6308] name failslab, interval 1, probability 0, space 0, times 0
[  137.851909][ T6308] CPU: 1 UID: 0 PID: 6308 Comm: syz.2.89 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  137.851929][ T6308] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  137.851940][ T6308] Call Trace:
[  137.851947][ T6308]  <TASK>
[  137.851955][ T6308]  dump_stack_lvl+0x189/0x250
[  137.851983][ T6308]  ? __pfx____ratelimit+0x10/0x10
[  137.852008][ T6308]  ? __pfx_dump_stack_lvl+0x10/0x10
[  137.852032][ T6308]  ? __pfx__printk+0x10/0x10
[  137.852057][ T6308]  ? __pfx___might_resched+0x10/0x10
[  137.852077][ T6308]  ? fs_reclaim_acquire+0x7d/0x100
[  137.852098][ T6308]  should_fail_ex+0x46c/0x600
[  137.852149][ T6308]  should_failslab+0xa8/0x100
[  137.852182][ T6308]  __kmalloc_noprof+0xcb/0x430
[  137.852203][ T6308]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  137.852237][ T6308]  tomoyo_realpath_from_path+0xe3/0x5d0
[  137.852262][ T6308]  ? tomoyo_domain+0xda/0x130
[  137.852291][ T6308]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  137.852311][ T6308]  tomoyo_path_number_perm+0x1e8/0x5a0
[  137.852335][ T6308]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  137.852359][ T6308]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  137.852384][ T6308]  ? lockdep_hardirqs_on+0x9c/0x150
[  137.852414][ T6308]  ? __lock_acquire+0xab9/0xd20
[  137.852456][ T6308]  ? __fget_files+0x2a/0x420
[  137.852481][ T6308]  ? __fget_files+0x2a/0x420
[  137.852501][ T6308]  ? __fget_files+0x3a6/0x420
[  137.852521][ T6308]  ? __fget_files+0x2a/0x420
[  137.852547][ T6308]  security_file_ioctl+0xcb/0x2d0
[  137.852571][ T6308]  __se_sys_ioctl+0x47/0x170
[  137.852593][ T6308]  do_syscall_64+0xfa/0x3b0
[  137.852609][ T6308]  ? lockdep_hardirqs_on+0x9c/0x150
[  137.852632][ T6308]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  137.852650][ T6308]  ? clear_bhb_loop+0x60/0xb0
[  137.852677][ T6308]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  137.852694][ T6308] RIP: 0033:0x7f38c52ceec9
[  137.852710][ T6308] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  137.852724][ T6308] RSP: 002b:00007f38c3515038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  137.852743][ T6308] RAX: ffffffffffffffda RBX: 00007f38c5526090 RCX: 00007f38c52ceec9
[  137.852756][ T6308] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  137.852767][ T6308] RBP: 00007f38c3515090 R08: 0000000000000000 R09: 0000000000000000
[  137.852778][ T6308] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  137.852789][ T6308] R13: 00007f38c5526128 R14: 00007f38c5526090 R15: 00007ffeb33023f8
[  137.852818][ T6308]  </TASK>
[  137.852826][ T6308] ERROR: Out of memory at tomoyo_realpath_from_path.
[  137.863083][ T6308] kvm: kvm [6302]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x11e) = 0x100000000
[  137.863156][ T6308] kvm: kvm [6302]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0x11e) = 0xbe702111
[  137.865403][ T6308] kvm: kvm [6302]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x186) = 0x15
[  138.665522][   T31] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  138.821524][   T31] usb 1-1: config index 0 descriptor too short (expected 23569, got 27)
[  138.821561][   T31] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  138.823164][   T31] usb 1-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  138.823193][   T31] usb 1-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  138.823203][   T31] usb 1-1: Manufacturer: syz
[  138.879449][   T31] usb 1-1: config 0 descriptor??
[  138.979238][   T31] rc_core: IR keymap rc-hauppauge not found
[  138.979259][   T31] Registered IR keymap rc-empty
[  138.987219][   T31] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0
[  139.039272][   T31] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0/input5
[  139.063164][ T6324] FAULT_INJECTION: forcing a failure.
[  139.063164][ T6324] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  139.063190][ T6324] CPU: 0 UID: 0 PID: 6324 Comm: syz.2.95 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  139.063205][ T6324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  139.063213][ T6324] Call Trace:
[  139.063219][ T6324]  <TASK>
[  139.063224][ T6324]  dump_stack_lvl+0x189/0x250
[  139.063253][ T6324]  ? __pfx____ratelimit+0x10/0x10
[  139.063275][ T6324]  ? __pfx_dump_stack_lvl+0x10/0x10
[  139.063300][ T6324]  ? __pfx__printk+0x10/0x10
[  139.063319][ T6324]  ? __might_fault+0xb0/0x130
[  139.063351][ T6324]  should_fail_ex+0x46c/0x600
[  139.063379][ T6324]  _copy_from_user+0x2d/0xb0
[  139.063400][ T6324]  ___sys_sendmsg+0x158/0x2a0
[  139.063420][ T6324]  ? __pfx____sys_sendmsg+0x10/0x10
[  139.063469][ T6324]  ? __fget_files+0x2a/0x420
[  139.063489][ T6324]  ? __fget_files+0x3a6/0x420
[  139.063519][ T6324]  __x64_sys_sendmsg+0x1a1/0x260
[  139.063539][ T6324]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  139.063563][ T6324]  ? __pfx_ksys_write+0x10/0x10
[  139.063580][ T6324]  ? rcu_is_watching+0x15/0xb0
[  139.063608][ T6324]  ? do_syscall_64+0xbe/0x3b0
[  139.063628][ T6324]  do_syscall_64+0xfa/0x3b0
[  139.063642][ T6324]  ? lockdep_hardirqs_on+0x9c/0x150
[  139.063665][ T6324]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.063682][ T6324]  ? clear_bhb_loop+0x60/0xb0
[  139.063702][ T6324]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.063719][ T6324] RIP: 0033:0x7f38c52ceec9
[  139.063733][ T6324] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  139.063744][ T6324] RSP: 002b:00007f38c3536038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  139.063761][ T6324] RAX: ffffffffffffffda RBX: 00007f38c5525fa0 RCX: 00007f38c52ceec9
[  139.063772][ T6324] RDX: 0000000004008000 RSI: 0000200000000100 RDI: 0000000000000004
[  139.063782][ T6324] RBP: 00007f38c3536090 R08: 0000000000000000 R09: 0000000000000000
[  139.063792][ T6324] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  139.063802][ T6324] R13: 00007f38c5526038 R14: 00007f38c5525fa0 R15: 00007ffeb33023f8
[  139.063829][ T6324]  </TASK>
[  139.113048][    C1] igorplugusb 1-1:0.0: Error: urb status = -32
[  139.489782][ T6315] netlink: 'syz.0.92': attribute type 29 has an invalid length.
[  139.489799][ T6315] netlink: 8 bytes leftover after parsing attributes in process `syz.0.92'.
[  140.001393][   T31] usb 1-1: USB disconnect, device number 7
[  140.316903][ T6333] dummy0: entered promiscuous mode
[  140.317121][ T6333] macsec1: entered promiscuous mode
[  140.386415][ T6333] macsec1: entered allmulticast mode
[  140.386439][ T6333] dummy0: entered allmulticast mode
[  140.570261][ T6333] dummy0: left allmulticast mode
[  140.611238][ T6333] dummy0: left promiscuous mode
[  140.649174][ T6060] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  140.809117][ T6060] usb 3-1: Using ep0 maxpacket: 16
[  140.817469][ T6060] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  140.817500][ T6060] usb 3-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  140.817512][ T6060] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  140.857828][ T6060] usb 3-1: config 0 descriptor??
[  140.999088][   T31] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  141.104852][ T6338] 9pnet_fd: Insufficient options for proto=fd
[  141.149078][   T31] usb 1-1: Using ep0 maxpacket: 8
[  141.151875][   T31] usb 1-1: config 252 has an invalid interface number: 138 but max is 0
[  141.151891][   T31] usb 1-1: config 252 has no interface number 0
[  141.151919][   T31] usb 1-1: config 252 interface 138 altsetting 1 endpoint 0x5 has invalid maxpacket 512, setting to 64
[  141.151933][   T31] usb 1-1: config 252 interface 138 has no altsetting 0
[  141.151951][   T31] usb 1-1: New USB device found, idVendor=0424, idProduct=7801, bcdDevice=32.4b
[  141.152333][   T31] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  141.309485][ T6060] mcp2221 0003:04D8:00DD.0009: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.2-1/input0
[  141.873973][ T5910] usb 3-1: USB disconnect, device number 2
[  145.606413][ T6363] overlayfs: failed to resolve './file1': -2
[  145.930528][ T6371] Bluetooth: MGMT ver 1.23
[  145.930574][ T6371] Bluetooth: hci0: expected 2 bytes, got 7 bytes
[  145.944912][ T6370] Bluetooth: hci0: expected 2 bytes, got 7 bytes
[  147.250903][   T31] usb 1-1: string descriptor 0 read error: -32
[  148.472450][   T37] audit: type=1326 audit(1759079870.486:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6384 comm="syz.2.111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f38c52ceec9 code=0x7ffc0000
[  148.472484][   T37] audit: type=1326 audit(1759079870.516:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6384 comm="syz.2.111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f38c52ceec9 code=0x7ffc0000
[  148.530837][   T37] audit: type=1326 audit(1759079870.566:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6384 comm="syz.2.111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=47 compat=0 ip=0x7f38c52ceec9 code=0x7ffc0000
[  148.530889][   T37] audit: type=1326 audit(1759079870.576:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6384 comm="syz.2.111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f38c52ceec9 code=0x7ffc0000
[  148.530926][   T37] audit: type=1326 audit(1759079870.576:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6384 comm="syz.2.111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f38c52ceec9 code=0x7ffc0000
[  148.531651][   T37] audit: type=1326 audit(1759079870.576:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6384 comm="syz.2.111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f38c52ceec9 code=0x7ffc0000
[  148.747610][ T6390] netlink: 'syz.4.109': attribute type 1 has an invalid length.
[  148.747625][ T6390] nbd: error processing sock list
[  148.751423][ T6390] block nbd1: shutting down sockets
[  150.548698][ T6402] netlink: 84 bytes leftover after parsing attributes in process `syz.1.113'.
[  152.319513][   T44] usb 1-1: USB disconnect, device number 8
[  152.415944][ T6419] FAULT_INJECTION: forcing a failure.
[  152.415944][ T6419] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  152.415965][ T6419] CPU: 0 UID: 0 PID: 6419 Comm: syz.1.118 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  152.415979][ T6419] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  152.415986][ T6419] Call Trace:
[  152.415990][ T6419]  <TASK>
[  152.415995][ T6419]  dump_stack_lvl+0x189/0x250
[  152.416014][ T6419]  ? __pfx____ratelimit+0x10/0x10
[  152.416029][ T6419]  ? __pfx_dump_stack_lvl+0x10/0x10
[  152.416042][ T6419]  ? __pfx__printk+0x10/0x10
[  152.416053][ T6419]  ? __might_fault+0xb0/0x130
[  152.416073][ T6419]  should_fail_ex+0x46c/0x600
[  152.416089][ T6419]  _copy_from_user+0x2d/0xb0
[  152.416102][ T6419]  __sys_connect+0x124/0x450
[  152.416117][ T6419]  ? __pfx___sys_connect+0x10/0x10
[  152.416137][ T6419]  ? __pfx_ksys_write+0x10/0x10
[  152.416148][ T6419]  ? rcu_is_watching+0x15/0xb0
[  152.416166][ T6419]  __x64_sys_connect+0x7a/0x90
[  152.416180][ T6419]  do_syscall_64+0xfa/0x3b0
[  152.416191][ T6419]  ? lockdep_hardirqs_on+0x9c/0x150
[  152.416212][ T6419]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.416236][ T6419]  ? clear_bhb_loop+0x60/0xb0
[  152.416256][ T6419]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.416272][ T6419] RIP: 0033:0x7f3f0460eec9
[  152.416288][ T6419] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  152.416301][ T6419] RSP: 002b:00007f3f0284d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  152.416319][ T6419] RAX: ffffffffffffffda RBX: 00007f3f04866090 RCX: 00007f3f0460eec9
[  152.416331][ T6419] RDX: 000000000000000c RSI: 0000200000000440 RDI: 0000000000000006
[  152.416342][ T6419] RBP: 00007f3f0284d090 R08: 0000000000000000 R09: 0000000000000000
[  152.416351][ T6419] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  152.416361][ T6419] R13: 00007f3f04866128 R14: 00007f3f04866090 R15: 00007ffd0a226828
[  152.416389][ T6419]  </TASK>
[  152.887126][ T6421] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  153.981560][ T6425] netlink: 'syz.0.122': attribute type 1 has an invalid length.
[  153.981582][ T6425] netlink: 224 bytes leftover after parsing attributes in process `syz.0.122'.
[  158.932801][ T6467] FAULT_INJECTION: forcing a failure.
[  158.932801][ T6467] name failslab, interval 1, probability 0, space 0, times 0
[  158.932863][ T6467] CPU: 0 UID: 0 PID: 6467 Comm: syz.1.130 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  158.932884][ T6467] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  158.932895][ T6467] Call Trace:
[  158.932902][ T6467]  <TASK>
[  158.932910][ T6467]  dump_stack_lvl+0x189/0x250
[  158.932939][ T6467]  ? __pfx____ratelimit+0x10/0x10
[  158.932964][ T6467]  ? __pfx_dump_stack_lvl+0x10/0x10
[  158.932987][ T6467]  ? __pfx__printk+0x10/0x10
[  158.933012][ T6467]  ? __pfx___might_resched+0x10/0x10
[  158.933030][ T6467]  ? fs_reclaim_acquire+0x7d/0x100
[  158.933051][ T6467]  should_fail_ex+0x46c/0x600
[  158.933080][ T6467]  ? __alloc_skb+0x112/0x2d0
[  158.933102][ T6467]  should_failslab+0xa8/0x100
[  158.933126][ T6467]  ? __alloc_skb+0x112/0x2d0
[  158.933145][ T6467]  kmem_cache_alloc_node_noprof+0x77/0x330
[  158.933176][ T6467]  __alloc_skb+0x112/0x2d0
[  158.933203][ T6467]  tcp_stream_alloc_skb+0x3d/0x340
[  158.933229][ T6467]  tcp_sendmsg_locked+0xf3e/0x5620
[  158.933265][ T6467]  ? rcu_is_watching+0x15/0xb0
[  158.933300][ T6467]  ? preempt_schedule_irq+0xde/0x150
[  158.933336][ T6467]  ? lockdep_hardirqs_on+0x9c/0x150
[  158.933378][ T6467]  ? __pfx_tcp_sendmsg_locked+0x10/0x10
[  158.933404][ T6467]  ? rt_spin_unlock+0x65/0x80
[  158.933428][ T6467]  ? lock_sock_nested+0x5f/0x130
[  158.933449][ T6467]  ? lock_sock_nested+0xdd/0x130
[  158.933473][ T6467]  tcp_sendmsg+0x2f/0x50
[  158.933493][ T6467]  __sock_sendmsg+0x19c/0x270
[  158.933519][ T6467]  __sys_sendto+0x3c7/0x520
[  158.933545][ T6467]  ? __pfx___sys_sendto+0x10/0x10
[  158.933582][ T6467]  ? __pfx_preempt_schedule_irq+0x10/0x10
[  158.933615][ T6467]  ? lockdep_hardirqs_on+0x9c/0x150
[  158.933652][ T6467]  __x64_sys_sendto+0xde/0x100
[  158.933679][ T6467]  do_syscall_64+0xfa/0x3b0
[  158.933697][ T6467]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.933714][ T6467]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  158.933730][ T6467]  ? clear_bhb_loop+0x60/0xb0
[  158.933752][ T6467]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.933768][ T6467] RIP: 0033:0x7f3f0460eec9
[  158.933784][ T6467] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  158.933797][ T6467] RSP: 002b:00007f3f0282c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  158.933817][ T6467] RAX: ffffffffffffffda RBX: 00007f3f04866180 RCX: 00007f3f0460eec9
[  158.933830][ T6467] RDX: fffffffffffffe88 RSI: 00002000000002c0 RDI: 0000000000000006
[  158.933842][ T6467] RBP: 00007f3f0282c090 R08: 0000000000000000 R09: 0000000000000000
[  158.933853][ T6467] R10: 0000000000000052 R11: 0000000000000246 R12: 0000000000000001
[  158.933864][ T6467] R13: 00007f3f04866218 R14: 00007f3f04866180 R15: 00007ffd0a226828
[  158.933894][ T6467]  </TASK>
[  159.969655][ T6474] FAULT_INJECTION: forcing a failure.
[  159.969655][ T6474] name failslab, interval 1, probability 0, space 0, times 0
[  159.969687][ T6474] CPU: 0 UID: 0 PID: 6474 Comm: syz.0.132 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  159.969708][ T6474] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  159.969718][ T6474] Call Trace:
[  159.969725][ T6474]  <TASK>
[  159.969734][ T6474]  dump_stack_lvl+0x189/0x250
[  159.969760][ T6474]  ? __pfx____ratelimit+0x10/0x10
[  159.969784][ T6474]  ? __pfx_dump_stack_lvl+0x10/0x10
[  159.969806][ T6474]  ? __pfx__printk+0x10/0x10
[  159.969829][ T6474]  ? __pfx___might_resched+0x10/0x10
[  159.969848][ T6474]  ? fs_reclaim_acquire+0x7d/0x100
[  159.969870][ T6474]  should_fail_ex+0x46c/0x600
[  159.969896][ T6474]  ? prepare_creds+0x31/0x6c0
[  159.969916][ T6474]  should_failslab+0xa8/0x100
[  159.969938][ T6474]  ? prepare_creds+0x31/0x6c0
[  159.969958][ T6474]  kmem_cache_alloc_noprof+0x6e/0x310
[  159.969979][ T6474]  ? ksys_write+0x230/0x260
[  159.970003][ T6474]  prepare_creds+0x31/0x6c0
[  159.970026][ T6474]  __sys_setregid+0xfb/0x660
[  159.970043][ T6474]  ? do_syscall_64+0xbe/0x3b0
[  159.970062][ T6474]  do_syscall_64+0xfa/0x3b0
[  159.970076][ T6474]  ? lockdep_hardirqs_on+0x9c/0x150
[  159.970097][ T6474]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.970113][ T6474]  ? clear_bhb_loop+0x60/0xb0
[  159.970132][ T6474]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.970273][ T6474] RIP: 0033:0x7f0ba7eeeec9
[  159.970290][ T6474] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  159.970304][ T6474] RSP: 002b:00007f0ba614e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000072
[  159.970323][ T6474] RAX: ffffffffffffffda RBX: 00007f0ba8145fa0 RCX: 00007f0ba7eeeec9
[  159.970335][ T6474] RDX: 0000000000000000 RSI: 00000000ffffffff RDI: ffffffffffffffff
[  159.970346][ T6474] RBP: 00007f0ba614e090 R08: 0000000000000000 R09: 0000000000000000
[  159.970357][ T6474] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  159.970367][ T6474] R13: 00007f0ba8146038 R14: 00007f0ba8145fa0 R15: 00007ffd28f96628
[  159.970395][ T6474]  </TASK>
[  161.065171][ T6485] FAULT_INJECTION: forcing a failure.
[  161.065171][ T6485] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  161.065205][ T6485] CPU: 1 UID: 0 PID: 6485 Comm: syz.4.135 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  161.065225][ T6485] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  161.065236][ T6485] Call Trace:
[  161.065243][ T6485]  <TASK>
[  161.065250][ T6485]  dump_stack_lvl+0x189/0x250
[  161.065279][ T6485]  ? __pfx____ratelimit+0x10/0x10
[  161.065304][ T6485]  ? __pfx_dump_stack_lvl+0x10/0x10
[  161.065335][ T6485]  ? __pfx__printk+0x10/0x10
[  161.065354][ T6485]  ? __might_fault+0xb0/0x130
[  161.065388][ T6485]  should_fail_ex+0x46c/0x600
[  161.065418][ T6485]  _copy_from_user+0x2d/0xb0
[  161.065441][ T6485]  do_sock_getsockopt+0x17d/0x450
[  161.065462][ T6485]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  161.065479][ T6485]  ? do_syscall_64+0x40/0x3b0
[  161.065495][ T6485]  ? __fget_files+0x3a6/0x420
[  161.065517][ T6485]  ? __fget_files+0x2a/0x420
[  161.065546][ T6485]  __x64_sys_getsockopt+0x1ab/0x250
[  161.065563][ T6485]  ? do_syscall_64+0x40/0x3b0
[  161.065581][ T6485]  ? do_syscall_64+0x40/0x3b0
[  161.065602][ T6485]  do_syscall_64+0xfa/0x3b0
[  161.065617][ T6485]  ? lockdep_hardirqs_on+0x9c/0x150
[  161.065641][ T6485]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  161.065658][ T6485]  ? clear_bhb_loop+0x60/0xb0
[  161.065679][ T6485]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  161.065696][ T6485] RIP: 0033:0x7f533fddeec9
[  161.065712][ T6485] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  161.065725][ T6485] RSP: 002b:00007f533dffc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  161.065745][ T6485] RAX: ffffffffffffffda RBX: 00007f5340036180 RCX: 00007f533fddeec9
[  161.065758][ T6485] RDX: 000000000000001d RSI: 0000000000000084 RDI: 0000000000000005
[  161.065768][ T6485] RBP: 00007f533dffc090 R08: 0000200000000080 R09: 0000000000000000
[  161.065780][ T6485] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  161.065791][ T6485] R13: 00007f5340036218 R14: 00007f5340036180 R15: 00007ffd9b9b7d78
[  161.065820][ T6485]  </TASK>
[  163.544630][ T6501] FAULT_INJECTION: forcing a failure.
[  163.544630][ T6501] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  163.544686][ T6501] CPU: 1 UID: 0 PID: 6501 Comm: syz.0.138 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  163.544707][ T6501] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  163.544718][ T6501] Call Trace:
[  163.544725][ T6501]  <TASK>
[  163.544733][ T6501]  dump_stack_lvl+0x189/0x250
[  163.544762][ T6501]  ? __pfx____ratelimit+0x10/0x10
[  163.544788][ T6501]  ? __pfx_dump_stack_lvl+0x10/0x10
[  163.544811][ T6501]  ? __pfx__printk+0x10/0x10
[  163.544831][ T6501]  ? __might_fault+0xb0/0x130
[  163.544865][ T6501]  should_fail_ex+0x46c/0x600
[  163.544895][ T6501]  _copy_from_user+0x2d/0xb0
[  163.544917][ T6501]  ___sys_sendmsg+0x158/0x2a0
[  163.544939][ T6501]  ? __pfx____sys_sendmsg+0x10/0x10
[  163.544993][ T6501]  ? __fget_files+0x2a/0x420
[  163.545015][ T6501]  ? __fget_files+0x3a6/0x420
[  163.545057][ T6501]  __x64_sys_sendmsg+0x1a1/0x260
[  163.545078][ T6501]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  163.545121][ T6501]  do_syscall_64+0xfa/0x3b0
[  163.545140][ T6501]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  163.545157][ T6501]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  163.545174][ T6501]  ? clear_bhb_loop+0x60/0xb0
[  163.545195][ T6501]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  163.545212][ T6501] RIP: 0033:0x7f0ba7eeeec9
[  163.545228][ T6501] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  163.545241][ T6501] RSP: 002b:00007f0ba610c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  163.545261][ T6501] RAX: ffffffffffffffda RBX: 00007f0ba8146180 RCX: 00007f0ba7eeeec9
[  163.545274][ T6501] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000005
[  163.545285][ T6501] RBP: 00007f0ba610c090 R08: 0000000000000000 R09: 0000000000000000
[  163.545297][ T6501] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  163.545307][ T6501] R13: 00007f0ba8146218 R14: 00007f0ba8146180 R15: 00007ffd28f96628
[  163.545336][ T6501]  </TASK>
[  165.267296][    C1] vkms_vblank_simulate: vblank timer overrun
[  165.366884][ T6506] FAULT_INJECTION: forcing a failure.
[  165.366884][ T6506] name failslab, interval 1, probability 0, space 0, times 0
[  165.366923][ T6506] CPU: 1 UID: 0 PID: 6506 Comm: syz.2.141 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  165.366943][ T6506] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  165.366953][ T6506] Call Trace:
[  165.366961][ T6506]  <TASK>
[  165.366969][ T6506]  dump_stack_lvl+0x189/0x250
[  165.366998][ T6506]  ? __pfx____ratelimit+0x10/0x10
[  165.367023][ T6506]  ? __pfx_dump_stack_lvl+0x10/0x10
[  165.367046][ T6506]  ? __pfx__printk+0x10/0x10
[  165.367071][ T6506]  ? __pfx___might_resched+0x10/0x10
[  165.367091][ T6506]  ? fs_reclaim_acquire+0x7d/0x100
[  165.367113][ T6506]  should_fail_ex+0x46c/0x600
[  165.367148][ T6506]  should_failslab+0xa8/0x100
[  165.367172][ T6506]  __kmalloc_noprof+0xcb/0x430
[  165.367192][ T6506]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  165.367221][ T6506]  tomoyo_realpath_from_path+0xe3/0x5d0
[  165.367246][ T6506]  ? tomoyo_domain+0xda/0x130
[  165.367275][ T6506]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  165.367295][ T6506]  tomoyo_path_number_perm+0x1e8/0x5a0
[  165.367318][ T6506]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  165.367343][ T6506]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  165.367367][ T6506]  ? lockdep_hardirqs_on+0x9c/0x150
[  165.367399][ T6506]  ? __lock_acquire+0xab9/0xd20
[  165.367446][ T6506]  ? __fget_files+0x2a/0x420
[  165.367471][ T6506]  ? __fget_files+0x2a/0x420
[  165.367492][ T6506]  ? __fget_files+0x3a6/0x420
[  165.367513][ T6506]  ? __fget_files+0x2a/0x420
[  165.367539][ T6506]  security_file_ioctl+0xcb/0x2d0
[  165.367563][ T6506]  __se_sys_ioctl+0x47/0x170
[  165.367585][ T6506]  do_syscall_64+0xfa/0x3b0
[  165.367601][ T6506]  ? lockdep_hardirqs_on+0x9c/0x150
[  165.367624][ T6506]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  165.367642][ T6506]  ? clear_bhb_loop+0x60/0xb0
[  165.367671][ T6506]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  165.367688][ T6506] RIP: 0033:0x7f38c52ceec9
[  165.367703][ T6506] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  165.367717][ T6506] RSP: 002b:00007f38c3536038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  165.367740][ T6506] RAX: ffffffffffffffda RBX: 00007f38c5525fa0 RCX: 00007f38c52ceec9
[  165.367753][ T6506] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000007
[  165.367764][ T6506] RBP: 00007f38c3536090 R08: 0000000000000000 R09: 0000000000000000
[  165.367775][ T6506] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  165.367785][ T6506] R13: 00007f38c5526038 R14: 00007f38c5525fa0 R15: 00007ffeb33023f8
[  165.367816][ T6506]  </TASK>
[  165.367823][ T6506] ERROR: Out of memory at tomoyo_realpath_from_path.
[  165.381982][ T6506] kvm: kvm [6505]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x5f000015e7
[  165.382032][ T6506] kvm: kvm [6505]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0x5f000055e7
[  165.384910][ T6506] kvm: kvm [6505]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x840000f631
[  165.384953][ T6506] kvm: kvm [6505]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0x840000b631
[  165.390903][ T6506] kvm_intel: kvm [6505]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x1d9) = 0x5000000f15
[  165.460435][    C1] vkms_vblank_simulate: vblank timer overrun
[  165.907717][ T6514] FAULT_INJECTION: forcing a failure.
[  165.907717][ T6514] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  165.907749][ T6514] CPU: 1 UID: 0 PID: 6514 Comm: syz.0.143 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  165.907768][ T6514] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  165.907778][ T6514] Call Trace:
[  165.907785][ T6514]  <TASK>
[  165.907797][ T6514]  dump_stack_lvl+0x189/0x250
[  165.907824][ T6514]  ? __pfx____ratelimit+0x10/0x10
[  165.907849][ T6514]  ? __pfx_dump_stack_lvl+0x10/0x10
[  165.907870][ T6514]  ? __pfx__printk+0x10/0x10
[  165.907889][ T6514]  ? __might_fault+0xb0/0x130
[  165.907923][ T6514]  should_fail_ex+0x46c/0x600
[  165.907950][ T6514]  _copy_from_user+0x2d/0xb0
[  165.907971][ T6514]  __sys_connect+0x124/0x450
[  165.907996][ T6514]  ? __pfx___sys_connect+0x10/0x10
[  165.908028][ T6514]  ? __pfx_ksys_write+0x10/0x10
[  165.908046][ T6514]  ? rcu_is_watching+0x15/0xb0
[  165.908076][ T6514]  __x64_sys_connect+0x7a/0x90
[  165.908101][ T6514]  do_syscall_64+0xfa/0x3b0
[  165.908117][ T6514]  ? lockdep_hardirqs_on+0x9c/0x150
[  165.908143][ T6514]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  165.908160][ T6514]  ? clear_bhb_loop+0x60/0xb0
[  165.908180][ T6514]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  165.908197][ T6514] RIP: 0033:0x7f0ba7eeeec9
[  165.908212][ T6514] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  165.908225][ T6514] RSP: 002b:00007f0ba614e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  165.908251][ T6514] RAX: ffffffffffffffda RBX: 00007f0ba8145fa0 RCX: 00007f0ba7eeeec9
[  165.908265][ T6514] RDX: 000000000000006e RSI: 0000200000000080 RDI: 0000000000000003
[  165.908276][ T6514] RBP: 00007f0ba614e090 R08: 0000000000000000 R09: 0000000000000000
[  165.908287][ T6514] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  165.908297][ T6514] R13: 00007f0ba8146038 R14: 00007f0ba8145fa0 R15: 00007ffd28f96628
[  165.908325][ T6514]  </TASK>
[  166.172370][ T6518] random: crng reseeded on system resumption
[  166.254292][ T6520] FAULT_INJECTION: forcing a failure.
[  166.254292][ T6520] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  166.254324][ T6520] CPU: 1 UID: 0 PID: 6520 Comm: syz.2.144 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  166.254345][ T6520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  166.254355][ T6520] Call Trace:
[  166.254362][ T6520]  <TASK>
[  166.254370][ T6520]  dump_stack_lvl+0x189/0x250
[  166.254399][ T6520]  ? __pfx____ratelimit+0x10/0x10
[  166.254425][ T6520]  ? __pfx_dump_stack_lvl+0x10/0x10
[  166.254447][ T6520]  ? __pfx__printk+0x10/0x10
[  166.254485][ T6520]  should_fail_ex+0x46c/0x600
[  166.254515][ T6520]  _copy_to_user+0x31/0xb0
[  166.254544][ T6520]  simple_read_from_buffer+0xe1/0x170
[  166.254573][ T6520]  proc_fail_nth_read+0x1b6/0x220
[  166.254595][ T6520]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  166.254616][ T6520]  ? rw_verify_area+0x2ac/0x4e0
[  166.254636][ T6520]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  166.254656][ T6520]  vfs_read+0x203/0xa30
[  166.254685][ T6520]  ? __pfx_vfs_read+0x10/0x10
[  166.254702][ T6520]  ? try_to_take_rt_mutex+0x7fd/0xac0
[  166.254733][ T6520]  ? mutex_lock_nested+0x154/0x1d0
[  166.254752][ T6520]  ? fdget_pos+0x253/0x320
[  166.254783][ T6520]  ksys_read+0x14b/0x260
[  166.254802][ T6520]  ? __fget_files+0x3a6/0x420
[  166.254825][ T6520]  ? __pfx_ksys_read+0x10/0x10
[  166.254850][ T6520]  ? do_syscall_64+0xbe/0x3b0
[  166.254872][ T6520]  do_syscall_64+0xfa/0x3b0
[  166.254888][ T6520]  ? lockdep_hardirqs_on+0x9c/0x150
[  166.254911][ T6520]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.254929][ T6520]  ? clear_bhb_loop+0x60/0xb0
[  166.254950][ T6520]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.254967][ T6520] RIP: 0033:0x7f38c52cd8dc
[  166.254983][ T6520] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  166.254997][ T6520] RSP: 002b:00007f38c3515030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  166.255016][ T6520] RAX: ffffffffffffffda RBX: 00007f38c5526090 RCX: 00007f38c52cd8dc
[  166.255029][ T6520] RDX: 000000000000000f RSI: 00007f38c35150a0 RDI: 0000000000000004
[  166.255040][ T6520] RBP: 00007f38c3515090 R08: 0000000000000000 R09: 0000000000000000
[  166.255051][ T6520] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  166.255061][ T6520] R13: 00007f38c5526128 R14: 00007f38c5526090 R15: 00007ffeb33023f8
[  166.255091][ T6520]  </TASK>
[  166.693646][ T6526] netlink: 8 bytes leftover after parsing attributes in process `syz.2.148'.
[  166.693679][ T6526] netlink: 'syz.2.148': attribute type 30 has an invalid length.
[  166.738019][ T6526] netlink: 8 bytes leftover after parsing attributes in process `syz.2.148'.
[  166.738053][ T6526] netlink: 'syz.2.148': attribute type 30 has an invalid length.
[  166.808396][ T6532] program syz.2.148 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  166.810487][ T4906] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  166.811450][ T4906] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  166.811491][ T4906] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  166.811536][ T4906] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  166.865512][ T6535] netlink: 'syz.1.151': attribute type 17 has an invalid length.
[  167.119918][ T6055] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  167.419119][ T6055] usb 1-1: Using ep0 maxpacket: 32
[  167.490707][ T6055] usb 1-1: config 0 has an invalid interface number: 151 but max is 0
[  167.490735][ T6055] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  167.490752][ T6055] usb 1-1: config 0 has no interface number 0
[  167.490804][ T6055] usb 1-1: config 0 interface 151 altsetting 0 bulk endpoint 0x8D has invalid maxpacket 528
[  167.490827][ T6055] usb 1-1: config 0 interface 151 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  167.490847][ T6055] usb 1-1: config 0 interface 151 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  167.635097][ T6055] usb 1-1: New USB device found, idVendor=0403, idProduct=e548, bcdDevice=ad.d6
[  167.635136][ T6055] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  167.635154][ T6055] usb 1-1: Product: syz
[  167.635167][ T6055] usb 1-1: Manufacturer: syz
[  167.635180][ T6055] usb 1-1: SerialNumber: syz
[  167.743686][ T6547] FAULT_INJECTION: forcing a failure.
[  167.743686][ T6547] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  167.743718][ T6547] CPU: 0 UID: 0 PID: 6547 Comm: syz.1.153 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  167.743739][ T6547] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  167.743749][ T6547] Call Trace:
[  167.743757][ T6547]  <TASK>
[  167.743765][ T6547]  dump_stack_lvl+0x189/0x250
[  167.743792][ T6547]  ? __pfx____ratelimit+0x10/0x10
[  167.743817][ T6547]  ? __pfx_dump_stack_lvl+0x10/0x10
[  167.743840][ T6547]  ? __pfx__printk+0x10/0x10
[  167.743859][ T6547]  ? __might_fault+0xb0/0x130
[  167.743893][ T6547]  should_fail_ex+0x46c/0x600
[  167.743921][ T6547]  _copy_from_user+0x2d/0xb0
[  167.743943][ T6547]  do_sock_getsockopt+0x17d/0x450
[  167.743964][ T6547]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  167.743980][ T6547]  ? do_syscall_64+0x40/0x3b0
[  167.743997][ T6547]  ? __fget_files+0x3a6/0x420
[  167.744018][ T6547]  ? __fget_files+0x2a/0x420
[  167.744046][ T6547]  __x64_sys_getsockopt+0x1ab/0x250
[  167.744063][ T6547]  ? do_syscall_64+0x40/0x3b0
[  167.744082][ T6547]  ? do_syscall_64+0x40/0x3b0
[  167.744102][ T6547]  do_syscall_64+0xfa/0x3b0
[  167.744118][ T6547]  ? lockdep_hardirqs_on+0x9c/0x150
[  167.744141][ T6547]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.744159][ T6547]  ? clear_bhb_loop+0x60/0xb0
[  167.744179][ T6547]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.744196][ T6547] RIP: 0033:0x7f3f0460eec9
[  167.744211][ T6547] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  167.744225][ T6547] RSP: 002b:00007f3f0282c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  167.744244][ T6547] RAX: ffffffffffffffda RBX: 00007f3f04866180 RCX: 00007f3f0460eec9
[  167.744257][ T6547] RDX: 0000000000000004 RSI: 0000000000000084 RDI: 0000000000000003
[  167.744268][ T6547] RBP: 00007f3f0282c090 R08: 0000200000000240 R09: 0000000000000000
[  167.744279][ T6547] R10: 00002000000001c0 R11: 0000000000000246 R12: 0000000000000001
[  167.744290][ T6547] R13: 00007f3f04866218 R14: 00007f3f04866180 R15: 00007ffd0a226828
[  167.744318][ T6547]  </TASK>
[  167.803415][ T6055] usb 1-1: config 0 descriptor??
[  167.892616][ T6534] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  167.938760][ T6055] ftdi_sio 1-1:0.151: FTDI USB Serial Device converter detected
[  168.007643][ T6055] ftdi_sio ttyUSB0: unknown device type: 0xadd6
[  168.414391][    C1] vkms_vblank_simulate: vblank timer overrun
[  168.774709][    C1] vkms_vblank_simulate: vblank timer overrun
[  169.477158][ T6560] netlink: 28 bytes leftover after parsing attributes in process `syz.1.155'.
[  169.666809][    C1] vkms_vblank_simulate: vblank timer overrun
[  169.816640][    C1] vkms_vblank_simulate: vblank timer overrun
[  169.986147][ T5854] usb 1-1: USB disconnect, device number 9
[  169.994959][ T5854] ftdi_sio 1-1:0.151: device disconnected
[  171.317809][ T6572] netlink: 'syz.4.159': attribute type 9 has an invalid length.
[  171.317829][ T6572] netlink: 8 bytes leftover after parsing attributes in process `syz.4.159'.
[  171.371099][ T6572] hsr0: entered promiscuous mode
[  171.371543][ T6572] macvlan2: entered promiscuous mode
[  171.371798][ T6572] macvlan2: entered allmulticast mode
[  171.371811][ T6572] hsr0: entered allmulticast mode
[  171.371823][ T6572] hsr_slave_0: entered allmulticast mode
[  171.371843][ T6572] hsr_slave_1: entered allmulticast mode
[  171.431267][ T6577] FAULT_INJECTION: forcing a failure.
[  171.431267][ T6577] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  171.431299][ T6577] CPU: 0 UID: 0 PID: 6577 Comm: syz.2.161 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  171.431319][ T6577] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  171.431328][ T6577] Call Trace:
[  171.431335][ T6577]  <TASK>
[  171.431343][ T6577]  dump_stack_lvl+0x189/0x250
[  171.431372][ T6577]  ? __pfx____ratelimit+0x10/0x10
[  171.431396][ T6577]  ? __pfx_dump_stack_lvl+0x10/0x10
[  171.431419][ T6577]  ? __pfx__printk+0x10/0x10
[  171.431452][ T6577]  should_fail_ex+0x46c/0x600
[  171.431481][ T6577]  _copy_to_user+0x31/0xb0
[  171.431504][ T6577]  simple_read_from_buffer+0xe1/0x170
[  171.431531][ T6577]  proc_fail_nth_read+0x1b6/0x220
[  171.431552][ T6577]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  171.431573][ T6577]  ? rw_verify_area+0x2ac/0x4e0
[  171.431592][ T6577]  ? irqentry_exit+0x74/0x90
[  171.431606][ T6577]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  171.431625][ T6577]  vfs_read+0x203/0xa30
[  171.431653][ T6577]  ? __pfx_vfs_read+0x10/0x10
[  171.431671][ T6577]  ? strnlen_user+0x175/0x190
[  171.431693][ T6577]  ? strnlen_user+0x17e/0x190
[  171.431718][ T6577]  ? strndup_user+0x54/0xd0
[  171.431748][ T6577]  ksys_read+0x14b/0x260
[  171.431770][ T6577]  ? __pfx_ksys_read+0x10/0x10
[  171.431788][ T6577]  ? rcu_is_watching+0x15/0xb0
[  171.431816][ T6577]  ? do_syscall_64+0xbe/0x3b0
[  171.431837][ T6577]  do_syscall_64+0xfa/0x3b0
[  171.431853][ T6577]  ? lockdep_hardirqs_on+0x9c/0x150
[  171.431876][ T6577]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  171.431893][ T6577]  ? clear_bhb_loop+0x60/0xb0
[  171.431913][ T6577]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  171.431930][ T6577] RIP: 0033:0x7f38c52cd8dc
[  171.431945][ T6577] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  171.431959][ T6577] RSP: 002b:00007f38c3536030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  171.431978][ T6577] RAX: ffffffffffffffda RBX: 00007f38c5525fa0 RCX: 00007f38c52cd8dc
[  171.431991][ T6577] RDX: 000000000000000f RSI: 00007f38c35360a0 RDI: 0000000000000004
[  171.432002][ T6577] RBP: 00007f38c3536090 R08: 0000000000000000 R09: 0000000000000000
[  171.432013][ T6577] R10: 0000200000000180 R11: 0000000000000246 R12: 0000000000000001
[  171.432024][ T6577] R13: 00007f38c5526038 R14: 00007f38c5525fa0 R15: 00007ffeb33023f8
[  171.432053][ T6577]  </TASK>
[  171.857389][ T6584] netlink: 4856 bytes leftover after parsing attributes in process `syz.1.160'.
[  171.857427][ T6584] netlink: 4856 bytes leftover after parsing attributes in process `syz.1.160'.
[  172.574449][ T6581] syz.1.160 (6581) used greatest stack depth: 18968 bytes left
[  173.503105][ T6593] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  179.198966][    C1] sched: DL replenish lagged too much
[  185.446466][ T6636] FAULT_INJECTION: forcing a failure.
[  185.446466][ T6636] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  185.446499][ T6636] CPU: 0 UID: 0 PID: 6636 Comm: syz.0.174 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  185.446519][ T6636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  185.446529][ T6636] Call Trace:
[  185.446536][ T6636]  <TASK>
[  185.446544][ T6636]  dump_stack_lvl+0x189/0x250
[  185.446582][ T6636]  ? __pfx____ratelimit+0x10/0x10
[  185.446607][ T6636]  ? __pfx_dump_stack_lvl+0x10/0x10
[  185.446629][ T6636]  ? __pfx__printk+0x10/0x10
[  185.446660][ T6636]  should_fail_ex+0x46c/0x600
[  185.446690][ T6636]  strncpy_from_user+0x36/0x290
[  185.446717][ T6636]  path_setxattrat+0x150/0x3a0
[  185.446746][ T6636]  ? __pfx_path_setxattrat+0x10/0x10
[  185.446790][ T6636]  ? ksys_write+0x230/0x260
[  185.446813][ T6636]  ? __pfx_ksys_write+0x10/0x10
[  185.446830][ T6636]  ? rcu_is_watching+0x15/0xb0
[  185.446858][ T6636]  __x64_sys_lsetxattr+0xbf/0xe0
[  185.446885][ T6636]  do_syscall_64+0xfa/0x3b0
[  185.446902][ T6636]  ? lockdep_hardirqs_on+0x9c/0x150
[  185.446924][ T6636]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  185.446941][ T6636]  ? clear_bhb_loop+0x60/0xb0
[  185.446962][ T6636]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  185.446978][ T6636] RIP: 0033:0x7f0ba7eeeec9
[  185.446994][ T6636] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  185.447008][ T6636] RSP: 002b:00007f0ba614e038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd
[  185.447027][ T6636] RAX: ffffffffffffffda RBX: 00007f0ba8145fa0 RCX: 00007f0ba7eeeec9
[  185.447041][ T6636] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000200000000140
[  185.447052][ T6636] RBP: 00007f0ba614e090 R08: 0000000000000002 R09: 0000000000000000
[  185.447063][ T6636] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  185.447073][ T6636] R13: 00007f0ba8146038 R14: 00007f0ba8145fa0 R15: 00007ffd28f96628
[  185.447102][ T6636]  </TASK>
[  188.220344][ T5842] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  188.241425][ T5842] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  188.244657][ T5842] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  188.246629][ T5842] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  188.247840][ T5842] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  189.180498][ T5842] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  189.200261][ T5842] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  189.203114][ T5842] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  189.224231][ T5842] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  189.225019][ T5842] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  190.479951][ T5857] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  190.486381][ T5857] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  190.487651][ T5857] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  190.502713][ T5857] Bluetooth: hci5: command tx timeout
[  190.527172][ T5857] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  190.528025][ T5857] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  190.601037][ T6660] =======================================================
[  190.601037][ T6660] WARNING: The mand mount option has been deprecated and
[  190.601037][ T6660]          and is ignored by this kernel. Remove the mand
[  190.601037][ T6660]          option from the mount to silence this warning.
[  190.601037][ T6660] =======================================================
[  190.684387][ T6660] FAULT_INJECTION: forcing a failure.
[  190.684387][ T6660] name failslab, interval 1, probability 0, space 0, times 0
[  190.684418][ T6660] CPU: 0 UID: 0 PID: 6660 Comm: syz.0.183 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  190.684439][ T6660] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  190.684449][ T6660] Call Trace:
[  190.684456][ T6660]  <TASK>
[  190.684463][ T6660]  dump_stack_lvl+0x189/0x250
[  190.684492][ T6660]  ? __pfx____ratelimit+0x10/0x10
[  190.684516][ T6660]  ? __pfx_dump_stack_lvl+0x10/0x10
[  190.684539][ T6660]  ? __pfx__printk+0x10/0x10
[  190.684563][ T6660]  ? __pfx___might_resched+0x10/0x10
[  190.684581][ T6660]  ? fs_reclaim_acquire+0x7d/0x100
[  190.684603][ T6660]  should_fail_ex+0x46c/0x600
[  190.684630][ T6660]  ? getname_flags+0xb8/0x540
[  190.684652][ T6660]  should_failslab+0xa8/0x100
[  190.684675][ T6660]  ? getname_flags+0xb8/0x540
[  190.684695][ T6660]  kmem_cache_alloc_noprof+0x6e/0x310
[  190.684722][ T6660]  getname_flags+0xb8/0x540
[  190.684749][ T6660]  __se_sys_move_mount+0x32f/0x580
[  190.684776][ T6660]  ? __pfx___se_sys_move_mount+0x10/0x10
[  190.684799][ T6660]  ? __pfx_ksys_write+0x10/0x10
[  190.684816][ T6660]  ? rcu_is_watching+0x15/0xb0
[  190.684845][ T6660]  ? do_syscall_64+0xbe/0x3b0
[  190.684860][ T6660]  ? __x64_sys_move_mount+0x20/0xc0
[  190.684885][ T6660]  do_syscall_64+0xfa/0x3b0
[  190.684901][ T6660]  ? lockdep_hardirqs_on+0x9c/0x150
[  190.684923][ T6660]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  190.684940][ T6660]  ? clear_bhb_loop+0x60/0xb0
[  190.684961][ T6660]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  190.684977][ T6660] RIP: 0033:0x7f0ba7eeeec9
[  190.684992][ T6660] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  190.685006][ T6660] RSP: 002b:00007f0ba614e038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ad
[  190.685032][ T6660] RAX: ffffffffffffffda RBX: 00007f0ba8145fa0 RCX: 00007f0ba7eeeec9
[  190.685048][ T6660] RDX: 0000000000000003 RSI: 0000200000008080 RDI: ffffffffffffff9c
[  190.685060][ T6660] RBP: 00007f0ba614e090 R08: 0000000000000160 R09: 0000000000000000
[  190.685071][ T6660] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  190.685082][ T6660] R13: 00007f0ba8146038 R14: 00007f0ba8145fa0 R15: 00007ffd28f96628
[  190.685110][ T6660]  </TASK>
[  191.299375][ T5842] Bluetooth: hci6: command tx timeout
[  192.580676][ T5857] Bluetooth: hci5: command tx timeout
[  192.583224][ T5842] Bluetooth: hci7: command tx timeout
[  193.379132][ T5842] Bluetooth: hci6: command tx timeout
[  194.345533][ T1327] ieee802154 phy0 wpan0: encryption failed: -22
[  194.345605][ T1327] ieee802154 phy1 wpan1: encryption failed: -22
[  194.669137][ T5842] Bluetooth: hci7: command tx timeout
[  194.669172][ T5842] Bluetooth: hci5: command tx timeout
[  195.282788][ T5842] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  195.287481][ T5842] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  195.288592][ T5842] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  195.291104][ T5842] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  195.292674][ T5842] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  195.459171][ T5842] Bluetooth: hci6: command tx timeout
[  196.739177][ T5842] Bluetooth: hci5: command tx timeout
[  196.739208][ T5842] Bluetooth: hci7: command tx timeout
[  197.379214][ T5857] Bluetooth: hci8: command tx timeout
[  197.539266][ T5857] Bluetooth: hci6: command tx timeout
[  198.819278][ T5857] Bluetooth: hci7: command tx timeout
[  199.459465][ T5857] Bluetooth: hci8: command tx timeout
[  201.549942][ T5857] Bluetooth: hci8: command tx timeout
[  203.619147][ T5857] Bluetooth: hci8: command tx timeout
[  206.680925][ T6678] Bluetooth: hci3: command 0x0406 tx timeout
[  206.680968][ T6678] Bluetooth: hci2: command 0x0406 tx timeout
[  206.739086][ T6679] Bluetooth: hci4: command 0x0406 tx timeout
[  206.739216][ T6679] Bluetooth: hci1: command 0x0406 tx timeout
[  206.739242][ T6679] Bluetooth: hci0: command 0x0406 tx timeout
[  217.840477][ T5842] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[  217.870419][ T5842] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[  217.871545][ T5842] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[  217.872668][ T5842] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[  217.900978][ T5842] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[  223.268505][ T6676] netdevsim netdevsim0 netdevsim0: entered promiscuous mode
[  223.268540][ T6676] netdevsim netdevsim0 netdevsim0: entered allmulticast mode
[  223.306790][ T6676] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  228.659209][ T5857] Bluetooth: hci9: command tx timeout
[  230.749279][ T5857] Bluetooth: hci9: command tx timeout
[  232.819167][ T5857] Bluetooth: hci9: command tx timeout
[  234.899165][ T5857] Bluetooth: hci9: command tx timeout
[  247.837249][ T5856] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  247.852238][ T5856] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  247.887875][ T5856] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  247.909353][ T5856] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  247.912010][ T5856] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  248.932459][ T5857] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  248.954585][ T5857] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  248.955716][ T5857] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  248.959152][ T5857] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  248.959955][ T5857] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  250.019323][ T5857] Bluetooth: hci0: command tx timeout
[  250.325729][ T5856] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  250.343296][ T5856] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  250.345175][ T5856] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  250.348605][ T5856] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  250.371133][ T5856] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  251.059208][ T5857] Bluetooth: hci2: command tx timeout
[  252.099143][ T5857] Bluetooth: hci0: command tx timeout
[  252.419260][ T5857] Bluetooth: hci4: command tx timeout
[  253.139114][ T5857] Bluetooth: hci2: command tx timeout
[  254.179148][ T5857] Bluetooth: hci0: command tx timeout
[  254.509288][ T5857] Bluetooth: hci4: command tx timeout
[  255.219180][ T5857] Bluetooth: hci2: command tx timeout
[  255.803315][ T1327] ieee802154 phy0 wpan0: encryption failed: -22
[  255.803466][ T1327] ieee802154 phy1 wpan1: encryption failed: -22
[  256.259136][ T5857] Bluetooth: hci0: command tx timeout
[  256.582264][ T5857] Bluetooth: hci4: command tx timeout
[  256.641656][ T5856] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1
[  256.669322][ T5856] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9
[  256.672976][ T5856] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9
[  256.674186][ T5856] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4
[  256.674968][ T5856] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2
[  257.299166][ T5856] Bluetooth: hci2: command tx timeout
[  258.662851][ T5856] Bluetooth: hci4: command tx timeout
[  258.739305][ T5856] Bluetooth: hci10: command tx timeout
[  260.819327][ T5856] Bluetooth: hci10: command tx timeout
[  262.909191][ T5856] Bluetooth: hci10: command tx timeout
[  264.987551][ T5856] Bluetooth: hci10: command tx timeout
[  278.658570][ T5857] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1
[  278.683253][ T5857] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9
[  278.685075][ T5857] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9
[  278.686386][ T5857] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4
[  278.687195][ T5857] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2
[  280.739436][ T5856] Bluetooth: hci11: command tx timeout
[  282.829235][ T5856] Bluetooth: hci11: command tx timeout
[  284.899214][ T5856] Bluetooth: hci11: command tx timeout
[  286.979496][ T5856] Bluetooth: hci11: command tx timeout
[  309.066459][ T5857] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1
[  309.069966][ T5857] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9
[  309.094174][ T5857] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9
[  309.098390][ T5857] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4
[  309.129309][ T5857] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2
[  309.490441][ T5856] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1
[  309.511882][ T5856] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9
[  309.513178][ T5856] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9
[  309.515338][ T5856] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4
[  309.516676][ T5856] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2
[  310.230894][ T5857] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1
[  310.256322][ T5857] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9
[  310.258759][ T5857] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9
[  310.276692][ T5857] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4
[  310.277551][ T5857] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2
[  311.219406][ T5857] Bluetooth: hci12: command tx timeout
[  311.619386][ T5857] Bluetooth: hci13: command tx timeout
[  312.339545][ T5857] Bluetooth: hci14: command tx timeout
[  313.299134][ T5857] Bluetooth: hci12: command tx timeout
[  313.699309][ T5857] Bluetooth: hci13: command tx timeout
[  314.185965][ T5159] Bluetooth: hci5: command 0x0406 tx timeout
[  314.186006][ T5159] Bluetooth: hci7: command 0x0406 tx timeout
[  314.186141][ T5857] Bluetooth: hci6: command 0x0406 tx timeout
[  314.429529][ T5857] Bluetooth: hci14: command tx timeout
[  315.379150][ T5857] Bluetooth: hci12: command tx timeout
[  315.779659][ T5857] Bluetooth: hci13: command tx timeout
[  316.498825][ T6678] Bluetooth: hci15: unexpected cc 0x0c03 length: 249 > 1
[  316.501875][ T5159] Bluetooth: hci14: command tx timeout
[  316.523111][ T6678] Bluetooth: hci15: unexpected cc 0x1003 length: 249 > 9
[  316.543687][ T6678] Bluetooth: hci15: unexpected cc 0x1001 length: 249 > 9
[  316.544895][ T6678] Bluetooth: hci15: unexpected cc 0x0c23 length: 249 > 4
[  316.545708][ T6678] Bluetooth: hci15: unexpected cc 0x0c38 length: 249 > 2
[  317.459220][ T5159] Bluetooth: hci12: command tx timeout
[  317.598773][ T1327] ieee802154 phy0 wpan0: encryption failed: -22
[  317.598848][ T1327] ieee802154 phy1 wpan1: encryption failed: -22
[  317.859328][ T5159] Bluetooth: hci13: command tx timeout
[  318.579517][ T5159] Bluetooth: hci14: command tx timeout
[  319.299123][ T5842] Bluetooth: hci8: command 0x0406 tx timeout
[  333.219164][ T5857] Bluetooth: hci15: command tx timeout
[  335.299258][ T5857] Bluetooth: hci15: command tx timeout
[  337.379162][ T5857] Bluetooth: hci15: command tx timeout
[  339.480637][ T5857] Bluetooth: hci15: command tx timeout
[  340.563365][ T6678] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  340.596243][ T6678] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  340.607338][ T6678] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  340.649368][ T6678] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  340.660341][ T6678] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  342.927836][ T5857] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  342.949454][ T5857] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  342.949880][ T5857] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  342.951046][ T5857] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  342.951825][ T5857] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  369.138316][ T5856] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  369.155490][ T5856] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  369.156631][ T5856] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  369.157885][ T5856] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  369.158713][ T5856] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  370.158494][   T59] Bluetooth: hci16: unexpected cc 0x0c03 length: 249 > 1
[  370.175582][   T59] Bluetooth: hci16: unexpected cc 0x1003 length: 249 > 9
[  370.176738][   T59] Bluetooth: hci16: unexpected cc 0x1001 length: 249 > 9
[  370.177974][   T59] Bluetooth: hci16: unexpected cc 0x0c23 length: 249 > 4
[  370.205887][   T59] Bluetooth: hci16: unexpected cc 0x0c38 length: 249 > 2
[  371.352709][ T5842] Bluetooth: hci17: unexpected cc 0x0c03 length: 249 > 1
[  371.370713][ T5842] Bluetooth: hci17: unexpected cc 0x1003 length: 249 > 9
[  371.372006][ T5842] Bluetooth: hci17: unexpected cc 0x1001 length: 249 > 9
[  371.373882][ T5842] Bluetooth: hci17: unexpected cc 0x0c23 length: 249 > 4
[  371.405178][ T5842] Bluetooth: hci17: unexpected cc 0x0c38 length: 249 > 2
[  374.514201][ T6761] chnl_net:caif_netlink_parms(): no params data found
[  378.647853][ T5159] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  378.678263][ T1327] ieee802154 phy0 wpan0: encryption failed: -22
[  378.678338][ T1327] ieee802154 phy1 wpan1: encryption failed: -22
[  378.698744][ T5159] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  378.711859][ T5159] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  378.713193][ T5159] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  378.715747][ T5159] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  397.108674][ T6754] chnl_net:caif_netlink_parms(): no params data found
[  397.118187][ T6757] chnl_net:caif_netlink_parms(): no params data found
[  399.746783][ T6679] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  399.783083][ T6679] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  399.784939][ T6679] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  399.786505][ T6679] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  399.787294][ T6679] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  400.863538][ T6745] chnl_net:caif_netlink_parms(): no params data found
[  424.739278][   T38] INFO: task syz.1.160:6579 blocked for more than 143 seconds.
[  424.739301][   T38]       Not tainted syzkaller #0
[  424.739311][   T38]       Blocked by coredump.
[  424.739316][   T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  424.739325][   T38] task:syz.1.160       state:D stack:23656 pid:6579  tgid:6573  ppid:5847   task_flags:0x40054c flags:0x00004002
[  424.739397][   T38] Call Trace:
[  424.739404][   T38]  <TASK>
[  424.739418][   T38]  __schedule+0x16f3/0x4c20
[  424.739459][   T38]  ? do_raw_spin_unlock+0x122/0x240
[  424.739486][   T38]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  424.739515][   T38]  ? __pfx___schedule+0x10/0x10
[  424.739557][   T38]  ? _raw_spin_unlock_irq+0x23/0x50
[  424.739583][   T38]  rt_mutex_schedule+0x77/0xf0
[  424.739601][   T38]  rt_mutex_slowlock_block+0x5ba/0x6d0
[  424.739623][   T38]  ? task_blocks_on_rt_mutex+0xf12/0x1380
[  424.739661][   T38]  rt_mutex_slowlock+0x2b1/0x6e0
[  424.739685][   T38]  ? rt_mutex_slowlock+0x1c9/0x6e0
[  424.739707][   T38]  ? __pfx_rt_mutex_slowlock+0x10/0x10
[  424.739726][   T38]  ? __lock_acquire+0xab9/0xd20
[  424.739759][   T38]  ? rcu_barrier+0x4c/0x570
[  424.739791][   T38]  ? rcu_barrier+0x4c/0x570
[  424.739807][   T38]  mutex_lock_nested+0x16a/0x1d0
[  424.739826][   T38]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  424.739848][   T38]  ? __pfx_tun_chr_close+0x10/0x10
[  424.739873][   T38]  rcu_barrier+0x4c/0x570
[  424.739895][   T38]  ? __pfx_tun_chr_close+0x10/0x10
[  424.739919][   T38]  ? __pfx_tun_chr_close+0x10/0x10
[  424.739942][   T38]  netdev_run_todo+0x327/0xea0
[  424.739966][   T38]  ? __pfx_netif_state_change+0x10/0x10
[  424.739988][   T38]  ? __pfx_netdev_run_todo+0x10/0x10
[  424.740005][   T38]  ? kasan_quarantine_put+0xdd/0x220
[  424.740024][   T38]  ? lockdep_hardirqs_on+0x9c/0x150
[  424.740057][   T38]  ? netdev_state_change+0x1ca/0x220
[  424.740080][   T38]  ? __pfx_tun_chr_close+0x10/0x10
[  424.740104][   T38]  tun_chr_close+0x13f/0x1c0
[  424.740129][   T38]  __fput+0x45b/0xa80
[  424.740159][   T38]  task_work_run+0x1d1/0x260
[  424.740180][   T38]  ? __pfx_task_work_run+0x10/0x10
[  424.740199][   T38]  ? do_exit+0x6b0/0x2300
[  424.740215][   T38]  ? kmem_cache_free+0x195/0x510
[  424.740243][   T38]  do_exit+0x6b5/0x2300
[  424.740259][   T38]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  424.740289][   T38]  ? __lock_acquire+0xab9/0xd20
[  424.740312][   T38]  ? __pfx_do_exit+0x10/0x10
[  424.740327][   T38]  ? rt_mutex_slowunlock+0x493/0x8a0
[  424.740351][   T38]  ? rt_spin_lock+0x1bb/0x2c0
[  424.740388][   T38]  do_group_exit+0x21c/0x2d0
[  424.740412][   T38]  get_signal+0x125e/0x1310
[  424.740456][   T38]  arch_do_signal_or_restart+0x9a/0x750
[  424.740478][   T38]  ? __x64_sys_sendmsg+0x236/0x260
[  424.740500][   T38]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  424.740536][   T38]  ? exit_to_user_mode_loop+0x40/0x110
[  424.740562][   T38]  exit_to_user_mode_loop+0x75/0x110
[  424.740585][   T38]  do_syscall_64+0x2bd/0x3b0
[  424.740602][   T38]  ? lockdep_hardirqs_on+0x9c/0x150
[  424.740625][   T38]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  424.740643][   T38]  ? clear_bhb_loop+0x60/0xb0
[  424.740665][   T38]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  424.740689][   T38] RIP: 0033:0x7f3f0460eec9
[  424.740705][   T38] RSP: 002b:00007f3f0286e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  424.740725][   T38] RAX: 00000000000000a4 RBX: 00007f3f04865fa0 RCX: 00007f3f0460eec9
[  424.740738][   T38] RDX: 0000000000000000 RSI: 00002000000007c0 RDI: 0000000000000005
[  424.740750][   T38] RBP: 00007f3f04691f91 R08: 0000000000000000 R09: 0000000000000000
[  424.740762][   T38] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  424.740773][   T38] R13: 00007f3f04866038 R14: 00007f3f04865fa0 R15: 00007ffd0a226828
[  424.740804][   T38]  </TASK>
[  424.740837][   T38] 
[  424.740837][   T38] Showing all locks held in the system:
[  424.740848][   T38] 2 locks held by ksoftirqd/1/30:
[  424.740860][   T38] 1 lock held by khungtaskd/38:
[  424.740869][   T38]  #0: ffffffff8d9a8dc0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[  424.740916][   T38] 4 locks held by kworker/u9:0/59:
[  424.740927][   T38]  #0: ffff888031b6f138 ((wq_completion)hci5#4){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  424.740978][   T38]  #1: ffffc9000125fbc0 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  424.741024][   T38]  #2: ffff888050dc40a8 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x8e0
[  424.741069][   T38]  #3: ffffffff8ee3b358 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x516/0x8e0
[  424.741121][   T38] 3 locks held by kworker/u8:9/1153:
[  424.741131][   T38]  #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  424.741177][   T38]  #1: ffffc90004f27bc0 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  424.741221][   T38]  #2: ffffffff8ecd38b8 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0xe/0x60
[  424.741264][   T38] 2 locks held by kworker/u8:12/1181:
[  424.741289][   T38] 4 locks held by kworker/u9:1/5159:
[  424.741300][   T38]  #0: ffff8880759a6938 ((wq_completion)hci6#4){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  424.741347][   T38]  #1: ffffc90010607bc0 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  424.741397][   T38]  #2: ffff888075dc40a8 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x8e0
[  424.741441][   T38]  #3: ffffffff8ee3b358 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x516/0x8e0
[  424.741487][   T38] 2 locks held by getty/5600:
[  424.741497][   T38]  #0: ffff88823bf400a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  424.741538][   T38]  #1: ffffc90003e832e0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x444/0x1410
[  424.741585][   T38] 4 locks held by kworker/u9:2/5842:
[  424.741595][   T38]  #0: ffff88805767b938 ((wq_completion)hci17#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  424.741644][   T38]  #1: ffffc90004ab7bc0 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  424.741689][   T38]  #2: ffff88807ef3c0a8 (&hdev->lock){+.+.}-{4:4}, at: le_conn_complete_evt+0xb1/0x1500
[  424.741734][   T38]  #3: ffffffff8ee3b358 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_connect_cfm+0x2c/0x140
[  424.741780][   T38] 7 locks held by kworker/1:4/5852:
[  424.741791][   T38] 4 locks held by kworker/u9:4/5856:
[  424.741801][   T38]  #0: ffff888050fe7138 ((wq_completion)hci8#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  424.741850][   T38]  #1: ffffc90004ba7bc0 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  424.741894][   T38]  #2: ffff888076d200a8 (&hdev->lock){+.+.}-{4:4}, at: le_conn_complete_evt+0xb1/0x1500
[  424.741941][   T38]  #3: ffffffff8ee3b358 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_connect_cfm+0x2c/0x140
[  424.741986][   T38] 4 locks held by kworker/u9:5/5857:
[  424.741997][   T38]  #0: ffff88803187a938 ((wq_completion)hci1#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  424.742046][   T38]  #1: ffffc90004bf7bc0 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  424.742091][   T38]  #2: ffff88804d1ac0a8 (&hdev->lock){+.+.}-{4:4}, at: le_conn_complete_evt+0xb1/0x1500
[  424.742135][   T38]  #3: ffffffff8ee3b358 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_connect_cfm+0x2c/0x140
[  424.742187][   T38] 1 lock held by syz.1.160/6579:
[  424.742197][   T38]  #0: ffffffff8d9ae770 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[  424.742239][   T38] 1 lock held by syz.2.165/6588:
[  424.742249][   T38]  #0: ffffffff8d9ae770 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[  424.742290][   T38] 1 lock held by syz.3.167/6592:
[  424.742300][   T38]  #0: ffffffff8d9ae770 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[  424.742342][   T38] 2 locks held by kworker/1:9/6597:
[  424.742353][   T38] 2 locks held by kworker/1:11/6599:
[  424.742369][   T38] 1 lock held by syz.4.170/6611:
[  424.742379][   T38]  #0: ffffffff8d9ae770 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[  424.742421][   T38] 1 lock held by syz.0.186/6676:
[  424.742431][   T38]  #0: ffffffff8d9ae770 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[  424.742473][   T38] 4 locks held by kworker/u9:6/6678:
[  424.742484][   T38]  #0: ffff888032211138 ((wq_completion)hci16#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  424.742532][   T38]  #1: ffffc9000d22fbc0 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  424.742576][   T38]  #2: ffff888051ea80a8 (&hdev->lock){+.+.}-{4:4}, at: le_conn_complete_evt+0xb1/0x1500
[  424.742623][   T38]  #3: ffffffff8ee3b358 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_connect_cfm+0x2c/0x140
[  424.742668][   T38] 3 locks held by syz-executor/6683:
[  424.742679][   T38]  #0: ffff88807064ce80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_unregister_dev+0x212/0x510
[  424.742722][   T38]  #1: ffff88807064c0a8 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x66a/0x1330
[  424.742769][   T38]  #2: ffffffff8ee3b358 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_hash_flush+0xa1/0x230
[  424.742812][   T38] 3 locks held by syz-executor/6706:
[  424.742822][   T38]  #0: ffff88803cb90e80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_unregister_dev+0x212/0x510
[  424.742866][   T38]  #1: ffff88803cb900a8 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x66a/0x1330
[  424.742911][   T38]  #2: ffffffff8ee3b358 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_hash_flush+0xa1/0x230
[  424.742952][   T38] 2 locks held by syz-executor/6715:
[  424.742963][   T38]  #0: ffff88804bb98e80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_unregister_dev+0x212/0x510
[  424.743006][   T38]  #1: ffff88804bb980a8 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x66a/0x1330
[  424.743053][   T38] 3 locks held by syz-executor/6723:
[  424.743064][   T38]  #0: ffff88803207ce80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_unregister_dev+0x212/0x510
[  424.743107][   T38]  #1: ffff88803207c0a8 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x66a/0x1330
[  424.743152][   T38]  #2: ffffffff8ee3b358 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_hash_flush+0xa1/0x230
[  424.743194][   T38] 4 locks held by syz-executor/6727:
[  424.743204][   T38]  #0: ffff8880878ace80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_unregister_dev+0x212/0x510
[  424.743248][   T38]  #1: ffff8880878ac0a8 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x66a/0x1330
[  424.743294][   T38]  #2: ffffffff8ee3b358 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_hash_flush+0xa1/0x230
[  424.743336][   T38]  #3: ffff88802a0d3b58 (&conn->lock#2){+.+.}-{4:4}, at: l2cap_conn_del+0x70/0x680
[  424.743386][   T38] 3 locks held by syz-executor/6730:
[  424.743396][   T38]  #0: ffff88807ee3ce80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_unregister_dev+0x212/0x510
[  424.743439][   T38]  #1: ffff88807ee3c0a8 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x66a/0x1330
[  424.743484][   T38]  #2: ffffffff8ee3b358 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_hash_flush+0xa1/0x230
[  424.743527][   T38] 3 locks held by syz-executor/6738:
[  424.743537][   T38]  #0: ffff88807f740e80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_unregister_dev+0x212/0x510
[  424.743580][   T38]  #1: ffff88807f7400a8 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x66a/0x1330
[  424.743626][   T38]  #2: ffffffff8ee3b358 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_hash_flush+0xa1/0x230
[  424.743668][   T38] 2 locks held by syz-executor/6754:
[  424.743679][   T38]  #0: ffffffff8e43b960 (&ops->srcu#2){.+.+}-{0:0}, at: rtnl_link_ops_get+0x23/0x250
[  424.743729][   T38]  #1: ffffffff8ecd38b8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8db/0x1c70
[  424.743774][   T38] 2 locks held by syz-executor/6757:
[  424.743784][   T38]  #0: ffffffff8e43b960 (&ops->srcu#2){.+.+}-{0:0}, at: rtnl_link_ops_get+0x23/0x250
[  424.743834][   T38]  #1: ffffffff8ecd38b8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8db/0x1c70
[  424.743879][   T38] 2 locks held by syz-executor/6761:
[  424.743889][   T38]  #0: ffffffff8e43b960 (&ops->srcu#2){.+.+}-{0:0}, at: rtnl_link_ops_get+0x23/0x250
[  424.743938][   T38]  #1: ffffffff8ecd38b8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8db/0x1c70
[  424.743984][   T38] 1 lock held by syz-executor/6787:
[  424.743994][   T38]  #0: ffffffff8ecd38b8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8db/0x1c70
[  424.744038][   T38] 1 lock held by syz-executor/6796:
[  424.744049][   T38]  #0: ffffffff8ecd38b8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  424.744092][   T38] 
[  424.744097][   T38] =============================================
[  424.744097][   T38] 
[  424.744116][   T38] NMI backtrace for cpu 0
[  424.744140][   T38] CPU: 0 UID: 0 PID: 38 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  424.744189][   T38] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  424.744209][   T38] Call Trace:
[  424.744225][   T38]  <TASK>
[  424.744241][   T38]  dump_stack_lvl+0x189/0x250
[  424.744309][   T38]  ? __pfx_dump_stack_lvl+0x10/0x10
[  424.744367][   T38]  ? __pfx__printk+0x10/0x10
[  424.744398][   T38]  nmi_cpu_backtrace+0x39e/0x3d0
[  424.744422][   T38]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  424.744446][   T38]  ? __pfx__printk+0x10/0x10
[  424.744469][   T38]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  424.744491][   T38]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[  424.744516][   T38]  watchdog+0xf93/0xfe0
[  424.744542][   T38]  ? watchdog+0x1de/0xfe0
[  424.744568][   T38]  kthread+0x711/0x8a0
[  424.744595][   T38]  ? __pfx_watchdog+0x10/0x10
[  424.744614][   T38]  ? __pfx_kthread+0x10/0x10
[  424.744641][   T38]  ? __pfx_kthread+0x10/0x10
[  424.744665][   T38]  ret_from_fork+0x436/0x7d0
[  424.744689][   T38]  ? __pfx_ret_from_fork+0x10/0x10
[  424.744715][   T38]  ? __switch_to_asm+0x39/0x70
[  424.744731][   T38]  ? __switch_to_asm+0x33/0x70
[  424.744746][   T38]  ? __pfx_kthread+0x10/0x10
[  424.744769][   T38]  ret_from_fork_asm+0x1a/0x30
[  424.744801][   T38]  </TASK>
[  424.744807][   T38] Sending NMI from CPU 0 to CPUs 1:
[  424.744833][    C1] NMI backtrace for cpu 1
[  424.744847][    C1] CPU: 1 UID: 0 PID: 5852 Comm: kworker/1:4 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  424.744865][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  424.744875][    C1] Workqueue: wg-crypt-wg0 wg_packet_tx_worker
[  424.744895][    C1] RIP: 0010:lock_acquire+0x14f/0x360
[  424.744914][    C1] Code: c7 c7 b6 b1 21 8d e8 10 4b 5b 09 b8 ff ff ff ff 65 0f c1 05 73 7f 5a 10 83 f8 01 0f 85 c9 00 00 00 48 c7 44 24 30 00 00 00 00 <9c> 8f 44 24 30 f7 44 24 30 00 02 00 00 0f 85 cd 00 00 00 f7 44 24
[  424.744928][    C1] RSP: 0018:ffffc90004b35fd8 EFLAGS: 00000046
[  424.744940][    C1] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 83f93430784f5000
[  424.744951][    C1] RDX: 0000000000000000 RSI: ffffffff8d21b1b6 RDI: ffffffff8b621680
[  424.744962][    C1] RBP: ffffffff8172c165 R08: 0000000000000000 R09: ffffffff8172c165
[  424.744973][    C1] R10: ffffc90004b36198 R11: ffffffff81aaf080 R12: 0000000000000002
[  424.744984][    C1] R13: ffffffff8d9a8dc0 R14: 0000000000000000 R15: 0000000000000246
[  424.744994][    C1] FS:  0000000000000000(0000) GS:ffff8881269bc000(0000) knlGS:0000000000000000
[  424.745007][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  424.745019][    C1] CR2: 00007fad9cf42700 CR3: 0000000033c02000 CR4: 00000000003526f0
[  424.745033][    C1] Call Trace:
[  424.745039][    C1]  <TASK>
[  424.745048][    C1]  ? unwind_next_frame+0xa5/0x2390
[  424.745067][    C1]  ? NF_HOOK+0x206/0x3a0
[  424.745085][    C1]  ? unwind_next_frame+0xa5/0x2390
[  424.745103][    C1]  unwind_next_frame+0xc2/0x2390
[  424.745127][    C1]  ? unwind_next_frame+0xa5/0x2390
[  424.745148][    C1]  ? unwind_next_frame+0xa5/0x2390
[  424.745166][    C1]  ? nf_hook_slow+0xc2/0x220
[  424.745186][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  424.745202][    C1]  arch_stack_walk+0x11c/0x150
[  424.745223][    C1]  ? NF_HOOK+0x206/0x3a0
[  424.745242][    C1]  stack_trace_save+0x9c/0xe0
[  424.745257][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[  424.745270][    C1]  ? do_raw_spin_lock+0x121/0x290
[  424.745292][    C1]  kasan_save_track+0x3e/0x80
[  424.745308][    C1]  ? kasan_save_track+0x3e/0x80
[  424.745322][    C1]  ? __kasan_kmalloc+0x93/0xb0
[  424.745338][    C1]  ? __kmalloc_cache_noprof+0x1a8/0x320
[  424.745355][    C1]  ? ref_tracker_alloc+0x13b/0x450
[  424.745374][    C1]  ? dst_init+0xd9/0x450
[  424.745387][    C1]  ? dst_alloc+0x12a/0x170
[  424.745400][    C1]  ? ip_route_output_key_hash_rcu+0x1560/0x23e0
[  424.745416][    C1]  ? ip_route_output_key_hash+0x1b9/0x2e0
[  424.745431][    C1]  ? ip_route_output_flow+0x2a/0x150
[  424.745445][    C1]  ? ip_route_me_harder+0x6d2/0x1030
[  424.745460][    C1]  ? synproxy_send_tcp+0x359/0x6c0
[  424.745478][    C1]  ? synproxy_send_client_synack+0x8bb/0xe20
[  424.745496][    C1]  ? nft_synproxy_eval_v4+0x36e/0x560
[  424.745511][    C1]  ? nft_synproxy_do_eval+0x345/0x570
[  424.745526][    C1]  ? nft_do_chain+0x40c/0x1920
[  424.745540][    C1]  ? nft_do_chain_inet+0x25d/0x340
[  424.745554][    C1]  ? nf_hook_slow+0xc2/0x220
[  424.745571][    C1]  ? NF_HOOK+0x206/0x3a0
[  424.745603][    C1]  ? ref_tracker_alloc+0x13b/0x450
[  424.745622][    C1]  __kasan_kmalloc+0x93/0xb0
[  424.745640][    C1]  __kmalloc_cache_noprof+0x1a8/0x320
[  424.745657][    C1]  ? ref_tracker_alloc+0x13b/0x450
[  424.745678][    C1]  ref_tracker_alloc+0x13b/0x450
[  424.745697][    C1]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  424.745722][    C1]  ? dst_alloc+0x105/0x170
[  424.745737][    C1]  ? dst_alloc+0x105/0x170
[  424.745752][    C1]  dst_init+0xd9/0x450
[  424.745769][    C1]  dst_alloc+0x12a/0x170
[  424.745785][    C1]  ip_route_output_key_hash_rcu+0x1560/0x23e0
[  424.745805][    C1]  ? ip_route_output_key_hash+0xde/0x2e0
[  424.745822][    C1]  ip_route_output_key_hash+0x1b9/0x2e0
[  424.745837][    C1]  ? __lock_acquire+0xab9/0xd20
[  424.745854][    C1]  ? __pfx_ip_route_output_key_hash+0x10/0x10
[  424.745873][    C1]  ? ip_route_me_harder+0x4ad/0x1030
[  424.745892][    C1]  ip_route_output_flow+0x2a/0x150
[  424.745906][    C1]  ? ip_route_me_harder+0x6c0/0x1030
[  424.745923][    C1]  ip_route_me_harder+0x6d2/0x1030
[  424.745946][    C1]  ? __pfx_ip_route_me_harder+0x10/0x10
[  424.745975][    C1]  synproxy_send_tcp+0x359/0x6c0
[  424.745996][    C1]  synproxy_send_client_synack+0x8bb/0xe20
[  424.746022][    C1]  ? __pfx_synproxy_send_client_synack+0x10/0x10
[  424.746040][    C1]  ? nft_synproxy_do_eval+0x1d8/0x570
[  424.746056][    C1]  ? synproxy_pernet+0x45/0x270
[  424.746073][    C1]  nft_synproxy_eval_v4+0x36e/0x560
[  424.746092][    C1]  ? __pfx_nft_synproxy_eval_v4+0x10/0x10
[  424.746114][    C1]  ? nf_ip_checksum+0x13c/0x510
[  424.746131][    C1]  nft_synproxy_do_eval+0x345/0x570
[  424.746147][    C1]  ? __pfx_nft_synproxy_do_eval+0x10/0x10
[  424.746164][    C1]  ? __pfx_nft_synproxy_do_eval+0x10/0x10
[  424.746187][    C1]  nft_do_chain+0x40c/0x1920
[  424.746206][    C1]  ? __pfx_nft_do_chain+0x10/0x10
[  424.746222][    C1]  ? __pfx_nft_do_chain+0x10/0x10
[  424.746254][    C1]  nft_do_chain_inet+0x25d/0x340
[  424.746268][    C1]  ? __pfx_nft_do_chain_inet+0x10/0x10
[  424.746283][    C1]  ? __lock_acquire+0xab9/0xd20
[  424.746305][    C1]  ? NF_HOOK+0x9a/0x3a0
[  424.746322][    C1]  ? __pfx_nft_do_chain_inet+0x10/0x10
[  424.746338][    C1]  nf_hook_slow+0xc2/0x220
[  424.746358][    C1]  NF_HOOK+0x206/0x3a0
[  424.746376][    C1]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[  424.746406][    C1]  ? NF_HOOK+0x9a/0x3a0
[  424.746423][    C1]  ? __pfx_NF_HOOK+0x10/0x10
[  424.746438][    C1]  ? ip_rcv_finish_core+0xda3/0x1c00
[  424.746458][    C1]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[  424.746476][    C1]  ? skb_dst+0x4f/0xd0
[  424.746494][    C1]  ? ip_local_deliver+0x12a/0x1b0
[  424.746513][    C1]  NF_HOOK+0x30c/0x3a0
[  424.746531][    C1]  ? __pfx_ip_rcv_finish+0x10/0x10
[  424.746548][    C1]  ? NF_HOOK+0x9a/0x3a0
[  424.746565][    C1]  ? __pfx_NF_HOOK+0x10/0x10
[  424.746583][    C1]  ? __pfx_ip_rcv_finish+0x10/0x10
[  424.746605][    C1]  ? __pfx_ip_rcv+0x10/0x10
[  424.746622][    C1]  __netif_receive_skb+0x143/0x380
[  424.746638][    C1]  ? rt_spin_unlock+0x65/0x80
[  424.746658][    C1]  ? process_backlog+0x27b/0x900
[  424.746675][    C1]  process_backlog+0x31e/0x900
[  424.746697][    C1]  __napi_poll+0xb3/0x540
[  424.746715][    C1]  net_rx_action+0x707/0xe00
[  424.746741][    C1]  ? __pfx_net_rx_action+0x10/0x10
[  424.746760][    C1]  ? kvm_sched_clock_read+0x11/0x20
[  424.746783][    C1]  ? __pfx_sched_clock_cpu+0x10/0x10
[  424.746804][    C1]  handle_softirqs+0x22c/0x710
[  424.746826][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  424.746848][    C1]  __local_bh_enable_ip+0x179/0x270
[  424.746864][    C1]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  424.746883][    C1]  ? mod_peer_timer+0x21/0x260
[  424.746899][    C1]  ? mod_peer_timer+0x21/0x260
[  424.746915][    C1]  ? mod_peer_timer+0x20c/0x260
[  424.746933][    C1]  wg_packet_tx_worker+0x16b/0x7c0
[  424.746951][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  424.746970][    C1]  ? process_scheduled_works+0x9ef/0x17b0
[  424.746988][    C1]  process_scheduled_works+0xae1/0x17b0
[  424.747018][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[  424.747042][    C1]  worker_thread+0x8a0/0xda0
[  424.747070][    C1]  kthread+0x711/0x8a0
[  424.747090][    C1]  ? __pfx_worker_thread+0x10/0x10
[  424.747240][    C1]  ? __pfx_kthread+0x10/0x10
[  424.747271][    C1]  ? __pfx_kthread+0x10/0x10
[  424.747290][    C1]  ret_from_fork+0x436/0x7d0
[  424.747311][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[  424.747342][    C1]  ? __switch_to_asm+0x39/0x70
[  424.747356][    C1]  ? __switch_to_asm+0x33/0x70
[  424.747369][    C1]  ? __pfx_kthread+0x10/0x10
[  424.747388][    C1]  ret_from_fork_asm+0x1a/0x30
[  424.747409][    C1]  </TASK>
[  424.747844][   T38] Kernel panic - not syncing: hung_task: blocked tasks
[  424.747861][   T38] CPU: 0 UID: 0 PID: 38 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  424.747882][   T38] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  424.747894][   T38] Call Trace:
[  424.747901][   T38]  <TASK>
[  424.747909][   T38]  dump_stack_lvl+0x99/0x250
[  424.747936][   T38]  ? __asan_memcpy+0x40/0x70
[  424.747955][   T38]  ? __pfx_dump_stack_lvl+0x10/0x10
[  424.747977][   T38]  ? __pfx__printk+0x10/0x10
[  424.748007][   T38]  vpanic+0x281/0x750
[  424.748033][   T38]  ? __pfx_vpanic+0x10/0x10
[  424.748052][   T38]  ? __x2apic_send_IPI_mask+0x1e4/0x260
[  424.748071][   T38]  ? lockdep_hardirqs_on+0x9c/0x150
[  424.748158][   T38]  panic+0xb9/0xc0
[  424.748180][   T38]  ? __pfx_panic+0x10/0x10
[  424.748204][   T38]  ? irq_work_queue+0xc3/0x140
[  424.748228][   T38]  ? nmi_trigger_cpumask_backtrace+0x234/0x300
[  424.748252][   T38]  watchdog+0xfd2/0xfe0
[  424.748279][   T38]  ? watchdog+0x1de/0xfe0
[  424.748305][   T38]  kthread+0x711/0x8a0
[  424.748331][   T38]  ? __pfx_watchdog+0x10/0x10
[  424.748349][   T38]  ? __pfx_kthread+0x10/0x10
[  424.748377][   T38]  ? __pfx_kthread+0x10/0x10
[  424.748401][   T38]  ret_from_fork+0x436/0x7d0
[  424.748424][   T38]  ? __pfx_ret_from_fork+0x10/0x10
[  424.748450][   T38]  ? __switch_to_asm+0x39/0x70
[  424.748467][   T38]  ? __switch_to_asm+0x33/0x70
[  424.748482][   T38]  ? __pfx_kthread+0x10/0x10
[  424.748506][   T38]  ret_from_fork_asm+0x1a/0x30
[  424.748537][   T38]  </TASK>
[  424.748812][   T38] Kernel Offset: disabled