last executing test programs:

7.715455861s ago: executing program 5 (id=101):
r0 = socket$inet6_sctp(0x1c, 0x1, 0x84)
bind(r0, &(0x7f0000000000)=@in6={0x1c, 0x1c, 0x3}, 0x1c)
connect$inet6(r0, &(0x7f0000000080)={0x1c, 0x1c, 0x3}, 0x1c)
r1 = dup(r0)
sendto$inet6(r1, &(0x7f00000001c0)="d39b2845e7ba3176e4274c88fadfa5c97fcd5e5dc0e3faf8152b08516a85021e4e44df284df341d41d16f5f4940090eb8e4de3d83a9831e0d22ea7d470e904a9b060ebc8a685bda77a67145eff01521c88ea73c9f838e773fc308188c6ee56b9e6afac9d32999f9ba4db09ff4333a648fecd5002dd930b8876bfd5c1491ebb8a9f5f44a17db4a514cc6aabe8d136ef5ed4671fdbd1d80b59f1f876d753fd8793c7b406484d9dfc1a200df23c6daf897fb86aa77562067ca41930a56c10e3790d9009225e109f7a695788a5dc4a568e1348a0ce89d7d55752ee1ac5752a8fd5a4b559790fa4d508802be7fcf9205ad2723fa4a31eb68d138ba93a2f0d0a9fc9a45a44953ff52389a968011e842e14078262e2156926bbd7bb2b18dc17f4da5091b76c5dbc9d532ac21605217c70be4f07131ba2e4a9e13b625532e73de9074bae3396e72c9d64c33aaaa36e613f269c1e1660e60096292d6e4ad591da30042a92ec886e7cf5f361df4b036ee9e3176b4281a8e7310ea1124aad3c3e675fc97693e6367442a3c20ed67c1b7864240afdb4e060e622bc5c0973d314bc5e62bb09cc1334234d2abbd9a64a6df44686e43371b71b82e96add69d3bbee56467b7144bb099bafdd503998852092c6ffc7e27ce7b921c23f04d0ebe48f3cc634dd0005430328f36c34443b7da892dc832827f1efa06e215af738a72390cb915348b1863db47205009adf56e78cff1a43857f10dbbd7779007fc5179bb1f13bcaf7c22661b799b6ee79126df30517d75a34f615935e30f01b234a3a4208c75b3f74b2919980623598548b3afe2759df2101ec6f8020ddf5921cbf6b228818a605bfe6886fba3ea5cdbac89f1196965d8bb9d6ceaa604be52f5fefeb760b5355d96fe635b98660d1342550752f60a2", 0x28a, 0x0, 0x0, 0x0)
recvmsg(r1, &(0x7f0000001680)={0x0, 0x0, 0x0}, 0x0)

7.333042838s ago: executing program 5 (id=105):
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21}, &(0x7f0000bbdffc))
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, "0000000000000000000080ffffffffffff00"})
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000200)=0x2)
read(r1, 0x0, 0x2006)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000180))
r2 = dup(r1)
ioctl$USBDEVFS_RESETEP(r2, 0x80045503, 0x0)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)

5.239862617s ago: executing program 5 (id=118):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0xb, 0x8b, 0x5, 0x9, 0x1, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000300)={r0, &(0x7f0000000140), 0x0}, 0x20)

4.98170504s ago: executing program 5 (id=122):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0x541b, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
close_range(r1, 0xffffffffffffffff, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_UDP_GET_REMOTEIP(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000200)=ANY=[], 0x190}, 0x1, 0x0, 0x0, 0x40}, 0x20000000)

4.592455663s ago: executing program 5 (id=129):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="3400000010000100"/20, @ANYRES32=0x0, @ANYBLOB="0000000000801280"], 0x34}}, 0x0)
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r1=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="2400000070000100000000000000000007000000", @ANYRES32=r1, @ANYBLOB="0c0002800600"], 0x24}}, 0x0)

4.370201998s ago: executing program 5 (id=131):
mlockall(0x3)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
mmap$snddsp_control(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0xc, 0x31, 0xffffffffffffffff, 0x83000000)
fsetxattr$trusted_overlay_origin(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)

4.287033584s ago: executing program 3 (id=133):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io(0xffffffffffffffff, &(0x7f00000003c0)={0x2c, &(0x7f0000000040)={0x0, 0x0, 0x7, {0x7, 0x0, "a7ea3163fd"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
r0 = syz_open_dev$sndctrl(&(0x7f00000000c0), 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$packet(0x11, 0x2, 0x300)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(r0, 0xc4c85513, &(0x7f0000000000)={0x1e, 0x0, 0x0, 0x0, 'syz1\x00'})

3.682666916s ago: executing program 0 (id=139):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'nhpoly1305-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000)="8a", 0x440)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$NL80211_CMD_GET_FTM_RESPONDER_STATS(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000640)=ANY=[], 0xfffffdef}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=@delqdisc={0x24}, 0x24}}, 0x8001)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000280)=ANY=[], 0x20}}, 0x0)

3.406290778s ago: executing program 3 (id=141):
syz_usb_connect(0x0, 0x44, &(0x7f0000000040)=ANY=[@ANYBLOB="120100009ba4d20871180603b0b50102030109023200010000000009040000000e01000008240600018a2aa805240000000d240f0100000000070000000006"], 0x0)
syz_open_dev$dri(0x0, 0x1, 0x0)
socket$netlink(0x10, 0x3, 0x0)
syz_usb_connect(0x5, 0x3f, 0x0, 0x0)

2.826274207s ago: executing program 0 (id=144):
r0 = socket$rds(0x15, 0x5, 0x0)
setsockopt$RDS_FREE_MR(r0, 0x114, 0x3, &(0x7f0000000100)={{0x4, 0x5}, 0x2}, 0x10)

2.825778253s ago: executing program 2 (id=145):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001e80)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}]}, @NFT_MSG_NEWRULE={0x60, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x38, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @bitwise={{0xffffffffffffff49}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_BITWISE_LEN={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_BITWISE_DREG={0x8}, @NFTA_BITWISE_OP={0x8}, @NFTA_BITWISE_SREG={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xd4}}, 0x0)

2.665439571s ago: executing program 0 (id=146):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000ac0), 0x0, 0x0)
readv(r1, &(0x7f0000000280)=[{&(0x7f0000000000)=""/41, 0xfffffdd6}, {&(0x7f0000000080)=""/56, 0x41}, {&(0x7f00000000c0)=""/167, 0xa7}, {&(0x7f0000000180)=""/213, 0xec}], 0x4)

2.654316221s ago: executing program 4 (id=147):
pipe(&(0x7f0000000340)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write$binfmt_aout(r1, 0x0, 0x6a)
pipe(&(0x7f00000003c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
splice(r0, 0x0, r2, 0x0, 0x800, 0x0)
close(r1)

2.470306228s ago: executing program 2 (id=148):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0xb, 0x8b, 0x5, 0x9, 0x1, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000300)={r0, &(0x7f0000000140), 0x0}, 0x20)

2.302569321s ago: executing program 4 (id=149):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
write$binfmt_elf32(r0, &(0x7f0000000500)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x9, 0x2, 0x3e, 0x0, 0x1, 0x38, 0xe9, 0xd, 0x4, 0x20, 0x2, 0x400, 0x1}}, 0x38)
execveat(0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x0)

2.08687195s ago: executing program 4 (id=150):
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
io_setup(0x5, &(0x7f0000002740)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000080)=[&(0x7f0000000000)={0x0, 0x0, 0x20, 0x7, 0x0, r0, 0x0, 0x0, 0x800000100}])

2.041165609s ago: executing program 1 (id=151):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x9)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f00000001c0)=[{&(0x7f000001a040)=""/102385, 0x18ff1}], 0x1, 0x0, 0x0)
r1 = syz_io_uring_setup(0x117, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x3}, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000200)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffc00, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000000c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x21, 0x0, @fd=r0, 0x0, 0x0})
io_uring_enter(r1, 0x47f6, 0x0, 0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

2.040548112s ago: executing program 2 (id=152):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socket$igmp6(0xa, 0x3, 0x2)
setgroups(0x0, 0x0)
r1 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$inet6_int(r1, 0x29, 0x48, &(0x7f0000000000)=0x402, 0x4)
r2 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$CAPI_GET_FLAGS(r2, 0x80044323, &(0x7f0000000080))
sched_setaffinity(0x0, 0xfffffffffffffcb2, &(0x7f0000000800)=0x9)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$packet(0x11, 0x3, 0x300)
writev(r3, &(0x7f0000000780)=[{&(0x7f0000000380)="390000001300034700bb65e1c3e4ffff010000000100000056000000250000001900040004e0144000000007fd17e5ffff0800040000000000", 0x39}], 0x1)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f0000002340)={0x0, 0x0, &(0x7f0000002300)={&(0x7f0000000580)=ANY=[@ANYBLOB="44010000", @ANYRES16, @ANYBLOB="1d0c000000000000000001000000100002800c000180080001000000000018000180140002007866726d300000000000000000000000080102804c000180080001000700000008000100030000000800010001000000080001000400000008000100020000000800010008000000080001000000000008000100070000000800010007000000340001800800010007000000080001000100000008000100040000000800010000000000080001000700000008000100000000001c000180080001000200000008000100040000000800010000000000080001"], 0x144}}, 0x0)

1.654193552s ago: executing program 4 (id=153):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000180)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x48}]}, &(0x7f0000000000)='GPL\x00'}, 0x90)
r0 = socket$inet(0x2, 0x4000000000000001, 0x100)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7b, 0x4)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600), 0x4)
sendto$inet(r0, &(0x7f0000000700)="0c268a927f1f6588b967481241ba78600a34f65ac618ded8974895abeaf4b4834ff959bcecc7a95425a3a07e758044ab4ea6f7c555d88fecf90b037511bf746bec66ba", 0x994b6e03113064ae, 0x0, 0x0, 0x0)
recvmsg(r0, &(0x7f0000001500)={0x0, 0x0, &(0x7f0000002200)=[{&(0x7f00000035c0)=""/4106, 0x100a}], 0x1, 0x0, 0x0, 0x407006}, 0x104)

1.652620813s ago: executing program 2 (id=154):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x105080, 0x0)
preadv2(r0, &(0x7f0000000080)=[{&(0x7f0000001200)=""/4096, 0x1fee00}], 0x2, 0x0, 0x0, 0x0)

1.459823245s ago: executing program 3 (id=155):
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x0)
write$cgroup_int(r0, &(0x7f0000000000)=0x710, 0x12)

1.386051055s ago: executing program 0 (id=156):
r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100), 0x20200, 0x0)
ioctl$SNDCTL_MIDI_INFO(r0, 0xc074510c, 0x0)

1.28233375s ago: executing program 1 (id=157):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x3)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000180)={{0x1, 0x1, 0x18}, '\x00'})
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0), 0x20000, 0x0)
ioctl$EVIOCGPROP(r1, 0x40047438, &(0x7f0000000180)=""/246)
ioctl$PPPIOCGFLAGS1(r1, 0x80047453, &(0x7f0000000100))

1.28193547s ago: executing program 4 (id=158):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_INPUT(r0, &(0x7f0000000940)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125c7ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb32bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bd6c108fab3591bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af8c2034fae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b8b74e26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd6929bbc2850cd4901389e6ea6e86041e0efa1158f334e7afda0e11c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c6692abb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b29674bfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bcddf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d672250658bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb15ac56438ea331820ae59c8c474e36fc73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4659698549646bd63175adf77b5cdcfe676e1b1a9af15102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4b9f6e46a8ce73eb22ebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f842629049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21bbfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e00686a3ed499cfb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a300000ffffffffffff14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9f058cc048f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd839d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002af6a6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b42e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae6644493f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a", 0x1000}}, 0xfec)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r0, 0x0)
r1 = socket(0x15, 0x5, 0x0)
getsockopt(r1, 0x200000000114, 0x5, 0x0, &(0x7f0000000040))

1.102223989s ago: executing program 4 (id=159):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000180)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x48}]}, &(0x7f0000000000)='GPL\x00'}, 0x90)
r0 = socket$inet(0x2, 0x4000000000000001, 0x100)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000000040)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10)
sendto$inet(r0, &(0x7f0000000700)="0c268a927f1f6588b967481241ba78600a34f65ac618ded8974895abeaf4b4834ff959bcecc7a95425a3a07e758044ab4ea6f7c555d88fecf90b037511bf746bec66ba", 0x994b6e03113064ae, 0x0, 0x0, 0x0)

1.078689834s ago: executing program 2 (id=160):
socket$kcm(0x21, 0x2, 0x2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$kcm(0x21, 0x2, 0x2)
r1 = socket$kcm(0x11, 0x200000000000002, 0x300)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB], &(0x7f00000002c0)='syzkaller\x00'}, 0x90)
recvmsg$kcm(r1, &(0x7f00000025c0)={0x0, 0x0, 0x0}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x0, 0x0, &(0x7f0000000000)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r2}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet_udplite(0x2, 0x2, 0x88)
socket(0x10, 0x3, 0x0)
sendmsg$kcm(r0, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @empty}}, 0x80, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18}, 0x0)
close(0x4)

1.006321745s ago: executing program 1 (id=161):
userfaultfd(0x80001)
socket$inet6_sctp(0xa, 0x1, 0x84)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000680))
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
epoll_create(0x7)
unshare(0x22020600)
pselect6(0x40, &(0x7f0000000100), 0x0, &(0x7f0000000000)={0x1fe}, &(0x7f0000000200)={0x0, 0x3938700}, 0x0)

1.006014233s ago: executing program 0 (id=162):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, 0x0, 0x0)
syz_emit_ethernet(0x3a, &(0x7f0000000180)={@link_local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @multicast1}, {0x0, 0x4e22, 0x18, 0x0, @wg=@data}}}}}, 0x0)

925.866943ms ago: executing program 3 (id=163):
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX, @ANYBLOB=',rootmode=000000'])
r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000100), 0x1000a)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x10012, r1, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0})

761.370409ms ago: executing program 0 (id=164):
syz_usb_connect(0x2, 0x24, &(0x7f0000000140)=ANY=[@ANYBLOB="1201000043242108d81301006230010203010902120001000000000904"], 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)

670.268092ms ago: executing program 1 (id=165):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
process_vm_readv(0x0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
syz_emit_ethernet(0xf4, &(0x7f00000004c0)=ANY=[@ANYRES32, @ANYRES8=r0, @ANYRES16], 0x0)

663.819445ms ago: executing program 3 (id=166):
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000680), 0x2, 0x0)
pipe2$9p(&(0x7f0000001900), 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
inotify_init()
pipe(&(0x7f0000000140))
pipe2$9p(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = socket(0x10, 0x80002, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="1c00000007ffff", @ANYRES16=r2, @ANYRESDEC], 0x52)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_u}]}})

634.909412ms ago: executing program 2 (id=167):
openat$vnet(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x6)
futex(&(0x7f0000001300)=0x80000001, 0x800000000006, 0x0, 0x0, 0x0, 0x0)
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
r1 = getpid()
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$kcm(0x10, 0x0, 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000200)={0x8000, 0x2, 0x84})
ioctl$DRM_IOCTL_MODE_CURSOR(r2, 0xc01c64a3, 0x0)
dup(0xffffffffffffffff)

434.220996ms ago: executing program 1 (id=168):
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000680), 0x2, 0x0)
pipe2$9p(&(0x7f0000001900), 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
inotify_init()
pipe2$9p(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = socket(0x10, 0x80002, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="1c00000007ffff", @ANYRES16=r2, @ANYRESDEC], 0x52)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_u}]}})

318.152032ms ago: executing program 3 (id=169):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r0}, 0x10)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x11c, 0x0, 0x0, 0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
syz_emit_ethernet(0xf4, &(0x7f00000004c0)=ANY=[@ANYRES32=r1, @ANYRES8=r0, @ANYRES16=r1], 0x0)
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
lseek(0xffffffffffffffff, 0x0, 0x4)
bind$inet(r3, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000680))
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_int(r4, 0x6, 0x19, &(0x7f0000000040)=0xb7, 0x4)
bind$inet(r4, &(0x7f0000003900)={0x2, 0x4e24, @multicast1}, 0x10)
connect$inet(r4, &(0x7f0000000480)={0x2, 0x4e24, @empty}, 0x10)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000440)={'erspan0\x00', &(0x7f0000000340)={'gre0\x00', 0x0, 0x1, 0x8000, 0x5, 0xfe, {{0x17, 0x4, 0x2, 0x17, 0x5c, 0x68, 0x0, 0xc, 0x29, 0x0, @remote, @multicast2, {[@timestamp_addr={0x44, 0x1c, 0x71, 0x1, 0x1, [{@multicast1, 0xfffffffe}, {@loopback, 0x3}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x7}]}, @end, @ssrr={0x89, 0x13, 0x71, [@dev={0xac, 0x14, 0x14, 0x2e}, @loopback, @multicast1, @empty]}, @ssrr={0x89, 0x13, 0x37, [@multicast1, @multicast2, @initdev={0xac, 0x1e, 0x1, 0x0}, @initdev={0xac, 0x1e, 0x1, 0x0}]}, @ra={0x94, 0x4, 0x1}]}}}}})
sendto$inet(r4, &(0x7f0000000100)="f4188a9876a9431deeb98e3edfaafa03a11300e3aebb4102000000000034c5d2af03a5f261a35c07d07d371a4402394549d78c3f511bb4793daf4b4e28410e598769487fb27044ece0b4e738bcc7e1ce3aa7a3df2572a082809f406467bc0f0b47872a2ecc399861b90da1ffcfb35a8f5579b72e3cde817a2a78ff205c6fee57f9177bbeeb2f3d121b9c508660c2d90b0dc3f2412b62e7d99a7dfa6960b663bb8e14764efb33f9465c242b84b75a436ef9af2492b19a15bb9108656d828553e1719de91aa29cb5bf187a0162d50e234b6207725486c9e828d756ff9b6d4f5c4960469dd3a48b4e525f0cbf7158f95d603a37c272f874ee3b5c6e56", 0xfffffffffffffdb0, 0x4040004, 0x0, 0xfffffffb)

0s ago: executing program 1 (id=170):
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f0000000140)={0x0, &(0x7f0000000080)=[<r2=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000280)={0x1, r2, 0x0, 0x0, 0x7ff, 0xa, 0x1})

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.1.119' (ED25519) to the list of known hosts.
[   69.581261][ T5212] cgroup: Unknown subsys name 'net'
[   69.752752][ T5212] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   70.926039][ T1265] ieee802154 phy0 wpan0: encryption failed: -22
[   70.932645][ T1265] ieee802154 phy1 wpan1: encryption failed: -22
[   71.259986][ T5212] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   74.139326][ T5240] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   74.147784][ T5240] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   74.156669][ T5240] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   74.164051][ T5240] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   74.181582][ T5240] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   74.202362][ T5240] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   74.221520][ T5244] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   74.222291][ T5240] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   74.230682][ T5243] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   74.252058][ T5240] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   74.257212][ T5246] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   74.260273][ T5240] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   74.267281][ T5243] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   74.275933][ T5247] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   74.281452][ T5246] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   74.287836][ T5240] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   74.294397][ T5243] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   74.302376][ T5247] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   74.308583][ T5246] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   74.323017][ T5241] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   74.324126][ T5243] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   74.330815][ T5247] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   74.338622][ T5246] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   74.353415][ T5246] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   74.360811][ T5246] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   74.361608][ T5247] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   74.375550][ T5241] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   74.384770][ T5241] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   74.393761][ T5247] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   74.416387][ T5247] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   74.423897][ T5247] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[   74.430948][ T5241] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   74.438422][ T5247] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   74.441470][ T4611] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   74.454224][   T54] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[   74.461737][   T54] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   75.182103][ T5228] chnl_net:caif_netlink_parms(): no params data found
[   75.273450][ T5223] chnl_net:caif_netlink_parms(): no params data found
[   75.307177][ T5226] chnl_net:caif_netlink_parms(): no params data found
[   75.431432][ T5225] chnl_net:caif_netlink_parms(): no params data found
[   75.547572][ T5224] chnl_net:caif_netlink_parms(): no params data found
[   75.589837][ T5227] chnl_net:caif_netlink_parms(): no params data found
[   75.630402][ T5228] bridge0: port 1(bridge_slave_0) entered blocking state
[   75.637636][ T5228] bridge0: port 1(bridge_slave_0) entered disabled state
[   75.645092][ T5228] bridge_slave_0: entered allmulticast mode
[   75.652972][ T5228] bridge_slave_0: entered promiscuous mode
[   75.726802][ T5226] bridge0: port 1(bridge_slave_0) entered blocking state
[   75.734113][ T5226] bridge0: port 1(bridge_slave_0) entered disabled state
[   75.741912][ T5226] bridge_slave_0: entered allmulticast mode
[   75.749225][ T5226] bridge_slave_0: entered promiscuous mode
[   75.757343][ T5228] bridge0: port 2(bridge_slave_1) entered blocking state
[   75.764830][ T5228] bridge0: port 2(bridge_slave_1) entered disabled state
[   75.772111][ T5228] bridge_slave_1: entered allmulticast mode
[   75.779527][ T5228] bridge_slave_1: entered promiscuous mode
[   75.851059][ T5226] bridge0: port 2(bridge_slave_1) entered blocking state
[   75.858301][ T5226] bridge0: port 2(bridge_slave_1) entered disabled state
[   75.866578][ T5226] bridge_slave_1: entered allmulticast mode
[   75.874237][ T5226] bridge_slave_1: entered promiscuous mode
[   75.900114][ T5228] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   75.979818][ T5228] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   75.989585][ T5223] bridge0: port 1(bridge_slave_0) entered blocking state
[   75.997489][ T5223] bridge0: port 1(bridge_slave_0) entered disabled state
[   76.004899][ T5223] bridge_slave_0: entered allmulticast mode
[   76.012495][ T5223] bridge_slave_0: entered promiscuous mode
[   76.033389][ T5225] bridge0: port 1(bridge_slave_0) entered blocking state
[   76.040499][ T5225] bridge0: port 1(bridge_slave_0) entered disabled state
[   76.048342][ T5225] bridge_slave_0: entered allmulticast mode
[   76.055649][ T5225] bridge_slave_0: entered promiscuous mode
[   76.147927][ T5223] bridge0: port 2(bridge_slave_1) entered blocking state
[   76.155566][ T5223] bridge0: port 2(bridge_slave_1) entered disabled state
[   76.163195][ T5223] bridge_slave_1: entered allmulticast mode
[   76.170412][ T5223] bridge_slave_1: entered promiscuous mode
[   76.177822][ T5225] bridge0: port 2(bridge_slave_1) entered blocking state
[   76.185685][ T5225] bridge0: port 2(bridge_slave_1) entered disabled state
[   76.193064][ T5225] bridge_slave_1: entered allmulticast mode
[   76.200205][ T5225] bridge_slave_1: entered promiscuous mode
[   76.221432][ T5227] bridge0: port 1(bridge_slave_0) entered blocking state
[   76.228556][ T5227] bridge0: port 1(bridge_slave_0) entered disabled state
[   76.236380][ T5227] bridge_slave_0: entered allmulticast mode
[   76.243786][ T5227] bridge_slave_0: entered promiscuous mode
[   76.252344][ T5227] bridge0: port 2(bridge_slave_1) entered blocking state
[   76.259494][ T5227] bridge0: port 2(bridge_slave_1) entered disabled state
[   76.267131][ T5227] bridge_slave_1: entered allmulticast mode
[   76.274777][ T5227] bridge_slave_1: entered promiscuous mode
[   76.283281][ T5224] bridge0: port 1(bridge_slave_0) entered blocking state
[   76.290477][ T5224] bridge0: port 1(bridge_slave_0) entered disabled state
[   76.297788][ T5224] bridge_slave_0: entered allmulticast mode
[   76.305172][ T5224] bridge_slave_0: entered promiscuous mode
[   76.316820][ T5226] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   76.329767][ T5228] team0: Port device team_slave_0 added
[   76.339456][ T5228] team0: Port device team_slave_1 added
[   76.362103][   T54] Bluetooth: hci2: command tx timeout
[   76.379264][ T5225] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   76.403096][ T5224] bridge0: port 2(bridge_slave_1) entered blocking state
[   76.410299][ T5224] bridge0: port 2(bridge_slave_1) entered disabled state
[   76.418394][ T5224] bridge_slave_1: entered allmulticast mode
[   76.426358][ T5224] bridge_slave_1: entered promiscuous mode
[   76.435866][ T5226] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   76.445158][   T54] Bluetooth: hci1: command tx timeout
[   76.451734][   T54] Bluetooth: hci0: command tx timeout
[   76.505626][ T5225] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   76.522682][   T54] Bluetooth: hci4: command tx timeout
[   76.522708][ T5242] Bluetooth: hci3: command tx timeout
[   76.522997][ T5242] Bluetooth: hci5: command tx timeout
[   76.548156][ T5227] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   76.588902][ T5226] team0: Port device team_slave_0 added
[   76.611041][ T5223] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   76.640560][ T5227] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   76.665734][ T5226] team0: Port device team_slave_1 added
[   76.687681][ T5228] batman_adv: batadv0: Adding interface: batadv_slave_0
[   76.695722][ T5228] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   76.721779][ T5228] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   76.738094][ T5223] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   76.782531][ T5224] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   76.794765][ T5224] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   76.818117][ T5228] batman_adv: batadv0: Adding interface: batadv_slave_1
[   76.825621][ T5228] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   76.851891][ T5228] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   76.880284][ T5225] team0: Port device team_slave_0 added
[   76.916507][ T5226] batman_adv: batadv0: Adding interface: batadv_slave_0
[   76.927084][ T5226] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   76.954084][ T5226] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   77.009343][ T5223] team0: Port device team_slave_0 added
[   77.017464][ T5225] team0: Port device team_slave_1 added
[   77.042603][ T5227] team0: Port device team_slave_0 added
[   77.061354][ T5226] batman_adv: batadv0: Adding interface: batadv_slave_1
[   77.068327][ T5226] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   77.094865][ T5226] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   77.124463][ T5223] team0: Port device team_slave_1 added
[   77.137362][ T5228] hsr_slave_0: entered promiscuous mode
[   77.144081][ T5228] hsr_slave_1: entered promiscuous mode
[   77.176696][ T5227] team0: Port device team_slave_1 added
[   77.186914][ T5224] team0: Port device team_slave_0 added
[   77.197356][ T5224] team0: Port device team_slave_1 added
[   77.249945][ T5225] batman_adv: batadv0: Adding interface: batadv_slave_0
[   77.257139][ T5225] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   77.284581][ T5225] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   77.359149][ T5225] batman_adv: batadv0: Adding interface: batadv_slave_1
[   77.366259][ T5225] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   77.393295][ T5225] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   77.419746][ T5224] batman_adv: batadv0: Adding interface: batadv_slave_0
[   77.426826][ T5224] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   77.453460][ T5224] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   77.497607][ T5223] batman_adv: batadv0: Adding interface: batadv_slave_0
[   77.504903][ T5223] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   77.531042][ T5223] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   77.550340][ T5227] batman_adv: batadv0: Adding interface: batadv_slave_0
[   77.557472][ T5227] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   77.584193][ T5227] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   77.597992][ T5227] batman_adv: batadv0: Adding interface: batadv_slave_1
[   77.605160][ T5227] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   77.642498][ T5227] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   77.654880][ T5224] batman_adv: batadv0: Adding interface: batadv_slave_1
[   77.662281][ T5224] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   77.688999][ T5224] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   77.722108][ T5226] hsr_slave_0: entered promiscuous mode
[   77.728739][ T5226] hsr_slave_1: entered promiscuous mode
[   77.735729][ T5226] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   77.743800][ T5226] Cannot create hsr debugfs directory
[   77.759758][ T5223] batman_adv: batadv0: Adding interface: batadv_slave_1
[   77.766825][ T5223] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   77.792960][ T5223] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   77.862677][ T5225] hsr_slave_0: entered promiscuous mode
[   77.869320][ T5225] hsr_slave_1: entered promiscuous mode
[   77.876210][ T5225] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   77.883928][ T5225] Cannot create hsr debugfs directory
[   77.980224][ T5223] hsr_slave_0: entered promiscuous mode
[   77.987409][ T5223] hsr_slave_1: entered promiscuous mode
[   77.994215][ T5223] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   78.002320][ T5223] Cannot create hsr debugfs directory
[   78.091316][ T5224] hsr_slave_0: entered promiscuous mode
[   78.097913][ T5224] hsr_slave_1: entered promiscuous mode
[   78.108654][ T5224] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   78.116280][ T5224] Cannot create hsr debugfs directory
[   78.144197][ T5227] hsr_slave_0: entered promiscuous mode
[   78.151052][ T5227] hsr_slave_1: entered promiscuous mode
[   78.157468][ T5227] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   78.165883][ T5227] Cannot create hsr debugfs directory
[   78.441615][ T5242] Bluetooth: hci2: command tx timeout
[   78.527154][ T5230] Bluetooth: hci1: command tx timeout
[   78.533093][ T5242] Bluetooth: hci0: command tx timeout
[   78.601606][   T54] Bluetooth: hci3: command tx timeout
[   78.607242][ T5230] Bluetooth: hci4: command tx timeout
[   78.613008][ T5242] Bluetooth: hci5: command tx timeout
[   78.830633][ T5228] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   78.865938][ T5228] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   78.884586][ T5228] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   78.897183][ T5228] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   78.966785][ T5225] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   78.987088][ T5225] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   79.009670][ T5225] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   79.026228][ T5225] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   79.127709][ T5224] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   79.139654][ T5224] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   79.150728][ T5224] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   79.177184][ T5224] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   79.283184][ T5226] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   79.305980][ T5226] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   79.319061][ T5226] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   79.330357][ T5226] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   79.419035][ T5228] 8021q: adding VLAN 0 to HW filter on device bond0
[   79.513949][ T5228] 8021q: adding VLAN 0 to HW filter on device team0
[   79.522703][ T5223] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   79.558444][ T1598] bridge0: port 1(bridge_slave_0) entered blocking state
[   79.565987][ T1598] bridge0: port 1(bridge_slave_0) entered forwarding state
[   79.584834][ T5223] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   79.620013][   T59] bridge0: port 2(bridge_slave_1) entered blocking state
[   79.627195][   T59] bridge0: port 2(bridge_slave_1) entered forwarding state
[   79.657489][ T5223] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   79.673628][ T5223] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   79.779479][ T5227] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   79.798774][ T5227] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   79.825524][ T5225] 8021q: adding VLAN 0 to HW filter on device bond0
[   79.848287][ T5227] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   79.878227][ T5227] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   79.969836][ T5226] 8021q: adding VLAN 0 to HW filter on device bond0
[   79.995799][ T5225] 8021q: adding VLAN 0 to HW filter on device team0
[   80.055892][   T59] bridge0: port 1(bridge_slave_0) entered blocking state
[   80.063085][   T59] bridge0: port 1(bridge_slave_0) entered forwarding state
[   80.081124][   T59] bridge0: port 2(bridge_slave_1) entered blocking state
[   80.088448][   T59] bridge0: port 2(bridge_slave_1) entered forwarding state
[   80.110826][ T5224] 8021q: adding VLAN 0 to HW filter on device bond0
[   80.167293][ T5224] 8021q: adding VLAN 0 to HW filter on device team0
[   80.210526][ T2488] bridge0: port 1(bridge_slave_0) entered blocking state
[   80.217709][ T2488] bridge0: port 1(bridge_slave_0) entered forwarding state
[   80.255475][ T5226] 8021q: adding VLAN 0 to HW filter on device team0
[   80.287070][ T2488] bridge0: port 2(bridge_slave_1) entered blocking state
[   80.294389][ T2488] bridge0: port 2(bridge_slave_1) entered forwarding state
[   80.365587][   T52] bridge0: port 1(bridge_slave_0) entered blocking state
[   80.372863][   T52] bridge0: port 1(bridge_slave_0) entered forwarding state
[   80.386564][   T52] bridge0: port 2(bridge_slave_1) entered blocking state
[   80.394101][   T52] bridge0: port 2(bridge_slave_1) entered forwarding state
[   80.467467][ T5228] 8021q: adding VLAN 0 to HW filter on device batadv0
[   80.521628][ T5230] Bluetooth: hci2: command tx timeout
[   80.577146][ T5223] 8021q: adding VLAN 0 to HW filter on device bond0
[   80.602553][ T5230] Bluetooth: hci0: command tx timeout
[   80.608029][ T5230] Bluetooth: hci1: command tx timeout
[   80.649644][ T5227] 8021q: adding VLAN 0 to HW filter on device bond0
[   80.681584][ T5230] Bluetooth: hci4: command tx timeout
[   80.687046][ T5230] Bluetooth: hci5: command tx timeout
[   80.693234][ T5242] Bluetooth: hci3: command tx timeout
[   80.815599][ T5223] 8021q: adding VLAN 0 to HW filter on device team0
[   80.862958][ T5228] veth0_vlan: entered promiscuous mode
[   80.876054][ T5227] 8021q: adding VLAN 0 to HW filter on device team0
[   80.938234][   T52] bridge0: port 1(bridge_slave_0) entered blocking state
[   80.945454][   T52] bridge0: port 1(bridge_slave_0) entered forwarding state
[   81.006654][   T52] bridge0: port 1(bridge_slave_0) entered blocking state
[   81.013963][   T52] bridge0: port 1(bridge_slave_0) entered forwarding state
[   81.055137][   T52] bridge0: port 2(bridge_slave_1) entered blocking state
[   81.062502][   T52] bridge0: port 2(bridge_slave_1) entered forwarding state
[   81.095629][ T5228] veth1_vlan: entered promiscuous mode
[   81.117378][ T5225] 8021q: adding VLAN 0 to HW filter on device batadv0
[   81.143636][   T52] bridge0: port 2(bridge_slave_1) entered blocking state
[   81.151000][   T52] bridge0: port 2(bridge_slave_1) entered forwarding state
[   81.260224][ T5226] 8021q: adding VLAN 0 to HW filter on device batadv0
[   81.326070][ T5228] veth0_macvtap: entered promiscuous mode
[   81.338007][ T5228] veth1_macvtap: entered promiscuous mode
[   81.407998][ T5224] 8021q: adding VLAN 0 to HW filter on device batadv0
[   81.520988][ T5227] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   81.634504][ T5228] batman_adv: batadv0: Interface activated: batadv_slave_0
[   81.707636][ T5228] batman_adv: batadv0: Interface activated: batadv_slave_1
[   81.747230][ T5225] veth0_vlan: entered promiscuous mode
[   81.832094][ T5228] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   81.841043][ T5228] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   81.871210][ T5228] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   81.881413][ T5228] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   81.930146][ T5225] veth1_vlan: entered promiscuous mode
[   82.155672][ T5226] veth0_vlan: entered promiscuous mode
[   82.173271][ T5223] 8021q: adding VLAN 0 to HW filter on device batadv0
[   82.228858][ T5226] veth1_vlan: entered promiscuous mode
[   82.278688][ T5225] veth0_macvtap: entered promiscuous mode
[   82.290885][ T5227] 8021q: adding VLAN 0 to HW filter on device batadv0
[   82.308044][ T5224] veth0_vlan: entered promiscuous mode
[   82.357045][ T5225] veth1_macvtap: entered promiscuous mode
[   82.433437][ T5224] veth1_vlan: entered promiscuous mode
[   82.501751][   T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   82.509774][   T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   82.536694][ T5225] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   82.558324][ T5225] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.572107][ T5225] batman_adv: batadv0: Interface activated: batadv_slave_0
[   82.601491][ T5230] Bluetooth: hci2: command tx timeout
[   82.663362][ T5226] veth0_macvtap: entered promiscuous mode
[   82.672471][ T1598] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   82.680384][ T1598] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   82.692204][ T5230] Bluetooth: hci1: command tx timeout
[   82.697628][ T5230] Bluetooth: hci0: command tx timeout
[   82.701709][ T5225] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   82.714368][ T5225] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.726828][ T5225] batman_adv: batadv0: Interface activated: batadv_slave_1
[   82.743406][ T5226] veth1_macvtap: entered promiscuous mode
[   82.762483][ T5230] Bluetooth: hci5: command tx timeout
[   82.767922][ T5230] Bluetooth: hci3: command tx timeout
[   82.773607][   T54] Bluetooth: hci4: command tx timeout
[   82.798605][ T5226] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   82.809560][ T5226] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.819818][ T5226] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   82.838531][ T5226] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.850808][ T5226] batman_adv: batadv0: Interface activated: batadv_slave_0
[   82.868177][ T5224] veth0_macvtap: entered promiscuous mode
[   82.876525][ T5223] veth0_vlan: entered promiscuous mode
[   82.901044][ T5225] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   82.911178][ T5225] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   82.920277][ T5225] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   82.930203][ T5225] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   82.962212][ T5226] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   82.973099][ T5226] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.983238][ T5226] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   82.995107][ T5226] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.009803][ T5226] batman_adv: batadv0: Interface activated: batadv_slave_1
[   83.034113][ T5224] veth1_macvtap: entered promiscuous mode
[   83.042253][ T5223] veth1_vlan: entered promiscuous mode
[   83.063679][ T5226] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   83.073247][ T5226] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   83.082802][ T5226] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   83.092202][ T5226] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   83.165415][ T5224] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   83.197131][ T5224] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.210458][ T5224] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   83.229702][ T5224] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.239684][ T5224] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   83.243714][ T5332] loop0: detected capacity change from 0 to 2048
[   83.266826][ T5224] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.268129][ T5332] udf: Bad value for 'partition'
[   83.283548][ T5224] batman_adv: batadv0: Interface activated: batadv_slave_0
[   83.366582][ T5224] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   83.385125][ T5332] Zero length message leads to an empty skb
[   83.392313][ T5224] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.403414][ T5224] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   83.414245][ T5224] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.424567][ T5224] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   83.436027][ T5224] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.448081][ T5224] batman_adv: batadv0: Interface activated: batadv_slave_1
[   83.554241][ T5227] veth0_vlan: entered promiscuous mode
[   83.560931][ T5224] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   83.581212][ T5224] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   83.597134][ T5224] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   83.606598][ T5224] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   83.693648][ T5223] veth0_macvtap: entered promiscuous mode
[   83.702581][   T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   83.705563][ T5227] veth1_vlan: entered promiscuous mode
[   83.729214][   T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   83.797771][ T5223] veth1_macvtap: entered promiscuous mode
[   83.871026][ T1598] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   83.887329][ T5227] veth0_macvtap: entered promiscuous mode
[   83.888044][   T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   83.899991][ T5227] veth1_macvtap: entered promiscuous mode
[   83.917232][   T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   83.921539][ T1598] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   83.938557][ T5223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   83.960483][ T5223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.970725][ T5223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   83.985088][ T5223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.996109][ T5223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   84.007054][ T5223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   84.017112][ T5223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   84.027580][ T5223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   84.040752][ T5223] batman_adv: batadv0: Interface activated: batadv_slave_0
[   84.083294][ T5223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   84.127543][ T5223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   84.157476][ T5223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   84.292006][ T5223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   84.331293][ T5223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   84.363272][ T5223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   84.400365][ T5223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   84.422082][ T5223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   84.438660][ T5223] batman_adv: batadv0: Interface activated: batadv_slave_1
[   84.490476][ T5227] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   84.619807][ T5341] Bluetooth: MGMT ver 1.23
[   84.689951][ T5227] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   84.819770][ T5227] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   85.161528][ T5227] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.203116][ T5227] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   85.236353][ T5227] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.271190][ T5227] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   85.321603][ T5227] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.331808][ T5227] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   85.342294][ T5227] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.354311][ T5227] batman_adv: batadv0: Interface activated: batadv_slave_0
[   85.372897][ T5223] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   85.382507][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   85.399681][ T5223] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   85.409760][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   85.432211][ T5223] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   85.440940][ T5223] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   85.451295][ T5345] loop3: detected capacity change from 0 to 512
[   85.458957][ T5345] EXT4-fs: Ignoring removed orlov option
[   85.476961][ T5347] loop0: detected capacity change from 0 to 128
[   85.542904][ T5227] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   85.581144][ T5227] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.609794][ T5227] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   85.623840][ T5227] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.636047][ T5347] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   85.637762][ T5227] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   85.662641][ T5227] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.671640][ T5345] EXT4-fs (loop3): Test dummy encryption mode enabled
[   85.673178][ T5227] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   85.690342][ T5227] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.710156][ T5345] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a054e09c, mo2=0002]
[   85.721759][ T5227] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   85.741492][ T5345] System zones: 1-12
[   85.749768][ T5227] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.773349][ T5227] batman_adv: batadv0: Interface activated: batadv_slave_1
[   85.789012][ T5345] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #15: comm syz.3.11: casefold flag without casefold feature
[   85.836746][ T5345] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.11: couldn't read orphan inode 15 (err -117)
[   85.877924][ T5345] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   85.959932][  T992] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   85.985508][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   85.987647][  T992] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   86.003816][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   86.317575][    T8] cfg80211: failed to load regulatory.db
[   87.455927][ T5360] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[   87.466389][ T5360] FAT-fs (loop0): Filesystem has been set read-only
[   87.475595][ T5360] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[   87.486588][ T5360] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[   87.506586][ T5360] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 548, start 00000401)
[   87.566991][   T29] audit: type=1800 audit(1723245931.283:2): pid=5360 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.10" name="file1" dev="loop0" ino=1048586 res=0 errno=0
[   87.659519][ T5360] syz.0.10 (5360) used greatest stack depth: 18864 bytes left
[   87.925348][ T5225] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   87.963102][ T5227] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   87.992526][ T5227] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   88.013155][ T5227] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   88.026534][ T5227] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   88.563919][   T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   88.572133][   T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   89.002202][ T5372] loop0: detected capacity change from 0 to 2048
[   89.362993][ T5372] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   89.376134][ T5372] ext4 filesystem being mounted at /5/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   89.431702][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   89.478482][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   89.478516][ T2488] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   89.603177][ T2488] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   89.894849][ T5228] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   89.925948][ T1598] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   89.959506][ T1598] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   90.269586][ T5390] loop1: detected capacity change from 0 to 512
[   90.384820][ T5390] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   90.531384][ T5390] ext4 filesystem being mounted at /0/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   90.773718][   T29] audit: type=1326 audit(1723245934.533:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5399 comm="syz.2.19" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f15a99779f9 code=0x0
[   91.638988][ T5390] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2'.
[   91.831967][ T5313] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   92.027723][    T8] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   92.071331][ T5313] usb 1-1: Using ep0 maxpacket: 16
[   92.125989][ T5413] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   92.163149][ T5413] xt_hashlimit: size too large, truncated to 1048576
[   92.173478][ T5313] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 43, changing to 9
[   92.228916][ T5313] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 9524, setting to 1024
[   92.295665][ T5313] usb 1-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[   92.303014][ T5223] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   92.306366][ T5313] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   92.379908][ T5313] usb 1-1: config 0 descriptor??
[   92.388395][    T8] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   92.389753][ T5407] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[   92.594905][    T8] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   92.640679][    T8] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   92.726020][    T8] usb 3-1: New USB device found, idVendor=04d9, idProduct=a070, bcdDevice= 0.00
[   92.785864][    T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   92.830685][   T29] audit: type=1326 audit(1723245936.603:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5414 comm="syz.1.23" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58d7f779f9 code=0x7ffc0000
[   92.872064][    T8] usb 3-1: config 0 descriptor??
[   92.888277][ T5407] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   92.943027][ T5407] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   93.001193][   T29] audit: type=1326 audit(1723245936.613:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5414 comm="syz.1.23" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58d7f779f9 code=0x7ffc0000
[   93.027095][ T5313] hid (null): global environment stack underflow
[   93.076959][ T5313] hid (null): unknown global tag 0xc
[   93.100768][ T5313] hid (null): global environment stack underflow
[   93.127710][   T29] audit: type=1326 audit(1723245936.623:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5414 comm="syz.1.23" exe="/root/syz-executor" sig=0 arch=c000003e syscall=79 compat=0 ip=0x7f58d7f779f9 code=0x7ffc0000
[   93.185527][ T5313] hid-generic 0003:0158:0100.0001: unknown main item tag 0x1
[   93.216071][ T5313] hid-generic 0003:0158:0100.0001: unexpected long global item
[   93.232589][   T29] audit: type=1326 audit(1723245936.623:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5414 comm="syz.1.23" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58d7f779f9 code=0x7ffc0000
[   93.267730][ T5313] hid-generic 0003:0158:0100.0001: probe with driver hid-generic failed with error -22
[   93.346148][ T5313] usb 1-1: USB disconnect, device number 2
[   93.367615][    T8] holtek_mouse 0003:04D9:A070.0002: item fetching failed at offset 1/5
[   93.432257][    T8] holtek_mouse 0003:04D9:A070.0002: hid parse failed: -22
[   93.439580][    T8] holtek_mouse 0003:04D9:A070.0002: probe with driver holtek_mouse failed with error -22
[   93.571466][    T8] usb 3-1: USB disconnect, device number 2
[   93.681314][ T5280] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[   94.735296][ T5280] usb 6-1: Using ep0 maxpacket: 16
[   94.777511][ T5280] usb 6-1: config 0 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   94.857630][ T5280] usb 6-1: config 0 interface 0 altsetting 1 endpoint 0x81 has invalid wMaxPacketSize 0
[   94.920643][ T5280] usb 6-1: config 0 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[   94.966310][ T5434] loop1: detected capacity change from 0 to 512
[   95.028332][ T5280] usb 6-1: config 0 interface 0 has no altsetting 0
[   95.087342][ T5434] =======================================================
[   95.087342][ T5434] WARNING: The mand mount option has been deprecated and
[   95.087342][ T5434]          and is ignored by this kernel. Remove the mand
[   95.087342][ T5434]          option from the mount to silence this warning.
[   95.087342][ T5434] =======================================================
[   95.136972][ T5280] usb 6-1: New USB device found, idVendor=045e, idProduct=05da, bcdDevice= 0.00
[   95.184871][ T5280] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   95.240697][ T5434] ext4: Unknown parameter 'nouser_xattr'
[   96.015840][ T5280] usb 6-1: config 0 descriptor??
[   97.880440][ T5460] loop4: detected capacity change from 0 to 256
[   98.087228][ T5460] FAT-fs (loop4): Directory bread(block 64) failed
[   98.099143][ T5280] usbhid 6-1:0.0: can't add hid device: -71
[   98.108018][ T5280] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[   98.141274][ T5460] FAT-fs (loop4): Directory bread(block 65) failed
[   98.159807][   T29] audit: type=1326 audit(1723245941.933:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5463 comm="syz.0.38" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6dd3779f9 code=0x7ffc0000
[   98.221462][ T5460] FAT-fs (loop4): Directory bread(block 66) failed
[   98.228015][ T5460] FAT-fs (loop4): Directory bread(block 67) failed
[   98.238688][ T5462] loop3: detected capacity change from 0 to 4096
[   98.251502][ T5462] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512).
[   98.263757][ T5280] usb 6-1: USB disconnect, device number 2
[   98.277446][ T5460] FAT-fs (loop4): Directory bread(block 68) failed
[   98.280301][   T29] audit: type=1326 audit(1723245941.963:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5463 comm="syz.0.38" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6dd3779f9 code=0x7ffc0000
[   98.322409][ T5460] FAT-fs (loop4): Directory bread(block 69) failed
[   98.357578][ T5460] FAT-fs (loop4): Directory bread(block 70) failed
[   98.379296][   T29] audit: type=1326 audit(1723245941.983:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5463 comm="syz.0.38" exe="/root/syz-executor" sig=0 arch=c000003e syscall=79 compat=0 ip=0x7ff6dd3779f9 code=0x7ffc0000
[   98.411410][ T5460] FAT-fs (loop4): Directory bread(block 71) failed
[   98.439120][ T5460] FAT-fs (loop4): Directory bread(block 72) failed
[   98.481358][ T5460] FAT-fs (loop4): Directory bread(block 73) failed
[   98.501349][   T29] audit: type=1326 audit(1723245941.983:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5463 comm="syz.0.38" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6dd3779f9 code=0x7ffc0000
[   98.605549][   T29] audit: type=1326 audit(1723245941.983:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5463 comm="syz.0.38" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6dd3779f9 code=0x7ffc0000
[   99.199258][ T5482] loop5: detected capacity change from 0 to 1024
[   99.242350][ T5482] EXT4-fs: Ignoring removed orlov option
[   99.271156][ T5482] EXT4-fs (loop5): Test dummy encryption mode enabled
[   99.310451][ T5482] EXT4-fs (loop5): stripe (7) is not aligned with cluster size (16), stripe is disabled
[   99.404390][ T5482] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   99.889596][ T5313] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  100.141355][ T5313] usb 4-1: Using ep0 maxpacket: 16
[  100.271457][ T5313] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 43, changing to 9
[  100.342234][ T5313] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 9524, setting to 1024
[  100.410123][   T29] audit: type=1326 audit(1723245944.183:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5481 comm="syz.5.48" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f4f1779f9 code=0x7ffc0000
[  100.444382][ T5313] usb 4-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  100.514851][ T5313] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  100.527232][   T29] audit: type=1326 audit(1723245944.183:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5481 comm="syz.5.48" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f4f1779f9 code=0x7ffc0000
[  100.568370][   T29] audit: type=1326 audit(1723245944.213:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5481 comm="syz.5.48" exe="/root/syz-executor" sig=0 arch=c000003e syscall=328 compat=0 ip=0x7f5f4f1779f9 code=0x7ffc0000
[  100.576205][ T5482] fscrypt (loop5): Error allocating 'xts(aes)' transform: -4
[  100.619765][ T5313] usb 4-1: config 0 descriptor??
[  100.661610][ T5485] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  100.664556][   T29] audit: type=1326 audit(1723245944.213:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5481 comm="syz.5.48" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f4f1779f9 code=0x7ffc0000
[  100.782946][   T29] audit: type=1326 audit(1723245944.213:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5481 comm="syz.5.48" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f4f1779f9 code=0x7ffc0000
[  100.806751][ T5227] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.102855][ T5503] loop5: detected capacity change from 0 to 512
[  101.111973][ T5485] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  101.131951][ T5485] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  101.176296][ T5468] loop2: detected capacity change from 0 to 40427
[  101.223557][ T5468] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  101.242871][ T5313] hid (null): global environment stack underflow
[  101.285672][ T5313] hid (null): unknown global tag 0xc
[  101.295774][ T5468] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  101.321560][ T5313] hid (null): global environment stack underflow
[  101.392686][ T5313] hid-generic 0003:0158:0100.0003: unknown main item tag 0x1
[  101.435623][ T5313] hid-generic 0003:0158:0100.0003: unexpected long global item
[  101.468937][ T5478] loop0: detected capacity change from 0 to 40427
[  101.477608][ T5313] hid-generic 0003:0158:0100.0003: probe with driver hid-generic failed with error -22
[  101.523149][ T5478] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  101.531479][ T5478] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  101.561610][ T5313] usb 4-1: USB disconnect, device number 2
[  101.613977][ T5478] F2FS-fs (loop0): invalid crc value
[  101.622625][ T5468] F2FS-fs (loop2): invalid crc value
[  101.661385][ T5468] F2FS-fs (loop2): Failed to start F2FS issue_checkpoint_thread (-4)
[  101.705424][ T5478] F2FS-fs (loop0): Found nat_bits in checkpoint
[  102.301243][ T5292] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  103.181364][ T5527] loop5: detected capacity change from 0 to 2048
[  103.201943][ T5527] EXT4-fs: Ignoring removed nobh option
[  103.441369][ T5292] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  103.511444][ T5292] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  103.533842][ T5527] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  103.546046][ T5527] ext4 filesystem being mounted at /10/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  103.596884][ T5292] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  103.750709][ T5536] loop3: detected capacity change from 0 to 512
[  103.816067][ T5292] usb 5-1: New USB device found, idVendor=04d9, idProduct=a070, bcdDevice= 0.00
[  103.825658][ T5292] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  103.884408][ T5227] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.899543][ T5292] usb 5-1: config 0 descriptor??
[  103.907469][ T5536] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  103.982788][ T5536] ext4 filesystem being mounted at /12/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  104.230966][ T5540] loop0: detected capacity change from 0 to 4096
[  104.287488][ T5540] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512).
[  104.332460][ T5536] netlink: 16 bytes leftover after parsing attributes in process `syz.3.62'.
[  104.365769][ T5292] holtek_mouse 0003:04D9:A070.0004: item fetching failed at offset 1/5
[  104.407279][ T5292] holtek_mouse 0003:04D9:A070.0004: hid parse failed: -22
[  104.441263][ T5292] holtek_mouse 0003:04D9:A070.0004: probe with driver holtek_mouse failed with error -22
[  104.484563][ T5225] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.605011][ T5292] usb 5-1: USB disconnect, device number 2
[  105.796452][ T5574] process 'syz.1.74' launched './file1' with NULL argv: empty string added
[  107.267023][ T5604] loop2: detected capacity change from 0 to 512
[  107.315435][ T5604] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  107.373239][ T5604] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  107.444302][ T5604] EXT4-fs error (device loop2): ext4_orphan_get:1417: comm syz.2.85: bad orphan inode 17
[  107.487410][ T5604] ext4_test_bit(bit=16, block=4) = 1
[  107.504860][ T5604] is_bad_inode(inode)=0
[  107.527047][ T5604] NEXT_ORPHAN(inode)=1048336
[  107.551555][ T5604] max_ino=32
[  107.555054][ T5604] i_nlink=0
[  107.571552][ T5295] usb 1-1: new full-speed USB device number 3 using dummy_hcd
[  107.599616][ T5604] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  107.731281][ T5295] usb 1-1: device descriptor read/64, error -71
[  107.830776][ T5224] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.031324][ T5295] usb 1-1: new full-speed USB device number 4 using dummy_hcd
[  108.151623][    T8] usb 4-1: new low-speed USB device number 3 using dummy_hcd
[  108.231287][ T5295] usb 1-1: device descriptor read/64, error -71
[  108.351621][ T5295] usb usb1-port1: attempt power cycle
[  108.363974][    T8] usb 4-1: config 0 has no interfaces?
[  108.379393][    T8] usb 4-1: string descriptor 0 read error: -22
[  108.389361][    T8] usb 4-1: New USB device found, idVendor=056a, idProduct=00ba, bcdDevice= 0.40
[  108.419010][    T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  108.444978][    T8] usb 4-1: config 0 descriptor??
[  108.678097][    T8] usb 4-1: USB disconnect, device number 3
[  108.818018][ T5295] usb 1-1: new full-speed USB device number 5 using dummy_hcd
[  108.855817][ T5295] usb 1-1: device descriptor read/8, error -71
[  109.151397][ T5295] usb 1-1: new full-speed USB device number 6 using dummy_hcd
[  109.203471][ T5295] usb 1-1: device descriptor read/8, error -71
[  109.358464][ T5295] usb usb1-port1: unable to enumerate USB device
[  110.163133][ T5664] serio: Serial port pts0
[  110.771920][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[  111.001808][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[  111.987914][ T5693] loop2: detected capacity change from 0 to 4096
[  112.028117][ T5693] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512).
[  113.380793][ T5745] capability: warning: `syz.0.136' uses 32-bit capabilities (legacy support in use)
[  114.311430][ T5412] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  114.507812][ T5769] netlink: 48 bytes leftover after parsing attributes in process `syz.2.145'.
[  114.532520][ T5412] usb 4-1: Using ep0 maxpacket: 8
[  114.541969][ T5769] netlink: 48 bytes leftover after parsing attributes in process `syz.2.145'.
[  114.602446][ T5412] usb 4-1: New USB device found, idVendor=1871, idProduct=0306, bcdDevice=b5.b0
[  114.642639][ T5412] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  114.686654][ T5412] usb 4-1: Product: syz
[  114.721203][ T5412] usb 4-1: Manufacturer: syz
[  114.739757][ T5412] usb 4-1: SerialNumber: syz
[  114.793509][ T5412] usb 4-1: config 0 descriptor??
[  114.823089][ T5412] usb 4-1: Found UVC 0.00 device syz (1871:0306)
[  114.853035][ T5412] usb 4-1: No valid video chain found.
[  115.046278][    T9] usb 4-1: USB disconnect, device number 4
[  115.326296][ T5782] netlink: 'syz.2.152': attribute type 4 has an invalid length.
[  116.115042][ T5795] block device autoloading is deprecated and will be removed.
[  116.173009][ T5795] syz.3.155: attempt to access beyond end of device
[  116.173009][ T5795] loop16: rw=2048, sector=0, nr_sectors = 8 limit=0
[  116.201591][ T5230] Bluetooth: hci1: command tx timeout
[  116.751860][ T5818] 9pnet: p9_errstr2errno: server reported unknown error 1844674407370
[  116.881571][ T5295] usb 1-1: new full-speed USB device number 7 using dummy_hcd
[  116.986340][ T5824] 9pnet: p9_errstr2errno: server reported unknown error 18446744073
[  117.132594][ T5295] usb 1-1: New USB device found, idVendor=13d8, idProduct=0001, bcdDevice=30.62
[  117.165785][ T5295] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  117.189989][ T5295] usb 1-1: Product: syz
[  117.205140][ T5295] usb 1-1: Manufacturer: syz
[  117.210079][ T5295] usb 1-1: SerialNumber: syz
[  201.012089][ T5246] Bluetooth: hci3: command 0x0406 tx timeout
[  201.018235][ T5246] Bluetooth: hci2: command 0x0406 tx timeout
[  201.024973][ T5236] Bluetooth: hci0: command 0x0406 tx timeout
[  201.031190][ T5236] Bluetooth: hci5: command 0x0406 tx timeout
[  201.037233][ T5236] Bluetooth: hci1: command 0x0406 tx timeout
[  201.043399][ T5246] Bluetooth: hci4: command 0x0406 tx timeout
[  202.421938][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[  202.831610][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[  203.241163][    T0] NOHZ tick-stop error: local softirq work is pending, handler #180!!!
[  204.982325][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[  205.391525][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[  205.801159][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[  207.541931][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[  207.951706][    T0] NOHZ tick-stop error: local softirq work is pending, handler #180!!!
[  222.221093][    C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  222.228220][    C0] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P5826/1:b..l
[  222.236460][    C0] rcu: 	(detected by 0, t=10502 jiffies, g=11649, q=869 ncpus=2)
[  222.244172][    C0] task:syz.3.169       state:R  running task     stack:26384 pid:5826  tgid:5825  ppid:5225   flags:0x00004000
[  222.256474][    C0] Call Trace:
[  222.259752][    C0]  <TASK>
[  222.262777][    C0]  __schedule+0x1800/0x4a60
[  222.267313][    C0]  ? __pfx___schedule+0x10/0x10
[  222.272177][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  222.277953][    C0]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  222.284028][    C0]  ? __lock_acquire+0x137a/0x2040
[  222.289065][    C0]  ? preempt_schedule_irq+0xf0/0x1c0
[  222.294357][    C0]  preempt_schedule_irq+0xfb/0x1c0
[  222.299470][    C0]  ? __pfx_preempt_schedule_irq+0x10/0x10
[  222.305192][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  222.310844][    C0]  irqentry_exit+0x5e/0x90
[  222.315263][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  222.321248][    C0] RIP: 0010:lock_release+0x198/0xa30
[  222.326555][    C0] Code: eb 03 42 80 3c 3b 00 74 08 4c 89 f7 e8 51 db 8a 00 4c 89 6c 24 50 48 c7 84 24 b0 00 00 00 00 00 00 00 9c 8f 84 24 b0 00 00 00 <42> 80 3c 3b 00 74 08 4c 89 f7 e8 39 da 8a 00 48 8b 9c 24 b0 00 00
[  222.346186][    C0] RSP: 0018:ffffc9000cd873a0 EFLAGS: 00000246
[  222.352280][    C0] RAX: ffffffff935ee710 RBX: 1ffff920019b0e8a RCX: ffffffff816fe2c0
[  222.360248][    C0] RDX: 0000000000000000 RSI: ffffffff8c6060a0 RDI: ffffffff8c606060
[  222.368214][    C0] RBP: ffffc9000cd874d0 R08: ffffffff9017c72f R09: 1ffffffff202f8e5
[  222.376200][    C0] R10: dffffc0000000000 R11: fffffbfff202f8e6 R12: 1ffff920019b0e80
[  222.384168][    C0] R13: ffffffff81df4473 R14: ffffc9000cd87450 R15: dffffc0000000000
[  222.392226][    C0]  ? follow_page_pte+0xf33/0x1ee0
[  222.397293][    C0]  ? lock_release+0xb0/0xa30
[  222.401985][    C0]  ? follow_page_pte+0xeb2/0x1ee0
[  222.407014][    C0]  ? follow_page_pte+0xf33/0x1ee0
[  222.412041][    C0]  ? folio_mark_accessed+0x374/0x1ca0
[  222.417425][    C0]  ? __pfx_lock_release+0x10/0x10
[  222.422481][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  222.428113][    C0]  ? do_raw_spin_unlock+0x13c/0x8b0
[  222.433690][    C0]  follow_page_pte+0xf3f/0x1ee0
[  222.438556][    C0]  ? __pfx_follow_page_pte+0x10/0x10
[  222.443858][    C0]  follow_page_mask+0x739/0x2f90
[  222.448795][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  222.454437][    C0]  ? __pfx_follow_page_mask+0x10/0x10
[  222.460013][    C0]  ? __pfx_find_vma+0x10/0x10
[  222.464695][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  222.470324][    C0]  ? vma_is_secretmem+0xd/0x50
[  222.475081][    C0]  ? check_vma_flags+0x3f4/0x5a0
[  222.480053][    C0]  __get_user_pages+0x67b/0x16a0
[  222.485012][    C0]  ? __pfx___get_user_pages+0x10/0x10
[  222.490408][    C0]  ? __pfx_lock_acquire+0x10/0x10
[  222.495492][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  222.501218][    C0]  __gup_longterm_locked+0xed7/0x17d0
[  222.506620][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  222.512427][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  222.518059][    C0]  ? down_read+0x82b/0xa40
[  222.522473][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  222.528102][    C0]  ? is_valid_gup_args+0x124/0x200
[  222.533220][    C0]  pin_user_pages_remote+0x132/0x1f0
[  222.538512][    C0]  ? __pfx___up_read+0x10/0x10
[  222.543274][    C0]  ? __pfx_pin_user_pages_remote+0x10/0x10
[  222.549086][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  222.554723][    C0]  ? mm_access+0x207/0x240
[  222.559141][    C0]  process_vm_rw+0x716/0xcf0
[  222.563745][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  222.569381][    C0]  ? __pfx_process_vm_rw+0x10/0x10
[  222.574490][    C0]  ? futex_wait+0x285/0x360
[  222.579046][    C0]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  222.585049][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  222.591473][    C0]  __x64_sys_process_vm_readv+0xe0/0x100
[  222.597115][    C0]  do_syscall_64+0xf3/0x230
[  222.601630][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  222.607537][    C0] RIP: 0033:0x7f9c1cd779f9
[  222.612096][    C0] RSP: 002b:00007f9c1dbd4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000136
[  222.620512][    C0] RAX: ffffffffffffffda RBX: 00007f9c1cf05f80 RCX: 00007f9c1cd779f9
[  222.628477][    C0] RDX: 0000000000000002 RSI: 0000000020008400 RDI: 000000000000004e
[  222.636458][    C0] RBP: 00007f9c1cde58ee R08: 0000000000000286 R09: 0000000000000000
[  222.644421][    C0] R10: 0000000020008640 R11: 0000000000000246 R12: 0000000000000000
[  222.652382][    C0] R13: 0000000000000000 R14: 00007f9c1cf05f80 R15: 00007ffe98ec7fa8
[  222.660359][    C0]  </TASK>
[  222.663371][    C0] rcu: rcu_preempt kthread starved for 10542 jiffies! g11649 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1
[  222.674557][    C0] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  222.684516][    C0] rcu: RCU grace-period kthread stack dump:
[  222.690387][    C0] task:rcu_preempt     state:R  running task     stack:24912 pid:17    tgid:17    ppid:2      flags:0x00004000
[  222.702133][    C0] Call Trace:
[  222.705402][    C0]  <TASK>
[  222.708343][    C0]  __schedule+0x1800/0x4a60
[  222.712866][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  222.718502][    C0]  ? __pfx___schedule+0x10/0x10
[  222.723373][    C0]  ? __pfx_lock_release+0x10/0x10
[  222.728418][    C0]  ? __asan_memset+0x23/0x50
[  222.733017][    C0]  ? __pfx_lockdep_init_map_type+0x10/0x10
[  222.738845][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  222.745178][    C0]  ? schedule+0x90/0x320
[  222.749439][    C0]  schedule+0x14b/0x320
[  222.753598][    C0]  schedule_timeout+0x1be/0x310
[  222.758465][    C0]  ? __pfx_schedule_timeout+0x10/0x10
[  222.763835][    C0]  ? __pfx_process_timeout+0x10/0x10
[  222.769142][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  222.774775][    C0]  ? prepare_to_swait_event+0x32e/0x350
[  222.780423][    C0]  rcu_gp_fqs_loop+0x2df/0x1330
[  222.785462][    C0]  ? lockdep_hardirqs_on+0x99/0x150
[  222.790664][    C0]  ? rcu_gp_init+0x1256/0x1630
[  222.795432][    C0]  ? __pfx_rcu_gp_init+0x10/0x10
[  222.800370][    C0]  ? __pfx_dyntick_save_progress_counter+0x10/0x10
[  222.806876][    C0]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[  222.812160][    C0]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  222.818056][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  222.823688][    C0]  ? finish_swait+0xd4/0x1e0
[  222.828283][    C0]  rcu_gp_kthread+0xa7/0x3b0
[  222.832878][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  222.838075][    C0]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  222.843974][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  222.849607][    C0]  ? __kthread_parkme+0x169/0x1d0
[  222.854635][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  222.859847][    C0]  kthread+0x2f2/0x390
[  222.863921][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  222.869115][    C0]  ? __pfx_kthread+0x10/0x10
[  222.873707][    C0]  ret_from_fork+0x4d/0x80
[  222.878125][    C0]  ? __pfx_kthread+0x10/0x10
[  222.882737][    C0]  ret_from_fork_asm+0x1a/0x30
[  222.887518][    C0]  </TASK>
[  222.890525][    C0] rcu: Stack dump where RCU GP kthread last ran:
[  222.896837][    C0] Sending NMI from CPU 0 to CPUs 1:
[  222.902040][    C1] NMI backtrace for cpu 1
[  222.902053][    C1] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Not tainted 6.11.0-rc2-syzkaller-00111-gee9a43b7cfe2 #0
[  222.902076][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  222.902088][    C1] RIP: 0010:unwind_next_frame+0x1351/0x2a00
[  222.902126][    C1] Code: 00 00 4c 39 e5 0f 86 c0 04 00 00 49 8d 44 24 08 4c 39 f0 0f 86 05 08 00 00 48 39 e8 0f 87 fc 07 00 00 e8 e2 4c 52 00 4c 89 e7 <e8> 3a 24 00 00 48 89 c3 48 8b 44 24 30 42 80 3c 28 00 48 8b 6c 24
[  222.902143][    C1] RSP: 0018:ffffc90000a18520 EFLAGS: 00000246
[  222.902161][    C1] RAX: ffffffff81412828 RBX: 0000000000000002 RCX: ffff888017eb8000
[  222.902177][    C1] RDX: 0000000000000100 RSI: 0000000000000002 RDI: ffffc90000a18658
[  222.902191][    C1] RBP: 1ffff920001430ce R08: ffffffff814127ed R09: ffffffff81412746
[  222.902207][    C1] R10: 0000000000000003 R11: ffff888017eb8000 R12: ffffc90000a18658
[  222.902222][    C1] R13: dffffc0000000000 R14: 1ffff920001430cd R15: 1ffff920001430cc
[  222.902242][    C1] FS:  0000000000000000(0000) GS:ffff8880b9300000(0000) knlGS:0000000000000000
[  222.902260][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  222.902275][    C1] CR2: 00007f58d8c356c0 CR3: 000000002ddce000 CR4: 0000000000350ef0
[  222.902292][    C1] Call Trace:
[  222.902300][    C1]  <NMI>
[  222.902308][    C1]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[  222.902333][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  222.902367][    C1]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  222.902391][    C1]  ? nmi_handle+0x2a/0x5a0
[  222.902424][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  222.902453][    C1]  ? nmi_handle+0x151/0x5a0
[  222.902473][    C1]  ? nmi_handle+0x2a/0x5a0
[  222.902496][    C1]  ? unwind_next_frame+0x1351/0x2a00
[  222.902529][    C1]  ? default_do_nmi+0x63/0x160
[  222.902555][    C1]  ? exc_nmi+0x123/0x1f0
[  222.902579][    C1]  ? end_repeat_nmi+0xf/0x53
[  222.902607][    C1]  ? unwind_next_frame+0xff6/0x2a00
[  222.902639][    C1]  ? unwind_next_frame+0x109d/0x2a00
[  222.902671][    C1]  ? unwind_next_frame+0x10d8/0x2a00
[  222.902706][    C1]  ? unwind_next_frame+0x1351/0x2a00
[  222.902740][    C1]  ? unwind_next_frame+0x1351/0x2a00
[  222.902775][    C1]  ? unwind_next_frame+0x1351/0x2a00
[  222.902810][    C1]  </NMI>
[  222.902817][    C1]  <IRQ>
[  222.902832][    C1]  ? __unwind_start+0x2bc/0x7c0
[  222.902870][    C1]  __unwind_start+0x641/0x7c0
[  222.902907][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  222.902936][    C1]  arch_stack_walk+0x103/0x1b0
[  222.902963][    C1]  ? __unwind_start+0x2bc/0x7c0
[  222.903000][    C1]  stack_trace_save+0x118/0x1d0
[  222.903031][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  222.903060][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[  222.903092][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  222.903118][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  222.903152][    C1]  kasan_save_track+0x3f/0x80
[  222.903222][    C1]  ? skb_release_data+0x64d/0x880
[  222.903247][    C1]  kasan_save_free_info+0x40/0x50
[  222.903272][    C1]  poison_slab_object+0xe0/0x150
[  222.903304][    C1]  ? skb_release_data+0x64d/0x880
[  222.903328][    C1]  __kasan_slab_free+0x37/0x60
[  222.903359][    C1]  kmem_cache_free+0x145/0x350
[  222.903387][    C1]  skb_release_data+0x64d/0x880
[  222.903421][    C1]  consume_skb+0xb1/0x160
[  222.903444][    C1]  mac80211_hwsim_beacon_tx+0x3bf/0x850
[  222.903482][    C1]  __iterate_interfaces+0x224/0x510
[  222.903505][    C1]  ? __pfx_mac80211_hwsim_beacon_tx+0x10/0x10
[  222.903535][    C1]  ? __pfx_mac80211_hwsim_beacon_tx+0x10/0x10
[  222.903564][    C1]  ? ieee80211_iterate_active_interfaces_atomic+0x2a/0x170
[  222.903589][    C1]  ieee80211_iterate_active_interfaces_atomic+0xd8/0x170
[  222.903616][    C1]  mac80211_hwsim_beacon+0xd4/0x1f0
[  222.903640][    C1]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  222.903664][    C1]  __hrtimer_run_queues+0x59d/0xd50
[  222.903689][    C1]  ? ktime_get_update_offsets_now+0x3c/0x250
[  222.903734][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  222.903758][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  222.903784][    C1]  ? ktime_get_update_offsets_now+0x22d/0x250
[  222.903821][    C1]  hrtimer_run_softirq+0x19a/0x2c0
[  222.903850][    C1]  handle_softirqs+0x2c6/0x970
[  222.903883][    C1]  ? __irq_exit_rcu+0xf4/0x1c0
[  222.903915][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  222.903946][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  222.903972][    C1]  ? irqtime_account_irq+0xd4/0x1e0
[  222.904008][    C1]  __irq_exit_rcu+0xf4/0x1c0
[  222.904041][    C1]  ? __pfx___irq_exit_rcu+0x10/0x10
[  222.904073][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  222.904102][    C1]  irq_exit_rcu+0x9/0x30
[  222.904128][    C1]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  222.904159][    C1]  </IRQ>
[  222.904166][    C1]  <TASK>
[  222.904174][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  222.904198][    C1] RIP: 0010:acpi_safe_halt+0x21/0x30
[  222.904221][    C1] Code: 90 90 90 90 90 90 90 90 90 65 48 8b 04 25 40 d7 03 00 48 f7 00 08 00 00 00 75 10 eb 07 0f 00 2d e5 02 b4 00 f3 0f 1e fa fb f4 <fa> e9 24 30 3a 00 66 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90
[  222.904237][    C1] RSP: 0018:ffffc900001a7d08 EFLAGS: 00000246
[  222.904254][    C1] RAX: ffff888017eb8000 RBX: ffff88801be9f864 RCX: 0000000000068571
[  222.904270][    C1] RDX: 0000000000000001 RSI: ffff88801be9f800 RDI: ffff88801be9f864
[  222.904285][    C1] RBP: 000000000003a6b8 R08: ffff8880b9337c7b R09: 1ffff11017266f8f
[  222.904300][    C1] R10: dffffc0000000000 R11: ffffffff8bb60c90 R12: ffff88801afec800
[  222.904317][    C1] R13: 0000000000000000 R14: 0000000000000001 R15: ffffffff8f0dcc20
[  222.904334][    C1]  ? __pfx_acpi_idle_enter+0x10/0x10
[  222.904364][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  222.904390][    C1]  acpi_idle_enter+0xe4/0x140
[  222.904413][    C1]  cpuidle_enter_state+0x114/0x480
[  222.904448][    C1]  ? __pfx_menu_select+0x10/0x10
[  222.904478][    C1]  cpuidle_enter+0x5d/0xa0
[  222.904515][    C1]  do_idle+0x375/0x5d0
[  222.904546][    C1]  ? __pfx_do_idle+0x10/0x10
[  222.904584][    C1]  cpu_startup_entry+0x42/0x60
[  222.904610][    C1]  start_secondary+0x100/0x100
[  222.904638][    C1]  common_startup_64+0x13e/0x147
[  222.904674][    C1]  </TASK>
[  223.487753][    C0] sched: RT throttling activated
[  227.731208][   T19] rcu: INFO: rcu_preempt detected expedited stalls on CPUs/tasks: { P5223 P5734 P5826 } 2673 jiffies s: 1997 root: 0x0/T