last executing test programs:

19.359123606s ago: executing program 2 (id=1295):
syz_genetlink_get_family_id$mptcp(0x0, 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_buf(r2, 0x0, 0x10, &(0x7f00000006c0)="170000000200020000ffbe8c5ee17688a2003c000303000afdff0230040000d90200bb6a880000d6c9db0000db00000200df01800a0000ebfc0607bdff59100ac45761547a681f009cee4a5acba400001fb700674f00c88ebbf9315033bf79ac2dfc061f15003901dee2ffffffffe9000000000000000062068f5ee50ce5af9b1c568302ffff02ff0331dd3bab0840024f0298e9e90539062a80e605007f71174ab498a30b3e5a1b47b63a6323ded2aa084cd36276a3afff0100000001000000", 0xc0)

18.216180923s ago: executing program 1 (id=1300):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$igmp(0x2, 0x3, 0x2)
r3 = syz_open_dev$vim2m(0x0, 0x1000, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r3, 0xc0d05605, &(0x7f0000000040)={0x1, @pix={0xc2, 0x80000001, 0x35315258, 0x2, 0xff, 0x8, 0x6, 0x6, 0x0, 0x0, 0x1}})
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x6)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
r4 = socket$kcm(0x2d, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r4, 0x89e2, &(0x7f0000000040))
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mount(&(0x7f0000000980)=@filename='./file0\x00', &(0x7f00000009c0)='./file0\x00', &(0x7f0000000a00)='ocfs2_dlmfs\x00', 0x100000, &(0x7f0000000a40)='%]^&.\x00')
mlockall(0x7)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r5, &(0x7f0000005b40)=[{{&(0x7f0000000000)={0x2, 0x4e20, @multicast2}, 0x10, &(0x7f00000001c0)=[{&(0x7f0000000040)="f37481d90eeaead391345b4da9d27e24c9c670da3afc5c00009700"/38, 0x26}, {&(0x7f0000000140)="ead5e92719a44591801f33", 0xb}, {&(0x7f0000000180)="f3f97053495b072215aee864193557c0dabdd253711d5ed9b131c5abd8796e5759ab1f639211e68e24bf4471b6ab1429b165c7248cded82bfb4a3f48e8d0", 0x3e}], 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="2c0000000000000000005766e58d249baf209301ffffffff0000000000000000000000000000000000000000000000001c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="ac1414aae000000200000000"], 0x50}}, {{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000380)="c1ad061c5d914eadd95de7fb63eb7b0306d91c25f3fba6c97eda8ade2420dfe1fe0f5c7a01d724be33a44f1cd52028110d8f7dd4b3421a3fe4b2066d179f938ba15c3956e1aaad35035bcde7b90ed59ee2de06c8a4af3de95b", 0x59}], 0x1}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000004240)=[{&(0x7f0000000400)="01d4f4f5b19ed14641c549d118f8916305244efa6bf80577db9feca473691b3a898fa697c61ab8f94573801ce2925bb5a2f435b9a0a05bfe14d60fdafdd527f43b4aedd78fb063444536de7462504fad8e262e908962f9b0c733b4635e28ca332833abfe8f3d366aa9477de5", 0x6c}], 0x1}}], 0x4, 0xc080)
syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)

13.405198588s ago: executing program 1 (id=1307):
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = userfaultfd(0x801)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x3})
syz_io_uring_setup(0x50cf, 0x0, &(0x7f0000000080), &(0x7f0000ff4000))
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)

13.243457701s ago: executing program 2 (id=1309):
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000001900)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x20008c0, &(0x7f0000000680)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@posixacl}], [], 0x6b}})

12.636052736s ago: executing program 2 (id=1313):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
openat$nullb(0xffffffffffffff9c, 0x0, 0x1c3902, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0xfffffffffffffe68, &(0x7f00000002c0)=0x1000000000002)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f0000000280), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
ioprio_set$uid(0x3, 0x0, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @remote}, 0xc)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f00000043c0)={0x2020}, 0x2020)
sched_setscheduler(0x0, 0x1, 0x0)
symlinkat(&(0x7f0000000100)='./file0\x00', 0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00')
r4 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x40400)
ioctl$SG_IO(r4, 0x2285, &(0x7f00000033c0)={0x53, 0xfffffffffffffffd, 0x6, 0x68, @buffer={0xfb, 0x8a, &(0x7f0000000500)=""/138}, &(0x7f00000001c0)='\x00\x00\x00\x00\x00\x00', 0x0, 0x0, 0x10010, 0x4, 0x0})
ioctl$sock_inet_SIOCSIFDSTADDR(0xffffffffffffffff, 0x8918, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0)
r5 = gettid()
timer_create(0x6, &(0x7f0000533fa0)={0x0, 0x25, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc))
socket$alg(0x26, 0x5, 0x0)
sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_SET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24000000}, 0x4008000)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0500ffffffff000000002100000008000300", @ANYRES32=r2, @ANYBLOB="38002d800a00000002020202020202020200000a0000000101010000000000000004000a0000000202020202020000"], 0x54}}, 0x0)

11.541602286s ago: executing program 3 (id=1315):
r0 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
getpid()
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$IOC_WATCH_QUEUE_SET_SIZE(0xffffffffffffffff, 0x5760, 0x3c)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000026c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34665c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbccbddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e712a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd13f4cec49669e443dcb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ef8dba2f23b01a9ae44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af40000000000000005f58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef07000000000000006da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405a07feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09c0e5a3bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea10d3cfb41b92ecbb422a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f74562adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b4412331d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd100fcffff007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711c6529ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a22c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29008000000000000005ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc030ea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efd936b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800001f00000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351b9332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a138d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fce43d8c53a8031e64026e0d36b6401064c49a729f11ab377f7132c5232bb80195dd5d43d29646a9378eea0761b7ed9d2172e33ed87c7413c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828b07f1dc7df9c8e5da22dfb9dacbf5529e4e994128d835f85465173ea7bbcc519a0c9798ce8b1b07567e3e07169c8c3e4da8bf725c050000000000000000000000000000000000000000004775abdf0c62728eb55a9e2849a1ce05bed60dfe4cc9fa43f9684297c02382c0a35829be7a86305792a9d2e80ca9e8fc50f31f6e0fa810303da03d8b74b42c1ebaf16bb343256405a3a07229a54de09a97b269cd29e8b2f0b0d46c51a6a93eec37f4bc6e29a8e19120ae050ab682662e9b2cc3263a4aba62b63ca9123a53c0f4bf3c4463b8144c89bf058a0af0ae9fc2b7cdfc4817703e267cddc193637d7fd97646090da37093657643daae3840c7f5c10f93524f7ae4791ec6e9d9722e5f670ccb358e051a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@cgroup=r4, r4, 0x2f, 0x14, 0x4, @void, @value=r4}, 0x20)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=@newnexthop={0xe4, 0x68, 0x20, 0x70bd27, 0x25dfdbfe, {0x0, 0x0, 0x1, 0x0, 0x4}, [@NHA_ENCAP={0xff, 0x8, 0x0, 0x1, @LWT_BPF_IN={0xb8, 0x1, 0x0, 0x1, @LWT_BPF_PROG_FD={0x0, 0x1, r4}}}, @NHA_GROUP={0x4}, @NHA_FDB={0x4}, @NHA_GROUP_TYPE={0x6, 0x3, 0x1}]}, 0xe4}, 0x1, 0x0, 0x0, 0x4000000}, 0x40010)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000014c80020850000000400000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0xa101, 0x0)
ioctl$TCSETS(r5, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x3, 0x0, 0x0, "0062ba7d82000000000000000000f7fffeff00"})
r6 = syz_open_pts(r5, 0x8102)
r7 = dup3(r6, r5, 0x0)
ioctl$TIOCSTI(r7, 0x5412, &(0x7f0000000000)=0x17)

11.33622664s ago: executing program 1 (id=1316):
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x0, 0x2)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
r1 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
connect$bt_rfcomm(r1, &(0x7f00000001c0)={0x1f, @none, 0x1}, 0xa)
ioctl$VIDIOC_G_FMT(r0, 0xc0d05604, &(0x7f0000000a80)={0x4, @vbi={0x81, 0x1, 0xee, 0x34424752, [0x12, 0x3], [0xe, 0x7], 0x13a}})
ioctl$VIDIOC_LOG_STATUS(r0, 0x5646, 0x0)

10.629610286s ago: executing program 2 (id=1317):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$igmp(0x2, 0x3, 0x2)
r3 = syz_open_dev$vim2m(0x0, 0x1000, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r3, 0xc0d05605, &(0x7f0000000040)={0x1, @pix={0xc2, 0x80000001, 0x35315258, 0x2, 0xff, 0x8, 0x6, 0x6, 0x0, 0x0, 0x1}})
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x6)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
r4 = socket$kcm(0x2d, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r4, 0x89e2, &(0x7f0000000040))
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mount(&(0x7f0000000980)=@filename='./file0\x00', &(0x7f00000009c0)='./file0\x00', &(0x7f0000000a00)='ocfs2_dlmfs\x00', 0x100000, &(0x7f0000000a40)='%]^&.\x00')
mlockall(0x7)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r5, &(0x7f0000005b40)=[{{&(0x7f0000000000)={0x2, 0x4e20, @multicast2}, 0x10, &(0x7f00000001c0)=[{&(0x7f0000000040)="f37481d90eeaead391345b4da9d27e24c9c670da3afc5c00009700"/38, 0x26}, {&(0x7f0000000140)="ead5e92719a44591801f33", 0xb}, {&(0x7f0000000180)="f3f97053495b072215aee864193557c0dabdd253711d5ed9b131c5abd8796e5759ab1f639211e68e24bf4471b6ab1429b165c7248cded82bfb4a3f48e8d0", 0x3e}], 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="2c0000000000000000005766e58d249baf209301ffffffff0000000000000000000000000000000000000000000000001c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="ac1414aae000000200000000"], 0x50}}, {{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000380)="c1ad061c5d914eadd95de7fb63eb7b0306d91c25f3fba6c97eda8ade2420dfe1fe0f5c7a01d724be33a44f1cd52028110d8f7dd4b3421a3fe4b2066d179f938ba15c3956e1aaad35035bcde7b90ed59ee2de06c8a4af3de95b", 0x59}], 0x1}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000004240)=[{&(0x7f0000000400)="01d4f4f5b19ed14641c549d118f8916305244efa6bf80577db9feca473691b3a898fa697c61ab8f94573801ce2925bb5a2f435b9a0a05bfe14d60fdafdd527f43b4aedd78fb063444536de7462504fad8e262e908962f9b0c733b4635e28ca332833abfe8f3d366aa9477de5", 0x6c}], 0x1}}], 0x4, 0xc080)
syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)

9.412692494s ago: executing program 3 (id=1319):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x5b5d}, [@IFLA_AF_SPEC={0x24, 0x1a, 0x0, 0x1, [@AF_INET6={0x20, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x14, 0x7, @private2={0xfc, 0x2, '\x00', 0x1}}, @IFLA_INET6_ADDR_GEN_MODE={0x5, 0x8, 0x2}]}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x1}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x1, 0x9, &(0x7f0000000080)=@framed={{0x18, 0x3}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd, @generic={0x66}, @initr0]}, 0x0}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000009c0)={0x6, 0x0, 0x0, 0x0, 0xdf64, 0x0, 0x0, 0x41100, 0x5, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000580)={0x8, 0x3}, 0x8, 0x10, &(0x7f00000006c0)={0x5, 0xc, 0x7, 0x43e64c37}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
sendmsg$NLBL_UNLABEL_C_STATICADD(0xffffffffffffffff, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x50}, 0x20000800)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000100)={'macvlan1\x00', 0x0})
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11", 0xce}], 0x3, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

8.801317454s ago: executing program 2 (id=1320):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$kcm(0x10, 0x400000002, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfb, {0x0, 0x0, 0x0, r6, {0x0, 0x1}, {0xffff, 0xffff}, {0xffff, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x4000)
sendmsg$nl_route_sched(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=@newtfilter={0x34, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfc, {0x0, 0x0, 0x0, r6, {0x0, 0xf}, {}, {0x7, 0x9}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x24000014}, 0x20084084)
socket$nl_generic(0x10, 0x3, 0x10)
connect$ax25(0xffffffffffffffff, &(0x7f00000001c0)={{0x3, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, 0x5}, [@bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @bcast, @bcast, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @bcast]}, 0x48)
setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX(0xffffffffffffffff, 0x84, 0x6e, &(0x7f0000000700), 0x0)
syz_genetlink_get_family_id$smc(0x0, 0xffffffffffffffff)
syz_usb_connect(0x2, 0x34, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000892e791000000000259c0102030109022200010000000009040000000e010000082402010102000008"], 0x0)

8.171864102s ago: executing program 1 (id=1321):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca0000c441f96ec80fc4c60066400fe2def3ad46c7045300101000f00fc01ec422e10399c5c1202066410f6f15040000000000e1f563df", 0xdc000006, 0x0}, 0x0, 0x8, &(0x7f0000000300))
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f0000000000), 0xffffffffffffffff)
getsockopt$ARPT_SO_GET_ENTRIES(0xffffffffffffffff, 0x0, 0x61, &(0x7f0000000000)=ANY=[@ANYBLOB='fil'], 0x0)
sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)

7.885032037s ago: executing program 3 (id=1323):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000000080)=ANY=[@ANYBLOB="700000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="000000000d2e5bf308000300", @ANYRES32=0x0, @ANYBLOB], 0x70}, 0x1, 0x0, 0x0, 0x4}, 0x0)

7.294362382s ago: executing program 3 (id=1326):
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = userfaultfd(0x801)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x3})
syz_io_uring_setup(0x50cf, &(0x7f0000000000)={0x0, 0xfffffffc, 0x40000, 0x2, 0x333}, 0x0, &(0x7f0000ff4000))
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)

6.392512081s ago: executing program 4 (id=1327):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
socket$inet6_sctp(0xa, 0x1, 0x84)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000002000), 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$VIDIOC_LOG_STATUS(r2, 0x5646, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x9, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3fe, 0x5, 0x3, 0x9, 0x8, 0x45ff, 0x7ffffffc}, 0x0, 0x0)

5.280426257s ago: executing program 0 (id=1329):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$igmp(0x2, 0x3, 0x2)
r3 = syz_open_dev$vim2m(0x0, 0x1000, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r3, 0xc0d05605, &(0x7f0000000040)={0x1, @pix={0xc2, 0x80000001, 0x35315258, 0x2, 0xff, 0x8, 0x6, 0x6, 0x0, 0x0, 0x1}})
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x6)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
r4 = socket$kcm(0x2d, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r4, 0x89e2, &(0x7f0000000040))
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mount(&(0x7f0000000980)=@filename='./file0\x00', &(0x7f00000009c0)='./file0\x00', &(0x7f0000000a00)='ocfs2_dlmfs\x00', 0x100000, &(0x7f0000000a40)='%]^&.\x00')
mlockall(0x7)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r5, &(0x7f0000005b40)=[{{&(0x7f0000000000)={0x2, 0x4e20, @multicast2}, 0x10, &(0x7f00000001c0)=[{&(0x7f0000000040)="f37481d90eeaead391345b4da9d27e24c9c670da3afc5c00009700"/38, 0x26}, {&(0x7f0000000140)="ead5e92719a44591801f33", 0xb}, {&(0x7f0000000180)="f3f97053495b072215aee864193557c0dabdd253711d5ed9b131c5abd8796e5759ab1f639211e68e24bf4471b6ab1429b165c7248cded82bfb4a3f48e8d0", 0x3e}], 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="2c0000000000000000005766e58d249baf209301ffffffff0000000000000000000000000000000000000000000000001c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="ac1414aae000000200000000"], 0x50}}, {{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000380)="c1ad061c5d914eadd95de7fb63eb7b0306d91c25f3fba6c97eda8ade2420dfe1fe0f5c7a01d724be33a44f1cd52028110d8f7dd4b3421a3fe4b2066d179f938ba15c3956e1aaad35035bcde7b90ed59ee2de06c8a4af3de95b", 0x59}], 0x1}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000004240)=[{&(0x7f0000000400)="01d4f4f5b19ed14641c549d118f8916305244efa6bf80577db9feca473691b3a898fa697c61ab8f94573801ce2925bb5a2f435b9a0a05bfe14d60fdafdd527f43b4aedd78fb063444536de7462504fad8e262e908962f9b0c733b4635e28ca332833abfe8f3d366aa9477de5", 0x6c}], 0x1}}], 0x4, 0xc080)
syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)

4.819744459s ago: executing program 3 (id=1330):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
epoll_create1(0x0)
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$SNDCTL_DSP_SETTRIGGER(r3, 0x40045010, &(0x7f0000000000))
mmap$dsp(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x9, 0x11, r3, 0x0)

4.816500659s ago: executing program 4 (id=1331):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
syz_emit_ethernet(0x4a, &(0x7f00000003c0)=ANY=[@ANYBLOB="aaaaafaaaaaa00000000000086dd60ff00f500140600fe8000000000000000000000000000bbfe80aa00004e220000000000000000000000010049fb48358456ea1a9234c1baf675b106b3df3b9160361863535e87258cd89124ad66f2327a3c26c38585bc1943abc5bff0c01b7f73cfde6ef7ab69d10ceb3e9618b39c6b472d23cc8c8dd4f78ebc366953d20b2f4b31d02444eddbf637720668c9abd7c8a6829bdd0a000000000000000000", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="50c2000090780000"], 0x0)
r0 = syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$video(&(0x7f0000000000), 0x75, 0x0)
ioctl$VIDIOC_G_STD(r1, 0x80085617, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
mmap$IORING_OFF_SQ_RING(&(0x7f0000511000/0x4000)=nil, 0x4000, 0x4000004, 0x5d031, 0xffffffffffffffff, 0x0)
sigaltstack(&(0x7f0000000480)={&(0x7f0000004000)=""/4126, 0x80000001, 0x101e}, 0x0)
gettid()
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r3, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
mkdir(0x0, 0x0)

3.913389308s ago: executing program 0 (id=1332):
socket$can_raw(0x1d, 0x3, 0x1)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="2c00000013000100000000000000000007000000", @ANYRES32=0x0, @ANYBLOB="28150000020000000c001aab0600058004c601"], 0x2c}, 0x1, 0x0, 0x0, 0x4048904}, 0x4)
r0 = socket$kcm(0x10, 0x2, 0x10)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x2)
openat$rfkill(0xffffffffffffff9c, 0x0, 0x801, 0x0)
openat$rtc(0xffffffffffffff9c, &(0x7f0000000100), 0x4e2481, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
syz_emit_ethernet(0x5a, &(0x7f0000000500)=ANY=[@ANYBLOB], 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002000)=""/102400, 0x19000)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x10, 0x0, &(0x7f0000000240))
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030041000b05d25a806c8c6394f90324fc60100000000a000200053582c137153e3704020180fc5409000c00", 0x33fe0}], 0x1}, 0x0)

2.52891683s ago: executing program 4 (id=1333):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x5c, 0x30, 0x1, 0x0, 0x0, {}, [{0x48, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e78, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x800}, 0x40000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000003c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount$9p_virtio(&(0x7f00000001c0), 0x0, &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[])
chdir(&(0x7f0000000300)='./file0\x00')
ustat(0x5, &(0x7f0000000180))
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x30)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, 0xffffffffffffffff, 0x0)
r3 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet(r3, &(0x7f0000000c80)=[{{&(0x7f0000000040)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000440)=[{&(0x7f0000000180)="fd", 0x1}], 0x1}}], 0x1, 0x0)
keyctl$clear(0x7, 0xfffffffffffffffb)

2.528066406s ago: executing program 3 (id=1334):
socketpair$unix(0x1, 0x3, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6, 0x0, 0x1}}, 0x40)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
syz_usb_connect(0x0, 0x34, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100002c464708c2153b003e66010203010902220001000000000904000001e3fe11000905000000000000000705936b90"], 0x0)
r1 = eventfd(0xffffffff)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680))

2.423925384s ago: executing program 0 (id=1335):
socket$vsock_stream(0x28, 0x1, 0x0)
mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB='trans', @ANYRESHEX, @ANYRESHEX, @ANYBLOB=',\x00'])
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080), 0x80882, 0x0)
r0 = syz_io_uring_setup(0x9e, &(0x7f0000000000)={0x0, 0xec25, 0x0, 0x2, 0x4000032f}, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000002000)=""/102400, 0x19000)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x6007, @fd_index=0x4, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001800)=""/211, 0xd3}], 0x1})
io_uring_enter(r0, 0x47ba, 0x0, 0x0, 0x0, 0x0)

1.49841283s ago: executing program 4 (id=1336):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000000080)=ANY=[@ANYBLOB="700000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="000000000d2e5bf308000300", @ANYRES32=0x0, @ANYBLOB="4800128009000100626f6e64000000"], 0x70}, 0x1, 0x0, 0x0, 0x4}, 0x0)

1.408130278s ago: executing program 0 (id=1337):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
keyctl$instantiate(0xc, 0x0, 0x0, 0x2a, 0x0)
add_key(0x0, &(0x7f0000000180), 0x0, 0x0, 0xfffffffffffffffe)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_open_dev$dri(0x0, 0x0, 0x0)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001440)={0x6, 0x3, &(0x7f0000001240)=@raw=[@map_idx={0x18, 0x3}, @func={0x85, 0x0, 0x1, 0x0, 0x2}], &(0x7f0000000280)='GPL\x00', 0x10005, 0xda, &(0x7f0000001340)=""/218, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f00000004c0)={0x1}, 0x10}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000a00)={r0, 0x0, 0x0}, 0x10)
syz_emit_ethernet(0x72, &(0x7f0000000040)={@broadcast, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "120008", 0x3c, 0x3a, 0x0, @remote, @local, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "5b29ab", 0x0, 0x11, 0x0, @private1, @empty, [], "fb36eeca6fad50b340972a58"}}}}}}}, 0x0)
add_key$user(&(0x7f00000003c0), &(0x7f0000000440), 0x0, 0x0, 0xfffffffffffffffd)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r2 = dup(r1)
write$UHID_INPUT(r2, &(0x7f0000001980)={0x9, {"a2e3ad214fc752f91b2909094bf70e0dd038e7ff7fc6e5539b324c078b089b323b3b6d1a0890e0878f0e1ac6e7049b076d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31300d076d0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b4bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)

1.27415053s ago: executing program 4 (id=1338):
r0 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x2, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
getpid()
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$IOC_WATCH_QUEUE_SET_SIZE(0xffffffffffffffff, 0x5760, 0x3c)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000026c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34665c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbccbddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e712a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd13f4cec49669e443dcb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ef8dba2f23b01a9ae44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af40000000000000005f58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef07000000000000006da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405a07feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09c0e5a3bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea10d3cfb41b92ecbb422a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f74562adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b4412331d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd100fcffff007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711c6529ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a22c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29008000000000000005ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc030ea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efd936b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800001f00000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351b9332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a138d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fce43d8c53a8031e64026e0d36b6401064c49a729f11ab377f7132c5232bb80195dd5d43d29646a9378eea0761b7ed9d2172e33ed87c7413c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828b07f1dc7df9c8e5da22dfb9dacbf5529e4e994128d835f85465173ea7bbcc519a0c9798ce8b1b07567e3e07169c8c3e4da8bf725c050000000000000000000000000000000000000000004775abdf0c62728eb55a9e2849a1ce05bed60dfe4cc9fa43f9684297c02382c0a35829be7a86305792a9d2e80ca9e8fc50f31f6e0fa810303da03d8b74b42c1ebaf16bb343256405a3a07229a54de09a97b269cd29e8b2f0b0d46c51a6a93eec37f4bc6e29a8e19120ae050ab682662e9b2cc3263a4aba62b63ca9123a53c0f4bf3c4463b8144c89bf058a0af0ae9fc2b7cdfc4817703e267cddc193637d7fd97646090da37093657643daae3840c7f5c10f93524f7ae4791ec6e9d9722e5f670ccb358e051a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@cgroup=r4, r4, 0x2f, 0x14, 0x4, @void, @value=r4}, 0x20)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=@newnexthop={0xe4, 0x68, 0x20, 0x70bd27, 0x25dfdbfe, {0x0, 0x0, 0x1, 0x0, 0x4}, [@NHA_ENCAP={0xff, 0x8, 0x0, 0x1, @LWT_BPF_IN={0xb8, 0x1, 0x0, 0x1, @LWT_BPF_PROG_FD={0x0, 0x1, r4}}}, @NHA_GROUP={0x4}, @NHA_FDB={0x4}, @NHA_GROUP_TYPE={0x6, 0x3, 0x1}]}, 0xe4}, 0x1, 0x0, 0x0, 0x4000000}, 0x40010)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000014c80020850000000400000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0xa101, 0x0)
ioctl$TCSETS(r5, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x3, 0x0, 0x0, "0062ba7d82000000000000000000f7fffeff00"})
r6 = syz_open_pts(r5, 0x8102)
dup3(r6, r5, 0x0)
openat$cgroup_subtree(0xffffffffffffffff, 0x0, 0x2, 0x0)

1.172052228s ago: executing program 2 (id=1339):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = dup(0xffffffffffffffff)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
unlink(0x0)
bind$inet6(0xffffffffffffffff, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(0xffffffffffffffff, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
syz_open_dev$I2C(&(0x7f0000000040), 0x0, 0x0)
r4 = syz_io_uring_setup(0x318b, &(0x7f00000003c0)={0x0, 0xfec9, 0x8, 0x3}, &(0x7f0000000280), &(0x7f0000000380))
io_uring_enter(r4, 0xdb4, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x79, 0x11, 0xa8}, [@ldst={0x5}], {0x95, 0x0, 0x74}}, &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops}, 0x48)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)

1.124061889s ago: executing program 0 (id=1340):
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = userfaultfd(0x801)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x3})
syz_io_uring_setup(0x50cf, &(0x7f0000000000)={0x0, 0xfffffffc, 0x40000, 0x2, 0x333}, 0x0, &(0x7f0000ff4000))
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)

542.976517ms ago: executing program 1 (id=1341):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x80c03, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280)=0x1)

155.546289ms ago: executing program 4 (id=1342):
r0 = syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0xa382)
sched_setscheduler(0x0, 0x1, 0x0)
openat$mixer(0xffffffffffffff9c, 0x0, 0x101403, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000))
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0)
bpf$MAP_GET_NEXT_KEY(0x4, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002000)=""/102400, 0x19000)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
getcwd(0x0, 0xfffffffffffffe7d)
sendmsg$nl_generic(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001080)={0x14, 0x38, 0x301, 0x70bd2b, 0x25dfdbfa, {0x5}}, 0x14}}, 0x40800)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000002c0)="2e00000010008188040f80ec59acbc0413010048100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
r4 = memfd_create(&(0x7f0000000680)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\xa4\xf4\xe0\xe8\xed\xf4\x1eM\xd8\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5\x81I\xf0\xbcG\xdf\xac\xcd\x81\x03S\xc0\xea\xdd|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\x00\x00', 0x1)
pwritev(r4, &(0x7f00000000c0)=[{&(0x7f0000000180)='P', 0x1}], 0x1, 0x800000, 0x0)
ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r4)
r5 = landlock_create_ruleset(0x0, 0x0, 0x0)
landlock_restrict_self(r5, 0x0)
syz_open_dev$media(&(0x7f0000000180), 0x6, 0x202)
close(0xffffffffffffffff)

118.457078ms ago: executing program 0 (id=1343):
clock_settime(0x0, &(0x7f0000000240)={0x77359400})
clock_adjtime(0x0, &(0x7f00000003c0)={0x7, 0x9, 0x380000, 0x8, 0xfffffffffffffff9, 0xfffffffffffffff7, 0x9, 0x0, 0xc, 0x6, 0x7, 0x4, 0xfffffffffffff04f, 0x3, 0x200000080000000, 0xfffffffffffffff8, 0xffffffffffffffff, 0x5, 0x0, 0x100, 0x6, 0x2, 0x5, 0x3, 0x34, 0x8})
clock_adjtime(0x0, &(0x7f0000000900)={0x6, 0x20000000e, 0xf, 0x0, 0xf, 0x8000000000000000, 0xa, 0x2, 0x9, 0x4, 0x5, 0x8000000000000000, 0xc, 0x9, 0x7, 0x9, 0x8, 0x3, 0x8, 0x80000000, 0x0, 0x5, 0x7, 0x7, 0x3, 0x6})

0s ago: executing program 1 (id=1344):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0)
socket$phonet(0x23, 0x2, 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r3, 0x3b81, &(0x7f00000003c0)={0xc, 0x0, <r4=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r3, 0x3b85, &(0x7f00000000c0)={0x28, 0x7, r4, 0x0, &(0x7f0000800000/0x800000)=nil, 0x800000})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r3, 0x3ba0, &(0x7f0000000340)={0x48, 0x5, r4, 0x0, 0xffffffffffffffff, 0x1})

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.0.217' (ED25519) to the list of known hosts.
[   73.407911][ T5820] cgroup: Unknown subsys name 'net'
[   73.574874][ T5820] cgroup: Unknown subsys name 'cpuset'
[   73.584073][ T5820] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   75.084770][ T5820] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   77.607526][ T5840] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   77.616393][ T5840] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   77.625157][ T5846] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   77.626398][ T5841] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   77.633278][ T5846] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   77.649482][ T5841] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   77.653932][ T5840] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   77.657063][ T5841] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   77.664273][ T5840] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   77.672503][ T5845] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   77.679289][ T5840] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   77.685157][ T5845] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   77.692177][ T5840] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   77.699093][ T5845] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   77.717874][ T5845] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   77.721343][ T5840] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   77.733213][ T5840] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   77.740935][ T5840] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   77.748855][ T5840] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   77.756519][ T5840] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   77.763661][ T5845] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   77.769841][ T5845] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   77.779098][ T5845] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   77.800158][ T5154] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   77.809588][ T5154] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   78.324326][ T5831] chnl_net:caif_netlink_parms(): no params data found
[   78.454881][ T5830] chnl_net:caif_netlink_parms(): no params data found
[   78.532379][ T5837] chnl_net:caif_netlink_parms(): no params data found
[   78.562620][ T5833] chnl_net:caif_netlink_parms(): no params data found
[   78.694086][ T5831] bridge0: port 1(bridge_slave_0) entered blocking state
[   78.702063][ T5831] bridge0: port 1(bridge_slave_0) entered disabled state
[   78.709552][ T5831] bridge_slave_0: entered allmulticast mode
[   78.717724][ T5831] bridge_slave_0: entered promiscuous mode
[   78.740747][ T5843] chnl_net:caif_netlink_parms(): no params data found
[   78.752803][ T5831] bridge0: port 2(bridge_slave_1) entered blocking state
[   78.759960][ T5831] bridge0: port 2(bridge_slave_1) entered disabled state
[   78.767260][ T5831] bridge_slave_1: entered allmulticast mode
[   78.776401][ T5831] bridge_slave_1: entered promiscuous mode
[   78.876894][ T5833] bridge0: port 1(bridge_slave_0) entered blocking state
[   78.884164][ T5833] bridge0: port 1(bridge_slave_0) entered disabled state
[   78.892267][ T5833] bridge_slave_0: entered allmulticast mode
[   78.899301][ T5833] bridge_slave_0: entered promiscuous mode
[   78.909916][ T5831] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   78.943963][ T5830] bridge0: port 1(bridge_slave_0) entered blocking state
[   78.951342][ T5830] bridge0: port 1(bridge_slave_0) entered disabled state
[   78.958546][ T5830] bridge_slave_0: entered allmulticast mode
[   78.966217][ T5830] bridge_slave_0: entered promiscuous mode
[   78.986691][ T5833] bridge0: port 2(bridge_slave_1) entered blocking state
[   78.993975][ T5833] bridge0: port 2(bridge_slave_1) entered disabled state
[   79.001511][ T5833] bridge_slave_1: entered allmulticast mode
[   79.008506][ T5833] bridge_slave_1: entered promiscuous mode
[   79.017243][ T5831] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   79.038356][ T5837] bridge0: port 1(bridge_slave_0) entered blocking state
[   79.045650][ T5837] bridge0: port 1(bridge_slave_0) entered disabled state
[   79.052893][ T5837] bridge_slave_0: entered allmulticast mode
[   79.059854][ T5837] bridge_slave_0: entered promiscuous mode
[   79.067111][ T5830] bridge0: port 2(bridge_slave_1) entered blocking state
[   79.076507][ T5830] bridge0: port 2(bridge_slave_1) entered disabled state
[   79.084003][ T5830] bridge_slave_1: entered allmulticast mode
[   79.091486][ T5830] bridge_slave_1: entered promiscuous mode
[   79.130045][ T5837] bridge0: port 2(bridge_slave_1) entered blocking state
[   79.137259][ T5837] bridge0: port 2(bridge_slave_1) entered disabled state
[   79.144958][ T5837] bridge_slave_1: entered allmulticast mode
[   79.152548][ T5837] bridge_slave_1: entered promiscuous mode
[   79.191194][ T5831] team0: Port device team_slave_0 added
[   79.235827][ T5833] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   79.246805][ T5831] team0: Port device team_slave_1 added
[   79.279065][ T5830] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   79.295273][ T5830] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   79.317864][ T5833] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   79.352160][ T5837] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   79.364660][ T5837] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   79.398379][ T5843] bridge0: port 1(bridge_slave_0) entered blocking state
[   79.405976][ T5843] bridge0: port 1(bridge_slave_0) entered disabled state
[   79.413647][ T5843] bridge_slave_0: entered allmulticast mode
[   79.420607][ T5843] bridge_slave_0: entered promiscuous mode
[   79.440200][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_0
[   79.447237][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   79.473258][ T5831] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   79.499903][ T5830] team0: Port device team_slave_0 added
[   79.506476][ T5843] bridge0: port 2(bridge_slave_1) entered blocking state
[   79.513806][ T5843] bridge0: port 2(bridge_slave_1) entered disabled state
[   79.521103][ T5843] bridge_slave_1: entered allmulticast mode
[   79.528859][ T5843] bridge_slave_1: entered promiscuous mode
[   79.539012][ T5833] team0: Port device team_slave_0 added
[   79.548203][ T5833] team0: Port device team_slave_1 added
[   79.555594][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_1
[   79.563179][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   79.589190][ T5831] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   79.615947][ T5837] team0: Port device team_slave_0 added
[   79.624768][ T5830] team0: Port device team_slave_1 added
[   79.675967][ T5837] team0: Port device team_slave_1 added
[   79.717540][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_0
[   79.724594][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   79.751395][ T5833] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   79.764886][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_1
[   79.772419][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   79.798756][ T5833] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   79.798872][ T5154] Bluetooth: hci1: command tx timeout
[   79.815529][ T5154] Bluetooth: hci4: command tx timeout
[   79.821038][ T5842] Bluetooth: hci2: command tx timeout
[   79.839471][ T5830] batman_adv: batadv0: Adding interface: batadv_slave_0
[   79.846706][ T5830] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   79.872795][ T5842] Bluetooth: hci0: command tx timeout
[   79.878396][ T5830] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   79.881465][ T5842] Bluetooth: hci3: command tx timeout
[   79.891361][ T5830] batman_adv: batadv0: Adding interface: batadv_slave_1
[   79.901474][ T5830] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   79.927638][ T5830] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   79.941091][ T5843] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   79.984935][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_0
[   79.992435][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   80.018727][ T5837] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   80.032538][ T5843] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   80.059617][ T5831] hsr_slave_0: entered promiscuous mode
[   80.066314][ T5831] hsr_slave_1: entered promiscuous mode
[   80.088634][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_1
[   80.095894][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   80.121972][ T5837] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   80.182355][ T5830] hsr_slave_0: entered promiscuous mode
[   80.188562][ T5830] hsr_slave_1: entered promiscuous mode
[   80.194983][ T5830] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   80.203138][ T5830] Cannot create hsr debugfs directory
[   80.214071][ T5843] team0: Port device team_slave_0 added
[   80.250637][ T5833] hsr_slave_0: entered promiscuous mode
[   80.257826][ T5833] hsr_slave_1: entered promiscuous mode
[   80.264181][ T5833] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   80.271790][ T5833] Cannot create hsr debugfs directory
[   80.279199][ T5843] team0: Port device team_slave_1 added
[   80.423508][ T5837] hsr_slave_0: entered promiscuous mode
[   80.429882][ T5837] hsr_slave_1: entered promiscuous mode
[   80.436231][ T5837] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   80.444006][ T5837] Cannot create hsr debugfs directory
[   80.450051][ T5843] batman_adv: batadv0: Adding interface: batadv_slave_0
[   80.457334][ T5843] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   80.483796][ T5843] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   80.526343][ T5843] batman_adv: batadv0: Adding interface: batadv_slave_1
[   80.533420][ T5843] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   80.559712][ T5843] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   80.805187][ T5843] hsr_slave_0: entered promiscuous mode
[   80.812335][ T5843] hsr_slave_1: entered promiscuous mode
[   80.818406][ T5843] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   80.826827][ T5843] Cannot create hsr debugfs directory
[   81.031779][ T5831] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   81.051714][ T5831] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   81.061765][ T5831] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   81.077222][ T5831] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   81.156465][ T5837] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   81.167828][ T5837] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   81.178080][ T5837] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   81.198853][ T5837] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   81.283005][ T5830] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   81.307242][ T5830] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   81.336144][ T5830] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   81.347057][ T5830] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   81.436105][ T5831] 8021q: adding VLAN 0 to HW filter on device bond0
[   81.445140][ T5833] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   81.463288][ T5833] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   81.494769][ T5833] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   81.508044][ T5833] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   81.563684][ T5831] 8021q: adding VLAN 0 to HW filter on device team0
[   81.572232][ T5843] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   81.584909][ T5843] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   81.595807][ T5843] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   81.619010][ T5843] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   81.630333][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[   81.637576][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[   81.663089][ T5837] 8021q: adding VLAN 0 to HW filter on device bond0
[   81.679344][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[   81.686484][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[   81.765213][ T5837] 8021q: adding VLAN 0 to HW filter on device team0
[   81.812753][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   81.819903][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   81.836138][ T5830] 8021q: adding VLAN 0 to HW filter on device bond0
[   81.871193][ T5842] Bluetooth: hci4: command tx timeout
[   81.876703][ T5845] Bluetooth: hci2: command tx timeout
[   81.890972][ T5154] Bluetooth: hci1: command tx timeout
[   81.906378][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[   81.913529][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[   81.951473][ T5842] Bluetooth: hci3: command tx timeout
[   81.956964][ T5842] Bluetooth: hci0: command tx timeout
[   82.010327][ T5830] 8021q: adding VLAN 0 to HW filter on device team0
[   82.055527][ T5833] 8021q: adding VLAN 0 to HW filter on device bond0
[   82.076300][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[   82.083494][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[   82.099770][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[   82.106949][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[   82.178957][ T5843] 8021q: adding VLAN 0 to HW filter on device bond0
[   82.197867][ T5833] 8021q: adding VLAN 0 to HW filter on device team0
[   82.236479][ T5830] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   82.249816][ T5830] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   82.268411][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[   82.275592][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[   82.294342][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[   82.301567][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[   82.335576][ T5843] 8021q: adding VLAN 0 to HW filter on device team0
[   82.405749][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[   82.412981][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[   82.434323][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[   82.441612][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[   82.507744][ T5831] 8021q: adding VLAN 0 to HW filter on device batadv0
[   82.698947][ T5830] 8021q: adding VLAN 0 to HW filter on device batadv0
[   82.726491][ T5837] 8021q: adding VLAN 0 to HW filter on device batadv0
[   82.794247][ T5831] veth0_vlan: entered promiscuous mode
[   82.844260][ T5831] veth1_vlan: entered promiscuous mode
[   82.860363][ T5830] veth0_vlan: entered promiscuous mode
[   82.897516][ T5830] veth1_vlan: entered promiscuous mode
[   82.934794][ T5837] veth0_vlan: entered promiscuous mode
[   82.990089][ T5837] veth1_vlan: entered promiscuous mode
[   83.017407][ T5831] veth0_macvtap: entered promiscuous mode
[   83.052293][ T5830] veth0_macvtap: entered promiscuous mode
[   83.066245][ T5831] veth1_macvtap: entered promiscuous mode
[   83.083724][ T5830] veth1_macvtap: entered promiscuous mode
[   83.120339][ T5837] veth0_macvtap: entered promiscuous mode
[   83.133723][ T5833] 8021q: adding VLAN 0 to HW filter on device batadv0
[   83.152906][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_0
[   83.160605][ T5837] veth1_macvtap: entered promiscuous mode
[   83.177220][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_0
[   83.202776][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_1
[   83.223909][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_1
[   83.250380][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_0
[   83.269449][ T5831] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   83.278999][ T5831] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   83.288716][ T5831] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   83.298202][ T5831] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   83.319993][ T5830] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   83.329132][ T5830] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   83.344587][ T5830] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   83.353415][ T5830] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   83.373336][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_1
[   83.419406][ T5837] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   83.430563][ T5837] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   83.444100][ T5837] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   83.452908][ T5837] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   83.466058][ T5843] 8021q: adding VLAN 0 to HW filter on device batadv0
[   83.646622][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   83.655345][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   83.682194][  T154] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   83.697416][  T154] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   83.752334][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   83.771587][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   83.799715][ T5843] veth0_vlan: entered promiscuous mode
[   83.824471][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   83.836859][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   83.870118][ T5833] veth0_vlan: entered promiscuous mode
[   83.885184][ T5843] veth1_vlan: entered promiscuous mode
[   83.936329][ T5833] veth1_vlan: entered promiscuous mode
[   83.953103][ T5842] Bluetooth: hci2: command tx timeout
[   83.958548][ T5842] Bluetooth: hci4: command tx timeout
[   83.964118][ T5154] Bluetooth: hci1: command tx timeout
[   83.974077][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   83.980193][ T5831] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   83.986515][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   84.011573][  T154] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   84.035179][ T5154] Bluetooth: hci3: command tx timeout
[   84.040667][ T5842] Bluetooth: hci0: command tx timeout
[   84.053100][  T154] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   84.084873][ T5833] veth0_macvtap: entered promiscuous mode
[   84.176691][ T5843] veth0_macvtap: entered promiscuous mode
[   84.235223][ T5833] veth1_macvtap: entered promiscuous mode
[   84.267432][ T5843] veth1_macvtap: entered promiscuous mode
[   84.384428][ T5843] batman_adv: batadv0: Interface activated: batadv_slave_0
[   84.398433][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_0
[   84.433770][ T5843] batman_adv: batadv0: Interface activated: batadv_slave_1
[   84.450670][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_1
[   84.513757][ T5948] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   84.617653][ T5833] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   84.683852][ T5833] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   84.716356][ T5833] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   84.726995][ T5833] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   84.763014][ T5843] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   84.768418][ T5948] usb 3-1: Using ep0 maxpacket: 32
[   84.798373][ T5948] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   84.801566][ T5843] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   84.823255][ T5948] usb 3-1: New USB device found, idVendor=04d8, idProduct=00df, bcdDevice= 0.00
[   84.846816][ T5948] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   84.855815][ T5843] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   84.890266][ T5843] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   84.929932][ T5948] usb 3-1: config 0 descriptor??
[   85.030505][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   85.186838][ T5961] bridge0: port 2(bridge_slave_1) entered disabled state
[   85.194592][ T5961] bridge0: port 1(bridge_slave_0) entered disabled state
[   85.372475][ T5948] mcp2200 0003:04D8:00DF.0001: item fetching failed at offset 0/2
[   85.407029][ T5948] mcp2200 0003:04D8:00DF.0001: can't parse reports
[   85.426072][ T5948] mcp2200 0003:04D8:00DF.0001: probe with driver mcp2200 failed with error -22
[   85.659013][ T5948] usb 3-1: USB disconnect, device number 2
[   85.660337][ T5961] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   85.686350][ T5961] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   85.801207][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   85.812291][ T5961] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   85.829403][ T5961] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   85.839914][ T5961] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   85.854308][ T5961] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   85.952109][    T0] NOHZ tick-stop error: local softirq work is pending, handler #340!!!
[   86.032849][ T5842] Bluetooth: hci4: command tx timeout
[   86.038318][ T5842] Bluetooth: hci1: command tx timeout
[   86.046903][ T5154] Bluetooth: hci2: command tx timeout
[   86.111349][ T5842] Bluetooth: hci0: command tx timeout
[   86.113215][ T5154] Bluetooth: hci3: command tx timeout
[   86.132845][ T5968] Bluetooth: MGMT ver 1.23
[   86.138881][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   86.181213][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   86.348903][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   86.381225][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   86.771144][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   86.941709][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   87.180766][    T0] NOHZ tick-stop error: local softirq work is pending, handler #c2!!!
[   87.197557][   T68] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   87.283252][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[   87.292889][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   87.373865][   T68] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   87.501172][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   87.509284][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   87.795336][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[   88.031197][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   88.449338][ T6004] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   88.681664][ T5986] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   88.977229][ T6002] sctp: failed to load transform for md5: -2
[   89.222339][ T6011] process 'syz.2.14' launched './file0' with NULL argv: empty string added
[   89.400084][ T6011] 9pnet: Could not find request transport: fd0xffffffffffffffff
[   91.156961][ T6025] netlink: 56 bytes leftover after parsing attributes in process `syz.1.18'.
[   91.244440][ T6025] netlink: 8 bytes leftover after parsing attributes in process `syz.1.18'.
[   91.266984][ T6027] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   91.722204][   T24] cfg80211: failed to load regulatory.db
[   93.648038][ T6042] vlan2: entered promiscuous mode
[   93.659109][ T5978] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   93.674076][ T6042] vlan2: entered allmulticast mode
[   93.679378][ T6042] hsr_slave_1: entered allmulticast mode
[   93.685317][ T5978] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   93.696977][ T6042] netlink: 4 bytes leftover after parsing attributes in process `syz.4.24'.
[   94.082836][ T5154] Bluetooth: Unexpected continuation frame (len 16)
[   95.048777][ T6056] fuse: Unknown parameter 'group_i00000000000000000000'
[   97.034876][ T6067] netlink: 44 bytes leftover after parsing attributes in process `syz.3.30'.
[   97.281870][ T6066] block nbd0: shutting down sockets
[   99.400991][ T6089] netlink: 172 bytes leftover after parsing attributes in process `syz.3.36'.
[  100.160763][ T5154] Bluetooth: Unexpected continuation frame (len 16)
[  101.521597][ T6118] usb usb8: usbfs: process 6118 (syz.4.46) did not claim interface 0 before use
[  101.698826][ T6120] netlink: 44 bytes leftover after parsing attributes in process `syz.0.44'.
[  101.887693][ T6115] Zero length message leads to an empty skb
[  103.395897][ T6135] NILFS (nullb0): couldn't find nilfs on the device
[  103.610243][ T6137] ubi31: attaching mtd0
[  103.617119][ T6137] ubi31: scanning is finished
[  103.621891][ T6137] ubi31: empty MTD device detected
[  103.815326][ T6137] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB)
[  103.823044][ T6137] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  103.830335][ T6137] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1
[  103.837432][ T6137] ubi31: VID header offset: 64 (aligned 64), data offset: 128
[  103.844961][ T6137] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  103.851858][ T6137] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23
[  103.859929][ T6137] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 567049782
[  103.869934][ T6137] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  103.893202][ T6138] ubi31: background thread "ubi_bgt31d" started, PID 6138
[  107.531650][ T6165] netlink: 32 bytes leftover after parsing attributes in process `syz.1.58'.
[  108.037885][   T30] audit: type=1326 audit(1753214457.195:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6167 comm="syz.4.59" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f4652d8e9a9 code=0x0
[  111.011579][ T6195] netlink: 'syz.0.66': attribute type 13 has an invalid length.
[  112.841029][ T6208] netlink: 'syz.3.70': attribute type 10 has an invalid length.
[  112.865401][ T6208] netlink: 40 bytes leftover after parsing attributes in process `syz.3.70'.
[  113.089849][ T6212] NILFS (nullb0): couldn't find nilfs on the device
[  113.221393][ T5154] Bluetooth: Unexpected continuation frame (len 16)
[  113.240265][   T30] audit: type=1326 audit(1753214462.355:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6209 comm="syz.4.71" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4652d8e9a9 code=0x0
[  113.695292][ T6205] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  114.180961][   T24] usb 1-1: new full-speed USB device number 2 using dummy_hcd
[  114.457569][   T24] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  114.458499][ T6208] team0: Port device geneve0 added
[  114.547939][   T24] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  114.602416][   T24] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  114.615219][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  115.000525][ T6205] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  115.579490][   T24] usb 1-1: usb_control_msg returned -32
[  115.606254][   T24] usbtmc 1-1:16.0: can't read capabilities
[  115.859103][ T6205] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  115.894041][ T6236] usbtmc 1-1:16.0: usb_control_msg returned -32
[  115.972648][ T5948] usb 1-1: USB disconnect, device number 2
[  116.019121][ T6205] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  116.646094][ T6245] netlink: 'syz.2.80': attribute type 13 has an invalid length.
[  119.500332][ T6245] bridge0: port 2(bridge_slave_1) entered disabled state
[  119.507991][ T6245] bridge0: port 1(bridge_slave_0) entered disabled state
[  121.205588][ T6245] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  121.352648][ T6245] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  121.657077][ T6245] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  121.668386][ T6245] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  121.695923][ T6245] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  121.705985][ T6245] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  122.122313][ T6271] geneve2: entered promiscuous mode
[  122.787528][ T6205] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  122.852073][ T6279] ubi: mtd0 is already attached to ubi31
[  123.141101][ T6282] 9pnet_fd: p9_fd_create_unix (6282): address too long: ./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[  123.157586][ T6205] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  123.248609][    C0] vkms_vblank_simulate: vblank timer overrun
[  123.485380][ T6205] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  124.283711][ T6205] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  125.281889][ T5903] usb 3-1: new full-speed USB device number 3 using dummy_hcd
[  125.464787][ T5903] usb 3-1: New USB device found, idVendor=0000, idProduct=0000, bcdDevice=9c.25
[  125.511357][ T5903] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  125.519411][ T5903] usb 3-1: Product: syz
[  125.557930][ T5903] usb 3-1: Manufacturer: syz
[  125.593694][ T5903] usb 3-1: SerialNumber: syz
[  125.609179][ T5903] usb 3-1: config 0 descriptor??
[  125.637667][ T5903] gspca_main: spca501-2.14.0 probing 0000:0000
[  125.824858][ T6308] netlink: 'syz.3.98': attribute type 4 has an invalid length.
[  125.936112][ T5966] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  126.237230][ T5903] gspca_spca501: reg write: error -110
[  126.243946][ T5903] spca501 3-1:0.0: Reg write failed for 0x02,0x0f,0x05
[  126.251455][ T5903] spca501 3-1:0.0: probe with driver spca501 failed with error -22
[  126.259895][ T5903] usb 3-1: Found UVC 0.00 device syz (0000:0000)
[  126.266861][ T5903] usb 3-1: No valid video chain found.
[  126.714791][ T5966] usb 1-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  126.725339][ T5966] usb 1-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  126.770515][ T5966] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  126.784040][ T5966] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  126.801422][ T5966] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  126.840643][ T5966] usb 1-1: Product: syz
[  126.874486][ T5966] usb 1-1: Manufacturer: syz
[  126.925256][ T5966] usb 1-1: SerialNumber: syz
[  127.349940][ T6316] netlink: 'syz.3.101': attribute type 1 has an invalid length.
[  127.470652][   T24] usb 3-1: USB disconnect, device number 3
[  127.726658][ T5966] usb 1-1: 0:2 : does not exist
[  127.787143][ T5966] usb 1-1: USB disconnect, device number 3
[  128.152653][ T5851] udevd[5851]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  128.588922][ T6321] fuse: Bad value for 'fd'
[  129.597592][ T6330] netlink: 8 bytes leftover after parsing attributes in process `syz.0.105'.
[  132.681376][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  132.687925][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  134.890885][   T24] usb 4-1: new full-speed USB device number 2 using dummy_hcd
[  135.198221][   T24] usb 4-1: New USB device found, idVendor=0000, idProduct=0000, bcdDevice=9c.25
[  135.280913][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  135.318282][   T24] usb 4-1: Product: syz
[  135.328712][   T24] usb 4-1: Manufacturer: syz
[  135.348688][   T24] usb 4-1: SerialNumber: syz
[  135.517518][   T24] usb 4-1: config 0 descriptor??
[  135.574649][   T24] gspca_main: spca501-2.14.0 probing 0000:0000
[  135.592770][   T24] gspca_spca501: reg write: error -71
[  135.607153][   T24] spca501 4-1:0.0: Reg write failed for 0x02,0x0f,0x05
[  135.748286][ T6378] netlink: 8 bytes leftover after parsing attributes in process `syz.2.119'.
[  136.319654][   T24] spca501 4-1:0.0: probe with driver spca501 failed with error -22
[  136.969622][   T24] usb 4-1: Found UVC 0.00 device syz (0000:0000)
[  137.120853][   T24] usb 4-1: No valid video chain found.
[  137.194128][   T24] usb 4-1: USB disconnect, device number 2
[  139.413712][ T6405] netlink: 'syz.3.126': attribute type 13 has an invalid length.
[  140.449439][ T6405] bridge0: port 2(bridge_slave_1) entered disabled state
[  140.457464][ T6405] bridge0: port 1(bridge_slave_0) entered disabled state
[  140.528080][ T6419] hub 2-0:1.0: USB hub found
[  140.679559][ T6419] hub 2-0:1.0: 1 port detected
[  141.663056][ T6427] fuse: Bad value for 'fd'
[  141.731273][ T6405] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  141.767800][ T6405] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  142.224776][ T6405] netdevsim netdevsim3 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  142.234425][ T6405] netdevsim netdevsim3 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  142.243731][ T6405] netdevsim netdevsim3 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  142.253336][ T6405] netdevsim netdevsim3 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  142.349687][ T6407] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  142.357635][ T6407] batadv_slave_1: entered promiscuous mode
[  142.415247][ T6407] batman_adv: batadv0: Removing interface: batadv_slave_1
[  143.840177][ T6451] netlink: 'syz.0.137': attribute type 7 has an invalid length.
[  143.929339][ T6451] : entered promiscuous mode
[  147.369564][ T6519] netlink: 'syz.1.147': attribute type 13 has an invalid length.
[  147.809487][ T6524] netlink: 32 bytes leftover after parsing attributes in process `syz.3.148'.
[  149.079543][ T6519] bridge0: port 2(bridge_slave_1) entered disabled state
[  149.087290][ T6519] bridge0: port 1(bridge_slave_0) entered disabled state
[  149.745622][ T6519] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  151.178563][ T6519] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  151.203155][ T6519] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  151.238874][ T6519] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  151.270933][ T6519] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  151.600143][ T5903] usb 3-1: new full-speed USB device number 4 using dummy_hcd
[  151.714795][   T30] audit: type=1326 audit(1753214500.875:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6544 comm="syz.3.152" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4b8778e9a9 code=0x0
[  153.928694][ T5903] usb 3-1: New USB device found, idVendor=0000, idProduct=0000, bcdDevice=9c.25
[  153.953978][ T5903] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  154.067706][ T5903] usb 3-1: Product: syz
[  154.080139][ T5903] usb 3-1: Manufacturer: syz
[  154.121399][ T5903] usb 3-1: config 0 descriptor??
[  154.265280][ T5903] usb 3-1: can't set config #0, error -71
[  154.275098][ T5903] usb 3-1: USB disconnect, device number 4
[  154.322534][ T6567] fuse: Invalid rootmode
[  155.335286][ T6579] =======================================================
[  155.335286][ T6579] WARNING: The mand mount option has been deprecated and
[  155.335286][ T6579]          and is ignored by this kernel. Remove the mand
[  155.335286][ T6579]          option from the mount to silence this warning.
[  155.335286][ T6579] =======================================================
[  155.396644][ T6579] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  157.086104][ T6591] 9pnet_fd: Insufficient options for proto=fd
[  163.384868][ T6643] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  164.267641][ T6656] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  171.355652][ T6701] syz.3.196 uses obsolete (PF_INET,SOCK_PACKET)
[  171.618109][ T6701] block device autoloading is deprecated and will be removed.
[  171.664646][ T6705] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(13)
[  171.671396][ T6705] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  171.713341][ T6709] ubi: mtd0 is already attached to ubi31
[  171.760606][ T6705] vhci_hcd vhci_hcd.0: Device attached
[  172.140775][ T5902] usb 39-1: new low-speed USB device number 2 using vhci_hcd
[  172.250868][ T6707] vhci_hcd: connection closed
[  172.254775][ T6486] vhci_hcd: stop threads
[  172.268082][ T6486] vhci_hcd: release socket
[  172.336812][ T6486] vhci_hcd: disconnect device
[  175.260016][ T6742] netlink: 8 bytes leftover after parsing attributes in process `syz.3.205'.
[  175.475984][ T6741] netlink: 8 bytes leftover after parsing attributes in process `syz.3.205'.
[  177.381676][ T5902] vhci_hcd: vhci_device speed not set
[  180.057015][ T6779] ubi: mtd0 is already attached to ubi31
[  182.144954][ T6805] binder_alloc: 6802: binder_alloc_buf, no vma
[  182.795390][ T6811] trusted_key: encrypted_key: insufficient parameters specified
[  183.978756][ T6820] fuse: Bad value for 'fd'
[  190.860859][ T6864] fuse: Unknown parameter 'group_id00000000000000000000'
[  191.165096][ T6863] netlink: 44 bytes leftover after parsing attributes in process `syz.0.239'.
[  192.214477][ T6882] ubi: mtd0 is already attached to ubi31
[  194.161822][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  194.168194][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  197.441910][ T6922] ubi: mtd0 is already attached to ubi31
[  197.989871][ T6926] fuse: Unknown parameter 'user_i00000000000000000000'
[  198.375536][ T6933] ubi: mtd0 is already attached to ubi31
[  200.998758][ T6957] trusted_key: syz.0.264 sent an empty control message without MSG_MORE.
[  202.163134][ T5840] Bluetooth: hci2: command 0x0406 tx timeout
[  202.169297][ T5840] Bluetooth: hci0: command 0x0406 tx timeout
[  202.191256][ T5840] Bluetooth: hci3: command 0x0406 tx timeout
[  202.197308][ T5840] Bluetooth: hci1: command 0x0406 tx timeout
[  207.775950][ T7035] netlink: 'syz.1.275': attribute type 7 has an invalid length.
[  207.790352][ T7035] : entered promiscuous mode
[  209.428670][ T7049] netlink: 8 bytes leftover after parsing attributes in process `syz.0.281'.
[  210.941573][    T9] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  211.546266][    T9] usb 4-1: config 0 has an invalid interface number: 98 but max is 0
[  211.554551][    T9] usb 4-1: config 0 has no interface number 0
[  211.569169][    T9] usb 4-1: config 0 interface 98 has no altsetting 0
[  211.578597][    T9] usb 4-1: New USB device found, idVendor=1110, idProduct=9024, bcdDevice=db.24
[  211.597917][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  211.623074][    T9] usb 4-1: Product: syz
[  211.650615][    T9] usb 4-1: Manufacturer: syz
[  211.668403][    T9] usb 4-1: SerialNumber: syz
[  211.747211][    T9] usb 4-1: config 0 descriptor??
[  212.696226][    T9] usb 4-1: [ueagle-atm] ADSL device founded vid (0X1110) pid (0X9024) Rev (0XDB24): Eagle II
[  213.558849][    T9] usb 4-1: reset high-speed USB device number 3 using dummy_hcd
[  213.654001][ T7045] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  213.911814][ T7101] capability: warning: `syz.4.291' uses deprecated v2 capabilities in a way that may be insecure
[  214.407655][    T9] usb 4-1: [ueagle-atm] pre-firmware device, uploading firmware
[  214.415549][    T9] usb 4-1: [ueagle-atm] loading firmware ueagle-atm/eagleII.fw
[  214.426233][ T5948] usb 4-1: Direct firmware load for ueagle-atm/eagleII.fw failed with error -2
[  214.456255][    T9] usb 4-1: USB disconnect, device number 3
[  214.503789][ T5948] usb 4-1: Falling back to sysfs fallback for: ueagle-atm/eagleII.fw
[  214.506600][ T7101] fuse: Bad value for 'user_id'
[  215.691146][ T5948] firmware ueagle-atm!eagleII.fw: fw_load_sysfs_fallback: device_register failed
[  215.750901][ T7101] fuse: Bad value for 'user_id'
[  215.776842][ T5948] usb 4-1: [UEAGLE-ATM] firmware is not available
[  216.660945][ T7151] netlink: 168 bytes leftover after parsing attributes in process `syz.2.298'.
[  218.914735][ T7175] netlink: 'syz.2.301': attribute type 21 has an invalid length.
[  220.613373][ T7186] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  223.076956][ T7245] netlink: 32 bytes leftover after parsing attributes in process `syz.4.312'.
[  223.974961][ T7257] netlink: 8 bytes leftover after parsing attributes in process `syz.3.317'.
[  227.385522][ T5154] Bluetooth: hci0: unexpected event for opcode 0x201c
[  231.310853][   T24] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  232.363729][   T24] usb 4-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  232.379534][   T24] usb 4-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  232.403517][   T24] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  232.418254][   T24] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  232.430130][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  232.441105][   T24] usb 4-1: Product: syz
[  232.445395][   T24] usb 4-1: Manufacturer: syz
[  232.455512][   T24] usb 4-1: SerialNumber: syz
[  233.570207][   T24] usb 4-1: 0:2 : does not exist
[  233.598681][ T7334] openvswitch: netlink: IP tunnel dst address not specified
[  233.769817][   T24] usb 4-1: USB disconnect, device number 4
[  233.966889][ T5851] udevd[5851]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  234.622968][ T5902] usb 3-1: new full-speed USB device number 5 using dummy_hcd
[  234.819180][ T5902] usb 3-1: New USB device found, idVendor=0000, idProduct=0000, bcdDevice=9c.25
[  234.923615][ T5902] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  235.010101][ T5902] usb 3-1: Product: syz
[  235.084354][ T5902] usb 3-1: Manufacturer: syz
[  235.147971][ T5902] usb 3-1: SerialNumber: syz
[  235.341707][ T5902] usb 3-1: config 0 descriptor??
[  235.392358][ T5902] gspca_main: spca501-2.14.0 probing 0000:0000
[  235.977903][ T5902] gspca_spca501: reg write: error -110
[  236.496799][ T5902] spca501 3-1:0.0: Reg write failed for 0x02,0x0f,0x05
[  236.519867][ T5902] spca501 3-1:0.0: probe with driver spca501 failed with error -22
[  236.534410][ T5902] usb 3-1: Found UVC 0.00 device syz (0000:0000)
[  236.541031][ T5902] usb 3-1: No valid video chain found.
[  237.031453][ T5902] usb 3-1: USB disconnect, device number 5
[  237.482191][ T7367] openvswitch: netlink: IP tunnel dst address not specified
[  240.300778][ T5902] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  240.560225][ T5154] Bluetooth: Unexpected continuation frame (len 16)
[  240.570731][   T30] audit: type=1326 audit(1753214589.725:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7391 comm="syz.4.360" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4652d8e9a9 code=0x0
[  240.622460][ T5902] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  240.818547][ T5902] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  240.857663][ T5902] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  240.866982][ T5902] usb 4-1: New USB device strings: Mfr=0, Product=13, SerialNumber=0
[  240.879860][ T5902] usb 4-1: Product: syz
[  240.936699][ T7382] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  240.956557][ T5902] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[  241.223491][ T5154] Bluetooth: Unexpected continuation frame (len 16)
[  242.654513][ T7408] warning: `syz.4.363' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  243.567165][ T7417] syz_tun: entered allmulticast mode
[  243.625913][ T7412] syz_tun: left allmulticast mode
[  251.764022][   T24] usb 4-1: USB disconnect, device number 5
[  254.208141][ T7499] netlink: 32 bytes leftover after parsing attributes in process `syz.3.387'.
[  254.893288][ T7505] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(13)
[  254.899972][ T7505] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  254.964172][ T7505] vhci_hcd vhci_hcd.0: Device attached
[  255.201111][    T9] usb 39-1: new low-speed USB device number 3 using vhci_hcd
[  255.246069][ T7511] syzkaller0: entered promiscuous mode
[  255.262350][ T7507] vhci_hcd: connection reset by peer
[  255.274869][   T68] vhci_hcd: stop threads
[  255.274865][ T7511] syzkaller0: entered allmulticast mode
[  255.338349][   T68] vhci_hcd: release socket
[  255.366075][   T68] vhci_hcd: disconnect device
[  255.564336][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  255.570748][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  256.417064][ T7521] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  259.365601][ T7549] netlink: 32 bytes leftover after parsing attributes in process `syz.4.398'.
[  260.343870][    T9] vhci_hcd: vhci_device speed not set
[  261.805076][ T5154] Bluetooth: Unexpected continuation frame (len 16)
[  261.823116][   T30] audit: type=1326 audit(1753214610.975:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7564 comm="syz.4.404" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4652d8e9a9 code=0x0
[  263.089022][ T7576] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  263.410023][ T7593] fuse: Unknown parameter 'user_id00000000000000000000'
[  264.430754][ T7594] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(13)
[  264.437383][ T7594] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  264.548091][ T7594] vhci_hcd vhci_hcd.0: Device attached
[  265.204334][ T7595] vhci_hcd: connection closed
[  265.205351][ T6485] vhci_hcd: stop threads
[  265.290712][    T9] usb 39-1: new low-speed USB device number 4 using vhci_hcd
[  265.299359][ T6485] vhci_hcd: release socket
[  265.304191][ T6485] vhci_hcd: disconnect device
[  265.470581][ T7609] binder: 7608:7609 ioctl c0306201 0 returned -14
[  265.499185][ T7609] binder: 7608:7609 unknown command 0
[  265.525377][ T7609] binder: 7608:7609 ioctl c0306201 2000000003c0 returned -22
[  265.546627][ T7609] binder: 7608:7609 ioctl c0306201 0 returned -14
[  270.451444][    T9] vhci_hcd: vhci_device speed not set
[  273.382705][ T7672] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  277.002826][ T7700] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  279.538877][ T7727] block device autoloading is deprecated and will be removed.
[  279.548844][ T7727] syz.1.443: attempt to access beyond end of device
[  279.548844][ T7727] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  280.272126][ T7730] fuse: Unknown parameter 'fd0x0000000000000003'
[  280.807249][ T7739] ip6erspan0: entered promiscuous mode
[  280.940293][ T7739] tipc: Started in network mode
[  280.945418][ T7739] tipc: Node identity 03000000000000004879ffffffffffff, cluster identity 4711
[  282.919649][ T7752] lo speed is unknown, defaulting to 1000
[  282.925676][ T7752] lo speed is unknown, defaulting to 1000
[  282.934192][ T7752] lo speed is unknown, defaulting to 1000
[  282.945690][ T7752] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  282.962839][ T7752] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  282.996190][ T7752] lo speed is unknown, defaulting to 1000
[  283.004781][ T7752] lo speed is unknown, defaulting to 1000
[  283.012446][ T7752] lo speed is unknown, defaulting to 1000
[  283.020366][ T7752] lo speed is unknown, defaulting to 1000
[  283.028100][ T7752] lo speed is unknown, defaulting to 1000
[  283.740332][    T9] usb 2-1: new full-speed USB device number 2 using dummy_hcd
[  283.895248][    T9] usb 2-1: New USB device found, idVendor=0000, idProduct=0000, bcdDevice=9c.25
[  283.908294][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  283.972738][    T9] usb 2-1: Product: syz
[  283.980476][    T9] usb 2-1: Manufacturer: syz
[  283.992430][    T9] usb 2-1: SerialNumber: syz
[  284.021065][    T9] usb 2-1: config 0 descriptor??
[  284.035266][    T9] gspca_main: spca501-2.14.0 probing 0000:0000
[  284.628676][    T9] gspca_spca501: reg write: error -110
[  284.771201][    T9] spca501 2-1:0.0: Reg write failed for 0x02,0x0f,0x05
[  284.874875][    T9] spca501 2-1:0.0: probe with driver spca501 failed with error -22
[  284.895481][    T9] usb 2-1: Found UVC 0.00 device syz (0000:0000)
[  284.955772][    T9] usb 2-1: No valid video chain found.
[  285.241803][ T5902] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  285.589020][ T5902] usb 1-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  285.751224][ T5902] usb 1-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  285.766199][ T5902] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  286.810052][ T5902] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  286.874953][ T5948] usb 2-1: USB disconnect, device number 2
[  286.880773][ T5902] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  286.880813][ T5902] usb 1-1: Product: syz
[  286.880863][ T5902] usb 1-1: Manufacturer: syz
[  286.880880][ T5902] usb 1-1: SerialNumber: syz
[  287.169183][ T7780] 9pnet_fd: Insufficient options for proto=fd
[  287.893991][ T5902] usb 1-1: 0:2 : does not exist
[  288.562144][    T9] usb 1-1: USB disconnect, device number 4
[  288.570975][ T7789] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  289.299533][ T7802] overlayfs: failed to resolve './file0': -2
[  290.537931][ T7820] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(14)
[  290.544592][ T7820] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  290.661537][ T7820] vhci_hcd vhci_hcd.0: Device attached
[  291.536927][ T5948] usb 35-1: new low-speed USB device number 2 using vhci_hcd
[  291.639303][ T7823] vhci_hcd: connection reset by peer
[  292.203108][ T5902] usb 5-1: new full-speed USB device number 2 using dummy_hcd
[  292.217156][   T68] vhci_hcd: stop threads
[  292.255543][   T68] vhci_hcd: release socket
[  292.381862][   T68] vhci_hcd: disconnect device
[  292.420551][ T5902] usb 5-1: New USB device found, idVendor=0000, idProduct=0000, bcdDevice=9c.25
[  292.448716][ T5902] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  292.483271][ T5902] usb 5-1: Product: syz
[  292.487595][ T5902] usb 5-1: Manufacturer: syz
[  292.636352][ T5902] usb 5-1: SerialNumber: syz
[  292.662232][ T5902] usb 5-1: config 0 descriptor??
[  292.674098][ T7836] netlink: 168 bytes leftover after parsing attributes in process `syz.3.471'.
[  292.714059][ T5902] gspca_main: spca501-2.14.0 probing 0000:0000
[  293.328738][ T5902] gspca_spca501: reg write: error -110
[  293.349850][ T5902] spca501 5-1:0.0: Reg write failed for 0x02,0x0f,0x05
[  293.376605][ T5902] spca501 5-1:0.0: probe with driver spca501 failed with error -22
[  293.411124][ T5902] usb 5-1: Found UVC 0.00 device syz (0000:0000)
[  293.447890][ T5902] usb 5-1: No valid video chain found.
[  294.094600][ T5902] usb 5-1: USB disconnect, device number 2
[  294.521544][ T5946] usb 3-1: new full-speed USB device number 6 using dummy_hcd
[  294.689281][ T5154] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201'
[  294.699003][ T5154] CPU: 1 UID: 0 PID: 5154 Comm: kworker/u9:1 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(full) 
[  294.699019][ T5154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  294.699028][ T5154] Workqueue: hci3 hci_rx_work
[  294.699056][ T5154] Call Trace:
[  294.699064][ T5154]  <TASK>
[  294.699070][ T5154]  dump_stack_lvl+0x189/0x250
[  294.699087][ T5154]  ? kernfs_path_from_node+0x2c/0x260
[  294.699105][ T5154]  ? __pfx_dump_stack_lvl+0x10/0x10
[  294.699119][ T5154]  ? __pfx__printk+0x10/0x10
[  294.699137][ T5154]  ? kernfs_path_from_node+0x2c/0x260
[  294.699152][ T5154]  ? kernfs_path_from_node+0x2c/0x260
[  294.699169][ T5154]  ? kernfs_path_from_node+0x22c/0x260
[  294.699183][ T5154]  ? kernfs_path_from_node+0x2c/0x260
[  294.699200][ T5154]  sysfs_create_dir_ns+0x259/0x280
[  294.699217][ T5154]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  294.699234][ T5154]  ? do_raw_spin_unlock+0x122/0x240
[  294.699254][ T5154]  kobject_add_internal+0x59f/0xb40
[  294.699276][ T5154]  kobject_add+0x155/0x220
[  294.699295][ T5154]  ? __pfx_kobject_add+0x10/0x10
[  294.699310][ T5154]  ? _raw_spin_unlock+0x28/0x50
[  294.699333][ T5154]  ? get_device_parent+0x366/0x3a0
[  294.699355][ T5154]  device_add+0x408/0xb50
[  294.699377][ T5154]  hci_conn_add_sysfs+0xd5/0x1e0
[  294.699399][ T5154]  le_conn_complete_evt+0xc3a/0x1220
[  294.699425][ T5154]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  294.699443][ T5154]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  294.699456][ T5154]  ? __asan_memcpy+0x40/0x70
[  294.699476][ T5154]  ? __pfx___mutex_lock+0x10/0x10
[  294.699502][ T5154]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  294.699516][ T5154]  ? skb_pull_data+0xfb/0x200
[  294.699534][ T5154]  hci_le_conn_complete_evt+0x187/0x450
[  294.699555][ T5154]  hci_event_packet+0x78f/0x1200
[  294.699571][ T5154]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  294.699589][ T5154]  ? __pfx_hci_event_packet+0x10/0x10
[  294.699603][ T5154]  ? kcov_remote_start+0x4d3/0x7f0
[  294.699621][ T5154]  ? lockdep_hardirqs_on+0x90/0x150
[  294.699636][ T5154]  ? hci_send_to_monitor+0xe2/0x570
[  294.699656][ T5154]  hci_rx_work+0x46a/0xe80
[  294.699681][ T5154]  ? process_scheduled_works+0x9ef/0x17b0
[  294.699696][ T5154]  process_scheduled_works+0xade/0x17b0
[  294.699729][ T5154]  ? __pfx_process_scheduled_works+0x10/0x10
[  294.699755][ T5154]  worker_thread+0x8a0/0xda0
[  294.699772][ T5154]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  294.699798][ T5154]  ? __kthread_parkme+0x7b/0x200
[  294.699819][ T5154]  kthread+0x711/0x8a0
[  294.699838][ T5154]  ? __pfx_worker_thread+0x10/0x10
[  294.699852][ T5154]  ? __pfx_kthread+0x10/0x10
[  294.699870][ T5154]  ? _raw_spin_unlock_irq+0x23/0x50
[  294.699890][ T5154]  ? lockdep_hardirqs_on+0x9c/0x150
[  294.699901][ T5154]  ? __pfx_kthread+0x10/0x10
[  294.699919][ T5154]  ret_from_fork+0x3fc/0x770
[  294.699938][ T5154]  ? __pfx_ret_from_fork+0x10/0x10
[  294.699954][ T5154]  ? __switch_to_asm+0x39/0x70
[  294.699970][ T5154]  ? __switch_to_asm+0x33/0x70
[  294.699984][ T5154]  ? __pfx_kthread+0x10/0x10
[  294.700002][ T5154]  ret_from_fork_asm+0x1a/0x30
[  294.700029][ T5154]  </TASK>
[  294.700049][ T5154] kobject: kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  295.009817][ T5946] usb 3-1: device descriptor read/64, error -71
[  295.016150][ T5154] Bluetooth: hci3: failed to register connection device
[  295.281071][ T5946] usb 3-1: new full-speed USB device number 7 using dummy_hcd
[  295.420860][ T5946] usb 3-1: device descriptor read/64, error -71
[  295.568379][ T5946] usb usb3-port1: attempt power cycle
[  296.041841][ T5946] usb 3-1: new full-speed USB device number 8 using dummy_hcd
[  296.083912][ T5946] usb 3-1: device descriptor read/8, error -71
[  296.158453][ T7861] ubi: mtd0 is already attached to ubi31
[  296.770535][ T5948] vhci_hcd: vhci_device speed not set
[  296.780052][ T5845] Bluetooth: Unexpected continuation frame (len 16)
[  296.797922][   T30] audit: type=1326 audit(1753214645.955:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7853 comm="syz.3.478" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4b8778e9a9 code=0x0
[  297.122889][ T5946] usb 3-1: new full-speed USB device number 9 using dummy_hcd
[  297.156754][ T5946] usb 3-1: device descriptor read/8, error -71
[  297.277492][ T5946] usb usb3-port1: unable to enumerate USB device
[  297.740667][ T5946] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  298.092989][ T5946] usb 3-1: Using ep0 maxpacket: 8
[  298.142046][ T5946] usb 3-1: config index 0 descriptor too short (expected 6427, got 27)
[  298.233253][ T5946] usb 3-1: config 0 has an invalid interface number: 21 but max is 0
[  298.328576][ T5946] usb 3-1: config 0 has no interface number 0
[  298.360754][ T5946] usb 3-1: config 0 interface 21 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  298.410680][ T5946] usb 3-1: config 0 interface 21 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  298.568335][ T5946] usb 3-1: config 0 interface 21 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  298.589127][ T5946] usb 3-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4
[  298.606470][ T5946] usb 3-1: New USB device strings: Mfr=0, Product=1, SerialNumber=0
[  299.229899][ T5946] usb 3-1: Product: syz
[  299.250538][ T5946] usb 3-1: config 0 descriptor??
[  299.404856][ T7872] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  299.871837][ T5946] usb 3-1: USB disconnect, device number 10
[  301.770200][ T5845] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201'
[  301.780011][ T5845] CPU: 0 UID: 0 PID: 5845 Comm: kworker/u9:6 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(full) 
[  301.780036][ T5845] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  301.780049][ T5845] Workqueue: hci1 hci_rx_work
[  301.780074][ T5845] Call Trace:
[  301.780082][ T5845]  <TASK>
[  301.780091][ T5845]  dump_stack_lvl+0x189/0x250
[  301.780117][ T5845]  ? kernfs_path_from_node+0x2c/0x260
[  301.780144][ T5845]  ? __pfx_dump_stack_lvl+0x10/0x10
[  301.780167][ T5845]  ? __pfx__printk+0x10/0x10
[  301.780195][ T5845]  ? __rcu_read_unlock+0x84/0xe0
[  301.780222][ T5845]  ? kernfs_path_from_node+0x2c/0x260
[  301.780258][ T5845]  ? kernfs_path_from_node+0x22c/0x260
[  301.780284][ T5845]  ? kernfs_path_from_node+0x2c/0x260
[  301.780310][ T5845]  sysfs_create_dir_ns+0x259/0x280
[  301.780335][ T5845]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  301.780358][ T5845]  ? do_raw_spin_unlock+0x122/0x240
[  301.780389][ T5845]  kobject_add_internal+0x59f/0xb40
[  301.780427][ T5845]  kobject_add+0x155/0x220
[  301.780455][ T5845]  ? __pfx_kobject_add+0x10/0x10
[  301.780478][ T5845]  ? _raw_spin_unlock+0x3f/0x50
[  301.780512][ T5845]  ? get_device_parent+0x366/0x3a0
[  301.780544][ T5845]  device_add+0x408/0xb50
[  301.780575][ T5845]  hci_conn_add_sysfs+0xd5/0x1e0
[  301.780611][ T5845]  le_conn_complete_evt+0xc3a/0x1220
[  301.780647][ T5845]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  301.780673][ T5845]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  301.780693][ T5845]  ? __asan_memcpy+0x40/0x70
[  301.780722][ T5845]  ? __pfx___mutex_lock+0x10/0x10
[  301.780744][ T5845]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  301.780764][ T5845]  ? skb_pull_data+0xfb/0x200
[  301.780789][ T5845]  hci_le_conn_complete_evt+0x187/0x450
[  301.780820][ T5845]  hci_event_packet+0x78f/0x1200
[  301.780842][ T5845]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  301.780867][ T5845]  ? __pfx_hci_event_packet+0x10/0x10
[  301.780889][ T5845]  ? kcov_remote_start+0x4d3/0x7f0
[  301.780915][ T5845]  ? lockdep_hardirqs_on+0x90/0x150
[  301.780936][ T5845]  ? hci_send_to_monitor+0xe2/0x570
[  301.780964][ T5845]  hci_rx_work+0x46a/0xe80
[  301.780991][ T5845]  ? process_scheduled_works+0x9ef/0x17b0
[  301.781014][ T5845]  process_scheduled_works+0xade/0x17b0
[  301.781061][ T5845]  ? __pfx_process_scheduled_works+0x10/0x10
[  301.781099][ T5845]  worker_thread+0x8a0/0xda0
[  301.781145][ T5845]  kthread+0x711/0x8a0
[  301.781190][ T5845]  ? __pfx_worker_thread+0x10/0x10
[  301.781211][ T5845]  ? __pfx_kthread+0x10/0x10
[  301.781238][ T5845]  ? _raw_spin_unlock_irq+0x23/0x50
[  301.781269][ T5845]  ? lockdep_hardirqs_on+0x9c/0x150
[  301.781286][ T5845]  ? __pfx_kthread+0x10/0x10
[  301.781313][ T5845]  ret_from_fork+0x3fc/0x770
[  301.781335][ T5845]  ? __pfx_ret_from_fork+0x10/0x10
[  301.781361][ T5845]  ? __switch_to_asm+0x39/0x70
[  301.781384][ T5845]  ? __switch_to_asm+0x33/0x70
[  301.781407][ T5845]  ? __pfx_kthread+0x10/0x10
[  301.781441][ T5845]  ret_from_fork_asm+0x1a/0x30
[  301.781482][ T5845]  </TASK>
[  302.250780][ T5845] kobject: kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  302.264917][ T5845] Bluetooth: hci1: failed to register connection device
[  305.223781][ T5154] Bluetooth: Unexpected continuation frame (len 16)
[  305.238796][   T30] audit: type=1326 audit(1753214654.395:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7944 comm="syz.3.498" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4b8778e9a9 code=0x0
[  306.366972][ T7959] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  309.936537][ T7986] fuse: Unknown parameter '0x0000000000000006'
[  311.412934][ T8000] netlink: 36 bytes leftover after parsing attributes in process `syz.3.510'.
[  311.422179][ T8000] netlink: 36 bytes leftover after parsing attributes in process `syz.3.510'.
[  311.474369][ T7992] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  311.864044][   T30] audit: type=1326 audit(1753214661.015:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7988 comm="syz.0.507" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa19cd8e9a9 code=0x0
[  314.228910][ T8017] infiniband syz2: set down
[  314.233593][ T8017] infiniband syz2: added bridge_slave_0
[  314.303321][ T8017] RDS/IB: syz2: added
[  314.307933][ T8017] smc: adding ib device syz2 with port count 1
[  314.314219][ T8017] smc:    ib device syz2 port 1 has pnetid 
[  315.043971][ T5154] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:201'
[  315.058800][ T5154] CPU: 0 UID: 0 PID: 5154 Comm: kworker/u9:1 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(full) 
[  315.058842][ T5154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  315.058855][ T5154] Workqueue: hci4 hci_rx_work
[  315.058879][ T5154] Call Trace:
[  315.058886][ T5154]  <TASK>
[  315.058895][ T5154]  dump_stack_lvl+0x189/0x250
[  315.058919][ T5154]  ? kernfs_path_from_node+0x2c/0x260
[  315.058943][ T5154]  ? __pfx_dump_stack_lvl+0x10/0x10
[  315.058966][ T5154]  ? __pfx__printk+0x10/0x10
[  315.058993][ T5154]  ? kernfs_path_from_node+0x2c/0x260
[  315.059014][ T5154]  ? kernfs_path_from_node+0x2c/0x260
[  315.059039][ T5154]  ? kernfs_path_from_node+0x22c/0x260
[  315.059061][ T5154]  ? kernfs_path_from_node+0x2c/0x260
[  315.059089][ T5154]  sysfs_create_dir_ns+0x259/0x280
[  315.059114][ T5154]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  315.059140][ T5154]  ? do_raw_spin_unlock+0x122/0x240
[  315.059189][ T5154]  kobject_add_internal+0x59f/0xb40
[  315.059225][ T5154]  kobject_add+0x155/0x220
[  315.059267][ T5154]  ? __pfx_kobject_add+0x10/0x10
[  315.059291][ T5154]  ? _raw_spin_unlock+0x28/0x50
[  315.059327][ T5154]  ? get_device_parent+0x366/0x3a0
[  315.059360][ T5154]  device_add+0x408/0xb50
[  315.059394][ T5154]  hci_conn_add_sysfs+0xd5/0x1e0
[  315.059447][ T5154]  le_conn_complete_evt+0xc3a/0x1220
[  315.059489][ T5154]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  315.059517][ T5154]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  315.059539][ T5154]  ? __asan_memcpy+0x40/0x70
[  315.059570][ T5154]  ? __pfx___mutex_lock+0x10/0x10
[  315.059594][ T5154]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  315.059624][ T5154]  ? skb_pull_data+0xfb/0x200
[  315.059653][ T5154]  hci_le_conn_complete_evt+0x187/0x450
[  315.059689][ T5154]  hci_event_packet+0x78f/0x1200
[  315.059715][ T5154]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  315.059744][ T5154]  ? __pfx_hci_event_packet+0x10/0x10
[  315.059769][ T5154]  ? kcov_remote_start+0x4d3/0x7f0
[  315.059799][ T5154]  ? lockdep_hardirqs_on+0x90/0x150
[  315.059824][ T5154]  ? hci_send_to_monitor+0xe2/0x570
[  315.059856][ T5154]  hci_rx_work+0x46a/0xe80
[  315.059887][ T5154]  ? process_scheduled_works+0x9ef/0x17b0
[  315.059912][ T5154]  process_scheduled_works+0xade/0x17b0
[  315.059968][ T5154]  ? __pfx_process_scheduled_works+0x10/0x10
[  315.060011][ T5154]  worker_thread+0x8a0/0xda0
[  315.060038][ T5154]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  315.060080][ T5154]  ? __kthread_parkme+0x7b/0x200
[  315.060125][ T5154]  kthread+0x711/0x8a0
[  315.060155][ T5154]  ? __pfx_worker_thread+0x10/0x10
[  315.060195][ T5154]  ? __pfx_kthread+0x10/0x10
[  315.060225][ T5154]  ? _raw_spin_unlock_irq+0x23/0x50
[  315.060257][ T5154]  ? lockdep_hardirqs_on+0x9c/0x150
[  315.060276][ T5154]  ? __pfx_kthread+0x10/0x10
[  315.060304][ T5154]  ret_from_fork+0x3fc/0x770
[  315.060328][ T5154]  ? __pfx_ret_from_fork+0x10/0x10
[  315.060355][ T5154]  ? __switch_to_asm+0x39/0x70
[  315.060381][ T5154]  ? __switch_to_asm+0x33/0x70
[  315.060405][ T5154]  ? __pfx_kthread+0x10/0x10
[  315.060436][ T5154]  ret_from_fork_asm+0x1a/0x30
[  315.060481][ T5154]  </TASK>
[  315.060508][ T5154] kobject: kobject_add_internal failed for hci4:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  315.371953][ T5154] Bluetooth: hci4: failed to register connection device
[  316.995808][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  317.020786][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  317.253339][ T8044] netlink: 88 bytes leftover after parsing attributes in process `syz.3.520'.
[  318.334733][ T8051] (unnamed net_device) (uninitialized): option downdelay: invalid value (18446744073709551609)
[  318.366915][ T8051] (unnamed net_device) (uninitialized): option downdelay: allowed values 0 - 2147483647
[  318.396322][ T8051] netlink: 4 bytes leftover after parsing attributes in process `syz.1.519'.
[  318.668214][ T8058] netlink: 36 bytes leftover after parsing attributes in process `syz.2.524'.
[  318.677636][ T8058] netlink: 36 bytes leftover after parsing attributes in process `syz.2.524'.
[  322.980907][   T30] audit: type=1326 audit(1753214671.975:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8082 comm="syz.1.532" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7feb7838e9a9 code=0x0
[  323.239264][ T8097] netlink: 44 bytes leftover after parsing attributes in process `syz.4.529'.
[  323.801251][ T8104] netlink: 'syz.1.535': attribute type 10 has an invalid length.
[  323.809086][ T8104] netlink: 40 bytes leftover after parsing attributes in process `syz.1.535'.
[  323.818875][ T8104] dummy0: entered promiscuous mode
[  323.836216][ T8104] bridge0: port 3(dummy0) entered blocking state
[  323.843329][ T8104] bridge0: port 3(dummy0) entered disabled state
[  323.850475][ T8104] dummy0: entered allmulticast mode
[  324.291497][ T8105] netlink: 36 bytes leftover after parsing attributes in process `syz.0.536'.
[  324.300685][ T8105] netlink: 36 bytes leftover after parsing attributes in process `syz.0.536'.
[  324.558449][ T8108] netlink: 'syz.3.537': attribute type 2 has an invalid length.
[  324.711099][ T8108] netlink: 244 bytes leftover after parsing attributes in process `syz.3.537'.
[  326.278943][ T8118] netlink: 'syz.0.540': attribute type 20 has an invalid length.
[  326.323148][ T8118] dvmrp17: entered allmulticast mode
[  326.364646][ T8118] dvmrp17: left allmulticast mode
[  326.621321][ T8118] netlink: 24 bytes leftover after parsing attributes in process `syz.0.540'.
[  327.783739][ T8139] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  333.829725][ T8187] netlink: 'syz.4.559': attribute type 21 has an invalid length.
[  333.838742][ T8187] netlink: 'syz.4.559': attribute type 6 has an invalid length.
[  333.846899][ T8187] netlink: 132 bytes leftover after parsing attributes in process `syz.4.559'.
[  335.074390][ T8188] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  335.522140][ T8205] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  336.433237][ T8211] netlink: 8 bytes leftover after parsing attributes in process `syz.4.565'.
[  341.859079][ T6486] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  341.914579][ T6486] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  343.583867][ T5154] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  343.611371][ T8276] trusted_key: encrypted_key: insufficient parameters specified
[  345.562225][ T8293] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  347.866049][ T8316] trusted_key: encrypted_key: insufficient parameters specified
[  348.080733][ T5845] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  348.862691][ T8323] ubi: mtd0 is already attached to ubi31
[  349.458632][ T8331] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(14)
[  349.465299][ T8331] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  349.545910][ T8331] vhci_hcd vhci_hcd.0: Device attached
[  350.580863][ T5902] usb 33-1: new low-speed USB device number 2 using vhci_hcd
[  350.650498][ T8333] vhci_hcd: connection closed
[  350.654540][ T6504] vhci_hcd: stop threads
[  350.760059][ T6504] vhci_hcd: release socket
[  350.776856][ T6504] vhci_hcd: disconnect device
[  353.074568][ T5966] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  353.377639][ T5966] usb 5-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  353.451791][ T8372] ubi: mtd0 is already attached to ubi31
[  354.091301][ T8371] 9pnet_fd: Insufficient options for proto=fd
[  354.121493][ T5966] usb 5-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  354.174149][ T5966] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  354.238950][ T5966] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  354.309679][ T5966] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  354.325765][ T5966] usb 5-1: Product: syz
[  354.360105][ T5966] usb 5-1: Manufacturer: syz
[  354.364912][ T5966] usb 5-1: SerialNumber: syz
[  355.936498][ T5966] usb 5-1: 0:2 : does not exist
[  356.196955][ T5902] vhci_hcd: vhci_device speed not set
[  356.400903][ T5966] usb 5-1: USB disconnect, device number 3
[  356.914772][ T5851] udevd[5851]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  357.421667][ T8401] netlink: 8 bytes leftover after parsing attributes in process `syz.3.621'.
[  359.288620][ T8414] 9pnet_fd: Insufficient options for proto=fd
[  360.924239][ T8422] tty tty2: ldisc open failed (-12), clearing slot 1
[  360.938624][ T8418] ttyS ttyS3: ldisc open failed (-12), clearing slot 3
[  363.792972][ T8437] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  364.315207][ T8456] netlink: 'syz.4.638': attribute type 1 has an invalid length.
[  366.109045][ T8466] rdma_rxe: rxe_newlink: failed to add bridge_slave_0
[  367.967020][ T8484] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  370.230985][ T8503] netlink: 168 bytes leftover after parsing attributes in process `syz.4.649'.
[  372.925479][ T8532] tmpfs: Bad value for 'huge'
[  374.552464][ T8545] netlink: 'syz.2.660': attribute type 1 has an invalid length.
[  378.845817][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  378.853791][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  381.772776][ T8601] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  383.050858][ T8624] netlink: 56 bytes leftover after parsing attributes in process `syz.3.679'.
[  385.524725][ T8637] tmpfs: Bad value for 'huge'
[  389.985337][ T8668] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  390.227370][ T8671] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  391.330695][ T5948] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  391.449111][ T8685] rdma_rxe: rxe_newlink: failed to add bridge_slave_0
[  391.652296][ T5948] usb 1-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  391.668286][ T5948] usb 1-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  391.682961][ T5948] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  391.713942][ T5948] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  391.739977][ T5948] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  391.759456][ T5948] usb 1-1: Product: syz
[  391.984940][ T5948] usb 1-1: Manufacturer: syz
[  392.005063][ T5948] usb 1-1: SerialNumber: syz
[  392.486792][ T5154] Bluetooth: hci2: unexpected event for opcode 0x201c
[  393.251693][ T5948] usb 1-1: 0:2 : does not exist
[  393.457134][ T5903] usb 1-1: USB disconnect, device number 5
[  394.570257][ T8712] netlink: 'syz.3.702': attribute type 2 has an invalid length.
[  394.578133][   T30] audit: type=1326 audit(1753214743.715:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8702 comm="syz.2.700" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa66938e9a9 code=0x0
[  394.632371][ T8712] netlink: 244 bytes leftover after parsing attributes in process `syz.3.702'.
[  396.142570][ T8723] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  396.743072][ T8732] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  397.210761][ T5903] usb 5-1: new full-speed USB device number 4 using dummy_hcd
[  397.413332][ T5903] usb 5-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  397.520216][ T5903] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  397.609101][ T5903] usb 5-1: config 16 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  398.321205][ T5903] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  399.243197][ T5903] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  399.340651][   T24] usb 3-1: new full-speed USB device number 11 using dummy_hcd
[  399.375231][ T5903] usbtmc 5-1:16.0: bulk endpoints not found
[  399.408496][ T8757] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  399.559211][   T24] usb 3-1: New USB device found, idVendor=0000, idProduct=0000, bcdDevice=9c.25
[  399.594932][   T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  399.611551][   T24] usb 3-1: Product: syz
[  400.029647][   T24] usb 3-1: Manufacturer: syz
[  400.034929][   T24] usb 3-1: SerialNumber: syz
[  400.067110][   T24] usb 3-1: config 0 descriptor??
[  400.113878][   T24] gspca_main: spca501-2.14.0 probing 0000:0000
[  400.624065][   T24] gspca_spca501: reg write: error -71
[  400.857211][ T8772] netlink: 44 bytes leftover after parsing attributes in process `syz.3.717'.
[  400.998400][   T24] spca501 3-1:0.0: Reg write failed for 0x02,0x0f,0x05
[  401.005970][   T24] spca501 3-1:0.0: probe with driver spca501 failed with error -22
[  401.018615][   T24] usb 3-1: Found UVC 0.00 device syz (0000:0000)
[  401.025146][   T24] usb 3-1: No valid video chain found.
[  401.042473][   T24] usb 3-1: USB disconnect, device number 11
[  401.833188][    T9] usb 5-1: USB disconnect, device number 4
[  403.575295][   T30] audit: type=1326 audit(1753214752.725:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8779 comm="syz.2.721" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa66938e9a9 code=0x0
[  404.685298][ T8809] netlink: 48 bytes leftover after parsing attributes in process `syz.1.727'.
[  404.694320][ T8809] netlink: 48 bytes leftover after parsing attributes in process `syz.1.727'.
[  405.059882][ T8820] netlink: 44 bytes leftover after parsing attributes in process `syz.0.729'.
[  406.520661][ T5903] usb 1-1: new full-speed USB device number 6 using dummy_hcd
[  407.923079][ T8843] ubi: mtd0 is already attached to ubi31
[  412.984443][ T5903] usb 1-1: New USB device found, idVendor=0000, idProduct=0000, bcdDevice=9c.25
[  413.020420][ T5903] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  413.226375][ T8867] trusted_key: encrypted_key: insufficient parameters specified
[  413.440630][ T5903] usb 1-1: Product: syz
[  413.444846][ T5903] usb 1-1: Manufacturer: syz
[  413.496984][ T5903] usb 1-1: config 0 descriptor??
[  413.516263][ T5903] usb 1-1: can't set config #0, error -71
[  413.533915][ T5903] usb 1-1: USB disconnect, device number 6
[  416.511734][ T8899] netlink: 'syz.3.751': attribute type 1 has an invalid length.
[  417.130790][ T8901] netlink: 'syz.0.753': attribute type 2 has an invalid length.
[  417.163226][ T8901] netlink: 244 bytes leftover after parsing attributes in process `syz.0.753'.
[  418.109552][ T8912] rdma_rxe: rxe_newlink: failed to add bridge_slave_0
[  420.685705][ T8931] trusted_key: encrypted_key: insufficient parameters specified
[  426.553135][ T5154] Bluetooth: hci0: unexpected event for opcode 0x201c
[  428.851312][ T8987] syzkaller0: entered promiscuous mode
[  428.875628][ T8987] syzkaller0: entered allmulticast mode
[  430.063457][ T9001] netlink: 'syz.3.779': attribute type 2 has an invalid length.
[  430.085717][ T9001] netlink: 244 bytes leftover after parsing attributes in process `syz.3.779'.
[  430.145253][ T9003] openvswitch: netlink: Geneve opt len 221 is not a multiple of 4.
[  433.854290][ T9033] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  435.220295][ T9043] netlink: 'syz.4.792': attribute type 2 has an invalid length.
[  436.060885][ T9043] netlink: 244 bytes leftover after parsing attributes in process `syz.4.792'.
[  436.414679][ T9060] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  436.439915][ T5154] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201'
[  436.449847][ T5154] CPU: 0 UID: 0 PID: 5154 Comm: kworker/u9:1 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(full) 
[  436.449864][ T5154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  436.449873][ T5154] Workqueue: hci2 hci_rx_work
[  436.449897][ T5154] Call Trace:
[  436.449905][ T5154]  <TASK>
[  436.449911][ T5154]  dump_stack_lvl+0x189/0x250
[  436.449928][ T5154]  ? kernfs_path_from_node+0x2c/0x260
[  436.449946][ T5154]  ? __pfx_dump_stack_lvl+0x10/0x10
[  436.449962][ T5154]  ? __pfx__printk+0x10/0x10
[  436.449981][ T5154]  ? kernfs_path_from_node+0x2c/0x260
[  436.449995][ T5154]  ? kernfs_path_from_node+0x2c/0x260
[  436.450011][ T5154]  ? kernfs_path_from_node+0x22c/0x260
[  436.450026][ T5154]  ? kernfs_path_from_node+0x2c/0x260
[  436.450045][ T5154]  sysfs_create_dir_ns+0x259/0x280
[  436.450062][ T5154]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  436.450079][ T5154]  ? do_raw_spin_unlock+0x122/0x240
[  436.450100][ T5154]  kobject_add_internal+0x59f/0xb40
[  436.450123][ T5154]  kobject_add+0x155/0x220
[  436.450142][ T5154]  ? __pfx_kobject_add+0x10/0x10
[  436.450158][ T5154]  ? _raw_spin_unlock+0x28/0x50
[  436.450180][ T5154]  ? get_device_parent+0x366/0x3a0
[  436.450203][ T5154]  device_add+0x408/0xb50
[  436.450225][ T5154]  hci_conn_add_sysfs+0xd5/0x1e0
[  436.450247][ T5154]  le_conn_complete_evt+0xc3a/0x1220
[  436.450274][ T5154]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  436.450291][ T5154]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  436.450305][ T5154]  ? __asan_memcpy+0x40/0x70
[  436.450325][ T5154]  ? __pfx___mutex_lock+0x10/0x10
[  436.450339][ T5154]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  436.450352][ T5154]  ? skb_pull_data+0xfb/0x200
[  436.450369][ T5154]  hci_le_conn_complete_evt+0x187/0x450
[  436.450391][ T5154]  hci_event_packet+0x78f/0x1200
[  436.450406][ T5154]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  436.450424][ T5154]  ? __pfx_hci_event_packet+0x10/0x10
[  436.450438][ T5154]  ? kcov_remote_start+0x4d3/0x7f0
[  436.450457][ T5154]  ? lockdep_hardirqs_on+0x90/0x150
[  436.450472][ T5154]  ? hci_send_to_monitor+0xe2/0x570
[  436.450492][ T5154]  hci_rx_work+0x46a/0xe80
[  436.450510][ T5154]  ? process_scheduled_works+0x9ef/0x17b0
[  436.450526][ T5154]  process_scheduled_works+0xade/0x17b0
[  436.450591][ T5154]  ? __pfx_process_scheduled_works+0x10/0x10
[  436.450629][ T5154]  worker_thread+0x8a0/0xda0
[  436.450653][ T5154]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  436.450691][ T5154]  ? __kthread_parkme+0x7b/0x200
[  436.450730][ T5154]  kthread+0x711/0x8a0
[  436.450758][ T5154]  ? __pfx_worker_thread+0x10/0x10
[  436.450778][ T5154]  ? __pfx_kthread+0x10/0x10
[  436.450804][ T5154]  ? _raw_spin_unlock_irq+0x23/0x50
[  436.450832][ T5154]  ? lockdep_hardirqs_on+0x9c/0x150
[  436.450848][ T5154]  ? __pfx_kthread+0x10/0x10
[  436.450870][ T5154]  ret_from_fork+0x3fc/0x770
[  436.450885][ T5154]  ? __pfx_ret_from_fork+0x10/0x10
[  436.450902][ T5154]  ? __switch_to_asm+0x39/0x70
[  436.450917][ T5154]  ? __switch_to_asm+0x33/0x70
[  436.450932][ T5154]  ? __pfx_kthread+0x10/0x10
[  436.450949][ T5154]  ret_from_fork_asm+0x1a/0x30
[  436.450978][ T5154]  </TASK>
[  437.015315][ T5154] kobject: kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  437.029496][ T5154] Bluetooth: hci2: failed to register connection device
[  437.095186][ T9065] ubi: mtd0 is already attached to ubi31
[  438.583634][ T9077] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  439.632444][ T5154] Bluetooth: hci2: command 0x0406 tx timeout
[  439.879338][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  439.885810][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  440.215553][ T9087] netlink: 44 bytes leftover after parsing attributes in process `syz.4.801'.
[  443.388978][ T9112] ubi: mtd0 is already attached to ubi31
[  443.907852][ T5154] Bluetooth: hci4: Ignoring HCI_Connection_Complete for existing connection
[  445.107186][ T9127] netlink: 'syz.3.813': attribute type 2 has an invalid length.
[  445.121874][ T9127] netlink: 244 bytes leftover after parsing attributes in process `syz.3.813'.
[  446.428950][ T9137] netlink: 44 bytes leftover after parsing attributes in process `syz.4.815'.
[  447.281236][ T9144] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  447.715849][ T9151] ubi: mtd0 is already attached to ubi31
[  448.228205][ T9152] 9pnet_fd: Insufficient options for proto=fd
[  452.004157][ T9185] siw: device registration error -23
[  452.013389][ T9186] netlink: 44 bytes leftover after parsing attributes in process `syz.3.829'.
[  453.261605][ T9197] 9pnet_fd: Insufficient options for proto=fd
[  457.359352][ T9238] gre0: entered allmulticast mode
[  457.893757][ T9244] openvswitch: netlink: IP tunnel dst address not specified
[  460.142661][ T9264] netlink: 'syz.2.850': attribute type 7 has an invalid length.
[  460.268327][ T9265] ubi: mtd0 is already attached to ubi31
[  460.854767][ T9234] syz.3.842 (9234) used greatest stack depth: 20152 bytes left
[  463.854078][ T9295] openvswitch: netlink: IP tunnel dst address not specified
[  466.178325][ T9316] ubi: mtd0 is already attached to ubi31
[  469.459329][ T9341] rdma_rxe: rxe_newlink: failed to add bridge_slave_0
[  470.763689][ T9350] openvswitch: netlink: IP tunnel dst address not specified
[  472.186554][ T9362] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  472.680895][ T9372] ubi: mtd0 is already attached to ubi31
[  477.704839][ T9406] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  479.049547][ T9424] ubi: mtd0 is already attached to ubi31
[  480.992021][ T6486] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  481.051483][ T6486] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  484.785639][ T9468] rdma_rxe: rxe_newlink: failed to add bridge_slave_0
[  486.787336][ T9479] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  493.726254][ T9518] trusted_key: encrypted_key: insufficient parameters specified
[  496.679729][ T9536] mmap: syz.2.917 (9536) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  498.770723][   T24] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  498.940808][   T24] usb 2-1: Using ep0 maxpacket: 8
[  498.959103][   T24] usb 2-1: config 5 has an invalid interface number: 52 but max is 1
[  499.337275][   T24] usb 2-1: config 5 has an invalid descriptor of length 0, skipping remainder of the config
[  500.789784][   T24] usb 2-1: config 5 has 1 interface, different from the descriptor's value: 2
[  500.811544][   T24] usb 2-1: config 5 has no interface number 0
[  500.828537][   T24] usb 2-1: New USB device found, idVendor=04b4, idProduct=0002, bcdDevice=e2.5c
[  500.850655][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  500.858769][   T24] usb 2-1: Product: syz
[  500.876627][   T24] usb 2-1: Manufacturer: syz
[  501.026897][   T24] usb 2-1: SerialNumber: syz
[  501.854694][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  501.864763][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  502.022506][   T24] cytherm 2-1:5.52: Cypress thermometer device now attached
[  502.072684][   T24] usb 2-1: USB disconnect, device number 3
[  502.087864][ T9588] netlink: 56 bytes leftover after parsing attributes in process `syz.2.930'.
[  502.109828][   T24] cytherm 2-1:5.52: Cypress thermometer now disconnected
[  506.319109][ T9621] netlink: 'syz.4.939': attribute type 2 has an invalid length.
[  506.376382][ T9621] netlink: 244 bytes leftover after parsing attributes in process `syz.4.939'.
[  508.221306][ T9635] syz.4.943 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  509.782154][ T9641] 9pnet: Could not find request transport: ff
[  510.620815][ T9653] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  512.102351][ T9659] netlink: 'syz.3.951': attribute type 2 has an invalid length.
[  512.115120][ T9661] syz.1.949: attempt to access beyond end of device
[  512.115120][ T9661] nbd1: rw=4096, sector=2, nr_sectors = 2 limit=0
[  512.131248][ T9659] netlink: 244 bytes leftover after parsing attributes in process `syz.3.951'.
[  512.293458][ T9661] EXT4-fs (nbd1): unable to read superblock
[  513.177491][ T9672] netlink: 44 bytes leftover after parsing attributes in process `syz.2.952'.
[  513.821752][ T5845] Bluetooth: hci2: Ignoring HCI_Connection_Complete for existing connection
[  519.816864][ T9715] netlink: 40 bytes leftover after parsing attributes in process `syz.0.964'.
[  519.828903][ T9715] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on
[  524.378623][ T9750] xt_hashlimit: max too large, truncated to 1048576
[  525.421834][ T9758] siw: device registration error -23
[  528.065265][ T9771] rdma_rxe: rxe_newlink: failed to add bridge_slave_0
[  529.382629][ T9787] binder: 9785:9787 ioctl 4018620d 0 returned -22
[  530.048636][ T9793] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  531.096565][   T30] audit: type=1800 audit(1753214880.255:13): pid=9806 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.0.991" name="/" dev="9p" ino=144678138029342722 res=0 errno=0
[  532.380779][ T9817] openvswitch: netlink: Geneve opt len 91 is not a multiple of 4.
[  534.510746][ T9835] rdma_rxe: rxe_newlink: failed to add bridge_slave_0
[  535.184614][ T9836] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem
[  535.196687][   T24] kernel read not supported for file /vga_arbiter (pid: 24 comm: kworker/1:0)
[  537.114184][ T9857] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  537.127689][ T9859] openvswitch: netlink: Geneve opt len 91 is not a multiple of 4.
[  540.916216][ T9889] syz.4.1013 (9889) used greatest stack depth: 16880 bytes left
[  545.368432][ T5948] IPVS: starting estimator thread 0...
[  545.790939][ T9933] IPVS: using max 31 ests per chain, 74400 per kthread
[  546.003284][ T9934] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  551.913575][ T9974] netlink: 'syz.2.1038': attribute type 10 has an invalid length.
[  551.928110][ T9974] 8021q: adding VLAN 0 to HW filter on device team0
[  551.940336][ T9974] bond0: (slave team0): Enslaving as an active interface with an up link
[  554.880436][T10009] openvswitch: netlink: Geneve opt len 91 is not a multiple of 4.
[  559.160145][ T5966] IPVS: starting estimator thread 0...
[  559.260860][T10062] IPVS: using max 29 ests per chain, 69600 per kthread
[  559.952248][T10067] netlink: 'syz.2.1053': attribute type 10 has an invalid length.
[  560.145547][T10067] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  560.377374][T10079] netlink: 'syz.0.1058': attribute type 2 has an invalid length.
[  560.438976][T10079] netlink: 244 bytes leftover after parsing attributes in process `syz.0.1058'.
[  563.570961][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  563.577344][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  563.867609][T10117] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  566.689939][T10152] atomic_op ffff88802a259198 conn xmit_atomic 0000000000000000
[  567.426573][ T5902] IPVS: starting estimator thread 0...
[  567.797827][T10153] IPVS: using max 44 ests per chain, 105600 per kthread
[  572.159860][T10201] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1086'.
[  572.343728][   T30] audit: type=1326 audit(1753214921.505:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10196 comm="syz.2.1085" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa66938e9a9 code=0x0
[  573.299802][T10212] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  573.906254][T10217] netlink: 'syz.3.1089': attribute type 10 has an invalid length.
[  573.990766][T10218] loop7: detected capacity change from 0 to 16384
[  574.384582][T10217] 8021q: adding VLAN 0 to HW filter on device team0
[  574.829511][T10217] bond0: (slave team0): Enslaving as an active interface with an up link
[  575.523332][T10229] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1091'.
[  576.910636][T10242] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(15)
[  576.917303][T10242] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  576.926870][T10242] vhci_hcd vhci_hcd.0: Device attached
[  577.070225][T10247] vhci_hcd: connection closed
[  577.090648][ T6502] vhci_hcd: stop threads
[  577.107607][ T6502] vhci_hcd: release socket
[  577.163637][ T5946] usb 33-1: new low-speed USB device number 3 using vhci_hcd
[  577.397124][ T6502] vhci_hcd: disconnect device
[  578.780871][T10262] netlink: 'syz.3.1102': attribute type 10 has an invalid length.
[  581.105395][T10282] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1106'.
[  582.171248][   T30] audit: type=1326 audit(1753214931.325:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10278 comm="syz.0.1107" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa19cd8e9a9 code=0x0
[  582.330748][ T5946] vhci_hcd: vhci_device speed not set
[  583.632314][   T30] audit: type=1326 audit(1753214932.785:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10314 comm="syz.2.1114" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa66938e9a9 code=0x0
[  583.655644][ T9677] Bluetooth: Unexpected continuation frame (len 16)
[  584.119179][ T6504] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  584.348047][ T6504] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  585.876992][T10334] bridge1: entered promiscuous mode
[  585.882503][T10334] bridge1: entered allmulticast mode
[  586.311106][T10335] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1121'.
[  587.709525][T10347] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(15)
[  587.716269][T10347] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  587.897525][T10347] vhci_hcd vhci_hcd.0: Device attached
[  588.210619][ T5902] usb 39-1: new low-speed USB device number 5 using vhci_hcd
[  588.289048][T10349] vhci_hcd: connection closed
[  588.290380][ T6483] vhci_hcd: stop threads
[  588.307293][ T6483] vhci_hcd: release socket
[  588.319078][ T6483] vhci_hcd: disconnect device
[  588.387844][ T5902] usb 39-1: enqueue for inactive port 0
[  588.474637][ T5902] vhci_hcd: vhci_device speed not set
[  590.161014][ T9677] Bluetooth: Unexpected continuation frame (len 16)
[  590.450865][   T30] audit: type=1326 audit(1753214939.315:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10363 comm="syz.4.1129" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4652d8e9a9 code=0x0
[  593.253022][T10275] usb 1-1: new low-speed USB device number 7 using dummy_hcd
[  593.530072][T10401] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1136'.
[  593.632191][T10275] usb 1-1: config 0 has an invalid interface number: 55 but max is 0
[  593.640417][T10275] usb 1-1: config 0 has no interface number 0
[  593.653596][T10275] usb 1-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  593.680744][T10275] usb 1-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[  593.710688][T10275] usb 1-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  593.859091][T10275] usb 1-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[  593.938188][T10275] usb 1-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8
[  593.993666][T10275] usb 1-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  594.067098][T10275] usb 1-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  594.100552][T10275] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  594.196342][T10275] usb 1-1: config 0 descriptor??
[  594.600661][ T5902] usb 2-1: new full-speed USB device number 4 using dummy_hcd
[  594.806188][T10389] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  594.841357][T10389] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  594.872371][T10275] ldusb 1-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  595.020655][ T5902] usb 2-1: New USB device found, idVendor=0000, idProduct=0000, bcdDevice=9c.25
[  595.029764][ T5902] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  595.070515][ T5902] usb 2-1: Product: syz
[  595.077797][T10389] ldusb 1-1:0.55: Write buffer overflow, 3997 bytes dropped
[  595.090547][ T5902] usb 2-1: Manufacturer: syz
[  595.095236][ T5902] usb 2-1: SerialNumber: syz
[  595.133452][T10275] usb 1-1: USB disconnect, device number 7
[  595.171377][T10275] ldusb 1-1:0.55: LD USB Device #0 now disconnected
[  595.419634][ T5902] usb 2-1: config 0 descriptor??
[  595.446452][ T5902] gspca_main: spca501-2.14.0 probing 0000:0000
[  595.975896][ T5902] gspca_spca501: reg write: error -110
[  596.056155][ T5902] spca501 2-1:0.0: Reg write failed for 0x02,0x0f,0x05
[  596.087193][ T5902] spca501 2-1:0.0: probe with driver spca501 failed with error -22
[  596.194073][ T5902] usb 2-1: Found UVC 0.00 device syz (0000:0000)
[  596.200616][ T5902] usb 2-1: No valid video chain found.
[  596.760921][   T30] audit: type=1326 audit(1753214945.915:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10416 comm="syz.0.1141" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa19cd8e9a9 code=0x0
[  596.793842][ T9677] Bluetooth: Unexpected continuation frame (len 16)
[  597.689639][ T5946] usb 2-1: USB disconnect, device number 4
[  599.109839][T10445] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  599.600258][T10451] netlink: 'syz.2.1146': attribute type 10 has an invalid length.
[  599.620710][T10447] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(14)
[  599.627360][T10447] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  599.792178][T10447] vhci_hcd vhci_hcd.0: Device attached
[  599.867295][T10453] vhci_hcd: connection closed
[  600.039803][ T5903] usb 33-1: new low-speed USB device number 4 using vhci_hcd
[  600.087459][ T6504] vhci_hcd: stop threads
[  601.063348][ T6504] vhci_hcd: release socket
[  601.111496][ T6504] vhci_hcd: disconnect device
[  602.009247][T10480] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[  602.470010][ T5902] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  602.484867][T10479] bridge2: entered promiscuous mode
[  602.490107][T10479] bridge2: entered allmulticast mode
[  602.722950][ T5902] usb 3-1: config index 0 descriptor too short (expected 146, got 18)
[  603.660088][ T5902] usb 3-1: config 0 has an invalid interface number: 153 but max is 0
[  603.673437][ T5902] usb 3-1: config 0 has no interface number 0
[  603.687263][ T5902] usb 3-1: New USB device found, idVendor=1199, idProduct=6852, bcdDevice=57.34
[  603.708549][ T5902] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  603.745854][ T5902] usb 3-1: Product: syz
[  603.765179][ T5902] usb 3-1: Manufacturer: syz
[  603.810437][ T5902] usb 3-1: SerialNumber: syz
[  603.837302][ T5902] usb 3-1: config 0 descriptor??
[  604.024283][ T5902] sierra 3-1:0.153: Sierra USB modem converter detected
[  604.168628][   T24] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  604.649368][T10499] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  604.803024][ T5902] usb 3-1: USB disconnect, device number 12
[  604.809920][ T5902] sierra 3-1:0.153: device disconnected
[  605.325283][   T24] usb 2-1: New USB device found, idVendor=0ccd, idProduct=0093, bcdDevice=23.5a
[  605.345288][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  605.794065][   T24] usb 2-1: Product: syz
[  605.817355][   T24] usb 2-1: Manufacturer: syz
[  605.828175][   T24] usb 2-1: SerialNumber: syz
[  605.891187][   T24] usb 2-1: config 0 descriptor??
[  606.158159][   T24] usb 2-1: dvb_usb_v2: usb_bulk_msg() failed=-22
[  606.201235][ T5903] vhci_hcd: vhci_device speed not set
[  606.608949][   T24] dvb_usb_af9035 2-1:0.0: probe with driver dvb_usb_af9035 failed with error -22
[  606.649492][   T24] usb 2-1: USB disconnect, device number 5
[  608.205529][T10526] bridge3: entered promiscuous mode
[  608.210859][T10526] bridge3: entered allmulticast mode
[  610.710574][   T24] usb 3-1: new full-speed USB device number 13 using dummy_hcd
[  610.975315][T10560] binder: BINDER_SET_CONTEXT_MGR already set
[  611.009228][T10560] binder: 10559:10560 ioctl 4018620d 200000000040 returned -16
[  611.370232][T10560] binder: 10559:10560 ioctl c0306201 200000000240 returned -11
[  612.976524][T10582] bridge1: entered promiscuous mode
[  612.982041][T10582] bridge1: entered allmulticast mode
[  615.774109][T10607] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  618.762501][T10642] bridge1: entered promiscuous mode
[  618.767943][T10642] bridge1: entered allmulticast mode
[  620.617344][T10660] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  620.772208][T10664] netlink: 'syz.4.1197': attribute type 1 has an invalid length.
[  624.149142][T10694] rdma_rxe: rxe_newlink: failed to add bridge_slave_0
[  624.640891][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  624.654107][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  629.800144][   T30] audit: type=1326 audit(1753214978.955:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10736 comm="syz.1.1223" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7feb7838e9a9 code=0x0
[  629.823004][ T9677] Bluetooth: Unexpected continuation frame (len 16)
[  632.703877][T10766] erofs (device nbd3): cannot find valid erofs superblock
[  643.179235][T10841] evm: overlay not supported
[  645.777620][T10861] atomic_op ffff888028ff7198 conn xmit_atomic 0000000000000000
[  645.788041][ T5948] IPVS: starting estimator thread 0...
[  646.101055][T10865] IPVS: using max 29 ests per chain, 69600 per kthread
[  647.313343][T10879] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  650.556680][T10905] openvswitch: netlink: Geneve opt len 254 is not a multiple of 4.
[  652.205673][T10923] bridge1: entered promiscuous mode
[  652.211137][T10923] bridge1: entered allmulticast mode
[  652.841359][   T24] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  653.041553][   T24] usb 2-1: Using ep0 maxpacket: 8
[  653.264904][   T24] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[  653.325343][   T24] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  653.398177][   T24] usb 2-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  653.750739][   T24] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  653.762888][   T24] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  653.785824][   T24] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[  654.477774][   T24] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  654.667540][   T24] usb 2-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  654.699939][   T24] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  655.499345][   T24] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  655.512488][   T24] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[  655.519941][   T24] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  655.531382][   T24] usb 2-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  655.543124][   T24] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  655.608119][   T24] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  656.378207][   T24] usb 2-1: string descriptor 0 read error: -71
[  656.404828][   T24] usb 2-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  656.427506][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  656.538796][   T24] usb 2-1: can't set config #168, error -71
[  656.574438][   T24] usb 2-1: USB disconnect, device number 6
[  657.636858][   T30] audit: type=1326 audit(1753215006.715:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10946 comm="syz.4.1279" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f4652d8e9a9 code=0x0
[  657.994736][T10970] netlink: 92 bytes leftover after parsing attributes in process `syz.2.1285'.
[  658.005306][T10969] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  658.845821][T10978] trusted_key: encrypted_key: master key parameter '00N004093' is invalid
[  658.866727][T10978] trusted_key: encrypted_key: master key parameter '00N004093' is invalid
[  658.893419][T10978] netlink: 'syz.3.1287': attribute type 3 has an invalid length.
[  658.901433][T10978] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1287'.
[  662.650235][T11013] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[  662.900392][T11020] netlink: 92 bytes leftover after parsing attributes in process `syz.0.1296'.
[  663.435953][T11025] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  664.204865][T11041] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  666.720520][T11062] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1304'.
[  668.890742][T11079] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1308'.
[  669.138655][T11084] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  669.387286][T11092] netlink: 'syz.3.1311': attribute type 10 has an invalid length.
[  669.571001][ T5903] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  669.895424][ T5903] usb 1-1: Using ep0 maxpacket: 8
[  669.939054][ T5903] usb 1-1: config index 0 descriptor too short (expected 5924, got 36)
[  669.970631][ T5903] usb 1-1: config 250 has an invalid interface number: 228 but max is -1
[  670.122341][ T5903] usb 1-1: config 250 has 1 interface, different from the descriptor's value: 0
[  670.265837][ T5903] usb 1-1: config 250 has no interface number 0
[  670.457010][ T5903] usb 1-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[  670.591076][ T5903] usb 1-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[  670.602866][ T5903] usb 1-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0
[  670.613883][ T5903] usb 1-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0
[  670.630126][ T5903] usb 1-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[  670.665792][ T5903] usb 1-1: config 250 interface 228 has no altsetting 0
[  670.810928][T11102] siw: device registration error -23
[  671.312970][ T5903] usb 1-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[  671.347938][ T5903] usb 1-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[  671.475689][ T5903] usb 1-1: Product: syz
[  671.479924][ T5903] usb 1-1: SerialNumber: syz
[  671.497365][ T5903] hub 1-1:250.228: bad descriptor, ignoring hub
[  671.510502][ T5903] hub 1-1:250.228: probe with driver hub failed with error -5
[  671.565781][T11108] vivid-002: =================  START STATUS  =================
[  671.790894][T11108] vivid-002: Interlaced VBI Format: false
[  672.556063][ T5903] usblp 1-1:250.228: usblp0: USB Bidirectional printer dev 8 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292
[  673.194718][T11108] vivid-002: ==================  END STATUS  ==================
[  673.368210][ T5903] usb 1-1: USB disconnect, device number 8
[  673.550636][ T5154] Bluetooth: hci4: command 0x0405 tx timeout
[  673.761685][ T5903] usblp0: removed
[  674.330594][ T5903] usb 3-1: new full-speed USB device number 14 using dummy_hcd
[  674.477878][T11138] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1323'.
[  674.609007][ T5903] usb 3-1: New USB device found, idVendor=0000, idProduct=0000, bcdDevice=9c.25
[  674.659653][ T5903] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  674.708391][ T5903] usb 3-1: Product: syz
[  674.730654][ T5903] usb 3-1: Manufacturer: syz
[  674.754053][ T5903] usb 3-1: SerialNumber: syz
[  674.931913][ T5903] usb 3-1: config 0 descriptor??
[  675.320257][ T5903] gspca_main: spca501-2.14.0 probing 0000:0000
[  675.359976][T11149] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  675.837352][ T5903] gspca_spca501: reg write: error -110
[  675.857873][ T5903] spca501 3-1:0.0: Reg write failed for 0x02,0x0f,0x05
[  675.938966][T11154] vivid-007: =================  START STATUS  =================
[  675.947828][T11154] vivid-007: Enable Output Cropping: true
[  675.954218][T11154] vivid-007: Enable Output Composing: true
[  675.960203][T11154] vivid-007: Enable Output Scaler: true
[  675.966333][T11154] vivid-007: Tx RGB Quantization Range: Automatic
[  675.973170][T11154] vivid-007: Transmit Mode: HDMI
[  675.978253][T11154] vivid-007: Hotplug Present: 0x00000000
[  675.985732][T11154] vivid-007: RxSense Present: 0x00000000
[  675.998496][T11154] vivid-007: EDID Present: 0x00000000
[  676.004362][T11154] vivid-007: ==================  END STATUS  ==================
[  676.967316][ T5903] spca501 3-1:0.0: probe with driver spca501 failed with error -22
[  676.975784][ T5903] usb 3-1: Found UVC 0.00 device syz (0000:0000)
[  676.985680][ T5903] usb 3-1: No valid video chain found.
[  679.359845][T11175] netlink: 161716 bytes leftover after parsing attributes in process `syz.0.1332'.
[  679.585897][   T24] usb 3-1: USB disconnect, device number 14
[  680.567053][T11188] netlink: 56 bytes leftover after parsing attributes in process `syz.4.1336'.
[  680.630678][    T9] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  680.801204][    T9] usb 4-1: Using ep0 maxpacket: 8
[  680.887056][    T9] usb 4-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  681.051856][    T9] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x93, changing to 0x83
[  681.063689][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  681.432921][    T9] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  681.548879][    T9] usb 4-1: New USB device found, idVendor=15c2, idProduct=003b, bcdDevice=66.3e
[  681.573193][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  681.584228][    T9] usb 4-1: Product: syz
[  681.588680][    T9] usb 4-1: Manufacturer: syz
[  681.597042][    T9] usb 4-1: SerialNumber: syz
[  681.633784][    T9] usb 4-1: config 0 descriptor??
[  681.900106][    T9] input: iMON Panel, Knob and Mouse(15c2:003b) as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input15
[  682.023755][T11206] netlink: 'syz.4.1342': attribute type 10 has an invalid length.
[  682.157281][T11206] 8021q: adding VLAN 0 to HW filter on device team0
[  682.197815][T11206] bond0: (slave team0): Enslaving as an active interface with an up link
[  787.600416][    C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  787.607414][    C1] rcu: 	0-...!: (1 GPs behind) idle=36ec/1/0x4000000000000000 softirq=51682/51683 fqs=0
[  787.617958][    C1] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P10988/1:b..l P5843/1:b..l
[  787.627130][    C1] rcu: 	(detected by 1, t=10505 jiffies, g=38721, q=343 ncpus=2)
[  787.634872][    C1] Sending NMI from CPU 1 to CPUs 0:
[  787.634912][    C0] NMI backtrace for cpu 0
[  787.634929][    C0] CPU: 0 UID: 0 PID: 8022 Comm: udevd Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(full) 
[  787.634945][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  787.634954][    C0] RIP: 0010:validate_chain+0xa4/0x2140
[  787.634978][    C0] Code: c6 47 5f a6 8d e8 dc 94 e5 ff 90 0f 0b 90 90 90 48 bb eb 83 b5 80 46 86 c8 61 49 0f af df 48 c1 eb 2d 48 8b 04 dd 20 43 60 93 <48> 85 c0 0f 94 c1 48 83 c0 f8 0f 94 c2 08 ca 0f 84 24 01 00 00 e8
[  787.634990][    C0] RSP: 0018:ffffc90000007a18 EFLAGS: 00000806
[  787.635003][    C0] RAX: ffffffff93ba1578 RBX: 00000000000639d1 RCX: 0000000000040000
[  787.635013][    C0] RDX: 0000000000000001 RSI: ffff8880255aa918 RDI: ffff8880255a9e00
[  787.635023][    C0] RBP: 0000000000000001 R08: 0000000000000000 R09: ffffffff89863f04
[  787.635032][    C0] R10: dffffc0000000000 R11: ffffffff89863e40 R12: 0000000000000001
[  787.635042][    C0] R13: ffff8880255aa8f0 R14: ffff8880255aa918 R15: 8c22c8e7a06d7a59
[  787.635053][    C0] FS:  00007f020cfdb880(0000) GS:ffff888125c57000(0000) knlGS:0000000000000000
[  787.635065][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  787.635075][    C0] CR2: 0000555573cca808 CR3: 000000007d5c8000 CR4: 00000000003526f0
[  787.635088][    C0] Call Trace:
[  787.635095][    C0]  <IRQ>
[  787.635103][    C0]  ? do_raw_spin_lock+0x121/0x290
[  787.635128][    C0]  ? __lock_acquire+0xab9/0xd20
[  787.635145][    C0]  __lock_acquire+0xab9/0xd20
[  787.635161][    C0]  ? advance_sched+0xc4/0xc90
[  787.635182][    C0]  lock_acquire+0x120/0x360
[  787.635195][    C0]  ? advance_sched+0xc4/0xc90
[  787.635222][    C0]  _raw_spin_lock+0x2e/0x40
[  787.635245][    C0]  ? advance_sched+0xc4/0xc90
[  787.635265][    C0]  advance_sched+0xc4/0xc90
[  787.635288][    C0]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  787.635311][    C0]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  787.635338][    C0]  ? __pfx_advance_sched+0x10/0x10
[  787.635359][    C0]  __hrtimer_run_queues+0x529/0xc60
[  787.635383][    C0]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  787.635397][    C0]  ? read_tsc+0x9/0x20
[  787.635419][    C0]  ? rcu_is_watching+0x15/0xb0
[  787.635436][    C0]  hrtimer_interrupt+0x45b/0xaa0
[  787.635462][    C0]  __sysvec_apic_timer_interrupt+0x108/0x410
[  787.635481][    C0]  sysvec_apic_timer_interrupt+0xa1/0xc0
[  787.635496][    C0]  </IRQ>
[  787.635500][    C0]  <TASK>
[  787.635506][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  787.635522][    C0] RIP: 0010:lock_acquire+0x175/0x360
[  787.635535][    C0] Code: 00 00 00 00 9c 8f 44 24 30 f7 44 24 30 00 02 00 00 0f 85 cd 00 00 00 f7 44 24 08 00 02 00 00 74 01 fb 65 48 8b 05 7b 55 fe 10 <48> 3b 44 24 58 0f 85 f2 00 00 00 48 83 c4 60 5b 41 5c 41 5d 41 5e
[  787.635547][    C0] RSP: 0018:ffffc9000bcdf7b8 EFLAGS: 00000206
[  787.635559][    C0] RAX: 6d67042a964bd000 RBX: 0000000000000000 RCX: 6d67042a964bd000
[  787.635569][    C0] RDX: 0000000000000001 RSI: ffffffff8db6f792 RDI: ffffffff8be1b9c0
[  787.635579][    C0] RBP: ffffffff8172aae5 R08: 0000000000000000 R09: ffffffff8172aae5
[  787.635589][    C0] R10: ffffc9000bcdf978 R11: ffffffff81acfd30 R12: 0000000000000002
[  787.635598][    C0] R13: ffffffff8e13f0e0 R14: 0000000000000000 R15: 0000000000000246
[  787.635609][    C0]  ? unwind_next_frame+0xa5/0x2390
[  787.635624][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  787.635660][    C0]  ? unwind_next_frame+0xa5/0x2390
[  787.635682][    C0]  ? unwind_next_frame+0xa5/0x2390
[  787.635696][    C0]  ? do_syscall_64+0xfa/0x3b0
[  787.635713][    C0]  ? unwind_next_frame+0xa5/0x2390
[  787.635727][    C0]  unwind_next_frame+0xc2/0x2390
[  787.635742][    C0]  ? unwind_next_frame+0xa5/0x2390
[  787.635759][    C0]  ? unwind_next_frame+0xa5/0x2390
[  787.635775][    C0]  ? __x64_sys_newfstatat+0x116/0x190
[  787.635796][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  787.635816][    C0]  arch_stack_walk+0x11c/0x150
[  787.635835][    C0]  ? do_syscall_64+0xfa/0x3b0
[  787.635852][    C0]  stack_trace_save+0x9c/0xe0
[  787.635871][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[  787.635893][    C0]  ? __lock_acquire+0xab9/0xd20
[  787.635906][    C0]  kasan_save_track+0x3e/0x80
[  787.635929][    C0]  ? kasan_save_track+0x3e/0x80
[  787.635950][    C0]  ? kasan_save_free_info+0x46/0x50
[  787.635968][    C0]  ? __kasan_slab_free+0x62/0x70
[  787.635980][    C0]  ? kmem_cache_free+0x18f/0x400
[  787.635993][    C0]  ? vfs_fstatat+0x122/0x170
[  787.636009][    C0]  ? __x64_sys_newfstatat+0x116/0x190
[  787.636026][    C0]  ? do_syscall_64+0xfa/0x3b0
[  787.636061][    C0]  ? vfs_fstatat+0x122/0x170
[  787.636077][    C0]  kasan_save_free_info+0x46/0x50
[  787.636095][    C0]  __kasan_slab_free+0x62/0x70
[  787.636109][    C0]  kmem_cache_free+0x18f/0x400
[  787.636125][    C0]  vfs_fstatat+0x122/0x170
[  787.636143][    C0]  __x64_sys_newfstatat+0x116/0x190
[  787.636161][    C0]  ? lockdep_softirqs_on+0x13b/0x1c0
[  787.636184][    C0]  ? __pfx___x64_sys_newfstatat+0x10/0x10
[  787.636202][    C0]  ? handle_softirqs+0x717/0x870
[  787.636228][    C0]  ? do_syscall_64+0xbe/0x3b0
[  787.636245][    C0]  do_syscall_64+0xfa/0x3b0
[  787.636261][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  787.636275][    C0]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  787.636290][    C0]  ? clear_bhb_loop+0x60/0xb0
[  787.636306][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  787.636321][    C0] RIP: 0033:0x7f020c911b0a
[  787.636338][    C0] Code: 48 8b 15 f1 f2 0d 00 f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 41 89 ca b8 06 01 00 00 0f 05 <3d> 00 f0 ff ff 77 07 31 c0 c3 0f 1f 40 00 48 8b 15 b9 f2 0d 00 f7
[  787.636350][    C0] RSP: 002b:00007ffd5ff7a2c8 EFLAGS: 00000202 ORIG_RAX: 0000000000000106
[  787.636364][    C0] RAX: ffffffffffffffda RBX: 00007ffd5ff7aca0 RCX: 00007f020c911b0a
[  787.636374][    C0] RDX: 00007ffd5ff7a2f0 RSI: 00007ffd5ff7aca0 RDI: 00000000ffffff9c
[  787.636384][    C0] RBP: 00007ffd5ff7acaf R08: 0000000000000075 R09: 0000000000000000
[  787.636393][    C0] R10: 0000000000000100 R11: 0000000000000202 R12: 0000556d64de7d65
[  787.636402][    C0] R13: 00007ffd5ff7a380 R14: 0000556d610556d7 R15: 0000556d64de7d60
[  787.636419][    C0]  </TASK>
[  787.636902][    C1] task:syz-executor    state:R  running task     stack:21840 pid:5843  tgid:5843  ppid:5826   task_flags:0x400140 flags:0x00004002
[  788.231383][    C1] Call Trace:
[  788.234684][    C1]  <TASK>
[  788.237634][    C1]  __schedule+0x16aa/0x4c90
[  788.242169][    C1]  ? __lock_acquire+0xab9/0xd20
[  788.247048][    C1]  ? preempt_schedule_common+0x83/0xd0
[  788.252535][    C1]  ? __pfx___schedule+0x10/0x10
[  788.257415][    C1]  ? do_raw_spin_lock+0x121/0x290
[  788.262475][    C1]  ? preempt_schedule+0xae/0xc0
[  788.267346][    C1]  preempt_schedule_common+0x83/0xd0
[  788.272657][    C1]  preempt_schedule+0xae/0xc0
[  788.277358][    C1]  ? __pfx_preempt_schedule+0x10/0x10
[  788.282761][    C1]  preempt_schedule_thunk+0x16/0x30
[  788.287997][    C1]  _raw_spin_unlock+0x3f/0x50
[  788.292701][    C1]  ? copy_pmd_range+0x66f1/0x7000
[  788.297748][    C1]  copy_pmd_range+0x6727/0x7000
[  788.302626][    C1]  ? arch_stack_walk+0xfc/0x150
[  788.307535][    C1]  ? __pfx_copy_pmd_range+0x10/0x10
[  788.312780][    C1]  copy_page_range+0xc46/0x1270
[  788.317666][    C1]  ? __lock_acquire+0xab9/0xd20
[  788.322558][    C1]  ? __pfx_copy_page_range+0x10/0x10
[  788.327885][    C1]  ? up_write+0x1c4/0x420
[  788.332233][    C1]  ? __pfx_vma_interval_tree_augment_rotate+0x10/0x10
[  788.339023][    C1]  dup_mmap+0xf57/0x1ac0
[  788.343297][    C1]  ? __pfx_dup_mmap+0x10/0x10
[  788.348003][    C1]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  788.353919][    C1]  ? mm_init+0xc68/0xec0
[  788.358181][    C1]  copy_mm+0x13c/0x4b0
[  788.362273][    C1]  ? copy_process+0x978/0x3b80
[  788.367057][    C1]  copy_process+0x16d3/0x3b80
[  788.371761][    C1]  ? copy_process+0x978/0x3b80
[  788.376558][    C1]  ? __pfx_copy_process+0x10/0x10
[  788.381598][    C1]  ? __handle_mm_fault+0x1144/0x5620
[  788.386912][    C1]  kernel_clone+0x224/0x7f0
[  788.391434][    C1]  ? __pfx_kernel_clone+0x10/0x10
[  788.396496][    C1]  __x64_sys_clone+0x18b/0x1e0
[  788.401279][    C1]  ? count_memcg_event_mm+0x21/0x260
[  788.406592][    C1]  ? __pfx___x64_sys_clone+0x10/0x10
[  788.411955][    C1]  ? do_user_addr_fault+0xc8a/0x1390
[  788.417274][    C1]  ? do_syscall_64+0xbe/0x3b0
[  788.421974][    C1]  do_syscall_64+0xfa/0x3b0
[  788.426500][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  788.431710][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  788.437797][    C1]  ? clear_bhb_loop+0x60/0xb0
[  788.442511][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  788.448428][    C1] RIP: 0033:0x7feb78385213
[  788.452885][    C1] RSP: 002b:00007fff402a06a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  788.461322][    C1] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007feb78385213
[  788.469303][    C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[  788.477282][    C1] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000001
[  788.485271][    C1] R10: 000055556f2797d0 R11: 0000000000000246 R12: 0000000000000000
[  788.493250][    C1] R13: 00000000000927c0 R14: 00000000000a673e R15: 00007fff402a0840
[  788.501251][    C1]  </TASK>
[  788.504281][    C1] task:syz.3.1287      state:R  running task     stack:22344 pid:10988 tgid:10988 ppid:5837   task_flags:0x400640 flags:0x00004002
[  788.517792][    C1] Call Trace:
[  788.521091][    C1]  <TASK>
[  788.524048][    C1]  __schedule+0x16aa/0x4c90
[  788.528575][    C1]  ? css_rstat_updated+0x1a5/0xca0
[  788.533712][    C1]  ? preempt_schedule_irq+0xb5/0x150
[  788.539012][    C1]  ? __pfx___schedule+0x10/0x10
[  788.543880][    C1]  ? __lock_acquire+0xab9/0xd20
[  788.548748][    C1]  ? preempt_schedule_irq+0xaa/0x150
[  788.554048][    C1]  preempt_schedule_irq+0xb5/0x150
[  788.559177][    C1]  ? __pfx_preempt_schedule_irq+0x10/0x10
[  788.564915][    C1]  ? rcu_irq_exit_check_preempt+0xdf/0x210
[  788.570740][    C1]  irqentry_exit+0x6f/0x90
[  788.575166][    C1]  asm_sysvec_reschedule_ipi+0x1a/0x20
[  788.580640][    C1] RIP: 0010:rcu_lockdep_current_cpu_online+0x8/0x120
[  788.587330][    C1] Code: df e9 4e ff ff ff 66 66 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 41 57 41 56 <53> 65 8b 0d e0 1e f5 10 b0 01 f7 c1 00 00 f0 00 0f 85 d5 00 00 00
[  788.606947][    C1] RSP: 0018:ffffc9001a866cc8 EFLAGS: 00000202
[  788.613033][    C1] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 19dc6fea93f89300
[  788.621042][    C1] RDX: ffff88802bc80000 RSI: ffffffff8be1b9a0 RDI: ffffffff8be1b960
[  788.629024][    C1] RBP: ffffc9001a866db8 R08: 0000000000000000 R09: ffffffff81f5fa5d
[  788.637009][    C1] R10: ffffc9001a866dc0 R11: fffff5200350cdbb R12: 0000000000000000
[  788.644992][    C1] R13: dffffc0000000000 R14: ffff888056436c02 R15: 0000000000000156
[  788.652988][    C1]  ? filemap_get_entry+0xad/0x2f0
[  788.658069][    C1]  rcu_read_lock_held+0x1e/0x50
[  788.662946][    C1]  xas_load+0x1df/0x5b0
[  788.667130][    C1]  ? filemap_get_entry+0xad/0x2f0
[  788.672181][    C1]  filemap_get_entry+0x168/0x2f0
[  788.677154][    C1]  ? __pfx_filemap_get_entry+0x10/0x10
[  788.682659][    C1]  shmem_get_folio_gfp+0x237/0x1660
[  788.687911][    C1]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  788.694524][    C1]  shmem_write_begin+0xf7/0x2b0
[  788.699395][    C1]  generic_perform_write+0x2c7/0x910
[  788.704705][    C1]  ? __pfx_generic_perform_write+0x10/0x10
[  788.710521][    C1]  ? down_write+0x162/0x1f0
[  788.715049][    C1]  ? file_update_time+0x2da/0x490
[  788.720094][    C1]  shmem_file_write_iter+0xf8/0x120
[  788.725300][    C1]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  788.731121][    C1]  __kernel_write_iter+0x390/0x860
[  788.736265][    C1]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  788.742090][    C1]  ? __pfx___kernel_write_iter+0x10/0x10
[  788.747761][    C1]  ? __up_read+0x280/0x680
[  788.752213][    C1]  ? __asan_memset+0x22/0x50
[  788.756834][    C1]  ? iov_iter_bvec+0xb8/0x180
[  788.761552][    C1]  dump_user_range+0x873/0xc70
[  788.766354][    C1]  ? __pfx_dump_user_range+0x10/0x10
[  788.771654][    C1]  ? elf_coredump_extra_notes_write+0x42e/0x4b0
[  788.777916][    C1]  ? __pfx_elf_coredump_extra_notes_write+0x10/0x10
[  788.784523][    C1]  ? __kasan_kmalloc+0x93/0xb0
[  788.789331][    C1]  ? dump_emit+0xa6/0xe0
[  788.793598][    C1]  ? elf_core_dump+0x2c68/0x3900
[  788.798575][    C1]  elf_core_dump+0x32ed/0x3900
[  788.803354][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  788.808588][    C1]  ? __pfx_elf_core_dump+0x10/0x10
[  788.813717][    C1]  ? preempt_schedule_irq+0xde/0x150
[  788.819025][    C1]  ? irqentry_exit+0x74/0x90
[  788.823683][    C1]  ? rcu_read_lock_any_held+0xb3/0x120
[  788.829164][    C1]  ? 0xffffffffff600000
[  788.833368][    C1]  do_coredump+0x2806/0x3440
[  788.838009][    C1]  ? __pfx_do_coredump+0x10/0x10
[  788.843013][    C1]  ? preempt_schedule_irq+0xb5/0x150
[  788.848347][    C1]  ? __pfx___schedule+0x10/0x10
[  788.853213][    C1]  ? irqentry_exit+0x74/0x90
[  788.857822][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  788.863084][    C1]  ? rcu_is_watching+0x15/0xb0
[  788.867875][    C1]  ? trace_irq_disable+0x37/0x110
[  788.872923][    C1]  ? preempt_schedule_irq+0xde/0x150
[  788.878243][    C1]  ? __pfx_preempt_schedule_irq+0x10/0x10
[  788.883987][    C1]  ? irqentry_exit+0x74/0x90
[  788.888591][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  788.893830][    C1]  get_signal+0x10d9/0x1310
[  788.898370][    C1]  arch_do_signal_or_restart+0x9a/0x750
[  788.903943][    C1]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  788.910114][    C1]  ? __bad_area_nosemaphore+0x3fb/0x780
[  788.915698][    C1]  ? local_irq_enable_exit_to_user+0x5/0x10
[  788.921680][    C1]  irqentry_exit_to_user_mode+0x81/0x120
[  788.927343][    C1]  exc_page_fault+0x9f/0xf0
[  788.931885][    C1]  asm_exc_page_fault+0x26/0x30
[  788.936763][    C1] RIP: 0033:0x7f4b8764f837
[  788.941194][    C1] RSP: 002b:00007f4b88633120 EFLAGS: 00010202
[  788.947283][    C1] RAX: 0000000000000000 RBX: 000000000000000b RCX: 00007f4b8778e9a9
[  788.955272][    C1] RDX: 00007f4b88633140 RSI: 00007f4b88633270 RDI: 000000000000000b
[  788.963265][    C1] RBP: 00007f4b87810d69 R08: 0000000000000000 R09: 0000000000000000
[  788.971256][    C1] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  788.979239][    C1] R13: 0000000000000001 R14: 00007f4b879b6240 R15: 00007fffdf195518
[  788.987240][    C1]  </TASK>
[  788.990269][    C1] rcu: rcu_preempt kthread starved for 10505 jiffies! g38721 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1
[  789.001474][    C1] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  789.011453][    C1] rcu: RCU grace-period kthread stack dump:
[  789.017346][    C1] task:rcu_preempt     state:R  running task     stack:27320 pid:16    tgid:16    ppid:2      task_flags:0x208040 flags:0x00004000
[  789.030858][    C1] Call Trace:
[  789.034147][    C1]  <TASK>
[  789.037090][    C1]  __schedule+0x16aa/0x4c90
[  789.041624][    C1]  ? schedule+0x165/0x360
[  789.045970][    C1]  ? __pfx___schedule+0x10/0x10
[  789.050854][    C1]  ? schedule+0x91/0x360
[  789.055122][    C1]  schedule+0x165/0x360
[  789.059309][    C1]  schedule_timeout+0x12b/0x270
[  789.064196][    C1]  ? __pfx_schedule_timeout+0x10/0x10
[  789.069605][    C1]  ? __pfx_process_timeout+0x10/0x10
[  789.074916][    C1]  ? prepare_to_swait_event+0x341/0x380
[  789.080486][    C1]  rcu_gp_fqs_loop+0x301/0x1540
[  789.085356][    C1]  ? __pfx_rcu_gp_init+0x10/0x10
[  789.090305][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  789.095516][    C1]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[  789.100816][    C1]  ? _raw_spin_unlock_irq+0x2e/0x50
[  789.106040][    C1]  ? finish_swait+0xcd/0x1f0
[  789.110664][    C1]  rcu_gp_kthread+0x99/0x390
[  789.115265][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  789.120478][    C1]  ? __kthread_parkme+0x7b/0x200
[  789.125435][    C1]  ? __kthread_parkme+0x1a1/0x200
[  789.130484][    C1]  kthread+0x711/0x8a0
[  789.134580][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  789.139804][    C1]  ? __pfx_kthread+0x10/0x10
[  789.144430][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  789.149663][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  789.154884][    C1]  ? __pfx_kthread+0x10/0x10
[  789.159502][    C1]  ret_from_fork+0x3fc/0x770
[  789.164114][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[  789.169246][    C1]  ? __switch_to_asm+0x39/0x70
[  789.174035][    C1]  ? __switch_to_asm+0x33/0x70
[  789.178816][    C1]  ? __pfx_kthread+0x10/0x10
[  789.183436][    C1]  ret_from_fork_asm+0x1a/0x30
[  789.188237][    C1]  </TASK>
[  789.191272][    C1] rcu: Stack dump where RCU GP kthread last ran:
[  789.197699][    C1] CPU: 1 UID: 0 PID: 7024 Comm: kworker/u8:25 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(full) 
[  789.208210][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  789.218285][    C1] Workqueue: events_unbound toggle_allocation_gate
[  789.224809][    C1] RIP: 0010:smp_call_function_many_cond+0xf69/0x12d0
[  789.231499][    C1] Code: 00 45 8b 2f 44 89 ee 83 e6 01 31 ff e8 80 6e 0b 00 41 83 e5 01 49 bd 00 00 00 00 00 fc ff df 75 07 e8 2b 6a 0b 00 eb 37 f3 90 <43> 0f b6 04 2c 84 c0 75 10 41 f7 07 01 00 00 00 74 1e e8 10 6a 0b
[  789.251121][    C1] RSP: 0018:ffffc9000f5e76a0 EFLAGS: 00000293
[  789.257205][    C1] RAX: ffffffff81b4bba0 RBX: ffff8880b873b040 RCX: ffff88802a303c00
[  789.265187][    C1] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  789.273170][    C1] RBP: ffffc9000f5e7800 R08: ffffffff8fa0b2f7 R09: 1ffffffff1f4165e
[  789.281155][    C1] R10: dffffc0000000000 R11: fffffbfff1f4165f R12: 1ffff110170c835d
[  789.289138][    C1] R13: dffffc0000000000 R14: 0000000000000000 R15: ffff8880b8641ae8
[  789.297126][    C1] FS:  0000000000000000(0000) GS:ffff888125d57000(0000) knlGS:0000000000000000
[  789.306156][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  789.312760][    C1] CR2: 00007fa19dc9ef98 CR3: 000000000df38000 CR4: 00000000003526f0
[  789.320762][    C1] Call Trace:
[  789.324056][    C1]  <TASK>
[  789.327014][    C1]  ? __pfx_smp_call_function_many_cond+0x10/0x10
[  789.333355][    C1]  ? __pfx_text_poke_memcpy+0x10/0x10
[  789.338743][    C1]  ? kmem_cache_alloc_bulk_noprof+0x148/0x790
[  789.344835][    C1]  ? __pfx___text_poke+0x10/0x10
[  789.349789][    C1]  ? rcu_is_watching+0x15/0xb0
[  789.354566][    C1]  ? trace_contention_end+0x39/0x120
[  789.359874][    C1]  ? __pfx_do_sync_core+0x10/0x10
[  789.364916][    C1]  on_each_cpu_cond_mask+0x3f/0x80
[  789.370050][    C1]  smp_text_poke_batch_finish+0x5e0/0x1100
[  789.375880][    C1]  ? __pfx___mutex_lock+0x10/0x10
[  789.380919][    C1]  ? __pfx_smp_text_poke_batch_finish+0x10/0x10
[  789.387184][    C1]  ? arch_jump_label_transform_queue+0x97/0x110
[  789.393485][    C1]  arch_jump_label_transform_apply+0x1c/0x30
[  789.399493][    C1]  static_key_enable_cpuslocked+0x128/0x250
[  789.405411][    C1]  static_key_enable+0x1a/0x20
[  789.410197][    C1]  toggle_allocation_gate+0xad/0x240
[  789.415498][    C1]  ? __pfx_toggle_allocation_gate+0x10/0x10
[  789.421409][    C1]  ? process_scheduled_works+0x9ef/0x17b0
[  789.427153][    C1]  ? process_scheduled_works+0x9ef/0x17b0
[  789.432891][    C1]  ? process_scheduled_works+0x9ef/0x17b0
[  789.438634][    C1]  process_scheduled_works+0xade/0x17b0
[  789.444222][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[  789.450237][    C1]  worker_thread+0x8a0/0xda0
[  789.454866][    C1]  kthread+0x711/0x8a0
[  789.458957][    C1]  ? __pfx_worker_thread+0x10/0x10
[  789.464083][    C1]  ? __pfx_kthread+0x10/0x10
[  789.468694][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  789.473920][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  789.479127][    C1]  ? __pfx_kthread+0x10/0x10
[  789.483738][    C1]  ret_from_fork+0x3fc/0x770
[  789.488349][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[  789.493489][    C1]  ? __switch_to_asm+0x39/0x70
[  789.498269][    C1]  ? __switch_to_asm+0x33/0x70
[  789.503065][    C1]  ? __pfx_kthread+0x10/0x10
[  789.507693][    C1]  ret_from_fork_asm+0x1a/0x30
[  789.512506][    C1]  </TASK>