last executing test programs:

10m25.728517218s ago: executing program 0 (id=1):
syz_usb_connect(0x1, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904010001faf40d00090582239f"], 0x0)
r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x800000000000)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
mount$bpf(0x0, &(0x7f0000000180)='./file1/file2\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB='uid=', @ANYRESHEX=0x0, @ANYBLOB="2c6d31f0653d30303030303030303030303030303030303030303031363e00ca068ec7481e9c7d8eefc2b378a46d"])
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1, 0x7fff7ff8}]})
socket$igmp6(0xa, 0x3, 0x2)
r1 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r1, &(0x7f0000000140)=[{0x3, 0x0, &(0x7f0000000100), 0x6, &(0x7f0000000100), 0xc}], 0x492492492492856, 0x0)
close(r0)
getsockname$packet(r1, &(0x7f0000000400)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f00000001c0)=0xfffffffffffffea6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x1c, &(0x7f0000000d80)=ANY=[@ANYBLOB="1800000007000000000000000080000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018120000", @ANYRES32=0x1, @ANYBLOB="0000000000000000b703000000000000850000000c000000b700000000000000182b0000", @ANYRES32, @ANYBLOB="0000000005000000851000000600000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b700000000000000bf91000000000000b7020000010000008500000085000000b7000000000000009500000000000000"], &(0x7f00000000c0)='GPL\x00', 0x28fd, 0xbf, &(0x7f0000000100)=""/191, 0x40f00, 0x40, '\x00', r2, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0x5, 0x4}, 0x8, 0x10, &(0x7f0000000280)={0x2, 0xe, 0x5, 0x80040}, 0x10, 0x0, 0x0, 0x8, 0x0, &(0x7f00000002c0)=[{0x1, 0x1, 0xa, 0x6}, {0x7, 0x1, 0xf, 0x5}, {0x2, 0x4, 0x4, 0x8}, {0x5, 0x3, 0x9, 0xb}, {0x4, 0x1, 0xd, 0x3}, {0x3, 0x4, 0x80000, 0x5}, {0x4, 0x1, 0xe, 0x7}, {0x3, 0x1, 0x6, 0x6}], 0x10, 0xc}, 0x94)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, 0x0, 0x0, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f0000000500)=@raw={'raw\x00', 0x8, 0x3, 0x4a8, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x3d8, 0xffffffff, 0xffffffff, 0x3d8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00', {}, {}, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x128, 0x148, 0x0, {}, [@common=@unspec=@connlabel={{0x28}, {0x7f, 0x1}}, @common=@inet=@hashlimit1={{0x58}, {'bond_slave_1\x00', {0x4b, 0x1ff, 0x6, 0xb0e2, 0x80ffff, 0x84e, 0xfffffffb, 0x18, 0x8}, {0x1}}}]}, @unspec=@NOTRACK={0x20}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @private=0xa010100}, [0x0, 0x0, 0xff000000], [], 'erspan0\x00', 'gre0\x00'}, 0x0, 0x228, 0x290, 0x0, {}, [@common=@ipv6header={{0x28}, {0x20, 0x80}}, @common=@inet=@hashlimit3={{0x158}, {'vcan0\x00', {0x7, 0x0, 0x41, 0x0, 0xb10f, 0x1000, 0x6, 0x3, 0x20}}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x16, 0x7f, 0x4, 0x1, '\x00', 'syz0\x00', {0xa6}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x508)
fsopen(&(0x7f0000009c40)='erofs\x00', 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="2400000020000103000000000000000080"], 0x24}}, 0x0)
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x0, 0x1, 0x401, 0x0, 0x92, 0x55, 0x8, 0x1000006, 0x4}, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, 0x0)
syz_clone(0x100411, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x4074)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="05000000010000008e00", @ANYRES32, @ANYBLOB='\x00'/10, @ANYBLOB='\x00'/13], 0x48)
ftruncate(0xffffffffffffffff, 0x6)
syz_emit_ethernet(0xb1, &(0x7f0000000a40)=ANY=[@ANYBLOB="aaaaaaaaaaaa416cee93a4a60800450000a300000000fd06907864010101ac1414aa00004e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="8c04000290780000080a0000000600004000220f3abc69030300000000000000000303ac0802000002000000000902000000220e54df942f7e09586180bbb068040222058537c8fe04f989003416af759b3c6a17234d4c2152b5ae2e004fddd386c9b64ad6f215535cc63e143334edc421ad322c3793882feede389339787a3cc5a091c2d78de63e8588f086d7fe064934297cc6493b4059f6b47f0a24885d64b52972c0f7c33466e0443655aecd0c9d24145f9b91e33a6d72426d9a7392a5aef4bdd90ec148ff3c9cef291fdac0e72b1e0b2de022eeda0dea51151bd4a7eeca1144bee79d194bd1d1c5af16e6a425a62a17517a2a4ae27f2ddc11283ef134b171d0ef7d97be2374a1d1e0e8668dd95cbe0f964dee5bd0222362674bd2512785371359ab77f54041d847a555fad93730234cbbc423b7cbe0cf05a3a77e4b07b4e8e967f25ca8178615c8599912f7db5d272968271574d90d637eaf10f0ea819fe74262e0e5150abd70ad4a65c8d655"], 0x0)
accept4$tipc(r4, &(0x7f00000001c0), &(0x7f0000000200)=0x10, 0x0)

10m22.3242903s ago: executing program 0 (id=11):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10f1}, 0x94)
memfd_create(0x0, 0x0)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000140))
ioctl$PPPIOCSPASS(r1, 0x40107447, &(0x7f00000000c0)={0x2, &(0x7f0000000000)=[{0x40, 0xff, 0x0, 0x7}, {0x6, 0x60}]})
ioctl$PPPIOCSDEBUG(r1, 0x40047440, &(0x7f0000000240)=0x3ff)
write$ppp(r1, &(0x7f0000000100)="5fa5", 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r0, 0x0, 0xd}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8d}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000540)=0x4)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@bridge_dellink={0x20, 0x11, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, 0x8400, 0x40000}}, 0x20}}, 0x0)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000100))
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000480)={0x8, 0x0, &(0x7f0000000280)=[@increfs], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000300)=[@acquire], 0x0, 0x0, 0x0})
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
r5 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
syz_fuse_handle_req(r5, 0x0, 0x0, &(0x7f0000000980)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000440)={0x78, 0x0, 0xf, {0x7, 0x7, 0x0, {0x0, 0x9, 0x3, 0x8, 0x0, 0x5, 0x3, 0x8, 0x9, 0xc000, 0xa91, 0x0, 0x0, 0x972}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000000340)=<r6=>0x0, &(0x7f0000000280))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
write$P9_RGETLOCK(0xffffffffffffffff, &(0x7f0000000580)={0xa7, 0x37, 0x1, {0x2, 0x10, 0x3d84, 0x0, 0x89, '[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec'}}, 0xa7)
openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
pselect6(0x40, &(0x7f0000000000)={0x0, 0xfffffffffffffff7, 0x1fffffffffe, 0xfffffffffffffffd, 0x0, 0x0, 0x1000001000, 0x9}, 0x0, &(0x7f0000000500)={0x3ff, 0x8000, 0x400000000001, 0x9, 0x9143, 0xf, 0x80000002, 0x2}, 0x0, 0x0)

10m18.722099568s ago: executing program 0 (id=19):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000740)=ANY=[@ANYBLOB="70ffa10010000304000080000000000000007400", @ANYRES32=r2, @ANYBLOB="0000000003120100500012800b0001006272696467650000400002800800050001"], 0x70}, 0x1, 0x0, 0x0, 0x800}, 0x40)

10m18.275284545s ago: executing program 0 (id=23):
creat(&(0x7f00000001c0)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000006380)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000100)={0x50, 0x0, r1, {0x7, 0x1f, 0x3000}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000041c0)="412e450a2a7b9586d1e6e9de257afc4fd60c8de430c0d6348b2cf1db8d070a539de9c1e91a178f9240dbcfe303566018f6c20c55d643a2ed46aaacf49ca491ee2f06184bdb548778a2c56e56f6b40b994419428bbbb9dfa5f9593511ca8ae1c088fb0ee5da72f505000000000000002c04754204f194ae6ceff4570d44496eeffe619998eafc7167d22e1c6aa73e89ad19224e35130a37cf68d5c41ccafe59b4b753a26e06c4306d31d78de6cede97c06e3ca2cc4af66b7548268efa91621ffca2655d2c8f1a9bb019b88fa729cb3d32f72c098c44898d42c42f39feb4faead93980726c236129acdf31c01f1cabb5ca3ec4e45eb5e6e59912792b4976e3f2b560c861d49b539d8e1870040a8cf190a8a767ec067a8048aac53336b44669d3d425843ae80681a7c02a5d5a3d90f355fd4a6ac277e75230d558f0df20cb323cc65e9b5a258cdd669c8a9534e4aff09a8fe89b124748c9e756c28789c2152a5142bc0bb205e339d43bb980b3f04a3c1a424a2a093966b20600a5410e0528fb35937c998eea19f01eaf2f39e16d85563a6737ddab3213ca1832f0afdf891e34a582f6a4ac81fda70ebc3fedac2fb3a492fdb40b91021e5d371d990064cd1f7c2c1a6472dec7505f9a4940057a3e57fd53aa3cd2eb914e073a19b6e925f8553e6875c093c7d19de25861fd9640f0eca4cda0467f12126daa2e0c6df7d4e4babe5a6e59e8391be7700790315b6b8a8aa74cd6d3f054aceaeda79430676b67fe25c9029e0894b413377fc4d8300d9f9338fadd07e4c80cac08113df8971a868458c47c06fff0c1c4bfd48ea583e9e76ef103d42c233b6de10b30612cdbeb6b60a6a4dbbe2da63cc2dd4fb93cac65af3c1279274f4af0e2c5b96e6068aa5b41f7548fb72b0c142351f64446db7425115b89132b5589ee642ebbde655adb2d7d1117456a6e4f2886879b42baf85e05d53e2aceea9c3830673bdc4d081675fe76b994651af9c3f16b7513834fce4654f84558a8308fa677d05bffcc893d9813bf87c5ec520cd66ad58dc06f0c47d253cd36dfec82980fc8dbdcd4b1c037c2b30bef455984f3e8ed19d69e185fe4fbdda2c2517ec9abfbb4841252e650b6bf56fdeca9a4ee3c311de3c6859ec14cc00e95323c57c02fa894d83ea17944f3112fc19a7e11335d7951ec6dd5b4f06fb9b637313a230341ea5da6a7a959e707d0cd5fca60a6649c8df8d6c17e9a49d230e5775df14e4b43aa3420bd0b8814ec7360ab1910e69fab8932f7646d7998bdc2e8ec354c52da21ed83fb7582cb9d37bb95f144974f72c7b0ae7b42945768fa8ec0dd6daba72d05809670506ef1054282201b00906c8af64e3e13a10f180688c96549b2d3d6b04403fd571e7b132891dd4b7cf37aec25ca1e9190c17aaefbc31e059915c12c232fb7097e9fa6f35fbb265c7102db62e2264590c583ea90f1aee3f166af81430d9084eb0c760ebbb16049c9fd1fee6ce33c8ac205e3ac9c275531feadfa4054e0c027c26beb009f54aa72b864d39bb11753f77931bb960276db33021c65671e57b3708bbf979be222e8439d71f58ca87cec7a054517af398a42735b580717377a54f139e2c46813cbb03d98e49c26f4ed54d75e48573cd06145f913f4e313eeee837496dfff75aa722fd8486c45f9c959da12ae48ba4a10712120a203e2476c7b96031d8f8773f68344e6fa21831287655aabbd594e9f272eb1a7315d2d79b8bcd5e63004cd106f80b1e40a5d9e428a01bc58264f4d63c2ee9db6efa70607a642aeb883bf4b9fe009d7f09c16b05a2c9b73573e9019e161ebbdc1fc9b9cd0c5fe1b57adcba2d0f3a767ad59aafa159b3dd181f0601ff95e8af8b5410e56c81ffb8ab35b1e04af35dabf69f08572e69260b72bfd502c5a0de627fd3fee44bf1d4a261bd356056c5739398e3ff161beec1240a089625daffbc61dc5e660c274565477a0ff1797fefff04a98704802ab0674ab72d400686229608cbfd2ca20f4e62495e8b09de9d180c47375bbad72f4474b67d56104b4b466192be60f7aa668fd0a4338b856f114311842ee806d6488ab09098ed9de0e21bcc8b42a5d5713d15eca108fcc7a65d6b414a112524a6e1418644508dd957147a92d4399d13faaf01cacef40549cd11900f9aa32a8333f55796ef25d33c554a308da9797cd0ac25888311b0ac88eff0be7a36ddedcfc2b095abb4d5a6a4edbbad67b70cdf60c7ed0c5e040ced90edb3322ef684332358942ede9191b431c99b3abf8f9c50206479f0ac118c0a99df61fb9c90d846f41caa6a2448fb7e15640965e051c2af4ee72a5cc7c962bacff7019615c10e6c3054e2e5792df3aa6e2c33425552148466a88568cc79b6edebf0107b7d3d24423a665d20c3a1c0f1a6b34eb475bf875912115914cfabcf394f8a096d64e5dc95705074fe5e985497dcf052b9f748b9d4688859c0200fa43719e4722ed6c064c0efa7e07beb2a26fd724b63537fa0eb506365d5c029cd8dce7dd0a1cb9d9058c061739734af6be9e880fe7e28a211a4c368a7babd1107110ecbb384b274cc092b9511c4abde2ddd863162e2739984a9f3c0a76e3c530a27d5e385f4a3b87607b2a944e09d28239661d27719e22c0a657ea383c30859ca29cdb8fbc79bc83e995dcb361743a7e195650c37e570b768a0a1f0b118fa5be9b3c838326343ec5b376d5ee040ee29dfd868cccf9cfa4591151f519cd6e2ae1453a58aa92f90ee5be11ceb8511ab743f399be0a190eeddfd112336866831c3255ef6520d88b2581ea3767f3df01a38d9b4656f2a89c5df41443291a795da45c8a846015cd041bea0dfbe648348b10ae73ce43d9017182792cd9172eee642c549a530cc1f537f9aa70ca63792ba4a86a713ae09b917136e5bf1506ad7f367d8d2f77f47a2318facd109bba9b1327b5db9e4aeffbdcf414db761eeacc227a15cd72aa52c8ede33bdbab9de9aa1e8f470a388013d07f08777e2131bbd4856ab5c1c38d03ef407197ccf24e8b2a8db69e78f9d6623033c453541bb79f9e0be9a55588e2e54fce65fb785467064a146c4bf218068b5e3efdafaf93a98253becaef226cd79468ff1bbe0c9d43877f5cbb5844fd8957f15d3ef208aac11816585cdccf039c36b429d3d7fb634054fd0f09c8abea3746a6b7379142abde26d998ac7e39b94746c60c09f86ddbd7497849d1ef839730672449f35a3c3253666e9fc053ac1c518e44e0b84555be507f7c00fa9e4864b4bf40ac3d93f12001eb780a779e655d0633803268c094ae161a0efd652003d6ac47f9a6c28d866b56233f371627b01e0fe9361dca611a28841968d4e12cb73d49ce08fe25de4a90b2d34607202b20e71f5e1eed38e17d0a2748f548cf61735f4c9cead1cb93b11929d906d65fc60f88e6919b7b5a1014e6d408bce9c8cc832eecf9147708fe451891717d2ed99dee70773feaa97985102abd3dd05c904c28898afe060621db6564887bc4afe158fbe1d819136a1ac1dc9d8674798a93daf5255460b50c34496205834c668db4c764e76ebb6cdaf5fc44b881cc2ae87b4a7cc045143f96b1620abfd0f116e673b335beefdafa1e58d9194e010cb78956044646da5ba853ce981667f2b8e5001c2df437c9d597ccd2be7d2887f5cb7aad0539abb3f9db1c8f5cd4d7d831946ba1c1aa8737c114fec1ac9a82519f57cb48c49b7f62e9eaa89f448df33fb307cd0036c70b490ac340f7d04e14f32bfeebb08a9d5bc7bbef8f231ea09311d4c82cc55c90eb53c6c003cc98a34dd3c4ec2d8b3a655a78e16e908f368733d0a02b36fe963e2d80b5e6f7b2e3aae3013c900c76e4d56e8348bef221f8a642e692c23b12520fb68c793e789eeeceb4efb2097a4d5952d144094cd7be6edc933d257f6230e962d70ba42e1b07ad9eca0ccd60d3d9a6e06b73ccf96a8aa490ed3bd58bf4d79db65355ae145b54be004e464f4dd23fb8b1bf15e13838116083da67186513652608e37c8f847b2bcafb57bcefc7efc8c8182c7d708cce5d14695b4e618e77f8e7be81f27a05e415fd37ac21507a665b2558daee5c0b0859fedfede8c03f181ef5e0ec0da6caa3edf402dd73bcb4026c489a7cca8ab700d3e9f050006c36768a16e8a48e48ed5750b8cdb7ad1fd12d4cc8333d324d6c83905303fa7013fc02553b587544affe38f1a95e0c4c39740d63b6d387fc89b30bd5fd745cb64844b13897ccf5cca135f7d39e03ce8adcda919d86b25b52764b0a0c4f07f88df68868415de13863df84a7e8d355b09cf90e482eb4174fd01f1b371a4dc52f3c89fc3a70c71657aa5d7573ef9acf4d2b0b321c41ff2640515bb43637ba2288ca0bff2e2a3a998ad8294c52f9edfe0a4ee0a3f8ed5b4b5c43319bb9c58dd07ea3237d7bb62cb086e7ea4a81cba2cdeb28794a09c275a704963110b64720bd089e3737ee1a91e348b5e97b63e1724de1fa9f49961d653bbb47b6fa993b035cf59659bcd0306180645162568abf51127845cbe6e37cc3c19b9d69657db4258fa5e8428a73eff6506bff474c2e302ad5559ac8de44c6f0baba5e2e579e7d7f9d9ebf540674432ac11d92bfc9abdc24126888b533f43bd6f293b0bc315915743114a35308a0ee2e710522137918a2b09ddbbc7a2313a2a6b85a1ad26f14dd70072651c8300ddf6de29704b716ce1bc431c66ccc96731f46359a9f6850976c96dcb5e0ee47446f50b6b3ba90d45224066e123ad3854d877c0cdd9325000ac0d6813c30cd43d3e150335601724ca3666458dc4c04f6562296982353e155d5255c9008c0b46d21a678c8fcb3aa8d6574476e0458eb0a76a6cb50f929ed218cc4654cb4f95fb3afbc2548b74acc312563375a19e55d488599488dfed4dd31b39f29ad61dad343dfca3b45b316a34e7a7bebd2b0f562a9e69848d13fc80a4fa52d0f17bd15d9e1fd39a7dcc86128d14493805d105a745673bddea68ca74ac09d95cc7412d5be2cbd0a247a81dc9e148111e22cdf3375805469226ca3538f960a6ba6aa0eeeb87c784ffb1bfc09180a61be3c7c535fc6d593c3b3f4de21b8c3eccc9021e80fb07dce0aeb3b023bd55f24356f646791ba80e5ca21ac092a069ae0a22cfefc08c23cc7aa69b570bd17cce9de15871d363f167288f99f04761caa67f12c949466493f661d39ee4280c955446ff5a9bb14f2d1ae21cdb91a5868e0c52097cf380f571935b140562922763f1b79c3709b949c57a00b08828ce9e685f6b234b5fe3c62d9feb249ce75e81f5efd556c14d5da24dc0554723fdbe52659969a39f470e82c50c4777c908628436e31177af1125d5f70ff627462247e5bc20c47ef75f369174586d43d42f7eefdd47fefa745badebca2a881ccc018ea411cc8a7a0881422bee8704bb98e6bea9fbec63441fb45d7ccfd436909b57a2b60b788e15bda3ca7663b19bd84d0879deb639f10def9a99d42a4b9a4fd7fecbf6d2e7598678307ba9a5b6f143c27cf1ca41e3c904007bb762cd5df6e63c4cf422c2ba959e53bd8e5664cf5df6a91a4bc8cebc52b22f30060fcbc5ead53d38eabd160c1da4cab8aa95c3640ffd78074aa2cbb05cb8ea90a0c95a4a1b2be1ee94f238000f1faffa069d87039f13f5f84ff368aec5a0b10020232b9fc954a6c22573ef48459e574d48a4845837e1d6ef386738ccedd093d4d5bf3a3f790c875ba7449d03397642feb71100f2c25ab2cadf0b0802544a2095a51b19cdece623b17d420b173a99c081f8e229b6de3c680d6bb39bb98b479517d77cca581b81cf856753a44ebd64cff111fb8ca37ea45d217a3fca44a083e6c35b0fed9f8f7631178d15e88f86c85f1ce68c900afdd1f7e5b8bd4ef3f58c447b77d3befc49180df7a5eb2ae8ae33b4ef573f3a425da8a60cde84d8eeae6d6399b9fbbfa0fa8d448b25c7f79b7554d0b02b0decbc74ae8560f630af596313fb33d442a410061ace0aa7a440d5e31ca8bb2cc495c4f0b672edb011b0c5f16781836df7f4af8329143d5a1a99d7b18ef9f774c4199d635848cedebac82637a03a189c65bf667503737c75b6639ac65ad424ca475285437e6f19830b36549f607ffc387c8b11a34a838159376a6335afaa045bd2bb04e279dd72436331d07dfbd72e2436b27f0df23a266fd15cf56d1a9e93aaac8901cfe49a3219ae36c5c65c75e5c708fb82cac4d6a50726509ec3a7d32d54cf584ae353a5bff75a6de77a0b240cf8a0a72817c9d37699ca89c96e0e0d96a7665ac3a7d1febca1a1d79e2cbde8025c271360e2f90048b2d9fd56f45c013e001dad4b7785be69dc01f8a954ef7a84455986fc5c9d5167d91808efdb4476ed79f99563d887cfd4e99809d9e388501dea228cbb3cf3770082dc566455251fd9c2c742963c33500618c6ec99e0bef007408a0462a081237be4c6e5db0258d4be5fc9cf63fd1ace1f4166c053b0fb84fe24917da1255cf40bbb1b45644f6a7699cf802a35a932c374b1d62013e6afca3787627469994c02f622ab877ed5491fc2a89eea60e4e1628da89e3ad600ff6442e4ebf20e47304176b6a1703c094b3cf6d7fbbddd8d8fa5a00f28b4d8f43d88487e9d4531071512f2027198714a8d1cef126775547fc74f2a35840510f325e50361be76557767560055e084f2ecaefa0dd8ca8215301a7a887d2eaddaeb1f5c3dfdbd2cc1ba5f02d4426b98c0f861c5f724405758f442560ea6cd1d953456cc4aac6642ad61c03dbaffc2364d8ec2ef9f483c70355139d1fbd9617ab3c7eedf0b8963c1cfdab769180db43c416a90d9fdf3fd0eb2f81187642b4e2a09d6462d27527fdfda31f7b262501749dcfc6c184983f9923424131d05cc811cacf5c2c87e8e6f135349e68cde0e8997bf1dde248e5124d5dca2681abdbe58d327a8edd585821f03fdd4515728f1336495ba25c9bba56a3f706d60c35cbd0b40d0ac0583a981f9af08510ed8ed0a726e5472f8995af3837fbf1e89587633d2ef944868a153919165778e963710872af12faf96c0919c638e5affa97104471ba6e178d27602f96b9546ebe52190d91be245be08742b96389080676a566d3229e593e4f56a76ae4c58113c6adc1088703b1b92dafe32a5600e14ac1e71df829dfef425911f16a2b91f693599ecabf93065c6c4f5fefca8d4ed095599113529f65d9120d5252f577af95b404979508c343df54e4d239720e7d3a861f1dcabfa69e12d655c8a026c10a4df279b139fd222e561d205ac9b45c1054f8699eca594fb23886e0de565186597766dd5e40f74a423d5708dac254f4172f1089270988fb18715813f13ee4d131b64dd517c7e77f27f804b229f5339ac2f483b14739ac33a9645044d3010bd77ed18fb117f7b11bb51c4ed683b59e28bf25a58f123dfbeb1f0f21f03d9b57d8e61d59b311037a5b757b03ca5c95e0eb73922c6918530c99de4d6733640f2b8d13bebce31d4f5e27aab201101e48cde23a0d7e87b9511949d812e3187ee5ff11bc5858c022ed7b00790eba32f9ef7e134ce5f73a01269ca971b40e62133eca9d596a768686d6390b2c74602f6dc597faec3ed9d9658102d99c9624c1a97d00d63853578afaccc7e30a77fe054ebc23eec45f608f996fd015cd6bd50a111360f0790eff6ffb1ea59d13c8e29480bd96217188f97e53a1f5d9eae0a2badb4fea52f2bb4f8cb04d0afd99e7371a978a7d7ef473f77ea6738ff84af655313a12db24cff692ec7e282245ae9a42338db814593448f7115df3dc3f4e2faa2c2fdbd68f679d6aba01a15031347bb17d8bf8f1fad0ecf365e9dcd32e69803c5c05f4b47adbf8a21af7e9fb327f267df1c914486389a9820edf0a03bde6ef388c255761e439b2f7e1f9c1c3c95bd30c502197ab37f76b52f0d0675f366e919be19329853767bba34a540fb75bcdcc9596a4cda254a660e11bed5af9d8646ac4b7d6d7aa5d7c0005879b6d08058a56c3d3a4d3d401b883153fa7f2f6a6d34dd010f6b9e7b4e457b9ff5a5802d7723abb35f9dca0afc10f6791824dbe0a7725d534e7753445b7268d90145b6438b93fc475f44d5d678d79da6c5770f3a9106f3cffbabe4b88cbe7eda9b8a495be4f6717b0fbee6fec78c86031b6d878d47e357b2089de3e6dd19a265552553d1f7da53884ef84d0eebe782791c48a9c68a28d8ea3bb70c922b01dc20b2cd05cfb276e326651398f766f5faaea54a41da597cf6b50f3d5ebc634185b99069126b8d935c6bc42c47f2109de42091ef4ade3d87cc44aeb78709255501e64f34ac2d4b2725cf7777315f8ca9424bc9d61a896a93500faa6cf5a5aee1fb888e17b47a38a667be2ffa3bae46afa88bfd8b5b6e1186d6e41b9a4e490591043372c23f36fb48d80caff74cc349adc92bb25f701738c809ccf74c47afa193795ee67bc58ea7fd85542fa7e70218490fff212163401cfde016df2f42496bae403d5391e53fe200f758bbcdead0fe72c77861889b9632a257229c35bdfe8fa78375b4f5c768b9c60cafbde1f00aff6ca1879f6472f28001f5f13d4d9d6c3a90e04d8df09873550daa8262d39efbe96a79c697fbcc9a7f27c9f6d782d5d5f6d024b291376e9cc40d902f809072e1f0f2c2ab88ce3d074e88461f5971853e7be749943ab6e25e25e8afa5042dd73407f49b50841c7782c54eece62ec2beef1f16caf1ca5989427bd2726ca0fee33e303702e9892e4382e92c3f3a03a6188f39762db81819c7e12b424be8fd964dcdbfbac00139e8c5a6200506f13f484ac34ef3d26e7cadd53cf402117419c1618205bfa5382486094bd55448f2b1aa4dbec2289189b601b1bbf5792b2a641c6f5dd19cf24abc72fc5264cf11f6b44a4929267a02cd1de1b602b9de65a6c06640aa0f76109baa90d66eeb17295b1711365b7d6835a2dd55b7fe868c59453613240643c847a5b48d27897a58dda63e579c1bba58350550e147b190f0a2c9a5ce719d627ce3302028b4b6801bbfa8cd74874ffba35817c0eca034d19210950796807125fe6065dcd47d7c870ed2db5c00cff235e4154e2d89ec2a09a87551f9b7ca25d519b5603c0c33d2cf72878199ffab567fc5e093529b89d1163587f3564ba8291d2d96cf9762e7f568e786ea90849f6312c1a10f45d61600cd45c48e6870a7d76c913f9c4497374fc04401cbd11f7710740148234fe8f041f24d0278fcfd48846e6aa49f05016fc332dc5d46b4a26574fed5c0751cebb9f7ab4cdbc1ee011d82d6ef95c52c9df8eedac3ab5cf30805f23d88d4f707601f8e6c606b58f2fe234e948d6756d430a5c4ec76a33874886c8fb484059b47a9bd198a61a1896419288a9e81d0969dec778a53e8233f0f63bd0134e5f29825e7817e7c8ccb7d9acd8f86ac9d3af78c43df3036d7934dd294f2bb12063bee52c547d27a218145befb0ca96cbfaabd39fa245b51c39f4cd4cf8db105f9dc46a7aaa8f7d06fa208120ce1ac49326179618fa2c8596c44e174eb7a141056b1d17689c10dee089c8b0867b8a757ae12251bbd68db5fba2be341275fb6ee379309f5cde9b31242b0b2bac44da74776fac141936bd96e3177161f057c820a8c22cca8cce29b158eb55aed0260253fbee70a6dd281d9fca23e0b0a38d46c76a95e1262f1cafcf0fc37b52e649a1ba1e2c0f97d10bbf4d2b5632cf340bce56736071d5885ec9b4e17910744d3e63e2ca6deb21e43fc21e89c6865d3ad424ef4a14efe8843ff3168c99ee395400dcc8755719d290c567c95a5e7d28ec1190ceee240084d444265cc801cd960f69b368359bbf06b8a4ec23b47c7bf9d4b16c701a1c4fb9e81abb55bf49d450b566ce03de939fc6f5c51291380086f8c995cdd4fa15a325601c4846a69f15c77f55c900270bc9ea5f406480cb0e3e89bc869fe8b7cec4fbef7e76283d50c25ab1b4d34d093a7df062990a925a9c44aa2661abd7d381a4d6cdb64821ef624dd51b72e99af914bca2f80c25b82ac6945df7c7582e6d0ce2cd073e35f1fc120a68ba210410db64592a9aa319b30f2b818c495750e1cea0610e27d52be31e52e501a3bd51b501bc51c2ec8592f679b6e55b9aa58d513fd2bebadc83ba76eb45e5676f130193e9a666b8c8132c9f5141681fbab324b555c5c890d488ac2dd00feead0a20fbd8a46391438e3193edc6fb89161cd864fca98f4f39a2893c933dcd13bc8c5d5a548d24862e8161c0fad7f33aca8c86791d620815fe3f0daddb5defd933d0c10097a7a98e67625420b6c0db7c3e17ab07ea64e6f0f53fdc670799e06a2e3a871d6be363a2639e35339361311e0f528cc433eacea4f79bf217108c7b1d657840253ffdea18bdd1f93cdee63e7a9b8dbcb4ee06162b253e09ea0641f2771bd9823dd210905e9ea495f43194bb471cdeb690e8890b03b50835d53dde1b572dd123ccc8507bb57a45e46c0efb8fb3d5596bddf9782d86dd911636eae2cf64b5829cf8893faf789be3fa22859accf688f5b5da6c29cacc96d477e23b63cc934f685b6e42e1655c9a9b94d6d78402de22b8d9776e3915391aa258e57467d770d65480ba2f6a94b0337965a8c659c42b4e90b14da4697d0c0a6d74774c94c52d8ecb694eee747bdaa6c3a6d60739db18c6446090eebba72e62ab88b0e8b88e728ba8cb133d8524eda89a2bff1c8414da3edfa6f83788331c8a7e5a8af2dd3682d4752190a3c689949abdad8350111373e7fb46151f54a10f79d91940e37efb05f9f157bddcfacf018b65a38ab614807c34a2786af4a1d48c4d1c1abd31815715f9d1b103992207fc664f12c82fd923c57d8e7cfb9f4af55182318d055c704865cf484206d60e34cf7fe9b6ce60b1772c5c7cdacb6695227d80da18ec1f98a434b1aaf9c6b6d082f5663aed2bf267e559dca6b93d3ce34273846fc677f529690482df0a8f782b8ad7269f344f5f2b4d320a7ce2d2fa02284f8db634dc930c3e2b9a629245364acf35d41e9a14c88efde4e742ef1ea4b43d0caf2e70d4a617278823e6403934524debbd933e7676e441a48f630dc8bcccd55d9032d6bf3dea97d1669c39fb865b0e619eeb3f5461e517000f5aee3ef2abdb87d3a76b88e140eb4644a9fbddbdc9e20972cdfacf00bffa3a1ca5f84122c2ebc54067cdaa23967eaeb7bbbfe44e5843382b834fae1f62a066688595e4ee67c7ff9858672355abf7893ebeb4bcf88a62b2237c6e6cec9aebe3f28bfc310ced3a590e88d4bd0f53289206deb9addbf6f3c02115ce4980dadfc112683ae250c2d438fd9c0f2a090dbf122a0072828db798bdb868dcd47384dd3f5eeebc0307a5b268683cd51f312e8f02b5a7746b11a97ac43287d9b9765f03c720503cfe6e0117660a4c00d67895224c4d42b032000a10d7a743054758a8f54941fd5eaf72498b678d1579b3de4e5518f90f1e3d32517d09d7f5da9d180215e66218e9dd64036819cf12638ce82712a6cc79a9ddb36e86814b797d72c2bc58b18ba439e99965f745b4fb7de2878e3186e3e7b835c746b0935f6c67e92e3770bd8d5eb4f66d8175ceb7850e418c55e574db891639aa77fc62bc45dcb734681ede8484d4d4109a9adb8c3d00", 0x2000, &(0x7f0000000e40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f0000000740))
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000003c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010027bd60000400000007000000080009000200000008000c00a80a0000060001000700000008000b"], 0x3c}}, 0x20)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x24c01, 0x8)
io_uring_register$IORING_REGISTER_BUFFERS(r4, 0x0, &(0x7f0000000440)=[{&(0x7f0000000200)=""/139, 0x8b}, {&(0x7f0000000340)=""/227, 0xe3}, {&(0x7f0000000540)=""/255, 0xff}, {&(0x7f0000000f00)=""/4096, 0x1000}, {&(0x7f0000003100)=""/4096, 0x1000}, {&(0x7f0000000640)=""/254, 0xfe}, {&(0x7f00000000c0)=""/29, 0x1d}], 0x7)
ioctl$sock_inet_SIOCSARP(r4, 0x40806685, 0x0)

10m17.356098744s ago: executing program 0 (id=25):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, 0x0, 0x0)
msgctl$MSG_STAT(0x0, 0xb, 0x0)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x40000000c6302, 0x0)
r3 = dup(r2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000007, 0x38011, r3, 0x0)
sendfile(r3, r3, 0x0, 0xffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x2, 0x2}, 0x0)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x14, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f00000002c0)='kmem_cache_free\x00', r5}, 0x18)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r6 = syz_open_dev$MSR(&(0x7f0000000340), 0x0, 0x0)
read$msr(r6, &(0x7f0000048040)=""/102392, 0x18ff8)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x10)
lseek(0xffffffffffffffff, 0x1, 0x0)

10m2.201455618s ago: executing program 32 (id=25):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, 0x0, 0x0)
msgctl$MSG_STAT(0x0, 0xb, 0x0)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x40000000c6302, 0x0)
r3 = dup(r2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000007, 0x38011, r3, 0x0)
sendfile(r3, r3, 0x0, 0xffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x2, 0x2}, 0x0)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x14, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f00000002c0)='kmem_cache_free\x00', r5}, 0x18)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r6 = syz_open_dev$MSR(&(0x7f0000000340), 0x0, 0x0)
read$msr(r6, &(0x7f0000048040)=""/102392, 0x18ff8)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x10)
lseek(0xffffffffffffffff, 0x1, 0x0)

9m22.890139386s ago: executing program 2 (id=121):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x19, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001200)={r1, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f07df33c9f7b986", 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

9m22.523623422s ago: executing program 2 (id=123):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_SET(r0, &(0x7f00000028c0)={0x0, 0x0, &(0x7f0000002880)={&(0x7f00000004c0)=ANY=[@ANYBLOB="20000000101401002cbd7000f9dbdf25080021"], 0x20}, 0x1, 0x0, 0x0, 0x40000}, 0x24001850)

9m22.468729993s ago: executing program 2 (id=124):
write$cgroup_pressure(0xffffffffffffffff, &(0x7f0000000040)={'some', 0x20, 0x0, 0x20, 0x6}, 0x2f)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fed007907001175f37538e486dd6317ce2200102f00fe80000000000000875a65059ff57b00000000000000000000000000ac1414aa35f022eb"], 0xcfa4)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000000)="1400000010003507d25a806f8c6394f90324fc60", 0x14}], 0x1}, 0x0)
r0 = socket$kcm(0x11, 0x200000000000002, 0x300)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x6, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0xfffffef2, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000003c0)=[{0x0, 0x2, 0x0, 0xa}, {0x90010022, 0x1}]}, 0x94)
close(r2)
recvmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r3=>0xffffffffffffffff]}}], 0x18}, 0x0)
setsockopt$sock_attach_bpf(r0, 0x107, 0x12, &(0x7f00000008c0)=r3, 0x4)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x90)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fed007907001175f37538e486dd6317ce2200"], 0xcfa4)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r4, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

9m21.21241042s ago: executing program 2 (id=130):
socket$kcm(0x2, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x50)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="240000001000010700000000000000000a000000060001002500000008000a00", @ANYRES32=r0], 0x24}}, 0x0)
close(r0)

9m21.123593779s ago: executing program 2 (id=132):
mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x1c, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30)
mount$bpf(0x200000000000, &(0x7f0000000200)='./file0\x00', 0x0, 0x206002, 0x0)
mount$bpf(0x0, &(0x7f0000000180)='./file0/../file0\x00', 0x0, 0x24000, 0x0)
mount$bpf(0x0, &(0x7f00000000c0)='./file0/../file0\x00', 0x0, 0x100000, 0x0)
mount$bpf(0x200000000000, &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x8b7848, 0x0)

9m20.998416422s ago: executing program 2 (id=135):
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x4c, 0x0, 0x0)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x2000)
ioctl$TUNSETNOCSUM(0xffffffffffffffff, 0xc040ff0b, 0x110c2300fe)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)={0x30, 0x40, 0x107, 0x70bd2b, 0x0, {0x1, 0x7c}, [@nested={0xc, 0x142, 0x0, 0x1, [@typed={0x8, 0x7, 0x0, 0x0, @ipv4=@loopback}]}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x80\n'}]}, @nested={0x4, 0x2}]}, 0x30}, 0x1, 0x0, 0x0, 0x48815}, 0xc020)

9m11.337949514s ago: executing program 3 (id=183):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={r0, &(0x7f0000000500), 0x0}, 0x20)

9m10.3294904s ago: executing program 3 (id=185):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0a00000004000000040000000a"], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000580), &(0x7f00000004c0), 0x1000, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x2, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10)

9m10.062908654s ago: executing program 3 (id=191):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001780)={&(0x7f0000001600)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x5}, {0x0, [0x61, 0x61, 0x672578b8ec83f6aa]}}, 0x0, 0x1d, 0x0, 0x1, 0x4}, 0x28)

9m10.013028721s ago: executing program 3 (id=193):
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='mountinfo\x00')
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
pipe2$watch_queue(&(0x7f0000000140)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80)
sendfile(r1, r0, 0x0, 0x7ffffffd)

9m9.814275677s ago: executing program 3 (id=194):
mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x1c, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30)
mount$bpf(0x200000000000, &(0x7f0000000200)='./file0\x00', 0x0, 0x206002, 0x0)
mount$bpf(0x0, &(0x7f00000000c0)='./file0/../file0\x00', 0x0, 0x100000, 0x0)
mount$bpf(0x200000000000, &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x8b7848, 0x0)

9m9.57197882s ago: executing program 3 (id=195):
syz_clone(0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffffff, 0xe0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r0=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0, 0x4d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, 0x8, 0x0, 0x0}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x7, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', r0, @fallback=0x21, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, r1, 0xffffffffffffffff, 0x0, &(0x7f0000000500)=[0x1], 0x0, 0x10, 0x3ff}, 0x94)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={0xffffffffffffffff, &(0x7f0000000500), 0x0}, 0x20)

9m5.764122397s ago: executing program 33 (id=135):
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x4c, 0x0, 0x0)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x2000)
ioctl$TUNSETNOCSUM(0xffffffffffffffff, 0xc040ff0b, 0x110c2300fe)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)={0x30, 0x40, 0x107, 0x70bd2b, 0x0, {0x1, 0x7c}, [@nested={0xc, 0x142, 0x0, 0x1, [@typed={0x8, 0x7, 0x0, 0x0, @ipv4=@loopback}]}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x80\n'}]}, @nested={0x4, 0x2}]}, 0x30}, 0x1, 0x0, 0x0, 0x48815}, 0xc020)

8m53.302605209s ago: executing program 34 (id=195):
syz_clone(0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffffff, 0xe0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r0=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0, 0x4d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, 0x8, 0x0, 0x0}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x7, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', r0, @fallback=0x21, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, r1, 0xffffffffffffffff, 0x0, &(0x7f0000000500)=[0x1], 0x0, 0x10, 0x3ff}, 0x94)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={0xffffffffffffffff, &(0x7f0000000500), 0x0}, 0x20)

7m10.598500546s ago: executing program 4 (id=485):
ioctl$DRM_IOCTL_MODE_PAGE_FLIP(0xffffffffffffffff, 0xc01864b0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x3})
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x0)
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
keyctl$instantiate(0xc, 0x0, 0x0, 0x20, 0xfffffffffffffffd)
add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)
openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_usb_connect(0x2, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000fdc01a40f30c74933bbc0000000109021b0001000000000904000001a7a00f000905", @ANYBLOB="e4265f"], 0x0)
r0 = socket(0x10, 0x3, 0xc)
write(r0, &(0x7f0000000040)="effd00001000ff00fd4344c007110000", 0x10)
sendmsg$IPVS_CMD_NEW_DEST(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000003c0)={&(0x7f0000000200)={0x70, 0x0, 0x800, 0x70bd25, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x3}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x1}, @IPVS_CMD_ATTR_DEST={0x14, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x40}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x80000000}]}, @IPVS_CMD_ATTR_SERVICE={0xc, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'lc\x00'}]}, @IPVS_CMD_ATTR_DEST={0x24, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_PORT={0x6, 0x2, 0x4e23}, @IPVS_DEST_ATTR_TUN_TYPE={0x5}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0xc000}, @IPVS_DEST_ATTR_TUN_TYPE={0x5}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x200}]}, 0x70}, 0x1, 0x0, 0x0, 0x4008000}, 0x80)
socket(0x2, 0x3, 0x100000001)
socket$nl_generic(0x10, 0x3, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
getpid()
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000400), 0x2)
r2 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
r3 = syz_open_dev$dri(&(0x7f00000008c0), 0x1, 0x400)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r3, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[<r4=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r2, 0xc06864a1, &(0x7f0000000d40)={0x0, 0xfd43, r4, <r5=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r3, 0xc06864ce, &(0x7f0000000340)={r5, 0x0, 0x1, 0x0, 0x1, [<r6=>0x0, <r7=>0x0], [0x0, 0x7], [0xdb7, 0x80000002, 0x2], [0x0, 0x0, 0x1, 0x1]})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000140)={0x3ff, 0x2, 0x806})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, &(0x7f00000002c0)={r6, 0x0, <r8=>0xffffffffffffffff})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r8, 0xc00c642d, &(0x7f0000000400)={r7})

7m8.329428651s ago: executing program 4 (id=491):
r0 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r0, 0x107, 0xf, &(0x7f0000000000), 0x4)
sendmsg$kcm(r0, &(0x7f0000000580)={&(0x7f0000001240)=@hci={0x1f, 0x0, 0x3}, 0x80, &(0x7f00000001c0)=[{&(0x7f0000000540)="0204f80500000000000000ac9e0a881104ee1606d4b8bf4a828bda305775c4384ee84400"/53, 0x35}, {&(0x7f0000000100)="126873159fca3fa38fb198e9a6b363ceb3e6d803ab766b7a38e451d14e0b3457474fe6a51671e4124fcea96a873b10996816e100ed8a93b0a9053db57d60973369f58551c3091cb88d3b", 0x4a}, {&(0x7f0000000080)="088d85d1f4f8220aee8de7932b326f8a3164ae439862807a1589836c736d2341", 0x20}, {&(0x7f0000000480)="542067461c0283c3b5b8682c0fc88dca4f1f1d5ee73d8b1d391a546bb8cbef82579696c965a45ad73818c73e912b86fb84579cb1e0f2ad03c72885ec2d36ec287d2fe0a5aecd0780677264e194783f5998daeff375f255b121d7625fdcb6197579bfd523b30c38cb7450bb79c380a0bcd825ef097c70b2d8e952ed0d3d56445d9bb181cedf7916a0183ac3ef539e26ea82a83638d452acae2cd65186224fa0479c4c0c27956241ac12c3891287213e1bfb8e548efb401e", 0xb7}, {&(0x7f00000005c0)="b72abab9439ca41f5cf14d6435575ba774ee5f5c23ff2f5176f5773d08a15668ec280cfe4ea416cf769dbf978a8191bbe006e0da50029176c0f24e3ff4d3e895a2afbf52cef2fe1ca31edd842b126ec4be67e6e3624b9ddf806fc146c645ec1d37fe7e3b025c156d5d520104b53f7fb2af436201cfd5dca170edea5a190e4786bfaac544b60f514d7ef420526c467f14790dcfa5ab915d7dbcdf2765bbcad014c991f8b829c79f53586de79f0b987ad796f9de4a6e53136a07a39ab1f5a2ce30aded70a9b72d1beff7e8b6405fd6331e5635ee71e809be2d58f412dcd7b2e856d692dbfed19045ff13244acce351b6e450395568063569c71ea80a04f83fbe6ad1d0862fb97f816576c4844da65d751ee1fdc522ae1158670de297cdb2117bc0adc1486e016a6bcc922a162fce6a9ecc8c42b0c44c566004eda037864e5f339bbb0998cdaf2b8e49ae003659bc033668f7c8e550197ed95c420461254ba1883dbd9403672d579cee85c37f103ee9a350a768286017158784baeb063c8c684b91b022b0db2238b679092a1f6909f0cd9228500e088f5cc7bac4c0dc56e80fedac93554aec79715ce02e8bf3fcbd70382f619bfe3dcf06890d8542022ee58bdfb075d319c9fc8474cadc8de5c3dd3f682d3f68324d0af7a727064053ad84c94643eef190783c616467628f84620044c084b80e3e57bfcdf293c9c36b4474a52398b35e49e2ad4a4ac090bffc5cd27d3c69b4ae5f841d5b0766ccd36d25eb58d8f01621a05744b79ede39019ab9d7a1946353d8f3b7f833ce1a102a8c97a9e3f32138ffafd305448f2518ccdb7eef594a890eaeaff3f876f742fec22669a97085ed93b18228ecbe9e354e8f69967ca749fd2b1cf026665ca912e3fc0188b294519078b46676052de4fe22798290bd1e232c9791fc01ddb4ae776b5769143df2867042e8a3ddfa8e786bd8a244076956d4ab137939ad381650dd4fefd2b942a98d6f2edfd7019ae473e7608647b86d643e8ff3d7d4e89ed826e4b8c6e8fed224c528d805ade85c5b45261b2692c0f403dec050bd973b0999df214689f4402dd1598a16b0c7671e5e204a00b06376ddee7cb99292a8b835c0b451642b71f2ffa1aeea56255817b2384bfe4f8213ccfc1f762f250592896102e5f6d34cdd726bc0f86af52fd7c4483d32e23e5af770e960c7445b8e67b6086f0cadcd22d0d4bdadc31b5a94dd687379dc6e078210ccc71f8e67eb58d330394425ab17e55d1ca8f868f6bf738af291d2293c3dfa2ccff25061ded22878b3cc6532d19e5a00d1f0f1b9de35305fac2c6cfd5d77a2b02618735b7d392738bd5cd3eabb7039c790a9f193913f16e06605d405d6a0cf0011a2e5f935d8563fef1722692dd266c3d320b9f5eeb2a4b2f72155522f0ed72ff1efa0b6ee78e70d3d45241609e7f87d7bcfe1af71159baa11ad667a0ead3986b2b06500ba2615ee966ea86ca68d02de4802bd9ef18dac5ba53ca98b90df49ef4e3268ceee538973620e5a60513ea330989642626420b67dceebc569478657aedeb62c45b079348796923ad1fba5a99e6b150cf97ba2a570150053309c6dca7fa352fa1678c9b919fbc47ae0a84175a7fc25a00fa5888cb017e8d8225fadb29e34bd3c5bbccfb22a83255fec3967c991d5b3e6719ade82fb7ef85c8a4b", 0x4a8}], 0x5}, 0x44050)

7m8.159879956s ago: executing program 4 (id=492):
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x20000004)
timer_create(0x0, 0x0, 0x0)
timer_settime(0x0, 0x0, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x20000024)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000000000005000000180001801400020073797a5f74756e00000008000000000018000380140003801000018004000300080001"], 0x44}}, 0x0)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0700000000000000000005000000180001801400020073797a5f74756e0000000000000000001800038008000400000000000800020009000000040001"], 0x44}}, 0x0)

7m7.876338417s ago: executing program 4 (id=493):
syz_open_procfs(0xffffffffffffffff, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
gettid()
r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000001580), 0xcf53b91a6f43f8f5, 0x0)
pread64(r0, &(0x7f00000000c0)=""/70, 0x46, 0x2b)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x9}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000d80)={0x60, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x33, 0xe, {{{}, {}, @device_b}, 0x0, @default, 0x1, @void, @val, @void, @void, @val={0x6, 0x2, 0x9}, @val={0x5, 0x3, {0x9, 0x9, 0x4}}, @void, @void, @void, @void, @void, @void, @void}}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @crypto_settings]}, 0x60}, 0x1, 0x0, 0x0, 0x84}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x2, 0x2}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
mount$afs(&(0x7f00000019c0)=ANY=[@ANYBLOB='#'], 0x0, &(0x7f0000001a40), 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
read$msr(0xffffffffffffffff, &(0x7f0000048040)=""/102392, 0x18ff8)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x10)
lseek(0xffffffffffffffff, 0x1, 0x0)
pipe2(&(0x7f0000000600), 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000700)={0x18, 0x5, &(0x7f0000001c40)=ANY=[@ANYBLOB], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
rename(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000c40)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00')
fsopen(&(0x7f0000000280)='9p\x00', 0x0)
r4 = gettid()
process_vm_readv(r4, &(0x7f0000000240)=[{0x0}, {&(0x7f0000000600)=""/166, 0xa6}, {&(0x7f00000006c0)=""/209}], 0x2, &(0x7f0000000040)=[{0xffffffffffffffff, 0x3}, {&(0x7f0000000140)=""/88, 0xbc}], 0x2, 0x0)

7m7.437474595s ago: executing program 4 (id=494):
mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x1c, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30)
mount$bpf(0x200000000000, &(0x7f0000000200)='./file0\x00', 0x0, 0x206002, 0x0)
mount$bpf(0x0, 0x0, 0x0, 0x24000, 0x0)
mount$bpf(0x200000000000, &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x8b7848, 0x0)

7m7.246547917s ago: executing program 4 (id=496):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000c40)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a3100000000090003007379"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a3c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc4c0000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000020000380100000800c00018006000100d10300000c00008008000340000000022c0000000e0a010200000000000000000a0000000900010073797a31000000000900020073797a310000000014000000110001"], 0xdc}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETSETELEM(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000002f40)=ANY=[@ANYBLOB="40000000210a010800000000000000000a0000010900020073797a31000000000900010073797a31000000001400038010"], 0x40}, 0x1, 0x0, 0x0, 0x24000801}, 0x8000)

6m56.964957233s ago: executing program 6 (id=523):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x10, &(0x7f0000000140)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x2}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@call={0x85, 0x0, 0x0, 0xf}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x40efe, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r2}, 0x10)
sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000009c0)=ANY=[@ANYBLOB="2400000001040102000000c9fd0000000000000008000340000100000500010001"], 0x24}, 0x1, 0x0, 0x0, 0x100}, 0x4014)
sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000b80)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000000b00)=ANY=[@ANYBLOB="20000000010405000000000000000000020000000a00020000000a2d5c"], 0x20}, 0x1, 0x0, 0x0, 0x8010}, 0x4000090)
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x8e, 0x88, 0x5, 0x20, 0x8086, 0x9500, 0xb6d8, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x1, 0x0, 0x0, 0x15, 0xcc, 0x1c}}]}}]}}, 0x0)
r3 = syz_open_dev$I2C(&(0x7f0000000040), 0x1, 0x2003)
ioctl$I2C_RDWR(r3, 0x707, &(0x7f0000000340)={&(0x7f00000000c0)=[{0x1e, 0x6000, 0x0, 0x0}, {0x6, 0x0, 0x0, 0x0}], 0x2})

6m56.6343664s ago: executing program 5 (id=525):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x42202)
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0)
bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5)
socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x20044000)
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
madvise(&(0x7f00002e5000/0x400000)=nil, 0x400000, 0xf)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r5)
ptrace$pokeuser(0x6, r5, 0x388, 0x41d9fda7)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f00000000c0)={0x200, @time={0x5, 0x3ff}, 0x8, {0x0, 0xf9}, 0x7, 0x1, 0x2})
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, 0x0)

6m52.915381397s ago: executing program 5 (id=529):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xf0667000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
syz_emit_ethernet(0x46, &(0x7f0000001cc0)={@local, @broadcast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x38, 0x65, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0xb, 0x0, 0x0, 0x3, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2f, 0x2, @broadcast=0xac14140a, @multicast1}, "040022ebffffffff"}}}}}, 0x0)
socket(0x10, 0x3, 0x0)
openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)={{0x14}, [], {0x14}}, 0x28}}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x0, 0x0})
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x23, &(0x7f0000000000), 0x0)

6m51.648220803s ago: executing program 5 (id=530):
syz_open_procfs(0xffffffffffffffff, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
gettid()
r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000001580), 0xcf53b91a6f43f8f5, 0x0)
pread64(r0, &(0x7f00000000c0)=""/70, 0x46, 0x2b)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x9}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000d80)={0x60, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x33, 0xe, {{{}, {}, @device_b}, 0x0, @default, 0x1, @void, @val, @void, @void, @val={0x6, 0x2, 0x9}, @val={0x5, 0x3, {0x9, 0x9, 0x4}}, @void, @void, @void, @void, @void, @void, @void}}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @crypto_settings]}, 0x60}, 0x1, 0x0, 0x0, 0x84}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x2, 0x2}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
mount$afs(&(0x7f00000019c0)=ANY=[@ANYBLOB='#'], 0x0, &(0x7f0000001a40), 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
read$msr(0xffffffffffffffff, &(0x7f0000048040)=""/102392, 0x18ff8)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x10)
lseek(0xffffffffffffffff, 0x1, 0x0)
pipe2(&(0x7f0000000600), 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000700)={0x18, 0x5, &(0x7f0000001c40)=ANY=[@ANYBLOB], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
rename(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000c40)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00')
fsopen(&(0x7f0000000280)='9p\x00', 0x0)
r4 = gettid()
process_vm_readv(r4, &(0x7f0000000240)=[{0x0}, {&(0x7f0000000600)=""/166, 0xa6}, {&(0x7f00000006c0)=""/209}], 0x2, &(0x7f0000000040)=[{0xffffffffffffffff, 0x3}, {&(0x7f0000000140)=""/88, 0xbc}], 0x2, 0x0)

6m50.811783091s ago: executing program 35 (id=496):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000c40)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a3100000000090003007379"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a3c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc4c0000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000020000380100000800c00018006000100d10300000c00008008000340000000022c0000000e0a010200000000000000000a0000000900010073797a31000000000900020073797a310000000014000000110001"], 0xdc}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETSETELEM(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000002f40)=ANY=[@ANYBLOB="40000000210a010800000000000000000a0000010900020073797a31000000000900010073797a31000000001400038010"], 0x40}, 0x1, 0x0, 0x0, 0x24000801}, 0x8000)

6m50.770957292s ago: executing program 6 (id=532):
write$cgroup_pressure(0xffffffffffffffff, &(0x7f0000000040)={'some', 0x20, 0x0, 0x20, 0x6}, 0x2f)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000000)="1400000010003507d25a806f8c6394f90324fc60", 0x14}], 0x1}, 0x0)
r0 = socket$kcm(0x11, 0x200000000000002, 0x300)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x6, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0xfffffef2, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000003c0)=[{0x0, 0x2, 0x0, 0xa}, {0x90010022, 0x1}]}, 0x94)
close(r2)
recvmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r3=>0xffffffffffffffff]}}], 0x18}, 0x0)
setsockopt$sock_attach_bpf(r0, 0x107, 0x12, &(0x7f00000008c0)=r3, 0x4)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x90)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fed007907001175f37538e486dd6317ce2200"], 0xcfa4)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r4, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

6m50.692797486s ago: executing program 5 (id=534):
syz_open_procfs(0xffffffffffffffff, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
gettid()
r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000001580), 0xcf53b91a6f43f8f5, 0x0)
pread64(r0, &(0x7f00000000c0)=""/70, 0x46, 0x2b)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x9}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000d80)={0x60, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x33, 0xe, {{{}, {}, @device_b}, 0x0, @default, 0x1, @void, @val, @void, @void, @val={0x6, 0x2, 0x9}, @val={0x5, 0x3, {0x9, 0x9, 0x4}}, @void, @void, @void, @void, @void, @void, @void}}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @crypto_settings]}, 0x60}, 0x1, 0x0, 0x0, 0x84}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x2, 0x2}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
mount$afs(&(0x7f00000019c0)=ANY=[@ANYBLOB='#'], 0x0, &(0x7f0000001a40), 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
read$msr(0xffffffffffffffff, &(0x7f0000048040)=""/102392, 0x18ff8)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x10)
lseek(0xffffffffffffffff, 0x1, 0x0)
pipe2(&(0x7f0000000600), 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000700)={0x18, 0x5, &(0x7f0000001c40)=ANY=[@ANYBLOB], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
rename(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000c40)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00')
fsopen(&(0x7f0000000280)='9p\x00', 0x0)
r4 = gettid()
process_vm_readv(r4, &(0x7f0000000240)=[{0x0}, {&(0x7f0000000600)=""/166, 0xa6}, {&(0x7f00000006c0)=""/209}], 0x2, &(0x7f0000000040)=[{0xffffffffffffffff, 0x3}, {&(0x7f0000000140)=""/88, 0xbc}], 0x2, 0x0)

6m50.433917662s ago: executing program 5 (id=535):
mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x1c, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30)
mount$bpf(0x200000000000, &(0x7f0000000200)='./file0\x00', 0x0, 0x206002, 0x0)
mount$bpf(0x0, &(0x7f0000000180)='./file0/../file0\x00', 0x0, 0x24000, 0x0)
mount$bpf(0x200000000000, 0x0, 0x0, 0x8b7848, 0x0)

6m50.207448195s ago: executing program 5 (id=537):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xf0667000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
syz_emit_ethernet(0x42, &(0x7f0000001cc0)={@local, @broadcast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x34, 0x65, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0xb, 0x0, 0x0, 0x3, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2f, 0x2, @broadcast=0xac14140a, @multicast1}, "040022eb"}}}}}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=@ipv4_delrule={0x24, 0x21, 0x105, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001}, [@FRA_GENERIC_POLICY=@FRA_PROTOCOL={0x5, 0x15, 0x1}]}, 0x24}}, 0x0)
openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)={{0x14}, [], {0x14}}, 0x28}}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x0, 0x0})
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x23, &(0x7f0000000000), 0x0)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)

6m49.73621439s ago: executing program 6 (id=540):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000001b00)={0x14, 0x2e, 0x1, 0xf0bd26, 0x25dfdbfc, {0x4}}, 0x14}, 0x1, 0x0, 0x0, 0x4000d}, 0x20000000)
r5 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1e7d, 0x2cf6, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r5, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)

6m44.514757683s ago: executing program 6 (id=545):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000009c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x28}}, 0x0)

6m44.465920843s ago: executing program 6 (id=546):
mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x1c, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30)
mount$bpf(0x200000000000, &(0x7f0000000200)='./file0\x00', 0x0, 0x206002, 0x0)
mount$bpf(0x0, &(0x7f0000000180)='./file0/../file0\x00', 0x0, 0x24000, 0x0)
mount$bpf(0x200000000000, 0x0, 0x0, 0x8b7848, 0x0)

6m43.379368653s ago: executing program 6 (id=547):
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0], 0x1})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0xf3a, 0x0)
sendmsg$nl_generic(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000001b00)={0x14, 0x2e, 0x1, 0xf0bd26, 0x25dfdbfc, {0x4}}, 0x14}, 0x1, 0x0, 0x0, 0x4000d}, 0x20000000)
r5 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1e7d, 0x2cf6, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r5, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
r6 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x1)
ioctl$SG_GET_COMMAND_Q(r6, 0x2270, &(0x7f0000001100))

6m34.984687511s ago: executing program 36 (id=537):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xf0667000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
syz_emit_ethernet(0x42, &(0x7f0000001cc0)={@local, @broadcast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x34, 0x65, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0xb, 0x0, 0x0, 0x3, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2f, 0x2, @broadcast=0xac14140a, @multicast1}, "040022eb"}}}}}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=@ipv4_delrule={0x24, 0x21, 0x105, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001}, [@FRA_GENERIC_POLICY=@FRA_PROTOCOL={0x5, 0x15, 0x1}]}, 0x24}}, 0x0)
openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)={{0x14}, [], {0x14}}, 0x28}}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x0, 0x0})
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x23, &(0x7f0000000000), 0x0)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)

6m27.7690658s ago: executing program 37 (id=547):
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0], 0x1})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0xf3a, 0x0)
sendmsg$nl_generic(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000001b00)={0x14, 0x2e, 0x1, 0xf0bd26, 0x25dfdbfc, {0x4}}, 0x14}, 0x1, 0x0, 0x0, 0x4000d}, 0x20000000)
r5 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1e7d, 0x2cf6, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r5, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
r6 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x1)
ioctl$SG_GET_COMMAND_Q(r6, 0x2270, &(0x7f0000001100))

34.622285221s ago: executing program 7 (id=1060):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
tee(r0, r0, 0x2, 0xa)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000bc0)={r1, 0x0, 0x14, 0x0, &(0x7f0000000940)="18d26a3d9673399025aae4121e420e3eef774116", 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB="6400000010000305160000001dc76dcd00000000", @ANYRES32=0x0, @ANYBLOB="00000000000000004400128009000100626f6e6400000000340002800500010004000000050016000000000008001c000000000005000c00000000000a001a"], 0xc3}, 0x1, 0x100000000000000}, 0x0)
sendmsg$ETHTOOL_MSG_LINKINFO_SET(0xffffffffffffffff, 0x0, 0x4001)
writev(0xffffffffffffffff, 0x0, 0x0)
r3 = openat$random(0xffffffffffffff9c, &(0x7f0000000000), 0x109000, 0x0)
r4 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f0000000080)={0xb000001d})
r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x309501, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
mq_timedreceive(r5, 0x0, 0x0, 0x3, 0x0)
ioctl$sock_SIOCGPGRP(r2, 0x8904, &(0x7f00000000c0)=<r6=>0x0)
prlimit64(r6, 0x6, &(0x7f00000001c0)={0x3, 0x7}, &(0x7f0000000380))
r7 = socket(0x10, 0x3, 0x0)
sendmmsg(r7, &(0x7f0000000000), 0x4000000000001f2, 0x0)
getsockopt$sock_buf(r2, 0x1, 0x3b, &(0x7f0000000000)=""/28, &(0x7f0000000040)=0x1c)
ioctl$VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, &(0x7f0000000240)={0x2, 0x4, 0x4, {0x1, @sliced={0x2, [0x8, 0x7, 0x4, 0x4, 0x8001, 0x3, 0x8000, 0x10, 0x9, 0x1, 0x200, 0x1, 0x9, 0x0, 0x2, 0x8000, 0xb, 0xac, 0x800, 0x8, 0x8a, 0x1, 0x600, 0x3, 0x8, 0xc489, 0xf, 0x7a, 0x5, 0x81, 0x3, 0x80, 0x101, 0x0, 0x1, 0x6c, 0x7, 0xc76, 0x40, 0x1, 0x7, 0x7fff, 0x2, 0x2, 0x6, 0x2, 0x0, 0x9fbc], 0x9}}, 0x9})

34.024845346s ago: executing program 7 (id=1061):
r0 = socket$rds(0x15, 0x5, 0x0)
setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f0000000380), 0x4)
setsockopt$RDS_FREE_MR(r0, 0x114, 0x3, &(0x7f00000007c0), 0x10)
r1 = socket$packet(0x11, 0x3, 0x300)
capset(&(0x7f0000000340)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000, 0x20000000})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'ip6gretap0\x00', <r2=>0x0})
sendto$packet(r1, &(0x7f0000000080)="3303200071fd140000007ef52f55", 0xe, 0x40008c1, &(0x7f00000000c0)={0x11, 0x86dd, r2, 0x1, 0x42, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x15}}, 0x14)
r3 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="8600000004000000040000001200000000000000", @ANYRES32, @ANYBLOB="0300"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000001c0)={r3, r4, 0x9, 0x0, @void}, 0x10)
getsockopt$bt_hci(r1, 0x0, 0x2, &(0x7f00000003c0)=""/209, &(0x7f0000000100)=0xd1)

33.700535519s ago: executing program 1 (id=1062):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, r2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000300)={0x0, 0x200002, 0x30}, 0xc)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
rt_sigaction(0xd, &(0x7f0000000180)={0x0, 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
poll(0x0, 0x0, 0x7)
socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$UHID_CREATE2(r6, &(0x7f0000000040)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r6, 0x0)
ioctl$KVM_X86_SETUP_MCE(r6, 0x4008ae9c, &(0x7f0000000000)={0x4, 0x41624800ab11328a, 0x4})
fsopen(&(0x7f00000000c0)='nilfs2\x00', 0x0)

32.461189089s ago: executing program 1 (id=1063):
bpf$MAP_CREATE(0x300000000000000, &(0x7f0000000100)=@base={0x20, 0x4, 0x0, 0x0, 0x1, 0x1}, 0x48)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x4e, &(0x7f0000000080)=0x3, 0x4)
bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22, 0x40, @rand_addr=' \x01\x00'}, 0x1c)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x3, &(0x7f0000000080)=[{0x3}, {0xa4}, {0x6}]})
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x10000000}, 0x1c)

31.767863452s ago: executing program 7 (id=1064):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000480)='task\x00')
fchdir(r1)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r2 = syz_open_procfs(r0, &(0x7f0000000040)='stat\x00')
pread64(r2, &(0x7f00000000c0)=""/22, 0x16, 0x6)

30.129268081s ago: executing program 1 (id=1065):
socket$netlink(0x10, 0x3, 0x0)
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x820040, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000}, 0x20040810)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(0x0, 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
close(r0)
socket$pppl2tp(0x18, 0x1, 0x1)

27.596534338s ago: executing program 1 (id=1066):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000480), r1)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x20, r2, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x48084}, 0x10)

27.596350236s ago: executing program 7 (id=1067):
socket$inet_icmp_raw(0x2, 0x3, 0x1)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x5a, &(0x7f0000000000)={@local, @local, @void, {@ipv4={0x800, @icmp={{0xa, 0x4, 0x0, 0x0, 0x4c, 0x0, 0x0, 0x0, 0x1, 0x0, @rand_addr=0x64010102, @local, {[@generic={0x7, 0x12, "c7169c9c0e08b2f3dab649d863b74725"}]}}, @time_exceeded={0x3, 0x0, 0x0, 0x12, 0x0, 0x3f18, {0x5, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @loopback, @loopback}, "a51512fceaebaf04"}}}}}, 0x0)

26.92554425s ago: executing program 1 (id=1068):
write$cgroup_pressure(0xffffffffffffffff, &(0x7f0000000040)={'some', 0x20, 0x0, 0x20, 0x6}, 0x2f)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fed007907001175f37538e486dd6317ce2200102f00fe80000000000000875a65059ff57b00000000000000000000000000ac1414aa35f022eb"], 0xcfa4)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000480)}, 0x0)
r0 = socket$kcm(0x11, 0x200000000000002, 0x300)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x6, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0xfffffef2, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000003c0)=[{0x0, 0x2, 0x0, 0xa}, {0x90010022, 0x1}]}, 0x94)
close(r2)
recvmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r3=>0xffffffffffffffff]}}], 0x18}, 0x0)
setsockopt$sock_attach_bpf(r0, 0x107, 0x12, &(0x7f00000008c0)=r3, 0x4)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x90)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fed007907001175f37538e486dd6317ce2200"], 0xcfa4)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r4, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

26.031807629s ago: executing program 7 (id=1069):
r0 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da0700000000000109022400010000000009040000090300000009210000000122220009058103"], 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
r1 = epoll_create1(0x80000)
r2 = signalfd4(0xffffffffffffffff, &(0x7f0000000180)={[0x9]}, 0x8, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140)={0xe000200c})
rt_sigprocmask(0x0, &(0x7f00000000c0)={[0xfffffeffffffffff]}, 0x0, 0x8)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
fcntl$notify(r3, 0x402, 0x4)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
openat$rtc(0xffffffffffffff9c, 0x0, 0x40200, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
setpgid(0x0, 0x0)
timer_create(0x0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="00222200000096231306e53f070d0000002a940183fc"], 0x0}, 0x0)
syz_usb_connect$cdc_ncm(0x0, 0x79, &(0x7f0000000580)={{0x12, 0x1, 0x310, 0x2, 0x0, 0x0, 0xff, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x67, 0x2, 0x1, 0x80, 0x50, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0xb, 0x24, 0x6, 0x0, 0x1, "c966385a6a42"}, {0x5, 0x24, 0x0, 0x1156}, {0xd, 0x24, 0xf, 0x1, 0x9, 0x7, 0xe, 0x4}, {0x6, 0x24, 0x1a, 0x9, 0x1}, [@obex={0x5}]}, {{0x9, 0x5, 0x81, 0x3, 0x400, 0x4, 0x3, 0x9}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x10, 0x7, 0x5}}, {{0x9, 0x5, 0x3, 0x2, 0x20, 0x2, 0x7, 0x3}}}}}}}]}}, &(0x7f0000000940)={0xa, &(0x7f0000000600)={0xa, 0x6, 0x110, 0x5, 0x3, 0xc, 0xff, 0x9}, 0x52, &(0x7f0000000640)={0x5, 0xf, 0x52, 0x3, [@generic={0x21, 0x10, 0x4, "89c8fae5558682f041c759c6babb2826a7d3cbefd73da3b74ca00c33d90c"}, @ss_container_id={0x14, 0x10, 0x4, 0x6, "60444081e15b4391e1a45001178b6c4e"}, @ssp_cap={0x18, 0x10, 0xa, 0x0, 0x3, 0x2, 0xf00, 0x6, [0xffffff, 0xff3f, 0xf]}]}, 0x6, [{0xa5, &(0x7f00000006c0)=@string={0xa5, 0x3, "8e4c32bf96a3b75068e1c5563289b3f3b4398f175c9227eec6f1c0e5213f0c40ab366ca9d3eba229d4892c4b53d5a0dc37a78c61dac3608953cd914662a29441074f0ceaaf89975a32010028eeb0c83793eeff953810d8caad167aa598620c37f366b451fd4b1f8ce7bee0a128af2e101cec3e07c813f7ac7d746bb3010e2c6bd5cc7cd43606e90b452b44db6f0f6e9fb73b052f15370fc7d03e7e2438cc677cf29ab2"}}, {0x4, &(0x7f0000000780)=@lang_id={0x4, 0x3, 0x403}}, {0x97, &(0x7f00000007c0)=ANY=[@ANYBLOB="97037ef9fed87283e034a95f5c2f75d193213dc30ad0b6029f2e45e4f209f36fd99e5cd7cda3435b6fc6171846ebd39e2590384fc3152e65466d9c095d57446e4a8d3f02f0def0a736651d9cd06f9df2a50c6fcf61e786ae07673e52514228e5a2a5f4a4760473721ea4b3abe6156b040639948162e193239e9352e446c41e5d072412b33fb99558e7e74a8c882aa89d7d0d125901e76c"]}, {0x4, &(0x7f0000000880)=@lang_id={0x4, 0x3, 0x300a}}, {0x4, &(0x7f00000008c0)=@lang_id={0x4, 0x3, 0x240a}}, {0x4, &(0x7f0000000900)=@lang_id={0x4, 0x3, 0x402}}]})
r5 = syz_usb_connect$rtl8150(0x2, 0x3f, &(0x7f0000000080)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xbda, 0x8150, 0x0, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d}}]}}, 0x0)
syz_usb_control_io$rtl8150(r5, &(0x7f0000000240)={0x14, &(0x7f0000000300)=ANY=[@ANYBLOB="2010fc000000fc2221e9dd298441fdd085e9694c5ea4e29b07df4066447f647c0e4e3b02a7d840a04e72ebe1c08b4aab525f6744533c8c2637180611c3f9c189c14618a87ca0adf1abdcd84e32d3c59739befdf1bdcb618caec14d89e57e5c9f98e50aaa9a8db6e1efbc13383b6ea88e73fcee7b9382ea1ab7306c1e538d2876b4346b053831c3b146b84f65392eba91bcf657eacdc0835f0851fa139d220a1f32c74d184f234a10bc036a7157a2a68a33a6350dd86d18bbe074b49d961a9d3524c312539e266ccd23628e4457622f3e7b1ebd5240a061a64c3c2a714abc8ee27073a1c237718ce12126e7810962400a3c144b20f14b8ef3a65340422fce31911240"], &(0x7f0000000200)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x44c}}}, &(0x7f0000000540)={0x2c, &(0x7f0000000280)={0x20, 0x11, 0x18, "0020cd0cb8cc785129b5cd1e59c159627c1e18577b3a2c14"}, &(0x7f0000000440)={0x0, 0xa, 0x1, 0x9}, &(0x7f0000000480)={0x0, 0x8, 0x1, 0x6}, &(0x7f00000004c0)={0xc0, 0x5, 0x1, "eb"}, &(0x7f0000000500)={0x40, 0x5, 0x6, "6ea3787dd843"}})
r6 = socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_inet_SIOCSARP(r6, 0x8955, &(0x7f0000000a80)={{0x2, 0x4e23, @empty}, {0x0, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x4a, {0x2, 0x0, @rand_addr=0x64010101}, 'lo\x00'})
ioctl$sock_inet_SIOCSARP(r6, 0x8955, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
writev(r7, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
mprotect(&(0x7f0000000000/0x1000)=nil, 0x1000, 0xd)
socket$inet6_sctp(0xa, 0x1, 0x84)

20.541661215s ago: executing program 1 (id=1070):
r0 = socket$kcm(0xa, 0x5, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="1e00000000000000fc00400009"], 0x50)
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000))
r1 = socket$kcm(0xa, 0x2, 0x0)
sendmsg$inet(r1, &(0x7f0000000380)={&(0x7f0000000040)={0xa, 0xa, @local}, 0x1b, &(0x7f0000000180)=[{&(0x7f0000000080)="a2", 0xff0e}], 0x4, 0x0, 0x0, 0xa6820000}, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000380)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_SREGS(r4, 0x4138ae84, &(0x7f00000001c0)={{0xeeee8000, 0x4, 0xe, 0xf1, 0x5, 0xfd, 0xd4, 0xd4, 0xff, 0xd7, 0x7, 0x5f}, {0x5000, 0x2, 0xd, 0x9, 0x8, 0x8, 0x6, 0xb, 0x5, 0xf, 0x3, 0xc0}, {0x8080000, 0xdddd1000, 0xb, 0x1, 0x2, 0x0, 0x4, 0x1, 0xe, 0x0, 0x37, 0x5}, {0x8000000, 0x2000, 0x8, 0xf8, 0x3, 0x46, 0x2, 0xd, 0x6, 0x1, 0x8, 0x1}, {0x100000, 0x4000, 0x9, 0x1, 0x3, 0x9, 0xd, 0x6, 0x5, 0x4, 0x2e, 0x4b}, {0x6000, 0x8000000, 0xb, 0x0, 0x3, 0x1, 0x1, 0xff, 0x4, 0x90, 0x1, 0xfc}, {0x6000, 0x4000, 0xf, 0xff, 0x3, 0xff, 0x2, 0xb, 0x5, 0x7, 0x9, 0xf8}, {0xf7f63004, 0x8000000, 0xf, 0x5, 0x28, 0x3, 0xa, 0x9, 0x54, 0x1, 0xff, 0x7}, {0xeeef0000, 0x9}, {0x1000, 0x9}, 0x40010000, 0x0, 0xffff1000, 0x300, 0x5, 0x2000, 0xe6e70c00, [0x3, 0x401, 0x7, 0xc5]})
ioctl$KVM_GET_IRQCHIP(r3, 0xc208ae62, &(0x7f00000003c0)={0x2, 0x0, @pic={0x9, 0xb8, 0x9, 0x3, 0x9, 0x9, 0x0, 0x6, 0x0, 0x6, 0x4, 0xf5, 0x7f, 0x8, 0x7, 0x5}})

15.957925213s ago: executing program 7 (id=1071):
socketpair$unix(0x1, 0x3, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SNDCTL_SEQ_OUTOFBAND(0xffffffffffffffff, 0x40085112, 0x0)
socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8916, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x1c, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_BLACKHOLE={0x4}]}, 0x1c}}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=@newnexthop={0x24, 0x68, 0x1, 0x2, 0x7ffffffc, {0x0, 0x0, 0x4}, [@NHA_GROUP={0xc, 0x2, [{0x1, 0x4}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x24008000}, 0x4000)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000400)=ANY=[@ANYBLOB="240000001800dd8d000000000000000002001000fe0400010000002008001e0002000000c08f191ce8ddf21ed32e27fad9791924b2c1fca4c7"], 0x24}, 0x1, 0x0, 0x0, 0x4a044}, 0x4010)

4.93869119s ago: executing program 38 (id=1070):
r0 = socket$kcm(0xa, 0x5, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="1e00000000000000fc00400009"], 0x50)
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000))
r1 = socket$kcm(0xa, 0x2, 0x0)
sendmsg$inet(r1, &(0x7f0000000380)={&(0x7f0000000040)={0xa, 0xa, @local}, 0x1b, &(0x7f0000000180)=[{&(0x7f0000000080)="a2", 0xff0e}], 0x4, 0x0, 0x0, 0xa6820000}, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000380)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_SREGS(r4, 0x4138ae84, &(0x7f00000001c0)={{0xeeee8000, 0x4, 0xe, 0xf1, 0x5, 0xfd, 0xd4, 0xd4, 0xff, 0xd7, 0x7, 0x5f}, {0x5000, 0x2, 0xd, 0x9, 0x8, 0x8, 0x6, 0xb, 0x5, 0xf, 0x3, 0xc0}, {0x8080000, 0xdddd1000, 0xb, 0x1, 0x2, 0x0, 0x4, 0x1, 0xe, 0x0, 0x37, 0x5}, {0x8000000, 0x2000, 0x8, 0xf8, 0x3, 0x46, 0x2, 0xd, 0x6, 0x1, 0x8, 0x1}, {0x100000, 0x4000, 0x9, 0x1, 0x3, 0x9, 0xd, 0x6, 0x5, 0x4, 0x2e, 0x4b}, {0x6000, 0x8000000, 0xb, 0x0, 0x3, 0x1, 0x1, 0xff, 0x4, 0x90, 0x1, 0xfc}, {0x6000, 0x4000, 0xf, 0xff, 0x3, 0xff, 0x2, 0xb, 0x5, 0x7, 0x9, 0xf8}, {0xf7f63004, 0x8000000, 0xf, 0x5, 0x28, 0x3, 0xa, 0x9, 0x54, 0x1, 0xff, 0x7}, {0xeeef0000, 0x9}, {0x1000, 0x9}, 0x40010000, 0x0, 0xffff1000, 0x300, 0x5, 0x2000, 0xe6e70c00, [0x3, 0x401, 0x7, 0xc5]})
ioctl$KVM_GET_IRQCHIP(r3, 0xc208ae62, &(0x7f00000003c0)={0x2, 0x0, @pic={0x9, 0xb8, 0x9, 0x3, 0x9, 0x9, 0x0, 0x6, 0x0, 0x6, 0x4, 0xf5, 0x7f, 0x8, 0x7, 0x5}})

0s ago: executing program 39 (id=1071):
socketpair$unix(0x1, 0x3, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SNDCTL_SEQ_OUTOFBAND(0xffffffffffffffff, 0x40085112, 0x0)
socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8916, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x1c, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_BLACKHOLE={0x4}]}, 0x1c}}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=@newnexthop={0x24, 0x68, 0x1, 0x2, 0x7ffffffc, {0x0, 0x0, 0x4}, [@NHA_GROUP={0xc, 0x2, [{0x1, 0x4}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x24008000}, 0x4000)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000400)=ANY=[@ANYBLOB="240000001800dd8d000000000000000002001000fe0400010000002008001e0002000000c08f191ce8ddf21ed32e27fad9791924b2c1fca4c7"], 0x24}, 0x1, 0x0, 0x0, 0x4a044}, 0x4010)

kernel console output (not intermixed with test programs):

batadv0: Adding interface: batadv_slave_0
[  535.344682][ T8982] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  535.344707][ T8982] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  535.371143][   T31] elan 0003:04F3:0755.0005: unknown main item tag 0x2
[  535.372500][   T31] elan 0003:04F3:0755.0005: failed to start in urb: -90
[  535.382947][   T31] elan 0003:04F3:0755.0005: hidraw0: USB HID v1.01 Device [HID 04f3:0755] on usb-dummy_hcd.1-1/input0
[  535.604108][    C1] vkms_vblank_simulate: vblank timer overrun
[  535.697995][ T8982] batman_adv: batadv0: Adding interface: batadv_slave_1
[  535.698025][ T8982] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  535.698045][ T8982] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  535.849904][ T8960] hsr_slave_0: entered promiscuous mode
[  535.851656][ T8960] hsr_slave_1: entered promiscuous mode
[  535.852387][ T8960] debugfs: 'hsr0' already exists in 'hsr'
[  535.852404][ T8960] Cannot create hsr debugfs directory
[  536.046720][    C1] vkms_vblank_simulate: vblank timer overrun
[  536.142370][ T5983] usb 2-1: USB disconnect, device number 52
[  536.449989][    C1] vkms_vblank_simulate: vblank timer overrun
[  536.556797][    C1] vkms_vblank_simulate: vblank timer overrun
[  536.568112][ T9081] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(5)
[  536.568141][ T9081] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  536.582435][ T9081] vhci_hcd vhci_hcd.0: Device attached
[  536.634166][ T8982] hsr_slave_0: entered promiscuous mode
[  536.635453][ T8982] hsr_slave_1: entered promiscuous mode
[  536.636406][ T8982] debugfs: 'hsr0' already exists in 'hsr'
[  536.636426][ T8982] Cannot create hsr debugfs directory
[  536.814985][   T31] usb 47-1: new low-speed USB device number 2 using vhci_hcd
[  536.884495][    C1] vkms_vblank_simulate: vblank timer overrun
[  536.893356][ T9082] usb 47-1: recv xbuf, 0
[  536.915047][ T5946] vhci_hcd: stop threads
[  536.915929][ T5946] vhci_hcd: release socket
[  536.941879][ T5946] vhci_hcd: disconnect device
[  536.947995][ T5784] usb 8-1: new high-speed USB device number 22 using dummy_hcd
[  537.004065][   T31] vhci_hcd: vhci_device speed not set
[  537.285546][    C1] vkms_vblank_simulate: vblank timer overrun
[  538.343086][    C1] vkms_vblank_simulate: vblank timer overrun
[  538.589911][    C1] vkms_vblank_simulate: vblank timer overrun
[  538.842586][    C1] vkms_vblank_simulate: vblank timer overrun
[  539.310148][ T6138] bridge_slave_1: left allmulticast mode
[  539.310184][ T6138] bridge_slave_1: left promiscuous mode
[  539.310354][ T6138] bridge0: port 2(bridge_slave_1) entered disabled state
[  539.374705][ T6138] bridge_slave_0: left allmulticast mode
[  539.374725][ T6138] bridge_slave_0: left promiscuous mode
[  539.374906][ T6138] bridge0: port 1(bridge_slave_0) entered disabled state
[  539.555997][ T6138] bridge_slave_1: left allmulticast mode
[  539.556019][ T6138] bridge_slave_1: left promiscuous mode
[  539.556166][ T6138] bridge0: port 2(bridge_slave_1) entered disabled state
[  539.634702][ T6138] bridge_slave_0: left allmulticast mode
[  539.634723][ T6138] bridge_slave_0: left promiscuous mode
[  539.634880][ T6138] bridge0: port 1(bridge_slave_0) entered disabled state
[  539.712254][ T9112] process 'syz.1.859' launched './file0' with NULL argv: empty string added
[  539.719457][ T9112] FAULT_INJECTION: forcing a failure.
[  539.719457][ T9112] name failslab, interval 1, probability 0, space 0, times 0
[  539.719490][ T9112] CPU: 1 UID: 0 PID: 9112 Comm: syz.1.859 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  539.719511][ T9112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  539.719526][ T9112] Call Trace:
[  539.719533][ T9112]  <TASK>
[  539.719541][ T9112]  dump_stack_lvl+0x189/0x250
[  539.719570][ T9112]  ? __pfx____ratelimit+0x10/0x10
[  539.719593][ T9112]  ? __pfx_dump_stack_lvl+0x10/0x10
[  539.719616][ T9112]  ? __pfx__printk+0x10/0x10
[  539.719642][ T9112]  ? __pfx___might_resched+0x10/0x10
[  539.719660][ T9112]  ? fs_reclaim_acquire+0x7d/0x100
[  539.719687][ T9112]  should_fail_ex+0x46c/0x600
[  539.719716][ T9112]  should_failslab+0xa8/0x100
[  539.719740][ T9112]  __kmalloc_noprof+0xcc/0x7d0
[  539.719762][ T9112]  ? tomoyo_encode+0x28b/0x550
[  539.719787][ T9112]  tomoyo_encode+0x28b/0x550
[  539.719812][ T9112]  tomoyo_mount_permission+0x44d/0x970
[  539.719843][ T9112]  ? tomoyo_mount_permission+0x27a/0x970
[  539.719862][ T9112]  ? __pfx_tomoyo_mount_permission+0x10/0x10
[  539.719936][ T9112]  security_sb_mount+0xec/0x350
[  539.719962][ T9112]  path_mount+0xbc/0xfe0
[  539.719984][ T9112]  ? user_path_at+0x44/0x60
[  539.720011][ T9112]  __se_sys_mount+0x313/0x410
[  539.720040][ T9112]  ? __pfx___se_sys_mount+0x10/0x10
[  539.720066][ T9112]  ? do_syscall_64+0xbe/0xfa0
[  539.720084][ T9112]  ? __x64_sys_mount+0x20/0xc0
[  539.720108][ T9112]  do_syscall_64+0xfa/0xfa0
[  539.720127][ T9112]  ? lockdep_hardirqs_on+0x9c/0x150
[  539.720146][ T9112]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  539.720163][ T9112]  ? clear_bhb_loop+0x60/0xb0
[  539.720184][ T9112]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  539.720201][ T9112] RIP: 0033:0x7f07cfb6efc9
[  539.720215][ T9112] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  539.720230][ T9112] RSP: 002b:00007f07cddd6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  539.720248][ T9112] RAX: ffffffffffffffda RBX: 00007f07cfdc5fa0 RCX: 00007f07cfb6efc9
[  539.720261][ T9112] RDX: 00002000000003c0 RSI: 00002000000000c0 RDI: 0000000000000000
[  539.720273][ T9112] RBP: 00007f07cddd6090 R08: 00002000000004c0 R09: 0000000000000000
[  539.720285][ T9112] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  539.720295][ T9112] R13: 00007f07cfdc6038 R14: 00007f07cfdc5fa0 R15: 00007fffab8fc7c8
[  539.720326][ T9112]  </TASK>
[  541.483776][ T5869] usb 2-1: new high-speed USB device number 53 using dummy_hcd
[  541.636233][ T5869] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  541.636266][ T5869] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  541.636310][ T5869] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  541.636332][ T5869] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  541.704428][ T5869] usb 2-1: config 0 descriptor??
[  542.629607][ T6138] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  542.694873][ T6138] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  542.741064][ T6138] bond0 (unregistering): Released all slaves
[  544.264491][ T6138] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  544.304476][ T6138] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  544.327355][ T6138] bond0 (unregistering): Released all slaves
[  544.611751][ T8824] 8021q: adding VLAN 0 to HW filter on device bond0
[  544.664642][ T5869] usbhid 2-1:0.0: can't add hid device: -71
[  544.664772][ T5869] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  544.707289][ T5869] usb 2-1: USB disconnect, device number 53
[  545.772950][ T9135] netlink: 20 bytes leftover after parsing attributes in process `syz.7.864'.
[  545.835606][ T6138] hsr_slave_0: left promiscuous mode
[  545.863785][ T6138] hsr_slave_1: left promiscuous mode
[  545.864736][ T6138] batman_adv: batadv0: Removing interface: batadv_slave_0
[  545.991637][ T6138] batman_adv: batadv0: Removing interface: batadv_slave_1
[  546.202850][ T6138] hsr_slave_0: left promiscuous mode
[  546.233864][ T6138] hsr_slave_1: left promiscuous mode
[  546.234555][ T6138] batman_adv: batadv0: Removing interface: batadv_slave_0
[  546.257060][ T6138] batman_adv: batadv0: Removing interface: batadv_slave_1
[  546.364200][ T6138] veth1_vlan: left promiscuous mode
[  546.364398][ T6138] veth0_vlan: left promiscuous mode
[  548.904337][ T6138] team0 (unregistering): Port device team_slave_1 removed
[  549.124548][ T6138] team0 (unregistering): Port device team_slave_0 removed
[  552.994345][ T6138] team0 (unregistering): Port device team_slave_1 removed
[  553.244363][ T6138] team0 (unregistering): Port device team_slave_0 removed
[  555.836963][ T8824] 8021q: adding VLAN 0 to HW filter on device team0
[  555.861358][ T5946] bridge0: port 1(bridge_slave_0) entered blocking state
[  555.861587][ T5946] bridge0: port 1(bridge_slave_0) entered forwarding state
[  555.875879][ T5946] bridge0: port 2(bridge_slave_1) entered blocking state
[  555.876119][ T5946] bridge0: port 2(bridge_slave_1) entered forwarding state
[  556.035481][   T37] kauditd_printk_skb: 2 callbacks suppressed
[  556.035501][   T37] audit: type=1326 audit(1761833808.001:406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9155 comm="syz.1.872" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f07cfb6efc9 code=0x0
[  557.310322][ T9169] netlink: 'syz.7.877': attribute type 10 has an invalid length.
[  557.616766][ T8460] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  557.622229][ T8460] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  557.623880][ T8460] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  557.627229][ T8460] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  557.628464][ T8460] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  557.688277][ T9169] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[  558.750644][ T9171] chnl_net:caif_netlink_parms(): no params data found
[  558.837325][ T9186] netlink: 44 bytes leftover after parsing attributes in process `syz.7.880'.
[  558.837350][ T9186] netlink: 43 bytes leftover after parsing attributes in process `syz.7.880'.
[  558.837364][ T9186] netlink: 'syz.7.880': attribute type 5 has an invalid length.
[  558.837375][ T9186] netlink: 43 bytes leftover after parsing attributes in process `syz.7.880'.
[  559.000606][ T9188] Driver unsupported XDP return value 0 on prog  (id 190) dev N/A, expect packet loss!
[  559.050492][   T37] audit: type=1326 audit(1761833811.021:407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9189 comm="syz.7.882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5cabd8efc9 code=0x7ffc0000
[  559.050532][   T37] audit: type=1326 audit(1761833811.021:408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9189 comm="syz.7.882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5cabd8efc9 code=0x7ffc0000
[  559.053173][   T37] audit: type=1326 audit(1761833811.021:409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9189 comm="syz.7.882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=108 compat=0 ip=0x7f5cabd8efc9 code=0x7ffc0000
[  559.053449][   T37] audit: type=1326 audit(1761833811.021:410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9189 comm="syz.7.882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5cabd8efc9 code=0x7ffc0000
[  559.053491][   T37] audit: type=1326 audit(1761833811.021:411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9189 comm="syz.7.882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5cabd8efc9 code=0x7ffc0000
[  559.053533][   T37] audit: type=1326 audit(1761833811.021:412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9189 comm="syz.7.882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f5cabd8efc9 code=0x7ffc0000
[  559.259978][   T37] audit: type=1326 audit(1761833811.221:413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9189 comm="syz.7.882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5cabd8efc9 code=0x7ffc0000
[  559.260033][   T37] audit: type=1326 audit(1761833811.221:414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9189 comm="syz.7.882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5cabd8efc9 code=0x7ffc0000
[  559.288284][   T37] audit: type=1326 audit(1761833811.261:415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9189 comm="syz.7.882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f5cabd8efc9 code=0x7ffc0000
[  559.334678][ T8960] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  559.390645][ T9193] netlink: 36 bytes leftover after parsing attributes in process `syz.7.882'.
[  559.656198][ T5808] Bluetooth: hci1: command tx timeout
[  560.194027][ T8960] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  560.383997][ T8960] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  560.494840][ T9203] netlink: 20 bytes leftover after parsing attributes in process `syz.7.885'.
[  560.648376][ T8960] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  561.588513][ T9171] bridge0: port 1(bridge_slave_0) entered blocking state
[  561.588734][ T9171] bridge0: port 1(bridge_slave_0) entered disabled state
[  561.588980][ T9171] bridge_slave_0: entered allmulticast mode
[  561.591854][ T9171] bridge_slave_0: entered promiscuous mode
[  561.634402][ T9171] bridge0: port 2(bridge_slave_1) entered blocking state
[  561.634572][ T9171] bridge0: port 2(bridge_slave_1) entered disabled state
[  561.634830][ T9171] bridge_slave_1: entered allmulticast mode
[  561.639781][ T9171] bridge_slave_1: entered promiscuous mode
[  561.733847][ T5808] Bluetooth: hci1: command tx timeout
[  562.141836][ T9171] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  562.173449][ T9171] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  562.287195][ T8982] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  562.903118][ T8982] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  562.913972][   T37] kauditd_printk_skb: 3 callbacks suppressed
[  562.913991][   T37] audit: type=1326 audit(1761833814.631:419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9230 comm="syz.1.892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  562.914038][   T37] audit: type=1326 audit(1761833814.631:420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9230 comm="syz.1.892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  562.914078][   T37] audit: type=1326 audit(1761833814.631:421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9230 comm="syz.1.892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=108 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  562.914118][   T37] audit: type=1326 audit(1761833814.631:422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9230 comm="syz.1.892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  562.914158][   T37] audit: type=1326 audit(1761833814.631:423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9230 comm="syz.1.892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  562.914199][   T37] audit: type=1326 audit(1761833814.641:424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9230 comm="syz.1.892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  562.923685][   T37] audit: type=1326 audit(1761833814.891:425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9230 comm="syz.1.892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  562.923745][   T37] audit: type=1326 audit(1761833814.891:426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9230 comm="syz.1.892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  562.927221][   T37] audit: type=1326 audit(1761833814.901:427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9230 comm="syz.1.892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  562.927269][   T37] audit: type=1326 audit(1761833814.901:428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9230 comm="syz.1.892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  563.037848][ T9234] netlink: 12 bytes leftover after parsing attributes in process `syz.7.891'.
[  564.174368][ T9171] team0: Port device team_slave_0 added
[  564.251299][ T1319] ieee802154 phy0 wpan0: encryption failed: -22
[  564.251379][ T1319] ieee802154 phy1 wpan1: encryption failed: -22
[  564.260621][ T5808] Bluetooth: hci1: command tx timeout
[  564.625907][ T8982] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  564.668313][ T9171] team0: Port device team_slave_1 added
[  564.670111][ T8982] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  564.734059][   T10] usb 2-1: new high-speed USB device number 54 using dummy_hcd
[  564.823871][ T5784] usb 8-1: new high-speed USB device number 23 using dummy_hcd
[  564.883853][   T10] usb 2-1: Using ep0 maxpacket: 32
[  564.885978][   T10] usb 2-1: config index 0 descriptor too short (expected 35577, got 27)
[  564.886005][   T10] usb 2-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  564.886026][   T10] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 92
[  564.886039][   T10] usb 2-1: config 1 has no interface number 0
[  564.886080][   T10] usb 2-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  564.886094][   T10] usb 2-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  564.886117][   T10] usb 2-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  564.886129][   T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  564.893209][   T10] snd_usb_pod 2-1:1.1: Line 6 Pocket POD found
[  564.996954][ T5784] usb 8-1: config 8 has an invalid interface number: 59 but max is 0
[  564.996981][ T5784] usb 8-1: config 8 has an invalid descriptor of length 0, skipping remainder of the config
[  564.997000][ T5784] usb 8-1: config 8 has no interface number 0
[  564.999914][ T5784] usb 8-1: New USB device found, idVendor=0bfd, idProduct=0124, bcdDevice=f6.ce
[  564.999944][ T5784] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  564.999962][ T5784] usb 8-1: Product: syz
[  564.999976][ T5784] usb 8-1: Manufacturer: syz
[  564.999989][ T5784] usb 8-1: SerialNumber: syz
[  565.063400][ T5784] kvaser_usb 8-1:8.59: error -ENODEV: Cannot get usb endpoint(s)
[  565.101092][   T10] snd_usb_pod 2-1:1.1: Line 6 Pocket POD now attached
[  565.108948][ T9171] batman_adv: batadv0: Adding interface: batadv_slave_0
[  565.108965][ T9171] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  565.108989][ T9171] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  565.117978][ T9171] batman_adv: batadv0: Adding interface: batadv_slave_1
[  565.117994][ T9171] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  565.118028][ T9171] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  565.518249][ T9171] hsr_slave_0: entered promiscuous mode
[  565.519542][ T9171] hsr_slave_1: entered promiscuous mode
[  565.520400][ T9171] debugfs: 'hsr0' already exists in 'hsr'
[  565.520426][ T9171] Cannot create hsr debugfs directory
[  565.526932][   T31] kernel read not supported for file /1042/stat (pid: 31 comm: kworker/1:0)
[  565.534335][ T6011] usb 2-1: USB disconnect, device number 54
[  565.536859][ T6011] snd_usb_pod 2-1:1.1: Line 6 Pocket POD now disconnected
[  566.269878][ T8960] 8021q: adding VLAN 0 to HW filter on device bond0
[  566.295024][ T5808] Bluetooth: hci1: command tx timeout
[  566.441545][ T6138] bridge_slave_1: left allmulticast mode
[  566.441566][ T6138] bridge_slave_1: left promiscuous mode
[  566.442029][ T6138] bridge0: port 2(bridge_slave_1) entered disabled state
[  566.516544][ T6138] bridge_slave_0: left allmulticast mode
[  566.516572][ T6138] bridge_slave_0: left promiscuous mode
[  566.516824][ T6138] bridge0: port 1(bridge_slave_0) entered disabled state
[  567.559762][   T10] usb 8-1: USB disconnect, device number 23
[  568.375476][ T6138] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  568.434496][ T6138] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  568.477536][ T6138] bond0 (unregistering): Released all slaves
[  568.505705][ T9262] Falling back ldisc for ptm0.
[  568.728923][ T8982] 8021q: adding VLAN 0 to HW filter on device bond0
[  568.743268][ T8960] 8021q: adding VLAN 0 to HW filter on device team0
[  568.792294][ T1114] bridge0: port 1(bridge_slave_0) entered blocking state
[  568.792623][ T1114] bridge0: port 1(bridge_slave_0) entered forwarding state
[  568.840696][ T8982] 8021q: adding VLAN 0 to HW filter on device team0
[  568.861000][ T1114] bridge0: port 2(bridge_slave_1) entered blocking state
[  568.861238][ T1114] bridge0: port 2(bridge_slave_1) entered forwarding state
[  568.916143][ T1114] bridge0: port 1(bridge_slave_0) entered blocking state
[  568.916504][ T1114] bridge0: port 1(bridge_slave_0) entered forwarding state
[  568.966238][   T72] bridge0: port 2(bridge_slave_1) entered blocking state
[  568.966590][   T72] bridge0: port 2(bridge_slave_1) entered forwarding state
[  569.151239][   T37] kauditd_printk_skb: 5 callbacks suppressed
[  569.151260][   T37] audit: type=1326 audit(1761833821.081:434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9272 comm="syz.1.901" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  569.151307][   T37] audit: type=1326 audit(1761833821.081:435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9272 comm="syz.1.901" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  569.151345][   T37] audit: type=1326 audit(1761833821.081:436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9272 comm="syz.1.901" exe="/root/syz-executor" sig=0 arch=c000003e syscall=108 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  569.151383][   T37] audit: type=1326 audit(1761833821.081:437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9272 comm="syz.1.901" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  569.151422][   T37] audit: type=1326 audit(1761833821.081:438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9272 comm="syz.1.901" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  569.151461][   T37] audit: type=1326 audit(1761833821.081:439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9272 comm="syz.1.901" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  569.340463][   T37] audit: type=1326 audit(1761833821.311:440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9272 comm="syz.1.901" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  569.340514][   T37] audit: type=1326 audit(1761833821.311:441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9272 comm="syz.1.901" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  569.350071][   T37] audit: type=1326 audit(1761833821.321:442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9272 comm="syz.1.901" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  569.350118][   T37] audit: type=1326 audit(1761833821.321:443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9272 comm="syz.1.901" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  569.465899][ T9276] netlink: 36 bytes leftover after parsing attributes in process `syz.1.901'.
[  574.264071][   T31] usb 8-1: new high-speed USB device number 24 using dummy_hcd
[  574.455894][   T31] usb 8-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 16
[  574.455938][   T31] usb 8-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 1023
[  574.484008][   T31] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  574.484049][   T31] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  574.484113][   T31] usb 8-1: Product: syz
[  574.484165][   T31] usb 8-1: Manufacturer: Ћ
[  574.484214][   T31] usb 8-1: SerialNumber: syz
[  575.964252][ T6138] hsr_slave_0: left promiscuous mode
[  576.879498][ T6138] hsr_slave_1: left promiscuous mode
[  576.891405][ T6138] batman_adv: batadv0: Removing interface: batadv_slave_0
[  577.486937][ T6138] batman_adv: batadv0: Removing interface: batadv_slave_1
[  578.332068][   T31] cdc_ncm 8-1:1.0: bind() failure
[  578.364175][   T31] cdc_ncm 8-1:1.1: CDC Union missing and no IAD found
[  578.364231][   T31] cdc_ncm 8-1:1.1: bind() failure
[  578.406023][   T31] usb 8-1: USB disconnect, device number 24
[  578.980857][ T9296] FAULT_INJECTION: forcing a failure.
[  578.980857][ T9296] name failslab, interval 1, probability 0, space 0, times 0
[  578.980916][ T9296] CPU: 0 UID: 0 PID: 9296 Comm: syz.7.905 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  578.980945][ T9296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  578.980955][ T9296] Call Trace:
[  578.980961][ T9296]  <TASK>
[  578.980966][ T9296]  dump_stack_lvl+0x189/0x250
[  578.980985][ T9296]  ? __pfx____ratelimit+0x10/0x10
[  578.980999][ T9296]  ? __pfx_dump_stack_lvl+0x10/0x10
[  578.981013][ T9296]  ? __pfx__printk+0x10/0x10
[  578.981032][ T9296]  should_fail_ex+0x46c/0x600
[  578.981048][ T9296]  ? __nf_conntrack_alloc+0x98/0x420
[  578.981061][ T9296]  should_failslab+0xa8/0x100
[  578.981075][ T9296]  ? __nf_conntrack_alloc+0x98/0x420
[  578.981086][ T9296]  kmem_cache_alloc_noprof+0x6f/0x6b0
[  578.981098][ T9296]  ? nf_ct_pernet+0x45/0x270
[  578.981108][ T9296]  ? nf_ct_pernet+0x45/0x270
[  578.981123][ T9296]  __nf_conntrack_alloc+0x98/0x420
[  578.981140][ T9296]  init_conntrack+0x15b/0xf20
[  578.981157][ T9296]  ? __pfx_init_conntrack+0x10/0x10
[  578.981172][ T9296]  ? __pfx___nf_conntrack_find_get+0x10/0x10
[  578.981184][ T9296]  ? __siphash_unaligned+0x232/0x3b0
[  578.981202][ T9296]  nf_conntrack_in+0xbc3/0x15d0
[  578.981227][ T9296]  ? __pfx_nf_conntrack_in+0x10/0x10
[  578.981241][ T9296]  ? irqentry_exit+0x74/0x90
[  578.981253][ T9296]  ? lockdep_hardirqs_on+0x9c/0x150
[  578.981269][ T9296]  ? __pfx_ipv4_conntrack_local+0x10/0x10
[  578.981279][ T9296]  ? __pfx_ipv4_conntrack_local+0x10/0x10
[  578.981290][ T9296]  ? ipv4_conntrack_local+0x126/0x210
[  578.981302][ T9296]  ? nf_conntrack_in+0xc/0x15d0
[  578.981314][ T9296]  ? __pfx_ipv4_conntrack_local+0x10/0x10
[  578.981326][ T9296]  nf_hook_slow+0xc5/0x220
[  578.981340][ T9296]  nf_hook+0x217/0x380
[  578.981353][ T9296]  ? nf_hook+0x9d/0x380
[  578.981362][ T9296]  ? __pfx_nf_hook+0x10/0x10
[  578.981374][ T9296]  ? __pfx_dst_output+0x10/0x10
[  578.981384][ T9296]  ? ip_select_ttl+0xaf/0x3d0
[  578.981401][ T9296]  __ip_local_out+0x4db/0x600
[  578.981410][ T9296]  ? __pfx_dst_output+0x10/0x10
[  578.981423][ T9296]  __ip_queue_xmit+0x1163/0x1c30
[  578.981435][ T9296]  ? tcp_options_write+0xa28/0x12c0
[  578.981446][ T9296]  ? csum_tcpudp_nofold+0x1f/0x60
[  578.981456][ T9296]  ? __ip_queue_xmit+0x5d/0x1c30
[  578.981469][ T9296]  ? __pfx_ip_queue_xmit+0x10/0x10
[  578.981479][ T9296]  __tcp_transmit_skb+0x24f6/0x3aa0
[  578.981506][ T9296]  ? __pfx___tcp_transmit_skb+0x10/0x10
[  578.981526][ T9296]  ? tcp_fastopen_cookie_check+0x2b6/0x470
[  578.981538][ T9296]  tcp_connect+0x3128/0x4f10
[  578.981570][ T9296]  ? __pfx_tcp_connect+0x10/0x10
[  578.981583][ T9296]  ? trace_irq_disable+0x37/0x110
[  578.981597][ T9296]  ? preempt_schedule_irq+0xde/0x150
[  578.981624][ T9296]  ? tcp_v4_connect+0x1110/0x1a90
[  578.981642][ T9296]  tcp_v4_connect+0x11de/0x1a90
[  578.981666][ T9296]  ? __pfx_tcp_v4_connect+0x10/0x10
[  578.981679][ T9296]  ? mptcp_token_new_connect+0x15f/0x800
[  578.981695][ T9296]  mptcp_connect+0x56b/0x830
[  578.981710][ T9296]  __inet_stream_connect+0x2ae/0xe70
[  578.981731][ T9296]  ? __pfx___inet_stream_connect+0x10/0x10
[  578.981745][ T9296]  ? __kasan_kmalloc+0x93/0xb0
[  578.981763][ T9296]  ? __kmalloc_cache_noprof+0x1ef/0x6c0
[  578.981774][ T9296]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  578.981785][ T9296]  ? rt_spin_unlock+0x150/0x200
[  578.981795][ T9296]  ? tcp_sendmsg_fastopen+0x1de/0x5e0
[  578.981811][ T9296]  tcp_sendmsg_fastopen+0x3a7/0x5e0
[  578.981827][ T9296]  mptcp_sendmsg_fastopen+0x17d/0x580
[  578.981845][ T9296]  mptcp_sendmsg+0x1774/0x1980
[  578.981859][ T9296]  ? smack_socket_sendmsg+0x438/0x520
[  578.981869][ T9296]  ? trace_irq_disable+0x37/0x110
[  578.981883][ T9296]  ? __pfx_smack_socket_sendmsg+0x10/0x10
[  578.981902][ T9296]  ? lockdep_hardirqs_on+0x9c/0x150
[  578.981915][ T9296]  ? __pfx_mptcp_sendmsg+0x10/0x10
[  578.981928][ T9296]  ? sock_rps_record_flow+0x19/0x410
[  578.981948][ T9296]  ? inet_sendmsg+0x2f4/0x370
[  578.981963][ T9296]  __sock_sendmsg+0x19c/0x270
[  578.981980][ T9296]  ____sys_sendmsg+0x534/0x820
[  578.981994][ T9296]  ? __pfx_____sys_sendmsg+0x10/0x10
[  578.982011][ T9296]  ? import_iovec+0x74/0xa0
[  578.982024][ T9296]  ___sys_sendmsg+0x21f/0x2a0
[  578.982036][ T9296]  ? __pfx____sys_sendmsg+0x10/0x10
[  578.982050][ T9296]  ? rcu_is_watching+0x15/0xb0
[  578.982076][ T9296]  ? __fget_files+0x2a/0x420
[  578.982089][ T9296]  ? __fget_files+0x3a6/0x420
[  578.982108][ T9296]  __sys_sendmmsg+0x22d/0x430
[  578.982122][ T9296]  ? __pfx___sys_sendmmsg+0x10/0x10
[  578.982139][ T9296]  ? trace_irq_disable+0x37/0x110
[  578.982159][ T9296]  ? lockdep_hardirqs_on+0x9c/0x150
[  578.982179][ T9296]  __x64_sys_sendmmsg+0xa0/0xc0
[  578.982194][ T9296]  do_syscall_64+0xfa/0xfa0
[  578.982206][ T9296]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  578.982215][ T9296]  ? asm_sysvec_call_function_single+0x1a/0x20
[  578.982225][ T9296]  ? clear_bhb_loop+0x60/0xb0
[  578.982237][ T9296]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  578.982246][ T9296] RIP: 0033:0x7f5cabd8efc9
[  578.982256][ T9296] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  578.982265][ T9296] RSP: 002b:00007f5ca9fd5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  578.982277][ T9296] RAX: ffffffffffffffda RBX: 00007f5cabfe6090 RCX: 00007f5cabd8efc9
[  578.982284][ T9296] RDX: 0000000000000001 RSI: 0000200000004980 RDI: 0000000000000003
[  578.982290][ T9296] RBP: 00007f5ca9fd5090 R08: 0000000000000000 R09: 0000000000000000
[  578.982296][ T9296] R10: 0000000020008000 R11: 0000000000000246 R12: 0000000000000002
[  578.982302][ T9296] R13: 00007f5cabfe6128 R14: 00007f5cabfe6090 R15: 00007ffc7bfaef18
[  578.982320][ T9296]  </TASK>
[  579.892147][ T8460] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  579.916099][ T8460] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  579.922181][ T8460] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  579.990709][ T8460] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  579.991433][ T8460] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  580.159999][ T9302] netlink: 8 bytes leftover after parsing attributes in process `syz.7.906'.
[  580.426531][ T5808] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  580.430729][ T5808] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  580.460914][ T5808] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  580.462805][ T5808] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  580.464268][ T5808] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  580.575891][   T31] usb 8-1: new high-speed USB device number 25 using dummy_hcd
[  580.690293][ T6011] usb 2-1: new high-speed USB device number 55 using dummy_hcd
[  580.733853][   T31] usb 8-1: Using ep0 maxpacket: 16
[  580.735745][   T31] usb 8-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config
[  580.735800][   T31] usb 8-1: config 7 interface 0 altsetting 5 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  580.735819][   T31] usb 8-1: config 7 interface 0 altsetting 5 endpoint 0x81 has invalid wMaxPacketSize 0
[  580.735831][   T31] usb 8-1: config 7 interface 0 altsetting 5 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  580.735844][   T31] usb 8-1: config 7 interface 0 has no altsetting 0
[  580.735864][   T31] usb 8-1: New USB device found, idVendor=0458, idProduct=5010, bcdDevice= 0.00
[  580.735876][   T31] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  580.843826][ T6011] usb 2-1: Using ep0 maxpacket: 16
[  580.850009][ T6011] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  580.850042][ T6011] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  580.850106][ T6011] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  580.850130][ T6011] usb 2-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  580.850142][ T6011] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  580.854660][ T6011] usb 2-1: config 0 descriptor??
[  580.885107][ T6138] team0 (unregistering): Port device team_slave_1 removed
[  581.164958][ T6138] team0 (unregistering): Port device team_slave_0 removed
[  581.276280][ T6011] shield 0003:0955:7214.0006: unknown main item tag 0x0
[  581.276703][ T6011] shield 0003:0955:7214.0006: unknown main item tag 0x0
[  581.276733][ T6011] shield 0003:0955:7214.0006: unknown main item tag 0x0
[  581.276758][ T6011] shield 0003:0955:7214.0006: unknown main item tag 0x0
[  581.276783][ T6011] shield 0003:0955:7214.0006: unknown main item tag 0x0
[  581.315703][ T6011] input: HID 0955:7214 Haptics as /devices/virtual/input/input5
[  581.362168][   T31] usbhid 8-1:7.0: can't add hid device: -71
[  581.362279][   T31] usbhid 8-1:7.0: probe with driver usbhid failed with error -71
[  581.412026][   T31] usb 8-1: USB disconnect, device number 25
[  581.439991][ T6011] shield 0003:0955:7214.0006: Registered Thunderstrike controller
[  581.440201][ T6011] shield 0003:0955:7214.0006: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.1-1/input0
[  582.287116][ T8460] Bluetooth: hci0: command tx timeout
[  582.446381][ T5897] shield 0003:0955:7214.0006: Failed to output Thunderstrike HOSTCMD request HID report due to -ESHUTDOWN
[  582.448394][ T5897] shield 0003:0955:7214.0006: Failed to output Thunderstrike HOSTCMD request HID report due to -ENOENT
[  582.448461][ T5897] shield 0003:0955:7214.0006: Failed to output Thunderstrike HOSTCMD request HID report due to -ENOENT
[  582.448520][ T5897] shield 0003:0955:7214.0006: Failed to output Thunderstrike HOSTCMD request HID report due to -ENOENT
[  582.570181][ T8460] Bluetooth: hci3: command tx timeout
[  582.666915][ T6011] usb 2-1: reset high-speed USB device number 55 using dummy_hcd
[  582.803903][ T6011] usb 2-1: device descriptor read/64, error -32
[  583.044226][ T6011] usb 2-1: reset high-speed USB device number 55 using dummy_hcd
[  583.213953][ T6011] usb 2-1: device descriptor read/64, error -32
[  583.473866][ T6011] usb 2-1: reset high-speed USB device number 55 using dummy_hcd
[  583.539847][ T6011] usb 2-1: device descriptor read/8, error -32
[  583.728151][ T9303] raw-gadget.1 gadget.1: failed to queue suspend event
[  583.728238][ T9303] raw-gadget.1 gadget.1: failed to queue disconnect event
[  583.794222][ T6011] usb 2-1: reset high-speed USB device number 55 using dummy_hcd
[  584.113241][ T6011] usb 2-1: device not accepting address 55, error -71
[  584.124641][   T31] usb 2-1: USB disconnect, device number 55
[  585.028783][ T8460] Bluetooth: hci0: command tx timeout
[  585.028815][ T8460] Bluetooth: hci3: command tx timeout
[  585.699365][    C0] vkms_vblank_simulate: vblank timer overrun
[  586.074664][    C0] vkms_vblank_simulate: vblank timer overrun
[  586.995757][    C0] vkms_vblank_simulate: vblank timer overrun
[  587.083674][    C0] vkms_vblank_simulate: vblank timer overrun
[  587.100248][ T8460] Bluetooth: hci0: command tx timeout
[  587.100275][ T8460] Bluetooth: hci3: command tx timeout
[  587.738144][ T5869] usb 2-1: new high-speed USB device number 56 using dummy_hcd
[  587.859262][ T9171] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  587.899953][ T5869] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  587.899980][ T5869] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  587.926888][ T5869] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  587.926918][ T5869] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  587.926938][ T5869] usb 2-1: SerialNumber: syz
[  587.987732][ T9171] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  588.092612][ T9171] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  588.337235][ T5869] usb 2-1: 0:2 : does not exist
[  588.382413][ T5869] usb 2-1: USB disconnect, device number 56
[  588.481617][ T9171] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  588.766472][ T9297] chnl_net:caif_netlink_parms(): no params data found
[  588.980644][    C0] vkms_vblank_simulate: vblank timer overrun
[  590.320920][ T8460] Bluetooth: hci0: command tx timeout
[  590.320970][ T5808] Bluetooth: hci3: command tx timeout
[  590.619865][ T5897] usb 2-1: new high-speed USB device number 57 using dummy_hcd
[  591.124855][ T9304] chnl_net:caif_netlink_parms(): no params data found
[  591.149984][ T5897] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  591.150017][ T5897] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  591.150055][ T5897] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  591.150077][ T5897] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  591.203425][ T5897] usb 2-1: config 0 descriptor??
[  593.572350][ T5897] usbhid 2-1:0.0: can't add hid device: -71
[  593.572487][ T5897] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  593.576706][ T5897] usb 2-1: USB disconnect, device number 57
[  593.705344][    C0] vkms_vblank_simulate: vblank timer overrun
[  593.848170][ T9395] ceph: No source
[  594.093956][ T5869] usb 8-1: new full-speed USB device number 26 using dummy_hcd
[  594.247970][ T5869] usb 8-1: config 0 has an invalid interface number: 41 but max is 0
[  594.247987][ T5869] usb 8-1: config 0 has no interface number 0
[  594.248016][ T5869] usb 8-1: config 0 interface 41 has no altsetting 0
[  594.277963][ T5869] usb 8-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a
[  594.277992][ T5869] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  594.278011][ T5869] usb 8-1: Product: syz
[  594.278024][ T5869] usb 8-1: Manufacturer: syz
[  594.278038][ T5869] usb 8-1: SerialNumber: syz
[  594.319747][ T5869] usb 8-1: config 0 descriptor??
[  594.733250][ T9395] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  594.778631][ T9395] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  594.781771][ T5869] CoreChips 8-1:0.41 (unnamed net_device) (uninitialized): set LINK LED failed : -71
[  594.782047][ T5869] CoreChips 8-1:0.41: probe with driver CoreChips failed with error -71
[  594.815921][ T5869] usb 8-1: USB disconnect, device number 26
[  595.209127][ T9297] bridge0: port 1(bridge_slave_0) entered blocking state
[  595.209355][ T9297] bridge0: port 1(bridge_slave_0) entered disabled state
[  595.209590][ T9297] bridge_slave_0: entered allmulticast mode
[  595.212422][ T9297] bridge_slave_0: entered promiscuous mode
[  595.607988][    C0] vkms_vblank_simulate: vblank timer overrun
[  596.602850][    C0] vkms_vblank_simulate: vblank timer overrun
[  597.276191][    C0] vkms_vblank_simulate: vblank timer overrun
[  597.355412][    C0] vkms_vblank_simulate: vblank timer overrun
[  597.448736][   T10] usb 2-1: new high-speed USB device number 58 using dummy_hcd
[  597.486705][    C0] vkms_vblank_simulate: vblank timer overrun
[  597.488789][ T9297] bridge0: port 2(bridge_slave_1) entered blocking state
[  597.488939][ T9297] bridge0: port 2(bridge_slave_1) entered disabled state
[  597.489184][ T9297] bridge_slave_1: entered allmulticast mode
[  597.491780][ T9297] bridge_slave_1: entered promiscuous mode
[  597.688287][    C0] vkms_vblank_simulate: vblank timer overrun
[  598.145679][   T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  598.145712][   T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  598.145745][   T10] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  598.145757][   T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  598.160342][   T10] usb 2-1: config 0 descriptor??
[  598.209117][ T9417] netlink: 4 bytes leftover after parsing attributes in process `syz.7.935'.
[  598.350599][   T10] usbhid 2-1:0.0: can't add hid device: -71
[  598.350677][   T10] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  598.361442][   T10] usb 2-1: USB disconnect, device number 58
[  598.636018][    C0] vkms_vblank_simulate: vblank timer overrun
[  598.671366][ T9304] bridge0: port 1(bridge_slave_0) entered blocking state
[  598.671498][ T9304] bridge0: port 1(bridge_slave_0) entered disabled state
[  598.671677][ T9304] bridge_slave_0: entered allmulticast mode
[  598.673218][ T9304] bridge_slave_0: entered promiscuous mode
[  598.764974][    C0] vkms_vblank_simulate: vblank timer overrun
[  598.809175][    C0] vkms_vblank_simulate: vblank timer overrun
[  599.790955][    C0] vkms_vblank_simulate: vblank timer overrun
[  599.853758][ T5881] usb 2-1: new high-speed USB device number 59 using dummy_hcd
[  599.908744][ T9304] bridge0: port 2(bridge_slave_1) entered blocking state
[  599.908869][ T9304] bridge0: port 2(bridge_slave_1) entered disabled state
[  599.909111][ T9304] bridge_slave_1: entered allmulticast mode
[  599.911767][ T9304] bridge_slave_1: entered promiscuous mode
[  599.931008][ T9297] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  600.793445][    C0] vkms_vblank_simulate: vblank timer overrun
[  600.842307][ T5881] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  600.842340][ T5881] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  600.842377][ T5881] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  600.842396][ T5881] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  600.886729][ T5881] usb 2-1: config 0 descriptor??
[  600.913146][ T9297] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  601.146192][    C0] vkms_vblank_simulate: vblank timer overrun
[  601.504565][    C0] vkms_vblank_simulate: vblank timer overrun
[  601.820815][ T9304] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  601.965709][ T9304] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  602.071423][ T9297] team0: Port device team_slave_0 added
[  602.191099][ T9297] team0: Port device team_slave_1 added
[  602.345801][    C0] vkms_vblank_simulate: vblank timer overrun
[  602.786392][    C0] vkms_vblank_simulate: vblank timer overrun
[  602.919375][    C0] vkms_vblank_simulate: vblank timer overrun
[  602.959471][    C0] vkms_vblank_simulate: vblank timer overrun
[  602.961177][ T5881] usbhid 2-1:0.0: can't add hid device: -71
[  602.961298][ T5881] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  602.978368][ T5881] usb 2-1: USB disconnect, device number 59
[  603.203473][ T9304] team0: Port device team_slave_0 added
[  603.383451][ T9304] team0: Port device team_slave_1 added
[  603.406746][ T9297] batman_adv: batadv0: Adding interface: batadv_slave_0
[  603.406762][ T9297] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  603.406785][ T9297] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  603.913340][ T9453] binder: 9449:9453 ioctl c0306201 2000000001c0 returned -14
[  605.246185][    C0] vkms_vblank_simulate: vblank timer overrun
[  605.339459][ T9297] batman_adv: batadv0: Adding interface: batadv_slave_1
[  605.339484][ T9297] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  605.339510][ T9297] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  605.744271][ T9304] batman_adv: batadv0: Adding interface: batadv_slave_0
[  605.744289][ T9304] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  605.744314][ T9304] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  605.757066][ T9304] batman_adv: batadv0: Adding interface: batadv_slave_1
[  605.757083][ T9304] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  605.757106][ T9304] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  606.754543][    C0] vkms_vblank_simulate: vblank timer overrun
[  606.970632][ T9297] hsr_slave_0: entered promiscuous mode
[  606.980327][ T9297] hsr_slave_1: entered promiscuous mode
[  606.983451][ T9297] debugfs: 'hsr0' already exists in 'hsr'
[  607.001532][ T9297] Cannot create hsr debugfs directory
[  607.463761][ T5897] usb 8-1: new high-speed USB device number 27 using dummy_hcd
[  607.593900][   T10] usb 2-1: new high-speed USB device number 60 using dummy_hcd
[  607.613646][    C0] vkms_vblank_simulate: vblank timer overrun
[  607.635777][ T5897] usb 8-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[  607.635805][ T5897] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  607.638965][ T5897] usb 8-1: config 0 descriptor??
[  607.725092][ T9304] hsr_slave_0: entered promiscuous mode
[  607.726361][ T9304] hsr_slave_1: entered promiscuous mode
[  607.727342][ T9304] debugfs: 'hsr0' already exists in 'hsr'
[  607.727381][ T9304] Cannot create hsr debugfs directory
[  607.773853][   T10] usb 2-1: Using ep0 maxpacket: 32
[  607.776359][   T10] usb 2-1: config index 0 descriptor too short (expected 156, got 27)
[  607.776403][   T10] usb 2-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  607.776446][   T10] usb 2-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  607.776471][   T10] usb 2-1: config 0 interface 0 altsetting 191 endpoint 0x87 has invalid wMaxPacketSize 0
[  607.776492][   T10] usb 2-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  607.776518][   T10] usb 2-1: config 0 interface 0 has no altsetting 0
[  607.779344][   T10] usb 2-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  607.779371][   T10] usb 2-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  607.779392][   T10] usb 2-1: Product: syz
[  607.779406][   T10] usb 2-1: Manufacturer: syz
[  607.779420][   T10] usb 2-1: SerialNumber: syz
[  607.889087][   T10] usb 2-1: config 0 descriptor??
[  607.892812][   T10] ldusb 2-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  607.909249][   T10] ldusb 2-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  608.098635][ T9467] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  608.100291][ T9467] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  608.101763][   T10] usb 2-1: USB disconnect, device number 60
[  608.112293][   T10] ldusb 2-1:0.0: LD USB Device #0 now disconnected
[  608.472603][ T5897] usb 8-1: Cannot set autoneg
[  608.472869][ T5897] MOSCHIP usb-ethernet driver 8-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71
[  608.492655][ T5897] usb 8-1: USB disconnect, device number 27
[  608.850975][ T9171] 8021q: adding VLAN 0 to HW filter on device bond0
[  609.396220][ T1114] bridge_slave_1: left allmulticast mode
[  609.396242][ T1114] bridge_slave_1: left promiscuous mode
[  609.396417][ T1114] bridge0: port 2(bridge_slave_1) entered disabled state
[  609.475855][ T1114] bridge_slave_0: left allmulticast mode
[  609.475884][ T1114] bridge_slave_0: left promiscuous mode
[  609.476158][ T1114] bridge0: port 1(bridge_slave_0) entered disabled state
[  609.728717][ T1114] bridge_slave_1: left allmulticast mode
[  609.728746][ T1114] bridge_slave_1: left promiscuous mode
[  609.728997][ T1114] bridge0: port 2(bridge_slave_1) entered disabled state
[  609.815761][ T1114] bridge_slave_0: left allmulticast mode
[  609.815791][ T1114] bridge_slave_0: left promiscuous mode
[  609.816044][ T1114] bridge0: port 1(bridge_slave_0) entered disabled state
[  611.844597][   T10] usb 8-1: new high-speed USB device number 28 using dummy_hcd
[  612.114633][   T10] usb 8-1: Using ep0 maxpacket: 32
[  612.194826][   T10] usb 8-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be
[  612.194905][   T10] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  612.314889][   T10] usb 8-1: config 0 descriptor??
[  612.451173][   T10] gspca_main: vc032x-2.14.0 probing 0ac8:0321
[  612.779379][   T10] gspca_vc032x: reg_w err -71
[  612.779415][   T10] gspca_vc032x: I2c Bus Busy Wait 00
[  612.779426][   T10] gspca_vc032x: I2c Bus Busy Wait 00
[  612.779434][   T10] gspca_vc032x: I2c Bus Busy Wait 00
[  612.779444][   T10] gspca_vc032x: I2c Bus Busy Wait 00
[  612.779452][   T10] gspca_vc032x: I2c Bus Busy Wait 00
[  612.779461][   T10] gspca_vc032x: I2c Bus Busy Wait 00
[  612.779469][   T10] gspca_vc032x: I2c Bus Busy Wait 00
[  612.779477][   T10] gspca_vc032x: I2c Bus Busy Wait 00
[  612.779485][   T10] gspca_vc032x: I2c Bus Busy Wait 00
[  612.779493][   T10] gspca_vc032x: I2c Bus Busy Wait 00
[  612.779501][   T10] gspca_vc032x: I2c Bus Busy Wait 00
[  612.779509][   T10] gspca_vc032x: I2c Bus Busy Wait 00
[  612.779517][   T10] gspca_vc032x: I2c Bus Busy Wait 00
[  612.779525][   T10] gspca_vc032x: I2c Bus Busy Wait 00
[  612.779533][   T10] gspca_vc032x: I2c Bus Busy Wait 00
[  612.779540][   T10] gspca_vc032x: I2c Bus Busy Wait 00
[  612.779548][   T10] gspca_vc032x: I2c Bus Busy Wait 00
[  612.779556][   T10] gspca_vc032x: I2c Bus Busy Wait 00
[  612.779563][   T10] gspca_vc032x: Unknown sensor...
[  612.779650][   T10] vc032x 8-1:0.0: probe with driver vc032x failed with error -22
[  612.782471][   T10] usb 8-1: USB disconnect, device number 28
[  613.282943][ T9507] trusted_key: syz.1.962 sent an empty control message without MSG_MORE.
[  614.844842][ T9516] ceph: Bad value for 'source'
[  615.687219][ T1114] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  615.776892][ T1114] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  615.804156][ T1114] bond0 (unregistering): Released all slaves
[  617.870465][ T9532] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off.
[  617.870483][ T9532] overlayfs: missing 'lowerdir'
[  618.203986][ T5881] usb 2-1: new low-speed USB device number 61 using dummy_hcd
[  618.366336][ T5881] usb 2-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  618.366365][ T5881] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  618.371516][ T5881] usb 2-1: config 0 descriptor??
[  618.625684][ T8460] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  618.632284][ T8460] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  618.633986][ T8460] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  618.638415][ T8460] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  618.641653][ T8460] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  619.160594][ T5808] Bluetooth: to_multiplier 54284 > 3200
[  620.286102][ T5881] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  620.286133][ T5881] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to write RX_CTL mode to 0x0088: ffffffb9
[  620.287473][ T5881] asix 2-1:0.0: probe with driver asix failed with error -71
[  620.292990][ T5881] usb 2-1: USB disconnect, device number 61
[  620.774044][ T5808] Bluetooth: hci5: command tx timeout
[  621.143808][ T5881] usb 8-1: new high-speed USB device number 29 using dummy_hcd
[  621.176420][ T5808] Bluetooth: hci2: command 0x0406 tx timeout
[  621.295351][ T5881] usb 8-1: Using ep0 maxpacket: 16
[  621.297741][ T5881] usb 8-1: config 0 has no interfaces?
[  621.299558][ T5881] usb 8-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  621.299585][ T5881] usb 8-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  621.299605][ T5881] usb 8-1: Manufacturer: syz
[  621.349347][ T5881] usb 8-1: config 0 descriptor??
[  621.566222][ T9548] FAULT_INJECTION: forcing a failure.
[  621.566222][ T9548] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  621.566255][ T9548] CPU: 0 UID: 0 PID: 9548 Comm: syz.7.976 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  621.566276][ T9548] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  621.566286][ T9548] Call Trace:
[  621.566293][ T9548]  <TASK>
[  621.566301][ T9548]  dump_stack_lvl+0x189/0x250
[  621.566331][ T9548]  ? __pfx____ratelimit+0x10/0x10
[  621.566353][ T9548]  ? __pfx_dump_stack_lvl+0x10/0x10
[  621.566377][ T9548]  ? __pfx__printk+0x10/0x10
[  621.566413][ T9548]  should_fail_ex+0x46c/0x600
[  621.566443][ T9548]  _copy_to_user+0x31/0xb0
[  621.566464][ T9548]  simple_read_from_buffer+0xe1/0x170
[  621.566491][ T9548]  proc_fail_nth_read+0x1b6/0x220
[  621.566514][ T9548]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  621.566535][ T9548]  ? rw_verify_area+0x2ac/0x4e0
[  621.566556][ T9548]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  621.566576][ T9548]  vfs_read+0x206/0xa30
[  621.566606][ T9548]  ? __pfx_vfs_read+0x10/0x10
[  621.566623][ T9548]  ? try_to_take_rt_mutex+0x7fd/0xac0
[  621.566651][ T9548]  ? mutex_lock_nested+0x154/0x1d0
[  621.566668][ T9548]  ? fdget_pos+0x253/0x320
[  621.566699][ T9548]  ksys_read+0x14b/0x260
[  621.566722][ T9548]  ? __pfx_ksys_read+0x10/0x10
[  621.566742][ T9548]  ? __secure_computing+0xe2/0x2a0
[  621.566769][ T9548]  do_syscall_64+0xfa/0xfa0
[  621.566796][ T9548]  ? lockdep_hardirqs_on+0x9c/0x150
[  621.566817][ T9548]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  621.566834][ T9548]  ? clear_bhb_loop+0x60/0xb0
[  621.566856][ T9548]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  621.566873][ T9548] RIP: 0033:0x7f5cabd8d9dc
[  621.566889][ T9548] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  621.566905][ T9548] RSP: 002b:00007f5ca9ff6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  621.566923][ T9548] RAX: ffffffffffffffda RBX: 00007f5cabfe5fa0 RCX: 00007f5cabd8d9dc
[  621.566936][ T9548] RDX: 000000000000000f RSI: 00007f5ca9ff60a0 RDI: 0000000000000019
[  621.566948][ T9548] RBP: 00007f5ca9ff6090 R08: 0000000000000000 R09: 0000000000000000
[  621.566958][ T9548] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  621.566969][ T9548] R13: 00007f5cabfe6038 R14: 00007f5cabfe5fa0 R15: 00007ffc7bfaef18
[  621.567002][ T9548]  </TASK>
[  621.844321][ T5881] usb 8-1: USB disconnect, device number 29
[  621.905011][ T1114] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  621.997763][ T1114] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  622.038753][ T1114] bond0 (unregistering): Released all slaves
[  622.096043][ T9171] 8021q: adding VLAN 0 to HW filter on device team0
[  622.881048][ T5808] Bluetooth: hci5: command tx timeout
[  623.444354][ T9570] mmap: syz.7.983 (9570) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  623.488787][   T37] kauditd_printk_skb: 2 callbacks suppressed
[  623.488803][   T37] audit: type=1326 audit(1761833875.461:446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9571 comm="syz.1.984" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  623.488843][   T37] audit: type=1326 audit(1761833875.461:447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9571 comm="syz.1.984" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  623.490245][   T37] audit: type=1326 audit(1761833875.461:448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9571 comm="syz.1.984" exe="/root/syz-executor" sig=0 arch=c000003e syscall=108 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  623.490291][   T37] audit: type=1326 audit(1761833875.461:449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9571 comm="syz.1.984" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  623.491410][   T37] audit: type=1326 audit(1761833875.461:450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9571 comm="syz.1.984" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  623.491459][   T37] audit: type=1326 audit(1761833875.461:451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9571 comm="syz.1.984" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  623.491499][   T37] audit: type=1326 audit(1761833875.461:452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9571 comm="syz.1.984" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  623.491539][   T37] audit: type=1326 audit(1761833875.461:453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9571 comm="syz.1.984" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  623.491588][   T37] audit: type=1326 audit(1761833875.461:454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9571 comm="syz.1.984" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  623.491628][   T37] audit: type=1326 audit(1761833875.461:455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9571 comm="syz.1.984" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  623.544147][ T9574] netlink: 36 bytes leftover after parsing attributes in process `syz.1.984'.
[  623.668926][ T9575] tmpfs: Unknown parameter '0x0000000000000000'
[  624.134221][ T5881] usb 8-1: new high-speed USB device number 30 using dummy_hcd
[  624.195956][ T1114] hsr_slave_0: left promiscuous mode
[  624.217457][ T1114] hsr_slave_1: left promiscuous mode
[  624.218436][ T1114] batman_adv: batadv0: Removing interface: batadv_slave_0
[  624.269130][ T1114] batman_adv: batadv0: Removing interface: batadv_slave_1
[  624.283745][ T5881] usb 8-1: Using ep0 maxpacket: 8
[  624.288852][ T5881] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  624.288931][ T5881] usb 8-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a
[  624.288954][ T5881] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  624.297507][ T5881] usb 8-1: config 0 descriptor??
[  624.304319][ T5881] gspca_main: vc032x-2.14.0 probing 046d:0892
[  624.470895][ T1114] hsr_slave_0: left promiscuous mode
[  624.507951][ T1114] hsr_slave_1: left promiscuous mode
[  624.511293][ T1114] batman_adv: batadv0: Removing interface: batadv_slave_0
[  624.549903][ T1114] batman_adv: batadv0: Removing interface: batadv_slave_1
[  624.550202][ T1319] ieee802154 phy0 wpan0: encryption failed: -22
[  624.550556][ T1319] ieee802154 phy1 wpan1: encryption failed: -22
[  624.933815][ T5808] Bluetooth: hci5: command tx timeout
[  625.077798][ T5881] gspca_vc032x: reg_r err -71
[  625.077895][ T5881] vc032x 8-1:0.0: probe with driver vc032x failed with error -71
[  625.099570][ T5881] usb 8-1: USB disconnect, device number 30
[  625.523882][ T5881] usb 8-1: new high-speed USB device number 31 using dummy_hcd
[  625.653965][ T5881] usb 8-1: device descriptor read/64, error -71
[  625.923756][ T5881] usb 8-1: new high-speed USB device number 32 using dummy_hcd
[  626.046380][ T1114] team0 (unregistering): Port device team_slave_1 removed
[  626.086884][ T5881] usb 8-1: device descriptor read/64, error -71
[  626.197496][ T5881] usb usb8-port1: attempt power cycle
[  626.368915][ T1114] team0 (unregistering): Port device team_slave_0 removed
[  626.548717][ T5881] usb 8-1: new high-speed USB device number 33 using dummy_hcd
[  626.564694][ T5881] usb 8-1: device descriptor read/8, error -71
[  626.859920][ T5881] usb 8-1: new high-speed USB device number 34 using dummy_hcd
[  626.874466][ T5881] usb 8-1: device descriptor read/8, error -71
[  626.998205][ T5881] usb usb8-port1: unable to enumerate USB device
[  627.013778][ T5808] Bluetooth: hci5: command tx timeout
[  628.403879][ T9587] Bluetooth: MGMT ver 1.23
[  628.477543][ T9588] FAULT_INJECTION: forcing a failure.
[  628.477543][ T9588] name failslab, interval 1, probability 0, space 0, times 0
[  628.477577][ T9588] CPU: 1 UID: 0 PID: 9588 Comm: syz.7.988 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  628.477598][ T9588] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  628.477609][ T9588] Call Trace:
[  628.477616][ T9588]  <TASK>
[  628.477625][ T9588]  dump_stack_lvl+0x189/0x250
[  628.477655][ T9588]  ? __pfx____ratelimit+0x10/0x10
[  628.477678][ T9588]  ? __pfx_dump_stack_lvl+0x10/0x10
[  628.477702][ T9588]  ? __pfx__printk+0x10/0x10
[  628.477728][ T9588]  ? __pfx___might_resched+0x10/0x10
[  628.477746][ T9588]  ? fs_reclaim_acquire+0x7d/0x100
[  628.477773][ T9588]  should_fail_ex+0x46c/0x600
[  628.477880][ T9588]  should_failslab+0xa8/0x100
[  628.477906][ T9588]  __kmalloc_node_track_caller_noprof+0xcf/0x7e0
[  628.477930][ T9588]  ? ovl_parse_param+0x66f/0xee0
[  628.477955][ T9588]  kstrdup+0x42/0x100
[  628.477977][ T9588]  ovl_parse_param+0x66f/0xee0
[  628.478003][ T9588]  ? __pfx_ovl_parse_param+0x10/0x10
[  628.478032][ T9588]  ? static_key_count+0x41/0x70
[  628.478055][ T9588]  vfs_parse_fs_param+0x1a9/0x420
[  628.478082][ T9588]  vfs_parse_monolithic_sep+0x25d/0x320
[  628.478105][ T9588]  ? __pfx_ovl_next_opt+0x10/0x10
[  628.478124][ T9588]  ? __pfx_vfs_parse_monolithic_sep+0x10/0x10
[  628.478155][ T9588]  ? alloc_fs_context+0x670/0x7e0
[  628.478187][ T9588]  do_new_mount+0x2cb/0xa10
[  628.478209][ T9588]  ? safesetid_security_capable+0xa9/0x1a0
[  628.478237][ T9588]  ? security_capable+0x7e/0x2e0
[  628.478257][ T9588]  ? __pfx_do_new_mount+0x10/0x10
[  628.478279][ T9588]  ? ns_capable+0x8a/0xf0
[  628.478302][ T9588]  ? path_mount+0x61c/0xfe0
[  628.478334][ T9588]  __se_sys_mount+0x313/0x410
[  628.478362][ T9588]  ? __pfx___se_sys_mount+0x10/0x10
[  628.478388][ T9588]  ? do_syscall_64+0xbe/0xfa0
[  628.478408][ T9588]  ? __x64_sys_mount+0x20/0xc0
[  628.478432][ T9588]  do_syscall_64+0xfa/0xfa0
[  628.478451][ T9588]  ? lockdep_hardirqs_on+0x9c/0x150
[  628.478472][ T9588]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  628.478488][ T9588]  ? clear_bhb_loop+0x60/0xb0
[  628.478510][ T9588]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  628.478527][ T9588] RIP: 0033:0x7f5cabd8efc9
[  628.478544][ T9588] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  628.478559][ T9588] RSP: 002b:00007f5ca9fd5038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  628.478579][ T9588] RAX: ffffffffffffffda RBX: 00007f5cabfe6090 RCX: 00007f5cabd8efc9
[  628.478593][ T9588] RDX: 0000200000000080 RSI: 0000200000000380 RDI: 0000000000000000
[  628.478605][ T9588] RBP: 00007f5ca9fd5090 R08: 00002000000000c0 R09: 0000000000000000
[  628.478617][ T9588] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  628.478628][ T9588] R13: 00007f5cabfe6128 R14: 00007f5cabfe6090 R15: 00007ffc7bfaef18
[  628.478661][ T9588]  </TASK>
[  630.619084][ T1114] team0 (unregistering): Port device team_slave_1 removed
[  630.954125][ T1114] team0 (unregistering): Port device team_slave_0 removed
[  634.481750][   T37] kauditd_printk_skb: 5 callbacks suppressed
[  634.481765][   T37] audit: type=1326 audit(1761833886.451:461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9606 comm="syz.1.993" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  634.481805][   T37] audit: type=1326 audit(1761833886.451:462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9606 comm="syz.1.993" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  634.536145][   T37] audit: type=1326 audit(1761833886.451:463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9606 comm="syz.1.993" exe="/root/syz-executor" sig=0 arch=c000003e syscall=108 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  634.536195][   T37] audit: type=1326 audit(1761833886.451:464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9606 comm="syz.1.993" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  634.536230][   T37] audit: type=1326 audit(1761833886.451:465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9606 comm="syz.1.993" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  634.536266][   T37] audit: type=1326 audit(1761833886.451:466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9606 comm="syz.1.993" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  634.536304][   T37] audit: type=1326 audit(1761833886.461:467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9606 comm="syz.1.993" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  634.536338][   T37] audit: type=1326 audit(1761833886.461:468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9606 comm="syz.1.993" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  634.536373][   T37] audit: type=1326 audit(1761833886.461:469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9606 comm="syz.1.993" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  634.537139][ T9609] netlink: 36 bytes leftover after parsing attributes in process `syz.1.993'.
[  634.537291][   T37] audit: type=1326 audit(1761833886.461:470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9606 comm="syz.1.993" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  636.478360][ T9621] dvmrp1: tun_chr_ioctl cmd 1074025673
[  636.677441][ T8460] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  636.709998][ T8460] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  636.711404][ T8460] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  636.712691][ T8460] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  636.713528][ T8460] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  636.860086][ T9535] chnl_net:caif_netlink_parms(): no params data found
[  637.775950][ T9633] netlink: 36 bytes leftover after parsing attributes in process `syz.1.997'.
[  638.653759][ T5881] usb 8-1: new high-speed USB device number 35 using dummy_hcd
[  638.783892][ T5808] Bluetooth: hci1: command tx timeout
[  638.815958][ T5881] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  638.815991][ T5881] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  638.816028][ T5881] usb 8-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  638.816058][ T5881] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  638.820899][ T5881] usb 8-1: config 0 descriptor??
[  639.560049][ T9535] bridge0: port 1(bridge_slave_0) entered blocking state
[  639.560253][ T9535] bridge0: port 1(bridge_slave_0) entered disabled state
[  639.560674][ T9535] bridge_slave_0: entered allmulticast mode
[  639.714948][ T9535] bridge_slave_0: entered promiscuous mode
[  640.875685][ T5808] Bluetooth: hci1: command tx timeout
[  641.428288][ T9535] bridge0: port 2(bridge_slave_1) entered blocking state
[  641.428544][ T9535] bridge0: port 2(bridge_slave_1) entered disabled state
[  641.428927][ T9535] bridge_slave_1: entered allmulticast mode
[  641.459747][ T9535] bridge_slave_1: entered promiscuous mode
[  642.203171][ T5881] usbhid 8-1:0.0: can't add hid device: -71
[  642.203298][ T5881] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[  642.226694][ T5881] usb 8-1: USB disconnect, device number 35
[  642.474304][ T9650] netlink: 104 bytes leftover after parsing attributes in process `syz.7.1000'.
[  642.745244][   T10] usb 8-1: new high-speed USB device number 36 using dummy_hcd
[  642.752481][ T8460] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  642.789065][ T8460] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  642.790835][ T8460] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  642.801897][ T8460] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  642.802680][ T8460] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  642.893723][   T10] usb 8-1: Using ep0 maxpacket: 8
[  642.911035][   T10] usb 8-1: config 1 interface 0 altsetting 64 bulk endpoint 0x82 has invalid maxpacket 32
[  642.911067][   T10] usb 8-1: config 1 interface 0 altsetting 64 bulk endpoint 0x3 has invalid maxpacket 1024
[  642.911092][   T10] usb 8-1: config 1 interface 0 altsetting 64 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  642.911118][   T10] usb 8-1: config 1 interface 0 has no altsetting 0
[  642.933780][ T8460] Bluetooth: hci1: command tx timeout
[  642.966495][   T10] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  642.966526][   T10] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  642.966545][   T10] usb 8-1: Product: syz
[  642.966560][   T10] usb 8-1: Manufacturer: syz
[  642.966578][   T10] usb 8-1: SerialNumber: syz
[  642.990369][ T9650] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[  642.990743][ T9650] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[  643.030321][ T9535] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  643.113258][ T9535] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  643.697667][   T10] usb 8-1: bad CDC descriptors
[  643.739728][   T10] usb 8-1: USB disconnect, device number 36
[  643.966077][   T37] kauditd_printk_skb: 45 callbacks suppressed
[  643.966113][   T37] audit: type=1326 audit(1761833895.941:516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9660 comm="syz.1.1002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  643.966155][   T37] audit: type=1326 audit(1761833895.941:517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9660 comm="syz.1.1002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  643.967642][   T37] audit: type=1326 audit(1761833895.941:518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9660 comm="syz.1.1002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=108 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  643.969737][   T37] audit: type=1326 audit(1761833895.941:519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9660 comm="syz.1.1002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  643.969787][   T37] audit: type=1326 audit(1761833895.941:520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9660 comm="syz.1.1002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  643.969828][   T37] audit: type=1326 audit(1761833895.941:521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9660 comm="syz.1.1002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  643.969869][   T37] audit: type=1326 audit(1761833895.941:522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9660 comm="syz.1.1002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  643.969909][   T37] audit: type=1326 audit(1761833895.941:523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9660 comm="syz.1.1002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  643.969953][   T37] audit: type=1326 audit(1761833895.941:524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9660 comm="syz.1.1002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  643.969993][   T37] audit: type=1326 audit(1761833895.941:525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9660 comm="syz.1.1002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  644.020988][ T9662] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1002'.
[  644.424681][ T9664] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  644.531204][ T9535] team0: Port device team_slave_0 added
[  644.532785][ T9665] netlink: 16402 bytes leftover after parsing attributes in process `syz.7.1003'.
[  644.577534][ T9535] team0: Port device team_slave_1 added
[  644.607350][    C1] vkms_vblank_simulate: vblank timer overrun
[  644.677820][    C1] vkms_vblank_simulate: vblank timer overrun
[  644.707167][    C1] vkms_vblank_simulate: vblank timer overrun
[  644.817213][    C1] vkms_vblank_simulate: vblank timer overrun
[  644.853975][ T8460] Bluetooth: hci6: command tx timeout
[  644.857431][    C1] vkms_vblank_simulate: vblank timer overrun
[  645.015688][ T8460] Bluetooth: hci1: command tx timeout
[  645.598696][ T9671] dvmrp1: tun_chr_ioctl cmd 1074025673
[  646.240561][ T9535] batman_adv: batadv0: Adding interface: batadv_slave_0
[  646.240578][ T9535] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  646.240602][ T9535] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  646.332412][ T9535] batman_adv: batadv0: Adding interface: batadv_slave_1
[  646.332430][ T9535] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  646.332456][ T9535] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  646.626301][    C1] vkms_vblank_simulate: vblank timer overrun
[  646.774095][ T5881] usb 2-1: new high-speed USB device number 62 using dummy_hcd
[  647.109920][ T5808] Bluetooth: hci6: command tx timeout
[  647.145458][    C1] vkms_vblank_simulate: vblank timer overrun
[  647.457090][    C1] vkms_vblank_simulate: vblank timer overrun
[  647.852329][    C1] vkms_vblank_simulate: vblank timer overrun
[  647.917318][ T9707] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1016'.
[  648.180836][    C1] vkms_vblank_simulate: vblank timer overrun
[  648.344420][    C1] vkms_vblank_simulate: vblank timer overrun
[  649.175429][ T5808] Bluetooth: hci6: command tx timeout
[  649.370366][    C1] vkms_vblank_simulate: vblank timer overrun
[  649.419918][ T9711] dvmrp1: tun_chr_ioctl cmd 1074025673
[  650.178632][    C1] vkms_vblank_simulate: vblank timer overrun
[  650.424195][ T9720] scsi_nl_rcv_msg: discarding partial skb
[  651.253913][ T5808] Bluetooth: hci6: command tx timeout
[  651.433875][    C1] vkms_vblank_simulate: vblank timer overrun
[  651.576278][    C1] vkms_vblank_simulate: vblank timer overrun
[  651.711506][ T9720] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1019'.
[  652.102934][ T9535] hsr_slave_0: entered promiscuous mode
[  652.106532][    C1] vkms_vblank_simulate: vblank timer overrun
[  652.124551][ T9535] hsr_slave_1: entered promiscuous mode
[  652.125612][ T9535] debugfs: 'hsr0' already exists in 'hsr'
[  652.125636][ T9535] Cannot create hsr debugfs directory
[  652.158141][    C1] vkms_vblank_simulate: vblank timer overrun
[  652.244148][    C1] vkms_vblank_simulate: vblank timer overrun
[  652.268217][ T9628] chnl_net:caif_netlink_parms(): no params data found
[  652.421816][ T9720] bond0: option arp_all_targets: invalid value (18446744073709551615)
[  653.233538][ T9732] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  653.299804][ T9732] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  653.618000][ T5897] usb 8-1: new full-speed USB device number 37 using dummy_hcd
[  653.795708][ T5897] usb 8-1: config 0 interface 0 altsetting 1 endpoint 0x7 has invalid wMaxPacketSize 0
[  653.795737][ T5897] usb 8-1: config 0 interface 0 altsetting 1 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  653.795751][ T5897] usb 8-1: config 0 interface 0 altsetting 1 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  653.795764][ T5897] usb 8-1: config 0 interface 0 altsetting 1 endpoint 0x8F has invalid maxpacket 512, setting to 64
[  653.795779][ T5897] usb 8-1: config 0 interface 0 has no altsetting 0
[  653.797969][ T5897] usb 8-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb
[  653.797998][ T5897] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  653.798010][ T5897] usb 8-1: Product: syz
[  653.798017][ T5897] usb 8-1: Manufacturer: syz
[  653.798024][ T5897] usb 8-1: SerialNumber: syz
[  653.802983][ T5897] usb 8-1: config 0 descriptor??
[  653.804176][ T9734] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[  654.017847][ T9732] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[  654.178132][ T5897] input: syz syz as /devices/platform/dummy_hcd.7/usb8/8-1/8-1:0.0/input/input6
[  654.467120][ T9738] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  654.467553][ T9738] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  656.095047][ T9628] bridge0: port 1(bridge_slave_0) entered blocking state
[  656.095185][ T9628] bridge0: port 1(bridge_slave_0) entered disabled state
[  656.095394][ T9628] bridge_slave_0: entered allmulticast mode
[  656.098105][ T9628] bridge_slave_0: entered promiscuous mode
[  656.133942][ T9628] bridge0: port 2(bridge_slave_1) entered blocking state
[  656.134121][ T9628] bridge0: port 2(bridge_slave_1) entered disabled state
[  656.134679][ T9628] bridge_slave_1: entered allmulticast mode
[  656.141239][ T9628] bridge_slave_1: entered promiscuous mode
[  656.523414][ T9748] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1023'.
[  656.929813][ T5881] usb 8-1: USB disconnect, device number 37
[  657.021353][ T9748] netlink: 'syz.1.1023': attribute type 2 has an invalid length.
[  657.043812][   T31] usb 2-1: new high-speed USB device number 63 using dummy_hcd
[  657.078361][ T9749] netlink: 'syz.1.1023': attribute type 2 has an invalid length.
[  657.107624][ T9628] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  657.154660][ T9628] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  657.294777][   T31] usb 2-1: Using ep0 maxpacket: 32
[  657.297836][   T31] usb 2-1: config 1 interface 0 altsetting 135 bulk endpoint 0x1 has invalid maxpacket 1023
[  657.297868][   T31] usb 2-1: config 1 interface 0 has no altsetting 0
[  657.301977][   T31] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  657.302007][   T31] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  657.302018][   T31] usb 2-1: Product: 츥귷肗쳉뢱푧ڒￜ뵔쇄촁၂쳣
[  657.302027][   T31] usb 2-1: Manufacturer: ч
[  657.302034][   T31] usb 2-1: SerialNumber: syz
[  657.324611][ T9750] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[  659.560390][   T31] usblp 2-1:1.0: usblp0: USB Unidirectional printer dev 63 if 0 alt 135 proto 1 vid 0x0525 pid 0xA4A8
[  659.583944][   T31] usb 2-1: USB disconnect, device number 63
[  659.589823][   T31] usblp0: removed
[  659.645469][ T9628] team0: Port device team_slave_0 added
[  659.721344][   T37] kauditd_printk_skb: 19 callbacks suppressed
[  659.721359][   T37] audit: type=1326 audit(1761833911.691:545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9755 comm="syz.1.1025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  659.721390][   T37] audit: type=1326 audit(1761833911.691:546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9755 comm="syz.1.1025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  659.721421][   T37] audit: type=1326 audit(1761833911.691:547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9755 comm="syz.1.1025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=108 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  659.721456][   T37] audit: type=1326 audit(1761833911.691:548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9755 comm="syz.1.1025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  659.721485][   T37] audit: type=1326 audit(1761833911.691:549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9755 comm="syz.1.1025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  659.864943][   T37] audit: type=1326 audit(1761833911.701:550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9755 comm="syz.1.1025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  659.979006][   T37] audit: type=1326 audit(1761833911.911:551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9755 comm="syz.1.1025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  659.979061][   T37] audit: type=1326 audit(1761833911.911:552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9755 comm="syz.1.1025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  659.979102][   T37] audit: type=1326 audit(1761833911.921:553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9755 comm="syz.1.1025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  659.979143][   T37] audit: type=1326 audit(1761833911.921:554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9755 comm="syz.1.1025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  660.001850][ T9760] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1025'.
[  660.784228][ T9651] chnl_net:caif_netlink_parms(): no params data found
[  660.985088][ T9628] team0: Port device team_slave_1 added
[  663.279349][ T9628] batman_adv: batadv0: Adding interface: batadv_slave_0
[  663.279360][ T9628] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  663.279375][ T9628] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  663.346077][ T9628] batman_adv: batadv0: Adding interface: batadv_slave_1
[  663.346088][ T9628] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  663.346102][ T9628] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  663.918559][ T9779] FAULT_INJECTION: forcing a failure.
[  663.918559][ T9779] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  663.918593][ T9779] CPU: 0 UID: 0 PID: 9779 Comm: syz.7.1032 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  663.918614][ T9779] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  663.918624][ T9779] Call Trace:
[  663.918631][ T9779]  <TASK>
[  663.918639][ T9779]  dump_stack_lvl+0x189/0x250
[  663.918667][ T9779]  ? __pfx____ratelimit+0x10/0x10
[  663.918686][ T9779]  ? __pfx_dump_stack_lvl+0x10/0x10
[  663.918708][ T9779]  ? __pfx__printk+0x10/0x10
[  663.918729][ T9779]  ? __might_fault+0xb0/0x130
[  663.918767][ T9779]  should_fail_ex+0x46c/0x600
[  663.918795][ T9779]  _copy_from_user+0x2d/0xb0
[  663.918815][ T9779]  __se_sys_mount+0x18b/0x410
[  663.918845][ T9779]  ? __pfx___se_sys_mount+0x10/0x10
[  663.918871][ T9779]  ? do_syscall_64+0xbe/0xfa0
[  663.918890][ T9779]  ? __x64_sys_mount+0x20/0xc0
[  663.918913][ T9779]  do_syscall_64+0xfa/0xfa0
[  663.918932][ T9779]  ? lockdep_hardirqs_on+0x9c/0x150
[  663.918953][ T9779]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  663.918971][ T9779]  ? clear_bhb_loop+0x60/0xb0
[  663.918991][ T9779]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  663.919008][ T9779] RIP: 0033:0x7f5cabd8efc9
[  663.919024][ T9779] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  663.919039][ T9779] RSP: 002b:00007f5ca9ff6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  663.919058][ T9779] RAX: ffffffffffffffda RBX: 00007f5cabfe5fa0 RCX: 00007f5cabd8efc9
[  663.919071][ T9779] RDX: 0000200000000340 RSI: 00002000000000c0 RDI: 0000000000000000
[  663.919082][ T9779] RBP: 00007f5ca9ff6090 R08: 0000200000000180 R09: 0000000000000000
[  663.919094][ T9779] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  663.919105][ T9779] R13: 00007f5cabfe6038 R14: 00007f5cabfe5fa0 R15: 00007ffc7bfaef18
[  663.919136][ T9779]  </TASK>
[  663.953044][ T9779] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  663.953075][ T9779] overlayfs: option "index=on" is useless in a non-upper mount, ignore
[  663.953085][ T9779] overlayfs: missing 'lowerdir'
[  664.762717][   T37] kauditd_printk_skb: 5 callbacks suppressed
[  664.762737][   T37] audit: type=1326 audit(1761833916.661:560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9785 comm="syz.1.1034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  664.762789][   T37] audit: type=1326 audit(1761833916.661:561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9785 comm="syz.1.1034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=108 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  664.762829][   T37] audit: type=1326 audit(1761833916.661:562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9785 comm="syz.1.1034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  664.762868][   T37] audit: type=1326 audit(1761833916.661:563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9785 comm="syz.1.1034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  664.762908][   T37] audit: type=1326 audit(1761833916.671:564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9785 comm="syz.1.1034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  664.955851][   T37] audit: type=1326 audit(1761833916.901:565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9785 comm="syz.1.1034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  664.955907][   T37] audit: type=1326 audit(1761833916.901:566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9785 comm="syz.1.1034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  664.955949][   T37] audit: type=1326 audit(1761833916.911:567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9785 comm="syz.1.1034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  664.955990][   T37] audit: type=1326 audit(1761833916.911:568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9785 comm="syz.1.1034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  664.956032][   T37] audit: type=1326 audit(1761833916.911:569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9785 comm="syz.1.1034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  664.970830][ T9786] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1034'.
[  665.170344][ T9791] FAULT_INJECTION: forcing a failure.
[  665.170344][ T9791] name fail_futex, interval 1, probability 0, space 0, times 1
[  665.170382][ T9791] CPU: 0 UID: 0 PID: 9791 Comm: syz.7.1035 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  665.170413][ T9791] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  665.170424][ T9791] Call Trace:
[  665.170432][ T9791]  <TASK>
[  665.170445][ T9791]  dump_stack_lvl+0x189/0x250
[  665.170475][ T9791]  ? __pfx____ratelimit+0x10/0x10
[  665.170496][ T9791]  ? __pfx_dump_stack_lvl+0x10/0x10
[  665.170520][ T9791]  ? __pfx__printk+0x10/0x10
[  665.170551][ T9791]  ? __lock_acquire+0xab9/0xd20
[  665.170581][ T9791]  should_fail_ex+0x46c/0x600
[  665.170610][ T9791]  get_futex_key+0x1a8/0x1660
[  665.170641][ T9791]  ? __pfx_get_futex_key+0x10/0x10
[  665.170658][ T9791]  ? perf_lock_task_context+0x744/0x890
[  665.170680][ T9791]  ? lockdep_hardirqs_on+0x9c/0x150
[  665.170712][ T9791]  futex_wake+0xf8/0x560
[  665.170733][ T9791]  ? __lock_acquire+0xab9/0xd20
[  665.170758][ T9791]  ? __pfx_futex_wake+0x10/0x10
[  665.170785][ T9791]  ? __lock_acquire+0xab9/0xd20
[  665.170816][ T9791]  do_futex+0x395/0x420
[  665.170841][ T9791]  ? __pfx_do_futex+0x10/0x10
[  665.170864][ T9791]  ? __might_fault+0xb0/0x130
[  665.170891][ T9791]  mm_release+0x188/0x390
[  665.170912][ T9791]  ? __pfx_mm_release+0x10/0x10
[  665.170934][ T9791]  ? exit_mm_release+0x1a/0x30
[  665.170962][ T9791]  exit_mm+0xa8/0x2c0
[  665.170986][ T9791]  ? rt_spin_unlock+0x161/0x200
[  665.171005][ T9791]  ? __pfx_exit_mm+0x10/0x10
[  665.171031][ T9791]  ? rcu_is_watching+0x15/0xb0
[  665.171052][ T9791]  do_exit+0x648/0x2300
[  665.171081][ T9791]  ? do_raw_spin_unlock+0x122/0x240
[  665.171105][ T9791]  ? __pfx_do_exit+0x10/0x10
[  665.171124][ T9791]  ? rt_mutex_slowunlock+0x614/0x8a0
[  665.171145][ T9791]  ? rt_spin_lock+0x1c1/0x3e0
[  665.171180][ T9791]  do_group_exit+0x21c/0x2d0
[  665.171196][ T9791]  ? rt_spin_unlock+0x161/0x200
[  665.171217][ T9791]  get_signal+0x125d/0x1310
[  665.171260][ T9791]  arch_do_signal_or_restart+0xa0/0x790
[  665.171288][ T9791]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  665.171325][ T9791]  ? exit_to_user_mode_loop+0x40/0x130
[  665.171351][ T9791]  exit_to_user_mode_loop+0x72/0x130
[  665.171374][ T9791]  do_syscall_64+0x2bd/0xfa0
[  665.171493][ T9791]  ? lockdep_hardirqs_on+0x9c/0x150
[  665.171519][ T9791]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  665.171535][ T9791]  ? clear_bhb_loop+0x60/0xb0
[  665.171555][ T9791]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  665.171572][ T9791] RIP: 0033:0x7f5cabd8efc9
[  665.171589][ T9791] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  665.171604][ T9791] RSP: 002b:00007f5ca9fb4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  665.171623][ T9791] RAX: ffffffffffffffe0 RBX: 00007f5cabfe6180 RCX: 00007f5cabd8efc9
[  665.171635][ T9791] RDX: 00000000000000d9 RSI: 0000000000000000 RDI: 0000000000000006
[  665.171646][ T9791] RBP: 00007f5ca9fb4090 R08: 0000000000000000 R09: 0000000000000000
[  665.171658][ T9791] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  665.171668][ T9791] R13: 00007f5cabfe6218 R14: 00007f5cabfe6180 R15: 00007ffc7bfaef18
[  665.171699][ T9791]  </TASK>
[  667.043898][   T10] usb 8-1: new high-speed USB device number 38 using dummy_hcd
[  667.241479][ T9804] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1038'.
[  667.756952][   T10] usb 8-1: Using ep0 maxpacket: 16
[  667.804557][   T10] usb 8-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 9.00
[  667.804588][   T10] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  667.804608][   T10] usb 8-1: Product: syz
[  667.804622][   T10] usb 8-1: Manufacturer: syz
[  667.804635][   T10] usb 8-1: SerialNumber: syz
[  667.846555][   T10] usb 8-1: config 0 descriptor??
[  667.900235][   T10] ftdi_sio 8-1:0.0: FTDI USB Serial Device converter detected
[  667.902567][   T10] usb 8-1: Detected FT232H
[  668.295543][ T9651] bridge0: port 1(bridge_slave_0) entered blocking state
[  668.295997][ T9651] bridge0: port 1(bridge_slave_0) entered disabled state
[  668.297234][ T9651] bridge_slave_0: entered allmulticast mode
[  668.334901][ T9651] bridge_slave_0: entered promiscuous mode
[  668.336913][   T10] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[  668.337583][   T10] ftdi_sio 8-1:0.0: GPIO initialisation failed: -71
[  668.340391][   T10] usb 8-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  668.484280][   T10] usb 8-1: USB disconnect, device number 38
[  668.515614][ T9628] hsr_slave_0: entered promiscuous mode
[  668.522835][ T9628] hsr_slave_1: entered promiscuous mode
[  668.536116][ T9628] debugfs: 'hsr0' already exists in 'hsr'
[  668.536144][ T9628] Cannot create hsr debugfs directory
[  668.563136][ T9651] bridge0: port 2(bridge_slave_1) entered blocking state
[  668.563267][ T9651] bridge0: port 2(bridge_slave_1) entered disabled state
[  668.563524][ T9651] bridge_slave_1: entered allmulticast mode
[  668.596174][   T10] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  668.596729][   T10] ftdi_sio 8-1:0.0: device disconnected
[  668.602788][ T9651] bridge_slave_1: entered promiscuous mode
[  668.802262][ T9813] FAULT_INJECTION: forcing a failure.
[  668.802262][ T9813] name failslab, interval 1, probability 0, space 0, times 0
[  668.802298][ T9813] CPU: 0 UID: 0 PID: 9813 Comm: syz.1.1041 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  668.802319][ T9813] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  668.802330][ T9813] Call Trace:
[  668.802337][ T9813]  <TASK>
[  668.802345][ T9813]  dump_stack_lvl+0x189/0x250
[  668.802374][ T9813]  ? __pfx____ratelimit+0x10/0x10
[  668.802396][ T9813]  ? __pfx_dump_stack_lvl+0x10/0x10
[  668.802420][ T9813]  ? __pfx__printk+0x10/0x10
[  668.802456][ T9813]  should_fail_ex+0x46c/0x600
[  668.802485][ T9813]  should_failslab+0xa8/0x100
[  668.802510][ T9813]  __kmalloc_cache_noprof+0x6f/0x6c0
[  668.802534][ T9813]  ? smack_populate_secattr+0xd0/0x350
[  668.802561][ T9813]  smack_populate_secattr+0xd0/0x350
[  668.802589][ T9813]  smk_import_entry+0x118/0x1e0
[  668.802613][ T9813]  smk_write_net4addr+0x35c/0xb90
[  668.802643][ T9813]  ? __pfx_smk_write_net4addr+0x10/0x10
[  668.802667][ T9813]  ? rcu_read_lock_any_held+0xb3/0x120
[  668.802700][ T9813]  ? __pfx_smk_write_net4addr+0x10/0x10
[  668.802722][ T9813]  vfs_write+0x287/0xb40
[  668.802748][ T9813]  ? __pfx_vfs_write+0x10/0x10
[  668.802762][ T9813]  ? try_to_take_rt_mutex+0x7fd/0xac0
[  668.802790][ T9813]  ? mutex_lock_nested+0x154/0x1d0
[  668.802805][ T9813]  ? fdget_pos+0x253/0x320
[  668.802838][ T9813]  ksys_write+0x14b/0x260
[  668.802861][ T9813]  ? __pfx_ksys_write+0x10/0x10
[  668.802887][ T9813]  ? do_syscall_64+0xbe/0xfa0
[  668.802912][ T9813]  do_syscall_64+0xfa/0xfa0
[  668.802931][ T9813]  ? lockdep_hardirqs_on+0x9c/0x150
[  668.802963][ T9813]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  668.802981][ T9813]  ? clear_bhb_loop+0x60/0xb0
[  668.803002][ T9813]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  668.803019][ T9813] RIP: 0033:0x7f07cfb6efc9
[  668.803036][ T9813] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  668.803051][ T9813] RSP: 002b:00007f07cddd6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  668.803069][ T9813] RAX: ffffffffffffffda RBX: 00007f07cfdc5fa0 RCX: 00007f07cfb6efc9
[  668.803082][ T9813] RDX: 0000000000000084 RSI: 0000200000000040 RDI: 0000000000000004
[  668.803093][ T9813] RBP: 00007f07cddd6090 R08: 0000000000000000 R09: 0000000000000000
[  668.803104][ T9813] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  668.803115][ T9813] R13: 00007f07cfdc6038 R14: 00007f07cfdc5fa0 R15: 00007fffab8fc7c8
[  668.803148][ T9813]  </TASK>
[  669.109549][ T1114] bridge_slave_1: left allmulticast mode
[  669.109578][ T1114] bridge_slave_1: left promiscuous mode
[  669.109842][ T1114] bridge0: port 2(bridge_slave_1) entered disabled state
[  669.198567][ T1114] bridge_slave_0: left allmulticast mode
[  669.198597][ T1114] bridge_slave_0: left promiscuous mode
[  669.198915][ T1114] bridge0: port 1(bridge_slave_0) entered disabled state
[  669.270423][ T1114] bridge_slave_1: left allmulticast mode
[  669.270451][ T1114] bridge_slave_1: left promiscuous mode
[  669.270903][ T1114] bridge0: port 2(bridge_slave_1) entered disabled state
[  669.855451][ T1114] bridge_slave_0: left allmulticast mode
[  669.855483][ T1114] bridge_slave_0: left promiscuous mode
[  669.855739][ T1114] bridge0: port 1(bridge_slave_0) entered disabled state
[  670.490782][ T1114] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  670.566695][ T1114] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  670.631213][ T1114] bond0 (unregistering): Released all slaves
[  673.209580][ T1114] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  673.285999][ T1114] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  673.353928][ T1114] bond0 (unregistering): Released all slaves
[  673.550226][ T9816] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1043'.
[  673.679308][ T9818] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1043'.
[  673.724842][ T9821] dvmrp1: tun_chr_ioctl cmd 1074025673
[  674.249809][ T9825] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1044'.
[  674.263248][   T37] kauditd_printk_skb: 36 callbacks suppressed
[  674.263267][   T37] audit: type=1326 audit(1761833925.941:606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9824 comm="syz.1.1044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  674.263319][   T37] audit: type=1326 audit(1761833925.941:607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9824 comm="syz.1.1044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  674.263366][   T37] audit: type=1326 audit(1761833925.941:608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9824 comm="syz.1.1044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=108 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  674.263406][   T37] audit: type=1326 audit(1761833925.941:609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9824 comm="syz.1.1044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  674.263445][   T37] audit: type=1326 audit(1761833925.941:610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9824 comm="syz.1.1044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  674.263484][   T37] audit: type=1326 audit(1761833925.941:611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9824 comm="syz.1.1044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  674.263523][   T37] audit: type=1326 audit(1761833926.211:612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9824 comm="syz.1.1044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  674.263563][   T37] audit: type=1326 audit(1761833926.211:613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9824 comm="syz.1.1044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  674.368321][   T37] audit: type=1326 audit(1761833926.221:614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9824 comm="syz.1.1044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  674.368374][   T37] audit: type=1326 audit(1761833926.221:615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9824 comm="syz.1.1044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07cfb6efc9 code=0x7ffc0000
[  674.511321][ T9651] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  675.037201][ T9830] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1045'.
[  676.419660][ T9651] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  677.730642][ T9841] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1047'.
[  678.637822][ T9651] team0: Port device team_slave_0 added
[  678.669796][ T9848] FAULT_INJECTION: forcing a failure.
[  678.669796][ T9848] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  678.669829][ T9848] CPU: 0 UID: 0 PID: 9848 Comm: syz.1.1050 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  678.669849][ T9848] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  678.669860][ T9848] Call Trace:
[  678.669867][ T9848]  <TASK>
[  678.669874][ T9848]  dump_stack_lvl+0x189/0x250
[  678.669903][ T9848]  ? __pfx____ratelimit+0x10/0x10
[  678.669924][ T9848]  ? __pfx_dump_stack_lvl+0x10/0x10
[  678.669949][ T9848]  ? __pfx__printk+0x10/0x10
[  678.669970][ T9848]  ? __might_fault+0xb0/0x130
[  678.670012][ T9848]  should_fail_ex+0x46c/0x600
[  678.670040][ T9848]  _copy_from_iter+0x1de/0x1790
[  678.670070][ T9848]  ? kmalloc_reserve+0xbd/0x290
[  678.670087][ T9848]  ? rcu_is_watching+0x15/0xb0
[  678.670106][ T9848]  ? kmalloc_reserve+0xbd/0x290
[  678.670121][ T9848]  ? __alloc_skb+0x112/0x2d0
[  678.670139][ T9848]  ? __pfx__copy_from_iter+0x10/0x10
[  678.670165][ T9848]  ? __build_skb_around+0x262/0x3f0
[  678.670186][ T9848]  ? netlink_sendmsg+0x642/0xb30
[  678.670203][ T9848]  ? skb_put+0x11b/0x210
[  678.670224][ T9848]  netlink_sendmsg+0x6b2/0xb30
[  678.670240][ T9848]  ? is_bpf_text_address+0x26/0x2b0
[  678.670274][ T9848]  ? __pfx_netlink_sendmsg+0x10/0x10
[  678.670299][ T9848]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  678.670322][ T9848]  ? __pfx_netlink_sendmsg+0x10/0x10
[  678.670341][ T9848]  __sock_sendmsg+0x21c/0x270
[  678.670368][ T9848]  ____sys_sendmsg+0x508/0x820
[  678.670393][ T9848]  ? __pfx_____sys_sendmsg+0x10/0x10
[  678.670422][ T9848]  ? import_iovec+0x74/0xa0
[  678.670445][ T9848]  ___sys_sendmsg+0x21f/0x2a0
[  678.670466][ T9848]  ? __pfx____sys_sendmsg+0x10/0x10
[  678.670523][ T9848]  ? __fget_files+0x2a/0x420
[  678.670545][ T9848]  ? __fget_files+0x3a6/0x420
[  678.670578][ T9848]  __x64_sys_sendmsg+0x1a1/0x260
[  678.670601][ T9848]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  678.670631][ T9848]  ? __pfx_ksys_write+0x10/0x10
[  678.670657][ T9848]  ? do_syscall_64+0xbe/0xfa0
[  678.670682][ T9848]  do_syscall_64+0xfa/0xfa0
[  678.670701][ T9848]  ? lockdep_hardirqs_on+0x9c/0x150
[  678.670722][ T9848]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  678.670739][ T9848]  ? clear_bhb_loop+0x60/0xb0
[  678.670760][ T9848]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  678.670777][ T9848] RIP: 0033:0x7f07cfb6efc9
[  678.670793][ T9848] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  678.670808][ T9848] RSP: 002b:00007f07cddd6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  678.670828][ T9848] RAX: ffffffffffffffda RBX: 00007f07cfdc5fa0 RCX: 00007f07cfb6efc9
[  678.670842][ T9848] RDX: 0000000000000000 RSI: 000020000000c2c0 RDI: 0000000000000005
[  678.670853][ T9848] RBP: 00007f07cddd6090 R08: 0000000000000000 R09: 0000000000000000
[  678.670864][ T9848] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  678.670875][ T9848] R13: 00007f07cfdc6038 R14: 00007f07cfdc5fa0 R15: 00007fffab8fc7c8
[  678.670907][ T9848]  </TASK>
[  679.197856][ T1114] hsr_slave_0: left promiscuous mode
[  679.238909][ T1114] hsr_slave_1: left promiscuous mode
[  679.240054][ T1114] batman_adv: batadv0: Removing interface: batadv_slave_0
[  679.321734][ T1114] batman_adv: batadv0: Removing interface: batadv_slave_1
[  680.814901][ T8460] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  680.821667][ T8460] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  680.834129][ T8460] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  680.916753][ T8460] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  680.954172][ T8460] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  683.103995][ T8460] Bluetooth: hci0: command tx timeout
[  684.243288][    C1] vkms_vblank_simulate: vblank timer overrun
[  684.558387][    C1] vkms_vblank_simulate: vblank timer overrun
[  684.647246][    C1] vkms_vblank_simulate: vblank timer overrun
[  684.697041][    C1] vkms_vblank_simulate: vblank timer overrun
[  684.777794][    C1] vkms_vblank_simulate: vblank timer overrun
[  684.926614][    C1] vkms_vblank_simulate: vblank timer overrun
[  685.076809][    C1] vkms_vblank_simulate: vblank timer overrun
[  685.214189][    C1] vkms_vblank_simulate: vblank timer overrun
[  685.223761][ T8460] Bluetooth: hci0: command tx timeout
[  685.223874][ T1114] hsr_slave_0: left promiscuous mode
[  685.252235][    C1] vkms_vblank_simulate: vblank timer overrun
[  685.347048][    C1] vkms_vblank_simulate: vblank timer overrun
[  685.396981][    C1] vkms_vblank_simulate: vblank timer overrun
[  685.427550][    C1] vkms_vblank_simulate: vblank timer overrun
[  685.697189][    C1] vkms_vblank_simulate: vblank timer overrun
[  685.727072][    C1] vkms_vblank_simulate: vblank timer overrun
[  685.732670][ T1114] hsr_slave_1: left promiscuous mode
[  685.946877][    C1] vkms_vblank_simulate: vblank timer overrun
[  685.997182][    C1] vkms_vblank_simulate: vblank timer overrun
[  686.027008][    C1] vkms_vblank_simulate: vblank timer overrun
[  686.127243][    C1] vkms_vblank_simulate: vblank timer overrun
[  686.277985][    C1] vkms_vblank_simulate: vblank timer overrun
[  686.299041][ T1319] ieee802154 phy0 wpan0: encryption failed: -22
[  686.299112][ T1319] ieee802154 phy1 wpan1: encryption failed: -22
[  686.352151][    C1] vkms_vblank_simulate: vblank timer overrun
[  686.597688][    C1] vkms_vblank_simulate: vblank timer overrun
[  686.626875][    C1] vkms_vblank_simulate: vblank timer overrun
[  686.808825][    C1] vkms_vblank_simulate: vblank timer overrun
[  686.847944][    C1] vkms_vblank_simulate: vblank timer overrun
[  686.929194][    C1] vkms_vblank_simulate: vblank timer overrun
[  687.127940][    C1] vkms_vblank_simulate: vblank timer overrun
[  687.328493][    C1] vkms_vblank_simulate: vblank timer overrun
[  687.438846][ T8460] Bluetooth: hci0: command tx timeout
[  687.496931][    C1] vkms_vblank_simulate: vblank timer overrun
[  687.614313][    C1] vkms_vblank_simulate: vblank timer overrun
[  687.698044][    C1] vkms_vblank_simulate: vblank timer overrun
[  687.878659][    C1] vkms_vblank_simulate: vblank timer overrun
[  688.147487][    C1] vkms_vblank_simulate: vblank timer overrun
[  688.391205][ T1114] batman_adv: batadv0: Removing interface: batadv_slave_0
[  688.463579][ T1114] batman_adv: batadv0: Removing interface: batadv_slave_1
[  688.505610][ T9882] fuse: Bad value for 'group_id'
[  688.505631][ T9882] fuse: Bad value for 'group_id'
[  689.493735][ T8460] Bluetooth: hci0: command tx timeout
[  689.563767][   T31] usb 2-1: new high-speed USB device number 64 using dummy_hcd
[  691.818104][ T9892] capability: warning: `syz.7.1061' uses deprecated v2 capabilities in a way that may be insecure
[  694.613779][   T37] kauditd_printk_skb: 37 callbacks suppressed
[  694.613800][   T37] audit: type=1326 audit(1761833946.491:653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9898 comm="syz.1.1063" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f07cfb6efc9 code=0x0
[  700.053995][ T5869] usb 8-1: new high-speed USB device number 39 using dummy_hcd
[  701.379467][ T5869] usb 8-1: Using ep0 maxpacket: 16
[  701.381966][ T5869] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  701.381997][ T5869] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  701.382019][ T5869] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  701.382058][ T5869] usb 8-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  701.382080][ T5869] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  701.515749][ T5869] usb 8-1: config 0 descriptor??
[  705.657259][ T5808] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  706.708722][ T5808] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  707.156336][ T5808] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  707.158303][ T5808] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  707.159026][ T5808] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  707.336900][ T5869] usbhid 8-1:0.0: can't add hid device: -32
[  707.337041][ T5869] usbhid 8-1:0.0: probe with driver usbhid failed with error -32
[  709.203765][ T5983] usb 8-1: USB disconnect, device number 39
[  709.533900][ T5808] Bluetooth: hci3: command tx timeout
[  711.685291][ T5808] Bluetooth: hci3: command tx timeout
[  712.628557][ T8460] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  712.636239][ T8460] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  712.637866][ T8460] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  712.638996][ T8460] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  712.643054][ T8460] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  713.190569][ T1114] team0 (unregistering): Port device team_slave_1 removed
[  713.734267][ T5808] Bluetooth: hci3: command tx timeout
[  714.555797][ T1114] team0 (unregistering): Port device team_slave_0 removed
[  714.694257][ T5808] Bluetooth: hci7: command tx timeout
[  715.814569][ T5808] Bluetooth: hci3: command tx timeout
[  716.781133][ T5808] Bluetooth: hci7: command tx timeout
[  718.853769][ T5808] Bluetooth: hci7: command tx timeout
[  720.953791][ T5808] Bluetooth: hci7: command tx timeout
[  725.525654][ T8460] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  725.551469][ T8460] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  725.553318][ T8460] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  725.568877][ T8460] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  725.569683][ T8460] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  727.683969][ T8460] Bluetooth: hci8: command tx timeout
[  728.474898][ T5808] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[  728.505316][ T5808] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[  728.506647][ T5808] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[  728.507772][ T5808] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[  728.508522][ T5808] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[  729.737495][ T8460] Bluetooth: hci8: command tx timeout
[  730.547988][ T8460] Bluetooth: hci9: command tx timeout
[  731.825158][ T8460] Bluetooth: hci8: command tx timeout
[  732.613883][ T8460] Bluetooth: hci9: command tx timeout
[  733.893761][ T8460] Bluetooth: hci8: command tx timeout
[  734.693747][ T8460] Bluetooth: hci9: command tx timeout
[  736.773772][ T8460] Bluetooth: hci9: command tx timeout
[  744.534069][ T5808] Bluetooth: hci5: command 0x0406 tx timeout
[  745.295128][ T9944] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1
[  745.324184][ T9944] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9
[  745.329359][ T9944] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9
[  745.356519][ T9944] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4
[  745.357379][ T9944] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2
[  747.414158][ T8460] Bluetooth: hci10: command tx timeout
[  747.421983][ T1319] ieee802154 phy0 wpan0: encryption failed: -22
[  747.422078][ T1319] ieee802154 phy1 wpan1: encryption failed: -22
[  749.204013][ T1114] team0 (unregistering): Port device team_slave_1 removed
[  749.493760][ T8460] Bluetooth: hci10: command tx timeout
[  751.573742][ T8460] Bluetooth: hci10: command tx timeout
[  753.653925][ T8460] Bluetooth: hci10: command tx timeout
[  755.960700][ T1114] team0 (unregistering): Port device team_slave_0 removed
[  759.762122][ T5808] Bluetooth: hci1: command 0x0406 tx timeout
[  767.215286][ T5808] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1
[  767.221333][ T5808] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9
[  767.222682][ T5808] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9
[  767.234260][ T5808] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4
[  767.235051][ T5808] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2
[  769.373905][ T8460] Bluetooth: hci11: command tx timeout
[  770.539993][ T8460] Bluetooth: hci6: command 0x0406 tx timeout
[  770.735637][ T9944] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1
[  770.776256][ T9944] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9
[  770.778892][ T9944] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9
[  770.782276][ T9944] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4
[  770.782964][ T9944] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2
[  771.413721][ T5808] Bluetooth: hci11: command tx timeout
[  772.872333][ T5808] Bluetooth: hci12: command tx timeout
[  773.553741][ T5808] Bluetooth: hci11: command tx timeout
[  774.936341][ T5808] Bluetooth: hci12: command tx timeout
[  775.573959][ T5808] Bluetooth: hci11: command tx timeout
[  777.013982][ T9944] Bluetooth: hci12: command tx timeout
[  779.135732][ T9944] Bluetooth: hci12: command tx timeout
[  786.510449][ T5808] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  786.533335][ T5808] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  786.541948][ T5808] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  786.551086][ T5808] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  786.552014][ T5808] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  788.626698][ T9944] Bluetooth: hci4: command tx timeout
[  790.719832][ T9944] Bluetooth: hci4: command tx timeout
[  791.692156][ T5808] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1
[  791.698083][ T5808] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9
[  791.699495][ T5808] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9
[  791.700567][ T5808] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4
[  791.701271][ T5808] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2
[  792.774109][ T9944] Bluetooth: hci4: command tx timeout
[  793.733977][ T9944] Bluetooth: hci13: command tx timeout
[  794.853738][ T9944] Bluetooth: hci4: command tx timeout
[  795.814231][ T9944] Bluetooth: hci13: command tx timeout
[  798.024976][ T9944] Bluetooth: hci13: command tx timeout
[  800.054255][ T9944] Bluetooth: hci13: command tx timeout
[  805.893814][ T9944] Bluetooth: hci0: command 0x0406 tx timeout
[  806.208337][ T9651] team0: Port device team_slave_1 added
[  806.858247][ T9944] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1
[  806.910088][ T9944] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9
[  807.239363][ T9944] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9
[  808.264186][ T9944] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4
[  808.284216][ T9944] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2
[  808.944353][ T1319] ieee802154 phy0 wpan0: encryption failed: -22
[  808.944425][ T1319] ieee802154 phy1 wpan1: encryption failed: -22
[  810.593702][ T5808] Bluetooth: hci14: command tx timeout
[  813.353757][ T5808] Bluetooth: hci14: command tx timeout
[  815.414240][ T9944] Bluetooth: hci14: command tx timeout
[  817.493918][ T9944] Bluetooth: hci14: command tx timeout
[  828.892125][ T5808] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  828.988721][ T5808] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  829.258119][ T5808] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  829.288979][ T5808] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  829.289791][ T5808] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  831.503872][ T9944] Bluetooth: hci0: command tx timeout
[  833.573825][ T9944] Bluetooth: hci0: command tx timeout
[  835.212691][ T5808] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  835.236900][ T5808] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  835.238372][ T5808] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  835.241496][ T5808] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  835.242392][ T5808] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  835.693977][ T5808] Bluetooth: hci0: command tx timeout
[  837.333783][ T5808] Bluetooth: hci1: command tx timeout
[  837.825884][ T5808] Bluetooth: hci0: command tx timeout
[  839.416236][ T5808] Bluetooth: hci1: command tx timeout
[  841.525018][ T5808] Bluetooth: hci1: command tx timeout
[  843.573709][ T5808] Bluetooth: hci1: command tx timeout
[  849.432610][ T9944] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  849.450676][ T9944] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  849.467111][ T9944] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  849.468352][ T9944] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  849.534083][ T9944] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  850.802196][ T9944] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  850.819700][ T9944] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  850.823084][ T9944] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  850.924511][ T9944] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  850.925322][ T9944] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  851.573739][ T5808] Bluetooth: hci2: command tx timeout
[  853.017295][ T5808] Bluetooth: hci3: command tx timeout
[  853.653740][ T5808] Bluetooth: hci2: command tx timeout
[  855.094400][ T5808] Bluetooth: hci3: command tx timeout
[  855.733741][ T5808] Bluetooth: hci2: command tx timeout
[  857.174019][ T5808] Bluetooth: hci3: command tx timeout
[  857.868193][ T5808] Bluetooth: hci2: command tx timeout
[  859.263743][ T5808] Bluetooth: hci3: command tx timeout
[  861.778734][ T9977] chnl_net:caif_netlink_parms(): no params data found
[  865.318455][ T9974] chnl_net:caif_netlink_parms(): no params data found
[  868.408132][ T9944] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  868.413881][ T9944] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  868.428119][ T9944] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  868.429182][ T9944] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  868.429953][ T9944] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  870.299599][ T1319] ieee802154 phy0 wpan0: encryption failed: -22
[  870.299664][ T1319] ieee802154 phy1 wpan1: encryption failed: -22
[  870.613782][ T9944] Bluetooth: hci5: command tx timeout
[  872.693711][ T9944] Bluetooth: hci5: command tx timeout
[  874.773724][ T9944] Bluetooth: hci5: command tx timeout
[  876.853730][ T9944] Bluetooth: hci5: command tx timeout
[  876.968382][ T9977] bridge0: port 1(bridge_slave_0) entered blocking state
[  876.996528][ T9977] bridge0: port 1(bridge_slave_0) entered disabled state
[  877.014185][ T9977] bridge_slave_0: entered allmulticast mode
[  877.047670][ T9977] bridge_slave_0: entered promiscuous mode
[  877.303521][ T9977] bridge0: port 2(bridge_slave_1) entered blocking state
[  877.311067][ T9977] bridge0: port 2(bridge_slave_1) entered disabled state
[  877.311345][ T9977] bridge_slave_1: entered allmulticast mode
[  877.421555][ T9977] bridge_slave_1: entered promiscuous mode
[  883.630011][ T9974] bridge0: port 1(bridge_slave_0) entered blocking state
[  883.630171][ T9974] bridge0: port 1(bridge_slave_0) entered disabled state
[  883.630442][ T9974] bridge_slave_0: entered allmulticast mode
[  883.673811][ T9974] bridge_slave_0: entered promiscuous mode
[  887.207158][ T9977] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  888.005739][ T9977] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  891.795468][ T5808] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  891.815962][ T5808] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  891.823883][ T5808] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  891.825945][ T5808] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  891.826859][ T5808] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  893.470258][ T9981] chnl_net:caif_netlink_parms(): no params data found
[  893.564200][ T9984] chnl_net:caif_netlink_parms(): no params data found
[  894.534017][ T9944] Bluetooth: hci6: command tx timeout
[  896.613932][ T9944] Bluetooth: hci6: command tx timeout
[  898.347176][ T5808] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  898.587756][ T5808] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  898.598995][ T5808] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  898.628598][ T5808] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  898.641052][ T5808] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  898.703802][ T9944] Bluetooth: hci6: command tx timeout
[  900.693992][ T9944] Bluetooth: hci0: command tx timeout
[  900.783918][ T9944] Bluetooth: hci6: command tx timeout
[  902.773906][ T9944] Bluetooth: hci0: command tx timeout
[  904.853903][ T9944] Bluetooth: hci0: command tx timeout
[  906.933738][ T9944] Bluetooth: hci0: command tx timeout
[  907.879912][ T9981] workqueue: Failed to create a rescuer kthread for wq "wg-crypt-wg1": -EINTR
[  908.061274][ T9984] workqueue: Failed to create a rescuer kthread for wq "wg-crypt-wg0": -EINTR
[  913.345059][ T8460] Bluetooth: hci4: command 0x0406 tx timeout
[  913.775733][ T9942] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  913.799472][ T9942] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  913.827669][ T9942] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  913.829855][ T9942] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  913.830663][ T9942] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  914.238815][ T9942] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  914.261753][ T9942] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  914.294007][ T9942] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  914.334599][T10000] chnl_net:caif_netlink_parms(): no params data found
[  914.359395][ T9942] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  914.360073][ T9942] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  917.461172][ T9944] Bluetooth: hci1: command tx timeout
[  917.461703][ T9944] Bluetooth: hci7: command tx timeout
[  918.453952][ T9944] Bluetooth: hci13: command 0x0406 tx timeout
[  919.835017][ T9942] Bluetooth: hci7: command tx timeout
[  919.835120][ T9944] Bluetooth: hci1: command tx timeout
[  921.893844][ T5808] Bluetooth: hci1: command tx timeout
[  921.893877][ T5808] Bluetooth: hci7: command tx timeout
[  924.064064][ T9944] Bluetooth: hci7: command tx timeout
[  924.064099][ T9944] Bluetooth: hci1: command tx timeout
[  931.341644][ T9944] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  931.511070][ T9944] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  931.512675][ T9944] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  931.716208][ T9944] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  931.738502][ T1319] ieee802154 phy0 wpan0: encryption failed: -22
[  931.738598][ T1319] ieee802154 phy1 wpan1: encryption failed: -22
[  931.806255][ T9944] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  933.913981][ T5808] Bluetooth: hci2: command tx timeout
[  934.637562][T10015] chnl_net:caif_netlink_parms(): no params data found
[  935.993752][ T5808] Bluetooth: hci2: command tx timeout
[  938.053867][ T5808] Bluetooth: hci2: command tx timeout
[  940.133771][ T5808] Bluetooth: hci2: command tx timeout
[  943.829028][T10019] chnl_net:caif_netlink_parms(): no params data found
[  944.117188][T10015] workqueue: Failed to create a rescuer kthread for wq "wg-crypt-wg2": -EINTR
[  951.615133][ T9944] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  951.652759][ T9944] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  951.661622][ T9944] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  951.680871][ T9944] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  951.682248][ T9944] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  953.813986][ T9944] Bluetooth: hci3: command tx timeout
[  955.893758][ T9944] Bluetooth: hci3: command tx timeout
[  957.955051][T10019] workqueue: Failed to create a rescuer kthread for wq "wg-crypt-wg2": -EINTR
[  957.973904][ T9944] Bluetooth: hci3: command tx timeout
[  960.077419][ T9944] Bluetooth: hci3: command tx timeout
[  960.334106][T10030] chnl_net:caif_netlink_parms(): no params data found
[  962.945305][ T5808] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  963.006970][ T5808] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  963.024613][ T5808] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  963.025826][ T5808] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  963.026628][ T5808] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  963.743847][   T38] INFO: task kworker/u8:5:1114 blocked for more than 143 seconds.
[  963.743872][   T38]       Not tainted syzkaller #0
[  963.743881][   T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  963.743891][   T38] task:kworker/u8:5    state:D stack:19608 pid:1114  tgid:1114  ppid:2      task_flags:0x4208060 flags:0x00080000
[  963.743936][   T38] Workqueue: netns cleanup_net
[  963.743962][   T38] Call Trace:
[  963.743976][   T38]  <TASK>
[  963.743991][   T38]  __schedule+0x16f3/0x4c20
[  963.744039][   T38]  ? __lock_acquire+0xab9/0xd20
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  963.744062][   T38]  ? __pfx___schedule+0x10/0x10
[  963.744100][   T38]  ? schedule+0x91/0x360
[  963.744124][   T38]  schedule+0x165/0x360
[  963.744147][   T38]  schedule_timeout+0x9a/0x270
[  963.744168][   T38]  ? __pfx_schedule_timeout+0x10/0x10
[  963.744202][   T38]  ? _raw_spin_unlock_irq+0x23/0x50
[  963.744222][   T38]  ? lockdep_hardirqs_on+0x9c/0x150
[  963.744241][   T38]  ? wait_for_completion+0x267/0x5d0
[  963.744264][   T38]  wait_for_completion+0x2bf/0x5d0
[  963.744299][   T38]  ? __pfx_wait_for_completion+0x10/0x10
[  963.744327][   T38]  ? __init_swait_queue_head+0xa9/0x150
[  963.744353][   T38]  rcu_barrier+0x463/0x570
[  963.744384][   T38]  netdev_run_todo+0x327/0xea0
[  963.744408][   T38]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  963.744432][   T38]  ? __pfx_netdev_run_todo+0x10/0x10
[  963.744450][   T38]  ? unregister_netdevice_queue+0x1b3/0x380
[  963.744475][   T38]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[  963.744494][   T38]  ? batadv_meshif_vlan_put+0x131/0x1e0
[  963.744524][   T38]  ? batadv_meshif_destroy_netlink+0x125/0x160
[  963.744553][   T38]  default_device_exit_batch+0x81e/0x890
[  963.744579][   T38]  ? __pfx___might_resched+0x10/0x10
[  963.744600][   T38]  ? __pfx_default_device_exit_batch+0x10/0x10
[  963.744618][   T38]  ? cfg802154_pernet_exit+0x19/0xe0
[  963.744637][   T38]  ? mutex_lock_nested+0x16a/0x1d0
[  963.744664][   T38]  ? __pfx_default_device_exit_batch+0x10/0x10
[  963.744681][   T38]  ops_undo_list+0x525/0x990
[  963.744706][   T38]  ? __pfx_ops_undo_list+0x10/0x10
[  963.744721][   T38]  ? rt_spin_unlock+0x150/0x200
[  963.744744][   T38]  ? rt_spin_unlock+0x161/0x200
[  963.744764][   T38]  cleanup_net+0x4de/0x820
[  963.744785][   T38]  ? __pfx_cleanup_net+0x10/0x10
[  963.744806][   T38]  ? _raw_spin_unlock_irq+0x23/0x50
[  963.744827][   T38]  ? process_scheduled_works+0x9ef/0x17b0
[  963.744848][   T38]  ? process_scheduled_works+0x9ef/0x17b0
[  963.744871][   T38]  process_scheduled_works+0xae1/0x17b0
[  963.744923][   T38]  ? __pfx_process_scheduled_works+0x10/0x10
[  963.744962][   T38]  worker_thread+0x8a0/0xda0
[  963.745020][   T38]  kthread+0x711/0x8a0
[  963.745048][   T38]  ? __pfx_worker_thread+0x10/0x10
[  963.745069][   T38]  ? __pfx_kthread+0x10/0x10
[  963.745089][   T38]  ? rt_spin_unlock+0x150/0x200
[  963.745112][   T38]  ? rt_spin_unlock+0x161/0x200
[  963.745127][   T38]  ? __pfx_kthread+0x10/0x10
[  963.745152][   T38]  ret_from_fork+0x4bc/0x870
[  963.745176][   T38]  ? __pfx_ret_from_fork+0x10/0x10
[  963.745205][   T38]  ? __switch_to_asm+0x39/0x70
[  963.745222][   T38]  ? __switch_to_asm+0x33/0x70
[  963.745238][   T38]  ? __pfx_kthread+0x10/0x10
[  963.745263][   T38]  ret_from_fork_asm+0x1a/0x30
[  963.745299][   T38]  </TASK>
[  963.745419][   T38] INFO: task syz.1.1070:9925 blocked for more than 143 seconds.
[  963.745433][   T38]       Not tainted syzkaller #0
[  963.745442][   T38]       Blocked by coredump.
[  963.745448][   T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  963.745457][   T38] task:syz.1.1070      state:D stack:20520 pid:9925  tgid:9925  ppid:5814   task_flags:0x40044c flags:0x00080003
[  963.745499][   T38] Call Trace:
[  963.745505][   T38]  <TASK>
[  963.745516][   T38]  __schedule+0x16f3/0x4c20
[  963.745552][   T38]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  963.745584][   T38]  ? __pfx___schedule+0x10/0x10
[  963.745630][   T38]  rt_mutex_schedule+0x77/0xf0
[  963.745648][   T38]  rt_mutex_slowlock_block+0x5ba/0x6d0
[  963.745680][   T38]  ? rt_mutex_slowlock_block+0x351/0x6d0
[  963.745703][   T38]  rt_mutex_slowlock+0x2b1/0x6e0
[  963.745724][   T38]  ? rt_mutex_slowlock+0x1c9/0x6e0
[  963.745743][   T38]  ? __pfx_rt_mutex_slowlock+0x10/0x10
[  963.745759][   T38]  ? __lock_acquire+0xab9/0xd20
[  963.745793][   T38]  ? rcu_barrier+0x4c/0x570
[  963.745833][   T38]  ? rcu_barrier+0x4c/0x570
[  963.745849][   T38]  mutex_lock_nested+0x16a/0x1d0
[  963.745866][   T38]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  963.745886][   T38]  ? __pfx_tun_chr_close+0x10/0x10
[  963.745908][   T38]  rcu_barrier+0x4c/0x570
[  963.745931][   T38]  ? __pfx_tun_chr_close+0x10/0x10
[  963.745952][   T38]  ? __pfx_tun_chr_close+0x10/0x10
[  963.745981][   T38]  netdev_run_todo+0x327/0xea0
[  963.746006][   T38]  ? __pfx_netif_state_change+0x10/0x10
[  963.746031][   T38]  ? __pfx_netdev_run_todo+0x10/0x10
[  963.746051][   T38]  ? lockdep_hardirqs_on+0x9c/0x150
[  963.746082][   T38]  ? netdev_state_change+0x1ca/0x220
[  963.746101][   T38]  ? __pfx_tun_chr_close+0x10/0x10
[  963.746123][   T38]  tun_chr_close+0x13f/0x1c0
[  963.746146][   T38]  __fput+0x45b/0xa80
[  963.746177][   T38]  task_work_run+0x1d4/0x260
[  963.746199][   T38]  ? __pfx_task_work_run+0x10/0x10
[  963.746216][   T38]  ? do_exit+0x6b0/0x2300
[  963.746241][   T38]  ? do_exit+0x6b0/0x2300
[  963.746269][   T38]  do_exit+0x6b5/0x2300
[  963.746294][   T38]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  963.746325][   T38]  ? __pfx_do_exit+0x10/0x10
[  963.746345][   T38]  ? rt_mutex_slowunlock+0x493/0x8a0
[  963.746363][   T38]  ? rt_spin_lock+0x1c1/0x3e0
[  963.746396][   T38]  do_group_exit+0x21c/0x2d0
[  963.746413][   T38]  ? rt_spin_unlock+0x161/0x200
[  963.746434][   T38]  get_signal+0x125d/0x1310
[  963.746479][   T38]  arch_do_signal_or_restart+0xa0/0x790
[  963.746503][   T38]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  963.746540][   T38]  ? exit_to_user_mode_loop+0x40/0x130
[  963.746567][   T38]  exit_to_user_mode_loop+0x72/0x130
[  963.746590][   T38]  do_syscall_64+0x2bd/0xfa0
[  963.746611][   T38]  ? lockdep_hardirqs_on+0x9c/0x150
[  963.746631][   T38]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  963.746650][   T38]  ? clear_bhb_loop+0x60/0xb0
[  963.746672][   T38]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  963.746696][   T38] RIP: 0033:0x7f07cfb6efc9
[  963.746712][   T38] RSP: 002b:00007fffab8fc928 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  963.746730][   T38] RAX: 0000000000000000 RBX: 00007f07cfdc7da0 RCX: 00007f07cfb6efc9
[  963.746743][   T38] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  963.746755][   T38] RBP: 00007f07cfdc7da0 R08: 0000000000005e5c R09: 0000000cab8fcc1f
[  963.746767][   T38] R10: 00007f07cfdc7cb0 R11: 0000000000000246 R12: 00000000000ac53a
[  963.746780][   T38] R13: 00007f07cfdc6090 R14: ffffffffffffffff R15: 00007fffab8fca40
[  963.746813][   T38]  </TASK>
[  963.746863][   T38] 
[  963.746863][   T38] Showing all locks held in the system:
[  963.746877][   T38] 6 locks held by ktimers/0/16:
[  963.746890][   T38] 1 lock held by khungtaskd/38:
[  963.746900][   T38]  #0: ffffffff8d5aa4c0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[  963.746958][   T38] 4 locks held by kworker/u8:5/1114:
[  963.746974][   T38]  #0: ffff888019ad4938 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  963.747019][   T38]  #1: ffffc90004797ba0 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  963.747063][   T38]  #2: ffffffff8e855fa0 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xf7/0x820
[  963.747103][   T38]  #3: ffffffff8d5afe70 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[  963.747160][   T38] 2 locks held by getty/5554:
[  963.747170][   T38]  #0: ffff88823bf400a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  963.747214][   T38]  #1: ffffc90003e832e0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x444/0x1400
[  963.747264][   T38] 3 locks held by kworker/u8:9/5944:
[  963.747273][   T38]  #0: ffff88814d14d138 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  963.747324][   T38]  #1: ffffc90005dcfba0 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  963.747368][   T38]  #2: ffffffff8e862eb8 (rtnl_mutex){+.+.}-{4:4}, at: addrconf_dad_work+0x119/0x15a0
[  963.747417][   T38] 9 locks held by kworker/u8:10/5946:
[  963.747432][   T38] 1 lock held by syz-executor/9535:
[  963.747443][   T38]  #0: ffffffff8d5afe70 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[  963.747485][   T38] 1 lock held by syz-executor/9628:
[  963.747496][   T38]  #0: ffffffff8d5afe70 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[  963.747537][   T38] 1 lock held by syz-executor/9651:
[  963.747548][   T38]  #0: ffffffff8d5afe70 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[  963.747588][   T38] 2 locks held by kworker/u8:0/9897:
[  963.747599][   T38]  #0: ffff88813ff69138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  963.747643][   T38]  #1: ffffc90004417ba0 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  963.747686][   T38] 1 lock held by syz.1.1070/9925:
[  963.747696][   T38]  #0: ffffffff8d5afe70 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[  963.747737][   T38] 1 lock held by syz.7.1071/9932:
[  963.747747][   T38]  #0: ffffffff8d5afe70 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[  963.747788][   T38] 2 locks held by syz-executor/9960:
[  963.747797][   T38]  #0: ffffffff8e855fa0 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x337/0x4e0
[  963.747843][   T38]  #1: ffffffff8d5afe70 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[  963.747884][   T38] 2 locks held by syz-executor/9962:
[  963.747894][   T38]  #0: ffffffff8e855fa0 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x337/0x4e0
[  963.747941][   T38]  #1: ffffffff8d5afe70 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[  963.747988][   T38] 1 lock held by syz-executor/9965:
[  963.747998][   T38]  #0: ffffffff8d5afe70 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[  963.748040][   T38] 1 lock held by syz-executor/9974:
[  963.748050][   T38]  #0: ffffffff8d5afe70 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[  963.748091][   T38] 1 lock held by syz-executor/9977:
[  963.748101][   T38]  #0: ffffffff8d5afe70 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[  963.748142][   T38] 1 lock held by syz-executor/9981:
[  963.748152][   T38]  #0: ffffffff8d5afe70 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[  963.748199][   T38] 1 lock held by syz-executor/9984:
[  963.748210][   T38]  #0: ffffffff8d5afe70 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[  963.748254][   T38] 1 lock held by syz-executor/10000:
[  963.748265][   T38]  #0: ffffffff8d5afe70 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[  963.748307][   T38] 1 lock held by syz-executor/10015:
[  963.748317][   T38]  #0: ffffffff8d5afe70 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[  963.748359][   T38] 1 lock held by syz-executor/10019:
[  963.748370][   T38] 2 locks held by syz-executor/10030:
[  963.748381][   T38] 2 locks held by syz-executor/10037:
[  963.748391][   T38]  #0: ffffffff8ed7ced0 (&ops->srcu#2){.+.+}-{0:0}, at: rtnl_link_ops_get+0x23/0x250
[  963.748438][   T38]  #1: ffffffff8e862eb8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8e9/0x1c80
[  963.748486][   T38] 2 locks held by syz-executor/10051:
[  963.748497][   T38]  #0: ffffffff8e855fa0 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x337/0x4e0
[  963.748543][   T38]  #1: ffffffff8e862eb8 (rtnl_mutex){+.+.}-{4:4}, at: ip_tunnel_init_net+0x2ab/0x800
[  963.748590][   T38] 1 lock held by syz-executor/10064:
[  963.748600][   T38]  #0: ffffffff8e862eb8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  963.748645][   T38] 3 locks held by modprobe/10066:
[  963.748656][   T38] 
[  963.748661][   T38] =============================================
[  963.748661][   T38] 
[  963.748670][   T38] NMI backtrace for cpu 1
[  963.748688][   T38] CPU: 1 UID: 0 PID: 38 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  963.748726][   T38] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  963.748736][   T38] Call Trace:
[  963.748743][   T38]  <TASK>
[  963.748750][   T38]  dump_stack_lvl+0x189/0x250
[  963.748778][   T38]  ? __pfx_dump_stack_lvl+0x10/0x10
[  963.748801][   T38]  ? __pfx__printk+0x10/0x10
[  963.748833][   T38]  nmi_cpu_backtrace+0x39e/0x3d0
[  963.748855][   T38]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  963.748875][   T38]  ? __pfx__printk+0x10/0x10
[  963.748899][   T38]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  963.748922][   T38]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[  963.748943][   T38]  watchdog+0xf60/0xfa0
[  963.748976][   T38]  ? watchdog+0x1e2/0xfa0
[  963.749004][   T38]  kthread+0x711/0x8a0
[  963.749030][   T38]  ? __pfx_watchdog+0x10/0x10
[  963.749051][   T38]  ? __pfx_kthread+0x10/0x10
[  963.749071][   T38]  ? rt_spin_unlock+0x150/0x200
[  963.749094][   T38]  ? rt_spin_unlock+0x161/0x200
[  963.749109][   T38]  ? __pfx_kthread+0x10/0x10
[  963.749133][   T38]  ret_from_fork+0x4bc/0x870
[  963.749155][   T38]  ? __pfx_ret_from_fork+0x10/0x10
[  963.749183][   T38]  ? __switch_to_asm+0x39/0x70
[  963.749199][   T38]  ? __switch_to_asm+0x33/0x70
[  963.749215][   T38]  ? __pfx_kthread+0x10/0x10
[  963.749239][   T38]  ret_from_fork_asm+0x1a/0x30
[  963.749273][   T38]  </TASK>
[  963.749280][   T38] Sending NMI from CPU 1 to CPUs 0:
[  963.749306][    C0] NMI backtrace for cpu 0
[  963.749319][    C0] CPU: 0 UID: 0 PID: 16 Comm: ktimers/0 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  963.749337][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  963.749346][    C0] RIP: 0010:lock_acquire+0x189/0x360
[  963.749367][    C0] Code: 00 00 00 f7 44 24 08 00 02 00 00 74 01 fb 65 48 8b 05 ab 51 06 10 48 3b 44 24 58 0f 85 f2 00 00 00 48 83 c4 60 5b 41 5c 41 5d <41> 5e 41 5f 5d e9 cd 10 28 09 cc 65 8b 05 d5 92 06 10 85 c0 75 ce
[  963.749380][    C0] RSP: 0018:ffffc900001566d8 EFLAGS: 00000086
[  963.749394][    C0] RAX: f48885617bf42500 RBX: ffffe8ffffc02520 RCX: f48885617bf42500
[  963.749407][    C0] RDX: 0000000000000000 RSI: ffffffff8cf63301 RDI: ffffffff8b3ddbe0
[  963.749418][    C0] RBP: ffffffff8ac29810 R08: 0000000000000000 R09: ffffffff8ac29810
[  963.749429][    C0] R10: dffffc0000000000 R11: fffffbfff1dac52f R12: dffffc0000000000
[  963.749439][    C0] R13: ffffe8ffffc02520 R14: 0000000000000001 R15: 0000000000000046
[  963.749449][    C0] FS:  0000000000000000(0000) GS:ffff888126dfc000(0000) knlGS:0000000000000000
[  963.749460][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  963.749471][    C0] CR2: 00007ffed920e188 CR3: 0000000037048000 CR4: 00000000003526f0
[  963.749485][    C0] Call Trace:
[  963.749491][    C0]  <TASK>
[  963.749499][    C0]  _raw_spin_lock_irqsave+0xa7/0xf0
[  963.749517][    C0]  ? rt_mutex_slowunlock+0xb0/0x8a0
[  963.749532][    C0]  ? __pfx__raw_spin_lock_irqsave+0x10/0x10
[  963.749549][    C0]  ? __lock_acquire+0xab9/0xd20
[  963.749570][    C0]  rt_mutex_slowunlock+0xb0/0x8a0
[  963.749584][    C0]  ? rt_spin_lock+0x1c1/0x3e0
[  963.749600][    C0]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  963.749616][    C0]  ? rt_spin_unlock+0x150/0x200
[  963.749632][    C0]  ? rt_spin_unlock+0x161/0x200
[  963.749648][    C0]  ___slab_alloc+0x879/0x13f0
[  963.749663][    C0]  ? trace_fib_table_lookup+0x85/0x200
[  963.749680][    C0]  ? dst_alloc+0x105/0x170
[  963.749699][    C0]  __slab_alloc+0xc6/0x1f0
[  963.749719][    C0]  ? dst_alloc+0x105/0x170
[  963.749735][    C0]  ? dst_alloc+0x105/0x170
[  963.749750][    C0]  kmem_cache_alloc_noprof+0xec/0x6b0
[  963.749771][    C0]  dst_alloc+0x105/0x170
[  963.749789][    C0]  ip_route_output_key_hash_rcu+0x1560/0x23e0
[  963.749811][    C0]  ? ip_route_output_key_hash+0xc1/0x280
[  963.749828][    C0]  ip_route_output_key_hash+0x174/0x280
[  963.749845][    C0]  ? __lock_acquire+0xab9/0xd20
[  963.749862][    C0]  ? __pfx_ip_route_output_key_hash+0x10/0x10
[  963.749887][    C0]  ip_route_output_flow+0x2a/0x150
[  963.749902][    C0]  ? ip_route_me_harder+0x6ae/0xf10
[  963.749923][    C0]  ip_route_me_harder+0x6c4/0xf10
[  963.749945][    C0]  ? __pfx_ip_route_me_harder+0x10/0x10
[  963.749971][    C0]  ? rcu_is_watching+0x15/0xb0
[  963.749990][    C0]  synproxy_send_tcp+0x3a7/0x700
[  963.750011][    C0]  synproxy_send_client_synack+0x8bb/0xe20
[  963.750034][    C0]  ? __pfx_synproxy_send_client_synack+0x10/0x10
[  963.750050][    C0]  ? nft_socket_cgroup_subtree_level+0xf8/0x340
[  963.750068][    C0]  ? synproxy_pernet+0x45/0x270
[  963.750089][    C0]  nft_synproxy_eval_v4+0x36e/0x560
[  963.750109][    C0]  ? __pfx_nft_synproxy_eval_v4+0x10/0x10
[  963.750129][    C0]  ? nf_ip_checksum+0x13c/0x510
[  963.750148][    C0]  nft_synproxy_do_eval+0x345/0x570
[  963.750169][    C0]  ? __pfx_nft_synproxy_do_eval+0x10/0x10
[  963.750195][    C0]  nft_do_chain+0x40c/0x1920
[  963.750213][    C0]  ? __pfx_rcu_qs+0x10/0x10
[  963.750237][    C0]  ? __pfx_nft_do_chain+0x10/0x10
[  963.750257][    C0]  ? sched_clock_cpu+0x74/0x430
[  963.750277][    C0]  ? try_to_take_rt_mutex+0x840/0xb00
[  963.750299][    C0]  nft_do_chain_inet+0x25d/0x340
[  963.750317][    C0]  ? __pfx_nft_do_chain_inet+0x10/0x10
[  963.750334][    C0]  ? __lock_acquire+0xab9/0xd20
[  963.750357][    C0]  ? NF_HOOK+0x9a/0x3a0
[  963.750376][    C0]  ? __pfx_nft_do_chain_inet+0x10/0x10
[  963.750394][    C0]  nf_hook_slow+0xc5/0x220
[  963.750412][    C0]  NF_HOOK+0x206/0x3a0
[  963.750440][    C0]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[  963.750459][    C0]  ? NF_HOOK+0x9a/0x3a0
[  963.750477][    C0]  ? __pfx_NF_HOOK+0x10/0x10
[  963.750494][    C0]  ? ip_rcv_finish_core+0xda3/0x1c00
[  963.750509][    C0]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[  963.750529][    C0]  ? skb_dst+0x4f/0xd0
[  963.750542][    C0]  ? ip_local_deliver+0x12a/0x1b0
[  963.750563][    C0]  NF_HOOK+0x30c/0x3a0
[  963.750582][    C0]  ? __pfx_ip_rcv_finish+0x10/0x10
[  963.750595][    C0]  ? NF_HOOK+0x9a/0x3a0
[  963.750613][    C0]  ? __pfx_NF_HOOK+0x10/0x10
[  963.750632][    C0]  ? __pfx_ip_rcv_finish+0x10/0x10
[  963.750651][    C0]  ? __pfx_ip_rcv+0x10/0x10
[  963.750669][    C0]  __netif_receive_skb+0x143/0x380
[  963.750690][    C0]  ? process_backlog+0x27b/0x900
[  963.750708][    C0]  process_backlog+0x31e/0x900
[  963.750738][    C0]  __napi_poll+0xb6/0x540
[  963.750758][    C0]  net_rx_action+0x5f7/0xda0
[  963.750776][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  963.750794][    C0]  ? _raw_spin_unlock_irq+0x2e/0x50
[  963.750817][    C0]  ? __pfx_net_rx_action+0x10/0x10
[  963.750852][    C0]  handle_softirqs+0x22f/0x710
[  963.750873][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  963.750894][    C0]  run_ktimerd+0xcf/0x190
[  963.750912][    C0]  ? __pfx_run_ktimerd+0x10/0x10
[  963.750930][    C0]  ? preempt_schedule_thunk+0x16/0x30
[  963.750948][    C0]  ? smpboot_thread_fn+0x5f4/0xa60
[  963.750965][    C0]  ? smpboot_thread_fn+0x4d/0xa60
[  963.750981][    C0]  smpboot_thread_fn+0x542/0xa60
[  963.750998][    C0]  ? smpboot_thread_fn+0x4d/0xa60
[  963.751019][    C0]  kthread+0x711/0x8a0
[  963.751038][    C0]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  963.751055][    C0]  ? __pfx_kthread+0x10/0x10
[  963.751072][    C0]  ? rt_spin_unlock+0x150/0x200
[  963.751089][    C0]  ? rt_spin_unlock+0x161/0x200
[  963.751102][    C0]  ? __pfx_kthread+0x10/0x10
[  963.751121][    C0]  ret_from_fork+0x4bc/0x870
[  963.751138][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[  963.751158][    C0]  ? __switch_to_asm+0x39/0x70
[  963.751172][    C0]  ? __switch_to_asm+0x33/0x70
[  963.751185][    C0]  ? __pfx_kthread+0x10/0x10
[  963.751203][    C0]  ret_from_fork_asm+0x1a/0x30
[  963.751225][    C0]  </TASK>
[  965.119757][ T5808] Bluetooth: hci5: command tx timeout
[  967.174157][ T5808] Bluetooth: hci5: command tx timeout
[  969.263727][ T5808] Bluetooth: hci5: command tx timeout
[  971.333741][ T5808] Bluetooth: hci5: command tx timeout