last executing test programs:

8m37.313557719s ago: executing program 3 (id=60):
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000015c0)={&(0x7f0000001480)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x8, [@union={0x2}]}, {0x0, [0x5f, 0x2e, 0x61, 0x30, 0x5f, 0x0]}}, 0x0, 0x2c, 0x0, 0x1}, 0x28)

8m36.94981902s ago: executing program 3 (id=63):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58)
r2 = syz_open_dev$admmidi(&(0x7f0000000140), 0x20, 0x0)
ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r2, 0xc0305710, &(0x7f0000000040)={0x1, 0xff, 0x1f})
r3 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x80383, 0x0)
read$midi(r2, 0x0, 0x0)
ioctl$SNDCTL_SEQ_PANIC(r3, 0x5111)
ioctl$SNDCTL_SEQ_PANIC(r3, 0x5100)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000080), 0x4000, 0x0)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000300)="c99b57381801238c09d0ff0f1d0dbd30", 0x10)
r4 = accept4(r1, 0x0, 0x0, 0x0)
sendto$inet6(r4, &(0x7f0000000000)="532ce3638da410e55f5c2d4dc79690b3d59e60a3589be672e6c961e145b350037350e825afe8c147e87eb916b621033993acb7cc670d", 0x36, 0x4000, 0x0, 0x0)
recvmmsg(r4, &(0x7f0000000980)=[{{0x0, 0x0, &(0x7f0000000a00)=[{&(0x7f0000000940)=""/53, 0x35}], 0x1}, 0x7fff}, {{0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000840)=""/116, 0x74}], 0x1}, 0x9}], 0x2, 0x10000, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000000c0)={'vxcan0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@deltclass={0x5c, 0x29, 0x1, 0x70bd2b, 0x1ff, {0x0, 0x0, 0x0, r5, {0xfff2, 0xfff1}, {0x8, 0x6}, {0xa, 0x3}}, [@TCA_RATE={0x6, 0x5, {0xa, 0xe4}}, @TCA_RATE={0x6, 0x5, {0x1, 0xcc}}, @TCA_RATE={0x6, 0x5, {0x8, 0x8f}}, @tclass_kind_options=@c_red={0x8}, @TCA_RATE={0x6, 0x5, {0x8, 0x2}}, @TCA_RATE={0x6, 0x5, {0x7, 0x8}}, @TCA_RATE={0x6, 0x5, {0x40, 0x80}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x10000001}, 0x4000111)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)={0x48, 0x2, 0x6, 0x101, 0x0, 0x0, {0x7}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_REVISION={0x5}]}, 0x48}, 0x1, 0x0, 0x0, 0x2002c0c4}, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x40042, 0x67)
r6 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, 0x0)
read$FUSE(r6, &(0x7f00000021c0)={0x2020, 0x0, <r7=>0x0, <r8=>0x0, <r9=>0x0}, 0x2020)
write$FUSE_INIT(r6, &(0x7f0000004200)={0x50, 0x0, r7, {0x7, 0x2b, 0x0, 0xc0c719fe1969ce50, 0x0, 0x0, 0x0, 0x1}}, 0x50)
syz_fuse_handle_req(r6, &(0x7f00000082c0)="2e4873287601f85136cfd130057f46858b881fa5215207c9967fcf0f5f2dbcfaf5f71e052d6a79ec84e9d9e77b90f3d0d5bfc45df24b5264ce499af778ea2faf90d3a5e09a9c281ae8c55ca289b4b0189d59c4588bea9df9eeef203b55b20e6caf9096f12946cd053d66000a7ad60ba22dd1d46b4a629e922d7708ad5570454dc8994b000ba51b2e238494325a0bc8459b0e6980d765fafb13f5674efef6900f22a5bef42666fd74dba081e077cede0090dbc56abd256cafdcbc1be261d26e8a40d54f75a4a6332d6ad961c8662f0fb3e600adc9d1f2576636843df56482b4577ddd66e9ca89647f6d24681c62ef517b229a095048ebb442ee7a07f96c9bfbdfc838e30138671e631bd99834a5079b4524125246c8005158050ef361b1de91ddc42fbad6cdf371a0e02ba44cca19fa1f464560f730e0b6f7754bcf8652a585061dba72c9026b621526ff21ec33872bfddbbe6dd7c3641d6b7a1de064dc254dee3642aa0c58c5faa6b1f113f9f54c9bf69e50cc4b58aa3312365eef5c0fc2fcf710fd3f52d5cad80c189feeca45be913c690fe3712019855a365dacf76181df7bfe09a15d6e4b521b0359f2523a077836ce0ee35240a8eddfd8f3a6136dc14315b8caacead393ebd06be10812e4ba0b506f6448ae18d455f567609fb53f8a88c1a0678a88bd0fae75839f710a40ce98d9bc59cd30f43cde8eb00c145b1e045dc3cda7abba6d6738e927eb14ab05b708caf38a825ffd3a157f99b266ed1d4018cda94251d4ce8ae7bbe1768356a1e08aaf6b47c3b5a8cbf5a0ae18d523831a7dc827a48d67d5962c58a140cadca3a0120f22e06d4f61b8cb98ff3a2e559de7625a454ee7e3d9bcb5543b4b4de6e323abd97655e7cc5e608e902680017227b24690eebc56f9b6d197b7fc10456aec0292d2b7d55b329e282fa756b29767b4746e22100ff07e0d49336e2092ff35ac119a7cd5c3622d480c44410a24944804487327c764ff0d990eae2a45d8fe20e9796471e78d35f64c72261948738f5e822a08d4eaba65535333027979fc93f9c007cf23d00ae861eeb70ac16aebed7000d0ddba7e7a4df396f2b1b92f32ed8b2afd04ed9e931168dfd91715a643ce767d744148a04300260631687f59fa7acc1d2df3ffcd570c22c726f11d401e6ce7d95637078cd1318e3e0c4a63c416343712d5959f6331f5d65289d81ad2a83936779e7fda4806e1a6b7801ce771986fd45d392d876c9894b0e32b14bb622fadfec475016f08312cb4bfd0016fbccacccb8b21d28dd64fb486da6cc90c03cb9698107209b08d299e5d9d003e56a7779fcaeee07249e07de6b3e22bb5ad8b00f7dc5bfa00d0bf80cfbbf242b3f5321e1d8a94a03f127894b058b7cc21e48834350ee3e670756e26e00bc1257e3eb9373ed41c146771e4cd2b866cd98d39d726f3f47ba083ce2d716856ac40d30e1a5d3d27777807abc962cd8e9c84d189add6455a4d6d13bdb84b7de4fccba982f6af55b23189c5b0ade8f118fa5c27cfe0f8b0ba56a5ee946657dfc932759b74bcb129acb5712ff460590225ca1c9afb70d972533b709863470eec623e8b73ff06e7533eed7f697365ca65dfe1ccffb599d7868c147606d6cabe6d633acae6f531e6864ede4f246cb7cce6d480b571b08791ee50e509eafa3163b6891d06c56a4ccda73a3922822b90fb79001569983d91d5cd3cb1513ab897c860c06f9880f0f9d9e6db0007d37726a64c2e1b80d3d9753490453ddb312ecfce8e662a4f841df5ce9f221075b9284ac9597e33f1ccd4f0509ef3498a367781d44c39cfa047adcbd65c9f05161c59918f9eb063f182de33afa54170eba0ce0fc86f679d4aae1762acf62fd4b2defa4aed42c95622e4f2f6850dd7dd395daf6a123c454cfdd5a1cb73f271c126c9bf9f4eb9cd813d370660aa21297d932cae6fae4c99187cd5ca2d5d649c503f5e37f65877cc3c55a01943d45ed1b32ec809b665f06c11494c59af13a3a3b90875d42dd6e0348a2ce827149dce5fa41656b03ee85b24e1ca1835c7bcc801257ba94d2c273a0913f521981386031fd9b8fcca3172a13080315009d500a92b76dfd8a7502c7944eb8353e220a6d8ab500176dca8535a0cff1df08fa442001c660f68077d835568d3f35b87e88b67b09419254652e926f77e7247734b8f1a8dd3bbd417f467882f64844ed3aec3b3b89906e7dcd9614a90f316e7b5fc513a3ae2b0fe1862c0202733be2f374c97bad91544274d212af903eed4619d29345a2aeb44ab427d9699a91eda36acc7bf676e1145f4f63007a5660e544c52649dd299a2843ef5103c3de81dea0582a072b8b20a64fc1682733d7497e5d797c898878f5b78de76f2a87eebc839192c5160cdfa49a89cdc2b0d9f13aa26a0a5d93d4a84d1d40ab709400e26417cc5890e390f0471bedff05c1889789486f5287f67c5f19f422c6194975182fd80e6e9e15c8dbea17db5a265be90b40fd17985c9a6f5b7fb746e2ea98e28dbc270cd77209292e526510a996b330d726e995ea85490c6a0d21744b641ccea3c6017afd94919ccccde0e736cdf5528f7c7e47547ac959eb3bf6c7d0d8226906611c6ef5de98c96771513decde7f0264a76b8db2406ebb9ca4fce6d72177aa82df4bba951edc727a3b521bb2c16c9cf684966880283235e6d842e9e8686cfb8085791327f020adf428542534ebe7fa3da33cc01672e97a28c64e95e4604c43d94977bd7cd1cd66f64c8b92749892eeecbe89edae59f44d18f2112683c2be4db2050e22d004ffa67c717fd82796556d927a21646f2e773d56044cff5d649d3e4c6ce359f38fcdd39781f684ce3c7850363cc49d996fd85ff47c61751e37846f31ae0f8f98d2397069acd5125ac1604b309a5dba69433e993b861cf9e36c1a63d20689031722e58b09f59cfe17528e2fc6a6eb12185d9f34443abb7b5c498589a137b1bc795ee8441efb535492560dd328f83015694a0e9a9fc877d1a5b513d59fa3ed23fc4b06e9b4ee37514c05b3e71269f3c2ef4e10855fb5e8a38b0949ef934ed983937c537dbf7736b0a77e8d060ab1f3f472ed03c45c1f3835bb50edea7d79962034dfee971b7d18b367f71fdc82b69f819010276005ba873fba4e022d80da51f4ba1a407b2e3d415089843d04aea759c34929e2294094c56f392b6a33ff711a799e6659f25dfc441e5784a87487baba5cc67d0846d95f0fedf3e8c4570cc9ce6752bf7cb7f48f063f37df118599e41819dd2ca6e1bd76ed8082fed252af4856b64b5cd43ee057641c0fb4e4a1fd1a65db8b1daf34950e28631750c7a64faeb559a02e167b1e5c0615a1b83290caae5f5a1903be33c3c642364f2b488b8f4005179772733cfcf4e9117868f5eb0c7939d7a9455760f6e65282b558c457ad23e4e15780eaed53409d2f61806bc96c11862e0e6cd64ea9a64f0798c9d783771720e9d30bb66b45ad5d15142a635291d9075860a39b8b3c0863ffd4dfa192abde7124a07c9291ab67d64a0116eaf8b21732d21cfc502743612729c8e68fbd9a27ca71b369d7d651a4b9fa4b1125a7e72c3120fc87d072c89c82387e93d871cdff78373e93e40e8354e1847686c7a11596b76cb156fc95aa05a589f1e62cd39aa806e82edcd313532d5f1516e85c64ccc0bcb5e4b28a3a332d46c170acf3210ed064696b58f146c69b82e69f8fa10dd3143c5ec9888e1ae78fd1245d2627644eda2de82c427417d098e89cf7af667925ecfa6e5ad61baeb319fedc8d82ccc7e1858c510a8ed0515683d469d543889b0e98360d4ef6b52f181ebbf978f71a1cf12dce0f8ce6b0e54a0d0ad16da6ad008ba73c8a33d1a65633cd8ef2da280003068efcf393678d50697369bff598b6c40c9f915072b101e247940b61534b068e478baad65e706a1fae8a21cea845fc8a7f8e2c3d6eb73e23f589da655b390b93217d5c7600eb1eebffe15ffa2f8e705b385d7118575603f9c91a94abd288b4487b678b618701c21ac2fb663f1e3efadb7ae46b5002010613a8288c8830712c5be5d74a4b2c4ea4e826873bae5619117aebc92d3ae6639fca95c67976cf53e6bdc7a17b9f0e46307299edbf09037ebbc14856e40b04d324319ece297b8bca0215c17c9335bb3f04fc062735fe816234b9e25761076eb9c3655f7ef6fbcaace9d839b3f1d62b5571d38b2e346db1ab87e4bb5077d7033b2a74bb8c334a0cb6322c4080bec40ca70ea34b1cdef76bc0030c7c4066a638fad87436cbf62f18b9f063e7e180f8e15dae5532e4b36cf1cf14629fddb9a93324cf13c5fd91ba987fc963a19077ff49252273c1429efe9fce9bad7c28c5cd19ac664af463d134c9d1211c29a9822184e9f7af519f64a5c2cd71666fbe49a86de739158bea252f259dfc850335662eb9e9e757b86222d79966290378170846c30cb17d84b8bfba322e9adf6a64006bceca72232f875af00d86f4fc447f1e3cf60adbea884f67b0ff204246695f3f02e7d7e6875eedd33063e83ecee67e2287f8456938195cf8a69b7493438a56b0cc506ff08a00e255867b7baaccec6612cb6eb96059635c529183d91fc6bee938942987530b1d94193af9733f58194aff199a1855c1cd39e95c8a2897f49208917125194c3f081b35cb629144ff0c1deedfffa67cb673eeee3c640bdc15805ddd368ff41a0910c0df0f614570451ade2aabd0ff7b563150456916afc1a22c791c693496fcdfbe6e13c6cd80952dbbcb09f4e286cc4f336cf0b7e0c94bc8e20a849818c7f6d79fbdb8cd7512186c132f62c4d5f80decd192d77e1094f94a80d48d1921e1e8b15ed4a2df48b279c33ceb7c57b1c2b43b4db4233d78b1df7063cfe0953eb815aed5fe8e85ffea0bbd3ac4af4113edfb9eafeb7613b1803414a630b95ec6ad2d9fbf44fb4ecfbcef8f1cb781a73ff03a96508a5924da6229726e580521019f2c0a47225556004f9a581da2e43d674db8e1c9371fa5050b88f0c4ac80ba48af045bf8f3387acebed27a4c0300002af87eabadff0700785c697eb2fdf41a256189f7e4a85c9fd7ebf08765f834e071aa78c595441adbb59361c0d5c9a22742efa2c6631047a13929bc4de2931f55640d0b33aba48d3c80bdf48d1f4cc3eb5280ebff23f6d9e277052beb969ba3c7cce7ebbcd53178513d4e85ba0c8b2eabe9f86bdf2f7091773cbc4275634691a6c5882ced2520097cb069cea37cbf0cf131a97215caa259e5fafa184f2ead784e8c67dda1990b2da413ec7f0ef290e3693b0b35b400c2c30f79ea83ac3bbe778c5b781aa2586eff3d6d5a9c59e31d135061b2135a1dbb7a56bbdf5e7df18c94fb2bdd89b459bed354864285f3b75cb5cc155dd517df9c77738d43da7f6ef72478ffb1d72da8e1a9c3ef52026cd10cdf50702b828f8e0375827c231955e4c5b962c395caed544739d068e7a2af70ae9c5e67c4a58669be8f145ee4eb8b1bc4e34c4fa8a160005c7cd1d9d11e4e468404446ea03c135ed17fffcdc5bcf0aafe1cb391df475fee02233dfe431aac3963c233cbd6e10c8da430d996bd83909827370fab655ead2f74e9a8170e5e6eee8fbfc63db267eb4b38f6d70d55878a6e76b3ff880de8a572cb6a4aaf46b2fa59b3458116734f7d5f41c892c62c58822e6555c95138e81756d840e3a473250480b8c7996e343979870b4e37efe72dc9455f74c52325ed510e40e8f3088b4fc24dd221c3b3417c6fb2d834c33e820fc0c856add9ba00fc750345b038f3b15870a02845eb262d51966294306970ded11f1452a40f40aab1e309e7285fe4a59587ade9e6caf1ffa0120fa9ad3a20034fc05254ec03ac20b67ecd7953841fe7d5b027ac7f3beb53f49a6338c74b80bc4b6a4146943f3ced5bea0265e1f85c37446ffeaf1842251bd72c083aa20b19eeda80a47e4433ee349c8650a88fe66d088e696a3a5e89ef4e2bc1cd771622d1c34c4101fdd513c348f6039fd8758794f1d296c722621670640d1cac5cbdd15fdb2249960d7b0279023014aed792f5d14be6551d5d114fc1cd080797e84f8d9fe6e8885b125f8d219b215ea990880ea1be8a9a785250b67e953bb8036836e3fd20da6e6fb620ae2b80f3056ad07c48bfad810251bbbfd8d4efb4fd47c6552a13776d943f17a4916330dfba0561d1adc40d28c43c27b315c163f4df9e744de42f4323870442d512988bb3f9c0e2fe238cb606f71d0820f1517138961b44ece0c7ea5744a75c157eedc271ad8c0cfcb6ad83191c6710a7145acf6ce9fd77e85e1b758d3935b801ebd7fff92b63321b0af2cc9e5b2f30dcbc0893bb0634dfcceedb58839a2e4d76ae2290ae2c1e4a48fff3f01182d5063243c40f5c44e51fd8435d41e28d94e3e5f3e5b7c3fb2ecf8aac247a876bbd583146d96a0ecdc8dfa129b364ec7e8c445cbcb5107a378c8190668bfe55c7081ae89d4f89767c97907785542938f9113c41d8c4674abe836db2e62aa01b2421b54747217afe425723634275083fbf67b7750111bd070bd598aa099d388bee5d06a112d5acaa56b553a9b184e1d66e13b0fcd63bbec503207777567f7f0561692606985414eb66c1f5b63cb59c76cf5dcad1daf25df64bebcb7de092206af76cfd474b9c4f68e441bc767d858ea23d7f1b2ff7bf0ca266c125d7dd03a0fd3b132c7303eb7801f8d5007c3b1e428ce0a00b4478eccf02888f9853dcc6a108bb36ad8961f2272b1154e595d9ac4f5a52d979457f212fe96eaac708247a91b1d12cbd261b1fcce3cc25c0daa49b0efb2bd9f19c2f7b75e05f6658c60e3231ce56b8eade3bfad0d247aea2a46229c84f57b4ed3ebbe6459d16450d280c7736c0002b8342b24cc183e70b414f02b14cf9b131acc7b049518fad19fa29449e5b5d4d1c88f736ce19c4aef4251649e075c0d700bc93c2ae06fb53f73d524b601f8c5ec074676b6b7776c86b576b647749ed751799d43219472a46374e4e65ea469ec87b0d93b6cab74b3e0230f591680fb4aa1f119eba7c7bf96e46135a3a8abe42de652230f15bb3ec30eb1f09f7102738017df83f0b8f9f61d2ebd33408f1154999e8d10c95ea25552dcd7c791bc71df5b0075c1c672463c4b71e51ac335cc56bc173709d903e9e09e6d69325239a07cae7892ea90e1b08e8570e40dbcd61295a2a6ca6bda4b3267c152f33379166b5dbfca43f88f0cca90cf081e792a8523b5b246df73102bb429a72262d50755e69c464f41187387a10bca2b695ed637d48b8a71962e3a11a582f587ccb23dcb97ad9d9916935bc5748414120848ba238464cd8f1e949e35c247392f46ec2b674a9089d8b025d3bd2a635fa261e4d8614827e0f3a5ed0f5ad17998179aa80b36e1a06067ff01ea563d1c320d6bc3a92c9e3ee01a0b024645726d2bec1ffc4ef1c512c668f51f87ca010b70cb8526579762598a137848093206b0633c8920fe99567e49754cabc0ef3d06130e94b5d0b4c321552ad5e97b8b68d58067384df31c20ef2daeca3785c9cd104db0cbe6038d49742ee140c2284762d01bd678a8bea1fee0a0a25a12f9a63c5befbad83100e326f61029a2d918b17f7ba61e627b13ee7bc9e24ada3666222a4a145493e41cb07004ae1121a2c96f55dece273813a7872686492a8a5925f16faa795b132d9560e77c182c46fa5309d398fffe3d4e6b56a87ae01c620953028f94ac8a01c7b49fd34b92420ddb4a9fd569d314b6510fed30e33afabf20f2a573cb4b37b92ff1f1ecb57128f7736eccf3870b745ecf62b189acaeece3482d26b527ac9fc243b34fe98afecdaf6cd63e416d9225413c6dcc3539aa03b1bb6a9ea4ab14d7206f7ea3024306fa4f87176b63f1e6371dedcb50af0dc24743c091424bffb9e19ddcf59e004dd580d1d94c4008911ffea16b580600ca8b0e64317b223e7ffed909b837d0f5987f2eb224719bfb8e37c68269ed72c381f786ea694c5feecbed8c3925b1df4538e11a53b4394f03c8b87d87e51ebd2d1f7d41fbb18479feda4fb234f5eaba1dc82d149664a4585931fc6c8f8c4300bea6475b24d5071d99a2a01d7867d48f0c5bc1bf8f7235072b37b60e5f081c9a3b199ad35a8062ebaba0943d728d89e478bb54d128f9329727695217e9f6fa899e8a4e87bc5238e251089913bd18f3e715573bcd81817ef06eee56f38beeaafee07363aef2822a01a1a110f4091a9db6f3152c50f1c0153b183cc2ae7f2ca6604363aa05fb3ade548896fe51fbc71a6a8f9028ce4a8a0604b076ebd8deebcdbbb1c7b6cba059a34e4c785da524f802ba5f8add03576e6381d2a2bb88f908518e4e3e0eccd97213aea10f9ccb7c521eb19318accc7066f4b5346e3226d92c41d1cf73e7ac51d87d0660507983648a7267315c00bd0424f9e64a1ab0c75bf396e99abe6b88268f0be0b349ecd59d8f7069f6ced0e9353c87869940c102998b565059efa59cf5f5955f523f8b4af37cb98d9fea2bbc7623f0b8ca79c7cd511a15b06bc1e5df2a4deba242a0c466457f57e206b7b695820f5b0b7a5007d762296f9b61f5739ed7d4840d841a7858ba3f8d7e4972b5718a3d22ff6a75b5c6461907cd992e10ec71e365880663747bde711d9216b48ca2786906d2dc930a5d215d78a3163e7c0b1777b1bc2c5c15ae1c913ab746af9466387797e5bcde9e9fe191c437f4098e8ebfc10c082ce779dcf778ac54d155385d53f1de77a08846bab947a3cdbf5660ef8d01a83fb4ee50cf02cfca421fa5f4b9859e1986987f4e1aeebd907331bd6a65ee7f47386549f3ba7f93c38c811aec1ead972b066eeb106e3e8b0133ebed55bb52819b755186ccfa284a6b9c893b09f8502e4498280abd12301139e6ac1c2b276efb9dee92192cfbc33bd5327898d57b44cea544d33e0c53f3887f15894d12db6a892df5ae1b6d7f3f37b87bf622b402110cdcaf443b29d860d7dac998e44610f1ed28cda0ffb32854cffd8088eeff38e5a37b8cf1597b5e72d8fabc1c643c48f5b04c57da75a7c87614458dfa520bfd8d95671fab8350a09cc78f1a2aaa5e87e962783986ccd2a7b97e47b84d21597f4fd4fd2445ee95f8099dd8efb87c5a34973246670d9fda4181d3b1335ee724aa79940659b6a0c62ebbcf8a7b09d670941229ed65fef5247313f078effe0fc1c2d3510019da21d1ecc3d12112ca8fe6c691c146cd160bb78cc15d3c944c97bac5214736d0e484aca6266a1c3b0f70e75bd1ce35a5e8a28e229da3796b43add92f4c67e1e80843e088ef5a246ff0e421fc0b4faf598dc013a9e263f276e459364717f210c6366f1e070b9687126a9cbea9f7a66c2eefd0851c54196479b3c3a0bd33e1a5f34767cd0443697f68426ece2986d045bd2db6c0c1ddc9ba0073d2f9be5851bcc6a8e24d0af1e6b0a6826ef0e2d211a2ec3a24db0ae02945d98de01be9c40b62e3af3c9318c1c14ce1e65d0dcb63b55d0488b96a746a262feea4441ed29e9e0422fb18fdfb9ff976c871dbf33b212b5032b6cb4ee3bff586d12b9e3ca80caa0ea9439c940505d7286cf98c9e8083e05a2d0054fec8656f26f26703ed3ab77039e7565dc670d4652afbeaac8647c7ca87ebbe3454ae75f1ac3be003296cfaea54cd2437bd7cdf2d16aa28ad12c7af93a04731fbfe601bb2e6a68add03cf9337561e449e2f5234e497dd643a1489c9b367624c036a46517632114d74950fd83c3e9539ade3b52e8e001095deeb0eb8d1d0380c7463903f189cf80117e912f82c1519fc3909b3495cdf434d86ad644886466ae215618c41aa61a7c9377002efaec1e72764fc3be2baf2ddbdd4f00cd7edd902e36265e7e7bf41d5d0e596f36edf424f5d0417dc4c64e34c53e08d1383eaf5df98a2e17310e487711b7dd881d0894afbb5066cebaa4f10b17b8a25250a84e3957615444e844d8f768e530ced5481059f1c964d07663d5fde6fc138856cfdd74786309e4743869889e30f5600dbce233d8b85620f7e006db61150983c96e74f52c348abd06d571d15baea70e519b0ac7b6802e8c2323cc5b13670a39490da046c29fb2af0af7179e3751e0035d0ff834ce6f9a991b16db1418134d066dd0ee12737c7cf8059a7f943bd6f0e377699b9d87cedfc52eb64888ddc2313f562a885a3d910e3ec163cd3c39d83cec556584c7dda001c6c22c9bccc4388e168a85bdcb1b7ad8150544634a6a05d9124ee7ce02069b066a851662884439f0f1cc4b49d6f051dc5f5a60764561e4d9fe56440b19dc1e5add259c08b0adf0c60ab937375851f90114c15ef299e919673ea316d6893d2092d050fd02f76d39c1e70a2b2858e59860ab72e962c03238e94d623711fd25f832c3e41ba4f0a64d64a782b2c00d908da68220505d199544ef9a4e6a49092ee574eb0a896c416a2586af3c573ddadcf67cb4d32582f2cb423aa5a04c9c15bcaef6cff56da6d6490fc66c80058ea42803aa71e825da99245aba1ca5131db065ef444afad6f5222f1d037bdca16e1ebd47b4d1705d10a126adff2a72cb9c6ca41086318d1ae1a37feb20d9779beba998045476ee354da0a41d897b9a5e6f0155f9b62afde5557ca848c6c49f5bfb5ed94cd41a6c1ed5f2a9b2db20848d9ce99a90fd10f51854bb1ddccb2e76babab93b32371ee7cbb685541500e5059545b9de91bccf30708cde67281a34bd70a6f4bf637f115c551a5ff5b6a8f8d4fe401e3927163571b11e27fe4b0a118c11951b87540f73c23c92b6a883d571b027627b5df75c5127216b64c2379740429ca3a06a832a6d2fd380c5269ae46bf74ca13fa441c6e318b91379feeeda81758dc10478b6837af85ef645073e7fd4296239576c7e249251ef014bbe3dde737b1a1839f4e09c5b106ca850c0c61b5506d779149edbc3d8054ca8240820d7482813126f0c66cf913894a918f56fee8de97fd0aa09229d6f8dc95965c3f123f74c7870e28dd2f1bbb56d898153993c3e2e3af9832da91202c0a497a3b4daf2214b1ce7ca7aa8cfce74b2549e835ab92093fb8288693d09094b83988abdd23b9b6ab3606134a6b6c213a3cae6e4404a592c7b82ad9fc5ddf427ceed5e99e6b865341ec5406015866095e7f6801cd8396065872b6129d221351fdafd30b76e9e8eb8f77fc4646f1c1da029bb447e29764a571925d0c10d638b5a22caee0ee881fe971fa586c804fd39cc7b7955a2d83c3cc8878af70cbb7a77969d4f9c827bd60286e96fd9e502f044f2af0896809dc82cedc423472f79cba6d48cae1276576557bc44b2461b0b80a70d984f737642d68794c428cf0df326b4feef6ae228bbcc6e836813f8adb3a4859568527db08e0dc91a5a38d6c1d21dec82ba9fa89e570518df9c49a6cad28a925fd155ce41b3f574fcd7798beb00da4cd95665c479a42430bc7fa52a9cbda3f73e89244ca8475dc5f9d9c4c66aead1a4a76910633fab14e9b517da5bfa63d03a030db1871165173cf2d1086fd16d268b88ea93145cd7f6b02b203056a360f11900d6504155c84394140ea15e56212e4c9e3cf8227c985e23cafe0dd534302ecfe06482c0a4a7e156fce72ddebdde3a6eeada936790b", 0x2000, &(0x7f0000001000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)={0x78, 0x0, 0xffffffeffffffe00, {0xf0f, 0xfffffffe, 0x0, {0x6, 0xfffffffffffffffb, 0x80000005, 0xfffffffffffffffe, 0x7, 0x7, 0x3, 0xfffff4f0, 0x9, 0x8000, 0x6, r8, r9, 0x1, 0x2}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
fchmodat(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x16f)
lsetxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='system.posix_acl_access\x00', 0x0, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
r10 = socket$inet6_sctp(0xa, 0x5, 0x84)
ioctl$int_in(r10, 0x5452, &(0x7f0000000000)=0xf)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r10, 0x84, 0x6b, &(0x7f0000000380)=[@in6={0xa, 0x0, 0x0, @remote, 0x9}], 0x1c)
recvmsg(r10, &(0x7f00000005c0)={0x0, 0x0, 0x0}, 0x40000102)

8m36.518306002s ago: executing program 3 (id=66):
getpid()
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], 0x0, 0x4, 0x0, 0x0, 0x41100, 0x43, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
move_pages(r0, 0x0, 0x0, 0x0, 0x0, 0x4)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
shmctl$IPC_STAT(0x0, 0x2, 0x0)
syz_open_dev$sndctrl(&(0x7f0000000080), 0x1, 0x88200)
socket$kcm(0x11, 0x3, 0x0)
fsopen(0x0, 0x1)
r3 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_ATOMIC(r3, 0xc03864bc, &(0x7f0000000040)={0x200, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[0x31], 0x4000000000000000, 0xff})

8m34.985636515s ago: executing program 3 (id=69):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x2710, 0x2, 0xeeee0000, 0x2000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x74, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={0x0, 0x0}, 0x28)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000180)='percpu_create_chunk\x00', r4}, 0x18)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r5}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xcc}, 0x48)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000080)={&(0x7f0000000000)=[0x0], 0x1, 0x800, 0x0, <r6=>0xffffffffffffffff})
r7 = syz_genetlink_get_family_id$devlink(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_SB_PORT_POOL_GET(r6, &(0x7f0000000300)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000002c0)={&(0x7f0000000180)={0x124, r7, 0x10, 0x70bd2c, 0x25dfdbfc, {}, [{{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0x4ef1}, {0x6, 0x11, 0x9}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0x42b4}, {0x6, 0x11, 0x647f}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x2}}, {0x8, 0xb, 0x8}, {0x6, 0x11, 0x3ff}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x8d8}, {0x6, 0x11, 0x3ff}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {0x8, 0xb, 0xb}, {0x6, 0x11, 0x8}}]}, 0x124}, 0x1, 0x0, 0x0, 0x40080}, 0x20068040)

8m32.004919111s ago: executing program 3 (id=75):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="44000000090601020000000000000000000000000900020073797a310000000005000100070000"], 0x44}, 0x1, 0x0, 0x0, 0x10000057}, 0x24004044)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_FLUSH(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000300)={0x1c, 0x4, 0x6, 0x201, 0x0, 0x0, {0x1, 0x0, 0x9}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x800)

8m31.816882936s ago: executing program 3 (id=77):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYRES64=r0, @ANYRES16=r0, @ANYRES64=r0, @ANYRES32, @ANYBLOB="0800200010000000080013"], 0x60}, 0x1, 0x0, 0x0, 0x24000040}, 0x810)
syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xffffffff}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(r4, 0x84, 0x1b, 0xffffffffffffffff, &(0x7f00000001c0)=0x19)
socket$alg(0x26, 0x5, 0x0)

8m16.458630687s ago: executing program 32 (id=77):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYRES64=r0, @ANYRES16=r0, @ANYRES64=r0, @ANYRES32, @ANYBLOB="0800200010000000080013"], 0x60}, 0x1, 0x0, 0x0, 0x24000040}, 0x810)
syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xffffffff}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(r4, 0x84, 0x1b, 0xffffffffffffffff, &(0x7f00000001c0)=0x19)
socket$alg(0x26, 0x5, 0x0)

7m24.739071s ago: executing program 2 (id=191):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x10, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)=ANY=[@ANYBLOB="840000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="00300000000000005400128009000100766c616e000000004400028006000100000000000600050081000000280003803900010006000000090000000c00010000040000000000008dff010040000000060000000600050088a8000008000a00", @ANYRES32, @ANYBLOB="080005"], 0x84}, 0x1, 0xba01}, 0x0)

7m23.105627498s ago: executing program 2 (id=195):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
close(r0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
recvmmsg(r0, 0x0, 0x0, 0x40002000, 0x0)
sendmsg$IPSET_CMD_TEST(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0xb, 0x6, 0x801, 0x0, 0x0, {0x5, 0x0, 0x8}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20068000}, 0x40)

7m21.657690855s ago: executing program 2 (id=197):
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x1, 0x12, 0xffffffffffffffff, 0xcf8ee000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f0000000040)={0x0, &(0x7f00000002c0), 0x0, 0x0})
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000b80)=ANY=[@ANYBLOB="c0110000190001000000000000000000e00000020000000000000000000000000000000000000000000000000000000000000000000000000a00000011000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fbffffffffffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000008001e008000000008001f0001"], 0x11c0}}, 0x20004800)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="b80000001500"], 0xb8}}, 0x0)
r3 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000100)=ANY=[], 0x0)
syz_usb_control_io$hid(r3, 0x0, 0x0)
syz_usb_control_io(0xffffffffffffffff, &(0x7f00000001c0)={0x2c, &(0x7f0000000040)=ANY=[@ANYBLOB="000706000000ff0309"], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(r3, &(0x7f0000000340)={0x24, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="00220508"], 0x0}, 0x0)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
r7 = socket$igmp(0x2, 0x3, 0x2)
ioctl$SIOCGETSGCNT(r7, 0x89e1, 0x0)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, 0x0, 0x0, 0x2, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$IPVS_CMD_GET_SERVICE(r8, &(0x7f00000003c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r9, 0x300, 0x70bd25, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_DAEMON={0x18, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @private0}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000001}, 0x800)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r10, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)

7m17.796404253s ago: executing program 2 (id=203):
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000015c0)={&(0x7f0000001480)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x5}, {0x0, [0x5f, 0x61, 0x5f]}}, 0x0, 0x1d, 0x0, 0x1}, 0x28)

7m17.554969934s ago: executing program 2 (id=204):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42f82, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec850000007500000004"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = accept4$llc(0xffffffffffffffff, &(0x7f0000000100)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @local}, &(0x7f00000003c0)=0x10, 0x80800)
connect$llc(r5, &(0x7f0000000400)={0x1a, 0x307, 0x6, 0xb, 0x1, 0x10, @remote}, 0x10)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
ioctl$SNDCTL_SEQ_RESET(0xffffffffffffffff, 0x5100)
socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = syz_open_dev$video(&(0x7f0000000040), 0xa7, 0x0)
ioctl$VIDIOC_S_FMT(r6, 0xc0d05605, &(0x7f00000002c0)={0x1, @pix={0x0, 0xe55, 0x33565348, 0x9, 0x0, 0x0, 0x0, 0xfeedcafe, 0x3, 0x8}})
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000640)=@allocspi={0x158, 0x16, 0x1, 0x0, 0x0, {{{@in6=@loopback, @in=@broadcast, 0x0, 0x0, 0x0, 0x8}, {@in=@dev, 0x0, 0x6c}, @in6=@ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}}, 0x0, 0x7fff}, [@replay_esn_val={0x1c, 0x17, {0x0, 0x70bd2b, 0x70bd28, 0x70bd29, 0x70bd2b, 0x36405ff2}}, @tmpl={0x44, 0x5, [{{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x4d2, 0x3c}, 0xa, @in=@multicast1, 0x3503, 0x1, 0x2, 0x4, 0x0, 0x7, 0x7ff}]}]}, 0x158}}, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$SO_ATTACH_FILTER(r8, 0x1, 0x1a, &(0x7f0000000040)={0x2, &(0x7f0000000140)=[{0x40, 0xfd, 0x2, 0x100}, {0x6, 0x6, 0x6, 0x3}]}, 0x10)
sendmsg$NFT_BATCH(r8, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000000000000000000200000a20000000000affffffffffffff920000070000060900010073797a300000000014000000020a01020000000000000000000000001400"], 0x5c}, 0x1, 0x0, 0x0, 0x800}, 0x8810)
ioctl$SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f0000000040)=0x7)

7m14.924493273s ago: executing program 2 (id=206):
syz_usb_connect(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="130100002add1e20ef050a023691010203010902240001000000000904000002ea1998000905a6a700000000000905", @ANYRES16], 0x0)
r0 = openat$binfmt_register(0xffffff9c, &(0x7f0000000240), 0x1, 0x0)
write$binfmt_register(r0, &(0x7f0000000280)={0x3a, 'syz3', 0x3a, 'E', 0x3a, 0x80000000, 0x3a, '#$\xd8.}', 0x3a, '^,.', 0x3a, './file0', 0x3a, [0x46, 0x4f]}, 0x31)
r1 = socket$inet(0x2, 0xa, 0x0)
r2 = socket(0x200000000000011, 0x4000000000080002, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'lo\x00', <r4=>0x0})
bind$packet(r2, &(0x7f0000001100)={0x11, 0x4, r4, 0x1, 0x5, 0x6, @multicast}, 0x14)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f0000000ac0)={'tunl0\x00', &(0x7f0000000b80)={'ip_vti0\x00', r4, 0x8, 0x7800, 0x101, 0x2ef, {{0x1f, 0x4, 0x2, 0x35, 0x7c, 0x64, 0x0, 0x1, 0x2f, 0x0, @remote, @rand_addr=0x64010100, {[@generic={0x88, 0x9, "12f0020f12cfdd"}, @ra={0x94, 0x4}, @timestamp={0x44, 0x8, 0xc7, 0x0, 0x7, [0x6]}, @timestamp_prespec={0x44, 0x44, 0xa4, 0x3, 0x0, [{@private=0xa010100, 0x5}, {@local, 0xdba7}, {@loopback, 0x5}, {@remote, 0x8}, {@remote, 0x3}, {@local, 0x85}, {@remote}, {@multicast2, 0xc49}]}, @ssrr={0x89, 0x7, 0x74, [@private=0xa010101]}, @timestamp={0x44, 0x8, 0x12, 0x0, 0x6, [0xe69]}]}}}}})
syz_usb_connect$cdc_ncm(0x1, 0xfffffd22, &(0x7f00000000c0)={{0x12, 0x1, 0x200, 0x2, 0x0, 0x0, 0x10, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x81, 0x2, 0x1, 0x1, 0x10, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0xb, 0x24, 0x6, 0x0, 0x1, "19a352cf18cf"}, {0x5, 0x24, 0x0, 0x9}, {0xd, 0x24, 0xf, 0x1, 0xfffffffb, 0x2, 0x0, 0x1}, {0x6, 0x24, 0x1a, 0x54, 0x28}, [@country_functional={0xc, 0x24, 0x7, 0x6, 0xfffd, [0x40, 0x1, 0x805]}, @mbim={0xc, 0x24, 0x1b, 0x9, 0x7ec, 0x3, 0xa1, 0x8, 0x10}, @network_terminal={0x7, 0x24, 0xa, 0x66, 0x3, 0xf8, 0x8}]}, {{0x9, 0x5, 0x81, 0x3, 0x200, 0xf8, 0x39}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x40, 0xa1, 0x0, 0x8}}, {{0x9, 0x5, 0x3, 0x2, 0x3bf, 0x1, 0x7, 0x4}}}}}}}]}}, &(0x7f0000000380)={0xa, &(0x7f0000000000)={0xa, 0x6, 0x200, 0x2, 0x81, 0x2, 0x20, 0x3}, 0x43, &(0x7f00000004c0)={0x5, 0xf, 0x0, 0x6, [@ptm_cap={0x3}, @ss_container_id={0x14, 0x10, 0x4, 0x7, "1063e2baddbe713ffae28514e8be0d26"}, @ss_cap={0xa, 0x10, 0x3, 0x2, 0x8, 0xff, 0x24, 0x6}, @generic={0x0, 0x10, 0xa, "c9b6c73df9a19540fd3a4e14671798e40993413240d7b68691bb5b4647993e71ac12817bd34d8a7a50aeb97b69511c8b98f7d97ba1a3717d8720c2398055eab78919a38062029786c8cad09831fce487418c235ce9525df35adfe313b97f7f39a647c5c35ddb1cd5a9635da2acda56051b91a36434fa8ab0e2eb6e0b0f35938ebe82a89e234e4affe23adf406084c1a84ffac878875a23a4f52e177f3e3e15c7e20c8a40fadbd2660b1a7b18ab399ba96412441f660f054305d0"}, @wireless={0x0, 0x10, 0x1, 0x4, 0xa0, 0x1, 0x0, 0x1, 0x9}, @ssp_cap={0x10, 0x10, 0xa, 0x0, 0x1, 0x1, 0xf00f, 0x7f, [0x3f00]}]}, 0x4, [{0x4, &(0x7f0000000040)=@lang_id={0x4, 0x3, 0x446}}, {0x4, &(0x7f0000000200)=@lang_id={0x4, 0x3, 0x443}}, {0x4f, &(0x7f0000000240)=@string={0x4f, 0x3, "cc4246132b1913a341076053534b80bca064a2537b546b98a51edf39891ae38fbcb19eae96b2e9254e6f3c5ea34ceffc2f41df0ac7a06851b8f894109e87b8b832cffd5aa6a97e86d989a7dc1a"}}, {0x8d, &(0x7f00000002c0)=@string={0x8d, 0x3, "03b1e44cbfbb05737686db044ad02f0e9311250ab03fea1845bd6125496f92151cd9915bfadcde18db2ff1441e549a7cc168c6a7f75ab79970dff35c6f158c301d1a4863d7f4ea978f18114d52f595b70f7c440b0329c58412574bb413c19adb6725126f35de5fd63d417b42c54145ff3b076a3ec360db3009e1eae684f010ee76d2af19a4ff038f4b435b"}}]})
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
r6 = fsopen(&(0x7f0000000000)='ubifs\x00', 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000040)={'tunl0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x0, 0xfffffffe, {0x0, 0x0, 0x0, r8, {0x0, 0xb}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_pie={{0x8}, {0x14, 0x2, [@TCA_PIE_ECN={0x8}, @TCA_PIE_BYTEMODE={0x8}]}}]}, 0x40}}, 0x4000010)
timer_create(0x3, 0x0, &(0x7f0000044000)=<r9=>0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000022020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x27, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r11 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='task_newtask\x00', r10}, 0x18)
r12 = dup2(r11, r10)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000200)={r12, r10, 0x4, r10}, 0x10)
timer_settime(0x0, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
rt_sigprocmask(0x0, &(0x7f0000000040)={[0xfffffffffffffffb]}, 0x0, 0x8)
timer_settime(r9, 0x1, &(0x7f0000040fe0)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
fsconfig$FSCONFIG_SET_STRING(r6, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0)
r13 = openat$sw_sync_info(0xffffffffffffff9c, &(0x7f0000000a40), 0x480000, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r13, 0xc0189373, &(0x7f0000000a80)={{0x1, 0x1, 0x18, r0, {0x3}}, './file0\x00'})
sched_setscheduler(r5, 0x6, &(0x7f0000000400)=0x8)

6m59.362737294s ago: executing program 33 (id=206):
syz_usb_connect(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="130100002add1e20ef050a023691010203010902240001000000000904000002ea1998000905a6a700000000000905", @ANYRES16], 0x0)
r0 = openat$binfmt_register(0xffffff9c, &(0x7f0000000240), 0x1, 0x0)
write$binfmt_register(r0, &(0x7f0000000280)={0x3a, 'syz3', 0x3a, 'E', 0x3a, 0x80000000, 0x3a, '#$\xd8.}', 0x3a, '^,.', 0x3a, './file0', 0x3a, [0x46, 0x4f]}, 0x31)
r1 = socket$inet(0x2, 0xa, 0x0)
r2 = socket(0x200000000000011, 0x4000000000080002, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'lo\x00', <r4=>0x0})
bind$packet(r2, &(0x7f0000001100)={0x11, 0x4, r4, 0x1, 0x5, 0x6, @multicast}, 0x14)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f0000000ac0)={'tunl0\x00', &(0x7f0000000b80)={'ip_vti0\x00', r4, 0x8, 0x7800, 0x101, 0x2ef, {{0x1f, 0x4, 0x2, 0x35, 0x7c, 0x64, 0x0, 0x1, 0x2f, 0x0, @remote, @rand_addr=0x64010100, {[@generic={0x88, 0x9, "12f0020f12cfdd"}, @ra={0x94, 0x4}, @timestamp={0x44, 0x8, 0xc7, 0x0, 0x7, [0x6]}, @timestamp_prespec={0x44, 0x44, 0xa4, 0x3, 0x0, [{@private=0xa010100, 0x5}, {@local, 0xdba7}, {@loopback, 0x5}, {@remote, 0x8}, {@remote, 0x3}, {@local, 0x85}, {@remote}, {@multicast2, 0xc49}]}, @ssrr={0x89, 0x7, 0x74, [@private=0xa010101]}, @timestamp={0x44, 0x8, 0x12, 0x0, 0x6, [0xe69]}]}}}}})
syz_usb_connect$cdc_ncm(0x1, 0xfffffd22, &(0x7f00000000c0)={{0x12, 0x1, 0x200, 0x2, 0x0, 0x0, 0x10, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x81, 0x2, 0x1, 0x1, 0x10, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0xb, 0x24, 0x6, 0x0, 0x1, "19a352cf18cf"}, {0x5, 0x24, 0x0, 0x9}, {0xd, 0x24, 0xf, 0x1, 0xfffffffb, 0x2, 0x0, 0x1}, {0x6, 0x24, 0x1a, 0x54, 0x28}, [@country_functional={0xc, 0x24, 0x7, 0x6, 0xfffd, [0x40, 0x1, 0x805]}, @mbim={0xc, 0x24, 0x1b, 0x9, 0x7ec, 0x3, 0xa1, 0x8, 0x10}, @network_terminal={0x7, 0x24, 0xa, 0x66, 0x3, 0xf8, 0x8}]}, {{0x9, 0x5, 0x81, 0x3, 0x200, 0xf8, 0x39}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x40, 0xa1, 0x0, 0x8}}, {{0x9, 0x5, 0x3, 0x2, 0x3bf, 0x1, 0x7, 0x4}}}}}}}]}}, &(0x7f0000000380)={0xa, &(0x7f0000000000)={0xa, 0x6, 0x200, 0x2, 0x81, 0x2, 0x20, 0x3}, 0x43, &(0x7f00000004c0)={0x5, 0xf, 0x0, 0x6, [@ptm_cap={0x3}, @ss_container_id={0x14, 0x10, 0x4, 0x7, "1063e2baddbe713ffae28514e8be0d26"}, @ss_cap={0xa, 0x10, 0x3, 0x2, 0x8, 0xff, 0x24, 0x6}, @generic={0x0, 0x10, 0xa, "c9b6c73df9a19540fd3a4e14671798e40993413240d7b68691bb5b4647993e71ac12817bd34d8a7a50aeb97b69511c8b98f7d97ba1a3717d8720c2398055eab78919a38062029786c8cad09831fce487418c235ce9525df35adfe313b97f7f39a647c5c35ddb1cd5a9635da2acda56051b91a36434fa8ab0e2eb6e0b0f35938ebe82a89e234e4affe23adf406084c1a84ffac878875a23a4f52e177f3e3e15c7e20c8a40fadbd2660b1a7b18ab399ba96412441f660f054305d0"}, @wireless={0x0, 0x10, 0x1, 0x4, 0xa0, 0x1, 0x0, 0x1, 0x9}, @ssp_cap={0x10, 0x10, 0xa, 0x0, 0x1, 0x1, 0xf00f, 0x7f, [0x3f00]}]}, 0x4, [{0x4, &(0x7f0000000040)=@lang_id={0x4, 0x3, 0x446}}, {0x4, &(0x7f0000000200)=@lang_id={0x4, 0x3, 0x443}}, {0x4f, &(0x7f0000000240)=@string={0x4f, 0x3, "cc4246132b1913a341076053534b80bca064a2537b546b98a51edf39891ae38fbcb19eae96b2e9254e6f3c5ea34ceffc2f41df0ac7a06851b8f894109e87b8b832cffd5aa6a97e86d989a7dc1a"}}, {0x8d, &(0x7f00000002c0)=@string={0x8d, 0x3, "03b1e44cbfbb05737686db044ad02f0e9311250ab03fea1845bd6125496f92151cd9915bfadcde18db2ff1441e549a7cc168c6a7f75ab79970dff35c6f158c301d1a4863d7f4ea978f18114d52f595b70f7c440b0329c58412574bb413c19adb6725126f35de5fd63d417b42c54145ff3b076a3ec360db3009e1eae684f010ee76d2af19a4ff038f4b435b"}}]})
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
r6 = fsopen(&(0x7f0000000000)='ubifs\x00', 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000040)={'tunl0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x0, 0xfffffffe, {0x0, 0x0, 0x0, r8, {0x0, 0xb}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_pie={{0x8}, {0x14, 0x2, [@TCA_PIE_ECN={0x8}, @TCA_PIE_BYTEMODE={0x8}]}}]}, 0x40}}, 0x4000010)
timer_create(0x3, 0x0, &(0x7f0000044000)=<r9=>0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000022020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x27, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r11 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='task_newtask\x00', r10}, 0x18)
r12 = dup2(r11, r10)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000200)={r12, r10, 0x4, r10}, 0x10)
timer_settime(0x0, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
rt_sigprocmask(0x0, &(0x7f0000000040)={[0xfffffffffffffffb]}, 0x0, 0x8)
timer_settime(r9, 0x1, &(0x7f0000040fe0)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
fsconfig$FSCONFIG_SET_STRING(r6, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0)
r13 = openat$sw_sync_info(0xffffffffffffff9c, &(0x7f0000000a40), 0x480000, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r13, 0xc0189373, &(0x7f0000000a80)={{0x1, 0x1, 0x18, r0, {0x3}}, './file0\x00'})
sched_setscheduler(r5, 0x6, &(0x7f0000000400)=0x8)

6m8.782951618s ago: executing program 1 (id=355):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
r2 = socket$inet6(0xa, 0x1, 0x84)
setsockopt$inet6_int(r2, 0x29, 0x1a, 0x0, 0x0)
sendto$inet6(r2, &(0x7f00000002c0)='\x00', 0x1, 0x0, 0x0, 0x0)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = memfd_create(&(0x7f0000000340)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xd9\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00', 0x3)
fcntl$addseals(r3, 0x409, 0x7)
ioctl$FS_IOC_RESVSP(r3, 0x40305828, &(0x7f0000000040)={0x0, 0x1, 0x8, 0x9})
r4 = socket$inet_smc(0x2b, 0x1, 0x0)
r5 = syz_io_uring_setup(0x10d, &(0x7f0000000540)={0x0, 0xd4bb, 0x0, 0xfffffffd, 0x200000}, &(0x7f0000000380)=<r6=>0x0, &(0x7f0000000280)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x80800})
listen(r4, 0x5)
io_uring_enter(r5, 0x3517, 0xc2de, 0x9, 0x0, 0x300)
r8 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r9 = getpid()
sched_setscheduler(r9, 0x2, &(0x7f0000000200)=0x7)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, 0xffffffffffffffff, 0x10000000000)
ioctl$BINDER_WRITE_READ(r8, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000580)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)

6m7.722818768s ago: executing program 1 (id=362):
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0xa00, 0x0)
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x8480, 0x0)
ioctl$TCSETSW2(r0, 0x5453, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
r2 = socket(0x2, 0x80805, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
syz_usb_connect$uac1(0x0, 0xa4, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a24010000000201020c0d2407000005000000000000000c240000e9fffff5ffffffff092403f3ff000005024524", @ANYRES8=r3, @ANYBLOB="05", @ANYRES16=r3, @ANYRES64=r3], 0x0)
sendmmsg$inet(r2, &(0x7f0000000440)=[{{&(0x7f0000000280)={0x2, 0x4e22, @private=0xa010101}, 0x10, &(0x7f0000000980)=[{&(0x7f0000000200)="9c", 0x1}], 0x1}}, {{&(0x7f0000000080)={0x2, 0x4e22, @rand_addr=0x64010101}, 0x10, &(0x7f0000000180)=[{&(0x7f00000000c0)="99", 0x1}], 0x1}}], 0x2, 0x48000)
dup2(r1, r2)

6m2.849742445s ago: executing program 1 (id=366):
r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x8801, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000100)={0x400, 0x0, 0x0, 0x360, 0xbbba, 0x0, 0x18, 0x0, {0x80000, 0x0, 0xfffffffe}, {0xc, 0xfffffffe, 0xfffffffe}, {0x0, 0xffff0000}, {0x6, 0x20001}, 0x0, 0x3f0, 0x0, 0x4d613, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x1})

6m2.836154276s ago: executing program 1 (id=367):
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x1fd, 0x1, 0x0, 0x2000, &(0x7f0000bd3000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4048aecb, &(0x7f0000000000))
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0xf0)

6m2.56567162s ago: executing program 1 (id=369):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000940)={0x0, 0xffffffffffffff9c, &(0x7f0000002100)=[{&(0x7f0000000000)="d800000010008104687da3aa7143a0b8c81d080b25000000e8fe55a11800150006001400000000120800030043000040a8002b000a00034006000dc3036010fab94dcf5c046109d67f6f94007134cf6ee08000a0e408e8d8ef52a9d7c7c0b7a196e6f66112c88a2ddddbbb219c6c09136dd481c417898516277ce06bbace80177ccbec4c2ee5a7cef4260027836b0d17a58af5d6d93424841f468430dfe1d9d322fe7c0aaa16b8ddc64193071e9f8775730d16a4683f7a5025ccc89e00360db70100000040fad95667e006dcdf63951f215ce3bb14feb9f5", 0xd8}], 0x1}, 0x20000080)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r2=>0x0})
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000000), r3)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r3, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)={0x14, r4, 0x5, 0x70bd26, 0x0, {0x22}}, 0x14}}, 0xc094)
sendmsg$NL80211_CMD_CONTROL_PORT_FRAME(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)={0x50, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_CONTROL_PORT_ETHERTYPE={0x6, 0x66, 0x888e}, @NL80211_ATTR_FRAME={0x20, 0x33, @data_frame={@msdu=@type10={{0x0, 0x2, 0x7, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1}, {0x9}, @random="589733b902f1", @broadcast, @device_b, {0x2, 0x500}, "", @void, @value=@ver_80211n={0x0, 0xdf, 0x2, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}}, @a_msdu}}]}, 0x50}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)

6m2.273442388s ago: executing program 1 (id=371):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
prlimit64(0x0, 0xe, 0x0, 0x0)
r2 = getpid()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000009c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x94)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x82042, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x1)
ioctl$KVM_SET_MSRS(r8, 0x4008ae89, &(0x7f00000001c0)=ANY=[@ANYBLOB="0100000000000000f3000040"])
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, 0x0, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000840)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r9}, 0x10)
r10 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r10, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @dev={0xfe, 0x80, '\x00', 0x38}, 0x7}, 0x1c)
sendmmsg$inet6(r10, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4000000)
r11 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r12=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r12, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0xd, 0xfffffffb, 0x7fffefff}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x20040084)
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000940)=@newqdisc={0x148, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r12, {0x3}, {}, {0x2, 0x1}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x118, 0x2, [@TCA_GRED_STAB={0x104, 0x2, "0d767b344a4107111e7e642d07ae014c02021bf9ea748c446391894699ec720ff9827531e9b3340038d7a0916c5984381baee6cd3a24fa9327dfcad6fa7c5135531ac295b264596f6d3e857f152d0b7083fb07acdfabd1324a0014a096078ac9c249f66d2af98841b65c33dc69677149a24390411bda91281cd201379858f2fcca40d86f69ed5fc1d5674c90eccc7818ecfcb9e0418db476b3beb17e7a33795eaaf955a98da4290b20627cd3c3edb40de32380fc7781ce8bc43a77a459d826255142030193a40d8f3b2ce6909a57c5bea695b7699c7a393ef756b8ce29f84499994a1138f4be3eea8583115628cedb67fee1eada59655f2b9d67580e94534bc7"}, @TCA_GRED_DPS={0x10, 0x3, {0x0, 0xd, 0x1, 0x8}}]}}]}, 0x148}, 0x1, 0x0, 0x0, 0x480d8}, 0x4000000)

5m46.927673836s ago: executing program 34 (id=371):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
prlimit64(0x0, 0xe, 0x0, 0x0)
r2 = getpid()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000009c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x94)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x82042, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x1)
ioctl$KVM_SET_MSRS(r8, 0x4008ae89, &(0x7f00000001c0)=ANY=[@ANYBLOB="0100000000000000f3000040"])
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, 0x0, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000840)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r9}, 0x10)
r10 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r10, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @dev={0xfe, 0x80, '\x00', 0x38}, 0x7}, 0x1c)
sendmmsg$inet6(r10, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4000000)
r11 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r12=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r12, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0xd, 0xfffffffb, 0x7fffefff}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x20040084)
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000940)=@newqdisc={0x148, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r12, {0x3}, {}, {0x2, 0x1}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x118, 0x2, [@TCA_GRED_STAB={0x104, 0x2, "0d767b344a4107111e7e642d07ae014c02021bf9ea748c446391894699ec720ff9827531e9b3340038d7a0916c5984381baee6cd3a24fa9327dfcad6fa7c5135531ac295b264596f6d3e857f152d0b7083fb07acdfabd1324a0014a096078ac9c249f66d2af98841b65c33dc69677149a24390411bda91281cd201379858f2fcca40d86f69ed5fc1d5674c90eccc7818ecfcb9e0418db476b3beb17e7a33795eaaf955a98da4290b20627cd3c3edb40de32380fc7781ce8bc43a77a459d826255142030193a40d8f3b2ce6909a57c5bea695b7699c7a393ef756b8ce29f84499994a1138f4be3eea8583115628cedb67fee1eada59655f2b9d67580e94534bc7"}, @TCA_GRED_DPS={0x10, 0x3, {0x0, 0xd, 0x1, 0x8}}]}}]}, 0x148}, 0x1, 0x0, 0x0, 0x480d8}, 0x4000000)

5m24.476228304s ago: executing program 0 (id=426):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x4, 0x8, &(0x7f0000000d80)=ANY=[@ANYBLOB="1800000000000000000000000000000018020000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000d000000b70000000000000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x33, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(serpent)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, 0x0, 0x0)
r2 = accept4(r1, 0x0, 0x0, 0x0)
sendmmsg(r2, &(0x7f00000032c0)=[{{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f00000002c0)="a64972b7b7e146a7911571bb59f0e94f352e26cb1786147ec409747c16e647c39544ddc94ae86f22df3c699017a2bff17e0417aa3bc0aed51580366fb5e84c6aeceb3a45ed1f79616a7ee291f89da8339eae2ca85073cd6376fad3089ffd2e60aec5f2b70ca6e4e12965766bbd36d1271eda8a0079e4bfdcd7f6b032b9fc17d49bc0163bd545223488899f0e79b328b6759baf040c49a8901911ba619f3672a770401ee2397f383588220761a10123e504e9fb1fe07ac2a8e27aafd72853", 0xbe}, {&(0x7f00000003c0)="f269333e13140d47714b000638df33125e5b3dccfb572915780003f3d437f9f705e6c98eae5299a4df5902f172cc7e9ba29b0e5e649c6faf6674f9a924e3310643b39b32d1add6930c84b2b29c2c8d74f3efeb2e51c564d7fb56884c5b6b849b02788855bb285c23b909b459b91dfd4ae9c132e281df2ea04e87608b085f56091d7752522b7e536d4dfc312cf1e7d1ada9d4d90cc2ed987e92557c55d0c0c5c45c788a8331f0635de61db15340db49de434ae16e90b742cdbc756078912163ad464345", 0xc3}], 0x2}}, {{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000680)="f17e05ed42b2ade17bc46bbdb73da4b6b4185b9e3856a6be940e023316ec5a84df9833fcec19c3bb3d6806ae728e4911a564640832e9cbbf17eeb333e6c6f4fefe590c3e6ea76ff29f8a218627101c67495201c56b231b4539f0d84e57c765786668f8e97268f1ffe5c8434e833c4e76dbce593b407c2104940eec4513ef2ef9583b8b5cb0d6672752102a5a60fb0cc9b53103411bd974c217abed966ddae688e87e8ceab75d17baa015b2ccc9cefc9bddec29be324cd6532fdc242b9533f351bc0ead2380", 0xc5}], 0x1}}, {{0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000800)="8c1262634f1c44c6418418cf99e0eff3c5350c", 0x13}, {&(0x7f0000000840)="64269006905ca982f480ed11fa65fcb35a405af7645af3aac5d2ab51a6dd856ea805a2f9bf0c501388a0afa0d52c0428dd8b4c5d56f6fb925c7bdd09a1a8", 0x3e}], 0x2}}, {{0x0, 0x0, &(0x7f00000030c0)=[{&(0x7f0000001e80)="ff4bce4e73e7dffa6c4153ab37d4f00de8458ea027168751b5990bbdf8962fc1a1901fd21b5e9d883e37e27c758b3cc7923c24b1a594d68e398c846735187df64915007378b4f2854f525b4c411ff63139e5a0a2be9e6a262438571da986f21d38967cf1da00d662d6a6a1d65cde1dcd28b8d6a845b7de7c3ec07f5e3d0b55decb611772573339cd8eb523df9d7d8a408156f4", 0x93}, {&(0x7f0000001f40)="3082fcef788d357461ced050ec191da01920c1172ae5eb78d1bf17410d3b3955f61be944e04a91c9553e5e4d0d0d99ef6489432b4ee199c3821dfb2015e68ae8d0bfd01d73b3086205172176be6f", 0x4e}, {&(0x7f00000008c0)="504ce849def6a3ace420f3b13a1f860fb6d5db7ee1d8ce497789fadd", 0x1c}, {&(0x7f0000001fc0)="80a38f246fff25b54a6cf1eb9048d4902316398c6d2d9f4fd16918cf4d21ac16396c8426411e6140efbed8b7d545e2f6275cb4aedbf16721a5ff9782277cc522d64ac6f890f0ba56f20361b248c99172f5531110595237aa4fa310d47ea7910f46f1b94a3ea2c6de7b04f5e197935e911813b16296e1fc999cf0b6bea9bf4f8decd9ee83c1a2a723d37447881f785c9d0877f2791074e7e05e762a63dab96450999331846fb967da0748b0671e1ce72ed526196d9bc539319cd4fda19e67ce9a874fb7fab8bd3b56f19c1f64bb4fba0ca753de15447bc62c0b1b9ed60286ab45654bc783340acf5f81ccddf1e9e4f6a3", 0xf0}, {&(0x7f00000020c0)="216fe9fa51673f6ca656034566ebe872ae001c39570dad809200c67c3decb5f271f66e85eb8287e8bea0ac9ebb7bb99aefd52ed5e3040e63790669b322378eeb6e4ec20c3910d0e7578e44268bce7e9d5d8e0312fa21f0cde5f50e5bc08e179d722f65e1c73f379101d95e51e3288e5fcf08ef81f94cdfc3e3f0dc441a4d7dd335bfcadf8d71b729a6872b6aedcba5971998ae5ef2e3b1f129365eb1d5dd3f353bc5e098d85db814e947bee283c240cf102296670518f5f31b3eda90c6263f3407e04dd73403bf1e59add6fa636c96a677aba71a18fdfeeb6ff9d1a09b283c73969736477cd74891023f0a803c0997cb6c4ab9dc94fc5c08b8f3a3a0cb077d75ac6facdb8f76c3da192a3edb128c87b715b3383e38b0b44d7a404668cfa917365448c39f56522ec3671ce9963c0d0a28a57959749c0df846580c42daef07640279e679e6e382aef623adead6ec76dc51135e193bb91e31c498771453dd60a9fcbb91ba8a8a841bcef9af46ffdc641e3c0d71551a2b343023224aaeee74f9621acdfca73e536264af10049df37d87d2a41554210bcf4b4a6ffeeb6a2291497f53730affd003f17a3418a5fc80881fa337c62b80378bdbbe6a5cb3d831d7d7d45128625a41b6a928c972c3d0ead7b8e08a73aaa72b5239f8a1b6ec0b6712771df93d59a741b608b3bc952e495f8d7517c034393e591af01ed1b17a9ba888b4fb10dbe132993b0b27c0e37157f3395f3801e465d687e2d8262bf835116cb139a6f553daec6adb0cad56ebe10ee1ef1e6112ef11841991f372937fb7d7f53e8feb1f6d213f8580b8accf48deb7883f3acfe73783b5d868af609fdf08a38d1ac441fec0fc586ba3f88bd71a9cbd7b3fc6d258fcd7ca12973705adcebf2c83ec92568f327cf7419db31defc3cee9696a2d9451f0fcd28a4362c5ddb679b7c02a0b7240f3d7605b1b9f32a1fd4312f5f00fe6dce2771dfaf1f4bf602a2701bc0fa0bd16662b0d4876c36dc043bb04bc596637a35918e4538e966c0cba4e07eb38558b154a3e89349d0a629e28e156f932b70e3691ecb7992468f9dcf3f3e01e3ccdab528515d217b6d20508186f5d1e6ac9830c33724837b131fe43febd021e1a789340e2313d0b8aa1f77fd8cf3075d947df1da0faf40467d9f81c4fbc82aa092c92f8a9265800f1da8574d2893714fed55a586926fed382dcc064c2eb7e8390bcaf7b56e45e444f2c8a79c91ee4b61aa17b56b1f93b901b5846051761048c2556fd27a0c0772165c6fb6dcab7566891f6bbfc098cf1944e96f975fb06a8d871cf300d3769e2b50df158e98aa050a436075d869f0d1319794c63cb181296ef569a0ca16e9d01a77f0dc2b8107026de202ddcca87bc46397ca7e68f0bf2aa79b6bb8104a0005638b5f3457c10574284720af9a16a6c495880e779618a9204e842b20b814191bcbb8b9f9d1182ef73683de004717e054c5df2753d62bcf1a034f63e1aac6f8db3fee0dafa7006cea8d9d6fa0207ea895d90448343ad6ce43643ecf6401c76483cab0d1a968d4b991c101f21edc632e87f73f110ab36ee6e31bfc9fae636399bbf39dea99ca3d61adfb7e2c8be93e12d6b401d765783aeda8b95efc097cf319e64169dc8ae32e72642f4ab8668ed3824da0815d8597a24a2ad95f77d15291d4811714dfb654253b38ee81240b66790ed424b656d9038f22e2e6b6977051e83f778b61205247e67d68dd5b529f2097938b099df85bb91783cf4137077bc0f477ffde3ec9a97a95ef45c15a64a0d7100728b9a9a7bd1fbf6c8176c90e54bed79cac764f7b38977a49c88f5f8298feef95e8caeaf4affc73983ac8308faf76b9c8c4ec2215f35811dc0aefa9a2de273c454e142954de6b4bf0db9e02e62104d4574befa9aa7216b8fc3dd69fbfb2dd1092ee2601406f78a812bb759ddca7472db04ff3646f618c4a54b8d9c894d061aa881d3716addec9a61d839fa307509a0c41e38f6e214f62f52de5064dccede37ca26a2ccf095e4feee69d04c203d7f12139025cbe29a4c2c045cb7ab6b52d57f501c1c934d0d60282dd2361ea5c2bc0d4cef329177efe65a56d6e4480ce5ceb618be88940f590a3cdf6c62b22cb35092c9f15a155fdaf28649cea5850a2c73c59b38144c79e60f92b006cdcee4d65844dbe328998cf3655c9c476d4e73ed6beafb8de441b15b7ea28a3a8cde8f04cbfd8bfa050bbc720210376062cdb0e5c57e27e3c5cb6a07ef4173c83964b61c3182741b8c9635dbc9f60c01922ceb28047ab98ecc3fe11408acfe93ac201b077d6e62c6ea6dffb118797af594f539e13cf3782761f2ac8358d4b5468083dba3f975a75c80b34b654ef2690ab110f5337df42a21af7d7a25c1621388223c5b1ceb558006d1b0e7872330970b79f06e0d03b1fb930417db8ed13b9b351b80a651890e1b1055fb3de9b136420d8a18e763559e3ab8304f07ce729535e26cd309a3b4ff547cd5255cbd8bf16222600d3995a088b7a3f96fedb9551729f6639d021f55910eada96147de2862463eefe00e9b3ee9311e2f8d071c2b588acab2d6c5790beee17444f746d5d9e67817104208810e45363b93e59078037b4d2c73d2446df40dfe25c6b16501b14d36d0dde0afc38d32f5ffb6271206d7c0be246e221136167e4580f3c4f26b8cac488788a449aaf576ccef7499b7ff7851fd26789df0314cd97fc7ea8251e104769563401bb0bd17bec9889e1600321a0e0023ebdf730580c268e91c49249c915026f1f11d3888eef4846266e6b7de11a55b4f6457bae280dfb5fac94a0df452768729d2a5ceac6b3290ef81c0d82984130e7c07ba8ef0041abd73af1263fdfec574854648a2e8db7e25f748c6bb41bc7a5b326f814ab9a8b319dd6fdc0a3ae65973e0a2cfefd89fa5ad2a40f76fa70656357c5d94a2cba88ad863b0a67ded77822e6f13bfbb943024ad6a0853505111b953daca3df55814d8369051f3c083fe4c4af2b17dffb8338f451271409874946154039ec1b7070869161d99421a786273082c72e2107c21110b2ac2a41f710d16e7d46618a914a78070d2fa310cba0fb0b15ff42882b5b074bc4492548a4023783ecfc8f637e2408bda561fd4f1ca2927109250d608778039513528fe5e2d4890e4d2110d24b5f751ba6ecf6597cf588b9af0449e38f7d5f90717ec75cd66c908bc08acad48c722138f11a3cd26271cee1dc08cfcee0be52e3b6cf029382560114d96c1a2658d3e5b84f7a82f4ddf715485d522dd8f4e6ba3461df44a6adb76828f8f61482079e7bbb503257de120de4963bf9445f8f769e24208b3b775f083ac649a421d636f9385a0838f6411db4374dbb4e704d395e1cb7b2f003fad159a2743ad8fb49d544a413cef73b91ec0d7daa043e3ad5cf5f03a8745aba05f45d0ed3eba02385c1c6b03854f21097af958852ef8166e99b75adebc04b88ba90f365cdc2532389676c3ae9982f6f7553c8e59491bb077bac515358b907d32dbc88be84b7fb5610d1ef5c5ba45f91b69ebda90176d775bb7192cc3402f088765102155b2138d34cf85d055c0f19a3e57d2dc5e6bfd245d6b5f86eb9c2d27a40041361c12089f00026ecd4d1857b615c5c97686033fb4fa2a5382c2bdeade5f0e5e84cda4e92cddbf102d219e1068013ebc52fdab61342ff58cab77aa37c4fea76634ecc56b792236fc112756f11b16b573b5f731aae3e5053eedb97ce9494aa5cd569ea74b3531bd7b48faa8ea0c0b7a936f0d07e57c7f8d3cfaf86c7de7e36125170c56fed886780580c99e37ec298ed6c8ff5c517abecc8c40196d8da2725a8cb2ab60f9360cc6ae8f906e0ef7780ea75b804f8ea231f1c90608c10bc28f6be99ee25ce7dd677fc22f2c5324d298aa3d3c9314bd62c5dd2f2f01ef7dea198c7601c2657d8520705f9a9d963a60144275c0d3b4a63c10ea7ffa8c9a5246257f7a4b1b2e34f45b40abeb6042bb02186e296846af62dfa87782a81f82405514430d595a59144cd8af21a43c318d50752f66ea1fbde88765d5950935388a85366807c40f05570e7cf717a03a884d05eb26c35451ac5268672d1b2b4d93461a533b1685038ef34c4872439a72b1251996291722db74ca28c4", 0xb6c}], 0x5}}], 0x4, 0xc884)
r3 = memfd_secret(0x80000)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x13, r3, 0x0)
ftruncate(r3, 0x3)
poll(&(0x7f0000000000), 0x20000000000000b5, 0x9)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x19)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr', 0x3)
sendmmsg$inet(r0, &(0x7f0000000980)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000011c0)="93bffce623851797a8dc7901f0048678cd35ef833c350900f95a94770a6845b091e69f243dea0d601c54e9c93ee3568b89a3427c84262ff67b679ccac305b5cea1dcd151d7bb5754603b6b0e362d8041bdc61529260e6c4046d55927c96dcce1609b9c4f8424b9da760270a470f95b99ebb600"/135, 0x87}, {&(0x7f0000000780)="029993440c7a1d95d3bb8cf353fd63c588ffa39f0ff0fced20927ea4b2a247d082247558bef6b2b2cd6a0dffece1b36526e9388c344fb7ac429e430bcb03", 0x3e}], 0x2}}, {{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000000)="51e657b8220ca193c9de9030c3c7175ae0132383bf66bd1ea5bd07a8092f5c1c356ef81ebc8a3ed11284c75e4991ca84a0eda6ac4148ace258f78bc2340c45834bc28c93523f00c13f7bda920d040647a60c2f548c6d1556", 0x58}, {&(0x7f00000002c0)="ee3714aa7756572d12ad3cd80207f0ea76a0bc3c9248ca350afa19d6fbf95238e23db454a07c93a0831e31bdca1de56a48b55c0e56450721a31ba40ea9fb151d57852e371a2ace8bf18e4f347744d20282453e", 0x53}, {&(0x7f0000000380)="08949a79dd9783363f6ec6795014e732a237722fd113e5b2df06331471284deb980af4fba2b20b257d426c27b35133bea57a0a9126db69cb1b4d071ca4b46a576a1a07a15e1e6d25a881c6746d9d7144673da78803763dbed0fb8b258056b77d333bca37e079e4edc895e87512f8eb46c7ca53abb303022183e6ad4ed2b524125f688a01da0fbd08bace0e4931cee109fb1a667e87f89fd34e8d959d0589655dd43f9c72e8d49aabae73b5f02a", 0xad}, {&(0x7f0000000640)="bfb665aee08189f9e638cc", 0xb}, {&(0x7f0000000440)="a11ed88992f69f03e8662746dce791f15f3513eff62810f80754890c57886c99e7305e4ad9891be383211c908efdfa5f18696fbb91a875d68f9806da294261aac2f3d35db6e676e20b9af8e41cfcae44e420d981be17428dfed1a00355b222ffdbcd45b8d0ecc80d6c6db46dea0fa69794b7e69fc1b28dc82e2e91a47db6e035", 0x80}, {&(0x7f00000000c0)="d5ff9d56d9335281cc13bf8bedad4c66a6db8c247ddbdfffe8bc9c2eeda7c13c66352b61b4e6f9ef71ae4f101a8599845214", 0x32}, {&(0x7f00000001c0)="f1d50ce8", 0x4}, {&(0x7f0000000680)="2672549cbf7ff756067c0ad103c6a2da9d6db52bae6f4c5ed1f6326625d678751e1741274fa991d1399e607cc8fd0de01ee85cd45c13960c5099fdcc6f70c5834949ecfe624a21d94711b91504c6f2f67fc462b12962538275aec797da0bce5dc57c2a75cbb4145c70a6", 0x6a}], 0x8}}], 0x2, 0xc0)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r0, &(0x7f0000000580)="17", 0x501, 0x10008095, 0x0, 0x0)

5m24.265717584s ago: executing program 0 (id=427):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='attr/current\x00')
writev(r0, &(0x7f0000000240)=[{&(0x7f0000000080)='y', 0x1}], 0x1)
capset(&(0x7f0000000000)={0x20071026}, &(0x7f0000000040))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
socket$inet_sctp(0x2, 0x1, 0x84)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2241, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000380)={'pimreg\x00', 0x5005})
r3 = syz_open_procfs(0x0, &(0x7f0000000040)='fdinfo/4\x00')
read$FUSE(r3, &(0x7f0000000a00)={0x2020}, 0x2020)
r4 = getpgid(r1)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r7 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_int(r7, 0x0, 0xf, &(0x7f0000000000)=0x1001, 0x4)
fchmodat(0xffffffffffffff9c, &(0x7f0000000300)='.\x00', 0xffffffd3)

5m22.135818885s ago: executing program 0 (id=431):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000001d00)={'team0\x00', &(0x7f0000001c00)=@ethtool_drvinfo={0x3, "56a6ac27ed2f5872d73ab89ece33ee03d5fddac1521d063719b5023488e59128", "dd76c34c472979f73f9a42e46adb3d57e5d8eae4348b16d3342beae0e8357c3a", "6e968c6eef9614aff21ed6ece0871b2147bf3ac418ee0df1f15e54a93f1ab6e7", "5afd3d908b848efc2e3f69085cd439f155eb8606145d000d7acb9f8b4533f796", "413910868a30c3c10cd591730155c959d6dd4009f6aeda19ea65b61009b82448", "c156f409870ddd9bfefb5370", 0x4, 0x4, 0x5a6df5a6, 0x3}})
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/transaction_log\x00', 0x0, 0x0)
r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace$getsig(0x4202, r1, 0xffffffff, 0xffffffffffffffff)
r2 = syz_open_procfs(r1, &(0x7f0000000000)='net/udplite\x00')
writev(r2, &(0x7f00000002c0)=[{&(0x7f0000000040)="a6", 0x1}], 0x1)

5m21.887255813s ago: executing program 0 (id=432):
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="700200001300290a00", @ANYRES32, @ANYBLOB="000000000000000010"], 0x270}, 0x1, 0x0, 0x0, 0x20008014}, 0x4)
sendmmsg(r0, &(0x7f0000000000), 0x400000000000235, 0x0) (fail_nth: 1)

5m21.640870158s ago: executing program 0 (id=434):
r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r1 = syz_genetlink_get_family_id$gtp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)={0x14, r1, 0x1, 0x400000, 0x0, {0x3}}, 0x14}, 0x1, 0x0, 0x0, 0x805}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="2800000036000701feffffffffffffff08000000140004"], 0x28}, 0x1, 0x0, 0x0, 0x4048011}, 0x8090)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="54000000100015012abd7000040000005f17032a4886cb3eb1fdc1fccf3e6088000000002b39e2f7bd972305162fbd2a6c5fffff22c9dab9ac1f5040581952d38d225850286fb3452b880a10229da17cc2e62687f301358a4544dc8f7cd5130485114badd4fe8fe3d9acfdb6daba4a2fc07bc04997995d2372eb6d73", @ANYRES32=0x0, @ANYBLOB="00000000108401000a000100aaaaaaaaaaaa0000280012800c0001006d6163766c616e00180002800a000400bbbbbbbbbbbb00000600020001000000"], 0x54}}, 0x800)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)=ANY=[@ANYBLOB="01000000000000000f478ef8ed"])
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
r5 = socket(0x8, 0x80000, 0x8)
setsockopt$sock_timeval(r5, 0x1, 0x14, &(0x7f0000000040)={0x0, 0x2710}, 0x10)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r6, &(0x7f0000000180), &(0x7f00000000c0)=@tcp6=r5}, 0x20)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r7 = getpid()
sched_setscheduler(r7, 0x1, &(0x7f0000001000)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000002100)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
connect$unix(r8, &(0x7f0000000180)=@abs, 0x6e)
r10 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_INITMSG(r10, 0x84, 0x2, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r10, 0x84, 0x22, 0x0, 0x0)
sendmmsg$unix(r9, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r8, 0x0, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r11 = syz_open_dev$usbfs(&(0x7f0000000180), 0x205, 0x2581)
r12 = fcntl$dupfd(r11, 0x0, r3)
ioctl$USBDEVFS_DISCARDURB(r12, 0x550b, 0x0)
recvmsg(r5, &(0x7f0000003780)={0x0, 0x0, &(0x7f00000026c0)=[{&(0x7f0000001f00)=""/169, 0xa9}], 0x1}, 0x0)

5m19.684564786s ago: executing program 0 (id=437):
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_xfrm(0x10, 0x3, 0x6)
signalfd4(0xffffffffffffffff, &(0x7f00000003c0)={[0x6]}, 0x8, 0x40000)
r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r2 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000280)={0x41}, 0x10)
r3 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000900)={0x41, 0x4}, 0x10)
r4 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r4, 0x10f, 0x87, &(0x7f0000000040)={0x41}, 0x10)
r5 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r5, 0x10f, 0x87, &(0x7f0000000280)={0x41, 0x0, 0x2}, 0x10)
sendmsg$tipc(r5, &(0x7f0000000240)={&(0x7f0000000080), 0x10, 0x0}, 0x0)
r6 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r6, 0x10f, 0x87, &(0x7f0000000100)={0x41, 0x0, 0x2}, 0x1be)
sendmsg$tipc(r6, &(0x7f0000000180)={&(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10, 0x0}, 0x0)
sendmsg$tipc(r5, &(0x7f0000000240)={&(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x44010}, 0x0)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)={0x20, r7, 0x309, 0x0, 0x1, {0x1d}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x5}]}]}, 0x20}}, 0x4054)
ioctl$VIDIOC_G_EXT_CTRLS(r0, 0xc0205649, &(0x7f00000000c0)={0x0, 0x1, 0x1, 0xffffffffffffffff, 0x0, 0x0})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r8 = syz_io_uring_setup(0x4b5, &(0x7f0000000200)={0x0, 0x9d51, 0x1, 0x88, 0x142}, &(0x7f0000010080), &(0x7f0000000180))
io_uring_register$IORING_REGISTER_BUFFERS(r8, 0x0, &(0x7f0000000500)=[{0x0, 0xe}, {&(0x7f00000004c0)=""/47, 0x2f}, {&(0x7f0000000b80)=""/74}], 0x2)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
setuid(0xee00)
add_key$fscrypt_v1(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
madvise(&(0x7f000042f000/0x800000)=nil, 0x80fd00, 0x15)

5m4.154729896s ago: executing program 35 (id=437):
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_xfrm(0x10, 0x3, 0x6)
signalfd4(0xffffffffffffffff, &(0x7f00000003c0)={[0x6]}, 0x8, 0x40000)
r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r2 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000280)={0x41}, 0x10)
r3 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000900)={0x41, 0x4}, 0x10)
r4 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r4, 0x10f, 0x87, &(0x7f0000000040)={0x41}, 0x10)
r5 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r5, 0x10f, 0x87, &(0x7f0000000280)={0x41, 0x0, 0x2}, 0x10)
sendmsg$tipc(r5, &(0x7f0000000240)={&(0x7f0000000080), 0x10, 0x0}, 0x0)
r6 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r6, 0x10f, 0x87, &(0x7f0000000100)={0x41, 0x0, 0x2}, 0x1be)
sendmsg$tipc(r6, &(0x7f0000000180)={&(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10, 0x0}, 0x0)
sendmsg$tipc(r5, &(0x7f0000000240)={&(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x44010}, 0x0)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)={0x20, r7, 0x309, 0x0, 0x1, {0x1d}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x5}]}]}, 0x20}}, 0x4054)
ioctl$VIDIOC_G_EXT_CTRLS(r0, 0xc0205649, &(0x7f00000000c0)={0x0, 0x1, 0x1, 0xffffffffffffffff, 0x0, 0x0})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r8 = syz_io_uring_setup(0x4b5, &(0x7f0000000200)={0x0, 0x9d51, 0x1, 0x88, 0x142}, &(0x7f0000010080), &(0x7f0000000180))
io_uring_register$IORING_REGISTER_BUFFERS(r8, 0x0, &(0x7f0000000500)=[{0x0, 0xe}, {&(0x7f00000004c0)=""/47, 0x2f}, {&(0x7f0000000b80)=""/74}], 0x2)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
setuid(0xee00)
add_key$fscrypt_v1(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
madvise(&(0x7f000042f000/0x800000)=nil, 0x80fd00, 0x15)

10.431463097s ago: executing program 4 (id=705):
socket$netlink(0x10, 0x3, 0x10)
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0201, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000001340))
ioctl$SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f0000000180)=0x6f)
write$dsp(r0, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000)
syz_usb_connect$hid(0x2, 0x36, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
listen(0xffffffffffffffff, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r1, 0x0, 0xd}, 0x18)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f00000001c0), 0x80280, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = socket$netlink(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$team(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000240))

6.675844018s ago: executing program 4 (id=706):
socket$inet(0x2, 0x1, 0x0)
openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000280), 0x22802, 0x0)
r0 = syz_io_uring_setup(0xbdc, &(0x7f00000021c0)={0x0, 0xec25, 0x400, 0x1, 0x40000333}, &(0x7f00000006c0)=<r1=>0x0, &(0x7f0000002180)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000080)=0x3)
ioctl$TIOCSSOFTCAR(r3, 0x541a, &(0x7f0000000000))
io_uring_enter(r0, 0x847ba, 0x0, 0xe, 0x0, 0x0)
r4 = socket(0x10, 0x3, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
getsockopt$TIPC_NODE_RECVQ_DEPTH(r4, 0x10f, 0x83, 0xfffffffffffffffc, &(0x7f0000000080))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r6, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0xb}, 0xe)
sendmmsg$sock(r6, &(0x7f0000004100)=[{{0x0, 0x0, 0x0}}], 0xffffff80, 0x0)
shutdown(r6, 0x1)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0x13, 0x5, &(0x7f0000000040)=@framed={{0x66, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x28}, [@initr0]}, &(0x7f0000000000)='GPL\x00'}, 0x80)
setreuid(0xee01, 0xee01)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000002240)=ANY=[@ANYBLOB="b7000000fdffffffbfa30000000000000703000020feffff720a00fef8ffffff71a4f0ff000000000f040000000000001d4002000000000065040000000000000f030000000000001d440000000000007a0a00fe000000000f00000000000000b5000000000000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f300020000fe275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b1100886475923906f88b53987ad0c33d39000d06a59ff616236fd9aa58f0177184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10076443d64360f56e24e6d2105bd901128c7e0ec82770c8204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee7dfcb59b854e9d5a17f48a7382f1b3fa4526650ea6cef13d000000225d85ae49cee383f936ad657b303ab841dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101ab062cd54e67051d355d84ce97bb0c6b4a595e487efbb2d71cde2c1070bc6980fe78683ac5c0c31032599ddd71063be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d96c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48153baae244e7bf573eac34b781337ad5905c6bbf1137548c22ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fd03000000022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab51380d7b4ead35a385e0b4a26b702396df7e0c1e02b884114f244a9bf93f04bf072f0861f5c0b000000004000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea52acb1188883ad2a3b1832371fe5bc621426d1ed0a4a99705cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcc536cbae315c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0706a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201efeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef0900000000000000ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fcdb4c2811e32f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96735600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15ecb4d91675767999d146aef7799738b292fd64bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922923806ca84d69ea370db27a5ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a419aa095e203c1bafbb9b9a7c2bca311a28ee4952f2d325a56390578f12205db653a536f0100e0eda300a43a13bd1b9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b8074bf7df8b5e783637da7418fd3aa81cff202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035ab63de71a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a274000000000000000000000000000000000000000000000009dd14b38f2f4426d7cf5075047c31f6ce6adddfe3ac649c0643c829aaf375e904bbe52691a4120260ffcd8f1d04166d291ebcef893e1b9ccb6797d0646fe0d0274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb3928143be1c1023a375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10baa804a707f0a1fcbfc37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f4441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d3b332240d450fdb0a9a69f432e277f3a0386eb2bd1305c821c64757f786b79fef54dbf34c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cbf5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d9436220000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dd9000000000000f05fe239d3d6dafc367f12689b6700000000bd4990d9dc174a69aadffdea5445fd3c13350af85d308caee689736c06417b52541eb5871d820b850dcb00877bbe2ed19d911564f11adeb52ec3047cfdcac8a8bab6ee365941cf792155f589226758e9c8bec8289b3012ca74bfe210e0315b384ce982e16f93f3e0b1385cfaab63bd36b141dfbc7f96ee549b8b52c311e5c657943f2a5d177f03e10b3595ed13458472a2eab1ea987a0668e52fff5c716fb5950852186649ce7362b45225f050c1c37327b6833025cc1dff2d57df674be03bab30901188386d248370", @ANYRESDEC=r2], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
r7 = syz_genetlink_get_family_id$devlink(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_TRAP_GROUP_SET(r0, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="800000007951ff62527c631bcd4f595014021fb4b5c503c7bc22d7c4a38d8961be2fb6d8c1e6acd8be9bea96e5608b963f61b8050c817958cd2c3cb415e684130979f8cc4d69765d2b4bec6bae08ad9f9d9b4de306e255db91f4a45d0d516b16", @ANYRES16=r7, @ANYBLOB="010025bd7000fcdbdf25420000000e0001006e657464657673696d0000000f0002006e657464657673696d3000000d0087006c325f64726f70730000000005008300000000000e0001006e657464657673696d0000000f0002006e657464657673696d3000000d0087006c325f64726f7073000000000500830000000000"], 0x84}, 0x1, 0x0, 0x0, 0x4010}, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x1c0000, 0x1, &(0x7f0000000040))

5.301689728s ago: executing program 4 (id=707):
socket$inet(0x2, 0x1, 0x0)
openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000280), 0x22802, 0x0)
r0 = syz_io_uring_setup(0xbdc, &(0x7f00000021c0)={0x0, 0xec25, 0x400, 0x1, 0x40000333}, &(0x7f00000006c0)=<r1=>0x0, &(0x7f0000002180)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000080)=0x3)
ioctl$TIOCSSOFTCAR(r3, 0x541a, &(0x7f0000000000))
io_uring_enter(r0, 0x847ba, 0x0, 0xe, 0x0, 0x0)
r4 = socket(0x10, 0x3, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
getsockopt$TIPC_NODE_RECVQ_DEPTH(r4, 0x10f, 0x83, 0xfffffffffffffffc, &(0x7f0000000080))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r6, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0xb}, 0xe)
sendmmsg$sock(r6, &(0x7f0000004100)=[{{0x0, 0x0, 0x0}}], 0xffffff80, 0x0)
shutdown(r6, 0x1)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0x13, 0x5, &(0x7f0000000040)=@framed={{0x66, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x28}, [@initr0]}, &(0x7f0000000000)='GPL\x00'}, 0x80)
setreuid(0xee01, 0xee01)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000002240)=ANY=[@ANYBLOB="b7000000fdffffffbfa30000000000000703000020feffff720a00fef8ffffff71a4f0ff000000000f040000000000001d4002000000000065040000000000000f030000000000001d440000000000007a0a00fe000000000f00000000000000b5000000000000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f300020000fe275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b1100886475923906f88b53987ad0c33d39000d06a59ff616236fd9aa58f0177184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10076443d64360f56e24e6d2105bd901128c7e0ec82770c8204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee7dfcb59b854e9d5a17f48a7382f1b3fa4526650ea6cef13d000000225d85ae49cee383f936ad657b303ab841dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101ab062cd54e67051d355d84ce97bb0c6b4a595e487efbb2d71cde2c1070bc6980fe78683ac5c0c31032599ddd71063be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d96c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48153baae244e7bf573eac34b781337ad5905c6bbf1137548c22ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fd03000000022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab51380d7b4ead35a385e0b4a26b702396df7e0c1e02b884114f244a9bf93f04bf072f0861f5c0b000000004000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea52acb1188883ad2a3b1832371fe5bc621426d1ed0a4a99705cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcc536cbae315c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0706a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201efeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef0900000000000000ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fcdb4c2811e32f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96735600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15ecb4d91675767999d146aef7799738b292fd64bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922923806ca84d69ea370db27a5ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a419aa095e203c1bafbb9b9a7c2bca311a28ee4952f2d325a56390578f12205db653a536f0100e0eda300a43a13bd1b9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b8074bf7df8b5e783637da7418fd3aa81cff202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035ab63de71a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a274000000000000000000000000000000000000000000000009dd14b38f2f4426d7cf5075047c31f6ce6adddfe3ac649c0643c829aaf375e904bbe52691a4120260ffcd8f1d04166d291ebcef893e1b9ccb6797d0646fe0d0274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb3928143be1c1023a375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10baa804a707f0a1fcbfc37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f4441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d3b332240d450fdb0a9a69f432e277f3a0386eb2bd1305c821c64757f786b79fef54dbf34c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cbf5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d9436220000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dd9000000000000f05fe239d3d6dafc367f12689b6700000000bd4990d9dc174a69aadffdea5445fd3c13350af85d308caee689736c06417b52541eb5871d820b850dcb00877bbe2ed19d911564f11adeb52ec3047cfdcac8a8bab6ee365941cf792155f589226758e9c8bec8289b3012ca74bfe210e0315b384ce982e16f93f3e0b1385cfaab63bd36b141dfbc7f96ee549b8b52c311e5c657943f2a5d177f03e10b3595ed13458472a2eab1ea987a0668e52fff5c716fb5950852186649ce7362b45225f050c1c37327b6833025cc1dff2d57df674be03bab30901188386d248370", @ANYRESDEC=r2], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
r7 = syz_genetlink_get_family_id$devlink(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_TRAP_GROUP_SET(r0, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="800000007951ff62527c631bcd4f595014021fb4b5c503c7bc22d7c4a38d8961be2fb6d8c1e6acd8be9bea96e5608b963f61b8050c817958cd2c3cb415e684130979f8cc4d69765d2b4bec6bae08ad9f9d9b4de306e255db91f4a45d0d516b16", @ANYRES16=r7, @ANYBLOB="010025bd7000fcdbdf25420000000e0001006e657464657673696d0000000f0002006e657464657673696d3000000d0087006c325f64726f70730000000005008300000000000e0001006e657464657673696d0000000f0002006e657464657673696d3000000d0087006c325f64726f7073000000000500830000000000"], 0x84}, 0x1, 0x0, 0x0, 0x4010}, 0x0)

3.500344673s ago: executing program 4 (id=708):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000000c0)='sched_switch\x00', r0, 0x0, 0x36}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000300)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x22903)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r4, 0xc0a85320, &(0x7f00000003c0)={{0x80}, 'port0\x00', 0xf3, 0x1b1c07, 0xfffffffa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x8})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r4, 0x40a85323, &(0x7f0000000000)={{0x80}, 'port0\x00', 0x56, 0x2, 0x0, 0x0, 0x0, 0x4a9e47b3, 0xffffff3e, 0x0, 0x2})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f00000003c0)={&(0x7f0000000380)=[0x0], 0x1, 0x800, 0x0, <r5=>0xffffffffffffffff})
ioctl$FUSE_DEV_IOC_CLONE(0xffffffffffffffff, 0x8004e500, &(0x7f0000000400)=r5)
getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r5, 0x84, 0x18, 0x0, &(0x7f0000000480))
socket$inet6(0xa, 0x2, 0x0)
socket$netlink(0x10, 0x3, 0x8000000004)
r6 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000280), 0x80a00, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r6, 0xc0285700, &(0x7f0000000080)={0x1, "0600000000000000c64c3b6e6ff82a75e5318fca4288c2ffbdbec772020acd2c", <r7=>0xffffffffffffffff})
ioctl$SYNC_IOC_MERGE(r7, 0xc0303e03, &(0x7f00000000c0)={"e50d1af80100007ea25edd00ff000000080000f6907ff16b7e00", r7, <r8=>0xffffffffffffffff})
r9 = epoll_create1(0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x5, 0x0, 0x0, 0x40e00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0x2, 0x6, 0xfffa}, 0x3a, [0x8000, 0xc95a, 0xf, 0x8, 0x80, 0x2, 0x3, 0x80000000, 0x20000006, 0x4d, 0x6, 0x5d, 0x9, 0x5, 0xffff2d37, 0xffffff01, 0x6, 0x3, 0x0, 0x5, 0x4, 0x0, 0x7, 0x3c5b, 0x1, 0x24, 0xd, 0x7, 0x0, 0xffffffff, 0xe661, 0x4, 0x7, 0x3, 0x8, 0x4c74, 0x80000000, 0x242, 0x3, 0xe, 0x0, 0x80008071, 0x7, 0x17, 0x1, 0x7, 0x5, 0x3e, 0x8c, 0x6, 0xffff, 0x0, 0x5, 0x4, 0x8008, 0x400, 0x80, 0x0, 0x5, 0x6, 0x8, 0x4, 0x1, 0x40], [0x10000007, 0x9, 0x8000012f, 0x2008004, 0x5, 0xfffffff3, 0x129432e6, 0xc8, 0xf9, 0xe, 0x2c0, 0x6c7, 0x9, 0xfffffffc, 0x3, 0x0, 0x0, 0x5, 0x2f, 0xe, 0x312, 0x78, 0xea4, 0x0, 0x4, 0x7, 0x7fff, 0x6, 0x400, 0x401, 0x6, 0x1, 0xff, 0x5, 0x1000005, 0x5f2e, 0xd, 0x4e2, 0x2, 0x4, 0xb, 0x4, 0x9, 0x8, 0x9, 0x6, 0x47, 0x8000, 0x1, 0xfe000000, 0xffff, 0x2, 0x4, 0x9, 0x3, 0x3, 0x9, 0x1, 0x3, 0x3, 0x81, 0x48c93690, 0x42, 0x3], [0x7, 0x408, 0x7, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x9, 0x5, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x5, 0x5, 0x0, 0x1ef, 0x5, 0x8, 0x86, 0x3, 0x303c, 0x3e7, 0xb, 0x5, 0x2, 0x2, 0x3, 0x20000008, 0x4, 0x6d01, 0x6, 0x38, 0x800003, 0x200, 0x80, 0x3, 0x4, 0x2950bfaf, 0x1000, 0xa2, 0x7, 0xa9, 0x5, 0x6, 0xac8, 0xca, 0x2, 0x3, 0x7ff, 0x12b, 0x4, 0x1, 0xa, 0x0, 0x5, 0x1c, 0x120000, 0x3, 0x2006, 0x80a2ed, 0x4, 0x3c484551], [0x9, 0xbb33, 0x7, 0xb, 0x5, 0x93a, 0x5, 0x6, 0x0, 0xb9, 0xce7, 0x1ff, 0x2, 0x57, 0x5, 0x3, 0x101, 0x10000, 0x2000004, 0x7fff, 0xffff, 0xa620, 0x2, 0x5, 0x1, 0x2, 0x14c, 0x60a7, 0x6, 0x16, 0xffffffff, 0x80000000, 0x5, 0x4, 0xc8, 0xfffffff9, 0xfffff000, 0x10000, 0x0, 0x7e, 0x100, 0x9602, 0x7, 0xaf, 0x5, 0x6, 0x226, 0x5, 0x5, 0x8, 0x30b1d693, 0xa1f, 0xf40, 0x7, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1e, 0xd7, 0x200, 0xffff3441, 0xfff]}, 0x45c)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r9, 0x1, r8, &(0x7f00000001c0))
dup3(r7, r6, 0x0)

2.310608772s ago: executing program 4 (id=709):
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000280)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
pipe2$watch_queue(0x0, 0x80)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x240000c0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_ACCT_GET(r3, &(0x7f0000000800)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000780)={0x14, 0x1, 0x7, 0xd03, 0x0, 0x0, {0x2, 0x0, 0x6}}, 0x14}, 0x1, 0x0, 0x0, 0xa053}, 0x20800)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r6=>0x0})
sendmsg$nl_route(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x20, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x25dfdbff, {}, [@NHA_OIF={0x8, 0x5, r6}]}, 0x20}}, 0x0)

0s ago: executing program 4 (id=710):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x18, 0x4, 0x0, &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xa5}, 0x94)
r0 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @rand_addr=0x64010101}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8032, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000300)=@abs={0x0, 0x0, 0xb}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket(0x2, 0x3, 0xff)
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/sysvipc/shm\x00', 0x0, 0x0)
unshare(0x40400)
read$FUSE(r5, 0x0, 0x0)
sendmmsg$inet(r4, &(0x7f0000000d40)=[{{&(0x7f0000000200)={0x2, 0x4e22, @local}, 0x10, &(0x7f00000001c0)=[{&(0x7f0000000b80)="f1e62f98c7ab3281eebd3c8dfdf09829d3", 0x11}, {&(0x7f0000000040)="553fd4", 0x3}], 0x2}}, {{&(0x7f0000000080)={0x2, 0x4e22, @empty}, 0x10, 0x0, 0x0, &(0x7f00000007c0)=[@ip_ttl={{0x10, 0x0, 0x2, 0x9033}}], 0x18}}], 0x2, 0x4800)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
ioprio_set$uid(0x3, 0x0, 0x2007)
bind$inet(r0, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r0, 0x0, 0x0)
r7 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080), r0)
sendmsg$TIPC_NL_LINK_RESET_STATS(r0, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x14, r7, 0x1, 0x70bd29, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x8081}, 0x4040090)
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000900)=ANY=[], 0x30}}, 0x40)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000006c0)={r6, 0xe0, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x7, 0x9, &(0x7f0000000380)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000003c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x44, &(0x7f0000000400), 0x0, 0x0, 0x0, &(0x7f00000004c0), 0x8, 0x9f, 0x8, 0x8, &(0x7f0000000500)}}, 0x10)

kernel console output (not intermixed with test programs):

0 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  413.350866][ T7973] RSP: 002b:00007fbf90f2e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  413.350891][ T7973] RAX: ffffffffffffffda RBX: 00007fbf92f25fa0 RCX: 00007fbf92cceec9
[  413.350905][ T7973] RDX: 0000000000000094 RSI: 0000200000000b00 RDI: 0000000000000005
[  413.350917][ T7973] RBP: 00007fbf90f2e090 R08: 0000000000000000 R09: 0000000000000000
[  413.350928][ T7973] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  413.350939][ T7973] R13: 00007fbf92f26038 R14: 00007fbf92f25fa0 R15: 00007ffdff1cde08
[  413.350968][ T7973]  </TASK>
[  413.362894][ T7973] Mem-Info:
[  413.362913][ T7973] active_anon:263 inactive_anon:4589 isolated_anon:0
[  413.362913][ T7973]  active_file:15790 inactive_file:37708 isolated_file:0
[  413.362913][ T7973]  unevictable:768 dirty:24 writeback:0
[  413.362913][ T7973]  slab_reclaimable:12410 slab_unreclaimable:107467
[  413.362913][ T7973]  mapped:29663 shmem:1362 pagetables:1115
[  413.362913][ T7973]  sec_pagetables:0 bounce:0
[  413.362913][ T7973]  kernel_misc_reclaimable:0
[  413.362913][ T7973]  free:1306962 free_pcp:14168 free_cma:0
[  413.362963][ T7973] Node 0 active_anon:1052kB inactive_anon:18356kB active_file:62960kB inactive_file:150828kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:118652kB dirty:92kB writeback:0kB shmem:3912kB kernel_stack:13756kB pagetables:4336kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  413.363006][ T7973] Node 1 active_anon:0kB inactive_anon:0kB active_file:200kB inactive_file:4kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB kernel_stack:48kB pagetables:124kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  413.363045][ T7973] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  413.363109][ T7973] lowmem_reserve[]: 0 2511 2513 2513 2513
[  413.363139][ T7973] Node 0 DMA32 free:1314992kB boost:0kB min:3940kB low:6484kB high:9028kB reserved_highatomic:0KB free_highatomic:0KB active_anon:1048kB inactive_anon:18316kB active_file:61940kB inactive_file:150760kB unevictable:1536kB writepending:88kB present:3129332kB managed:2572276kB mlocked:0kB bounce:0kB free_pcp:56672kB local_pcp:43724kB free_cma:0kB
[  413.363195][ T7973] lowmem_reserve[]: 0 0 1 1 1
[  413.363222][ T7973] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB free_highatomic:0KB active_anon:4kB inactive_anon:40kB active_file:1020kB inactive_file:68kB unevictable:0kB writepending:4kB present:1048580kB managed:1132kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  413.363273][ T7973] lowmem_reserve[]: 0 0 0 0 0
[  413.363302][ T7973] Node 1 Normal free:3897496kB boost:0kB min:6364kB low:10472kB high:14580kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:200kB inactive_file:4kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  413.363354][ T7973] lowmem_reserve[]: 0 0 0 0 0
[  413.363382][ T7973] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  413.363486][ T7973] Node 0 DMA32: 130*4kB (UME) 434*8kB (M) 215*16kB (ME) 35*32kB (M) 245*64kB (ME) 175*128kB (UME) 88*256kB (UME) 65*512kB (UME) 40*1024kB (UME) 14*2048kB (UME) 279*4096kB (M) = 1314856kB
[  413.363623][ T7973] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  413.363710][ T7973] Node 1 Normal: 224*4kB (UME) 47*8kB (UME) 28*16kB (UME) 231*32kB (UME) 92*64kB (UME) 26*128kB (UME) 15*256kB (UME) 3*512kB (ME) 3*1024kB (UME) 2*2048kB (U) 944*4096kB (M) = 3897496kB
[  413.363960][ T7973] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  413.363975][ T7973] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  413.363990][ T7973] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  413.364004][ T7973] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  413.364018][ T7973] 54856 total pagecache pages
[  413.364031][ T7973] 0 pages in swap cache
[  413.364038][ T7973] Free swap  = 124996kB
[  413.364044][ T7973] Total swap = 124996kB
[  413.364051][ T7973] 2097051 pages RAM
[  413.364057][ T7973] 0 pages HighMem/MovableOnly
[  413.364063][ T7973] 422084 pages reserved
[  413.364069][ T7973] 0 pages cma reserved
[  413.725778][    C0] vkms_vblank_simulate: vblank timer overrun
[  414.623280][    C0] vkms_vblank_simulate: vblank timer overrun
[  415.000498][ T5157] Bluetooth: hci3: command tx timeout
[  415.081758][ T5157] Bluetooth: hci4: command tx timeout
[  415.247760][    C0] vkms_vblank_simulate: vblank timer overrun
[  415.700290][ T1458] hsr_slave_0: left promiscuous mode
[  415.741917][ T1458] hsr_slave_1: left promiscuous mode
[  415.743097][ T1458] batman_adv: batadv0: Removing interface: batadv_slave_0
[  415.771877][ T1458] batman_adv: batadv0: Removing interface: batadv_slave_1
[  415.932828][ T1458] hsr_slave_0: left promiscuous mode
[  415.970418][ T1458] hsr_slave_1: left promiscuous mode
[  415.971722][ T1458] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  415.971858][ T1458] batman_adv: batadv0: Removing interface: batadv_slave_0
[  416.024210][ T1458] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  416.024242][ T1458] batman_adv: batadv0: Removing interface: batadv_slave_1
[  416.177181][ T1458] hsr_slave_0: left promiscuous mode
[  416.190704][ T1458] hsr_slave_1: left promiscuous mode
[  416.191441][ T1458] batman_adv: batadv0: Removing interface: batadv_slave_0
[  416.231852][ T1458] batman_adv: batadv0: Removing interface: batadv_slave_1
[  416.372981][ T1458] hsr_slave_0: left promiscuous mode
[  416.390384][ T1458] hsr_slave_1: left promiscuous mode
[  416.391519][ T1458] batman_adv: batadv0: Removing interface: batadv_slave_0
[  416.442651][ T1458] batman_adv: batadv0: Removing interface: batadv_slave_1
[  416.614012][ T1458] veth1_macvtap: left promiscuous mode
[  416.614135][ T1458] veth0_macvtap: left promiscuous mode
[  416.614560][ T1458] veth1_vlan: left promiscuous mode
[  416.614774][ T1458] veth0_vlan: left promiscuous mode
[  417.160316][ T5157] Bluetooth: hci4: command tx timeout
[  417.902766][ T1458] team0 (unregistering): Port device team_slave_1 removed
[  417.921928][ T5931] usb 5-1: new full-speed USB device number 27 using dummy_hcd
[  418.050292][ T5931] usb 5-1: device descriptor read/64, error -71
[  418.067583][ T1458] team0 (unregistering): Port device team_slave_0 removed
[  418.290200][ T5931] usb 5-1: new full-speed USB device number 28 using dummy_hcd
[  418.436609][ T5931] usb 5-1: device descriptor read/64, error -71
[  418.544261][ T5931] usb usb5-port1: attempt power cycle
[  418.880713][ T5931] usb 5-1: new full-speed USB device number 29 using dummy_hcd
[  418.914653][ T5931] usb 5-1: device descriptor read/8, error -71
[  419.170339][ T5931] usb 5-1: new full-speed USB device number 30 using dummy_hcd
[  419.231957][ T5931] usb 5-1: device descriptor read/8, error -71
[  419.250259][ T5157] Bluetooth: hci4: command tx timeout
[  419.342204][ T5931] usb usb5-port1: unable to enumerate USB device
[  421.003785][ T1458] team0 (unregistering): Port device team_slave_1 removed
[  421.255237][ T1458] team0 (unregistering): Port device team_slave_0 removed
[  421.328446][ T5157] Bluetooth: hci4: command tx timeout
[  423.549222][ T5843] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  423.569662][ T5843] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  423.578695][ T5843] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  423.630905][ T5843] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  423.631654][ T5843] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  424.131337][ T1458] team0 (unregistering): Port device team_slave_1 removed
[  424.271275][ T1458] team0 (unregistering): Port device team_slave_0 removed
[  425.312778][ T1458] team0 (unregistering): Port device team_slave_1 removed
[  425.461680][ T1458] team0 (unregistering): Port device team_slave_0 removed
[  425.640603][ T5843] Bluetooth: hci5: command tx timeout
[  426.045533][ T7889] bridge0: port 1(bridge_slave_0) entered blocking state
[  426.050578][ T7889] bridge0: port 1(bridge_slave_0) entered disabled state
[  426.050813][ T7889] bridge_slave_0: entered allmulticast mode
[  426.053647][ T7889] bridge_slave_0: entered promiscuous mode
[  426.133659][ T7889] bridge0: port 2(bridge_slave_1) entered blocking state
[  426.133812][ T7889] bridge0: port 2(bridge_slave_1) entered disabled state
[  426.134049][ T7889] bridge_slave_1: entered allmulticast mode
[  426.162782][ T7889] bridge_slave_1: entered promiscuous mode
[  426.214221][ T7936] chnl_net:caif_netlink_parms(): no params data found
[  427.624951][ T7889] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  427.722221][ T5843] Bluetooth: hci5: command tx timeout
[  428.105596][ T7889] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  428.886101][ T7889] team0: Port device team_slave_0 added
[  429.895159][ T7889] team0: Port device team_slave_1 added
[  430.191423][ T5843] Bluetooth: hci5: command tx timeout
[  431.691039][ T7936] bridge0: port 1(bridge_slave_0) entered blocking state
[  431.691183][ T7936] bridge0: port 1(bridge_slave_0) entered disabled state
[  431.691412][ T7936] bridge_slave_0: entered allmulticast mode
[  431.696395][ T7936] bridge_slave_0: entered promiscuous mode
[  431.968847][ T7936] bridge0: port 2(bridge_slave_1) entered blocking state
[  431.974961][ T7936] bridge0: port 2(bridge_slave_1) entered disabled state
[  431.975224][ T7936] bridge_slave_1: entered allmulticast mode
[  431.980567][ T7936] bridge_slave_1: entered promiscuous mode
[  431.987532][ T7889] batman_adv: batadv0: Adding interface: batadv_slave_0
[  431.987548][ T7889] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  431.987573][ T7889] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  432.131687][ T7889] batman_adv: batadv0: Adding interface: batadv_slave_1
[  432.131699][ T7889] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  432.131713][ T7889] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  432.202148][ T5157] Bluetooth: hci5: command tx timeout
[  432.259098][ T7936] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  432.304114][ T7936] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  432.793799][ T7936] team0: Port device team_slave_0 added
[  432.808046][ T7889] hsr_slave_0: entered promiscuous mode
[  432.829462][ T7889] hsr_slave_1: entered promiscuous mode
[  432.845419][ T7889] debugfs: 'hsr0' already exists in 'hsr'
[  432.845447][ T7889] Cannot create hsr debugfs directory
[  432.985686][ T7936] team0: Port device team_slave_1 added
[  433.403158][ T7936] batman_adv: batadv0: Adding interface: batadv_slave_0
[  433.403170][ T7936] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  433.403184][ T7936] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  433.470003][ T7936] batman_adv: batadv0: Adding interface: batadv_slave_1
[  433.470020][ T7936] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  433.473155][ T7936] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  433.590720][ T7965] chnl_net:caif_netlink_parms(): no params data found
[  434.203529][ T7936] hsr_slave_0: entered promiscuous mode
[  434.206815][ T7936] hsr_slave_1: entered promiscuous mode
[  434.222696][ T7936] debugfs: 'hsr0' already exists in 'hsr'
[  434.222722][ T7936] Cannot create hsr debugfs directory
[  434.804440][ T8009] chnl_net:caif_netlink_parms(): no params data found
[  434.976259][ T7965] bridge0: port 1(bridge_slave_0) entered blocking state
[  434.976690][ T7965] bridge0: port 1(bridge_slave_0) entered disabled state
[  434.976920][ T7965] bridge_slave_0: entered allmulticast mode
[  434.985098][ T7965] bridge_slave_0: entered promiscuous mode
[  435.116004][ T7965] bridge0: port 2(bridge_slave_1) entered blocking state
[  435.116096][ T7965] bridge0: port 2(bridge_slave_1) entered disabled state
[  435.116285][ T7965] bridge_slave_1: entered allmulticast mode
[  435.117870][ T7965] bridge_slave_1: entered promiscuous mode
[  436.112064][ T6034] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[  436.420547][ T6034] usb 5-1: Using ep0 maxpacket: 32
[  436.422653][ T6034] usb 5-1: config index 0 descriptor too short (expected 61932, got 36)
[  436.422679][ T6034] usb 5-1: config 15 has too many interfaces: 130, using maximum allowed: 32
[  436.422697][ T6034] usb 5-1: config 15 has an invalid descriptor of length 0, skipping remainder of the config
[  436.422716][ T6034] usb 5-1: config 15 has 0 interfaces, different from the descriptor's value: 130
[  436.472530][ T6034] usb 5-1: New USB device found, idVendor=086a, idProduct=0003, bcdDevice=f0.3f
[  436.472559][ T6034] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  436.472578][ T6034] usb 5-1: Product: syz
[  436.472592][ T6034] usb 5-1: Manufacturer: syz
[  436.472606][ T6034] usb 5-1: SerialNumber: syz
[  436.824720][ T7965] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  436.901851][ T7965] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  437.651264][ T8009] bridge0: port 1(bridge_slave_0) entered blocking state
[  437.651407][ T8009] bridge0: port 1(bridge_slave_0) entered disabled state
[  437.651549][ T8009] bridge_slave_0: entered allmulticast mode
[  437.653168][ T8009] bridge_slave_0: entered promiscuous mode
[  437.856914][ T7965] team0: Port device team_slave_0 added
[  437.874168][ T8009] bridge0: port 2(bridge_slave_1) entered blocking state
[  437.874310][ T8009] bridge0: port 2(bridge_slave_1) entered disabled state
[  437.874837][ T8009] bridge_slave_1: entered allmulticast mode
[  437.877695][ T8009] bridge_slave_1: entered promiscuous mode
[  437.884633][ T7965] team0: Port device team_slave_1 added
[  438.500944][ T5931] usb 5-1: USB disconnect, device number 31
[  438.548001][ T1458] IPVS: stop unused estimator thread 0...
[  438.562143][ T8009] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  438.564166][ T7965] batman_adv: batadv0: Adding interface: batadv_slave_0
[  438.564181][ T7965] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  438.564205][ T7965] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  438.569523][ T8009] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  438.572037][ T7965] batman_adv: batadv0: Adding interface: batadv_slave_1
[  438.572058][ T7965] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  438.572083][ T7965] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  439.009096][ T8066] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  439.009123][ T8066] CIFS mount error: No usable UNC path provided in device string!
[  439.009123][ T8066] 
[  439.009372][ T8066] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  439.057734][ T8066] netlink: 16 bytes leftover after parsing attributes in process `syz.4.520'.
[  439.168933][ T8009] team0: Port device team_slave_0 added
[  439.284104][ T8009] team0: Port device team_slave_1 added
[  439.370238][ T5931] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[  439.551254][ T5931] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  439.551288][ T5931] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  439.551328][ T5931] usb 5-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  439.551350][ T5931] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  439.571148][ T5931] usb 5-1: config 0 descriptor??
[  439.807369][ T7965] hsr_slave_0: entered promiscuous mode
[  439.813933][ T7965] hsr_slave_1: entered promiscuous mode
[  439.815655][ T7965] debugfs: 'hsr0' already exists in 'hsr'
[  439.815680][ T7965] Cannot create hsr debugfs directory
[  439.992941][ T5931] cm6533_jd 0003:0D8C:0022.0001: unknown main item tag 0x0
[  439.993097][ T5931] cm6533_jd 0003:0D8C:0022.0001: unknown main item tag 0x0
[  440.002565][ T5931] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:0D8C:0022.0001/input/input10
[  440.057928][ T5931] cm6533_jd 0003:0D8C:0022.0001: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.4-1/input0
[  440.078115][ T8009] batman_adv: batadv0: Adding interface: batadv_slave_0
[  440.078132][ T8009] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  440.078158][ T8009] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  440.133352][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[  440.133432][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[  440.451986][ T8009] batman_adv: batadv0: Adding interface: batadv_slave_1
[  440.452003][ T8009] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  440.452545][ T8009] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  441.273536][ T5910] usb 5-1: reset high-speed USB device number 32 using dummy_hcd
[  443.430782][ T8009] hsr_slave_0: entered promiscuous mode
[  443.432140][ T8009] hsr_slave_1: entered promiscuous mode
[  443.433032][ T8009] debugfs: 'hsr0' already exists in 'hsr'
[  443.433055][ T8009] Cannot create hsr debugfs directory
[  443.570906][ T5931] usb 5-1: USB disconnect, device number 32
[  445.931429][ T7889] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  446.593307][ T7889] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  446.642380][ T7889] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  446.690744][ T6034] usb 5-1: new high-speed USB device number 33 using dummy_hcd
[  446.737355][ T7889] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  446.840416][ T6034] usb 5-1: Using ep0 maxpacket: 32
[  446.845966][ T6034] usb 5-1: config index 0 descriptor too short (expected 61932, got 36)
[  446.845993][ T6034] usb 5-1: config 15 has too many interfaces: 130, using maximum allowed: 32
[  446.846013][ T6034] usb 5-1: config 15 has an invalid descriptor of length 0, skipping remainder of the config
[  446.846031][ T6034] usb 5-1: config 15 has 0 interfaces, different from the descriptor's value: 130
[  446.892960][ T6034] usb 5-1: New USB device found, idVendor=086a, idProduct=0003, bcdDevice=f0.3f
[  446.892989][ T6034] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  446.893009][ T6034] usb 5-1: Product: syz
[  446.893023][ T6034] usb 5-1: Manufacturer: syz
[  446.893037][ T6034] usb 5-1: SerialNumber: syz
[  447.344664][ T7936] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  447.374713][ T7936] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  447.663770][ T7936] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  447.701502][ T7936] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  448.388691][ T7889] 8021q: adding VLAN 0 to HW filter on device bond0
[  448.464994][ T1458] bridge_slave_1: left allmulticast mode
[  448.465028][ T1458] bridge_slave_1: left promiscuous mode
[  448.465305][ T1458] bridge0: port 2(bridge_slave_1) entered disabled state
[  448.521950][ T1458] bridge_slave_0: left allmulticast mode
[  448.521984][ T1458] bridge_slave_0: left promiscuous mode
[  448.522271][ T1458] bridge0: port 1(bridge_slave_0) entered disabled state
[  448.597161][ T1458] bridge_slave_1: left allmulticast mode
[  448.597195][ T1458] bridge_slave_1: left promiscuous mode
[  448.597445][ T1458] bridge0: port 2(bridge_slave_1) entered disabled state
[  448.773638][ T6251] usb 5-1: USB disconnect, device number 33
[  448.779705][ T1458] bridge_slave_0: left allmulticast mode
[  448.779736][ T1458] bridge_slave_0: left promiscuous mode
[  448.779987][ T1458] bridge0: port 1(bridge_slave_0) entered disabled state
[  449.159913][ T1458] bridge_slave_1: left allmulticast mode
[  449.159946][ T1458] bridge_slave_1: left promiscuous mode
[  449.173569][ T1458] bridge0: port 2(bridge_slave_1) entered disabled state
[  449.231762][ T1458] bridge_slave_0: left allmulticast mode
[  449.231795][ T1458] bridge_slave_0: left promiscuous mode
[  449.232048][ T1458] bridge0: port 1(bridge_slave_0) entered disabled state
[  449.556571][ T1458] bridge_slave_1: left allmulticast mode
[  449.556606][ T1458] bridge_slave_1: left promiscuous mode
[  449.556859][ T1458] bridge0: port 2(bridge_slave_1) entered disabled state
[  450.462049][ T1458] bridge_slave_0: left allmulticast mode
[  450.462081][ T1458] bridge_slave_0: left promiscuous mode
[  450.462360][ T1458] bridge0: port 1(bridge_slave_0) entered disabled state
[  451.181409][ T1458] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  451.261837][ T1458] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  451.331794][ T1458] bond0 (unregistering): Released all slaves
[  454.052899][ T1458] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  454.172905][ T1458] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  454.598277][ T1458] bond0 (unregistering): Released all slaves
[  456.080604][ T1458] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  456.211055][ T1458] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  456.280646][ T1458] bond0 (unregistering): Released all slaves
[  456.384587][ T5930] usb 5-1: new high-speed USB device number 34 using dummy_hcd
[  456.540457][ T5930] usb 5-1: Using ep0 maxpacket: 16
[  456.563937][ T5930] usb 5-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  456.563969][ T5930] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  456.563988][ T5930] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  456.585208][ T5930] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  456.585239][ T5930] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  456.585258][ T5930] usb 5-1: Product: syz
[  456.585272][ T5930] usb 5-1: Manufacturer: syz
[  456.585285][ T5930] usb 5-1: SerialNumber: syz
[  457.231469][ T1458] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  457.417182][ T1458] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  457.502242][ T1458] bond0 (unregistering): Released all slaves
[  458.776892][ T5843] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  458.813332][ T5843] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  458.828412][ T5843] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  458.905626][ T5843] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  458.907134][ T5843] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  458.981001][ T8135] syz.4.536 (8135) used greatest stack depth: 16760 bytes left
[  459.083651][ T1458] hsr_slave_0: left promiscuous mode
[  459.112861][ T5930] usb 5-1: 0:2 : does not exist
[  459.131282][ T5930] usb 5-1: 1:0: cannot get min/max values for control 2 (id 1)
[  459.150470][ T5930] usb 5-1: USB disconnect, device number 34
[  459.187938][ T1458] hsr_slave_1: left promiscuous mode
[  459.188907][ T1458] batman_adv: batadv0: Removing interface: batadv_slave_0
[  459.252269][ T1458] batman_adv: batadv0: Removing interface: batadv_slave_1
[  459.520286][ T1458] hsr_slave_0: left promiscuous mode
[  459.580265][ T1458] hsr_slave_1: left promiscuous mode
[  459.581182][ T1458] batman_adv: batadv0: Removing interface: batadv_slave_0
[  459.641636][ T1458] batman_adv: batadv0: Removing interface: batadv_slave_1
[  460.329069][ T1458] hsr_slave_0: left promiscuous mode
[  460.370291][ T1458] hsr_slave_1: left promiscuous mode
[  460.372301][ T1458] batman_adv: batadv0: Removing interface: batadv_slave_0
[  461.080259][ T5157] Bluetooth: hci0: command tx timeout
[  461.306748][ T1458] batman_adv: batadv0: Removing interface: batadv_slave_1
[  462.450284][ T1458] hsr_slave_0: left promiscuous mode
[  462.490540][ T1458] hsr_slave_1: left promiscuous mode
[  462.493179][ T1458] batman_adv: batadv0: Removing interface: batadv_slave_0
[  462.557172][ T1458] batman_adv: batadv0: Removing interface: batadv_slave_1
[  463.174751][ T5157] Bluetooth: hci0: command tx timeout
[  463.731869][ T8165] IPv6: addrconf: prefix option has invalid lifetime
[  465.267427][ T5157] Bluetooth: hci0: command tx timeout
[  467.320368][ T5157] Bluetooth: hci0: command tx timeout
[  467.606942][ T1458] team0 (unregistering): Port device team_slave_1 removed
[  468.619390][ T5843] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  468.646217][ T5843] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  468.647512][ T5843] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  468.648815][ T5843] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  468.680321][ T5843] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  468.791049][ T1458] team0 (unregistering): Port device team_slave_0 removed
[  470.846995][ T5157] Bluetooth: hci2: command tx timeout
[  470.978913][ T8201] qrtr: Invalid version 2
[  472.928452][ T5157] Bluetooth: hci2: command tx timeout
[  473.022031][ T1458] team0 (unregistering): Port device team_slave_1 removed
[  474.250891][ T1458] team0 (unregistering): Port device team_slave_0 removed
[  475.240510][ T5843] Bluetooth: hci2: command tx timeout
[  475.242528][ T5843] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  475.257239][ T5843] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  475.258521][ T5843] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  475.287286][ T5843] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  475.288937][ T5843] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  477.424708][ T5157] Bluetooth: hci2: command tx timeout
[  477.424773][ T5157] Bluetooth: hci6: command tx timeout
[  478.062693][ T8230] netlink: 'syz.4.562': attribute type 1 has an invalid length.
[  478.062713][ T8230] netlink: 'syz.4.562': attribute type 3 has an invalid length.
[  478.062723][ T8230] netlink: 224 bytes leftover after parsing attributes in process `syz.4.562'.
[  478.161050][ T1458] team0 (unregistering): Port device team_slave_1 removed
[  478.318148][ T1458] team0 (unregistering): Port device team_slave_0 removed
[  478.358336][   T10] usb 5-1: new high-speed USB device number 35 using dummy_hcd
[  478.480398][   T10] usb 5-1: device descriptor read/64, error -71
[  478.720346][   T10] usb 5-1: new high-speed USB device number 36 using dummy_hcd
[  478.851095][   T10] usb 5-1: device descriptor read/64, error -71
[  478.960825][   T10] usb usb5-port1: attempt power cycle
[  479.310454][   T10] usb 5-1: new high-speed USB device number 37 using dummy_hcd
[  479.331199][   T10] usb 5-1: device descriptor read/8, error -71
[  479.480276][ T5157] Bluetooth: hci6: command tx timeout
[  479.582557][   T10] usb 5-1: new high-speed USB device number 38 using dummy_hcd
[  479.601049][   T10] usb 5-1: device descriptor read/8, error -71
[  479.701417][ T1458] team0 (unregistering): Port device team_slave_1 removed
[  479.725150][   T10] usb usb5-port1: unable to enumerate USB device
[  479.851540][ T1458] team0 (unregistering): Port device team_slave_0 removed
[  482.142809][ T5157] Bluetooth: hci6: command tx timeout
[  482.439334][ T8237] netlink: 96 bytes leftover after parsing attributes in process `syz.4.564'.
[  482.840280][ T5931] usb 5-1: new high-speed USB device number 39 using dummy_hcd
[  482.993694][ T5931] usb 5-1: Using ep0 maxpacket: 8
[  483.018869][ T5931] usb 5-1: config 32 interface 0 altsetting 0 endpoint 0x85 has invalid maxpacket 52228, setting to 64
[  483.018919][ T5931] usb 5-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=98.c7
[  483.018941][ T5931] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  483.319368][ T8240] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  483.319803][ T8240] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  483.441274][ T5931] usb 5-1: string descriptor 0 read error: -71
[  483.441813][ T5931] hub 5-1:32.0: bad descriptor, ignoring hub
[  483.441846][ T5931] hub 5-1:32.0: probe with driver hub failed with error -5
[  483.519377][ T5931] usb 5-1: USB disconnect, device number 39
[  484.139938][ T5843] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  484.160838][ T5843] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  484.163038][ T5843] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  484.164352][ T5843] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  484.165213][ T5843] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  484.200313][ T5843] Bluetooth: hci6: command tx timeout
[  486.394406][ T5843] Bluetooth: hci3: command tx timeout
[  486.750557][ T8216] chnl_net:caif_netlink_parms(): no params data found
[  488.181722][ T8139] chnl_net:caif_netlink_parms(): no params data found
[  488.759981][ T8185] chnl_net:caif_netlink_parms(): no params data found
[  488.840160][ T5157] Bluetooth: hci3: command tx timeout
[  490.920178][ T5157] Bluetooth: hci3: command tx timeout
[  491.899448][ T8216] bridge0: port 1(bridge_slave_0) entered blocking state
[  491.899600][ T8216] bridge0: port 1(bridge_slave_0) entered disabled state
[  491.899836][ T8216] bridge_slave_0: entered allmulticast mode
[  491.927408][ T8216] bridge_slave_0: entered promiscuous mode
[  492.001378][ T8216] bridge0: port 2(bridge_slave_1) entered blocking state
[  492.001714][ T8216] bridge0: port 2(bridge_slave_1) entered disabled state
[  492.004020][ T8216] bridge_slave_1: entered allmulticast mode
[  492.008775][ T8216] bridge_slave_1: entered promiscuous mode
[  492.742784][ T8139] bridge0: port 1(bridge_slave_0) entered blocking state
[  492.744922][ T8139] bridge0: port 1(bridge_slave_0) entered disabled state
[  492.745175][ T8139] bridge_slave_0: entered allmulticast mode
[  492.747974][ T8139] bridge_slave_0: entered promiscuous mode
[  492.784536][ T8216] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  492.809363][ T8185] bridge0: port 1(bridge_slave_0) entered blocking state
[  492.809475][ T8185] bridge0: port 1(bridge_slave_0) entered disabled state
[  492.809651][ T8185] bridge_slave_0: entered allmulticast mode
[  492.813098][ T8185] bridge_slave_0: entered promiscuous mode
[  492.816321][ T8139] bridge0: port 2(bridge_slave_1) entered blocking state
[  492.816451][ T8139] bridge0: port 2(bridge_slave_1) entered disabled state
[  492.816644][ T8139] bridge_slave_1: entered allmulticast mode
[  492.819188][ T8139] bridge_slave_1: entered promiscuous mode
[  492.845679][ T8216] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  492.883992][ T8185] bridge0: port 2(bridge_slave_1) entered blocking state
[  492.884132][ T8185] bridge0: port 2(bridge_slave_1) entered disabled state
[  492.884374][ T8185] bridge_slave_1: entered allmulticast mode
[  492.891065][ T8185] bridge_slave_1: entered promiscuous mode
[  493.001545][ T5157] Bluetooth: hci3: command tx timeout
[  493.002177][ T8289] fuse: Bad value for 'fd'
[  493.370403][   T10] usb 5-1: new high-speed USB device number 40 using dummy_hcd
[  493.530600][   T10] usb 5-1: Using ep0 maxpacket: 32
[  493.534199][   T10] usb 5-1: config 1 has an invalid descriptor of length 95, skipping remainder of the config
[  493.534225][   T10] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  493.538830][   T10] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  493.538858][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  493.538877][   T10] usb 5-1: Product: syz
[  493.538891][   T10] usb 5-1: Manufacturer: syz
[  493.538905][   T10] usb 5-1: SerialNumber: syz
[  493.709922][ T8139] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  493.714277][ T8216] team0: Port device team_slave_0 added
[  493.718573][ T8185] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  493.738569][ T8139] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  493.755021][ T8216] team0: Port device team_slave_1 added
[  493.767099][ T8185] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  494.455618][ T8139] team0: Port device team_slave_0 added
[  494.604836][ T8216] batman_adv: batadv0: Adding interface: batadv_slave_0
[  494.604908][ T8216] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  494.604935][ T8216] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  494.656044][ T8185] team0: Port device team_slave_0 added
[  494.665869][ T8139] team0: Port device team_slave_1 added
[  494.693921][ T8216] batman_adv: batadv0: Adding interface: batadv_slave_1
[  494.693937][ T8216] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  494.693993][ T8216] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  494.696353][ T8185] team0: Port device team_slave_1 added
[  495.255420][ T8139] batman_adv: batadv0: Adding interface: batadv_slave_0
[  495.255439][ T8139] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  495.255465][ T8139] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  495.353740][ T8185] batman_adv: batadv0: Adding interface: batadv_slave_0
[  495.353812][ T8185] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  495.353839][ T8185] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  495.370585][ T8139] batman_adv: batadv0: Adding interface: batadv_slave_1
[  495.370601][ T8139] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  495.370626][ T8139] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  495.656467][ T8185] batman_adv: batadv0: Adding interface: batadv_slave_1
[  495.656484][ T8185] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  495.656510][ T8185] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  495.796196][ T8216] hsr_slave_0: entered promiscuous mode
[  495.807334][ T8216] hsr_slave_1: entered promiscuous mode
[  495.819337][ T8251] chnl_net:caif_netlink_parms(): no params data found
[  496.204662][   T10] usb 5-1: 0:2 : does not exist
[  496.235449][   T10] usb 5-1: 5:0: cannot get min/max values for control 2 (id 5)
[  496.251136][   T10] usb 5-1: 5:0: cannot get min/max values for control 3 (id 5)
[  496.259135][ T8139] hsr_slave_0: entered promiscuous mode
[  496.272731][ T8139] hsr_slave_1: entered promiscuous mode
[  496.280461][ T8139] debugfs: 'hsr0' already exists in 'hsr'
[  496.280490][ T8139] Cannot create hsr debugfs directory
[  496.293266][   T10] usb 5-1: 5:0: cannot get min/max values for control 5 (id 5)
[  496.299409][   T10] usb 5-1: 5:0: failed to get current value for ch 1 (-22)
[  496.332675][   T10] usb 5-1: 5:0: failed to get current value for ch 1 (-22)
[  496.350973][   T10] usb 5-1: 5:0: failed to get current value for ch 0 (-22)
[  496.389815][   T10] usb 5-1: 5:0: cannot get min/max values for control 3 (id 5)
[  496.412329][   T10] usb 5-1: 5:0: cannot get min/max values for control 5 (id 5)
[  496.416846][   T10] usb 5-1: USB disconnect, device number 40
[  498.975402][ T8185] hsr_slave_0: entered promiscuous mode
[  498.981856][ T8185] hsr_slave_1: entered promiscuous mode
[  498.986681][ T8185] debugfs: 'hsr0' already exists in 'hsr'
[  498.986716][ T8185] Cannot create hsr debugfs directory
[  499.495244][ T8312] Bluetooth: MGMT ver 1.23
[  501.569134][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[  501.569212][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[  501.600770][ T8319] fuse: Bad value for 'fd'
[  501.821072][ T8323] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[  502.692773][ T8325] sctp: [Deprecated]: syz.4.581 (pid 8325) Use of int in max_burst socket option.
[  502.692773][ T8325] Use struct sctp_assoc_value instead
[  503.002177][ T8251] bridge0: port 1(bridge_slave_0) entered blocking state
[  503.004013][ T8251] bridge0: port 1(bridge_slave_0) entered disabled state
[  503.004249][ T8251] bridge_slave_0: entered allmulticast mode
[  503.031022][ T8251] bridge_slave_0: entered promiscuous mode
[  503.231074][ T8251] bridge0: port 2(bridge_slave_1) entered blocking state
[  503.231210][ T8251] bridge0: port 2(bridge_slave_1) entered disabled state
[  503.231425][ T8251] bridge_slave_1: entered allmulticast mode
[  503.234122][ T8251] bridge_slave_1: entered promiscuous mode
[  503.892798][ T8251] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  504.041075][ T8251] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  504.600277][ T6034] usb 5-1: new high-speed USB device number 41 using dummy_hcd
[  504.629956][ T8251] team0: Port device team_slave_0 added
[  504.758021][ T6034] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  504.758048][ T6034] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[  504.758068][ T6034] usb 5-1: config 1 has no interface number 0
[  504.758117][ T6034] usb 5-1: config 1 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  504.823409][ T6034] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  504.823440][ T6034] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  504.823460][ T6034] usb 5-1: Product: syz
[  504.823474][ T6034] usb 5-1: Manufacturer: syz
[  504.823487][ T6034] usb 5-1: SerialNumber: syz
[  504.836683][ T6034] usb 5-1: selecting invalid altsetting 1
[  504.887426][ T8251] team0: Port device team_slave_1 added
[  505.478491][ T8251] batman_adv: batadv0: Adding interface: batadv_slave_0
[  505.478561][ T8251] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  505.478588][ T8251] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  505.499542][ T8335] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  505.503316][ T8335] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  505.607885][ T6034] cdc_ncm 5-1:1.1: SET_NTB_FORMAT failed
[  505.621757][ T8251] batman_adv: batadv0: Adding interface: batadv_slave_1
[  505.621774][ T8251] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  505.621800][ T8251] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  505.622248][ T6034] usb 5-1: selecting invalid altsetting 1
[  505.622299][ T6034] cdc_ncm 5-1:1.1: bind() failure
[  505.643216][ T6034] usb 5-1: USB disconnect, device number 41
[  506.087731][ T8251] hsr_slave_0: entered promiscuous mode
[  506.088832][ T8251] hsr_slave_1: entered promiscuous mode
[  506.089611][ T8251] debugfs: 'hsr0' already exists in 'hsr'
[  506.089631][ T8251] Cannot create hsr debugfs directory
[  507.112308][ T6034] usb 5-1: new high-speed USB device number 42 using dummy_hcd
[  507.270313][ T6034] usb 5-1: Using ep0 maxpacket: 32
[  507.274802][ T6034] usb 5-1: config 0 has an invalid interface number: 184 but max is 0
[  507.274828][ T6034] usb 5-1: config 0 has no interface number 0
[  507.274881][ T6034] usb 5-1: config 0 interface 184 has no altsetting 0
[  507.278536][ T6034] usb 5-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  507.278563][ T6034] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  507.278583][ T6034] usb 5-1: Product: syz
[  507.278597][ T6034] usb 5-1: Manufacturer: syz
[  507.278611][ T6034] usb 5-1: SerialNumber: syz
[  507.285533][ T6034] usb 5-1: config 0 descriptor??
[  507.292497][ T6034] smsc75xx v1.0.0
[  507.538460][ T8340] random: crng reseeded on system resumption
[  507.842225][ T6034] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -61
[  507.842263][ T6034] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -61
[  507.842282][ T6034] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_bind
[  507.842578][ T6034] smsc75xx 5-1:0.184: probe with driver smsc75xx failed with error -61
[  508.063080][ T5930] usb 5-1: USB disconnect, device number 42
[  509.418243][ T1458] bridge_slave_1: left allmulticast mode
[  509.418278][ T1458] bridge_slave_1: left promiscuous mode
[  509.418559][ T1458] bridge0: port 2(bridge_slave_1) entered disabled state
[  509.486365][ T1458] bridge_slave_0: left allmulticast mode
[  509.486399][ T1458] bridge_slave_0: left promiscuous mode
[  509.489280][ T1458] bridge0: port 1(bridge_slave_0) entered disabled state
[  509.545250][ T1458] bridge_slave_1: left allmulticast mode
[  509.545285][ T1458] bridge_slave_1: left promiscuous mode
[  509.545633][ T1458] bridge0: port 2(bridge_slave_1) entered disabled state
[  509.742435][ T8346] fuse: Bad value for 'fd'
[  509.756307][ T1458] bridge_slave_0: left allmulticast mode
[  509.756337][ T1458] bridge_slave_0: left promiscuous mode
[  509.756592][ T1458] bridge0: port 1(bridge_slave_0) entered disabled state
[  509.844706][ T1458] bridge_slave_1: left allmulticast mode
[  509.844738][ T1458] bridge_slave_1: left promiscuous mode
[  509.844987][ T1458] bridge0: port 2(bridge_slave_1) entered disabled state
[  509.931993][ T1458] bridge_slave_0: left allmulticast mode
[  509.932027][ T1458] bridge_slave_0: left promiscuous mode
[  509.932309][ T1458] bridge0: port 1(bridge_slave_0) entered disabled state
[  509.984630][ T8351] netlink: 'syz.4.588': attribute type 8 has an invalid length.
[  510.024896][ T1458] bridge_slave_1: left allmulticast mode
[  510.024929][ T1458] bridge_slave_1: left promiscuous mode
[  510.025177][ T1458] bridge0: port 2(bridge_slave_1) entered disabled state
[  510.081936][ T1458] bridge_slave_0: left allmulticast mode
[  510.081966][ T1458] bridge_slave_0: left promiscuous mode
[  510.082217][ T1458] bridge0: port 1(bridge_slave_0) entered disabled state
[  510.220244][ T6034] usb 5-1: new high-speed USB device number 43 using dummy_hcd
[  510.373992][ T6034] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  510.374024][ T6034] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  510.375589][ T6034] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  510.375615][ T6034] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=67
[  510.375635][ T6034] usb 5-1: SerialNumber: syz
[  510.723484][ T1458] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  510.822607][ T1458] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  510.873521][ T1458] bond0 (unregistering): Released all slaves
[  511.273676][ T1458] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  511.361554][ T1458] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  511.470483][ T1458] bond0 (unregistering): Released all slaves
[  512.692304][ T1458] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  512.800721][ T1458] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  512.894184][ T1458] bond0 (unregistering): Released all slaves
[  515.161658][ T1458] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  515.281875][ T1458] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  515.349286][ T1458] bond0 (unregistering): Released all slaves
[  515.425214][ T8351] warning: `syz.4.588' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  515.524868][ T6034] usb 5-1: cannot find UAC_HEADER
[  515.574807][ T6034] snd-usb-audio 5-1:1.0: probe with driver snd-usb-audio failed with error -22
[  515.577595][ T6034] usb 5-1: USB disconnect, device number 43
[  516.857601][ T8362] capability: warning: `syz.4.590' uses 32-bit capabilities (legacy support in use)
[  516.967419][ T8364] netlink: 16 bytes leftover after parsing attributes in process `syz.4.591'.
[  517.430237][ T1458] hsr_slave_0: left promiscuous mode
[  517.471461][ T1458] hsr_slave_1: left promiscuous mode
[  517.472397][ T1458] batman_adv: batadv0: Removing interface: batadv_slave_0
[  517.521293][ T1458] batman_adv: batadv0: Removing interface: batadv_slave_1
[  517.680243][ T1458] hsr_slave_0: left promiscuous mode
[  517.702379][ T1458] hsr_slave_1: left promiscuous mode
[  517.703399][ T1458] batman_adv: batadv0: Removing interface: batadv_slave_0
[  517.741309][ T1458] batman_adv: batadv0: Removing interface: batadv_slave_1
[  517.890208][ T1458] hsr_slave_0: left promiscuous mode
[  517.910278][ T1458] hsr_slave_1: left promiscuous mode
[  517.911355][ T1458] batman_adv: batadv0: Removing interface: batadv_slave_0
[  517.963006][ T1458] batman_adv: batadv0: Removing interface: batadv_slave_1
[  518.170372][ T1458] hsr_slave_0: left promiscuous mode
[  518.210336][ T1458] hsr_slave_1: left promiscuous mode
[  518.211360][ T1458] batman_adv: batadv0: Removing interface: batadv_slave_0
[  518.233919][ T1458] batman_adv: batadv0: Removing interface: batadv_slave_1
[  518.914112][ T8375] fuse: Invalid rootmode
[  519.172323][ T5843] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  519.250673][ T5843] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  519.256558][ T5843] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  519.320964][ T5843] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  519.321867][ T5843] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  520.471093][ T1458] team0 (unregistering): Port device team_slave_1 removed
[  521.400551][ T5157] Bluetooth: hci4: command tx timeout
[  521.451621][ T1458] team0 (unregistering): Port device team_slave_0 removed
[  523.601893][ T5157] Bluetooth: hci4: command tx timeout
[  525.641444][ T5157] Bluetooth: hci4: command tx timeout
[  528.154759][ T5157] Bluetooth: hci4: command tx timeout
[  529.465302][ T5843] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  529.481737][ T5843] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  529.483096][ T5843] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  529.486449][ T5843] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  529.487295][ T5843] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  529.690931][ T1458] team0 (unregistering): Port device team_slave_1 removed
[  530.672046][ T1458] team0 (unregistering): Port device team_slave_0 removed
[  531.170266][   T31] usb 5-1: new full-speed USB device number 44 using dummy_hcd
[  531.336221][   T31] usb 5-1: not running at top speed; connect to a high speed hub
[  531.337848][   T31] usb 5-1: config 0 has no interfaces?
[  531.341615][   T31] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  531.341644][   T31] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  531.341662][   T31] usb 5-1: Product: syz
[  531.341675][   T31] usb 5-1: Manufacturer: syz
[  531.341689][   T31] usb 5-1: SerialNumber: syz
[  531.347075][   T31] usb 5-1: config 0 descriptor??
[  531.560313][ T5843] Bluetooth: hci5: command tx timeout
[  532.191007][ T1458] team0 (unregistering): Port device team_slave_1 removed
[  532.322398][ T1458] team0 (unregistering): Port device team_slave_0 removed
[  533.651744][ T5843] Bluetooth: hci5: command tx timeout
[  533.743967][ T1458] team0 (unregistering): Port device team_slave_1 removed
[  533.901100][ T1458] team0 (unregistering): Port device team_slave_0 removed
[  534.184600][ T5157] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  534.187159][ T5157] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  534.188268][ T5157] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  534.191332][ T5157] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  534.238889][ T5157] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  534.879948][ T8429] tipc: Cannot configure node identity twice
[  534.981898][ T1230] usb 5-1: USB disconnect, device number 44
[  535.231214][ T8436] FAULT_INJECTION: forcing a failure.
[  535.231214][ T8436] name failslab, interval 1, probability 0, space 0, times 0
[  535.231256][ T8436] CPU: 0 UID: 0 PID: 8436 Comm: syz.4.608 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  535.231277][ T8436] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  535.231288][ T8436] Call Trace:
[  535.231296][ T8436]  <TASK>
[  535.231304][ T8436]  dump_stack_lvl+0x189/0x250
[  535.231333][ T8436]  ? __pfx____ratelimit+0x10/0x10
[  535.231359][ T8436]  ? __pfx_dump_stack_lvl+0x10/0x10
[  535.231382][ T8436]  ? __pfx__printk+0x10/0x10
[  535.231407][ T8436]  ? __pfx___might_resched+0x10/0x10
[  535.231431][ T8436]  should_fail_ex+0x46c/0x600
[  535.231461][ T8436]  should_failslab+0xa8/0x100
[  535.231486][ T8436]  __kmalloc_noprof+0xcb/0x430
[  535.231507][ T8436]  ? tomoyo_encode+0x28b/0x550
[  535.231535][ T8436]  tomoyo_encode+0x28b/0x550
[  535.231563][ T8436]  tomoyo_mount_permission+0x44d/0x970
[  535.231598][ T8436]  ? tomoyo_mount_permission+0x27a/0x970
[  535.231621][ T8436]  ? __pfx_tomoyo_mount_permission+0x10/0x10
[  535.231702][ T8436]  security_sb_mount+0xec/0x350
[  535.231732][ T8436]  path_mount+0xbc/0xfe0
[  535.231752][ T8436]  ? user_path_at+0x44/0x60
[  535.231769][ T8436]  ? kmem_cache_free+0x195/0x510
[  535.231801][ T8436]  __se_sys_mount+0x317/0x410
[  535.231830][ T8436]  ? __pfx___se_sys_mount+0x10/0x10
[  535.231859][ T8436]  ? do_syscall_64+0xbe/0x3b0
[  535.231875][ T8436]  ? __x64_sys_mount+0x20/0xc0
[  535.231899][ T8436]  do_syscall_64+0xfa/0x3b0
[  535.231915][ T8436]  ? lockdep_hardirqs_on+0x9c/0x150
[  535.231938][ T8436]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  535.231956][ T8436]  ? clear_bhb_loop+0x60/0xb0
[  535.231976][ T8436]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  535.231993][ T8436] RIP: 0033:0x7fbf92cceec9
[  535.232010][ T8436] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  535.232024][ T8436] RSP: 002b:00007fbf90f0d038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  535.232043][ T8436] RAX: ffffffffffffffda RBX: 00007fbf92f26090 RCX: 00007fbf92cceec9
[  535.232057][ T8436] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000000
[  535.232068][ T8436] RBP: 00007fbf90f0d090 R08: 0000000000000000 R09: 0000000000000000
[  535.232078][ T8436] R10: 0000000000810060 R11: 0000000000000246 R12: 0000000000000001
[  535.232087][ T8436] R13: 00007fbf92f26128 R14: 00007fbf92f26090 R15: 00007ffdff1cde08
[  535.232114][ T8436]  </TASK>
[  535.597729][ T8438] FAULT_INJECTION: forcing a failure.
[  535.597729][ T8438] name failslab, interval 1, probability 0, space 0, times 0
[  535.597762][ T8438] CPU: 1 UID: 0 PID: 8438 Comm: syz.4.609 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  535.597783][ T8438] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  535.597794][ T8438] Call Trace:
[  535.597801][ T8438]  <TASK>
[  535.597809][ T8438]  dump_stack_lvl+0x189/0x250
[  535.597837][ T8438]  ? __pfx____ratelimit+0x10/0x10
[  535.597862][ T8438]  ? __pfx_dump_stack_lvl+0x10/0x10
[  535.597885][ T8438]  ? __pfx__printk+0x10/0x10
[  535.597910][ T8438]  ? __pfx___might_resched+0x10/0x10
[  535.597934][ T8438]  should_fail_ex+0x46c/0x600
[  535.597970][ T8438]  should_failslab+0xa8/0x100
[  535.597995][ T8438]  __kmalloc_noprof+0xcb/0x430
[  535.598016][ T8438]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[  535.598041][ T8438]  genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[  535.598069][ T8438]  genl_family_rcv_msg_doit+0xb8/0x300
[  535.598095][ T8438]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  535.598116][ T8438]  ? rcu_is_watching+0x15/0xb0
[  535.598141][ T8438]  ? cap_capable+0x11f/0x460
[  535.598162][ T8438]  ? safesetid_security_capable+0xa9/0x1a0
[  535.598185][ T8438]  ? bpf_lsm_capable+0x9/0x20
[  535.598205][ T8438]  ? security_capable+0x7e/0x2e0
[  535.598234][ T8438]  genl_rcv_msg+0x60e/0x790
[  535.598259][ T8438]  ? __pfx_genl_rcv_msg+0x10/0x10
[  535.598275][ T8438]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  535.598293][ T8438]  ? __pfx_nl80211_del_pmksa+0x10/0x10
[  535.598314][ T8438]  ? __pfx_nl80211_post_doit+0x10/0x10
[  535.598337][ T8438]  ? __lock_acquire+0xab9/0xd20
[  535.598364][ T8438]  netlink_rcv_skb+0x208/0x470
[  535.598388][ T8438]  ? __pfx_genl_rcv_msg+0x10/0x10
[  535.598408][ T8438]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  535.598446][ T8438]  ? netlink_deliver_tap+0x2e/0x1b0
[  535.598467][ T8438]  ? netlink_deliver_tap+0x2e/0x1b0
[  535.598494][ T8438]  genl_rcv+0x28/0x40
[  535.598510][ T8438]  netlink_unicast+0x846/0xa10
[  535.598538][ T8438]  ? __pfx_netlink_unicast+0x10/0x10
[  535.598559][ T8438]  ? netlink_sendmsg+0x642/0xb30
[  535.598579][ T8438]  ? skb_put+0x11b/0x210
[  535.598606][ T8438]  netlink_sendmsg+0x805/0xb30
[  535.598638][ T8438]  ? __pfx_netlink_sendmsg+0x10/0x10
[  535.598669][ T8438]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  535.598687][ T8438]  ? __pfx_netlink_sendmsg+0x10/0x10
[  535.598710][ T8438]  __sock_sendmsg+0x219/0x270
[  535.598735][ T8438]  ____sys_sendmsg+0x508/0x820
[  535.598758][ T8438]  ? __pfx_____sys_sendmsg+0x10/0x10
[  535.598787][ T8438]  ? import_iovec+0x74/0xa0
[  535.598811][ T8438]  ___sys_sendmsg+0x21f/0x2a0
[  535.598832][ T8438]  ? __pfx____sys_sendmsg+0x10/0x10
[  535.598889][ T8438]  ? __fget_files+0x2a/0x420
[  535.598910][ T8438]  ? __fget_files+0x3a6/0x420
[  535.598944][ T8438]  __x64_sys_sendmsg+0x1a1/0x260
[  535.598969][ T8438]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  535.598998][ T8438]  ? __pfx_ksys_write+0x10/0x10
[  535.599016][ T8438]  ? rcu_is_watching+0x15/0xb0
[  535.599045][ T8438]  ? do_syscall_64+0xbe/0x3b0
[  535.599066][ T8438]  do_syscall_64+0xfa/0x3b0
[  535.599082][ T8438]  ? lockdep_hardirqs_on+0x9c/0x150
[  535.599104][ T8438]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  535.599122][ T8438]  ? clear_bhb_loop+0x60/0xb0
[  535.599143][ T8438]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  535.599161][ T8438] RIP: 0033:0x7fbf92cceec9
[  535.599177][ T8438] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  535.599192][ T8438] RSP: 002b:00007fbf90f2e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  535.599211][ T8438] RAX: ffffffffffffffda RBX: 00007fbf92f25fa0 RCX: 00007fbf92cceec9
[  535.599224][ T8438] RDX: 0000000022044800 RSI: 0000200000000400 RDI: 0000000000000003
[  535.599236][ T8438] RBP: 00007fbf90f2e090 R08: 0000000000000000 R09: 0000000000000000
[  535.599248][ T8438] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  535.599258][ T8438] R13: 00007fbf92f26038 R14: 00007fbf92f25fa0 R15: 00007ffdff1cde08
[  535.599289][ T8438]  </TASK>
[  535.720447][ T5843] Bluetooth: hci5: command tx timeout
[  536.280320][ T5843] Bluetooth: hci7: command tx timeout
[  536.558690][ T8446] ceph: No mds server is up or the cluster is laggy
[  537.555836][ T8422] chnl_net:caif_netlink_parms(): no params data found
[  537.712222][ T8378] chnl_net:caif_netlink_parms(): no params data found
[  537.804958][ T5843] Bluetooth: hci5: command tx timeout
[  538.365893][ T5843] Bluetooth: hci7: command tx timeout
[  539.181950][ T8432] chnl_net:caif_netlink_parms(): no params data found
[  540.476779][ T5843] Bluetooth: hci7: command tx timeout
[  542.521101][ T5843] Bluetooth: hci7: command tx timeout
[  542.797540][ T8490] netlink: 12 bytes leftover after parsing attributes in process `syz.4.619'.
[  543.704132][ T8422] bridge0: port 1(bridge_slave_0) entered blocking state
[  543.704672][ T8422] bridge0: port 1(bridge_slave_0) entered disabled state
[  543.704937][ T8422] bridge_slave_0: entered allmulticast mode
[  543.707769][ T8422] bridge_slave_0: entered promiscuous mode
[  544.023155][ T8422] bridge0: port 2(bridge_slave_1) entered blocking state
[  544.023316][ T8422] bridge0: port 2(bridge_slave_1) entered disabled state
[  544.023558][ T8422] bridge_slave_1: entered allmulticast mode
[  544.026494][ T8422] bridge_slave_1: entered promiscuous mode
[  544.033563][ T8378] bridge0: port 1(bridge_slave_0) entered blocking state
[  544.033697][ T8378] bridge0: port 1(bridge_slave_0) entered disabled state
[  544.033948][ T8378] bridge_slave_0: entered allmulticast mode
[  544.036687][ T8378] bridge_slave_0: entered promiscuous mode
[  544.242183][ T8378] bridge0: port 2(bridge_slave_1) entered blocking state
[  544.242324][ T8378] bridge0: port 2(bridge_slave_1) entered disabled state
[  544.242586][ T8378] bridge_slave_1: entered allmulticast mode
[  544.245289][ T8378] bridge_slave_1: entered promiscuous mode
[  544.620410][ T8422] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  544.916719][ T5157] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  544.930433][ T5157] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  544.940244][ T5157] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  544.988346][ T8422] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  544.988622][ T8432] bridge0: port 1(bridge_slave_0) entered blocking state
[  544.988803][ T8432] bridge0: port 1(bridge_slave_0) entered disabled state
[  544.988984][ T8432] bridge_slave_0: entered allmulticast mode
[  544.990655][ T5157] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  544.996999][ T8432] bridge_slave_0: entered promiscuous mode
[  545.010320][ T5157] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  545.107745][ T8378] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  545.241346][ T8432] bridge0: port 2(bridge_slave_1) entered blocking state
[  545.241501][ T8432] bridge0: port 2(bridge_slave_1) entered disabled state
[  545.241754][ T8432] bridge_slave_1: entered allmulticast mode
[  545.245090][ T8432] bridge_slave_1: entered promiscuous mode
[  545.284122][ T8378] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  545.631487][ T8422] team0: Port device team_slave_0 added
[  546.054236][ T8422] team0: Port device team_slave_1 added
[  547.080307][ T5843] Bluetooth: hci0: command tx timeout
[  547.218801][    C1] vkms_vblank_simulate: vblank timer overrun
[  547.385893][ T8509] Bluetooth: MGMT ver 1.23
[  547.397413][    C1] vkms_vblank_simulate: vblank timer overrun
[  547.956841][    C1] vkms_vblank_simulate: vblank timer overrun
[  548.124256][ T8432] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  548.264162][    C1] vkms_vblank_simulate: vblank timer overrun
[  548.366493][ T8378] team0: Port device team_slave_0 added
[  548.494344][ T8432] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  548.496176][ T8378] team0: Port device team_slave_1 added
[  548.762290][ T8422] batman_adv: batadv0: Adding interface: batadv_slave_0
[  548.762311][ T8422] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  548.762336][ T8422] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  548.870238][ T5910] usb 5-1: new high-speed USB device number 45 using dummy_hcd
[  548.929914][ T8422] batman_adv: batadv0: Adding interface: batadv_slave_1
[  548.929930][ T8422] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  548.929953][ T8422] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  549.020230][ T5910] usb 5-1: Using ep0 maxpacket: 8
[  549.025738][ T5910] usb 5-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2e.04
[  549.025767][ T5910] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  549.025787][ T5910] usb 5-1: Product: syz
[  549.025800][ T5910] usb 5-1: Manufacturer: syz
[  549.025814][ T5910] usb 5-1: SerialNumber: syz
[  549.029821][ T5910] usb 5-1: config 0 descriptor??
[  549.161197][ T5843] Bluetooth: hci0: command tx timeout
[  549.162589][ T8432] team0: Port device team_slave_0 added
[  549.196908][ T8378] batman_adv: batadv0: Adding interface: batadv_slave_0
[  549.196925][ T8378] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  549.196957][ T8378] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  549.278165][ T5910] usb 5-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  549.278832][ T8432] team0: Port device team_slave_1 added
[  549.320318][ T8378] batman_adv: batadv0: Adding interface: batadv_slave_1
[  549.320336][ T8378] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  549.320361][ T8378] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  550.014986][    C1] vkms_vblank_simulate: vblank timer overrun
[  550.023878][ T8432] batman_adv: batadv0: Adding interface: batadv_slave_0
[  550.023895][ T8432] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  550.023928][ T8432] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  550.135247][    C1] vkms_vblank_simulate: vblank timer overrun
[  551.120622][    C1] vkms_vblank_simulate: vblank timer overrun
[  551.141233][ T5910] dvb_usb_rtl28xxu 5-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32
[  551.186338][ T8432] batman_adv: batadv0: Adding interface: batadv_slave_1
[  551.186357][ T8432] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  551.186382][ T8432] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  551.216398][ T8422] hsr_slave_0: entered promiscuous mode
[  551.217718][ T8422] hsr_slave_1: entered promiscuous mode
[  551.218577][ T8422] debugfs: 'hsr0' already exists in 'hsr'
[  551.218601][ T8422] Cannot create hsr debugfs directory
[  551.240128][ T5843] Bluetooth: hci0: command tx timeout
[  551.666771][ T8378] hsr_slave_0: entered promiscuous mode
[  551.668198][ T8378] hsr_slave_1: entered promiscuous mode
[  551.669318][ T8378] debugfs: 'hsr0' already exists in 'hsr'
[  551.669342][ T8378] Cannot create hsr debugfs directory
[  552.255855][ T5930] usb 5-1: USB disconnect, device number 45
[  552.662129][ T8432] hsr_slave_0: entered promiscuous mode
[  552.663608][ T8432] hsr_slave_1: entered promiscuous mode
[  552.664507][ T8432] debugfs: 'hsr0' already exists in 'hsr'
[  552.664530][ T8432] Cannot create hsr debugfs directory
[  553.320525][ T5843] Bluetooth: hci0: command tx timeout
[  553.910193][ T5930] usb 5-1: new high-speed USB device number 46 using dummy_hcd
[  554.076678][ T5930] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  554.076705][ T5930] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[  554.076725][ T5930] usb 5-1: config 1 has no interface number 0
[  554.076775][ T5930] usb 5-1: config 1 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  554.110914][ T5930] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  554.110945][ T5930] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  554.110965][ T5930] usb 5-1: Product: syz
[  554.110979][ T5930] usb 5-1: Manufacturer: syz
[  554.110993][ T5930] usb 5-1: SerialNumber: syz
[  554.172591][ T5930] usb 5-1: selecting invalid altsetting 1
[  554.792467][ T8527] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  554.795632][ T8527] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  554.895750][ T5930] cdc_ncm 5-1:1.1: SET_NTB_FORMAT failed
[  554.908692][ T5930] usb 5-1: selecting invalid altsetting 1
[  554.908748][ T5930] cdc_ncm 5-1:1.1: bind() failure
[  554.928012][ T5930] usb 5-1: USB disconnect, device number 46
[  555.354951][ T8498] chnl_net:caif_netlink_parms(): no params data found
[  557.201181][ T8540] netlink: 'syz.4.631': attribute type 4 has an invalid length.
[  557.550534][ T8542] netlink: 256 bytes leftover after parsing attributes in process `syz.4.631'.
[  559.930908][ T8498] bridge0: port 1(bridge_slave_0) entered blocking state
[  559.931071][ T8498] bridge0: port 1(bridge_slave_0) entered disabled state
[  559.931318][ T8498] bridge_slave_0: entered allmulticast mode
[  559.934221][ T8498] bridge_slave_0: entered promiscuous mode
[  559.984609][ T8498] bridge0: port 2(bridge_slave_1) entered blocking state
[  559.984820][ T8498] bridge0: port 2(bridge_slave_1) entered disabled state
[  559.985033][ T8498] bridge_slave_1: entered allmulticast mode
[  559.987875][ T8498] bridge_slave_1: entered promiscuous mode
[  560.010264][ T5910] usb 5-1: new high-speed USB device number 47 using dummy_hcd
[  560.165673][ T5910] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  560.165701][ T5910] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[  560.165721][ T5910] usb 5-1: config 1 has no interface number 0
[  560.165767][ T5910] usb 5-1: config 1 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  560.168794][ T5910] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  560.168823][ T5910] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  560.168842][ T5910] usb 5-1: Product: syz
[  560.168856][ T5910] usb 5-1: Manufacturer: syz
[  560.168870][ T5910] usb 5-1: SerialNumber: syz
[  560.184455][ T5910] usb 5-1: selecting invalid altsetting 1
[  560.279404][ T8498] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  560.306038][ T8498] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  560.686560][ T8498] team0: Port device team_slave_0 added
[  560.775343][ T8498] team0: Port device team_slave_1 added
[  560.813023][ T8555] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  560.813729][ T8555] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  560.916442][ T5910] cdc_ncm 5-1:1.1: SET_NTB_FORMAT failed
[  560.927858][ T5910] usb 5-1: selecting invalid altsetting 1
[  560.927917][ T5910] cdc_ncm 5-1:1.1: bind() failure
[  560.935638][ T5910] usb 5-1: USB disconnect, device number 47
[  561.186906][ T8498] batman_adv: batadv0: Adding interface: batadv_slave_0
[  561.186923][ T8498] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  561.186949][ T8498] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  561.189559][ T8498] batman_adv: batadv0: Adding interface: batadv_slave_1
[  561.189573][ T8498] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  561.189598][ T8498] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  561.689126][ T8560] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[  562.625356][ T8498] hsr_slave_0: entered promiscuous mode
[  562.626766][ T8498] hsr_slave_1: entered promiscuous mode
[  562.627723][ T8498] debugfs: 'hsr0' already exists in 'hsr'
[  562.627746][ T8498] Cannot create hsr debugfs directory
[  562.860961][ T8566] netlink: 'syz.4.638': attribute type 32 has an invalid length.
[  562.975283][ T8568] FAULT_INJECTION: forcing a failure.
[  562.975283][ T8568] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  562.975317][ T8568] CPU: 1 UID: 0 PID: 8568 Comm: syz.4.639 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  562.975338][ T8568] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  562.975350][ T8568] Call Trace:
[  562.975357][ T8568]  <TASK>
[  562.975365][ T8568]  dump_stack_lvl+0x189/0x250
[  562.975394][ T8568]  ? __pfx____ratelimit+0x10/0x10
[  562.975419][ T8568]  ? __pfx_dump_stack_lvl+0x10/0x10
[  562.975441][ T8568]  ? __pfx__printk+0x10/0x10
[  562.975460][ T8568]  ? __might_fault+0xb0/0x130
[  562.975494][ T8568]  should_fail_ex+0x46c/0x600
[  562.975524][ T8568]  _copy_from_user+0x2d/0xb0
[  562.975546][ T8568]  ___sys_sendmsg+0x158/0x2a0
[  562.975568][ T8568]  ? __pfx____sys_sendmsg+0x10/0x10
[  562.975623][ T8568]  ? __fget_files+0x2a/0x420
[  562.975644][ T8568]  ? __fget_files+0x3a6/0x420
[  562.975676][ T8568]  __x64_sys_sendmsg+0x1a1/0x260
[  562.975697][ T8568]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  562.975725][ T8568]  ? __pfx_ksys_write+0x10/0x10
[  562.975744][ T8568]  ? rcu_is_watching+0x15/0xb0
[  562.975773][ T8568]  ? do_syscall_64+0xbe/0x3b0
[  562.975795][ T8568]  do_syscall_64+0xfa/0x3b0
[  562.975810][ T8568]  ? lockdep_hardirqs_on+0x9c/0x150
[  562.975833][ T8568]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  562.975851][ T8568]  ? clear_bhb_loop+0x60/0xb0
[  562.975872][ T8568]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  562.975889][ T8568] RIP: 0033:0x7fbf92cceec9
[  562.975904][ T8568] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  562.975919][ T8568] RSP: 002b:00007fbf90f2e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  562.975938][ T8568] RAX: ffffffffffffffda RBX: 00007fbf92f25fa0 RCX: 00007fbf92cceec9
[  562.975952][ T8568] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000000003
[  562.975963][ T8568] RBP: 00007fbf90f2e090 R08: 0000000000000000 R09: 0000000000000000
[  562.975974][ T8568] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  562.975985][ T8568] R13: 00007fbf92f26038 R14: 00007fbf92f25fa0 R15: 00007ffdff1cde08
[  562.976015][ T8568]  </TASK>
[  563.006907][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[  563.006990][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[  564.273348][   T37] audit: type=1400 audit(1758916564.993:727): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="*" object="_" requested=w pid=8573 comm="syz.4.641" src=1 dest=20000 netif=wpan0
[  564.321362][ T8573] delete_channel: no stack
[  564.987007][ T1458] bridge_slave_1: left allmulticast mode
[  564.987036][ T1458] bridge_slave_1: left promiscuous mode
[  564.988557][ T1458] bridge0: port 2(bridge_slave_1) entered disabled state
[  565.054610][ T1458] bridge_slave_0: left allmulticast mode
[  565.054643][ T1458] bridge_slave_0: left promiscuous mode
[  565.055726][ T1458] bridge0: port 1(bridge_slave_0) entered disabled state
[  565.126654][ T1458] bridge_slave_1: left allmulticast mode
[  565.126687][ T1458] bridge_slave_1: left promiscuous mode
[  565.127050][ T1458] bridge0: port 2(bridge_slave_1) entered disabled state
[  565.191983][ T1458] bridge_slave_0: left allmulticast mode
[  565.192016][ T1458] bridge_slave_0: left promiscuous mode
[  565.192280][ T1458] bridge0: port 1(bridge_slave_0) entered disabled state
[  565.321060][ T1458] bridge_slave_1: left allmulticast mode
[  565.321095][ T1458] bridge_slave_1: left promiscuous mode
[  565.321361][ T1458] bridge0: port 2(bridge_slave_1) entered disabled state
[  565.398388][ T1458] bridge_slave_0: left allmulticast mode
[  565.398421][ T1458] bridge_slave_0: left promiscuous mode
[  565.398701][ T1458] bridge0: port 1(bridge_slave_0) entered disabled state
[  565.765912][    C0] vkms_vblank_simulate: vblank timer overrun
[  566.262203][    C0] vkms_vblank_simulate: vblank timer overrun
[  566.288289][ T1458] bridge_slave_1: left allmulticast mode
[  566.288323][ T1458] bridge_slave_1: left promiscuous mode
[  566.288620][ T1458] bridge0: port 2(bridge_slave_1) entered disabled state
[  566.495618][    C0] vkms_vblank_simulate: vblank timer overrun
[  566.551802][ T1458] bridge_slave_0: left allmulticast mode
[  566.551836][ T1458] bridge_slave_0: left promiscuous mode
[  566.552177][ T1458] bridge0: port 1(bridge_slave_0) entered disabled state
[  566.833242][ T5930] usb 5-1: new full-speed USB device number 48 using dummy_hcd
[  566.950984][ T1458] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  566.990885][ T5930] usb 5-1: unable to get BOS descriptor or descriptor too short
[  566.992420][ T5930] usb 5-1: not running at top speed; connect to a high speed hub
[  566.994036][ T5930] usb 5-1: config 1 has an invalid interface descriptor of length 5, skipping
[  566.994059][ T5930] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  566.994077][ T5930] usb 5-1: config 1 has 3 interfaces, different from the descriptor's value: 19
[  566.994170][ T5930] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 59, changing to 4
[  566.994214][ T5930] usb 5-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 4
[  566.997524][ T5930] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  566.997551][ T5930] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  566.997571][ T5930] usb 5-1: Product: syz
[  566.997585][ T5930] usb 5-1: Manufacturer: syz
[  566.997598][ T5930] usb 5-1: SerialNumber: syz
[  567.122020][ T1458] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  567.222521][ T1458] bond0 (unregistering): Released all slaves
[  567.570992][ T1458] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  567.693389][ T1458] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  567.741166][ T1458] bond0 (unregistering): Released all slaves
[  568.168123][ T1458] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  568.241439][ T1458] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  568.320390][ T1458] bond0 (unregistering): Released all slaves
[  568.703368][ T1458] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  568.800822][ T1458] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  568.853648][ T1458] bond0 (unregistering): Released all slaves
[  569.534833][ T8586] overlayfs: statfs failed on './file0'
[  569.636125][ T5930] usb 5-1: 2:1 : UAC_AS_GENERAL descriptor not found
[  569.703510][ T5930] usb 5-1: USB disconnect, device number 48
[  569.780377][ T1458] hsr_slave_0: left promiscuous mode
[  569.820443][ T1458] hsr_slave_1: left promiscuous mode
[  569.821438][ T1458] batman_adv: batadv0: Removing interface: batadv_slave_0
[  569.872984][ T1458] batman_adv: batadv0: Removing interface: batadv_slave_1
[  571.166909][ T1458] hsr_slave_0: left promiscuous mode
[  571.384468][ T1458] hsr_slave_1: left promiscuous mode
[  571.414483][ T1458] batman_adv: batadv0: Removing interface: batadv_slave_0
[  571.451329][ T1458] batman_adv: batadv0: Removing interface: batadv_slave_1
[  573.383376][ T1458] hsr_slave_0: left promiscuous mode
[  573.440507][ T1458] hsr_slave_1: left promiscuous mode
[  573.441463][ T1458] batman_adv: batadv0: Removing interface: batadv_slave_0
[  573.496503][ T1458] batman_adv: batadv0: Removing interface: batadv_slave_1
[  573.690204][ T1458] hsr_slave_0: left promiscuous mode
[  573.713069][ T1458] hsr_slave_1: left promiscuous mode
[  573.713994][ T1458] batman_adv: batadv0: Removing interface: batadv_slave_0
[  573.770884][ T1458] batman_adv: batadv0: Removing interface: batadv_slave_1
[  574.051559][ T8610] FAULT_INJECTION: forcing a failure.
[  574.051559][ T8610] name failslab, interval 1, probability 0, space 0, times 0
[  574.051596][ T8610] CPU: 1 UID: 0 PID: 8610 Comm: syz.4.651 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  574.051646][ T8610] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  574.051671][ T8610] Call Trace:
[  574.051687][ T8610]  <TASK>
[  574.051705][ T8610]  dump_stack_lvl+0x189/0x250
[  574.051743][ T8610]  ? __pfx____ratelimit+0x10/0x10
[  574.051767][ T8610]  ? __pfx_dump_stack_lvl+0x10/0x10
[  574.051788][ T8610]  ? __pfx__printk+0x10/0x10
[  574.051813][ T8610]  ? __pfx___might_resched+0x10/0x10
[  574.051832][ T8610]  ? fs_reclaim_acquire+0x7d/0x100
[  574.051854][ T8610]  should_fail_ex+0x46c/0x600
[  574.051881][ T8610]  ? __alloc_skb+0x112/0x2d0
[  574.051903][ T8610]  should_failslab+0xa8/0x100
[  574.051926][ T8610]  ? __alloc_skb+0x112/0x2d0
[  574.051946][ T8610]  kmem_cache_alloc_node_noprof+0x77/0x330
[  574.051975][ T8610]  __alloc_skb+0x112/0x2d0
[  574.052001][ T8610]  netlink_ack+0x146/0xa50
[  574.052021][ T8610]  ? __pfx_migrate_enable+0x10/0x10
[  574.052058][ T8610]  netlink_rcv_skb+0x28c/0x470
[  574.052080][ T8610]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  574.052103][ T8610]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  574.052143][ T8610]  ? bpf_lsm_capable+0x9/0x20
[  574.052162][ T8610]  ? security_capable+0x7e/0x2e0
[  574.052193][ T8610]  nfnetlink_rcv+0x26a/0x2530
[  574.052217][ T8610]  ? __dev_queue_xmit+0x1d3d/0x3b70
[  574.052245][ T8610]  ? __dev_queue_xmit+0x26f/0x3b70
[  574.052277][ T8610]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  574.052297][ T8610]  ? __pfx___dev_queue_xmit+0x10/0x10
[  574.052330][ T8610]  ? ref_tracker_free+0x61e/0x7c0
[  574.052354][ T8610]  ? __asan_memcpy+0x40/0x70
[  574.052372][ T8610]  ? __pfx_ref_tracker_free+0x10/0x10
[  574.052392][ T8610]  ? __skb_clone+0x63/0x7a0
[  574.052414][ T8610]  ? __skb_clone+0x483/0x7a0
[  574.052438][ T8610]  ? skb_clone+0x246/0x3a0
[  574.052460][ T8610]  ? __netlink_deliver_tap+0x807/0x850
[  574.052481][ T8610]  ? netlink_deliver_tap+0x2e/0x1b0
[  574.052509][ T8610]  ? netlink_deliver_tap+0x2e/0x1b0
[  574.052539][ T8610]  netlink_unicast+0x846/0xa10
[  574.052568][ T8610]  ? __pfx_netlink_unicast+0x10/0x10
[  574.052592][ T8610]  ? netlink_sendmsg+0x642/0xb30
[  574.052611][ T8610]  ? skb_put+0x11b/0x210
[  574.052637][ T8610]  netlink_sendmsg+0x805/0xb30
[  574.052668][ T8610]  ? __pfx_netlink_sendmsg+0x10/0x10
[  574.052699][ T8610]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  574.052716][ T8610]  ? __pfx_netlink_sendmsg+0x10/0x10
[  574.052739][ T8610]  __sock_sendmsg+0x219/0x270
[  574.052764][ T8610]  ____sys_sendmsg+0x508/0x820
[  574.052788][ T8610]  ? __pfx_____sys_sendmsg+0x10/0x10
[  574.052815][ T8610]  ? import_iovec+0x74/0xa0
[  574.052839][ T8610]  ___sys_sendmsg+0x21f/0x2a0
[  574.052860][ T8610]  ? __pfx____sys_sendmsg+0x10/0x10
[  574.052913][ T8610]  ? __fget_files+0x2a/0x420
[  574.052934][ T8610]  ? __fget_files+0x3a6/0x420
[  574.052967][ T8610]  __x64_sys_sendmsg+0x1a1/0x260
[  574.052987][ T8610]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  574.053015][ T8610]  ? __pfx_ksys_write+0x10/0x10
[  574.053033][ T8610]  ? rcu_is_watching+0x15/0xb0
[  574.053062][ T8610]  ? do_syscall_64+0xbe/0x3b0
[  574.053083][ T8610]  do_syscall_64+0xfa/0x3b0
[  574.053099][ T8610]  ? lockdep_hardirqs_on+0x9c/0x150
[  574.053122][ T8610]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  574.053145][ T8610]  ? clear_bhb_loop+0x60/0xb0
[  574.053166][ T8610]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  574.053182][ T8610] RIP: 0033:0x7fbf92cceec9
[  574.053198][ T8610] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  574.053213][ T8610] RSP: 002b:00007fbf90f2e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  574.053233][ T8610] RAX: ffffffffffffffda RBX: 00007fbf92f25fa0 RCX: 00007fbf92cceec9
[  574.053246][ T8610] RDX: 0000000000000080 RSI: 00002000000002c0 RDI: 0000000000000007
[  574.053258][ T8610] RBP: 00007fbf90f2e090 R08: 0000000000000000 R09: 0000000000000000
[  574.053269][ T8610] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  574.053280][ T8610] R13: 00007fbf92f26038 R14: 00007fbf92f25fa0 R15: 00007ffdff1cde08
[  574.053310][ T8610]  </TASK>
[  574.760314][ T1230] usb 5-1: new high-speed USB device number 49 using dummy_hcd
[  574.930200][ T1230] usb 5-1: Using ep0 maxpacket: 32
[  574.938440][ T1230] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  574.938473][ T1230] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  574.938514][ T1230] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  574.938536][ T1230] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  574.944543][ T1230] usb 5-1: config 0 descriptor??
[  574.957364][ T1230] hub 5-1:0.0: USB hub found
[  575.100860][ T1458] team0 (unregistering): Port device team_slave_1 removed
[  575.265142][ T1458] team0 (unregistering): Port device team_slave_0 removed
[  575.371672][ T1230] hub 5-1:0.0: config failed, can't read hub descriptor (err -90)
[  577.171733][ T1458] team0 (unregistering): Port device team_slave_1 removed
[  577.354013][ T1458] team0 (unregistering): Port device team_slave_0 removed
[  577.661643][ T1230] usbhid 5-1:0.0: can't add hid device: -71
[  577.661773][ T1230] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  577.700910][ T1230] usb 5-1: USB disconnect, device number 49
[  578.792322][ T1458] team0 (unregistering): Port device team_slave_1 removed
[  578.940991][ T1458] team0 (unregistering): Port device team_slave_0 removed
[  580.291000][ T1458] team0 (unregistering): Port device team_slave_1 removed
[  580.469546][ T5157] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  580.487156][ T5157] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  580.488487][ T5157] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  580.505235][ T5157] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  580.506529][ T5157] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  580.507558][ T1458] team0 (unregistering): Port device team_slave_0 removed
[  582.284805][ T8422] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  582.466799][ T8422] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  582.600255][ T5843] Bluetooth: hci2: command tx timeout
[  583.583346][ T8422] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  583.807328][ T8422] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  584.148070][ T8623] chnl_net:caif_netlink_parms(): no params data found
[  584.730128][ T5843] Bluetooth: hci2: command tx timeout
[  584.812474][ T8649] FAULT_INJECTION: forcing a failure.
[  584.812474][ T8649] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  584.812507][ T8649] CPU: 0 UID: 0 PID: 8649 Comm: syz.4.657 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  584.812528][ T8649] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  584.812540][ T8649] Call Trace:
[  584.812547][ T8649]  <TASK>
[  584.812554][ T8649]  dump_stack_lvl+0x189/0x250
[  584.812583][ T8649]  ? __pfx____ratelimit+0x10/0x10
[  584.812607][ T8649]  ? __pfx_dump_stack_lvl+0x10/0x10
[  584.812638][ T8649]  ? __pfx__printk+0x10/0x10
[  584.812659][ T8649]  ? fs_reclaim_acquire+0x7d/0x100
[  584.812686][ T8649]  should_fail_ex+0x46c/0x600
[  584.812714][ T8649]  prepare_alloc_pages+0x213/0x670
[  584.812740][ T8649]  __alloc_frozen_pages_noprof+0x123/0x370
[  584.812763][ T8649]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  584.812800][ T8649]  alloc_pages_bulk_noprof+0x543/0x690
[  584.812821][ T8649]  ? alloc_pages_noprof+0xe4/0x1e0
[  584.812859][ T8649]  kasan_populate_vmalloc+0xd1/0x270
[  584.812881][ T8649]  alloc_vmap_area+0xd62/0x14a0
[  584.812911][ T8649]  ? __pfx_alloc_vmap_area+0x10/0x10
[  584.812931][ T8649]  ? __kasan_kmalloc+0x93/0xb0
[  584.812947][ T8649]  ? __kmalloc_cache_node_noprof+0x1bf/0x340
[  584.812966][ T8649]  ? __get_vm_area_node+0x172/0x350
[  584.812982][ T8649]  ? bpf_prog_alloc_no_stats+0x4a/0x510
[  584.813000][ T8649]  __get_vm_area_node+0x227/0x350
[  584.813023][ T8649]  __vmalloc_node_range_noprof+0x301/0x12f0
[  584.813042][ T8649]  ? bpf_prog_alloc_no_stats+0x4a/0x510
[  584.813066][ T8649]  ? __kmalloc_cache_noprof+0x1a8/0x320
[  584.813083][ T8649]  ? do_seccomp+0x736/0xce0
[  584.813102][ T8649]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  584.813133][ T8649]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  584.813166][ T8649]  ? bpf_prog_alloc_no_stats+0x4a/0x510
[  584.813184][ T8649]  __vmalloc_noprof+0xb1/0xf0
[  584.813204][ T8649]  ? bpf_prog_alloc_no_stats+0x4a/0x510
[  584.813222][ T8649]  bpf_prog_alloc_no_stats+0x4a/0x510
[  584.813241][ T8649]  bpf_prog_alloc+0x3c/0x1a0
[  584.813259][ T8649]  bpf_prog_create_from_user+0xa7/0x440
[  584.813277][ T8649]  ? __pfx_seccomp_check_filter+0x10/0x10
[  584.813293][ T8649]  do_seccomp+0x788/0xce0
[  584.813315][ T8649]  ? __pfx_do_seccomp+0x10/0x10
[  584.813334][ T8649]  ? ksys_write+0x230/0x260
[  584.813352][ T8649]  ? __pfx_ksys_write+0x10/0x10
[  584.813365][ T8649]  ? rcu_is_watching+0x15/0xb0
[  584.813389][ T8649]  ? do_syscall_64+0xbe/0x3b0
[  584.813406][ T8649]  do_syscall_64+0xfa/0x3b0
[  584.813418][ T8649]  ? lockdep_hardirqs_on+0x9c/0x150
[  584.813436][ T8649]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  584.813449][ T8649]  ? clear_bhb_loop+0x60/0xb0
[  584.813465][ T8649]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  584.813477][ T8649] RIP: 0033:0x7fbf92cceec9
[  584.813491][ T8649] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  584.813502][ T8649] RSP: 002b:00007fbf90f2e038 EFLAGS: 00000246 ORIG_RAX: 000000000000013d
[  584.813519][ T8649] RAX: ffffffffffffffda RBX: 00007fbf92f25fa0 RCX: 00007fbf92cceec9
[  584.813528][ T8649] RDX: 0000200000000000 RSI: 0000000000000008 RDI: 0000000000000001
[  584.813537][ T8649] RBP: 00007fbf90f2e090 R08: 0000000000000000 R09: 0000000000000000
[  584.813545][ T8649] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  584.813553][ T8649] R13: 00007fbf92f26038 R14: 00007fbf92f25fa0 R15: 00007ffdff1cde08
[  584.813576][ T8649]  </TASK>
[  584.813625][ T8649] syz.4.657: vmalloc error: size 4096, vm_struct allocation failed, mode:0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  584.813684][ T8649] CPU: 0 UID: 0 PID: 8649 Comm: syz.4.657 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  584.813700][ T8649] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  584.813708][ T8649] Call Trace:
[  584.813714][ T8649]  <TASK>
[  584.813719][ T8649]  dump_stack_lvl+0x189/0x250
[  584.813741][ T8649]  ? __pfx_dump_stack_lvl+0x10/0x10
[  584.813760][ T8649]  ? __pfx__printk+0x10/0x10
[  584.813776][ T8649]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  584.813792][ T8649]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  584.813807][ T8649]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[  584.813823][ T8649]  warn_alloc+0x22e/0x3b0
[  584.813841][ T8649]  ? lockdep_hardirqs_on+0x9c/0x150
[  584.813860][ T8649]  ? __pfx_warn_alloc+0x10/0x10
[  584.813870][ T8649]  ? __get_vm_area_node+0x240/0x350
[  584.813889][ T8649]  ? kfree+0x195/0x550
[  584.813902][ T8649]  ? __get_vm_area_node+0x172/0x350
[  584.813920][ T8649]  ? bpf_prog_alloc_no_stats+0x4a/0x510
[  584.813938][ T8649]  ? __get_vm_area_node+0x240/0x350
[  584.813967][ T8649]  __vmalloc_node_range_noprof+0x326/0x12f0
[  584.813992][ T8649]  ? __kmalloc_cache_noprof+0x1a8/0x320
[  584.814009][ T8649]  ? do_seccomp+0x736/0xce0
[  584.814026][ T8649]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  584.814054][ T8649]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  584.814083][ T8649]  ? bpf_prog_alloc_no_stats+0x4a/0x510
[  584.814099][ T8649]  __vmalloc_noprof+0xb1/0xf0
[  584.814117][ T8649]  ? bpf_prog_alloc_no_stats+0x4a/0x510
[  584.814136][ T8649]  bpf_prog_alloc_no_stats+0x4a/0x510
[  584.814157][ T8649]  bpf_prog_alloc+0x3c/0x1a0
[  584.814175][ T8649]  bpf_prog_create_from_user+0xa7/0x440
[  584.814193][ T8649]  ? __pfx_seccomp_check_filter+0x10/0x10
[  584.814209][ T8649]  do_seccomp+0x788/0xce0
[  584.814233][ T8649]  ? __pfx_do_seccomp+0x10/0x10
[  584.814252][ T8649]  ? ksys_write+0x230/0x260
[  584.814270][ T8649]  ? __pfx_ksys_write+0x10/0x10
[  584.814284][ T8649]  ? rcu_is_watching+0x15/0xb0
[  584.814308][ T8649]  ? do_syscall_64+0xbe/0x3b0
[  584.814324][ T8649]  do_syscall_64+0xfa/0x3b0
[  584.814335][ T8649]  ? lockdep_hardirqs_on+0x9c/0x150
[  584.814353][ T8649]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  584.814366][ T8649]  ? clear_bhb_loop+0x60/0xb0
[  584.814383][ T8649]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  584.814397][ T8649] RIP: 0033:0x7fbf92cceec9
[  584.814410][ T8649] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  584.814422][ T8649] RSP: 002b:00007fbf90f2e038 EFLAGS: 00000246 ORIG_RAX: 000000000000013d
[  584.814438][ T8649] RAX: ffffffffffffffda RBX: 00007fbf92f25fa0 RCX: 00007fbf92cceec9
[  584.814448][ T8649] RDX: 0000200000000000 RSI: 0000000000000008 RDI: 0000000000000001
[  584.814456][ T8649] RBP: 00007fbf90f2e090 R08: 0000000000000000 R09: 0000000000000000
[  584.814465][ T8649] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  584.814473][ T8649] R13: 00007fbf92f26038 R14: 00007fbf92f25fa0 R15: 00007ffdff1cde08
[  584.814496][ T8649]  </TASK>
[  584.814503][ T8649] Mem-Info:
[  584.814511][ T8649] active_anon:266 inactive_anon:4613 isolated_anon:0
[  584.814511][ T8649]  active_file:15932 inactive_file:37637 isolated_file:0
[  584.814511][ T8649]  unevictable:768 dirty:150 writeback:0
[  584.814511][ T8649]  slab_reclaimable:12760 slab_unreclaimable:101874
[  584.814511][ T8649]  mapped:29681 shmem:1384 pagetables:1085
[  584.814511][ T8649]  sec_pagetables:0 bounce:0
[  584.814511][ T8649]  kernel_misc_reclaimable:0
[  584.814511][ T8649]  free:1323854 free_pcp:3123 free_cma:0
[  584.814556][ T8649] Node 0 active_anon:1064kB inactive_anon:18452kB active_file:63356kB inactive_file:150544kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:118644kB dirty:600kB writeback:0kB shmem:4000kB kernel_stack:12344kB pagetables:4216kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  584.814593][ T8649] Node 1 active_anon:0kB inactive_anon:0kB active_file:372kB inactive_file:4kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:80kB dirty:0kB writeback:0kB shmem:1536kB kernel_stack:48kB pagetables:124kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  584.814625][ T8649] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  584.814687][ T8649] lowmem_reserve[]: 0 2511 2513 2513 2513
[  584.814711][ T8649] Node 0 DMA32 free:1382700kB boost:0kB min:3940kB low:6484kB high:9028kB reserved_highatomic:0KB free_highatomic:0KB active_anon:1060kB inactive_anon:18412kB active_file:62336kB inactive_file:150476kB unevictable:1536kB writepending:600kB present:3129332kB managed:2572276kB mlocked:0kB bounce:0kB free_pcp:12492kB local_pcp:3048kB free_cma:0kB
[  584.814751][ T8649] lowmem_reserve[]: 0 0 1 1 1
[  584.814772][ T8649] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB free_highatomic:0KB active_anon:4kB inactive_anon:40kB active_file:1020kB inactive_file:68kB unevictable:0kB writepending:0kB present:1048580kB managed:1132kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  584.814809][ T8649] lowmem_reserve[]: 0 0 0 0 0
[  584.814831][ T8649] Node 1 Normal free:3897356kB boost:0kB min:6364kB low:10472kB high:14580kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:372kB inactive_file:4kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  584.814872][ T8649] lowmem_reserve[]: 0 0 0 0 0
[  584.814895][ T8649] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  584.814978][ T8649] Node 0 DMA32: 1233*4kB (UME) 782*8kB (UME) 577*16kB (UME) 637*32kB (UME) 812*64kB (UME) 362*128kB (UME) 176*256kB (UM) 51*512kB (UME) 27*1024kB (UM) 17*2048kB (UME) 271*4096kB (UM) = 1382756kB
[  584.815082][ T8649] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  584.815149][ T8649] Node 1 Normal: 223*4kB (UE) 48*8kB (UME) 27*16kB (UE) 229*32kB (UE) 93*64kB (UME) 27*128kB (UME) 14*256kB (UME) 3*512kB (ME) 3*1024kB (UME) 2*2048kB (U) 944*4096kB (M) = 3897356kB
[  584.815260][ T8649] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  584.815273][ T8649] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  584.815286][ T8649] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  584.815298][ T8649] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  584.815309][ T8649] 54949 total pagecache pages
[  584.815316][ T8649] 0 pages in swap cache
[  584.815321][ T8649] Free swap  = 124996kB
[  584.815327][ T8649] Total swap = 124996kB
[  584.815333][ T8649] 2097051 pages RAM
[  584.815338][ T8649] 0 pages HighMem/MovableOnly
[  584.815344][ T8649] 422084 pages reserved
[  584.815349][ T8649] 0 pages cma reserved
[  585.045509][ T8654] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[  586.761210][ T5843] Bluetooth: hci2: command tx timeout
[  586.952962][ T8623] bridge0: port 1(bridge_slave_0) entered blocking state
[  586.953209][ T8623] bridge0: port 1(bridge_slave_0) entered disabled state
[  586.953455][ T8623] bridge_slave_0: entered allmulticast mode
[  586.956604][ T8623] bridge_slave_0: entered promiscuous mode
[  586.991739][ T8623] bridge0: port 2(bridge_slave_1) entered blocking state
[  586.991900][ T8623] bridge0: port 2(bridge_slave_1) entered disabled state
[  586.992133][ T8623] bridge_slave_1: entered allmulticast mode
[  586.994856][ T8623] bridge_slave_1: entered promiscuous mode
[  588.244381][ T8623] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  588.278602][ T8623] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  588.618095][ T8623] team0: Port device team_slave_0 added
[  588.626976][ T8623] team0: Port device team_slave_1 added
[  588.860198][ T5843] Bluetooth: hci2: command tx timeout
[  588.949896][    C1] vkms_vblank_simulate: vblank timer overrun
[  589.168708][    C1] vkms_vblank_simulate: vblank timer overrun
[  589.358499][    C1] vkms_vblank_simulate: vblank timer overrun
[  589.594547][    C1] vkms_vblank_simulate: vblank timer overrun
[  589.716269][ T5157] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  589.762019][ T5157] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  589.779925][ T5157] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  589.781722][ T5157] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  589.783174][ T5157] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  589.928271][    C1] vkms_vblank_simulate: vblank timer overrun
[  590.074806][ T8680] netlink: 'syz.4.664': attribute type 7 has an invalid length.
[  590.352423][    C1] vkms_vblank_simulate: vblank timer overrun
[  591.150573][    C1] vkms_vblank_simulate: vblank timer overrun
[  591.192303][    C1] vkms_vblank_simulate: vblank timer overrun
[  591.296515][ T8623] batman_adv: batadv0: Adding interface: batadv_slave_0
[  591.296531][ T8623] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  591.296557][ T8623] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  591.443296][ T8623] batman_adv: batadv0: Adding interface: batadv_slave_1
[  591.443313][ T8623] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  591.443336][ T8623] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  591.508808][ T8686] FAULT_INJECTION: forcing a failure.
[  591.508808][ T8686] name failslab, interval 1, probability 0, space 0, times 0
[  591.508842][ T8686] CPU: 1 UID: 0 PID: 8686 Comm: syz.4.665 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  591.508861][ T8686] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  591.508872][ T8686] Call Trace:
[  591.508879][ T8686]  <TASK>
[  591.508886][ T8686]  dump_stack_lvl+0x189/0x250
[  591.508915][ T8686]  ? __pfx____ratelimit+0x10/0x10
[  591.508941][ T8686]  ? __pfx_dump_stack_lvl+0x10/0x10
[  591.508964][ T8686]  ? __pfx__printk+0x10/0x10
[  591.508990][ T8686]  ? __pfx___might_resched+0x10/0x10
[  591.509013][ T8686]  should_fail_ex+0x46c/0x600
[  591.509042][ T8686]  should_failslab+0xa8/0x100
[  591.509067][ T8686]  __kmalloc_noprof+0xcb/0x430
[  591.509087][ T8686]  ? tomoyo_encode+0x28b/0x550
[  591.509124][ T8686]  tomoyo_encode+0x28b/0x550
[  591.509152][ T8686]  tomoyo_realpath_from_path+0x58d/0x5d0
[  591.509187][ T8686]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  591.509208][ T8686]  tomoyo_path_number_perm+0x1e8/0x5a0
[  591.509231][ T8686]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  591.509257][ T8686]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  591.509281][ T8686]  ? lockdep_hardirqs_on+0x9c/0x150
[  591.509313][ T8686]  ? __lock_acquire+0xab9/0xd20
[  591.509355][ T8686]  ? __fget_files+0x2a/0x420
[  591.509381][ T8686]  ? __fget_files+0x2a/0x420
[  591.509401][ T8686]  ? __fget_files+0x3a6/0x420
[  591.509422][ T8686]  ? __fget_files+0x2a/0x420
[  591.509448][ T8686]  security_file_ioctl+0xcb/0x2d0
[  591.509472][ T8686]  __se_sys_ioctl+0x47/0x170
[  591.509494][ T8686]  do_syscall_64+0xfa/0x3b0
[  591.509510][ T8686]  ? lockdep_hardirqs_on+0x9c/0x150
[  591.509533][ T8686]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  591.509551][ T8686]  ? clear_bhb_loop+0x60/0xb0
[  591.509573][ T8686]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  591.509590][ T8686] RIP: 0033:0x7fbf92cceec9
[  591.509606][ T8686] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  591.509621][ T8686] RSP: 002b:00007fbf90f2e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  591.509640][ T8686] RAX: ffffffffffffffda RBX: 00007fbf92f25fa0 RCX: 00007fbf92cceec9
[  591.509654][ T8686] RDX: 0000000000000000 RSI: 000000000000540b RDI: 0000000000000003
[  591.509665][ T8686] RBP: 00007fbf90f2e090 R08: 0000000000000000 R09: 0000000000000000
[  591.509676][ T8686] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  591.509687][ T8686] R13: 00007fbf92f26038 R14: 00007fbf92f25fa0 R15: 00007ffdff1cde08
[  591.509718][ T8686]  </TASK>
[  591.509736][ T8686] ERROR: Out of memory at tomoyo_realpath_from_path.
[  591.789881][ T8688] fuse: Bad value for 'fd'
[  591.791296][    C1] vkms_vblank_simulate: vblank timer overrun
[  591.800385][ T5157] Bluetooth: hci3: command tx timeout
[  591.840986][    C1] vkms_vblank_simulate: vblank timer overrun
[  592.217369][    C1] vkms_vblank_simulate: vblank timer overrun
[  592.834459][    C1] vkms_vblank_simulate: vblank timer overrun
[  592.894632][ T8623] hsr_slave_0: entered promiscuous mode
[  592.896050][ T8623] hsr_slave_1: entered promiscuous mode
[  592.917663][ T8432] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  593.098579][ T8432] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  593.208070][ T8432] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  593.334921][    C1] vkms_vblank_simulate: vblank timer overrun
[  593.891327][ T5157] Bluetooth: hci3: command tx timeout
[  594.180267][    C1] vkms_vblank_simulate: vblank timer overrun
[  594.271898][ T8432] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  594.850324][ T8498] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  594.934231][ T8498] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  595.265324][    C1] vkms_vblank_simulate: vblank timer overrun
[  595.868869][ T5843] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  595.890371][ T5843] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  595.891760][ T5843] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  595.893590][ T5843] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  595.894536][ T5843] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  595.960394][ T5843] Bluetooth: hci3: command tx timeout
[  596.111501][    C1] vkms_vblank_simulate: vblank timer overrun
[  596.339779][    C1] vkms_vblank_simulate: vblank timer overrun
[  597.308094][ T8714] fuse: Unknown parameter 'user_id00000000000000000000'
[  597.330580][    C1] vkms_vblank_simulate: vblank timer overrun
[  597.751747][    C1] vkms_vblank_simulate: vblank timer overrun
[  598.732620][ T8717] fuse: Unknown parameter 'user_id00000000000000000000'
[  598.748336][ T5843] Bluetooth: hci4: command tx timeout
[  598.748751][ T5843] Bluetooth: hci3: command tx timeout
[  598.775764][ T8498] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  598.909870][ T8498] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  599.185886][   T37] audit: type=1107 audit(1758916599.903:728): pid=8727 uid=0 auid=4294967295 ses=4294967295 subj=_ msg='n�'
[  599.960588][ T6251] usb 5-1: new high-speed USB device number 50 using dummy_hcd
[  600.150357][ T6251] usb 5-1: device descriptor read/64, error -71
[  600.405974][ T8673] chnl_net:caif_netlink_parms(): no params data found
[  600.410445][ T6251] usb 5-1: new high-speed USB device number 51 using dummy_hcd
[  600.650121][ T6251] usb 5-1: device descriptor read/64, error -71
[  600.772498][ T5157] Bluetooth: hci4: command tx timeout
[  600.772726][ T6251] usb usb5-port1: attempt power cycle
[  601.120216][ T6251] usb 5-1: new high-speed USB device number 52 using dummy_hcd
[  601.161007][ T6251] usb 5-1: device descriptor read/8, error -71
[  601.420098][ T6251] usb 5-1: new high-speed USB device number 53 using dummy_hcd
[  601.441252][ T6251] usb 5-1: device descriptor read/8, error -71
[  601.561130][ T6251] usb usb5-port1: unable to enumerate USB device
[  601.765542][ T8673] bridge0: port 1(bridge_slave_0) entered blocking state
[  601.767171][ T8673] bridge0: port 1(bridge_slave_0) entered disabled state
[  601.767401][ T8673] bridge_slave_0: entered allmulticast mode
[  601.769553][ T8673] bridge_slave_0: entered promiscuous mode
[  601.816321][ T8673] bridge0: port 2(bridge_slave_1) entered blocking state
[  601.816424][ T8673] bridge0: port 2(bridge_slave_1) entered disabled state
[  601.816568][ T8673] bridge_slave_1: entered allmulticast mode
[  601.818093][ T8673] bridge_slave_1: entered promiscuous mode
[  602.094384][ T8673] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  602.134529][ T8673] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  602.388949][ T8623] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  602.865058][ T5843] Bluetooth: hci4: command tx timeout
[  604.659238][ T8623] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  604.698318][ T8673] team0: Port device team_slave_0 added
[  604.726535][ T8623] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  604.795241][ T8673] team0: Port device team_slave_1 added
[  604.845448][ T8623] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  605.000215][ T5843] Bluetooth: hci4: command tx timeout
[  605.307752][ T8673] batman_adv: batadv0: Adding interface: batadv_slave_0
[  605.307769][ T8673] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  605.307794][ T8673] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  605.477069][ T5157] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  605.505109][ T5157] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  605.507240][ T5157] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  605.509025][ T5157] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  605.509884][ T5157] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  605.658703][ T8707] chnl_net:caif_netlink_parms(): no params data found
[  605.685385][ T8673] batman_adv: batadv0: Adding interface: batadv_slave_1
[  605.685401][ T8673] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  605.685424][ T8673] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  606.230262][ T6251] usb 5-1: new high-speed USB device number 54 using dummy_hcd
[  606.390415][ T6251] usb 5-1: Using ep0 maxpacket: 8
[  606.408459][ T6251] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xEE, changing to 0x8E
[  606.408491][ T6251] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0
[  606.408513][ T6251] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  606.442014][ T6251] usb 5-1: New USB device found, idVendor=187f, idProduct=0200, bcdDevice=6b.ad
[  606.442043][ T6251] usb 5-1: New USB device strings: Mfr=55, Product=237, SerialNumber=3
[  606.442068][ T6251] usb 5-1: Product: syz
[  606.442082][ T6251] usb 5-1: Manufacturer: syz
[  606.442095][ T6251] usb 5-1: SerialNumber: syz
[  606.447835][ T6251] usb 5-1: config 0 descriptor??
[  606.464336][ T6251] smsusb:smsusb_probe: board id=2, interface number 0
[  606.497799][ T6251] smsusb:smsusb_probe: Device initialized with return code -19
[  606.735028][ T8673] hsr_slave_0: entered promiscuous mode
[  606.736392][ T8673] hsr_slave_1: entered promiscuous mode
[  606.737301][ T8673] debugfs: 'hsr0' already exists in 'hsr'
[  606.737320][ T8673] Cannot create hsr debugfs directory
[  607.276673][ T8707] bridge0: port 1(bridge_slave_0) entered blocking state
[  607.276763][ T8707] bridge0: port 1(bridge_slave_0) entered disabled state
[  607.276901][ T8707] bridge_slave_0: entered allmulticast mode
[  607.278574][ T8707] bridge_slave_0: entered promiscuous mode
[  607.651188][ T5843] Bluetooth: hci0: command tx timeout
[  607.653814][ T8707] bridge0: port 2(bridge_slave_1) entered blocking state
[  607.656706][ T8707] bridge0: port 2(bridge_slave_1) entered disabled state
[  607.656964][ T8707] bridge_slave_1: entered allmulticast mode
[  607.662022][ T8707] bridge_slave_1: entered promiscuous mode
[  608.154069][ T8707] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  608.222139][ T8707] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  608.856350][ T8707] team0: Port device team_slave_0 added
[  608.995711][ T8707] team0: Port device team_slave_1 added
[  609.023313][   T31] usb 5-1: USB disconnect, device number 54
[  609.593777][ T8707] batman_adv: batadv0: Adding interface: batadv_slave_0
[  609.593802][ T8707] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  609.593827][ T8707] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  609.632751][ T8707] batman_adv: batadv0: Adding interface: batadv_slave_1
[  609.632769][ T8707] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  609.632800][ T8707] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  609.720270][ T5843] Bluetooth: hci0: command tx timeout
[  609.893830][ T1458] bridge_slave_1: left allmulticast mode
[  609.893864][ T1458] bridge_slave_1: left promiscuous mode
[  609.894119][ T1458] bridge0: port 2(bridge_slave_1) entered disabled state
[  610.091355][ T1458] bridge_slave_0: left allmulticast mode
[  610.091389][ T1458] bridge_slave_0: left promiscuous mode
[  610.091658][ T1458] bridge0: port 1(bridge_slave_0) entered disabled state
[  610.414810][ T1458] bridge_slave_1: left allmulticast mode
[  610.414849][ T1458] bridge_slave_1: left promiscuous mode
[  610.415105][ T1458] bridge0: port 2(bridge_slave_1) entered disabled state
[  610.536830][ T8779] Bluetooth: MGMT ver 1.23
[  611.341516][ T1458] bridge_slave_0: left allmulticast mode
[  611.341550][ T1458] bridge_slave_0: left promiscuous mode
[  611.341820][ T1458] bridge0: port 1(bridge_slave_0) entered disabled state
[  611.718394][ T1458] bridge_slave_1: left allmulticast mode
[  611.718431][ T1458] bridge_slave_1: left promiscuous mode
[  611.718710][ T1458] bridge0: port 2(bridge_slave_1) entered disabled state
[  611.791625][ T1458] bridge_slave_0: left allmulticast mode
[  611.791664][ T1458] bridge_slave_0: left promiscuous mode
[  611.791923][ T1458] bridge0: port 1(bridge_slave_0) entered disabled state
[  611.819209][ T5843] Bluetooth: hci0: command tx timeout
[  612.992345][ T8787] netlink: 12 bytes leftover after parsing attributes in process `syz.4.683'.
[  614.126434][ T5843] Bluetooth: hci0: command tx timeout
[  614.267908][ T1458] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  614.633938][ T1458] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  614.695050][ T1458] bond0 (unregistering): Released all slaves
[  615.297834][ T1458] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  615.550900][ T1458] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  616.290507][ T1458] bond0 (unregistering): Released all slaves
[  616.418569][    C1] vkms_vblank_simulate: vblank timer overrun
[  616.761760][ T1458] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  616.841010][ T1458] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  616.904486][ T1458] bond0 (unregistering): Released all slaves
[  616.920296][ T5910] usb 5-1: new high-speed USB device number 55 using dummy_hcd
[  617.094238][ T5910] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  617.094265][ T5910] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[  617.094287][ T5910] usb 5-1: config 1 has no interface number 0
[  617.094333][ T5910] usb 5-1: config 1 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  617.138596][ T5910] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  617.138614][ T5910] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  617.138625][ T5910] usb 5-1: Product: syz
[  617.138632][ T5910] usb 5-1: Manufacturer: syz
[  617.138640][ T5910] usb 5-1: SerialNumber: syz
[  617.202936][ T5910] usb 5-1: selecting invalid altsetting 1
[  617.320225][    C1] vkms_vblank_simulate: vblank timer overrun
[  617.604893][    C1] vkms_vblank_simulate: vblank timer overrun
[  617.692043][ T8707] hsr_slave_0: entered promiscuous mode
[  617.693520][ T8707] hsr_slave_1: entered promiscuous mode
[  617.694498][ T8707] debugfs: 'hsr0' already exists in 'hsr'
[  617.694522][ T8707] Cannot create hsr debugfs directory
[  617.699136][ T8760] chnl_net:caif_netlink_parms(): no params data found
[  617.826574][ T8802] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  617.827019][ T8802] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  617.918432][ T5910] cdc_ncm 5-1:1.1: SET_NTB_FORMAT failed
[  617.935910][ T5910] usb 5-1: selecting invalid altsetting 1
[  617.935969][ T5910] cdc_ncm 5-1:1.1: bind() failure
[  617.955788][ T5910] usb 5-1: USB disconnect, device number 55
[  618.281995][ T1458] hsr_slave_0: left promiscuous mode
[  618.300250][ T1458] hsr_slave_1: left promiscuous mode
[  618.301276][ T1458] batman_adv: batadv0: Removing interface: batadv_slave_0
[  618.351069][ T1458] batman_adv: batadv0: Removing interface: batadv_slave_1
[  618.578383][ T1458] hsr_slave_0: left promiscuous mode
[  618.630751][ T1458] hsr_slave_1: left promiscuous mode
[  618.631688][ T1458] batman_adv: batadv0: Removing interface: batadv_slave_0
[  618.692492][ T1458] batman_adv: batadv0: Removing interface: batadv_slave_1
[  619.764372][    C1] vkms_vblank_simulate: vblank timer overrun
[  619.790349][ T1458] hsr_slave_0: left promiscuous mode
[  619.810126][ T1458] hsr_slave_1: left promiscuous mode
[  619.811026][ T1458] batman_adv: batadv0: Removing interface: batadv_slave_0
[  619.840805][ T1458] batman_adv: batadv0: Removing interface: batadv_slave_1
[  620.388093][    C1] vkms_vblank_simulate: vblank timer overrun
[  620.471105][ T1458] team0 (unregistering): Port device team_slave_1 removed
[  620.505856][    C1] vkms_vblank_simulate: vblank timer overrun
[  620.601482][ T1458] team0 (unregistering): Port device team_slave_0 removed
[  621.232898][    C1] vkms_vblank_simulate: vblank timer overrun
[  621.751030][ T1458] team0 (unregistering): Port device team_slave_1 removed
[  621.881561][ T1458] team0 (unregistering): Port device team_slave_0 removed
[  623.144098][ T1458] team0 (unregistering): Port device team_slave_1 removed
[  623.271013][ T1458] team0 (unregistering): Port device team_slave_0 removed
[  624.711543][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[  624.713598][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[  626.472235][ T8825] binder: BC_ACQUIRE_RESULT not supported
[  626.472250][ T8825] binder: 8824:8825 ioctl c0306201 200000000640 returned -22
[  626.673360][ T8623] 8021q: adding VLAN 0 to HW filter on device bond0
[  626.698028][ T8760] bridge0: port 1(bridge_slave_0) entered blocking state
[  626.698171][ T8760] bridge0: port 1(bridge_slave_0) entered disabled state
[  626.698410][ T8760] bridge_slave_0: entered allmulticast mode
[  626.702001][ T8760] bridge_slave_0: entered promiscuous mode
[  626.743798][ T8760] bridge0: port 2(bridge_slave_1) entered blocking state
[  626.743904][ T8760] bridge0: port 2(bridge_slave_1) entered disabled state
[  626.744056][ T8760] bridge_slave_1: entered allmulticast mode
[  626.746668][ T8760] bridge_slave_1: entered promiscuous mode
[  627.230500][ T8760] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  627.249637][ T8760] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  627.678314][ T8623] 8021q: adding VLAN 0 to HW filter on device team0
[  627.687817][ T8760] team0: Port device team_slave_0 added
[  627.711210][ T8760] team0: Port device team_slave_1 added
[  627.766073][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[  627.766625][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[  628.014578][ T8673] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  628.075226][ T8760] batman_adv: batadv0: Adding interface: batadv_slave_0
[  628.075237][ T8760] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  628.075251][ T8760] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  628.075595][ T8673] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  628.139351][ T1577] bridge0: port 2(bridge_slave_1) entered blocking state
[  628.139564][ T1577] bridge0: port 2(bridge_slave_1) entered forwarding state
[  628.190202][ T5910] usb 5-1: new high-speed USB device number 56 using dummy_hcd
[  628.344449][ T8760] batman_adv: batadv0: Adding interface: batadv_slave_1
[  628.344466][ T8760] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  628.344491][ T8760] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  628.345062][ T8673] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  628.352698][ T5910] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  628.352723][ T5910] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[  628.352743][ T5910] usb 5-1: config 1 has no interface number 0
[  628.352790][ T5910] usb 5-1: config 1 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  628.355768][ T5910] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  628.355795][ T5910] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  628.355815][ T5910] usb 5-1: Product: syz
[  628.355829][ T5910] usb 5-1: Manufacturer: syz
[  628.355842][ T5910] usb 5-1: SerialNumber: syz
[  628.482933][ T5910] usb 5-1: selecting invalid altsetting 1
[  628.494505][ T8673] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  629.102613][ T8832] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  629.103008][ T8832] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  629.126012][ T8760] hsr_slave_0: entered promiscuous mode
[  629.131771][ T8760] hsr_slave_1: entered promiscuous mode
[  629.133340][ T8760] debugfs: 'hsr0' already exists in 'hsr'
[  629.133365][ T8760] Cannot create hsr debugfs directory
[  629.286751][ T5910] cdc_ncm 5-1:1.1: SET_NTB_FORMAT failed
[  629.308818][ T5910] usb 5-1: selecting invalid altsetting 1
[  629.308855][ T5910] cdc_ncm 5-1:1.1: bind() failure
[  629.315500][ T5910] usb 5-1: USB disconnect, device number 56
[  630.225288][ T8841] netlink: 12 bytes leftover after parsing attributes in process `syz.4.696'.
[  631.104007][ T8707] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  632.460250][ T8707] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  632.616666][ T8707] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  632.823300][ T8707] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  633.841733][ T8864] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[  633.917550][    C0] vkms_vblank_simulate: vblank timer overrun
[  634.599539][    C0] vkms_vblank_simulate: vblank timer overrun
[  634.650056][    C0] vkms_vblank_simulate: vblank timer overrun
[  634.920367][   T31] usb 5-1: new high-speed USB device number 57 using dummy_hcd
[  635.070552][   T31] usb 5-1: Using ep0 maxpacket: 32
[  635.076258][   T31] usb 5-1: config 1 interface 0 altsetting 64 endpoint 0x81 has an invalid bInterval 250, changing to 11
[  635.076293][   T31] usb 5-1: config 1 interface 0 altsetting 64 bulk endpoint 0x82 has invalid maxpacket 16
[  635.076318][   T31] usb 5-1: config 1 interface 0 altsetting 64 endpoint 0x3 has invalid maxpacket 1536, setting to 1024
[  635.076343][   T31] usb 5-1: config 1 interface 0 altsetting 64 bulk endpoint 0x3 has invalid maxpacket 1024
[  635.076366][   T31] usb 5-1: config 1 interface 0 has no altsetting 0
[  635.082970][   T31] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  635.082999][   T31] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  635.083017][   T31] usb 5-1: Product: Ъ
[  635.083031][   T31] usb 5-1: Manufacturer: 쀀︙핳꽓旫ᡒ픠﷢♧淌᩟欧㝴麼㲂ꘇ뎾꽩ढ़웖⺯䧟
[  635.083049][   T31] usb 5-1: SerialNumber: ю
[  635.099766][ T8867] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  635.100840][ T8867] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  635.583479][ T8673] 8021q: adding VLAN 0 to HW filter on device bond0
[  635.586905][ T8623] 8021q: adding VLAN 0 to HW filter on device batadv0
[  635.739809][ T8673] 8021q: adding VLAN 0 to HW filter on device team0
[  635.827858][ T7699] bridge0: port 1(bridge_slave_0) entered blocking state
[  635.828038][ T7699] bridge0: port 1(bridge_slave_0) entered forwarding state
[  635.917329][ T1458] bridge_slave_1: left allmulticast mode
[  635.917413][ T1458] bridge_slave_1: left promiscuous mode
[  635.917752][ T1458] bridge0: port 2(bridge_slave_1) entered disabled state
[  636.004884][ T1458] bridge_slave_0: left allmulticast mode
[  636.004919][ T1458] bridge_slave_0: left promiscuous mode
[  636.005327][ T1458] bridge0: port 1(bridge_slave_0) entered disabled state
[  636.086185][   T31] cdc_ether 5-1:1.0: probe with driver cdc_ether failed with error -71
[  636.120803][   T31] usb 5-1: USB disconnect, device number 57
[  636.771128][ T1458] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  636.851317][ T1458] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  636.914782][ T1458] bond0 (unregistering): Released all slaves
[  636.974384][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  636.974538][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  641.800822][ T1458] hsr_slave_0: left promiscuous mode
[  642.073317][ T1458] hsr_slave_1: left promiscuous mode
[  642.074291][ T1458] batman_adv: batadv0: Removing interface: batadv_slave_0
[  642.121623][ T1458] batman_adv: batadv0: Removing interface: batadv_slave_1
[  644.179183][ T5157] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  644.189864][ T5157] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  644.193837][ T5157] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  644.315046][ T5157] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  644.347377][ T5157] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  645.673907][ T1458] team0 (unregistering): Port device team_slave_1 removed
[  647.124131][ T1458] team0 (unregistering): Port device team_slave_0 removed
[  647.836598][ T5843] Bluetooth: hci5: command tx timeout
[  648.641270][ T8760] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  648.714100][ T8760] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  648.843629][ T8760] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  648.899200][ T8760] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  649.145336][ T8707] 8021q: adding VLAN 0 to HW filter on device bond0
[  649.989220][ T5932] Oops: general protection fault, probably for non-canonical address 0xdffffc000000006a: 0000 [#1] SMP KASAN PTI
[  649.989244][ T5932] KASAN: null-ptr-deref in range [0x0000000000000350-0x0000000000000357]
[  649.989263][ T5932] CPU: 0 UID: 0 PID: 5932 Comm: kworker/0:4 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  649.989284][ T5932] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  649.989296][ T5932] Workqueue: events l2cap_info_timeout
[  649.989323][ T5932] RIP: 0010:kasan_byte_accessible+0x12/0x30
[  649.989348][ T5932] Code: 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 66 0f 1f 00 48 c1 ef 03 48 b8 00 00 00 00 00 fc ff df <0f> b6 04 07 3c 08 0f 92 c0 e9 10 40 dd 08 cc 66 66 66 66 66 66 2e
[  649.989363][ T5932] RSP: 0018:ffffc900055377a8 EFLAGS: 00010206
[  649.989378][ T5932] RAX: dffffc0000000000 RBX: ffffffff88d7d85e RCX: e41d4ebf0f80c200
[  649.989392][ T5932] RDX: 0000000000000000 RSI: ffffffff88d7d85e RDI: 000000000000006a
[  649.989404][ T5932] RBP: ffffffff8a012dc5 R08: 0000000000000001 R09: 0000000000000000
[  649.989416][ T5932] R10: dffffc0000000000 R11: ffffffff8a012d80 R12: 0000000000000000
[  649.989429][ T5932] R13: 0000000000000350 R14: 0000000000000350 R15: 0000000000000001
[  649.989440][ T5932] FS:  0000000000000000(0000) GS:ffff8881268bc000(0000) knlGS:0000000000000000
[  649.989455][ T5932] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  649.989468][ T5932] CR2: 000000110c2c67c9 CR3: 00000000303b6000 CR4: 00000000003526f0
[  649.989484][ T5932] Call Trace:
[  649.989490][ T5932]  <TASK>
[  649.989498][ T5932]  __kasan_check_byte+0x12/0x40
[  649.989519][ T5932]  lock_acquire+0x8d/0x360
[  649.989539][ T5932]  ? __cancel_work+0x25e/0x2e0
[  649.989566][ T5932]  lock_sock_nested+0x3e/0x130
[  649.989586][ T5932]  ? l2cap_sock_ready_cb+0x45/0x140
[  649.989605][ T5932]  l2cap_sock_ready_cb+0x45/0x140
[  649.989624][ T5932]  l2cap_conn_start+0x76d/0xe50
[  649.989649][ T5932]  ? __pfx_l2cap_conn_start+0x10/0x10
[  649.989670][ T5932]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  649.989694][ T5932]  ? lockdep_hardirqs_on+0x9c/0x150
[  649.989717][ T5932]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  649.989741][ T5932]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  649.989769][ T5932]  ? mutex_lock_nested+0x154/0x1d0
[  649.989787][ T5932]  ? l2cap_info_timeout+0x60/0xa0
[  649.989810][ T5932]  l2cap_info_timeout+0x68/0xa0
[  649.989830][ T5932]  ? process_scheduled_works+0x9ef/0x17b0
[  649.989850][ T5932]  process_scheduled_works+0xade/0x17b0
[  649.989881][ T5932]  ? __pfx_process_scheduled_works+0x10/0x10
[  649.989915][ T5932]  worker_thread+0x8a0/0xda0
[  649.989937][ T5932]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  649.989959][ T5932]  ? __kthread_parkme+0x7b/0x200
[  649.989984][ T5932]  kthread+0x70e/0x8a0
[  649.990007][ T5932]  ? __pfx_worker_thread+0x10/0x10
[  649.990026][ T5932]  ? __pfx_kthread+0x10/0x10
[  649.990050][ T5932]  ? __pfx_kthread+0x10/0x10
[  649.990072][ T5932]  ret_from_fork+0x436/0x7d0
[  649.990094][ T5932]  ? __pfx_ret_from_fork+0x10/0x10
[  649.990116][ T5932]  ? __switch_to_asm+0x39/0x70
[  649.990133][ T5932]  ? __switch_to_asm+0x33/0x70
[  649.990148][ T5932]  ? __pfx_kthread+0x10/0x10
[  649.990170][ T5932]  ret_from_fork_asm+0x1a/0x30
[  649.990194][ T5932]  </TASK>
[  649.990206][ T5932] Modules linked in:
[  649.990265][ T5932] ---[ end trace 0000000000000000 ]---
[  649.991966][ T5932] RIP: 0010:kasan_byte_accessible+0x12/0x30
[  649.992043][ T5932] Code: 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 66 0f 1f 00 48 c1 ef 03 48 b8 00 00 00 00 00 fc ff df <0f> b6 04 07 3c 08 0f 92 c0 e9 10 40 dd 08 cc 66 66 66 66 66 66 2e
[  649.992103][ T5932] RSP: 0018:ffffc900055377a8 EFLAGS: 00010206
[  649.992213][ T5932] RAX: dffffc0000000000 RBX: ffffffff88d7d85e RCX: e41d4ebf0f80c200
[  649.992275][ T5932] RDX: 0000000000000000 RSI: ffffffff88d7d85e RDI: 000000000000006a
[  649.992329][ T5932] RBP: ffffffff8a012dc5 R08: 0000000000000001 R09: 0000000000000000
[  649.992382][ T5932] R10: dffffc0000000000 R11: ffffffff8a012d80 R12: 0000000000000000
[  649.992436][ T5932] R13: 0000000000000350 R14: 0000000000000350 R15: 0000000000000001
[  649.992489][ T5932] FS:  0000000000000000(0000) GS:ffff8881268bc000(0000) knlGS:0000000000000000
[  649.992545][ T5932] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  649.992599][ T5932] CR2: 000000110c2c67c9 CR3: 00000000303b6000 CR4: 00000000003526f0
[  649.992752][ T5932] Kernel panic - not syncing: Fatal exception
[  649.993027][ T5932] Kernel Offset: disabled