last executing test programs:

995.620176ms ago: executing program 3 (id=4):
mmap$auto(0x0, 0x2, 0xdf, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
r0 = socket(0xa, 0x801, 0x84)
r1 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x147)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x80, 0x0)
sendmsg$auto_NL80211_CMD_FRAME(r0, &(0x7f0000000600)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000005c0)={&(0x7f00000006c0)=ANY=[@ANYBLOB="1c000000816592d8508a57a57e087405b1a254a33748910cb52c45cc12d7b6ab7d4316651541002c2f0687470e2b9c036147e4", @ANYRES16=0x0, @ANYBLOB="040027bd7000fbdbdf253b0000000500a20007000000"], 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x1)
mmap$auto(0x1, 0x5, 0xdf, 0xeb3, 0x401, 0x8000)
move_pages$auto(0x1, 0x20007, 0x0, 0x0, 0x0, 0x8000000000000000)
r2 = syz_genetlink_get_family_id$auto_taskstats(&(0x7f0000000240), r1)
sendmsg$auto_CGROUPSTATS_CMD_GET(r0, &(0x7f0000000340)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x40100}, 0xc, &(0x7f0000000300)={&(0x7f0000000640)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="00012cbd7000fedbdf250400000008000100", @ANYRES32=r1, @ANYBLOB="08000100", @ANYRES32=r1, @ANYBLOB="28de1f912176f9305e4740e455c77127ba0e85c50798fe408bd02bfc9397357ce5f6fdfdb6d1c676e79ec9bfc3"], 0x24}}, 0x4002000)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000180)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0x4}, 0x1000000000029, 0x0, 0x4000000000007, 0xa505}, 0x800}, 0x4, 0x4008)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
execve$auto(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
listen$auto(0x3, 0x83)
accept$auto(0x3, 0xffffffffffffffff, 0xfffffffffffffffd)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x16240, 0x0)
execve$auto(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
execve$auto(&(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000100)=&(0x7f0000000440)='#\xdc\xfe\xd8E\xc8\x8bu4\xd9n\xcb\xca\xc7zw \x96\xee\xf0e\x96\x8e<\xf1\xaf]\x9ejh\xad\x9eEc\xae\x1e\x89\x92\x9a\xbbP[B\xae\x9cf)\x15\xac\x90)l\x06\xf0\t\x12\x05zz\xa6\xb3\xce=\x00\x00\x00\x00\x00/\xc4T\x1f\xe5P\xff\xb4\xb7s0\x02\xc5\x81\x93\xc6\xc8\xb6Sp\x1a{8\xfc\xe0,X\xc7BU\xd0\x97\x7f1\x16\x99\x04\xabu/a(\x02\x7f\xbb\xbd\x906\xa8\xce\xee\xcd\xd7\t\x00\xfb\x83\xc8\x8aO\xe9\xbe=\xf7\xf4\x84,\x06\xd3j\x99b\xe6\"Y3A\xbb\xa4\xb2\f\x1b\xc3\x8a,g\xc6\xe8[\xdf\x88\x01\x9f7\xb5\x19m\xd8L\x84j\x8c\xec\xdf\x1a\xbd\xc5\x94\xb9\xb7\xd5\xa4\xc0\f-6\xfe\xa8\xed/u\x81_G\xfeR\xbb\x12\x16\xb8*\xa9\xc9\xe81\x9d\x06\xbbC\x17\xbb\xe6|\x97\xabB4J\xed+-\xf8u0/n\xcf\x8b\x95\x9d\xab\xa8\xc47\xa6\x0e\xdeOq\\\xc3\'{\b\xd3m\x94\xc2\xdd{\xeaO\x0e\xe4\xe0\xb9\x18^\xcf\v\x97\x97\x06c\x1c\x8fi\x0e\xe4\xd7\x98\x9bN:\xd60\x17,\x06\xc7B#Y0\x99\xeb\x874\xab?\xc8\x82\xe5\x8f\xb7\x91\xc2\x00\xcc5\xb0\xd3k\xd5\xdcZ\xdcP\x8e+\xd8\xc7C\xcb\x15\x13c\xbf\xe8\xbd\"\x8f3\"\x14\xf8(\xda\x19\xcd\xec\x03.\xd9^\xc3A\xda\r[\x1a\xda\\#/\xd4\xaf\xd0\xe8\xff\xff\xff\xff\x00\x00\x00\x00\x99lQ\xec\x84h^\x11+\x93\b\xe0c\xe6\xd22\xf9\xa5')
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mbind$auto(0x0, 0xfa9d, 0x8001, &(0x7f0000000280)=0x10000c9e, 0x400, 0x1)
ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
openat$auto_proc_pid_numa_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/numa_maps\x00', 0x20000, 0x0)
finit_module$auto(0x3, 0xfffffffffffffffe, 0x400000000004)
pwrite64$auto(0xc8, &(0x7f0000000080)='\vX\xb5\x85\x91p\xe6\x1eRN8\x90\x86\xdde\x1cJ\x99\x00\x11\x89\x14\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8dg\x81K*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,,\x93\xba\x88\x93\xc6#\xe5\xaae\x9d\xb6\x1a\x7f\xc0%\xb0\rfOJ+\x02\x9b#\x1c\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd0\xbdn\x1d\x00\xeb]B\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xaf\n1\x80\x1a\xbc_\xef\x8b\t\xcc\xa6\xf2\xc1\"\xact\xee\xc9\x00'/232, 0xddef, 0x5)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000001100)='/proc/sys/net/ipv6/conf/wg0/hop_limit\x00', 0xc8202, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

845.245777ms ago: executing program 2 (id=3):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000)
move_pages$auto(0x1, 0x20007, 0x0, 0x0, 0x0, 0x8000000000000000)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
unshare$auto(0x8000000)
semget$auto(0x0, 0x33, 0x5)
semtimedop$auto(0x0, &(0x7f0000000000)={0x7, 0x9, 0x36ec}, 0x1f4, 0x0)
unshare$auto(0x8000400)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/system/node/node1/compact\x00', 0xc2481, 0x0)
writev$auto(r1, &(0x7f0000000080)={&(0x7f0000000040), 0x1000}, 0x3)
r2 = socket(0x18, 0x5, 0x1)
syz_genetlink_get_family_id$auto_smbd_genl(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$auto_KSMBD_EVENT_LOGIN_RESPONSE(r2, 0x0, 0x30004850)
msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004)
close_range$auto(0x2, 0x8, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000010c0), 0x101000, 0x0)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r3)
ioctl$auto_KVM_GET_MSRS(r3, 0x4008ae89, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
r4 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/bus/usb/037/001\x00', 0x40001, 0x0)
mmap$auto(0x0, 0x404008, 0xdf, 0x9b72, 0x2, 0x8000)
ioctl$auto_USBDEVFS_CONTROL(r4, 0xc0185500, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x4c440, 0x0)

303.978652ms ago: executing program 1 (id=2):
sysfs$auto(0x2, 0x43, 0x0)
mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/system/cpu/cpu1/online\x00', 0x62, 0x0)
write$auto(r0, &(0x7f00000007c0)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef`\xd8\x9c\xf7?:\x1a\xc62\x911e\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\b};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xff\x7f\xd0UV\x11\xcb\xdd\x81\xbe\xde\f/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2|%\xbf\x02trg\x9a\xe7\x00\x85Z\x06?\x12\x98\x0f)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1;\xe4pd$\xd7\x1b\v\x82\r\f\xd0Hq\xd9\r\x88#\x89\x8d\xcd\x1e\x87N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8HR+\a\xb7R\t\n+\x7f\xd5H\x90G=\x9a\r\xb10\x1b\xf8\v\x11\v\xbb\xc8^\xa4\xe2\x05\x91|\x123\xc3:\xfd\xee\x04a\xc8\x12\xce\xa2\x12\xcb\x8c\x87f\xebGQ\xe9\x96\xd5E\x13a\xb7\x057\x1c&\xe0\x94\xa7\xfb\x9d;\xfa\xb1\x1b4a,\'\xb2Ym\xe1:\xbf\x8cs\x06\xa3u\x8d!\n\x80-\x9a\xbb;\xf4\xf3\xe1\x97\xfc8\xff\xa7\\\x8b\xf9\x95\x10$\xef\x1a #b\xfb\xfe\xe9\x06fK0\xdd\x84T,\xfa\xb5\x00\x83d\xbba\xd7\x7f\x00\x00\x00AN\x9d\xcb\x96\xc7\xe8\xe6\x8bC\xeb\xc7EZ\xc8\x1a\x81.f\tZ-sZ\x13n\xec\xa9\xbf\xd0$\xb9\xd8\x00\x00\x00\x00\x00\x00\x00\x00\x00\xec\xbd_r\xf16\xec\xf3\xbb[.\xf3\xef\xf8\x16x\x9e\xb3*:/L\xa0Kg\xf0\xa2\x84\xa3o\xcc\x9e\xd3\xeb\xd3(\xaa\x93g~\x01\x81\x1eV\xf1L\xfc\xad\xa9#O\xe4\x12\xd3\xbda\xbc\x9a\x9f+9\'\xc4\x13\xf0\xc88\x1d80?\xc2\a\af\xdc?-&\xedAd\x9c\xe5&\xb9\x14\xe1\x85 \xbf\x18\xfc:#\xcf\x7ffT\xefPb\xe1\xfa]\xcc\x8a\xe3\x99\x98u\x9bj>\x9d\xc2\x1fk\x87\x92\xfb(U\xa8\xcd4+\xf6e5],\xec\x84 \x1b\x10d\x1b@\x84X\xa1\xa8\xd7\xccO\xb0Qq\x1a\xa4<\\\x0e\xa4\x7f^\x1a|\xfd\xe6#\x00\x9e\x1d\x00k\x84\x1b\xa3\xb1O\xe0IzJRO\xf4,\xe5\xdb\x03CA\x13Q\x84\xbb\x88\xb4\xe3\xba\xf0/\xd0\x04\ny\a\x8d\x12h\xe22\xcb\"\xce\x00\x00', 0x5)
socket(0x2, 0x3, 0x2)
rseq$auto(&(0x7f00000004c0)={0x12, 0x401, 0x3, 0x6, 0xfffffeff, 0x2}, 0x8002, 0x0, 0x8)
clock_nanosleep$auto(0xfffefffe, 0xb, &(0x7f0000000340)={0x100000000000002}, 0x0)
socket(0x2, 0x80002, 0x73)
r1 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/oom_adj\x00', 0x48402, 0x0)
read$auto(r1, 0x0, 0x1f40)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8)

0s ago: executing program 0 (id=1):
r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000440)='/proc/thread-self/fail-nth\x00', 0x58880, 0x0)
write$auto(r0, &(0x7f0000000100)='7\x00\\\xa0\x04|4\x00\x00\x03\x00\x00\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\x00rRVr\xc4O\xdc1\x9b%\x10Z\'\xb9\'\xa3stC<c$\aJ\x03\xb9?\xec\xf4\xde\x06\xb4x\xcep|\xa1\xd5\xc3r\x8d\xe5\xda#\f\xa7-\xaf@\xc3x\xa2\"h\xec\xa0\x9ay\'\x99\xca\x9a\xa6\xda6\xb3E\xe1-\x17I!J\xf0\xb7\xc9O\xe9f\x93~\xce\x0e\x8c\xfa\xe3\x89\xca\xf5\xa2\xd2t\x84\xf8`e\x16\xf4\\\x13\x87O}\\\x9aVBa~i\xb9s\x00\x00\x00\x00\x00\x00\x00\x00\n\x04>=\x85\xc6\xf6\x13 \xeb\xff%\x11\x82\x05\xddV\x02\xca&\xd8$<\xab&\xc8B\xbdQ\xaa\x16o\x1f\xc7\x94\xa3\xc9\x9a\xe1d\xf5\n\xe2\x88\x84\vT\x00\x00\x00\x00\x00\x00\x00\x04?\x81\xfd\xdd\xda\xb4&\xa7c\xa3G\x17\x1d\xac^\xf8\x85\x9b\xb7\x88\xf5c4\xc6\xb3\xc9\xf0\xef\xbdY9bt0^\x95<\xda.\xcb\x04/\xea.\'X_\xcaz\xee\x871\t\x1b\xc3\xe7\x84\xfbF)\xdbcC\xad\x9c\x90\x80F\xd37c\x0e\xeb\xa6\x0e\xb1A\xb6\xc1X\xe2\xa3\xeb\xb3\xdd\x8d\xf9i\xff\xbdz\xbf\x90\xbd\xa2\x16DV!\xa7\x9ch\xcd\xc6\xa0\xc6cw\xb6\x03+p\aZ.\xfc\xb6ix\xb5\xf9\'\xb0\\\xbeA\xd3i\xf6\xcc\xad\xa8\xca\x1cr\x12\xae\xcaoZ\x11q\xaa\x1e\xd7\xbc\x16QE\xda|\xd9Dz]\xcf\x1d\xdafd\xc1\xbaF\xedt\x00a^\xe3Z\xeaH\xc4\xa8\\_\xb8\xc1E\xd1\x9eAL\x03S\xa6\xdf\xcb\xb2%5\xed4u\xd4Ia\x95Q\xaa$\x11#D\x95\xc5\x10\xdaM\xe5\x13\x01\x8c6\xaa \xbf\xcc\xb1\xe4Q\xc4\xd9p\x81\x98l\\U~\xfc\xac\x1f/\xb7\x1d\x8b;\xc2j\xa0q>\x98\xb4\a\xba$c\f-', 0xfffffffd)
syz_clone3(&(0x7f0000000400)={0x9840100, 0x0, 0x0, 0x0, {0x31}, 0x0, 0x20, 0x0, 0x0}, 0x58)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0xffffffffffffffff, 0x300000000000)
openat$auto_userio_fops_userio(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
prctl$auto(0x4d, 0x1, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x10005, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000)
timer_create$auto(0x9, 0x0, 0x0)
r1 = io_uring_setup$auto(0xa, 0x0)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
close_range$auto(0x2, 0xa, 0x0)
r2 = openat$auto_ftrace_formats_fops_trace_printk(0xffffffffffffff9c, 0x0, 0x108243, 0x0)
setsockopt$auto_SO_PASSCRED(r2, 0x3, 0x10, &(0x7f0000000400)='/sys/module/block/parameters/events_dfl_poll_msecs\x00', 0x1fe)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x40, 0x0)
r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000300), r1)
sendmsg$auto_NL80211_CMD_TDLS_CHANNEL_SWITCH(r1, &(0x7f00000003c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000380)={&(0x7f0000000500)=ANY=[@ANYBLOB="2500d700bee4d5644cbb58508c2c84943dd80680e0d823aff3f41d382da917b5c768fb10b59327114f1eab19cc3018cb93f583e8c56997420a10fa8e8ca32a877ed97151b83c9de94d1069f3d0d53771aeac887c5d649805fd0bd1d5dad19db2228f997c1cd56728a352616dfae59365ee6745ceaee03e793072fd4d3ac92fbc2c98ca337a11c740fd88ee63706bfc9fffa55e39cbe9c04be1bcb5e10cfb17834c96de3bed5df39c2982ea5e20a5d4a171fdb266fd0f55bf81b1107b", @ANYRES16=r3, @ANYBLOB="04002bbd7000ffdbdf256f0000000e00f900fe61e7d22a0764088c9e0000"], 0x24}, 0x1, 0x0, 0x0, 0x14}, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/net/rpc/nfsd.fh/channel\x00', 0x40000, 0x0)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/block/parameters/events_dfl_poll_msecs\x00', 0x80002, 0x0)
write$auto(r4, &(0x7f0000000000)='/sys/module/block/parameters/events_dfl_poll_msecs\x00', 0x3ff)
openat$auto_ptdump_curusr_fops_(0xffffffffffffff9c, &(0x7f0000000480), 0x133000, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(0xffffffffffffffff, 0xc4c85512, &(0x7f00000007c0)={{@raw=0x1, 0x8, 0x4, 0xa2, "c6e47a44a36664a5e709f0e4c97056bc9fa32c617bb88dc98fa7591aefc4647f5af349f8e1e79c823b22958f"}, 0x1, @enumerated=@item=[0x0, 0x3, 0x1, 0xb, 0x6, 0x8001, 0x14, 0x0, 0x10001, 0xefe, 0xfffffff9, 0x5, 0x8005, 0x62f, 0x101, 0x42, 0x200, 0xfffffff0, 0x1000, 0x7, 0x3, 0x3, 0x0, 0x6, 0xb94, 0x0, 0x8, 0x7, 0x3, 0xe8, 0x4, 0x0, 0x9, 0x46f, 0x8, 0x1, 0x6, 0x4, 0x6, 0x8, 0x80, 0x9, 0x65b, 0x9, 0x7, 0x81, 0x1ce8, 0x9, 0x4, 0xf7f, 0x5, 0x4, 0x2, 0x1000, 0x9, 0x0, 0x400, 0x0, 0x0, 0x0, 0x207d, 0xa79, 0x5, 0x5, 0x4, 0x80, 0x6ed, 0x2, 0x1, 0x3, 0x8, 0x4, 0x8, 0x0, 0x80000000, 0x5, 0x8, 0x6, 0x0, 0xa, 0x2, 0x5, 0x400, 0x6, 0x4, 0x9, 0x29, 0x7ff, 0x30971ad3, 0x9, 0x78d, 0x7f, 0x0, 0x8001, 0x20000, 0x40, 0x0, 0x4, 0x40005, 0xfffff43e, 0xfffffffc, 0x4f000, 0xfe, 0x5, 0x7, 0xd49e923b, 0x4, 0xcee, 0x77, 0xf2, 0x0, 0x7fffffff, 0x7f79, 0x9, 0x20005b, 0x8, 0x10011, 0x8, 0x0, 0xc2, 0x3, 0x5, 0x1000, 0x1, 0x7, 0x400, 0x8, 0x3], "4570dcfd140074f863fc1385c4fd7abe6fce96c0b442897f58fd7d975d164deff4eef5b9f9173fa400163669eae95125d4bd68ca54ca1b0aefb60ffa8d501b1329af8d4108ac145aa564c6e7a09ea1b2dfae0f309c6ea508833d7d134b13d8cb3ef95bf5ed43801c280c02a5a853512e6f730d43226f00af1c5ac268ecc1d18f"})
r5 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x20881, 0x0)
write$auto(r5, &(0x7f0000000040)='/dev/input/event1\x00', 0x10001)
syz_genetlink_get_family_id$auto_net_dm(&(0x7f00000004c0), r1)
shutdown$auto(r4, 0x1)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.1.47' (ED25519) to the list of known hosts.
[   72.872255][ T5808] cgroup: Unknown subsys name 'net'
[   72.939320][ T5808] cgroup: Unknown subsys name 'cpuset'
[   72.948345][ T5808] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   74.381125][ T5808] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   76.108374][ T5824] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   76.117292][ T5824] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   76.120687][ T5829] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   76.125703][ T5824] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   76.142864][ T5832] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   76.145141][ T5827] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   76.158807][ T5832] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   76.159132][ T5827] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   76.173753][ T5835] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   76.182914][ T5835] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   76.183195][ T5834] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   76.192836][ T5835] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   76.204475][ T5836] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   76.212128][ T5827] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   76.216043][ T5835] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   76.221793][ T5827] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   76.229227][ T5835] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   76.234962][ T5827] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   76.241110][ T5835] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   76.265502][ T5835] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   76.824507][ T5820] chnl_net:caif_netlink_parms(): no params data found
[   76.857506][ T5821] chnl_net:caif_netlink_parms(): no params data found
[   76.871869][ T5823] chnl_net:caif_netlink_parms(): no params data found
[   76.994484][ T5822] chnl_net:caif_netlink_parms(): no params data found
[   77.126212][ T5821] bridge0: port 1(bridge_slave_0) entered blocking state
[   77.133961][ T5821] bridge0: port 1(bridge_slave_0) entered disabled state
[   77.141524][ T5821] bridge_slave_0: entered allmulticast mode
[   77.148956][ T5821] bridge_slave_0: entered promiscuous mode
[   77.188377][ T5821] bridge0: port 2(bridge_slave_1) entered blocking state
[   77.195796][ T5821] bridge0: port 2(bridge_slave_1) entered disabled state
[   77.203009][ T5821] bridge_slave_1: entered allmulticast mode
[   77.210412][ T5821] bridge_slave_1: entered promiscuous mode
[   77.217939][ T5820] bridge0: port 1(bridge_slave_0) entered blocking state
[   77.225076][ T5820] bridge0: port 1(bridge_slave_0) entered disabled state
[   77.232744][ T5820] bridge_slave_0: entered allmulticast mode
[   77.239930][ T5820] bridge_slave_0: entered promiscuous mode
[   77.247226][ T5823] bridge0: port 1(bridge_slave_0) entered blocking state
[   77.254363][ T5823] bridge0: port 1(bridge_slave_0) entered disabled state
[   77.261724][ T5823] bridge_slave_0: entered allmulticast mode
[   77.268928][ T5823] bridge_slave_0: entered promiscuous mode
[   77.277132][ T5823] bridge0: port 2(bridge_slave_1) entered blocking state
[   77.284234][ T5823] bridge0: port 2(bridge_slave_1) entered disabled state
[   77.291791][ T5823] bridge_slave_1: entered allmulticast mode
[   77.298828][ T5823] bridge_slave_1: entered promiscuous mode
[   77.326624][ T5820] bridge0: port 2(bridge_slave_1) entered blocking state
[   77.334250][ T5820] bridge0: port 2(bridge_slave_1) entered disabled state
[   77.341599][ T5820] bridge_slave_1: entered allmulticast mode
[   77.348769][ T5820] bridge_slave_1: entered promiscuous mode
[   77.411523][ T5823] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   77.421671][ T5822] bridge0: port 1(bridge_slave_0) entered blocking state
[   77.429683][ T5822] bridge0: port 1(bridge_slave_0) entered disabled state
[   77.437122][ T5822] bridge_slave_0: entered allmulticast mode
[   77.444079][ T5822] bridge_slave_0: entered promiscuous mode
[   77.454073][ T5821] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   77.474778][ T5823] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   77.484800][ T5822] bridge0: port 2(bridge_slave_1) entered blocking state
[   77.491977][ T5822] bridge0: port 2(bridge_slave_1) entered disabled state
[   77.499367][ T5822] bridge_slave_1: entered allmulticast mode
[   77.506803][ T5822] bridge_slave_1: entered promiscuous mode
[   77.516661][ T5821] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   77.546227][ T5820] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   77.591942][ T5821] team0: Port device team_slave_0 added
[   77.599916][ T5820] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   77.610693][ T5823] team0: Port device team_slave_0 added
[   77.628647][ T5821] team0: Port device team_slave_1 added
[   77.636759][ T5822] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   77.658965][ T5823] team0: Port device team_slave_1 added
[   77.691271][ T5822] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   77.711001][ T5820] team0: Port device team_slave_0 added
[   77.749700][ T5820] team0: Port device team_slave_1 added
[   77.772077][ T5821] batman_adv: batadv0: Adding interface: batadv_slave_0
[   77.779185][ T5821] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   77.805646][ T5821] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   77.819154][ T5822] team0: Port device team_slave_0 added
[   77.825499][ T5821] batman_adv: batadv0: Adding interface: batadv_slave_1
[   77.832457][ T5821] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   77.858474][ T5821] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   77.878810][ T5823] batman_adv: batadv0: Adding interface: batadv_slave_0
[   77.886087][ T5823] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   77.912156][ T5823] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   77.925130][ T5822] team0: Port device team_slave_1 added
[   77.951011][ T5823] batman_adv: batadv0: Adding interface: batadv_slave_1
[   77.958111][ T5823] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   77.984361][ T5823] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   78.028876][ T5820] batman_adv: batadv0: Adding interface: batadv_slave_0
[   78.036061][ T5820] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   78.065354][ T5820] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   78.078199][ T5820] batman_adv: batadv0: Adding interface: batadv_slave_1
[   78.085173][ T5820] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   78.111209][ T5820] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   78.132603][ T5822] batman_adv: batadv0: Adding interface: batadv_slave_0
[   78.139715][ T5822] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   78.165795][ T5822] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   78.196852][ T5822] batman_adv: batadv0: Adding interface: batadv_slave_1
[   78.203843][ T5822] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   78.230165][ T5822] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   78.277084][ T5821] hsr_slave_0: entered promiscuous mode
[   78.283748][ T5821] hsr_slave_1: entered promiscuous mode
[   78.296194][   T50] Bluetooth: hci3: command tx timeout
[   78.301972][   T50] Bluetooth: hci0: command tx timeout
[   78.308069][ T5835] Bluetooth: hci2: command tx timeout
[   78.313841][ T5824] Bluetooth: hci1: command tx timeout
[   78.333088][ T5823] hsr_slave_0: entered promiscuous mode
[   78.339534][ T5823] hsr_slave_1: entered promiscuous mode
[   78.346145][ T5823] debugfs: 'hsr0' already exists in 'hsr'
[   78.352052][ T5823] Cannot create hsr debugfs directory
[   78.415861][ T5822] hsr_slave_0: entered promiscuous mode
[   78.422209][ T5822] hsr_slave_1: entered promiscuous mode
[   78.428659][ T5822] debugfs: 'hsr0' already exists in 'hsr'
[   78.434427][ T5822] Cannot create hsr debugfs directory
[   78.455690][ T5820] hsr_slave_0: entered promiscuous mode
[   78.461878][ T5820] hsr_slave_1: entered promiscuous mode
[   78.468289][ T5820] debugfs: 'hsr0' already exists in 'hsr'
[   78.474021][ T5820] Cannot create hsr debugfs directory
[   78.917721][ T5821] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   78.932632][ T5821] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   78.952119][ T5821] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   78.962169][ T5821] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   79.019787][ T5823] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   79.029616][ T5823] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   79.043088][ T5823] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   79.054397][ T5823] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   79.164473][ T5820] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   79.176558][ T5820] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   79.187894][ T5820] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   79.199079][ T5820] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   79.334505][ T5822] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   79.356886][ T5822] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   79.373888][ T5821] 8021q: adding VLAN 0 to HW filter on device bond0
[   79.383457][ T5822] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   79.394808][ T5822] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   79.461091][ T5820] 8021q: adding VLAN 0 to HW filter on device bond0
[   79.477064][ T5821] 8021q: adding VLAN 0 to HW filter on device team0
[   79.493728][ T5823] 8021q: adding VLAN 0 to HW filter on device bond0
[   79.516535][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   79.523761][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   79.547908][   T33] bridge0: port 2(bridge_slave_1) entered blocking state
[   79.555057][   T33] bridge0: port 2(bridge_slave_1) entered forwarding state
[   79.580747][ T5820] 8021q: adding VLAN 0 to HW filter on device team0
[   79.619423][ T5823] 8021q: adding VLAN 0 to HW filter on device team0
[   79.627942][   T79] bridge0: port 1(bridge_slave_0) entered blocking state
[   79.635102][   T79] bridge0: port 1(bridge_slave_0) entered forwarding state
[   79.656531][   T79] bridge0: port 2(bridge_slave_1) entered blocking state
[   79.663732][   T79] bridge0: port 2(bridge_slave_1) entered forwarding state
[   79.712950][   T33] bridge0: port 1(bridge_slave_0) entered blocking state
[   79.720108][   T33] bridge0: port 1(bridge_slave_0) entered forwarding state
[   79.731668][   T33] bridge0: port 2(bridge_slave_1) entered blocking state
[   79.738826][   T33] bridge0: port 2(bridge_slave_1) entered forwarding state
[   79.846959][ T5823] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   79.922874][ T5822] 8021q: adding VLAN 0 to HW filter on device bond0
[   79.988694][ T5822] 8021q: adding VLAN 0 to HW filter on device team0
[   80.022506][   T33] bridge0: port 1(bridge_slave_0) entered blocking state
[   80.029773][   T33] bridge0: port 1(bridge_slave_0) entered forwarding state
[   80.077029][   T33] bridge0: port 2(bridge_slave_1) entered blocking state
[   80.084297][   T33] bridge0: port 2(bridge_slave_1) entered forwarding state
[   80.223994][ T5822] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   80.318148][ T5823] 8021q: adding VLAN 0 to HW filter on device batadv0
[   80.370409][ T5821] 8021q: adding VLAN 0 to HW filter on device batadv0
[   80.378984][ T5824] Bluetooth: hci1: command tx timeout
[   80.384526][ T5824] Bluetooth: hci0: command tx timeout
[   80.390237][   T50] Bluetooth: hci2: command tx timeout
[   80.396839][ T5827] Bluetooth: hci3: command tx timeout
[   80.480375][ T5820] 8021q: adding VLAN 0 to HW filter on device batadv0
[   80.529157][ T5823] veth0_vlan: entered promiscuous mode
[   80.535183][ T5821] veth0_vlan: entered promiscuous mode
[   80.560479][ T5821] veth1_vlan: entered promiscuous mode
[   80.570613][ T5823] veth1_vlan: entered promiscuous mode
[   80.636338][ T5822] 8021q: adding VLAN 0 to HW filter on device batadv0
[   80.672367][ T5823] veth0_macvtap: entered promiscuous mode
[   80.693431][ T5823] veth1_macvtap: entered promiscuous mode
[   80.721944][ T5821] veth0_macvtap: entered promiscuous mode
[   80.744004][ T5821] veth1_macvtap: entered promiscuous mode
[   80.751085][ T5820] veth0_vlan: entered promiscuous mode
[   80.768396][ T5823] batman_adv: batadv0: Interface activated: batadv_slave_0
[   80.781702][ T5823] batman_adv: batadv0: Interface activated: batadv_slave_1
[   80.820716][ T5820] veth1_vlan: entered promiscuous mode
[   80.831150][   T79] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   80.842418][   T79] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   80.854905][ T5822] veth0_vlan: entered promiscuous mode
[   80.862514][   T79] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   80.872511][   T79] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   80.888984][ T5821] batman_adv: batadv0: Interface activated: batadv_slave_0
[   80.913923][ T5821] batman_adv: batadv0: Interface activated: batadv_slave_1
[   80.933573][ T5822] veth1_vlan: entered promiscuous mode
[   80.950563][  T454] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   80.960189][  T454] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   81.000347][  T454] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   81.010133][  T454] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   81.085026][ T5822] veth0_macvtap: entered promiscuous mode
[   81.108238][ T5820] veth0_macvtap: entered promiscuous mode
[   81.122455][ T5822] veth1_macvtap: entered promiscuous mode
[   81.167243][ T5820] veth1_macvtap: entered promiscuous mode
[   81.192731][  T454] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   81.210382][  T454] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   81.217531][ T5822] batman_adv: batadv0: Interface activated: batadv_slave_0
[   81.274428][ T5822] batman_adv: batadv0: Interface activated: batadv_slave_1
[   81.286826][ T5820] batman_adv: batadv0: Interface activated: batadv_slave_0
[   81.300616][   T33] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   81.312886][ T3563] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   81.320012][   T33] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   81.334806][ T3563] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   81.337686][  T454] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   81.352609][  T454] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   81.379624][ T5820] batman_adv: batadv0: Interface activated: batadv_slave_1
[   81.398269][  T454] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   81.407811][  T454] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   81.460471][ T5823] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   81.475484][  T454] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   81.475557][  T454] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   81.475624][  T454] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   81.475686][  T454] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   81.529634][  T454] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   81.539004][  T454] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   81.628211][ T3563] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   81.664013][ T3563] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   81.827619][   T79] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   81.860920][   T79] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   82.012220][  T454] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   82.077945][ T5908] process 'syz.3.4' launched './file0' with NULL argv: empty string added
[   82.087117][  T454] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   82.202319][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[   82.223278][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   82.243505][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   82.296594][    T0] NOHZ tick-stop error: local softirq work is pending, handler #208!!!
[   82.305974][    T0] NOHZ tick-stop error: local softirq work is pending, handler #242!!!
[   82.315046][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   82.323598][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   82.457427][ T5827] Bluetooth: hci0: command tx timeout
[   82.457595][ T5824] Bluetooth: hci2: command tx timeout
[   82.462856][ T5827] Bluetooth: hci1: command tx timeout
[   82.468371][   T50] Bluetooth: hci3: command tx timeout
[   82.652952][ T5923] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   82.783452][ T5919] smpboot: CPU 1 is now offline
[   82.971697][ T5924] smpboot: Booting Node 0 Processor 1 APIC 0x1
[   82.972657][    T0] numa_add_cpu cpu 1 node 0: mask now 0-1
[   82.972683][    T0] numa_add_cpu cpu 1 node 1: mask now 0-1
[   82.973120][ T5916] ------------[ cut here ]------------
[   82.973396][ T5916] debug_locks && !(lock_is_held(&(__rq_lockp(rq))->dep_map) != 0)
[   82.973409][ T5916] WARNING: kernel/sched/sched.h:1600 at update_rq_clock+0x40a/0xd20, CPU#0: syz.2.3/5916
[   82.973464][ T5916] Modules linked in:
[   82.973686][ T5916] CPU: 0 UID: 0 PID: 5916 Comm: syz.2.3 Not tainted syzkaller #0 PREEMPT(full) 
[   82.973721][ T5916] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[   82.973743][ T5916] RIP: 0010:update_rq_clock+0x40a/0xd20
[   82.973774][ T5916] Code: ab 48 0b 00 00 48 83 c4 18 5b 5d 41 5c 41 5d 41 5e 41 5f e9 88 07 b9 09 a8 04 0f 84 df fc ff ff 90 0f 0b 90 e9 d6 fc ff ff 90 <0f> 0b 90 e9 92 fc ff ff 4c 8d 83 40 0b 00 00 48 b8 00 00 00 00 00
[   82.973801][ T5916] RSP: 0018:ffffc900043f7210 EFLAGS: 00010046
[   82.973826][ T5916] RAX: 0000000000000000 RBX: ffff8880b853b280 RCX: 0000000000000001
[   82.973844][ T5916] RDX: 0000000000000046 RSI: ffffffff8de4f364 RDI: ffffffff8c1adb20
[   82.973864][ T5916] RBP: ffffc900043f73b8 R08: 0000000000000001 R09: 0000000000000001
[   82.973882][ T5916] R10: ffffffff90d95417 R11: 0000000000000000 R12: ffffffff90d98714
[   82.973901][ T5916] R13: ffff8880b853c0c0 R14: ffff88801e6e1e40 R15: ffff8880b853b280
[   82.973922][ T5916] FS:  00007feca83f66c0(0000) GS:ffff88812435a000(0000) knlGS:0000000000000000
[   82.973949][ T5916] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   82.973969][ T5916] CR2: 000055555dcbaa28 CR3: 000000007c6be000 CR4: 00000000003526f0
[   82.973988][ T5916] Call Trace:
[   82.973997][ T5916]  <TASK>
[   82.974020][ T5916]  __schedule+0x1b7d/0x60e0
[   82.974059][ T5916]  ? __pfx_page_mkclean_one+0x10/0x10
[   82.974117][ T5916]  ? __pfx___schedule+0x10/0x10
[   82.974160][ T5916]  ? mark_held_locks+0x40/0x70
[   82.974198][ T5916]  preempt_schedule_irq+0x50/0x90
[   82.974234][ T5916]  irqentry_exit+0x17b/0x670
[   82.974275][ T5916]  asm_sysvec_reschedule_ipi+0x1a/0x20
[   82.974306][ T5916] RIP: 0010:__sanitizer_cov_trace_pc+0x54/0x70
[   82.974350][ T5916] Code: e9 91 d3 86 09 8b 82 54 16 00 00 85 c0 74 f1 8b 82 30 16 00 00 83 f8 02 75 e6 48 8b 8a 38 16 00 00 8b 92 34 16 00 00 48 8b 01 <48> 83 c0 01 48 39 d0 73 cd 48 89 01 48 89 34 c1 e9 57 d3 86 09 0f
[   82.974377][ T5916] RSP: 0018:ffffc900043f74c8 EFLAGS: 00000246
[   82.974400][ T5916] RAX: 000000000007ffff RBX: 0000000000000001 RCX: ffffc9000f456000
[   82.974418][ T5916] RDX: 0000000000080000 RSI: ffffffff824445b8 RDI: ffff8880203adf44
[   82.974437][ T5916] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000
[   82.974454][ T5916] R10: 0000000000000001 R11: 0000000000000000 R12: ffffffffffffffff
[   82.974472][ T5916] R13: 0000000000000001 R14: 0000000000000000 R15: ffff8880796d0298
[   82.974503][ T5916]  ? folio_clear_dirty_for_io+0x178/0x820
[   82.974553][ T5916]  folio_clear_dirty_for_io+0x178/0x820
[   82.974603][ T5916]  mpage_submit_folio+0x84/0x330
[   82.974645][ T5916]  mpage_map_and_submit_buffers+0x5f2/0xb50
[   82.974704][ T5916]  ? __pfx_mpage_map_and_submit_buffers+0x10/0x10
[   82.974780][ T5916]  ? ext4_ext_index_trans_blocks+0x167/0x1a0
[   82.974814][ T5916]  ? __ext4_journal_ensure_credits+0x265/0x2f0
[   82.974865][ T5916]  ext4_do_writepages+0x23fa/0x3f50
[   82.974940][ T5916]  ? __pfx_ext4_do_writepages+0x10/0x10
[   82.975026][ T5916]  ? ext4_writepages+0x347/0x790
[   82.975051][ T5916]  ext4_writepages+0x347/0x790
[   82.975080][ T5916]  ? __pfx_ext4_writepages+0x10/0x10
[   82.975129][ T5916]  ? __pfx_ext4_writepages+0x10/0x10
[   82.975164][ T5916]  do_writepages+0x278/0x600
[   82.975196][ T5916]  ? __pfx_do_writepages+0x10/0x10
[   82.975222][ T5916]  ? do_raw_spin_unlock+0x145/0x1e0
[   82.975263][ T5916]  ? _raw_spin_unlock+0x28/0x50
[   82.975299][ T5916]  filemap_writeback+0x22d/0x2e0
[   82.975332][ T5916]  ? __pfx_filemap_writeback+0x10/0x10
[   82.975412][ T5916]  ? __pfx___might_resched+0x10/0x10
[   82.975457][ T5916]  file_write_and_wait_range+0xcd/0x140
[   82.975496][ T5916]  ext4_sync_file+0x306/0xf10
[   82.975543][ T5916]  ? __pfx_ext4_sync_file+0x10/0x10
[   82.975583][ T5916]  vfs_fsync_range+0x9b/0x190
[   82.975631][ T5916]  __do_sys_msync+0x3ca/0x590
[   82.975676][ T5916]  do_syscall_64+0x106/0xf80
[   82.975712][ T5916]  ? clear_bhb_loop+0x40/0x90
[   82.975748][ T5916]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   82.975777][ T5916] RIP: 0033:0x7fecaa19bf79
[   82.975801][ T5916] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   82.975828][ T5916] RSP: 002b:00007feca83f6028 EFLAGS: 00000246 ORIG_RAX: 000000000000001a
[   82.975856][ T5916] RAX: ffffffffffffffda RBX: 00007fecaa416180 RCX: 00007fecaa19bf79
[   82.975875][ T5916] RDX: 0000000400000004 RSI: 01800000000000fe RDI: 000000001ffff000
[   82.975894][ T5916] RBP: 00007fecaa2327e0 R08: 0000000000000000 R09: 0000000000000000
[   82.975912][ T5916] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   82.975929][ T5916] R13: 00007fecaa416218 R14: 00007fecaa416180 R15: 00007ffff789a988
[   82.975970][ T5916]  </TASK>
[   82.975984][ T5916] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   82.976002][ T5916] CPU: 0 UID: 0 PID: 5916 Comm: syz.2.3 Not tainted syzkaller #0 PREEMPT(full) 
[   82.976035][ T5916] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[   82.976051][ T5916] Call Trace:
[   82.976061][ T5916]  <TASK>
[   82.976071][ T5916]  dump_stack_lvl+0x100/0x190
[   82.976113][ T5916]  vpanic+0x552/0x970
[   82.976142][ T5916]  ? __pfx_vpanic+0x10/0x10
[   82.976187][ T5916]  panic+0xd1/0xe0
[   82.976214][ T5916]  ? __pfx_panic+0x10/0x10
[   82.976260][ T5916]  check_panic_on_warn.cold+0x19/0x34
[   82.976291][ T5916]  ? update_rq_clock+0x40a/0xd20
[   82.976317][ T5916]  __warn.cold+0x191/0x348
[   82.976351][ T5916]  __report_bug+0x296/0x3d0
[   82.976384][ T5916]  ? update_rq_clock+0x40a/0xd20
[   82.976414][ T5916]  ? __pfx___report_bug+0x10/0x10
[   82.976467][ T5916]  ? update_rq_clock+0x40a/0xd20
[   82.976496][ T5916]  report_bug+0xb2/0x220
[   82.976529][ T5916]  ? update_rq_clock+0x40a/0xd20
[   82.976557][ T5916]  handle_bug+0x166/0x2a0
[   82.976599][ T5916]  exc_invalid_op+0x17/0x50
[   82.976641][ T5916]  asm_exc_invalid_op+0x1a/0x20
[   82.976668][ T5916] RIP: 0010:update_rq_clock+0x40a/0xd20
[   82.976697][ T5916] Code: ab 48 0b 00 00 48 83 c4 18 5b 5d 41 5c 41 5d 41 5e 41 5f e9 88 07 b9 09 a8 04 0f 84 df fc ff ff 90 0f 0b 90 e9 d6 fc ff ff 90 <0f> 0b 90 e9 92 fc ff ff 4c 8d 83 40 0b 00 00 48 b8 00 00 00 00 00
[   82.976724][ T5916] RSP: 0018:ffffc900043f7210 EFLAGS: 00010046
[   82.976746][ T5916] RAX: 0000000000000000 RBX: ffff8880b853b280 RCX: 0000000000000001
[   82.976764][ T5916] RDX: 0000000000000046 RSI: ffffffff8de4f364 RDI: ffffffff8c1adb20
[   82.976784][ T5916] RBP: ffffc900043f73b8 R08: 0000000000000001 R09: 0000000000000001
[   82.976802][ T5916] R10: ffffffff90d95417 R11: 0000000000000000 R12: ffffffff90d98714
[   82.976821][ T5916] R13: ffff8880b853c0c0 R14: ffff88801e6e1e40 R15: ffff8880b853b280
[   82.976868][ T5916]  __schedule+0x1b7d/0x60e0
[   82.976902][ T5916]  ? __pfx_page_mkclean_one+0x10/0x10
[   82.976951][ T5916]  ? __pfx___schedule+0x10/0x10
[   82.976988][ T5916]  ? mark_held_locks+0x40/0x70
[   82.977025][ T5916]  preempt_schedule_irq+0x50/0x90
[   82.977061][ T5916]  irqentry_exit+0x17b/0x670
[   82.977102][ T5916]  asm_sysvec_reschedule_ipi+0x1a/0x20
[   82.977132][ T5916] RIP: 0010:__sanitizer_cov_trace_pc+0x54/0x70
[   82.977180][ T5916] Code: e9 91 d3 86 09 8b 82 54 16 00 00 85 c0 74 f1 8b 82 30 16 00 00 83 f8 02 75 e6 48 8b 8a 38 16 00 00 8b 92 34 16 00 00 48 8b 01 <48> 83 c0 01 48 39 d0 73 cd 48 89 01 48 89 34 c1 e9 57 d3 86 09 0f
[   82.977207][ T5916] RSP: 0018:ffffc900043f74c8 EFLAGS: 00000246
[   82.977229][ T5916] RAX: 000000000007ffff RBX: 0000000000000001 RCX: ffffc9000f456000
[   82.977247][ T5916] RDX: 0000000000080000 RSI: ffffffff824445b8 RDI: ffff8880203adf44
[   82.977266][ T5916] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000
[   82.977284][ T5916] R10: 0000000000000001 R11: 0000000000000000 R12: ffffffffffffffff
[   82.977302][ T5916] R13: 0000000000000001 R14: 0000000000000000 R15: ffff8880796d0298
[   82.977332][ T5916]  ? folio_clear_dirty_for_io+0x178/0x820
[   82.977382][ T5916]  folio_clear_dirty_for_io+0x178/0x820
[   82.977431][ T5916]  mpage_submit_folio+0x84/0x330
[   82.977472][ T5916]  mpage_map_and_submit_buffers+0x5f2/0xb50
[   82.977528][ T5916]  ? __pfx_mpage_map_and_submit_buffers+0x10/0x10
[   82.977604][ T5916]  ? ext4_ext_index_trans_blocks+0x167/0x1a0
[   82.977638][ T5916]  ? __ext4_journal_ensure_credits+0x265/0x2f0
[   82.977688][ T5916]  ext4_do_writepages+0x23fa/0x3f50
[   82.977763][ T5916]  ? __pfx_ext4_do_writepages+0x10/0x10
[   82.977827][ T5916]  ? ext4_writepages+0x347/0x790
[   82.977852][ T5916]  ext4_writepages+0x347/0x790
[   82.977881][ T5916]  ? __pfx_ext4_writepages+0x10/0x10
[   82.977930][ T5916]  ? __pfx_ext4_writepages+0x10/0x10
[   82.977960][ T5916]  do_writepages+0x278/0x600
[   82.977992][ T5916]  ? __pfx_do_writepages+0x10/0x10
[   82.978018][ T5916]  ? do_raw_spin_unlock+0x145/0x1e0
[   82.978059][ T5916]  ? _raw_spin_unlock+0x28/0x50
[   82.978095][ T5916]  filemap_writeback+0x22d/0x2e0
[   82.978127][ T5916]  ? __pfx_filemap_writeback+0x10/0x10
[   82.978212][ T5916]  ? __pfx___might_resched+0x10/0x10
[   82.978256][ T5916]  file_write_and_wait_range+0xcd/0x140
[   82.978293][ T5916]  ext4_sync_file+0x306/0xf10
[   82.978340][ T5916]  ? __pfx_ext4_sync_file+0x10/0x10
[   82.978375][ T5916]  vfs_fsync_range+0x9b/0x190
[   82.978417][ T5916]  __do_sys_msync+0x3ca/0x590
[   82.978462][ T5916]  do_syscall_64+0x106/0xf80
[   82.978497][ T5916]  ? clear_bhb_loop+0x40/0x90
[   82.978532][ T5916]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   82.978562][ T5916] RIP: 0033:0x7fecaa19bf79
[   82.978584][ T5916] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   82.978611][ T5916] RSP: 002b:00007feca83f6028 EFLAGS: 00000246 ORIG_RAX: 000000000000001a
[   82.978638][ T5916] RAX: ffffffffffffffda RBX: 00007fecaa416180 RCX: 00007fecaa19bf79
[   82.978657][ T5916] RDX: 0000000400000004 RSI: 01800000000000fe RDI: 000000001ffff000
[   82.978677][ T5916] RBP: 00007fecaa2327e0 R08: 0000000000000000 R09: 0000000000000000
[   82.978695][ T5916] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   82.978712][ T5916] R13: 00007fecaa416218 R14: 00007fecaa416180 R15: 00007ffff789a988
[   82.978753][ T5916]  </TASK>
[   82.978836][ T5916] Kernel Offset: disabled