last executing test programs:

10m40.67130591s ago: executing program 32 (id=3897):
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x3, 0x20132, 0xffffffffffffffff, 0xb299b000)
mlock2(&(0x7f000000d000/0x4000)=nil, 0x4000, 0x1)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r0, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f0000000900)={0x3c, 0x0, 0x8, 0x101, 0x0, 0x0, {0x3, 0x0, 0x2}, [@CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x8809}, @CTA_TIMEOUT_DATA={0xc, 0x4, 0x0, 0x1, @fccp=[@CTA_TIMEOUT_DCCP_TIMEWAIT={0x8, 0x7, 0x1, 0x0, 0x6}]}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x6}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20024810}, 0x0)

10m36.856209703s ago: executing program 33 (id=3915):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240), 0x8041, 0x0)
write$dsp(r0, &(0x7f00000001c0)="5cba91a4", 0xffffffd9)
ioctl$SNDCTL_DSP_SYNC(r0, 0x5001, 0x0)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000440)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
ioctl$SNDCTL_DSP_SUBDIVIDE(r0, 0xc0045009, &(0x7f0000000040)=0x2fff)

10m32.424071855s ago: executing program 34 (id=3933):
unshare(0x200)
io_setup(0x222, &(0x7f0000000180))
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000001740)=ANY=[@ANYRES16=0x0, @ANYRES64=0x0, @ANYRES16, @ANYRES8], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0x3, &(0x7f0000000540)=ANY=[], 0x0, 0xc, 0xb9, &(0x7f0000000140)=""/185, 0x40f00, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
syz_emit_vhci(0x0, 0x0)
r0 = getpid()
waitid(0x300, 0x0, 0xffffffffffffffff, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r3, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r3, &(0x7f00000009c0)={0x2, 0x4e24, @loopback}, 0x10)
writev(r3, &(0x7f0000000200)=[{&(0x7f00000000c0)='X', 0x8030000}], 0x1)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYRESHEX=r4, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB, @ANYRESDEC=0x0])
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000040)=0x3, 0xac5)
io_setup(0x8, &(0x7f0000000600)=<r5=>0x0)
io_submit(r5, 0x1, &(0x7f0000001300)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x5, 0x6, 0xffffffffffffffff, 0x0}])
read$FUSE(r4, &(0x7f000000e280)={0x2020}, 0x2020)

10m27.505639234s ago: executing program 35 (id=3946):
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x80000, 0x0)

10m21.465814921s ago: executing program 36 (id=3960):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000003c0)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}, 0x1, 0x0, 0x0, 0x44081}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
r5 = socket$unix(0x1, 0x2, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000440)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2, 0x10}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x7, 0x6361, 0x5, 0xffffffff, 0x6}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x240080c1}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0x80000, {0x0, 0x0, 0x0, r7, {0x0, 0x6}, {0x2, 0xb}, {0xffe0, 0xb}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x0, '\x00', 0xb, 0x5, 0xcac, 0xc}}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x2404c0f1}, 0x4008000)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

9m57.972236521s ago: executing program 7 (id=4004):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = dup(r0)
write$UHID_INPUT(r1, &(0x7f0000001980)={0xb, {"a2e3ad214fc752f9192909094bf70e0dd038e7ff7fc6e5539b324c078b089b3b353b6d1a0890e0878f0e1ac6e7049b076d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31300d074c0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341adbe50861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357ca8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee532592897cd12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b4bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ffca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160eca6b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4cf8d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb17167fbeac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bc522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a935908001cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1f1d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd41d95af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f480f6f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d00000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000d71f00000000000000000000000000000000000600", 0x1000}}, 0x1006)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0)
timer_create(0x7, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, 0x0, 0x0)
r2 = syz_io_uring_setup(0x49a, &(0x7f0000000200)={0x0, 0x79af, 0x0, 0x7fff, 0x259}, &(0x7f0000000140)=<r3=>0x0, &(0x7f0000000040)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_TIMEOUT={0xb, 0x11, 0x0, 0x0, 0x0, &(0x7f0000000100), 0x1, 0x40, 0x1})
io_uring_enter(r2, 0x627, 0xc104effd, 0x43, 0x0, 0x0)
r5 = socket(0x1d, 0x2, 0x6)
r6 = openat$audio(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file1\x00', &(0x7f0000000140), 0x2, &(0x7f0000002400)=ANY=[@ANYBLOB='fd=', @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(0xffffffffffffffff, &(0x7f0000000200)={0x2020, 0x0, <r7=>0x0}, 0x2020)
open(&(0x7f00000000c0)='./file1\x00', 0x0, 0x50)
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000002300)={0x50, 0x0, r7, {0x7, 0x9, 0x0, 0x1030002}}, 0x50)
read$FUSE(0xffffffffffffffff, &(0x7f00000065c0)={0x2020}, 0x2020)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(0x3)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x103042, 0x0)
readv(r6, &(0x7f00000001c0)=[{&(0x7f0000000780)=""/4080, 0xff0}], 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f00000004c0)={'vcan0\x00', <r8=>0x0})
bind$can_j1939(r5, &(0x7f00000000c0)={0x1d, r8, 0x8000000000000003, {}, 0xfd}, 0x18)

9m56.248306734s ago: executing program 7 (id=4008):
r0 = socket$alg(0x26, 0x5, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r2 = openat$mixer(0xffffff9c, &(0x7f0000000040), 0x20800, 0x0)
ioctl$SNDCTL_DSP_STEREO(r2, 0xc0045003, &(0x7f0000000080)=0x1)
ioctl$PIO_UNIMAP(r1, 0x4b67, 0x0)
bind$alg(r0, &(0x7f0000000600)={0x26, 'hash\x00', 0x0, 0x0, 'cbcmac(camellia-generic)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef91", 0x12)
clock_adjtime(0x0, &(0x7f0000000680)={0x19b1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x10000, 0xe5, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf4b})
r3 = accept4(r0, 0x0, 0x0, 0x800)
sendmsg$NL80211_CMD_SET_WOWLAN(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x28, 0x0, 0x4, 0x70bd2c, 0x25dfdbfd, {{}, {@void, @val={0x8}, @val={0xc, 0x99, {0x4, 0x49}}}}}, 0x28}, 0x1, 0x0, 0x0, 0x4004080}, 0x4008800)
syz_emit_vhci(&(0x7f00000003c0)=ANY=[@ANYBLOB="040903"], 0x6)

9m55.484345356s ago: executing program 7 (id=4010):
r0 = add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)
keyctl$read(0xb, r0, &(0x7f0000000240)=""/112, 0x349b7f55)

9m55.233597278s ago: executing program 7 (id=4011):
r0 = syz_usb_connect(0x3, 0x3c, &(0x7f0000000380)=ANY=[@ANYBLOB="120101000814c910be0632a2f333010203010902120001000000000904"], 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
r1 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402)
ioctl$I2C_RDWR(r1, 0x707, &(0x7f00000002c0)={&(0x7f00000001c0)=[{0x2, 0x8411, 0x11, &(0x7f00000006c0)="0203204bdcc36cda8907f47563863d1428"}], 0x1})
syz_usb_control_io$lan78xx(r0, 0x0, 0x0)

9m52.242226991s ago: executing program 7 (id=4017):
socket$nl_audit(0x10, 0x3, 0x9)
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000300))
fcntl$lock(0xffffffffffffffff, 0x25, &(0x7f0000000040)={0x0, 0x0, 0xfd8b, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x77359400}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xb320a000)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b18, &(0x7f0000000000)={'veth1_to_batadv\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}})
r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
fcntl$lock(r0, 0x410, &(0x7f00000000c0)={0x1, 0x1, 0x1, 0xfffe})
fremovexattr(r0, &(0x7f0000000000)=@known='system.posix_acl_default\x00')
socket$inet6_tcp(0xa, 0x1, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000140)={0x3, &(0x7f0000000080)=[{0x81, 0x3, 0x2, 0x6}, {0xfff9, 0x3, 0x1, 0x6}, {0x8, 0x3, 0x7f, 0x3ff}]})
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_procs(r1, 0x0, 0x2, 0x0)
syz_clone(0x80100, 0x0, 0x62, 0x0, 0x0, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = openat$cgroup_ro(r2, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
write$cgroup_int(r3, &(0x7f0000000200)=0x1, 0x12)

9m48.407903251s ago: executing program 7 (id=4026):
r0 = io_uring_setup(0x42cb, 0x0)
r1 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000580), 0x20000, 0x0)
dup2(r1, r0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$inet(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f0000001580)=[{&(0x7f0000000280)="db", 0x1}], 0x1}, 0x41)
sendmsg$inet(r3, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f00000001c0)="04", 0x1}], 0x1}, 0x41)
recvmsg(r2, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x2)

9m40.19924247s ago: executing program 37 (id=4006):
connect$unix(0xffffffffffffffff, &(0x7f0000000300)=@file={0x1, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
socket$igmp(0x2, 0x3, 0x2)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x48, &(0x7f0000000140)=0x3, 0x4)
syz_usb_connect$hid(0x5, 0x0, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x100, 0x0, 0xfffffffffffffffb, 0x9, 0x6, 0x0, 0x7}, 0x0)
syz_mount_image$fuse(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x18006, 0x0, 0x0, 0x0, 0x0)
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000002200)={0x50, 0x0, 0x0, {0x7, 0x27, 0x2, 0x1dd880, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}}, 0x50)
fchmodat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
r1 = syz_open_dev$vim2m(&(0x7f0000000000), 0x3, 0x2)
lsm_set_self_attr(0x67, 0x0, 0x20, 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x4})
ioctl$vim2m_VIDIOC_STREAMOFF(r1, 0x40045612, &(0x7f0000000200)=0x2)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f0000009b80)="50b11747d6822c403d2e292ca265ae242f69d1baf07e8db9ad0716994717df62acbcd4ff57e3e37c7fa55330d96f3ae735f0b7879e13ac4a5b82a00649725fcdd8bc513e1c7dbb9ab9a66ea421ac231f677e50993bc669389d4c28140c0cb20fcdeb39fe8963f759220c33c901891e58ed9e9c97c473a5103ad07ebcc55d6a8a6b78f2db24fbbc39e86aa01fec234db80b009bba10bf5c95368489bac22d32fe73367dca9bf2e3dc398b18c63cb90d5d1a313cd25650ea28424882abd498005a60af451da873630495c2bd07f342d5f3de97c4ed62d454a0ca89d7c53792fb9266608d3525377e336e79cf54957c04e8abf1508e54e7b254cc730fdc8d010e5b1e4cb23464eeae445b6bf6fe6e87d5e45a06a97350386d766d695877fa1b0624de12c6c213908f2286a2363e02f4df497074a0bed6f7bc4c4cf5ba0a19c84f9021112a13daf592bec368e837d5c26870be4f1ab35f821f59bf46e3afeebcd4c1feacf28292e7069fa30dda3da246e3faaa3bb95719c69f02b76107ad47f1c526570ff628fcf705279c28b84a249ce36e927a784223d6bcdf4f9ddec51af87a6d308e6a0f4b9d01bf0c9eaba27f1a1c8637c1f42ebc2bb7dc93ba617788e140941b08935b6839b65c7486b4cd09f6a17ea526dd852c8b0242b6598dc3cc982f77c51db6e64df3335cccf419e38df41540067b106c699dfd1eb06c8debfc41d72346133d5e4cb50b5f2a19f154a8905b0c2b43bab0b11779b750362b991c88d34070286ff6ad42f30329a324877ecb1652564adda10a6064d5d5ce49f48409b2b568e059a77126c05072bdb5c38ef4791a985b24bf1d5fff34a45af5f6ee491eb922d696f0358cc35d87e97386149de0042ad067e3011fa0b4a6baa6215581a88fb67f3a113afd431ea70a92e11d81d8fb170f97953ca84260a93c2e01bc8369bc2ae4b995c0de707586bd4200723e17e1eb8128a6d5b4d59f0c34b2b7ae3229e97271c07e91b384d9e8c7846201a73a2e32b79f57cf0d4af12df342792b73810df698020280e9c5eaac577979e71a503b7860d7c6a6a98969e155aedc10c0f288778346ab5f4c7937a9c933caa4099ff25582e694af36de4da7acc4c5eda8ebbbbb70616224151c0f7a0e3d1fdcf27cb2d73416d2cb01e2be8d00685b1a7a5e7db3e48003d88993d34fa522de7089f25da6b86fad8e237a8dc3819942c59c5097664b8f88aecba45a9f9a59647dc32d78c0cc4ae728a30330c7df606ea11bc2bf16f0937a7491412656ddf8a91534cb1904573d1109f7498f146215aca96c11fa0c4122728bcf6705c8917403c425f4280b45981917e03830bc6a6d30bd46ff168ede03ba8ddb5478ace67254fe922cd4252cc8d94531b53b3bf074cb53c6ce923e29e09c4ed434e619e53d67150ee213876fda26d83cc814888b1d9471618781c9e2702363a86995088cf82ef72d47294a6cb102d617280df10a41bbace59dbafae9de4ecd669353d35c79cdbc8e2690e299f58dee2657d26907d10ab70c6941d08d1b63c6fe5eaeb2a7e4f64f2fba65f8c351e9a0d5a7443fdc901f1f48ac3871e417bc639983a5a6b4d541d321a97bda21fc41a02783f591ca3475ec51049da030c2f7291ca62cd3eb67de3ab86e180af3919edad86617f59fd17cb2c7ea33fa5dfeae37c947bb4cca26a3a02287aa5531013fd28a030c60be88624de3df16fea135cea6da3dc0192ff081ce9e4a29e7f6c204d92e90fa335308c8d6a722e253603e03d6884f5d45ced1924d2cc1e6a2d5bf1d459034de2248e7faeb7fca0cf841049a0449b24fd2ca8b8fd389437302f18946d7394775c9ba44a6602116ba9b0aea43b65af111d5766d4263e614d0719a40ad5c1757c14616d6a4413d9b1d29e49b7676b311042ae381b9240747e2a2a754c20d4f673f046083f5b742b732e83e6fb1361a0d510d72a63529be3a02bb5778c7f341e62a516a7ac3eabedc65eb3b842056bc37fe03cfe910676803dcd2b7038df80cda342d3c478158983621fc8af66a276dacb5bd187d4205a42591ec6a0b8cd2b2560b3de60cec3ff0baeef5e4baaf0b76e5a2a6b92205267a5c9fe248895e71a90b05a07a9d929d905d601a7a7036951b55e6d82bfd1dfca1c12639907147fb201864c05b7a7bfe5e26ce28c4484aecac96fd6f964cac20e0a7d552905b1c7a3c796eb93ffb49d6d29fd25206ab17222cb1f45c3c0f43398cf53ce663e42f756c962c014a42c108327852fa52378f8190fd71a7847eebb32351238d040b73b33fc899904777f31aac8911c412cab86a76e470ccfc8f7a22fe6c029e9a4145c85f28ff5c4e2e521ac77835eb99a6462d8795ba86cb383751114fbefee1c97246ae8fa005d5d9a11dd1aad36aee1ac98b57ba8cdb113297b113fd2ee54e749640cfb1eb914e379c8bb2dd967504266e265557fdc01327e00de86c950ff1255ad68f6b766dda2f0f572a18fdd0a53fb37b18d5dff10759d74b0ba96854ac184b0ffc334b85a9a8afe5e7d5bb84373fa91042dc652ee7fe1b9e86097c0029041ad4efb8f7bbf7f99990fff7a677885e01f6b8fd939daac1c9e721fc87c8140b8546b227e4476404e6ea5b6f499c2567bbb8c5cadcfbd3dc8feeca191a28b96f7c20b56f20b98e7e6a6b7d304965919e10bc658e9a641cd64a7c5e1f8b024e58a2f1b1ebae2a10a3ef9b38b9070c89def8a0b970fd75c99092382e97ead02c47025d8548dbd15c707974ed2e78a39958402558b3b983878efea864b34c7bbeb02718f396bfed5f06e9d96946e66d54ffaab14d20bf5e3783605bc6b599edeecb1ab00d7fa9673bd6129fea4d57d093117c170d8d6f4657eb96775b06ebb4d33238bf554c031b3889b270812da6f34a163fb9bbb1f16303ecae540a78c1258fc4115b674e194b3bd33d0c5874fe61bbd81091ba925fb1defd1f13ec9fdaee00e6d0ab02bd9d0d3b3c5e5a45811601384ba1a19b98ff1044810187ab82a9d90e6c62dbd0298b37754fdbee159941df70045c29b7b2deb6053b9e4a135282dac1ad194d36d347da5f65ac1d1c307292ae667bcea3a648ea3a53dc7c9175a06bf0b8536436e67147b88b99c5b181923d07bcc8935bf7ef5f4f48239cc511bb7cae0c0b7fedf14300fa7aa9ab3175785f46771a9efd6363bb7cda28e8456be480af9ac709d94c7c0d8d899e27d3fba1329334f9a145c70675a0722823eea84b399a06582aa6ae934420f80868212f71d9ce9cbd8f7ae228144dcf3bc56db013f467e1560f6aa7423f9b9f776132a0eec54cfeea66b3640e2d731be12678ed83f08615af9ffd31ff3ae0ee554a2ce96f7f2eb461e880e1aea46712876a03add6c219845a9dd4e71ea9b8f467e85d6706e019b77da5b73557723591ed61f7919a6ae48bd94ce2ae6ed6af9ecb9e41b9ca0a38c2a4d24ac971f19c294ccd19a4f8869d33ac2df588edacee203e38ecda11c5d2ac70182f12e14523487963decca94cad84dd7e027bb07edeb9b3a0cc0f774d1bbec9700e88555fd745f707cabd78c7b8e868cc89ab8e735f6c7561a14c776e5ea73b807ad6c2469e20c2cdbfbeccce7a96927ee9219962e519e61652674ce591da2bb0dd60311ad31ea16d1c6eab2f89f6b5b02639cf871b37a9a40c541e68f31293a32f2a057ac3fcfb3e16cb8edd9166aff7e65ccc490385bbcb74d0be1702032dbd2d6c7757267765b051179e43b16773b73583fce72e19830998aaa021d8593d154ec64a2295664971611f8d96a52a12e5f4d1809346729d46d5f6f25542f41c93de415f4dd4cfb2b83d1ba8cbf1086da690e7d7ac2efb84914f2fa530d13ed548c6f598322defa8eaba95b41f3135884141ba495794fe368ffd1fac1a5009ad9430e032b6ba7d04c7f34fe938fb350bff445563b5c5846214373c4f262d33b70c72d295c8c73ce907d741b86826b10c7267eb1d7ad137e5744e52fbd48a4229ee75d980e9ab08b5ac280ee4faf19d5a19a220602c957cc9d3e394cdf1a7a494b21489f54c62441fef0ff0d4cd03bb1b6cf0ac3793046224ce3ab8fe22128a07f5bfecd26cbb2ca8aa74c009591d5b2dd36bc0b1974f2fdf87e0c2f06de06ef6ed995d984ab76adff0b9ab9e08022f69a8bc9005e6c20dc77b124fe5da958f91c64a02fef3af2899153459e6796bf29419c4de7c403b2919dea2ad9ad77f53f1ee873e8c3ebfb665883f26f2bfb42cdcaa2fe59e502695d80552c176cdd6aedb3f76992d7fe881602e20978a90a5295590439fb7e255851b4580bd5a21fb9f0755c9b547ffdf12517cb82fc3ed5ad960ad94607e84e90674d5e1e8068b1597ca3b85483141c34b9bc441f89ea85867c02b6a26575fa35fa982bb9f5b00b9ba0d68a1f88038728d8494915b5c85da0f701e5da2fd54b9d8a6c13b875e33743e3c9543b3f2d5b3c62fe48d068678b8a409f116584fb786a242fb12c0a59b34490b0b339cdb84b6f19cfbf68bf27a63961f1c2769e5b481600eeb45d713921a96d398d2c20bc9e2bd4bde46a12d764045877723164c02796af30de5f371e87c98afc1863c35a2b7a1da6af640f14c3ef30a26728426ba5742bffd32e047cb19f2412a707a0734b76f063925df581bf7e994cf11f72c73f285c8352413edcd85c1bc34d1a3ec8bb2073e596129884b2a6846973da06276fa64a4a1ac5e60952c302227a22c92ac7391f02f6b950838c19dd80bf6ce9fc540f9da98e4ed12eeb205fcf10c9ddd11dca7269dd2a4d75635c5ba52be04ad46bcd5a2bbd1e08289b8921ce3f0f36bc491a2df7d03f4f085e481b0a381612ec40c983b7e3688da11bae1937ecb9741fbc03c4e6a09f6bb97388e63ae2c94c9700180c47f90c37d991ef84833a61db647f8a14f1ddc19a5164d3602c34509550f2b068b859645c33f00483a4664f583072e221468ceef4c8f44aa6b1a8137d385d19729ba2ce6add2bb34e0a4840bcedd25373379a9d0e84afa829afebb7560c9417eeb19890ab9edab88afded20febdc9b8b9bfc8f0b8c58bf19db81124ee327b4cbe6e007fc00089f1c57ced6c9df212c60ece3c79e1d15c208da510c407db8414b9742f1e163dfe79cdc4ea5234e8747a027fb306e7db71708954090c37f3297f7eda75a2cc6d2f63d1b830706048d580d515beb95cedd63193fb0436f7754ca0678c0660a7f051daebc35ebb3a2f110a75c7c76d43133787b0dfda522f6e45a6abe0a0a65f7755146f705a6adcc3bfe861555dbec4957a98f17a6d6a372701f9e638ba53b4c195589cc457637df08d65bea188c1dbd7be40a3a519fb3ac09aa711d2628738b80d94fb59fb75dbc8a766e931f461f611168da51080e69bf503e33227851bc6203e0cd1b6cc1c63f42868d5d32bab680fa323200d2f41e1264468f9980ef00f409f06edb61bd47f19bc98e36dd21f8483efba942c952fc843764ec5e1ec30f6a370703324acb147434284885bc2249fd5ac97b6cee45d297400d0fd64c0e1d3b0379d43c67e47d4e323ad6504ed0e377f13b3cd458236a7cfff1fcaffdb94b2afa0d8541e2ddd51bebe5bb35e3566e4240a2f5bab3048b78e2eaea40406989c2e338756d199a8234d28c810790afe1bb2d3a0c98b60a54f38810a041e6365d7601eac573089941680313ff1c667f95c0319a052c4ea6a4fceca111d920a1672e785d778805e9e0af6d46f8db261de30ac30f3cfee13380cebe0a3aed23e2c3b8800ab00ef825c4b1b7f28e51fe92f6d3b03ae291607616d56a491213f3777ef581436d7964c8782640865bf767703c9038b45c895c9991cdc232f24963c3cecb0373dc4ec6d421daa96e986507efac5964b9a102edc02bddb6b314610ec6dc36a8e379593efd31ae32cba80c65579b76fa1c54554eb6c7a503fd21b6584bd1eb160d920aab21038ca95fdee0779cd761ec02e7d64e225a8e5c377dfe27c4ba4e2adc7f4460d65213c08312e671afe740daebceb5fedd1ab4ccca792862bd76b4b26a568fa0bc0ee14b9661fb2d7b043bd91b2975b677119532098bbf8271fe9adee0573b170149950c93fe8e50f5d39aa7f36a742e28e0c509d70403e58b14585c0a0741a48effbccc441f90c9102c1b61102156e59b9734d1565519f63ade10283906280898551facc5332b9f1034fad98b7dbe18187482d0b2a48120dafbbd698869fb40ba561b4330c5118f8225e033dec5e45c30937219dc9110b7c452af3932d40ec3b4ff6d644410461cc547d669dbe44c4e5d1095f5c26429fc664ca56769f7b51396a7636e9234fed751940fe6c0505c5da8a63af095befca386060e68f03432a162978eb7a4bc392070c21517a5496d8a336d9220cf595ef58eeaeab9af28369a7b2c4ceea21bc8f9463467f0ee3faeb30b390dd348465fb578a6fe485e5d0b528c92fc7bee3f6e16f1b43f3cd39b0a40a37a2c80f7d43ff8d9b8b6d31c60840fb05cb3518bdf95b2c747419368a3bd4bf88288cc6d8606c626862e0526832af026039b47d072bc998bfa10aa2e6555cfac9441c0bd9f54cc063fac57501483a8f9c7e2c8c98ecb9f04e5bfcda5864b2fc18814267e1ee9f4523aa5eae3edbd0a21e14b64a72e8fa2ad9702ea1cc33584da8a69b6765704be9abac81ad6544814c683511c50b9cb9a38f78459c3f2544ea5646a9560db98c2a61c9883c20f16317f834fa989fbc5ec50e06bc80af322f2cd3f4d42cc05cbfffda76af890ff886bbbe1a05ec9dcbfb69005e5070d0577ed62212f4a10587313ca324b7583f9ead0b697e26db128bdfc8cd993003035ab2eac1aee33f8ec6633d03fde1cbb18fce193b63aaf92de45eedf1a93a2a1d25e612965297dcbb34252287cf9ace9f7447a59dacd1e2e69b382cb625f492f9c39a101bc36a4d390f42d9826d9f002697d561842a1d5be4cef4a9fa0e6a0c2c542ab88bfd1bacdcc7457b45d41cad4e72bda2f7d5459460ee7f9206d9cb50c3ad358a155b3a1b9c024c981bdbf3bf045cbcdd9f9362feaa1f715f294945497956c6189495303c0d2daa695f5600cc3bf330ea4c1a79b5b726a1ae7864f7748a76b47c5f19c2c3a99b2893eff199d9d18b7d7f23ba3925212219047d31145dcdc4de57b51d762c3f3d82602366c4fffc3180e94c58fc17e0e30c5a7da180cc5df579376f088782baecc44029b42843562d60dc53bd293f0320dd7f5e557846529a22f4e26d70a09f1d3d4d9cad342cbd86cda8d7554cb9993ad8887906de8eb98aa4fb367ad16648d1e2c29c9abbea63aeec634fd3825e442a7e5e1d762ac8b0daa20d045c298a9fe44c8025673030146d4f3083b115c99637e3b9ef6f0a96d9232235cb74ac1df4cd50e804e73c239372afa5c3d9d8314765ab0c49168eda1451478611bb9f4ce3f6efe549fece5691b3d66286b111c918b71de8b55c306930feef596b9e725b94467bd558d71336505b18d291055435ac93c5f2141e93661d29c91615bf21ae957d1bc4b10ede79a25f11469cc6d271c8f8d111e87902f425412be72ff5bf09d17d0d7e1405ddb1cdc10d616c6991173f09a1c246d644c785855a44d137d9e98bb320a7f60dee883ed945e11ee84a0e6c9a764d9bfd2e14742c6cefbbdc064240ca778bad305f0e2d66961e696d45f3f2289ab06bdcadbf352699be0233131114b767725c0f31ec588ee3dd60af55576efec24e295f915d560a7fe5832b9dc10dcb6a6b898a2daa1b20c8cfe2ad6782a93cea070e098a25f72d92cb793e1701308a3f2d69d826a571e9c2dba02f17840bd890e9f3b40aeabacc6c625fa25dfe805e3253bcc1f98eebee91e73eb132e33a13e882bf2427e6d385e53e2dcb20f037e93be1de07cda7b2d9f768a988bdcbbe16dc350e064857c06867a5ebccf2ef9f63522077f9353ef7562b77f199ab6630732b85e30b7a6838823d5c8b2f2d4aa257ad91c3d0b01652f2f47dff1a5d0b1ba4c79de90a6bbc4d1d30fafe8514793bff0aa9a450ed1a560505a948b7e3e7255d14f52d3e0cacf3a69e0526e0eff0d0b668c474841ff3eca5f2fd7b3b621631f236b5d7c44584868b73c64ae15ff464ac3c6eeb6d7c4ee423a3573acfd5270be643e3625818e734c01c0f4ac403b0649c0f8691b9e3fdd4d390d2aefb8c6b2bbee85c9394a0e78013f6d737d9b9a7784868b64133e41f47f9fcf013656bf426741811b2c768d2a21e246d6bdadf37a09b0bed69eb47bb69832bb908060c6855e2f584f85ce1d2090a60192448c5a1b2adfc2633cc6cea0ba6dafe570d961ba6bd5c178ca862762de6bf970673f54fbcac58745d0631cab35154ce61ef54c9de7859b1a06746dd402c090a3d10b8f2882769889cc7840e1b5e63cdc1d0f6dd720d00e312a755025b71ec25aef7c1c56432cb38fb0affca7e01080a6ec7f81f0a8278afaab95ba58936eac4255514fdd9529a2cc3c64c846dcc6c82be84efbc9eeae9d85c1981f06b41136f23411225f17361f123c156464dcade756c80b7f5d90f4c6b534f7929146e91a305b20ca1128321345bd580f96663f167868d2128a63a869215e2913a19c7ef801bb13679bf90efa1abd06183f37aee170ad36d88649a9219f6f4113ee8fc5e94e72f074ce295006f6d2f0253cbcbe610383bdcc17a4387ffda3ea717a678092a90b4fc2669d90108e976274e64cfcdee5839573f63952f079874ed1540a89f729982df9cb31a5a27c96e1f09b73794b282eadc7719546c778ee51f547682f44f9ac4b09640c43d78dc57e64c6886e9ddcf4a6df2388fb8ae346563284cab5d93298c02aa76b8144c806adfae987db4e9ee826030a2a0f083272f8299a1aec76b17d30e2bab99848e393933e7f570fa5c171728377316689f2f207e59ecebcff5665c8198bc41d3c0ff734365df176c1cde67d84e93494908f8a16a0784da3a3c48d67185c4e2a9720f8221856dcd2f2a4ff0d8325003745209c4c796440f8a28db1e83d214641123d3daf1e61279cefd90739a32fbdaf1a4041e068277b2a31de9f1e34519e309d923be5dff1193782c900cb9229a81fac3c05258d95c992d39c9277107ca6f8298e2e03046a87c51978895fb357fa8af5284ab4018141740b90b588c9f15057aa033ebcf2afb41715b4d30d057439cebba113ece1433182df041b48a1a9e90f405a4763026899179bf728e45e122c069b4a3c7381fcaa187e1fa9784e8581c298d4aab3d9df8057c893c0ea07028bc8c97359e4b8f59d1969953d8dc9c7a3e4f63aa2efaec5af4e62ecd6e6b8c1b34e17e7a4b18ccacb9eb9171f365b1a13d761cdf3525c7d3e16ce8c128931060aebaf59b81828cd6813c426b5216d9a5b1f49813500b05512284f6a993146ce160df74634d041654b41cd4bfad14acc62d0f4d7995176ce6791a29ab1b2a898fa0751fbbc4f877c6f11383edc67678b37a23a6a431d64c443aa0380d36afd5925c79799d042f2932f70148c69fd2ddda80180c71870f1be3fa2788f4d82a06e29d0544deeb0365a3047c121049574a3054a5c530488d22d3f106763998e3edbfcd989c8a919b70df19141342522af8fb8cf83322c2d0ef575f640adcd70e9e4cc483b8726a0fa420ec55075dfca4f144662558ef1bdaa41643af55e3b1db151c22ec83c90d574797a8881faac018e2342f7161d959f9b13a5193ca13d224085291b0ad4c51cec776ab5c74bbdf544ea9f53cf43ecf69780dc0dd5369939989e01e5113c881b9f7f12117fb433b2bc0aeb521cee7a6a2d32db0d0fb4c87eba7f61f35f7eed39c9c3720a562f02ca0ef7c292274a1dd4a5644e61b6374c5f8d67c27cc2d6b6bc81a5bce637b569118c449b3805d548eea41a301e491bc50c2deb8cc241c2a781976ce8708118ad82d33f9fc6639033cea15091b311c2ec96be1cc2b1866179911d9cc012adfadaaa0ae5d42568b8ccae833ed30b0aca93d87aaa1aadf7cde62dae506a8186f63696623a3c764c7a43184faf5a24792382e53f89e30204697bd201dcc4443f11a6ddc79a610389109f933d0e911680a9df0a14ba2add425391169c452b2439e51a8ca7c147c2efb5879ffb6dce33498836c5f8cfb268c62827a4ec349946a313c362003c82f71fb42b37e04ecd74fe559aeb737059033ac19f0735f9d094242eea2399cd57c2c053d14ab708d9419769b833d119e271ebe06246a10e7713876c59b9fae9860cfef8d7671293ce0c50d1e6afdfa351927e3aa68a54f05cfd6943ec10d98fbb8199da131e50fefe8b0b32ca561ace46f0c21fdfba4b1162caf1ed2a5322f6bffc1bc97fdd556146c4938165d8032fad6bbf38fbbe42b2afe79873c8c1b622ab9a750f3dd7ecedf3e310d478d7058c0a90c33a2a7a7380f61b457db9f68844d3405608f14e0040ed2ba8d99fe5b8c373ebcc322957a02e9fd24ba5cc8e9acc8aad0f6e80a00b113c6cd20656037074098249155581e10a321fa8285286da3e3108f7b8e6d2e6506f8fa4df3075b3c36b4a33b0899fb05bd74f6faa57280fb6686f20cf613a1ada130d3661502aa9c2e861968670bec121bda18d555efc1d706cb2b5d7d6fac67e1c4c4920a5f257fbce9848861377e624a54dc08383a3bacaf66e81f9a5d3bd30fd6bb132c2a7903a821b008714dce1c20954ba0dfcd94ddd606e3bdff3851e9a7219023d4db7bbe57382d3d286008312477e79fc92f21c9f67b24108279fd972d1f9035d80f6ac42e4ed5d1d91d544d55e74fbbd564b16a4536d20f609cbcb043307de321478134bf65aa1cf990feac1539b268283aaca8ce9dca398e0ad96733aaa9cdf7e4639b47a817bf69c2ff07692c262099db93dacea55fc8c2ea5313b2fac432a0e9110bd413672738be7afaa95afa04bbcf70f14c7f45ad344c6ad417257f94eb56be33a93aac3b2e6fd8046ff4cf250eef8ecf084d8161e266b2c90540729c41a56ccd0d933dadd7cc32e60c4bf600d82a62fd9f2ee4c74bef4c6b499a3a35b6ff71413cd30302001dacd8dc4219a9c565b75e7fd436ed1d1cbe5bb03a1bd7340cdf2304f4c4e9e25949396adfa855bf647a142f1717bab399993511e984f60ac71956e32e6ece7927b8f35703b3df06e598568c37ec7703be1d4436069a7c614711a5d95158c00b154dc2dcf24f50886366ed347112420adef713185e71c8b5b87d978f8a8149e572260465bd21d65a03468e44fef91b9ce891ce359a396dae0a345483dad902707a1252757752afc2197d6e3fd973e63c18c289cd63d88403175bb83ff9327842be4f54d14bdfcc5dd4f376de8a3194452f20ebcb3d15349545e6cf573ceed6b9f08765eaffc2f7b4af494fed9d0ecc0af63149eef699e9082356a9a24269fd6136f4f9d03094efb847fad7c83ee00915b1bb4e09bfb83ebc6ff1e5d4894c9de9092eda25c90f61c705e3e5fe204242598ec13afe2f71a2b4d4e426fdb3af88f221fbe399fdf1cd304663c8bdcb3e091bb4fab8da1226dff97ff940883c405db4d1da3dd981b77a39f614e7bccd1f48085cfef4f46d16243c0411be1551be3ab213002b9afffe3ae7d7727412a39b03b3e30", 0x2000, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000}, 0x40010)
close_range(r0, 0xffffffffffffffff, 0x0)

9m33.284871063s ago: executing program 38 (id=4026):
r0 = io_uring_setup(0x42cb, 0x0)
r1 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000580), 0x20000, 0x0)
dup2(r1, r0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$inet(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f0000001580)=[{&(0x7f0000000280)="db", 0x1}], 0x1}, 0x41)
sendmsg$inet(r3, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f00000001c0)="04", 0x1}], 0x1}, 0x41)
recvmsg(r2, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x2)

5m14.289380951s ago: executing program 5 (id=4701):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="180000002500010324bd5502ffdbdf250100"], 0x18}, 0x1, 0x0, 0x0, 0x20004888}, 0x0)
recvmsg(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000003c0)=""/63, 0x3f}, {&(0x7f0000000500)=""/268, 0x10c}, {&(0x7f0000000700)=""/207, 0xcf}, {&(0x7f0000000800)=""/222, 0xde}, {&(0x7f0000000400)=""/148, 0x94}, {&(0x7f0000000c40)=""/4093, 0xffd}, {&(0x7f0000000240)=""/171, 0xab}], 0x7}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r0)

5m13.61126065s ago: executing program 5 (id=4704):
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="120100008e88052086800095d89301020301090212000100000000090401"], 0x0)
r0 = syz_open_dev$I2C(0x0, 0x1, 0x2003)
ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000400)={&(0x7f00000003c0)=[{0x9, 0x10, 0x20, 0x0}], 0x1})

5m9.14038091s ago: executing program 5 (id=4711):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr', 0x3)
sendmmsg$inet(r0, &(0x7f0000001740)=[{{0x0, 0x0, &(0x7f0000000340)}}], 0x1, 0x2090)
sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0)

5m8.819625009s ago: executing program 5 (id=4713):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'pim6reg1\x00', 0x2})
poll(&(0x7f0000000140)=[{r0, 0x1021}], 0x1, 0x2)
ioctl$TUNSETSNDBUF(r0, 0x400454d4, &(0x7f0000000380)=0x2)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @broadcast})
pselect6(0x40, &(0x7f0000000800)={0x2, 0x9, 0xa, 0x7fff, 0x0, 0xbea, 0x1, 0x8000000000000000}, &(0x7f0000000840)={0x9, 0xec15, 0x0, 0x4, 0xe, 0x200, 0x9, 0xffc7}, 0x0, 0x0, 0x0)

5m7.516829983s ago: executing program 5 (id=4720):
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="050000000a0000004200000040"], 0x50)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0)
r2 = syz_io_uring_setup(0x497, &(0x7f00000000c0)={0x0, 0x79af, 0x3180, 0x8000, 0x40024e}, &(0x7f0000000340)=<r3=>0x0, &(0x7f0000000040)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x40, 0x4007, @fd_index=0x3, 0xffffffffffffffff, &(0x7f0000000580)=""/207, 0xcf, 0x2, 0x1})
io_uring_enter(r2, 0x627, 0x4c1, 0x43, 0x0, 0x30)
socket(0xa, 0x3, 0x3a)

5m4.677368556s ago: executing program 5 (id=4728):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000240)={0x38, 0x0, 0x8, 0x8001, 0x0, 0xaf, 0x0, 0xfffffe0000000001, 0x7, 0xffffffff}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, 0x0, 0xc020)
add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000300), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r3, &(0x7f0000000d00)={0x0, 0x0, &(0x7f0000000cc0)={&(0x7f0000000100)={0xc8, r4, 0x1, 0x70bd2d, 0x25dfdbfc, {}, [@WGDEVICE_A_FWMARK={0x8, 0x7, 0x9}, @WGDEVICE_A_PEERS={0x98, 0x8, 0x0, 0x1, [{0x4c, 0x0, 0x0, 0x1, [@WGPEER_A_PRESHARED_KEY={0x24, 0x2, "9959076f17a3df260c32673333152e018f4fbe8eca2b76a7ccc30541f025a77c"}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @c_g}]}, {0x48, 0x0, 0x0, 0x1, [@WGPEER_A_ALLOWEDIPS={0x4}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @a_g}, @WGPEER_A_FLAGS={0x8, 0x3, 0x2}, @WGPEER_A_ENDPOINT4={0x14, 0x4, {0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0xe}}}]}]}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg1\x00'}]}, 0xc8}, 0x1, 0x0, 0x0, 0x4010}, 0x4008020)
r5 = socket$pptp(0x18, 0x1, 0x2)
connect$pptp(r5, &(0x7f0000000200)={0x18, 0x2, {0x0, @multicast1}}, 0x1e)
socket$kcm(0x29, 0x2, 0x0)
bind$can_j1939(0xffffffffffffffff, &(0x7f0000000080), 0x18)
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
sendmmsg$inet(r0, &(0x7f0000000280), 0x0, 0x20000000)
socket$pptp(0x18, 0x1, 0x2)
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
r6 = syz_open_procfs(0x0, &(0x7f0000000000)='timers\x00')
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
preadv(r6, &(0x7f0000002380)=[{&(0x7f0000000200)=""/122, 0x7a}], 0x1, 0x0, 0x0)
r7 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=@newqdisc={0x3c, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {0x0, 0x3}, {0xffff, 0xffff}, {0x6, 0x6}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0xc, 0x8002, [@TCA_FQ_PIE_FLOWS={0x8, 0x2, 0xe681}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x17}, 0x2000400c)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r7, 0x84, 0x64, &(0x7f0000000040)=[@in={0x2, 0x4e24, @rand_addr=0x64010102}], 0x10)

4m49.262447697s ago: executing program 39 (id=4728):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000240)={0x38, 0x0, 0x8, 0x8001, 0x0, 0xaf, 0x0, 0xfffffe0000000001, 0x7, 0xffffffff}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, 0x0, 0xc020)
add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000300), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r3, &(0x7f0000000d00)={0x0, 0x0, &(0x7f0000000cc0)={&(0x7f0000000100)={0xc8, r4, 0x1, 0x70bd2d, 0x25dfdbfc, {}, [@WGDEVICE_A_FWMARK={0x8, 0x7, 0x9}, @WGDEVICE_A_PEERS={0x98, 0x8, 0x0, 0x1, [{0x4c, 0x0, 0x0, 0x1, [@WGPEER_A_PRESHARED_KEY={0x24, 0x2, "9959076f17a3df260c32673333152e018f4fbe8eca2b76a7ccc30541f025a77c"}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @c_g}]}, {0x48, 0x0, 0x0, 0x1, [@WGPEER_A_ALLOWEDIPS={0x4}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @a_g}, @WGPEER_A_FLAGS={0x8, 0x3, 0x2}, @WGPEER_A_ENDPOINT4={0x14, 0x4, {0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0xe}}}]}]}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg1\x00'}]}, 0xc8}, 0x1, 0x0, 0x0, 0x4010}, 0x4008020)
r5 = socket$pptp(0x18, 0x1, 0x2)
connect$pptp(r5, &(0x7f0000000200)={0x18, 0x2, {0x0, @multicast1}}, 0x1e)
socket$kcm(0x29, 0x2, 0x0)
bind$can_j1939(0xffffffffffffffff, &(0x7f0000000080), 0x18)
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
sendmmsg$inet(r0, &(0x7f0000000280), 0x0, 0x20000000)
socket$pptp(0x18, 0x1, 0x2)
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
r6 = syz_open_procfs(0x0, &(0x7f0000000000)='timers\x00')
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
preadv(r6, &(0x7f0000002380)=[{&(0x7f0000000200)=""/122, 0x7a}], 0x1, 0x0, 0x0)
r7 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=@newqdisc={0x3c, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {0x0, 0x3}, {0xffff, 0xffff}, {0x6, 0x6}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0xc, 0x8002, [@TCA_FQ_PIE_FLOWS={0x8, 0x2, 0xe681}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x17}, 0x2000400c)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r7, 0x84, 0x64, &(0x7f0000000040)=[@in={0x2, 0x4e24, @rand_addr=0x64010102}], 0x10)

4m32.005413355s ago: executing program 6 (id=4793):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, 0x0, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x68, &(0x7f0000000080)=0xa40, 0x4)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
sendmsg$GTP_CMD_GETPDP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)={0x14, 0x0, 0x200, 0x70bd26, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x24040811}, 0x40)
write$tun(r1, &(0x7f0000000340)=ANY=[@ANYBLOB="0a000000bbbbbbbbbbbbaaaaaaaaaabb86dd6d002000001311ff00000000000000000000000000000000ff0200000003000000000000e9ffff004f194e20"], 0x4b)

4m26.580212551s ago: executing program 6 (id=4797):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
setsockopt$SO_J1939_PROMISC(r1, 0x6b, 0x2, &(0x7f0000000200)=0x1, 0x4)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r2=>0x0})
setsockopt$SO_J1939_FILTER(r1, 0x6b, 0x1, &(0x7f0000000240)=[{0x1, 0x3, {0x0, 0x0, 0x4}, {0x1, 0xf0, 0x3}, 0xfd, 0xfe}, {0x0, 0x1, {0x0, 0xf0, 0x3}, {0x2, 0xf0, 0x2}, 0xff, 0x1}], 0x40)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=@newtfilter={0x24, 0x11, 0x1, 0x70bd2c, 0x25dfdbfc, {0x0, 0x0, 0x74, r2, {0xffff, 0x8}, {0xfff1, 0xa}, {0x1, 0x8}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x2400c840}, 0x4000850)

4m25.548886398s ago: executing program 6 (id=4800):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xb4e02000)
r0 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x0, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x20000010, 0x0, 0x0)
keyctl$instantiate(0xc, 0x0, 0x0, 0x2a, 0x0)
r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/sys/net/ipv4/vs/drop_packet\x00', 0x2, 0x0)
write$cgroup_int(r1, &(0x7f0000000080)=0x3, 0x12)

4m23.447610114s ago: executing program 6 (id=4802):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0301, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000001340))
ioctl$SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f0000000180)=0x6f)
write$dsp(r0, 0x0, 0x0)

4m22.91767976s ago: executing program 6 (id=4805):
socketpair$unix(0x1, 0x1, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0xc800)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(r0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008a}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = dup(0xffffffffffffffff)
ioctl$TIOCL_SETVESABLANK(r4, 0x560e, &(0x7f0000000140))
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)={0x5c, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @rand_addr=0x64010101}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x42}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x4}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x18, 0x6, 0x0, 0x1, [@CTA_NAT_V4_MINIP={0x8, 0x1, @initdev={0xac, 0x1e, 0x1, 0x0}}, @CTA_NAT_PROTO={0xc, 0x3, 0x0, 0x1, [@CTA_PROTONAT_PORT_MIN={0x6, 0x1, 0x4e20}]}]}]}, 0x5c}}, 0x0)
bind$inet(r5, &(0x7f0000000080)={0x2, 0x4e20, @broadcast}, 0x10)
r6 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x1)
write$sndseq(r6, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r6, 0x4040534e, 0x0)
sendto$inet(r5, &(0x7f0000000140), 0xffffffffffffff58, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
shutdown(r5, 0x0)
recvfrom(r5, &(0x7f0000000480)=""/110, 0x168f6f3d, 0x734, 0x0, 0xfffffffffffffecb)
ioctl$TIOCL_BLANKSCREEN(r4, 0x541c, 0x0)

4m20.351743563s ago: executing program 6 (id=4808):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_udp_int(r0, 0x11, 0x68, 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
sendmsg$GTP_CMD_GETPDP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)={0x14, 0x0, 0x200, 0x70bd26, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x24040811}, 0x40)
write$tun(r1, &(0x7f0000000340)=ANY=[@ANYBLOB="0a000000bbbbbbbbbbbbaaaaaaaaaabb86dd6d002000001311ff00000000000000000000000000000000ff0200000003000000000000e9ffff004f194e20"], 0x4b)

4m4.49105803s ago: executing program 40 (id=4808):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_udp_int(r0, 0x11, 0x68, 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
sendmsg$GTP_CMD_GETPDP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)={0x14, 0x0, 0x200, 0x70bd26, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x24040811}, 0x40)
write$tun(r1, &(0x7f0000000340)=ANY=[@ANYBLOB="0a000000bbbbbbbbbbbbaaaaaaaaaabb86dd6d002000001311ff00000000000000000000000000000000ff0200000003000000000000e9ffff004f194e20"], 0x4b)

1m48.896109904s ago: executing program 2 (id=5118):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
setsockopt$SO_J1939_PROMISC(r1, 0x6b, 0x2, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r2=>0x0})
bind$can_j1939(r1, &(0x7f0000000340)={0x1d, r2, 0x0, {0x0, 0x0, 0x4}, 0xfe}, 0x18)
setsockopt$SO_J1939_FILTER(r1, 0x6b, 0x1, 0x0, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=@newtfilter={0x24, 0x11, 0x1, 0x70bd2c, 0x25dfdbfc, {0x0, 0x0, 0x74, r2, {0xffff, 0x8}, {0xfff1, 0xa}, {0x1, 0x8}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x2400c840}, 0x4000850)

1m47.455295285s ago: executing program 2 (id=5120):
r0 = socket$kcm(0xa, 0x2, 0x73)
sendmsg$inet(r0, &(0x7f0000001180)={&(0x7f0000000000)={0xa, 0xc9, @multicast2}, 0x10, 0x0, 0x0, &(0x7f00000010c0)=[@ip_tos_int={{0x14, 0x29, 0xb, 0x2900}}, @ip_tos_u8={{0x11, 0x29, 0x4}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @broadcast, @remote}}}], 0x50}, 0x0)

1m45.421446712s ago: executing program 2 (id=5124):
socket$nl_audit(0x10, 0x3, 0x9)
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000300))
fcntl$lock(0xffffffffffffffff, 0x25, &(0x7f0000000040)={0x0, 0x0, 0xfd8b, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x77359400}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xb320a000)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b18, &(0x7f0000000000)={'veth1_to_batadv\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}})
r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
fcntl$lock(r0, 0x410, &(0x7f00000000c0)={0x1, 0x1, 0x1, 0xfffe})
fremovexattr(r0, &(0x7f0000000000)=@known='system.posix_acl_default\x00')
socket$inet6_tcp(0xa, 0x1, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)

1m43.726529267s ago: executing program 2 (id=5127):
syz_mount_image$udf(&(0x7f0000000100), &(0x7f0000000f00)='./file0\x00', 0x810000, &(0x7f0000000140)=ANY=[], 0xfe, 0xc32, &(0x7f0000000fc0)="$eJzs3UFsHNd9B+D/Gy3Fld1UTJyodhu3m7ZIZcVyZUkxFatwVzXNNoAsE6GYWwCuyJW6MEUSJNXIRtowvfTQQ4Ci6CEnAq1RIEUDoymCHtnWBZKLD0VOPREtbARFD2wRIKeAxcy+FZeUZNGmSFHW99nUb3f2vZn33tAztMA3LwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAiN975cKp59ODbgUAsJ8ujX/l1Gn3fwB4pFyu/v/fDwAAAAAAAAAAAAAAAHCApSjiiUgxf2k9TVbvu+oXO7M3bk6MjN652pFU1TxUlS+/6s+fPnP2iy8Mn+vlB9e/356K18YvX2i8PHd9fqG9uNiebkzMdqbmpts73sNu6293ohqAxvXXb0xfvbrYOP3cmS0f3xx6f/DxY0Pnh585+XSv7MTI6Oh4X5nawEc++m3uNsHjcBRxMlI8+72fpFZEFLH7sbjH985eO1J14kTViYmR0aojM53W7FL54VhvIIqIRl+lZm+M9uFc7EozYrlsftngE2X3xudbC60rM+3GWGthqbPUmZsdS93Wlv1pRBHnUsRKRKwN3r67gSiiFim+c3Q9XYmIQ71x+EI1Mfju7Sj2sI87ULazMRCxUjwE5+wAG4wiXo0UP32niKlyzPJXfD7i1TJ/EPFWmS9FVLPEzka8d4fvIx5OtSjiz8vzf349TUfExtHu9tHGxa82vjx7da6vbO+68tDfH/bTAb821aOIVnXFX08f/YcdAAAAAAAAAAAAAAAAAO63I1HEU5HilX//o2pecVTz0o+eH/79oU/0zxl/8h77Kcs+FxHLxc7m5B7OU4jH0lhKD3gu8aOsHkX8cZ7/960H3RgAAAAAAAAAAAAAAAAAAIBHWhE/jhQvvns8rUT/muKd2WuNy60rM91VYXtr//bWTN/Y2NhopG42c07mXM65knM151rOKHL9nM2ckzmXc67kXM25ljMO5fo5mzkncy7nXMm5mnMtZ9Ry/ZzNnJM5l3Ou5FzNuZYzDsjavQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHydFFPHzSPHtr6+nSBHRjJiMbq4O9soAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/SYCri+5Gi8QfNW9tqEZGqf7uOl3+cjebhMj8VzeEyX4rmhZytKmvNb93zaGlP+sBHN5CK+FGkGKy/fevs5PM/0H23ec7e+sbmu1+udfNQ78Oh9wcfP3b0/PDorz55t9dV3YFtDThxsTN742ZjYmR0dLxvcy2X+1TftqF83CK//8T9GYJH2uIbb77emplpL3jxaLyodV/U4oC0Z79e5OtVHJT2bH/RPBjN2HzxgC9M7Ivy/v9epPjtd//j1q053/9/ofvu1h0+fvYnm/f/F7fvaKf3/+3ucf9/om/bi/mnkYFaRH3p+vzAsYj64htvnuxcb11rX2vPnj116kvDw186c2rgcET9amem3fdq10MFAAAAAAAAAAAAAAAAsL9SEb8bKVo/Wk+NiLhZzdcaOj/8zMmnD8Whar7Vlnlbr41fvtB4ee76/EJ7cbE93ZiY7UzNTbd3erh6Nd1rYmR0TzpzT0f2uP1H6i/Pzb+x0Ln2h0t3/Pyx+oUri0sLrak7fxxHooho9m85UTV4YmS0avRMpzVbVR27T49SGEhF/GekmDrbSJ/L2/L8v+0z/LfM/1/evqM9mv/3yb5t5TFTKuJnkeK3/uLJ+FzVzsfitjHL5f4mUpw499lcLg6X5Xpt6D5XoDszsCz7v5HiH36+tWxvPuQTm2Wf3/HAPiTK8380Unz/z74bv563bX3+w53P/2Pbd7RH5//Tfdse2/K8gl13nXz+T0aKl554O34jb/ug538UsbGx8c2I47nwredz7NH5/0zftqHoHvc371/3AQAAAAAAAAAAHloDqYi/jRRPj9bSC3nbTn7/b3r7jvbo979+qW/b9D6tV7TrQQUAAACAA2IgFfHjSHFt6e1bc6i3zv/um//5O5trr4+kbZ9Wf8/3i9VzA+7n3//1G8rHndx9twEAAAAAAAAAAAAAAAAAAOBASamIF/J66pP3WE99NVK88t/P5nLpWFmutw78UPVn/dLc7MkLMzNzU62l1pWZdmN8vjXVLut+OlKs//Vnc92iWl+9t958d433+kZvLfaFSDH6d72y3bXYe2uTd9cD767FXpb9ZKT4r7/fWra3jvVnNsueLsv+VaT42j/dueyxzbJnyrLfjRQ//FqjV/axsmzv+ajdZ5LWazHTfm5qbua2R6ECAAAAAAAAAAAAAAAAAADAhzWQivjTSPE/11diOU/7z+v/91bgr/XKvvWNvvX+t7lZrfM/VK3/f7fXH2X9/6H71lMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHh4pCjizUgxf2k9rQ6W77vqFzuzN25OjIzeudqRVNU8VJUvv+rPnz5z9osvDJ/r5QfXv9+eitfGL19ovDx3fX6hvbjYnm5MzHam5qbbO97DbutvDl3XiWoAGtdfvzF99epi4/RzZ7Z8fHPo/cHHjw2dH37m5NO9shMjo6PjfWVqAx/i6B+qcZsORxF/GSme/d5P0j8PRhSx+7G4x/fOXjtSdeJE1YmJkdGqIzOd1uxS+eFYbyCKiEZfpWZvjPbhXOxKM2K5bH7Z4BNl98bnWwutKzPtxlhrYamz1JmbHUvd1pb9aUQR51LESkSsDd6+u4Eo4vVI8Z2j6+lfBiMO9cbhC5fGv3Lq9N3bUexhH3egbGdjIGKl2Dxn9YN6zg6wwSjiHyPFT985Hv86GFGL7ld8PuLVMn8Q8VaZL0WkFLHxzYj37vB9xMOpFkX8X3n+z6+ndwbL60HvunLxq40vz16d6yvbu67s6P7wa3c/5gO/P+ynA34/qUcRP6yu+Ovp3/x3DQAAAAAAAAAAAAAAAHCAFPErkeLFd4+nan7wrTnFndlrjcutKzPdaX29uX+9OdMbGxsbjdTNZs7JnMs5V3Ku5lzLGUWun7OZczLncs6VnKs513LGoVw/ZzPnZM7lnCs5V3Ou5Yxarp+zmXMy53LOlZyrOddyxgGZuwcAAAAAAAAAAAAAAAAAAHy8FNU/Kb799fW0MdhdX3oyurlqPdCPvf8PAAD//+3T/oE=")
renameat2(0xffffffffffffff9c, &(0x7f0000000580)='./file1\x00', 0xffffffffffffff9c, &(0x7f00000005c0)='./file5\x00', 0x0)
mkdir(&(0x7f00000003c0)='./file0\x00', 0x21)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x114)
mkdir(&(0x7f0000000200)='./bus\x00', 0x10)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f00000021c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})

1m38.427890299s ago: executing program 2 (id=5139):
socket$nl_audit(0x10, 0x3, 0x9)
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000300))
fcntl$lock(0xffffffffffffffff, 0x25, &(0x7f0000000040)={0x0, 0x0, 0xfd8b, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x77359400}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xb320a000)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b18, &(0x7f0000000000)={'veth1_to_batadv\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}})
r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
fcntl$lock(r0, 0x410, &(0x7f00000000c0)={0x1, 0x1, 0x1, 0xfffe})
fremovexattr(r0, &(0x7f0000000000)=@known='system.posix_acl_default\x00')
socket$inet6_tcp(0xa, 0x1, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)

1m35.070517082s ago: executing program 2 (id=5146):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x181041, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_IOAS_MAP(r0, 0x3b85, &(0x7f0000000200)={0x28, 0x5, r1, 0x0, &(0x7f0000000a40)="7f", 0x1, 0x4})
ioctl$IOMMU_IOAS_MAP(r0, 0x3b85, &(0x7f0000000100)={0x28, 0x6, r1, 0x0, 0x0, 0x0, 0xe})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f00000001c0)={0x28, 0x2, r1, 0x0, &(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x70e})
ioctl$IOMMU_IOAS_MAP(r0, 0x3b85, &(0x7f0000000040)={0x28, 0x2, r1, 0x0, &(0x7f0000000140)="e6", 0x1, 0x4a})
ioctl$IOMMU_IOAS_UNMAP(r0, 0x3b86, &(0x7f0000000240)={0x18, r1, 0xd, 0x280000000})

1m33.556324023s ago: executing program 41 (id=5146):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x181041, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_IOAS_MAP(r0, 0x3b85, &(0x7f0000000200)={0x28, 0x5, r1, 0x0, &(0x7f0000000a40)="7f", 0x1, 0x4})
ioctl$IOMMU_IOAS_MAP(r0, 0x3b85, &(0x7f0000000100)={0x28, 0x6, r1, 0x0, 0x0, 0x0, 0xe})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f00000001c0)={0x28, 0x2, r1, 0x0, &(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x70e})
ioctl$IOMMU_IOAS_MAP(r0, 0x3b85, &(0x7f0000000040)={0x28, 0x2, r1, 0x0, &(0x7f0000000140)="e6", 0x1, 0x4a})
ioctl$IOMMU_IOAS_UNMAP(r0, 0x3b86, &(0x7f0000000240)={0x18, r1, 0xd, 0x280000000})

53.4783975s ago: executing program 4 (id=5247):
syz_open_dev$sg(&(0x7f0000001bc0), 0x208, 0x2c41)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setaffinity(r0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKSTATE_GET(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010b00000000000000000600000020000180140002007665746831000000ab5f000000000000080003"], 0x34}, 0x1, 0x0, 0x0, 0x8000}, 0x0)

51.969024907s ago: executing program 9 (id=5253):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="180000002500010324bd5502ffdbdf25010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x20004888}, 0x0)
recvmsg(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000003c0)=""/63, 0x3f}, {&(0x7f0000000500)=""/268, 0x10c}, {&(0x7f0000000800)=""/222, 0xde}, {&(0x7f0000000400)=""/148, 0x94}, {&(0x7f0000000c40)=""/4093, 0xffd}, {&(0x7f0000000240)=""/171, 0xab}], 0x6}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r0)

51.094089292s ago: executing program 9 (id=5255):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000280)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, 0x0, 0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f00006d3000/0x4000)=nil, 0x4000, 0x66)
r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240), 0x8041, 0x0)
ioctl$SNDCTL_DSP_SYNC(r2, 0x5001, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000440)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
ioctl$SNDCTL_DSP_SUBDIVIDE(r2, 0xc0045009, &(0x7f0000000040)=0x2fff)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)

49.270522946s ago: executing program 4 (id=5259):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000a40)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0x25dfdbfc, {0x0, 0x0, 0x0, r2, {0x0, 0x6}, {0xffff, 0xffff}, {0x6}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}}, 0x0)
r3 = socket$kcm(0x11, 0x3, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
r5 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000380)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000640)=@newtfilter={0x44, 0x2c, 0xd27, 0x170bd2b, 0x2, {0x0, 0x0, 0x0, r6, {0x0, 0x10}, {}, {0x8, 0x4}}, [@filter_kind_options=@f_flow={{0x9}, {0x14, 0x2, [@TCA_FLOW_MODE={0x8, 0x2, 0x1}, @TCA_FLOW_KEYS={0x8, 0x1, 0x1e3a9}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0xc804}, 0x2)
close(r4)
socket$unix(0x1, 0x2, 0x0)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
setsockopt$sock_attach_bpf(r3, 0x107, 0xf, &(0x7f0000000600), 0x56)
r7 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$kcm(r3, &(0x7f0000000280)={&(0x7f0000000380)=@xdp={0x2c, 0x0, r8, 0x42}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000200)="27030200000314000e00003c000300000000ff8400000000000000000000000000060000000085dc9d9839dc1336", 0x2e}], 0x1}, 0x4005)

48.172185493s ago: executing program 0 (id=5263):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)={0xb8, 0x43, 0x107, 0xfffffffd, 0x25dfdbfc, {0x3, 0x7c}, [@nested={0x4, 0x147}, @nested={0xa0, 0x1, 0x0, 0x1, [@nested={0x9c, 0x129, 0x0, 0x1, [@generic="5a5d82cf", @nested={0x89, 0xa8, 0x0, 0x1, [@generic="61fef901a3223f8425eabb0fb47319b3a099cabd5b5bd36ca78d9715f905fe129e76517489717c4f7ded3ce5e8ddac662f6e4b0e9646050611e128daca7052bfcc7aa9b2eec25a6ac6dafe", @nested={0x4, 0x2e}, @generic="156be09d72c63c3fbf6146fd7d6ee7", @generic="bc080db12eb141ed8d6af59e15c733e5ae5fcebde94a75e5f78b94916a6e77", @typed={0x8, 0x63, 0x0, 0x0, @fd=r0}]}, @nested={0x8, 0x4f, 0x0, 0x1, [@typed={0x4, 0x116}]}]}]}]}, 0xb8}, 0x1, 0x0, 0x0, 0x800}, 0xc000)

47.540837973s ago: executing program 3 (id=5264):
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nfc(&(0x7f0000000440), r1)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0))
unshare(0x2c020400)
write$nci(r0, &(0x7f0000000a40)=@NCI_OP_RF_INTF_ACTIVATED_NTF={0x1, 0x0, 0x3, 0x5, 0xf8, @f={0x8, 0x1, 0x0, 0x2, 0x0, 0x48, 0x1, {0x2, 0x9a, "d36c38591c22d1a74214cf6a4b00217668f73e90af7019d88d7f2477a92d418538225366efd39cfb0f746997dc98c3a1d29362ce06aecadd252e4120604ed83d898abb6d4e9bcf9df9a10c433787f50eaf1ebd3d6fad84e6d35f5b262d8b5171efec8924cb05ea60fc7ba557663d50e0b229861f823a43430a2d98bdd6ab4e76863e428dc972ac8285adcb793ac40b99f3a579e33f90236e0bcd"}, 0x3f, 0xe, 0x0, 0x4, 0x50, "db2147121c4ab12f912a6dda8924ac4b047efdad8de0f46ccb0b82ab4c6605e9f3abba4967ceb82bb354068b456574266381be92f28b7977349be0893001d9477f4eeacf04c420d30efa36fab3ad8cd7"}}, 0xfb)

47.421126571s ago: executing program 0 (id=5265):
socket$packet(0x11, 0x3, 0x300)
fsopen(&(0x7f0000000180)='hfsplus\x00', 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
syz_open_dev$vim2m(&(0x7f0000000100), 0x2, 0x2)
syz_open_dev$usbfs(0x0, 0x77, 0x101301)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r0, &(0x7f0000000040)={0x28, 0x0, 0x2710, @local}, 0x10)
listen(r0, 0x0)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000640)={0x28, 0x0, 0x2710}, 0x10)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
pselect6(0x0, 0x0, 0x0, &(0x7f0000000140)={0x1ff, 0x0, 0x0, 0x4, 0x0, 0x1136f858, 0x0, 0xffffffffffffffff}, 0x0, 0x0)
unshare(0x22020600)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

46.966731216s ago: executing program 9 (id=5267):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x7101})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r2)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180))
ioctl$SIOCSIFHWADDR(r2, 0x8943, &(0x7f0000002280)={'syzkaller0\x00'})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000500), 0x40, 0x0)
close(r3)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xe}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0x5, 0x7, 0xb3}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x20000884)
sendmsg$nl_route_sched(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=@newqdisc={0x58, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xffffbddc, {0x0, 0x0, 0x0, r6, {0x10}, {}, {0x0, 0x1}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0x200000, 0xe, 0x7, 0x7, 0x9, 0x40, 0xffffffff, 0x2}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x4040098}, 0x0)
r7 = socket$packet(0x11, 0x3, 0x300)
sendto$packet(r7, &(0x7f0000000480)="bad330fbc9b5544972e7a5ea", 0xc, 0x40, &(0x7f00000001c0)={0x11, 0x1a, r6, 0x1, 0xd6, 0x6, @random="98c8ca7122df"}, 0x14)

46.860351825s ago: executing program 3 (id=5268):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0x0, 0x1}, 0x6)
r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
write$rfkill(r1, &(0x7f0000000140)={0x2, 0x0, 0x3}, 0x8)

46.296708404s ago: executing program 0 (id=5269):
syz_init_net_socket$nfc_raw(0x27, 0x3, 0x0)
syz_init_net_socket$nfc_raw(0x27, 0x3, 0x0)
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000240), r1)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r3=>0x0)
sendmsg$NFC_CMD_DEV_UP(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000d80)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="010426bd7000f8dbdf250200000008000100", @ANYRES32=r3], 0x1c}}, 0x4008054)
openat$nci(0xffffffffffffff9c, 0x0, 0x2, 0x0)

46.196588782s ago: executing program 3 (id=5270):
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x20, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IE={0x4}]}, 0x20}}, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x24, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0)

44.436219517s ago: executing program 1 (id=5271):
syz_open_dev$sg(&(0x7f0000001bc0), 0x208, 0x2c41)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setaffinity(r0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKSTATE_GET(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010b00000000000000000600000020000180140002007665746831000000ab5f000000000000080003"], 0x34}, 0x1, 0x0, 0x0, 0x8000}, 0x0)

43.275073725s ago: executing program 4 (id=5272):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f0000000040)={0x5, 0x5, {0xffffffffffffffff}, {}, 0x183639ee, 0x10001})
r2 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000000040)=0x80000004, 0x4)
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x33, &(0x7f0000000640)={0x1, &(0x7f0000000680)=[{0x6, 0x0, 0x0, 0x2}]}, 0x10)
bind$inet6(r2, &(0x7f0000000000)={0xa, 0x4e22, 0x1, @empty, 0xfffffffc}, 0x1c)
listen(r2, 0x8)
syz_emit_ethernet(0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r3, 0x1, 0x0)
fchdir(r4)
r5 = open(&(0x7f0000000000)='./file1\x00', 0x80242, 0x8)
write$FUSE_CREATE_OPEN(r5, &(0x7f0000000180)={0xa0, 0xfffffffffffffff5, 0x0, {{0x4, 0x1, 0x5, 0x6, 0x3, 0x1, {0x1, 0x180, 0xff, 0x5, 0x100, 0x7cf4, 0x9, 0x7ffffffd, 0xfffffffe, 0x8000, 0x0, 0xee00, 0x0, 0x3ff, 0x1}}, {0x0, 0x11}}}, 0xa0)
sendfile(r5, r5, &(0x7f0000000080), 0x4d9b6eaf)
r6 = syz_open_dev$vbi(0x0, 0x3, 0x2)
ioctl$VIDIOC_S_OUTPUT(r6, 0xc004562f, 0x0)
ioctl$VIDIOC_S_DV_TIMINGS(r6, 0xc0845657, 0x0)

43.039048193s ago: executing program 3 (id=5273):
r0 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c0000005e00679a3601ffc4910710007e570966f4366ec9d4"], 0x1c}, 0x1, 0x0, 0x0, 0x4004}, 0x0)
recvmmsg$unix(r0, 0x0, 0x0, 0x0, 0x0)

43.026057424s ago: executing program 1 (id=5274):
r0 = socket$inet6(0xa, 0x3, 0x5)
setsockopt$inet6_int(r0, 0x29, 0x10, &(0x7f00000000c0)=0x1, 0x4)
sendmmsg(r0, &(0x7f0000000200)=[{{&(0x7f0000000180)=@l2tp6={0xa, 0x500, 0x80000, @remote}, 0x80, 0x0}, 0x5b4}], 0x43, 0x0)

42.938654022s ago: executing program 8 (id=5275):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x2e, &(0x7f0000000080)=0x8, 0x4)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x7, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000400)=0x1, 0x4)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000200), r0)

42.90645341s ago: executing program 0 (id=5276):
socket$nl_audit(0x10, 0x3, 0x9)
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000300))
fcntl$lock(0xffffffffffffffff, 0x25, &(0x7f0000000040)={0x0, 0x0, 0xfd8b, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x77359400}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xb320a000)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b18, &(0x7f0000000000)={'veth1_to_batadv\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}})
r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$lock(r0, 0x410, &(0x7f00000000c0)={0x1, 0x1, 0x1, 0xfffe})
fremovexattr(r0, &(0x7f0000000000)=@known='system.posix_acl_default\x00')
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)

42.831494689s ago: executing program 9 (id=5277):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e21, @broadcast}, 0x10)
ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0x6)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x4241, 0x0, 0x0)

42.678882378s ago: executing program 3 (id=5278):
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa8442, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000100)=0xe, 0x12)
munmap(&(0x7f0000002000/0x2000)=nil, 0x2000)
ioctl$PAGEMAP_SCAN(0xffffffffffffffff, 0xc0606610, 0x0)
fsopen(&(0x7f0000000000)='virtiofs\x00', 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='net/ip6_mr_vif\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r2 = openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='fd=', @ANYRESOCT=r2, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
rmdir(&(0x7f0000000040)='./file0/../file0/file0\x00')
read$FUSE(r2, &(0x7f0000006140)={0x2020, 0x0, <r3=>0x0}, 0x2020)
write$FUSE_INIT(r2, &(0x7f0000000100)={0x50, 0x0, r3}, 0x50)
syz_fuse_handle_req(r2, &(0x7f000000c280)="897c6500ff3035465c7acb4e06980b05687c1480c7aafe631c0543db2bf0d6f539506e8782da06c1ca018774d72e9e5a3418ab66ee78dad68457b17ec9d47bf7d8272d607c1c0a4bd906f0cee7f8451828d2458596bdd6a459ba18ebaf61b38f5d66c27fa8a024ad7832a85e58689a4c254c94cbcf7208fce6e61d9566459789d15a6f91dd7db7c54cc3a94da956fb290a8a15f849270bc459d9d9f47801be86dd5c9d18382081a993b7bfde5c28adca4c7132fd6be743b076033b5859891703eb65fa256d6f47450b6edacbd05a9bd8b372e90cfc30f32826566dac6c48e6ef001881cbc30482f9ec469e476a101da496b8c0785eaf875d3608b0c49e9d39baaa1041f903a805f0f24aa63722fa2d87b98595fa5cfaf8b79c458de43ee39904e7cac7540a934b4108957785d58807abff186949f1b94cd21b724aff34ac45c7066dcdbd68ea7b766af9d045cd7fafeafc5c5a0c3400ef4e0c71a6fdd5b8d68a6f317644cda9d2fd2c839a82b97b3d909b54c672227bef573c9de1991d65a63017f724d1f7f1575e69db53318a7fd7065b303e751518c8eef04f642dbd4dfa349040a7b5401050ffc2b4ef62803a7c8eaba99e011dfac24d81b2b61e0b0581e53bf520f623eca17f0545c5e59ff15b527475f970f589894ae589145fa4283f7225088ccfeba1d72e9128f8c223ae1840f2edae3dbcdf7e560d5cdf4f71c9ada1931c0f8312c000101b264aaddb9fab166ba8d8903d6098eca20935ca607ea79e936798b3dfb22a7e159abb234cf21f3733dbf263a8ff116092f251659108892b2e21e1b428fd225096a5040270b2d70347013eaa1fd8e452942200283aab092c4ffc5b8b427b5d691a5a773e09da20539ff0f8214331c5d84107ae8a59aeb58efe22d7a079e446f1dfb07510377799bfdc7ee59cabcd76af0fe8a427ac8258ff33bbad5a8061f1cfdfbf375d73d676cc7916d6658ce46a0b17ad6350150f98e3512b513e25ca73f5f5df0a1fb9582ace7906c493fe1fd2889d9aac0b7c29c2b6c205537627bad64df433336a5ace32ca871e51b4dab0fbb00886a1fa81a98b74de0a26cebf65723515ebb807fc3c161ed42d1a7b6b55717613577ea437f3a2967c66ce45ff85a6a35b7cd40625fc575b107d7394e3d2db51d58347276c33e21f50b5a6b5672bf9fda63139bb75aead1fe4ee9a4064af5a5958466aa39faa6d821489fa415224c8d69d3b5922236832c2b1e4f6b8863b32f9aea83fb522a2de081d674502b48f73ce6db98d84136059b4a6676bc85ac6b7626329afa9bc7d3f9f2caa3c4d872744e0a8e02d72a75c6c545b8ec8e15b6fb0fe4185bd0d154960e6fef05ba40e5fe2968eb1301dcc52a03337179e74ba1522af93d77827845f8941c69ed8bb84567e3c63f1cc378a542f1de7007b688ff0a9c69d5861f0b85402c30a2fd391c52bafbe65f8e82135fd38361d7c0b43c982b2f3e7cb09c40c7e215114f4243d670cd576bcd93c1e959345170c75d6c3cf89cf8c2c70dc792e646e7c649d4c5f36bb016c7acd466ad58473d40dfef36394e581065a8581ab852250403cf372ac0065bf757fa3f445424ac0d82aec1938a2ea116bdfd306baa1cb06c62a4a97d66ab1b9489469cb8ba842da12e310caed02c5ef05c0be1e1e8c9c8b87d6871c94c57d164d08672b205c948086a06a545b266b7ad902a908681eb188bc51b6190b5cb9d8ca59b8c4c6e7369c00d6f6119fd5d437239e3d3c89cb81e09e560fb817590106015f08e7b09f1e1e65bfab3b8489fa058e24081978b9e25463d9945bfbca81c08885d4b6d4c62e217bd9e19460762f36c66bc948fe31cde089626fbb310e3c78a8d3f2eac21d374d9b58d887235d3a95721168e4b9475849071d60ecfe7ea5d6c4bf60da3747612ef59bb651270f326c0af31bc8c71361f851de34ccb3c8071b96f1128d7ee79b41246e566edd0272dbd3ccfe472b38e5e03d3ef83218bd498e6de8b4d92cb6f82716449ede7ba845028eccdb9137be8a622ac88ac53118fbc39637fa7a93cd3abc6f7671c7804420d66e94720acbcac916950f9baca77fef4217155ccc2cd0507339a0486f9f468eb28772986ee768c63eba671bf8c52e48a2a5dc2cc24fe925368706c2d712dd1064692b0fb2a32ddfbd4a0ffcf9c2abcedaae6e527bc1d42637aff2a275b76a7a7f010e42e1cc1d27141f6c3585a2bf58c6c5789ce61551d10118a000e3764631ec0b7f4b1a6f22a678133a30940b79dc76f863dd9f6e0d7776300898c97cef286c731c2050928c492439256e481652bff0d202db3cfdc54c9816ceea7895357bfa0362fad79afd09ed55189294d6ead7e898ac091cddbe7efcedb314bc02a18dd5bbddc42e089124758bb491fd1536aab27c5c124567bc325e7028bced5a179a011d1cb9a5ffb61d7af863e91ec8e60495561188b74d158ba1418228d44e92915a22eb1c166ef7d6179e84381ed950ffd747f13e24172942d922ca3109fb8b1e4e6264fa4a4eec75ad0d0e22579d90f45d6cd157300e38ae665eb56457202e25a8dd5877ba99725de288660badd2704345d9bad208c903ba27ea167dd45a77f77b6502b525b2973270582858183c784c324c1366fbba8d410c38bf75b41e067f6a9a017c56595161db4fc5639393fdafb1f148d3f416c1adc5fe1ab9cebe4689855c9b4bda6dcba5d5fa858a1b87d2ad23cdf54dbdf4d14aa4462da0b6f1107f4afa0091c2643508861a4d9f133ba77751941bb8fb756abf1a104205b80d47a3b4a59724d959c8b5833da4f56fb6613231f230a9378c9af741e94fd2c7213ac1d7625559b3f032f6c8df3ab441929720fe43d7c548cc661eed5b3c62b3c61f538ea3228376e2a18c6da2ad906322f64fb4865cde8e1889a8e5237fd6a39bbd6662f1dedc22fbd74e4376fa610cd710703dbd3924a38beae69783d1d5abf36122cbb87129ba719042748f060f4303a3199c5891c5040fd8cdb9761b006bf64cdcb65e5cc50a29994b8c1c34b83760ece12ed9ed7c3d2a7f8911cdf23a1afe0d7db1bf342aa0123dd5cd31339f5c8e160c4efef882602b3eccbe76fb690162b8bfb8a31910bcdf9a4a5dde76c2ac2fcd8678add7a000cfdcab398eb2171c026313eb6eb56b4b87bf8ef93f7f8a1c0bcc3775b681d4229ea561cb52281d8ba4315c3694ed08433596884d5a7ce3a8b1f82359846b7136726e2fe37bf4f7b7e2206cdcdb0705ced9f0dcaaa2ed3a78ea70d2cfeab668eb321400fc955e9aeb7bbcf86cd03f02dd443503a1480d9d9f899f53bd747a95293786798fc59fceb09e686a9328da4f929b6201841bbbefaffcf3386abdf69540e3b46a643ec10f0acf21f27c0053dc13f18485dbc898729dfbeaaa4887b58cd442d7ffa941808cd9658595be8650a815b088621278d89f0d8a4252566b923df3a3cd65c0e4af08fad385927251b31d35f75eaf25e6cf13a579aeeb0bcc0a14ca4a20a6831d532be0b2af3821792a2df95131b7fafef245aa19b214053342aa820c35858d13f84e496294529411015c41ed447b5b51dc44a45d52552a2be1abfc157f3ace7bfa32d5b931421d5a152dd66b7bf549311b08325e5a7201f793037b38990bedeca8a647c08d2478670f8fc2b4e8983ea18bcd514daeeeeb9d7a778f783c76edf01bd4beda4b77b612cd2e865c2e4f58ca7ae06147bf66ae6aee221cf9b9505dc07e6fb6cf4f82dc8c406c78e270210c11cf2531011ed678d9dfe1f49c9a69a95a9f3b0e5b624d9c2664d787ab911b75a4a38d63e9d6c353f8aaf433ff961fe5e34d84936ead0d0bc7954caf84e541f5c6f3f20c9eed21eb0316b82c0dc5182540e63a0af25565496792153d6395adc2b8d68b8bcd93dd110ff5685879db4384ec390d44b89663d43a5de3bdc0e103b7c1b355dc5f6fe3518c93628780ba03f156badea65d1d0af8433c9e8a975fdd19453da662a33fa9f0f5fa15fdb216b483fb48370a967246e0b763df8b3bc7924a6c76c4b114f803dbfa3b312e6815b4eb67be167283a9e482d9a5beac250089d069d4c386b7fda5fc228404a0f58b12ca4dc131c381b49b42b570bcfc0dd663f24afaf65a26a21f6d92f52c9f8de36cb76bacbaa0eef98ba6b7dbbc2629a03bb2b6f83fc5adaf20c217bc8d0f0d2421e01472532bcb546aeb2d483c8f95011a3ba1d2fd8086a717cb015dd53064ef4a80b6d6fdc12d9069223fdf2aa9b192a0e0bdb38436f49d9eedfef3665815633fee4344aff11162526362b70b18e1dbedbb5d8c4698860beccf667851878a25a1e766caae2861f2e23404aac859e62fdfeac06a6057554828d7035806e8ab3ee2fa6d711e5811db61231a22f4672f6a11b27641f350bcab78792362e6ebc1c054a643bbbf2746678c14dc567d1f73e37005c8ab6374c4d8d3106384a2d32c5fcf05cb9ba97cb7fa1aff11505a701bead543e555f3901ef3b693d5b9ebf49518c3509af042b7e84b1b867c22b7e08725220e4338fd074edce428212e6a3563a08e2ccd8ab71910256532904542e93d5c7deb5bf5d49beb3202d4da4f643649e55edbb91188cdcf0883a40c6ed6b8a086fb5c50dc08fee00308420121d4c7431b3cfb80f9c1e099423ac451d67b12e930d9e391d0a799c7d4b54a0d56ea0aae00c1d009e21fb5459416b464b227d66ccc1a68da59d64c1583dee54bbcd7d61ffe541fd0fb7452adba91906918966a7d58019ad1f8fdebeceeed7018837b6e4272eefeec8385abe7207fb2d7061fa6cdc478165a98971f9729b818a73edefed976d5c7c0a651c091cfd1174c020e39330a79144271fe4cbc61ea0ffa274d0d87d06dd08c1d5f8a0364d46ef7b54426bc286330c75fa257afeb2715c2ae511ff53b1189cc59ab80b1325fbdcedfdb8f36ed71f70091116e16b52188b794e637755027caac8db8554f8674b844964c710cacd7a9d6b06baf6fef76159a380e639b0d3e66080a7cf7f86baac01dbe47fe687fcef2f3bfbf6f8fba045181dee688360a11ee56e5fc73ed31c0e2924ae57f0cc93c63a30662a65c5d5f17123ae28cc5b74dd13ed81b03dc7fa61dc575668868c0df12d3553269f04ba79084d070abcdbd4745de80e90e4e3e524f27249b5c4a2f2d4c8b331b0cb6d4efe62a298daacc6eacdfe008c1f912795dbdc37098c42db860953120fda709baa6d46f52eaba781505e68561ca0f281e850532ef8e7c779883e312806e1c357bdef8d0dda005e710cfa6eb8686e8bf3bff036b3fcdc4036541d93530ce6f598442c24170b307ef05f23c93aa0ec96831b532d8120402214a940d1fa01ed649061a4a71308be189cffd729a196754fb8a75f23851189589be1b819f0612cad3dc94ccee88f4ab9ef6ac9c7daad8cf94f5ed9496c4c824e5b4f66ce32a80e7a6ef069a32f6812e656aa5f5742bd432afdf026c86e8f28212c1139dad47d7fc07e5c1a83e993daaa4a4bb5f0c9435ccab2a10f867ffe259dba7a1d9168619b1e3048860a5122e4a5d0b00372eaae861a0cc88549852fffa76e6d78739b654d67df15ea97a9a46b7c382d83191a673aa619b4a10ec05bc681379b0d6df824cb6fe158e9d89ae5dd1ef66976f67972b553db52eb6feef836dca6026293f83a61e117754a7424a3da63bd82d017f87f0603e2a9b8fc550aae611681935ae91f7ca2b5341b05a25208bd28f1a202a7f2a213b1d7411ffb557470aec00c4d13c70163f22a038a189710dd19a47e8db4a87c3fd329a63abca172a9810edad2d8e19ef85b57ea4287cfb3d740d7ea3fa9c80d06e1aa84b317f678ddb3c147ba5e0db432125f59ca4944c8e9050281ca82a3ecf67b2a5df678697a52a7297af1ecb03c586af7b91d74e881964ed95f7be12fa07e2a4e71aab8b913a13996fa33e915144bf00e49b8e7adec5b2c4b8165f54ba3155230e241ee023af77a295ab87c40f63f6092ccee05cb08a265abe8f57c9919bf45064b6c2240ba8011db223a283a4e2292d9b59df8c9a4fdc763f0631007db9976f351717db0e6b5f9c6e5f227c2efa1ae5fe0be1af0b22fc164f9f9678a01fe8b059749fe8a2972455732da1989c609d191544ef9fbb3e58da93ec4a582430523f260b776e4d747312747d18a9bae14740f5dcd35fd1072f8a4d81573b5882203be856b62d7e1d87081a9e431872c9d68864197bbc61f15dd8aeae950d34d6ce97182deebd2ad64cabd1c723baf512acfc7e94675b31369bd60e155af79b97bb734312569f736dcd5b5a78223ffaa0f7e93e1a112cb9f6a5b88fe3cf12c30024c16c6b8380fdf086c662665d3751c11617cc4dbd5b8bc7543301a23fbc90ba8d060193cdc2b68c31c734d516707b759f7db009c8f06e69b40154e1cd8ae444afb28134acdf871136b4fd78bd86d7faaaf618afb25e92d1ee37cdff0595278f9565f5eb109e181e9cacec2f22e32e9f34774ee223fdb992febcc5dbc5cceeda16cbcf1434730d859e7e03d36ff17636a7a7e66956b515894da114f3040909f90ce3cfbb2d7d46e37049c0fb124e0683d662eb427cd7b851ada229451e6e3aaee64b9964ced3036bde5d9d80eb062474f96ecfb9b65fcafc719494ac12ab7df245475f2a5e7f85ca4789833ca373e6214d39176c8f51dde87a4cfe5414a20f68bb9f34709979b99533ba3435c4aa56e525195e10ffd00f8e41aee30a909c07b973bbf733d45500b539ebe2206d438216690998d9e256db1b7ac6bef3e810785e1986985c945a2b820323a592721fcfa444934d0faf8aa439d5efca5dcd77b72d1eb91b3790d50d0a7483e354c415f81d99c133d648c1293e795b3c43f9b47e23ef982e10072ea5baafb0df675e69af1807b225afa0cec3eafbde8535d3ecaa0ea6ddbffe4465207425bb003670320324df0aeeb16b38a043f9c0e85673b36def332fd68b2b1e6edda621d0cadebbced8c7fc8f890489115b457249e8d8103676b3207a472804d33e0fe511ac56cd8dc5333b2333892f87b455940ada78fcf5075c358fce990e6f65f095eb416d876ce6f120b8b02cfa6b176ee269c942f881247c3e464cce2aa65c39137607c585aeb4b5f24f5f8e058c9c8b48003c1809da3e8aad1bee7955c3a976d43fe132e2b16f4758a0a9884e51d13b930675a4361ff366b0fed190ad7b2a00385528951e39cd44ea06d8921b9d613d7626221154cf86249a550198fe4e5b05ad3052b474291da0a0a2f701759859bc0392adf243ad5eca89e6d18e28dff99ef95743bcabe75504be8c715cd6360facf3bb06cb97c29989d4f6ff5083573cefe6ef0b39a252a2678112fa88e5b06c9a6bfc9597cc96e5a49710c4fc120fb0da4945b9d94e46de1e9989d0fc3d8d20df23d815b660c799a903f651b0d013f7fe158f1d297f7fcb6a48780ca5525f1d081ada0aafa83552318b848783306549750b6254cf676c7b934cf7fdab992717f0cdc089b34278f3fb151cadde14d0d3250e85a4b0ff2a2778a219aa40563d3ef575285484424b6d0e7cc8392342e4848c6fc8cb20fa1b450cc4c1fea19f3bbdd9e342e6c49cd7ac893b1eda2e93d1d74d20969465946b398fbc733757741ac822c4a118632cd242a439fc37512cf79b7c629504ccc1e7f2f11798955c3262b5e9695625ba74d8050e20f51d4769e1ab938f487f1bc4b55b5abcaa3ec079c2d0972b2ae9bfb7c5423b959119292ea05f1d79d35afe47e49d97c946b193bffc0a8f607f18a6845cecbbdd98cd351db2b2dce05a4848ba84a6a497b4618950130cb7e76c03d0976eb2fb41d3a42a1430063ed8e5b8c67e80fd4fc1148911958babbcbff33a6505de209b0d9320017fd736fd027a16564008ab2e1f48a6dd66c9256730e9fda0a606875d0871b2b9b0bc2ed4e1b696dbf0283c8dc72cf4338e595266f5390bc3a21f988353118f2948fc75d050ea076b73508d9ed89bade0ba305c1f4e5daf9d40d2f5e7ababed8d1b1d919c61a6d3fb149c1a9b44e38585a2fe322f83d73a3aecb44da3f0e82942d75d62ed3f91eb44f3411df014f88839e4cb1e21b9b259d4eb4adaf6b0be433d0ed4c87ec77dde5ee9d566e3dd8d928fc1875c63af26c59daba5ae267d9bd5da72b99a03e6a33cc48ed961ab484ff4a46c2d5fa597e626e00b530d7b9a9705e4e08d03f3a7f2a5a5233ad6340e3b5c89db81ca713b6d7d855c6324955f85109b204566f50178cd88abe3fcba25de905e8ea0b75ad51831761ed9b1af2470f976f05ec73bf74d137c207270cfd614170518cdc449aeeb663e114359c8124eaf2499d8cf5dc84a0872301db2e57b50bd285060ec4390d99d4ae3674ca3bb8679c1b08e566ba4f30daec8684a980055eb43cb5a1306c4b52a154682aa96637e06c869278aa2f74ef7345632c11265ef8ac97e953745302556881ba0cb590fef271c0abb193fb84d18ee3f24d9976ae816b857d6f68d1fdfe10b312c799fe014debf875d04bff8b4f387859e97c6bf13f7083c28a2045a0b5eb09c94e781a165965e8617c0efed1701ea9667aeca26d9577ea7b1242e1d91b25d6a66756cc627648a293b9f4345966bc469fafaeddc1118d0972bd5c7751a1f51e5989fd952f314ae10417c97b41e60ebfbc47e496486fa4a89fd16aea7fa1eabebd26eb2a37a3e2b351e0c9d2f67b2e5be0f921adc9b6045b045948e5103af0e5050b9c0799b513c00865deebda730de538f956ceb6164e08bd6f58655a294b4b44fc65309b30f9c00f92ef5bd5b911a3d830f72c258b19521bb8e80db02129954efb61423f518d2c5f36587303890cad9a93fa4f4bcd0e24c67db679c67ea59c1350b8442577632d5e8735833f3daf5a74bc7bd82659a81beba8c889632efe03cd24187aee856cf659e16e195464f52f2b984fc7a299e7b2aa53979a147ebed35705d5e89691666536f2febacfcef9b32d14952f958b72512869e4f6a0a34176918217888b1eb8b89322ebb6bb1dead2b4744e728479880db70e6147edaff6c3f083f18e0696bdbd78cf0bda14d9f42e5c1077ced00041aadff90470aacec0e48e2a5f2a0ed37818a173b96061e8c5bf24c0bde9e09f9e0ddb8e13306ef1d4eb8043ebadde5d7553e5212ecd4691eb426251f9d6720b8276ac543dde02399a35d974b22c1727d4b6df01957cae47443b706d43165e01d6932b136f561ce837431254cfb2a6e7d8070a2d3805aaa15b3c10ccd0cda2e9b418ce9ef380e5d08217752e12b3b892d03a9495c83d78d674612fde5a67738b2d4649ce44606ecce6bf3bd1293eca246a83643e4f1c7ba362b110e07c8479f216e3d4afc4fcb8d0820c8ab702a66d8183e83174597035e92b9b500dee08c80b927b42c3689c7c9617b4112c9e54cbfa51e989b5fd42b80c595d3edd265f138e8128cfbbb0e4f53aa0aa95a2ecda4518b2e564c42d5de7671560843d08103b9bdceac5fdeb0b1266f72f491265dd2b2b80a225a50955167da1812364ea340d82f61535401bae6f3140a8795d7c318a64cee4676627244930957b2f0b227be21b72d90027e6a5a7af3c59470c74dcdb71d1ef090a0f49c91acd604c792385c8f4e085765292822ee5eca03885fd6bfeaca9b3bbbdeac939f7846a487c5a483ed1e4fbf37c93886ea27bb35c812089b900b77c7c924147e97b6a71533610750bc84921012aa8158b213f7601d934a20bdd1f757b0a33042a683af6b9069f3900059d7f80f9fdcc9f33ece8cf7888dc9e24f1fc6ca0ecccf161c5334c60f440feb3acfc3d115011c176dfa05314c5bcf089e3c82bbe7680a3eefdcdbf3ac27265b779db4f49bade0128eda6e29bc5933ef454601db1b49628fd39ab938794fa46a33937a086ece7050d31a21524e2f0cacb307ed4412a2078636f9cc8e11c5c31cc0f9edd7be6d1e31a1513a58e25215f5a24245cb988589e6d5e5119f4f6557c697fad7d1c3a7e3bae064db4382701e33e48c5b6a52fe9141a385ef2325c6f7781134607e98bfd02c43d6deefaa861700388b40d98e941cfb2ddec209f977e8b9f93d29fdbf85e3010ce7cd622e8c75ce3df535e392052b6d65d5042d2a6e78bbfe5ee146e8b18d4bc7fb024dbba57cbe0402205593766a313950cb719d00c67bb6b3bcaa1015b89e820f11475afce655947113a7c3dcbb52427f090df994fbf076db867e0ab3f6125fb8884c1d13ff3e99fab5fa8b9f0b72cb44db4d0a48d9ec17f9733764e213c40a15ad821ec60e4a88cb2fd9dd9a4f35e6a708f4b74067f4be3f03a95261f6b191df53fa5bb5164e4a164630ad9ce39087aa950ad9e60cd2c44fa2237c49abf858c97737fd21180fd0b9542767150fbed3f39a29e6c3484d9437e15d2439f2a54b2a1ac7e63e6c436658abc3f1dd52d984f6c6901768a8cf2ec98ebf44e90e0fc0c24f8957c62e05d8eacecaf25b178fd710af609a8a1bc4d7955b5f0cb4f48a37685e6304ea5843573a1abff37b5106916c83c8f23f939a0dc43aea8d196191ed6e18dd793990d1f37d7de0bf8fac6f469843724eaab86be8a483be281b8ecf4aa29d9c571951cde8cd8c2aaf4d597ac2cb48f23fad145916920a55d655924940573b64dbd42a280cddc4810434f930183fdbbdc72db1491a4c9d44daf9b1bc2fecd855508648063040faeb125da0e68e6cd2002181118eecff0be1dd8eae726af5d451630cd65119c52abd6dded97f931202f186a18c4ba34bc2c3f6d765e2d8f445e959f26ffb55827cf3ff2cc0289f17b82c8caa5a2d3d54306a300f0ef42bbe4ea9e32c5d4b1173942745cdcfe4f5d1619eefaf8dc600afbc9171d516f7f4b35331d0b9be005132ffad5e9df59710278b842afb626a78b8b8b37fc3a894dc705b2d4e0940cb264e9dc87eaa148e6faf78125462f28a0f1d7b3c65a291b85713fa71ffc478f6601e8716c35489f4a54ed0c70bcfd5502cc91374dc3c982075c5180398bc6b195b36e79dcc4087cb990cc9d964a150e0dcc887d496bdd27c3f298736b9ad8345ba2df46021964cf43c38f9d2e94b77bee2b7bf059e0870ff9f17b9ef1320c0aa88a2fa9781e9017ab64643de9a3df9ed4b8cfd8fa080a2e494409520b795eb1517d224a05e450c4c8ae0e9fd29c0e72d3a592cce55f6dd5107f21214e1a3f9a5448384de06149f959ec0c92790f0ff229ab4971171f1c528ae6d095ec007bf5e7f55d623a68194e9ea8edc3af418075338328f24e7504341c22bef72c2963fc9c3237ba990d29c2c8aa3007395f6d96e95b40ee1b18dbad550bf39d0d98268cb74dde76d987c3169c9067495fb1b88508bbb7e94cbb7dfc15c03b1d5b163132c8a468906f02d422a8cf98d0b432b5779dd962074b72dd27439b2e94312f573435e5aa84664432c1914839cd6e172186ce93eeb1d7cb0659696d9d550eb3b185f8c6ee16e53f78233cbe709f99d2879d63d93f7d0ed133241d2f1ab1eb2c56605ca0f0e01c39ab0ba2370fe5c4e68de0561b517ff9a10023c386236398372c7176e35443e2cf5dd6cbed9f23395f231e6a54f65626cb5860a8b72122c34664119e7c47204ef4a70583a00", 0x2000, &(0x7f0000001940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000780)={0x90, 0x0, 0x0, {0x1, 0x400, 0x1, 0x9, 0x1, 0x4, {0x0, 0x0, 0xfffffffffffffffb, 0x3, 0x6ee4, 0x0, 0x0, 0x0, 0x4000, 0x4000}}}, 0x0, 0x0, 0x0, 0x0, 0x0})

42.624235588s ago: executing program 1 (id=5279):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000280)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f00006d3000/0x4000)=nil, 0x4000, 0x66)
r2 = openat$dsp(0xffffffffffffff9c, 0x0, 0x8041, 0x0)
ioctl$SNDCTL_DSP_SYNC(r2, 0x5001, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000440)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
ioctl$SNDCTL_DSP_SUBDIVIDE(r2, 0xc0045009, &(0x7f0000000040)=0x2fff)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)

42.537152656s ago: executing program 0 (id=5280):
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nfc(&(0x7f0000000440), r1)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0))
unshare(0x2c020400)
write$nci(r0, &(0x7f0000000a40)=@NCI_OP_RF_INTF_ACTIVATED_NTF={0x1, 0x0, 0x3, 0x5, 0xf8, @f={0x8, 0x1, 0x0, 0x2, 0x0, 0x48, 0x1, {0x2, 0x9a, "d36c38591c22d1a74214cf6a4b00217668f73e90af7019d88d7f2477a92d418538225366efd39cfb0f746997dc98c3a1d29362ce06aecadd252e4120604ed83d898abb6d4e9bcf9df9a10c433787f50eaf1ebd3d6fad84e6d35f5b262d8b5171efec8924cb05ea60fc7ba557663d50e0b229861f823a43430a2d98bdd6ab4e76863e428dc972ac8285adcb793ac40b99f3a579e33f90236e0bcd"}, 0x3f, 0xe, 0x0, 0x4, 0x50, "db2147121c4ab12f912a6dda8924ac4b047efdad8de0f46ccb0b82ab4c6605e9f3abba4967ceb82bb354068b456574266381be92f28b7977349be0893001d9477f4eeacf04c420d30efa36fab3ad8cd7"}}, 0xfb)

41.938843184s ago: executing program 8 (id=5281):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, 0x0, 0x800)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
r6 = openat$tun(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
close(r6)
socket$unix(0x1, 0x2, 0x0)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r7 = socket$kcm(0x11, 0x3, 0x0)
r8 = socket(0x400000000010, 0x3, 0x0)
r9 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r10=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000027c0)=@newtfilter={0x8b0, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r10, {0x5, 0x4}, {}, {0x8}}, [@filter_kind_options=@f_matchall={{0xd}, {0x87c, 0x2, [@TCA_MATCHALL_ACT={0x878, 0x2, [@m_police={0x874, 0x1, 0x0, 0x0, {{0xb}, {0x848, 0x2, 0x0, 0x1, [[@TCA_POLICE_RATE={0x404, 0x2, [0x1ff, 0x3, 0x10000, 0x81, 0x7f, 0x5, 0x4, 0x2, 0x4, 0x5, 0x2234, 0x83, 0x81b, 0x800, 0x8, 0x0, 0x3, 0x7ed53619, 0x1, 0x2, 0x9644, 0x800004, 0x58b, 0x85a, 0x3ff, 0x46, 0x2, 0x1, 0x2, 0x80000000, 0x10001, 0x790, 0x5, 0x1, 0xfffffff9, 0x1a77, 0x9, 0x3, 0x400, 0x63c, 0x4, 0xffffffff, 0x1, 0x3, 0x3, 0x5b1f, 0x7b0, 0x7, 0x100, 0x2, 0xd, 0xff, 0x3, 0x10000, 0x6, 0x6b7, 0x11ff, 0x80, 0x4, 0x7, 0x3, 0xa14, 0x3, 0x2, 0x80000000, 0x81, 0x7, 0x8, 0x5, 0x10001, 0xf7, 0x3, 0xfffffef9, 0x9, 0x4, 0x8, 0xfff, 0x3, 0x3, 0x6, 0x7, 0x8, 0x100, 0xc0000000, 0x0, 0x6, 0x6, 0x8, 0x80000001, 0x8, 0x1d24, 0x2, 0x7, 0x80000000, 0x7f, 0x7, 0x9, 0xff, 0x24, 0x5, 0x7, 0x6, 0x10007e, 0x0, 0x0, 0x7, 0x470, 0x7f, 0xe, 0x0, 0x1, 0x0, 0x4, 0x10009, 0x61, 0x200, 0x6, 0x2, 0x2, 0x6, 0x10001, 0x8, 0x7, 0x11, 0xda56, 0x7ffffffe, 0x80, 0x2f0cb955, 0x7, 0xfed, 0xf, 0x6ae, 0x9, 0xfffffffd, 0x9, 0x8001, 0x0, 0xec000, 0x0, 0x1, 0x2, 0x9, 0x7, 0x6, 0x4, 0x1, 0xffffcf1b, 0x282, 0x5517bc7b, 0x3, 0x4, 0xb6b, 0x5, 0xf7800000, 0xac, 0x8, 0x3, 0x10, 0x9, 0x8, 0x80000001, 0x0, 0x74, 0x2, 0x7fffffff, 0x0, 0xa, 0x6, 0xd47, 0x8, 0x2, 0x7, 0x7f, 0x5, 0x3, 0xa, 0x1, 0x0, 0xa, 0x300, 0x5, 0x3, 0x6, 0xffffffff, 0xffb, 0xff, 0x5, 0x8, 0x3, 0x2, 0x9, 0xb, 0x399d, 0x6, 0x8ab6, 0x18000, 0x2, 0xfffffff9, 0x800002, 0x2, 0x528c, 0x5, 0x200, 0xac, 0xf, 0xd05, 0x9a2ce73, 0x4, 0x6, 0xe074, 0x6b10, 0x5, 0x1, 0x6, 0xb, 0xa26, 0xaf6, 0x0, 0xec, 0x8, 0xde16, 0xc418, 0xffffffff, 0xffffffff, 0x9, 0x400, 0x80001, 0x5, 0x354d, 0x5, 0x2, 0x1, 0x7, 0x0, 0x177, 0x7, 0x0, 0x80, 0x5, 0x8, 0xfffffffb, 0x9, 0xe7b, 0x0, 0x7, 0x42bf, 0x10000, 0x9, 0x9, 0x6, 0x4b75, 0x80000001, 0x1000, 0x5915, 0x10001, 0x1]}], [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x107e, 0x2004, 0xec2, 0x6, 0x8, 0x400, 0x5, 0x1, 0x7, 0x470, 0x487, 0x100, 0xa99, 0xfffffeff, 0x5, 0x37f, 0x8, 0x6, 0x3, 0x3, 0x800, 0xd2f5, 0x40, 0x3, 0x4, 0x5, 0x7, 0x12, 0x2, 0x8, 0x101, 0xfffeffff, 0x2, 0x10000, 0xa6, 0x3, 0x10000, 0x1000, 0x4, 0x0, 0x3, 0x0, 0x3, 0x6, 0x98, 0x8, 0x6, 0x9, 0x1000, 0xb3000, 0xf, 0x3, 0x9, 0xb4, 0x94b, 0x9, 0x8, 0x6, 0x100, 0x2, 0xffff, 0x4, 0x2, 0x3ff, 0x2, 0xb828, 0x0, 0x0, 0x365, 0x8, 0x8, 0xf, 0x1, 0xfffffffe, 0xfffffff6, 0x93, 0x7fff, 0x92, 0x0, 0x7, 0xfffffffc, 0x7ff, 0x9, 0x2, 0x0, 0x2, 0x8, 0xffffff37, 0x3, 0x9, 0xc, 0xff, 0x3, 0x3, 0x400, 0x100000, 0x7f, 0x4, 0x8, 0x4, 0x7, 0x4, 0x7, 0xfffffffa, 0x0, 0xadd9, 0x1, 0x0, 0x7, 0x7fffff7f, 0x40, 0x4, 0x0, 0x5, 0x4, 0x1, 0x8, 0x9, 0x6, 0x6, 0x2, 0xb, 0x3, 0x7f, 0xffff, 0x9, 0x1685, 0xa252, 0x2, 0x200, 0x3, 0x1, 0x400, 0xfffffffc, 0xfffffffc, 0x1000, 0x7ff, 0x1, 0x1f6, 0x751, 0x7, 0x40000000, 0x1, 0xffffdbb7, 0x50, 0xf, 0xf, 0xe, 0x6, 0x0, 0x81, 0xfff80000, 0x0, 0x1, 0x6, 0x3, 0x7ef8, 0x7, 0x80005, 0x2, 0x0, 0x4e8, 0x80, 0x0, 0x8, 0x5, 0x0, 0x5, 0x7fff, 0x7, 0x8, 0x6a4941c5, 0x2ea567b4, 0x8, 0x80000000, 0x6, 0x40, 0x2, 0x4000fff, 0x8, 0x7, 0x1, 0x1, 0x0, 0x0, 0xd3bed341, 0x691f, 0x0, 0x2, 0x9, 0x6, 0x0, 0x1ff, 0x400003, 0x3, 0x6, 0x5fc8462f, 0x0, 0x7, 0xffff, 0xfffffffc, 0x5, 0x0, 0xb9a6, 0x522, 0x2, 0x2, 0x900, 0x8, 0xbb99, 0xb8000000, 0x8, 0xffffff01, 0xc0a1, 0x8, 0x8, 0x7, 0x59, 0x9, 0x2, 0x101, 0x5f502dc7, 0x7, 0x0, 0x4, 0x6, 0x80000001, 0xc000, 0xffffff97, 0x2, 0x40, 0x1, 0x40, 0x8, 0x3, 0x710, 0x8, 0x1, 0xfffff339, 0x3, 0x8001, 0x1, 0x8001, 0x9, 0x8, 0xfffffffa, 0x8, 0x9, 0xfff, 0xe, 0x3, 0x9, 0xa, 0x7, 0xfffffff8]}, @TCA_POLICE_TBF={0x3c, 0x1, {0xfffffe00, 0x5, 0x5, 0x1, 0xdbec, {0x8, 0x0, 0xb55, 0x5, 0x7, 0xb}, {0x6, 0x2, 0xd, 0x5, 0x1, 0x5d17}, 0x2, 0x0, 0x6}}]]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}]}]}}]}, 0x8b0}, 0x1, 0x0, 0x0, 0x10}, 0x0)
setsockopt$sock_attach_bpf(r7, 0x107, 0xf, &(0x7f0000000600), 0x56)
sendmsg$kcm(r7, &(0x7f00000000c0)={&(0x7f0000000500)=@xdp={0x2c, 0x0, r5, 0xc}, 0x80, &(0x7f00000006c0)=[{&(0x7f0000000180)="27030200590214000600002fb96dbcf706e10500000086ddffff1144ee163cd4b8bf", 0x22}, {&(0x7f0000000c00)="4307ed2e", 0x4}], 0x2}, 0x4)

41.468450589s ago: executing program 9 (id=5282):
socket$packet(0x11, 0x3, 0x300)
fsopen(&(0x7f0000000180)='hfsplus\x00', 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
syz_open_dev$vim2m(&(0x7f0000000100), 0x2, 0x2)
syz_open_dev$usbfs(0x0, 0x77, 0x101301)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r0, &(0x7f0000000040)={0x28, 0x0, 0x2710, @local}, 0x10)
listen(r0, 0x0)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000640)={0x28, 0x0, 0x2710}, 0x10)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
pselect6(0x40, &(0x7f00000000c0)={0x0, 0x2, 0x0, 0x8, 0x2, 0xfffffffffffffffd, 0x1}, 0x0, 0x0, 0x0, 0x0)
unshare(0x22020600)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

41.241884111s ago: executing program 0 (id=5283):
r0 = open(&(0x7f0000000180)='.\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000440)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x0, 0x1, 0x401, 0x0, 0xa9, 0x8000000000000000, 0x8, 0x7, 0x8000003}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
pipe2$watch_queue(0x0, 0x80)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
r3 = shmget$private(0x0, 0x800000, 0x880, &(0x7f0000173000/0x800000)=nil)
shmctl$IPC_RMID(r3, 0x0)
ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0)
r4 = io_uring_setup(0x7625, &(0x7f0000000600)={0x0, 0x1e28, 0x1000, 0x0, 0x28b})
io_uring_register$IORING_REGISTER_FILES(r4, 0x20, &(0x7f0000000000)=[0xffffffffffffffff], 0x1)
flock(r0, 0x2)
r5 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/meminfo\x00', 0x0, 0x0)
read$FUSE(r6, &(0x7f0000000180)={0x2020}, 0x2020)
r7 = syz_open_dev$loop(&(0x7f0000002280), 0xffff, 0x121ac3)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cpuacct.stat\x00', 0x275a, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000002200)={&(0x7f0000002240)=ANY=[@ANYRES16=r5], 0xe4}, 0x1, 0x0, 0x0, 0x8001}, 0x20050840)
write$binfmt_misc(r8, &(0x7f0000000040), 0xe09)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="4c0000001800dd8d000000000000000002000000000000050400000006001500050000002800168024000100010000dd"], 0x4c}}, 0x0)
ioctl$KDGKBENT(r6, 0x4b46, &(0x7f0000000080)={0x83, 0x0, 0xa3a})
ioctl$LOOP_CONFIGURE(r7, 0x4c0a, &(0x7f00000002c0)={r8, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x9, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00000000170000000400", "f4bd000000801900", [0x100000000, 0x8000000000000000]}})
renameat2(r0, &(0x7f00000001c0)='./file1\x00', 0xffffffffffffff9c, &(0x7f00000021c0)='./cgroup\x00', 0x2)

40.266756008s ago: executing program 9 (id=5284):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x0, 0x0})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$vsock(0xffffffffffffff9c, 0x0, 0x2c0c2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x38, 0x0, 0x4, 0x8001, 0x0, 0xb49, 0x200000000002, 0x7, 0x8, 0x5}, 0x0)
syz_genetlink_get_family_id$batadv(0x0, r0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x8000002)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
poll(0x0, 0x0, 0x9)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000500)={{0x14}, [], {0x14}}, 0x28}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x4000094)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000002640)=ANY=[@ANYBLOB="24000000200001031f"], 0x24}}, 0x8800)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)=ANY=[@ANYBLOB="3c0000001000390400"/20, @ANYRES32=0x0, @ANYBLOB="01980000031300001c0012800900010069706970000083000c00028008000300e00000015c413394c2cd647ccea14a0fa72abaaded37e53e987e722424214f79ed6432be46dbbcbf8bc3039a06c208aa6c7b8658e45d6d0c"], 0x3c}}, 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
openat$nci(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)

40.039868674s ago: executing program 8 (id=5285):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000580)={0x98, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @mcast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x98}}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000001c0)={0xa0, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @mcast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x44, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE={0x6}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @local}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0xa0}}, 0x0)

39.640227167s ago: executing program 1 (id=5286):
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[], 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000003c0)={r1, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000280)='./file0\x00', &(0x7f0000000300)=[0x5], 0x0, 0x0, 0x200000000000026f, 0x1}}, 0x40)

39.212967289s ago: executing program 1 (id=5287):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x74fb01, 0x0)
close(r4)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x70bd2c, 0x25dfdbfc, {0x0, 0x0, 0x0, r6, {0x0, 0xb}, {0xffff, 0xffff}, {0xffff}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0xa, 0x7f61, 0x1, 0xc1, 0xe23, 0x3, 0x1, 0x7fff, 0x1}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20008001}, 0x60000)
sendmsg$nl_route_sched(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=@newqdisc={0x70, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0x7fffc, {0x0, 0x0, 0x0, r6, {0x0, 0x9}, {0x6, 0xb}, {0x6, 0x5}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x40, 0x2, {{0x10000, 0x1, 0x406, 0x4, 0x7fffffff, 0xe}, [@TCA_NETEM_LOSS={0x1c, 0x5, 0x0, 0x1, [@NETEM_LOSS_GI={0x18, 0x1, {0xffffab8f, 0x0, 0x9, 0x4, 0x1}}]}, @TCA_NETEM_ECN={0x8, 0x7, 0x1}]}}}]}, 0x70}, 0x1, 0x0, 0x0, 0x4004060}, 0x4008000)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000000300)={'syzkaller0\x00', @random="2b0100004ec6"})

39.148402309s ago: executing program 8 (id=5288):
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x20, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IE={0x4}]}, 0x20}}, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x24, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0)

38.997802005s ago: executing program 4 (id=5289):
r0 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000440)=@raw={'raw\x00', 0x8, 0x3, 0x4c8, 0x170, 0xffffffff, 0xffffffff, 0x170, 0xffffffff, 0x3f8, 0xffffffff, 0xffffffff, 0x3f8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0x148, 0x170, 0x0, {}, [@common=@unspec=@helper={{0x48}}, @common=@inet=@hashlimit1={{0x58}, {'bond_slave_1\x00', {0x41, 0x1ff, 0x6, 0xb0e2, 0x10001, 0x84e, 0xfffffffb, 0x18, 0x8}, {0x1}}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'erspan0\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'vcan0\x00', {0x3, 0x0, 0x41, 0x0, 0x2, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x528)
syz_emit_ethernet(0xfc0, &(0x7f0000000a80)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbbbb86dd606410a60f8a000000000000000000001200ffffe0000012fe8000000000000000000000000000aa84"], 0x0)

38.696050309s ago: executing program 8 (id=5290):
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$rtc(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$caif_stream(0x25, 0x1, 0x5)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x1ffffffffeb, 0xfffffffffffffffd, 0x0, 0x0, 0x1000001000, 0x1}, 0x0, &(0x7f00000002c0)={0x3fb, 0x108003, 0x400000000001, 0x9, 0x40000000000000, 0xf, 0x80000002, 0x584}, 0x0, 0x0)

38.356393482s ago: executing program 4 (id=5291):
r0 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c0000005e00679a3601ffc4910710007e570966f4366ec9d4"], 0x1c}, 0x1, 0x0, 0x0, 0x4004}, 0x0)
recvmmsg$unix(r0, 0x0, 0x0, 0x0, 0x0)

38.208876062s ago: executing program 8 (id=5292):
socket$nl_audit(0x10, 0x3, 0x9)
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000300))
fcntl$lock(0xffffffffffffffff, 0x25, &(0x7f0000000040)={0x0, 0x0, 0xfd8b, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x77359400}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xb320a000)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b18, &(0x7f0000000000)={'veth1_to_batadv\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}})
r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$lock(r0, 0x410, &(0x7f00000000c0)={0x1, 0x1, 0x1, 0xfffe})
fremovexattr(r0, &(0x7f0000000000)=@known='system.posix_acl_default\x00')
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)

38.123609919s ago: executing program 1 (id=5293):
sendmsg$NFC_CMD_VENDOR(0xffffffffffffffff, 0x0, 0xd8)
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r1)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r3=>0x0)
sendmsg$NFC_CMD_DEV_UP(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000d80)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="010426bd7000f8dbdf250200000008000100", @ANYRES32=r3], 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x4008054)
sendmsg$NFC_CMD_LLC_SDREQ(0xffffffffffffffff, 0x0, 0x0)
write$nci(r0, &(0x7f0000000180)=ANY=[@ANYBLOB="5104019922f20389"], 0x4)

38.01622849s ago: executing program 3 (id=5294):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f00000000c0)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mmap$binder(&(0x7f000023d000/0x2000)=nil, 0x2000, 0x1, 0x11, 0xffffffffffffffff, 0x6)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r2, 0x0, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = openat$comedi(0xffffffffffffff9c, 0x0, 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r4, 0x40946400, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000580)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a050000000000000000000700000a0900010073797a30000000003c000000090a010400000000000000000700000308000a40000000000900020073797a31000000000900010073797a30000000000800054000000021900000000c0a01030000000000000000070000000900020073797a31000000000900010073797a3000000000640003806000008004000180580007800b000100746172676574000048000280080002400000000230000300b08c674515113085726709225a7547b6f14c1aa7a7202afc0811618e3b5a514fb651ff7360e7749fe5bee39009000100534e4154"], 0x114}}, 0x0)

37.892012347s ago: executing program 4 (id=5295):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r3, &(0x7f0000000100)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
connect$unix(0xffffffffffffffff, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
writev(0xffffffffffffffff, &(0x7f0000000240)=[{&(0x7f0000000000)="f1", 0x1}], 0x1)
setsockopt$SO_TIMESTAMP(r3, 0x1, 0x23, &(0x7f0000000080)=0xf73, 0x4)
setsockopt$SO_TIMESTAMPING(r3, 0x1, 0x41, &(0x7f00000000c0)=0x3f9, 0x4)
recvmmsg(r3, &(0x7f0000000300), 0x40000000000049e, 0x1000000000fe, 0x0)

14.362604929s ago: executing program 42 (id=5294):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f00000000c0)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mmap$binder(&(0x7f000023d000/0x2000)=nil, 0x2000, 0x1, 0x11, 0xffffffffffffffff, 0x6)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r2, 0x0, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = openat$comedi(0xffffffffffffff9c, 0x0, 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r4, 0x40946400, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000580)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a050000000000000000000700000a0900010073797a30000000003c000000090a010400000000000000000700000308000a40000000000900020073797a31000000000900010073797a30000000000800054000000021900000000c0a01030000000000000000070000000900020073797a31000000000900010073797a3000000000640003806000008004000180580007800b000100746172676574000048000280080002400000000230000300b08c674515113085726709225a7547b6f14c1aa7a7202afc0811618e3b5a514fb651ff7360e7749fe5bee39009000100534e4154"], 0x114}}, 0x0)

10.06837396s ago: executing program 43 (id=5295):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r3, &(0x7f0000000100)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
connect$unix(0xffffffffffffffff, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
writev(0xffffffffffffffff, &(0x7f0000000240)=[{&(0x7f0000000000)="f1", 0x1}], 0x1)
setsockopt$SO_TIMESTAMP(r3, 0x1, 0x23, &(0x7f0000000080)=0xf73, 0x4)
setsockopt$SO_TIMESTAMPING(r3, 0x1, 0x41, &(0x7f00000000c0)=0x3f9, 0x4)
recvmmsg(r3, &(0x7f0000000300), 0x40000000000049e, 0x1000000000fe, 0x0)

9.400158407s ago: executing program 44 (id=5293):
sendmsg$NFC_CMD_VENDOR(0xffffffffffffffff, 0x0, 0xd8)
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r1)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r3=>0x0)
sendmsg$NFC_CMD_DEV_UP(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000d80)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="010426bd7000f8dbdf250200000008000100", @ANYRES32=r3], 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x4008054)
sendmsg$NFC_CMD_LLC_SDREQ(0xffffffffffffffff, 0x0, 0x0)
write$nci(r0, &(0x7f0000000180)=ANY=[@ANYBLOB="5104019922f20389"], 0x4)

7.784947994s ago: executing program 45 (id=5283):
r0 = open(&(0x7f0000000180)='.\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000440)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x0, 0x1, 0x401, 0x0, 0xa9, 0x8000000000000000, 0x8, 0x7, 0x8000003}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
pipe2$watch_queue(0x0, 0x80)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
r3 = shmget$private(0x0, 0x800000, 0x880, &(0x7f0000173000/0x800000)=nil)
shmctl$IPC_RMID(r3, 0x0)
ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0)
r4 = io_uring_setup(0x7625, &(0x7f0000000600)={0x0, 0x1e28, 0x1000, 0x0, 0x28b})
io_uring_register$IORING_REGISTER_FILES(r4, 0x20, &(0x7f0000000000)=[0xffffffffffffffff], 0x1)
flock(r0, 0x2)
r5 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/meminfo\x00', 0x0, 0x0)
read$FUSE(r6, &(0x7f0000000180)={0x2020}, 0x2020)
r7 = syz_open_dev$loop(&(0x7f0000002280), 0xffff, 0x121ac3)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cpuacct.stat\x00', 0x275a, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000002200)={&(0x7f0000002240)=ANY=[@ANYRES16=r5], 0xe4}, 0x1, 0x0, 0x0, 0x8001}, 0x20050840)
write$binfmt_misc(r8, &(0x7f0000000040), 0xe09)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="4c0000001800dd8d000000000000000002000000000000050400000006001500050000002800168024000100010000dd"], 0x4c}}, 0x0)
ioctl$KDGKBENT(r6, 0x4b46, &(0x7f0000000080)={0x83, 0x0, 0xa3a})
ioctl$LOOP_CONFIGURE(r7, 0x4c0a, &(0x7f00000002c0)={r8, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x9, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00000000170000000400", "f4bd000000801900", [0x100000000, 0x8000000000000000]}})
renameat2(r0, &(0x7f00000001c0)='./file1\x00', 0xffffffffffffff9c, &(0x7f00000021c0)='./cgroup\x00', 0x2)

7.442616383s ago: executing program 46 (id=5292):
socket$nl_audit(0x10, 0x3, 0x9)
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000300))
fcntl$lock(0xffffffffffffffff, 0x25, &(0x7f0000000040)={0x0, 0x0, 0xfd8b, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x77359400}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xb320a000)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b18, &(0x7f0000000000)={'veth1_to_batadv\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}})
r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$lock(r0, 0x410, &(0x7f00000000c0)={0x1, 0x1, 0x1, 0xfffe})
fremovexattr(r0, &(0x7f0000000000)=@known='system.posix_acl_default\x00')
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)

0s ago: executing program 47 (id=5284):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x0, 0x0})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$vsock(0xffffffffffffff9c, 0x0, 0x2c0c2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x38, 0x0, 0x4, 0x8001, 0x0, 0xb49, 0x200000000002, 0x7, 0x8, 0x5}, 0x0)
syz_genetlink_get_family_id$batadv(0x0, r0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x8000002)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
poll(0x0, 0x0, 0x9)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000500)={{0x14}, [], {0x14}}, 0x28}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x4000094)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000002640)=ANY=[@ANYBLOB="24000000200001031f"], 0x24}}, 0x8800)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)=ANY=[@ANYBLOB="3c0000001000390400"/20, @ANYRES32=0x0, @ANYBLOB="01980000031300001c0012800900010069706970000083000c00028008000300e00000015c413394c2cd647ccea14a0fa72abaaded37e53e987e722424214f79ed6432be46dbbcbf8bc3039a06c208aa6c7b8658e45d6d0c"], 0x3c}}, 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
openat$nci(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)

kernel console output (not intermixed with test programs):

 1433.010643][T23063] loop6: detected capacity change from 0 to 7
[ 1433.068721][    C1] blk_print_req_error: 10 callbacks suppressed
[ 1433.068738][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1433.084514][    C1] buffer_io_error: 10 callbacks suppressed
[ 1433.084530][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1433.103489][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1433.113105][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1433.163458][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1433.173058][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1433.274754][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1433.284455][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1433.325801][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1433.335418][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1433.345888][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1433.355563][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1433.366115][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1433.375689][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1433.383590][T11478] ldm_validate_partition_table(): Disk read failed.
[ 1433.393807][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1433.403388][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1433.423156][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1433.432749][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1433.442626][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1433.452261][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1433.463609][T11478] Dev loop6: unable to read RDB block 0
[ 1433.492663][T11478]  loop6: unable to read partition table
[ 1433.498568][T11478] loop6: partition table beyond EOD, truncated
[ 1433.617740][T23063] ldm_validate_partition_table(): Disk read failed.
[ 1433.713944][T23063] Dev loop6: unable to read RDB block 0
[ 1433.724701][T23063]  loop6: unable to read partition table
[ 1433.730472][T23063] loop6: partition table beyond EOD, truncated
[ 1433.786285][T23063] loop_reread_partitions: partition scan of loop6 (úùƒå¡™‰ü�¾SêjÌ–ã¢P=ý?ã}X‹ºÐ	œëÜ%õ«`ÉæÖ€ù…ˆŠ5) failed (rc=-5)
[ 1434.129145][T23067] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4797'.
[ 1436.377306][T22874] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1436.630519][T17971] usb 9-1: new full-speed USB device number 17 using dummy_hcd
[ 1436.735461][T22874] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1436.780194][T17971] usb 9-1: device descriptor read/64, error -71
[ 1436.850357][T22874] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1436.908247][T22874] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1437.070204][T17971] usb 9-1: new full-speed USB device number 18 using dummy_hcd
[ 1437.259567][T17971] usb 9-1: device descriptor read/64, error -71
[ 1437.406282][T17971] usb usb9-port1: attempt power cycle
[ 1437.658929][T22874] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1437.702974][T22874] 8021q: adding VLAN 0 to HW filter on device team0
[ 1437.819064][T17971] usb 9-1: new full-speed USB device number 19 using dummy_hcd
[ 1439.552327][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1439.559566][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1439.925103][  T120] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1439.932293][  T120] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1439.971639][T17971] usb 9-1: device descriptor read/8, error -71
[ 1440.219289][T22874] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1440.428527][T23124] netlink: 'syz.8.4810': attribute type 6 has an invalid length.
[ 1440.769872][T23124] loop6: detected capacity change from 0 to 7
[ 1441.167086][T17986] usb 4-1: new high-speed USB device number 96 using dummy_hcd
[ 1441.262156][    C0] blk_print_req_error: 25 callbacks suppressed
[ 1441.262179][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1441.277975][    C0] buffer_io_error: 25 callbacks suppressed
[ 1441.277993][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1441.336272][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1441.345920][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1441.410045][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1441.419707][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1441.446133][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1441.455748][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1441.483115][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1441.492735][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1441.569649][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1441.579296][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1441.587730][T23124] ldm_validate_partition_table(): Disk read failed.
[ 1441.599357][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1441.608963][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1441.667664][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1441.677304][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1441.729931][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1441.739650][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1441.798355][T17986] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1441.813563][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1441.823151][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1441.836357][T23124] Dev loop6: unable to read RDB block 0
[ 1441.951940][T23124]  loop6: unable to read partition table
[ 1442.118249][T23124] loop6: partition table beyond EOD, truncated
[ 1442.129746][T17986] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1442.293364][T23124] loop_reread_partitions: partition scan of loop6 (úùƒå¡™‰ü�¾SêjÌ–ã¢P=ý?ã}X‹ºÐ	œëÜ%õ«`ÉæÖ€ù…ˆŠ5) failed (rc=-5)
[ 1442.468651][T17986] usb 4-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=7e.66
[ 1442.800147][T17986] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1443.163643][T17986] usb 4-1: Product: syz
[ 1443.190737][T17986] usb 4-1: Manufacturer: syz
[ 1443.274692][T17986] usb 4-1: SerialNumber: syz
[ 1443.330495][T17986] usb 4-1: config 0 descriptor??
[ 1443.454608][ T5897] usb 5-1: new high-speed USB device number 94 using dummy_hcd
[ 1443.508876][T17986] usb 4-1: can't set config #0, error -71
[ 1443.551126][T17986] usb 4-1: USB disconnect, device number 96
[ 1443.715627][ T5897] usb 5-1: Using ep0 maxpacket: 32
[ 1443.826694][ T5897] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1443.885207][ T5897] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1443.920588][ T5897] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[ 1443.927138][T18804] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1444.015995][ T5897] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1444.098551][ T5897] usb 5-1: config 0 descriptor??
[ 1445.810810][T18804] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1446.453439][ T5897] hid_parser_main: 5 callbacks suppressed
[ 1446.453467][ T5897] savu 0003:1E7D:2D5A.001E: unknown main item tag 0x0
[ 1446.510080][ T5897] savu 0003:1E7D:2D5A.001E: unknown main item tag 0x0
[ 1446.582597][ T5897] savu 0003:1E7D:2D5A.001E: unknown main item tag 0x0
[ 1446.589413][ T5897] savu 0003:1E7D:2D5A.001E: unknown main item tag 0x0
[ 1446.630304][ T5897] savu 0003:1E7D:2D5A.001E: unknown main item tag 0x0
[ 1446.638461][ T5897] savu 0003:1E7D:2D5A.001E: unbalanced collection at end of report description
[ 1446.653442][ T5897] savu 0003:1E7D:2D5A.001E: parse failed
[ 1446.659150][ T5897] savu 0003:1E7D:2D5A.001E: probe with driver savu failed with error -22
[ 1446.677488][ T5897] usb 5-1: USB disconnect, device number 94
[ 1446.898442][T23161] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4817'.
[ 1447.004242][T18804] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1447.077958][T23157] hsr0: entered promiscuous mode
[ 1447.493121][T18804] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1448.387486][T22874] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1448.811417][ T5897] usb 9-1: new high-speed USB device number 21 using dummy_hcd
[ 1448.972315][T22874] veth0_vlan: entered promiscuous mode
[ 1449.015271][ T5897] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1449.047712][ T5897] usb 9-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1449.185045][ T5897] usb 9-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=7e.66
[ 1449.374224][T22874] veth1_vlan: entered promiscuous mode
[ 1449.396419][ T5897] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1449.449995][ T5897] usb 9-1: Product: syz
[ 1449.454185][ T5897] usb 9-1: Manufacturer: syz
[ 1449.503748][ T5897] usb 9-1: SerialNumber: syz
[ 1449.557822][T18804] bridge_slave_1: left allmulticast mode
[ 1449.570262][ T5897] usb 9-1: config 0 descriptor??
[ 1449.589901][T18804] bridge_slave_1: left promiscuous mode
[ 1449.598295][T18804] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1449.680681][T23194] netlink: 'syz.3.4824': attribute type 6 has an invalid length.
[ 1449.741959][T18804] bridge_slave_0: left allmulticast mode
[ 1449.770471][T18804] bridge_slave_0: left promiscuous mode
[ 1449.792506][T18804] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1449.818225][ T5897] usb 9-1: USB disconnect, device number 21
[ 1450.172147][T23204] loop6: detected capacity change from 0 to 7
[ 1450.212452][    C0] blk_print_req_error: 10 callbacks suppressed
[ 1450.212469][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1450.228353][    C0] buffer_io_error: 10 callbacks suppressed
[ 1450.228367][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1450.266663][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1450.276304][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1450.332620][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1450.342260][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1450.350235][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2
[ 1450.452622][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1450.462276][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1450.473522][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1450.483142][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1450.492640][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1450.502234][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1450.519516][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1450.529136][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1450.537063][T23204] ldm_validate_partition_table(): Disk read failed.
[ 1450.600871][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1450.610502][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1450.633833][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1450.643481][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1450.677419][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1450.685470][T23204] Dev loop6: unable to read RDB block 0
[ 1450.843560][T23204]  loop6: unable to read partition table
[ 1450.919457][T23204] loop6: partition table beyond EOD, truncated
[ 1451.038882][T23204] loop_reread_partitions: partition scan of loop6 (úùƒå¡™‰ü�¾SêjÌ–ã¢P=ý?ã}X‹ºÐ	œëÜ%õ«`ÉæÖ€ù…ˆŠ5) failed (rc=-5)
[ 1453.097877][ T5188] ldm_validate_partition_table(): Disk read failed.
[ 1453.108321][ T5188] Dev loop6: unable to read RDB block 0
[ 1453.145265][ T5188]  loop6: unable to read partition table
[ 1453.317346][ T5188] loop6: partition table beyond EOD, truncated
[ 1453.901773][T18804] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1454.702319][T18804] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1454.984440][T18804] bond0 (unregistering): Released all slaves
[ 1455.029281][T22874] veth0_macvtap: entered promiscuous mode
[ 1455.245805][T17971] usb 2-1: new high-speed USB device number 88 using dummy_hcd
[ 1455.321488][T18804] tipc: Left network mode
[ 1455.335593][T22874] veth1_macvtap: entered promiscuous mode
[ 1455.411953][T17971] usb 2-1: Using ep0 maxpacket: 32
[ 1455.452357][T17971] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1455.511878][T17971] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1455.665330][T17971] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[ 1455.675373][T17971] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1455.729901][T17971] usb 2-1: config 0 descriptor??
[ 1456.121640][T22874] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1456.176885][T22874] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1456.339540][T17971] savu 0003:1E7D:2D5A.001F: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.1-1/input0
[ 1456.485254][T17971] usb 2-1: USB disconnect, device number 88
[ 1456.559082][T20498] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1456.606479][T20498] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1456.606819][ T5827] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1456.628655][ T5827] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1456.639875][ T5827] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1456.651223][ T5827] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1456.665022][T20498] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1456.682317][ T5827] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1456.690330][ T5897] usb 4-1: new high-speed USB device number 97 using dummy_hcd
[ 1456.780413][T20498] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1456.881192][ T5897] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1456.944608][T23258] fido_id[23258]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory
[ 1457.061359][T18804] hsr_slave_0: left promiscuous mode
[ 1457.074417][ T5897] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1457.104597][T18804] hsr_slave_1: left promiscuous mode
[ 1457.120246][T18804] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1457.137897][ T5897] usb 4-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=7e.66
[ 1457.157860][T18804] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1457.175438][ T5897] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1457.204439][ T5897] usb 4-1: Product: syz
[ 1457.208734][ T5897] usb 4-1: Manufacturer: syz
[ 1457.334180][ T5897] usb 4-1: SerialNumber: syz
[ 1457.494836][ T5897] usb 4-1: config 0 descriptor??
[ 1457.526616][T18804] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1457.587856][T18804] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1457.708314][ T5897] usb 4-1: USB disconnect, device number 97
[ 1457.790427][T18804] veth1_macvtap: left promiscuous mode
[ 1457.826886][T18804] veth0_macvtap: left promiscuous mode
[ 1458.058054][T18804] veth1_vlan: left promiscuous mode
[ 1458.080299][T18804] veth0_vlan: left promiscuous mode
[ 1458.748208][ T5831] Bluetooth: hci4: command tx timeout
[ 1458.916829][T23289] loop8: detected capacity change from 0 to 64
[ 1459.153665][T23294] netlink: 'syz.3.4843': attribute type 6 has an invalid length.
[ 1459.988322][T23308] loop6: detected capacity change from 0 to 7
[ 1460.016402][    C1] blk_print_req_error: 31 callbacks suppressed
[ 1460.016423][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1460.032246][    C1] buffer_io_error: 30 callbacks suppressed
[ 1460.032271][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1460.094181][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1460.103817][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1460.111767][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2
[ 1460.128246][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1460.137995][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1460.148681][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1460.158298][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1460.173920][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1460.183536][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1460.199689][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1460.209291][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1460.219276][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1460.228848][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1460.245513][T23308] ldm_validate_partition_table(): Disk read failed.
[ 1460.276090][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1460.285726][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1460.298495][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1460.308106][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1460.322035][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1460.375420][T23308] Dev loop6: unable to read RDB block 0
[ 1460.423384][T18804] team0 (unregistering): Port device team_slave_1 removed
[ 1460.431665][T23308]  loop6: unable to read partition table
[ 1460.487951][T23308] loop6: partition table beyond EOD, truncated
[ 1460.536476][T18804] team0 (unregistering): Port device team_slave_0 removed
[ 1460.577584][T23308] loop_reread_partitions: partition scan of loop6 (úùƒå¡™‰ü�¾SêjÌ–ã¢P=ý?ã}X‹ºÐ	œëÜ%õ«`ÉæÖ€ù…ˆŠ5) failed (rc=-5)
[ 1460.821673][ T5831] Bluetooth: hci4: command tx timeout
[ 1461.298041][T23303] hsr0: entered promiscuous mode
[ 1462.133113][ T5897] usb 4-1: new high-speed USB device number 98 using dummy_hcd
[ 1462.654822][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1462.681387][ T5897] usb 4-1: Using ep0 maxpacket: 32
[ 1462.811828][ T5897] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1462.845309][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1462.910259][ T5831] Bluetooth: hci4: command tx timeout
[ 1462.917442][ T5897] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1463.006867][ T5897] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[ 1463.041407][ T5897] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1463.075775][ T5897] usb 4-1: config 0 descriptor??
[ 1463.206377][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1463.233240][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1463.360120][T18297] usb 2-1: new high-speed USB device number 89 using dummy_hcd
[ 1463.530655][ T5897] savu 0003:1E7D:2D5A.0020: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.3-1/input0
[ 1463.561930][T18297] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1463.636301][T18297] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1463.708077][T18297] usb 2-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=7e.66
[ 1463.726088][ T5928] usb 4-1: USB disconnect, device number 98
[ 1464.330549][T18297] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1464.367774][T23347] fido_id[23347]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/4-1/report_descriptor': No such file or directory
[ 1464.471625][T18297] usb 2-1: Product: syz
[ 1464.486890][T18297] usb 2-1: Manufacturer: syz
[ 1464.557624][T18297] usb 2-1: SerialNumber: syz
[ 1464.690890][T18297] usb 2-1: config 0 descriptor??
[ 1464.904432][  T790] usb 2-1: USB disconnect, device number 89
[ 1464.979406][ T5831] Bluetooth: hci4: command tx timeout
[ 1465.024049][T18804] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1465.166701][T23259] chnl_net:caif_netlink_parms(): no params data found
[ 1466.818632][ T5831] Bluetooth: hci2: unexpected event 0x03 length: 33 > 11
[ 1467.587798][T18804] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1468.734987][T23372] hsr0: entered promiscuous mode
[ 1469.223295][T23395] loop5: detected capacity change from 0 to 7
[ 1469.329815][T23395] Dev loop5: unable to read RDB block 7
[ 1469.336987][T23395]  loop5: unable to read partition table
[ 1469.347069][T23395] loop5: partition table beyond EOD, truncated
[ 1469.440041][T23395] loop_reread_partitions: partition scan of loop5 (þ被xü—ŸÑà– ) failed (rc=-5)
[ 1469.703548][T18804] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1469.813651][T23400] loop3: detected capacity change from 0 to 256
[ 1470.122794][T18804] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1470.457409][T23259] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1470.493835][T23259] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1470.530538][T23259] bridge_slave_0: entered allmulticast mode
[ 1470.572454][T23259] bridge_slave_0: entered promiscuous mode
[ 1470.625925][T23259] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1470.892929][T23259] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1470.961530][T23259] bridge_slave_1: entered allmulticast mode
[ 1470.997950][T23259] bridge_slave_1: entered promiscuous mode
[ 1471.541902][T23259] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1471.595392][T23259] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1471.779388][T18804] bridge_slave_1: left allmulticast mode
[ 1471.804392][T18804] bridge_slave_1: left promiscuous mode
[ 1471.822564][T18804] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1471.890548][T18804] bridge_slave_0: left allmulticast mode
[ 1471.921318][T18804] bridge_slave_0: left promiscuous mode
[ 1471.965114][T18804] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1473.112705][   T29] usb 2-1: new high-speed USB device number 90 using dummy_hcd
[ 1474.995987][   T29] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1475.518337][T23440] loop5: detected capacity change from 0 to 7
[ 1475.551075][   T29] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1475.584338][   T29] usb 2-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=7e.66
[ 1475.613390][T23440] Dev loop5: unable to read RDB block 7
[ 1475.619183][T23440]  loop5: unable to read partition table
[ 1475.625631][   T29] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1475.625661][   T29] usb 2-1: Product: syz
[ 1475.625680][   T29] usb 2-1: Manufacturer: syz
[ 1475.625698][   T29] usb 2-1: SerialNumber: syz
[ 1475.695329][T23440] loop5: partition table beyond EOD, truncated
[ 1475.747869][T23440] loop_reread_partitions: partition scan of loop5 (þ被xü—ŸÑà– ) failed (rc=-5)
[ 1476.501037][   T29] usb 2-1: config 0 descriptor??
[ 1476.508200][   T29] usb 2-1: can't set config #0, error -71
[ 1476.517617][   T29] usb 2-1: USB disconnect, device number 90
[ 1477.151841][T23466] vivid-000: disconnect
[ 1477.510447][T23453] vivid-000: reconnect
[ 1477.620632][T18804] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1477.701514][T18804] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1477.715968][T18804] bond0 (unregistering): Released all slaves
[ 1477.906398][T23259] team0: Port device team_slave_0 added
[ 1477.939707][T23259] team0: Port device team_slave_1 added
[ 1478.409241][T18297] usb 5-1: new high-speed USB device number 95 using dummy_hcd
[ 1478.513759][T23259] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1478.551889][T23259] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1478.579813][T23259] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1478.595445][T18297] usb 5-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[ 1478.614499][T18297] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1478.681032][T18297] usb 5-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[ 1478.693229][T18297] usb 5-1: config 1 has no interface number 1
[ 1478.702972][T18297] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 1478.803971][T18297] usb 5-1: config 1 interface 2 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1478.821990][T18297] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1478.832088][T18297] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1478.843303][T18297] usb 5-1: Product: syz
[ 1478.847651][T18297] usb 5-1: Manufacturer: syz
[ 1478.853388][T18297] usb 5-1: SerialNumber: syz
[ 1478.921798][T23259] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1478.939890][T23259] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1479.168606][T18297] usb 5-1: No MIDI 2.0 at altset 1, falling back to MIDI 1.0
[ 1479.189542][T18297] usb 5-1: MIDIStreaming interface descriptor not found
[ 1479.200309][T23259] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1479.453197][T18804] hsr_slave_0: left promiscuous mode
[ 1479.517694][T18804] hsr_slave_1: left promiscuous mode
[ 1479.587012][T18804] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1479.632137][T18297] usb 5-1: USB disconnect, device number 95
[ 1479.643093][T18804] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1480.091390][T18804] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1480.138149][T18804] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1480.258497][T18804] veth1_macvtap: left promiscuous mode
[ 1480.263999][T18804] veth0_macvtap: left promiscuous mode
[ 1480.349605][T18804] veth1_vlan: left promiscuous mode
[ 1480.385157][T18804] veth0_vlan: left promiscuous mode
[ 1480.828788][ T5897] usb 5-1: new high-speed USB device number 96 using dummy_hcd
[ 1481.059589][ T5897] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1481.292702][ T5897] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1481.353976][ T5897] usb 5-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=7e.66
[ 1481.405102][ T5897] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1481.515599][ T5897] usb 5-1: Product: syz
[ 1481.571189][ T5897] usb 5-1: Manufacturer: syz
[ 1481.618381][ T5897] usb 5-1: SerialNumber: syz
[ 1481.715210][ T5897] usb 5-1: config 0 descriptor??
[ 1481.949785][T18297] usb 9-1: new high-speed USB device number 22 using dummy_hcd
[ 1481.967577][ T5897] usb 5-1: USB disconnect, device number 96
[ 1482.210438][T18297] usb 9-1: Using ep0 maxpacket: 16
[ 1482.255737][T18297] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1482.297837][T18297] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1482.347135][T18297] usb 9-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1482.674848][T18804] team0 (unregistering): Port device team_slave_1 removed
[ 1482.784508][T18804] team0 (unregistering): Port device team_slave_0 removed
[ 1483.060486][ T1292] ieee802154 phy0 wpan0: encryption failed: -22
[ 1483.067385][ T1292] ieee802154 phy1 wpan1: encryption failed: -22
[ 1483.605138][T23259] hsr_slave_0: entered promiscuous mode
[ 1483.727706][T23531] vivid-004: disconnect
[ 1483.806638][T23259] hsr_slave_1: entered promiscuous mode
[ 1483.813945][T23259] debugfs: 'hsr0' already exists in 'hsr'
[ 1483.827730][T23259] Cannot create hsr debugfs directory
[ 1484.251595][T23528] vivid-004: reconnect
[ 1487.455977][T18297] usb 9-1: string descriptor 0 read error: -32
[ 1487.462293][T18297] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1487.673464][T18297] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1487.689365][T18297] usb 9-1: rejected 1 configuration due to insufficient available bus power
[ 1487.704384][T18297] usb 9-1: no configuration chosen from 1 choice
[ 1487.879018][T17971] usb 9-1: USB disconnect, device number 22
[ 1489.154465][T23588] vivid-004: disconnect
[ 1489.177422][T23589] loop2: detected capacity change from 0 to 256
[ 1489.185095][T18297] usb 4-1: new high-speed USB device number 99 using dummy_hcd
[ 1489.394651][T18297] usb 4-1: Using ep0 maxpacket: 32
[ 1489.594492][T18297] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1489.606845][T23577] vivid-004: reconnect
[ 1489.636389][T18297] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1489.718319][T18297] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[ 1489.776888][T18297] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1489.956301][T18297] usb 4-1: config 0 descriptor??
[ 1490.304218][T23259] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1490.366498][T23259] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1490.506021][T23259] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1490.583442][T18297] savu 0003:1E7D:2D5A.0021: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.3-1/input0
[ 1490.632418][T23259] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1490.787287][T18297] usb 4-1: USB disconnect, device number 99
[ 1491.282049][T23602] fido_id[23602]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory
[ 1491.591109][T23259] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1491.742338][T23259] 8021q: adding VLAN 0 to HW filter on device team0
[ 1491.846077][T18804] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1491.853259][T18804] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1491.950686][T18804] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1491.957824][T18804] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1494.295093][T23259] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1494.799293][T23259] veth0_vlan: entered promiscuous mode
[ 1494.907609][T23259] veth1_vlan: entered promiscuous mode
[ 1495.166034][T23259] veth0_macvtap: entered promiscuous mode
[ 1495.230321][T23648] loop2: detected capacity change from 0 to 256
[ 1495.311881][T23648] exFAT-fs (loop2): error, The cluster chain has a loop
[ 1495.349362][T23648] exFAT-fs (loop2): Filesystem has been set read-only
[ 1495.405775][T23259] veth1_macvtap: entered promiscuous mode
[ 1495.415426][T23648] exFAT-fs (loop2): failed to count the number of clusters in root
[ 1495.479413][T23648] exFAT-fs (loop2): failed to recognize exfat type
[ 1495.833318][T23259] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1496.087034][T23259] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1496.194114][T18804] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1496.261618][T18804] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1496.568587][T18804] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1496.638773][T18804] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1496.921524][T23662] loop4: detected capacity change from 0 to 512
[ 1496.986012][T23662] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[ 1497.145809][T23662] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[ 1497.312589][T23662] EXT4-fs (loop4): 1 truncate cleaned up
[ 1497.330839][T23662] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1497.440808][T20498] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1497.629888][T20498] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1497.907901][T23672] EXT4-fs error (device loop4): ext4_generic_delete_entry:2666: inode #2: block 13: comm syz.4.4910: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[ 1498.029262][T23672] EXT4-fs (loop4): Remounting filesystem read-only
[ 1498.067523][T23672] EXT4-fs warning (device loop4): ext4_rename_delete:3729: inode #2: comm syz.4.4910: Deleting old file: nlink 5, error=-117
[ 1498.179490][T18807] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1498.238423][T18807] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1498.589999][T23680] loop8: detected capacity change from 0 to 32768
[ 1498.612698][T23680] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop8 (7:8) scanned by syz.8.4913 (23680)
[ 1498.618716][T23675] vivid-000: disconnect
[ 1498.687920][T23680] BTRFS info (device loop8): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[ 1498.699476][T23680] BTRFS info (device loop8): using crc32c checksum algorithm
[ 1498.708354][T23680] BTRFS warning (device loop8): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[ 1498.803997][T19892] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1498.988775][T23680] BTRFS info (device loop8): rebuilding free space tree
[ 1499.058148][T23680] BTRFS info (device loop8): disabling free space tree
[ 1499.065160][T23680] BTRFS info (device loop8): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[ 1499.078060][T23680] BTRFS info (device loop8): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[ 1499.119639][T23680] BTRFS info (device loop8): enabling ssd optimizations
[ 1499.128052][T23680] BTRFS info (device loop8): turning on async discard
[ 1499.134896][T23680] BTRFS info (device loop8): enabling disk space caching
[ 1499.144128][T23680] BTRFS info (device loop8): force clearing of disk cache
[ 1499.152773][T23680] BTRFS info (device loop8): use zstd compression, level 3
[ 1500.304277][   T30] audit: type=1804 audit(1772599916.273:134): pid=23707 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.8.4913" name="/newroot/174/file1/bus" dev="loop8" ino=263 res=1 errno=0
[ 1500.900655][T19254] BTRFS info (device loop8): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[ 1501.037807][T23673] vivid-000: reconnect
[ 1503.440658][T23745] loop1: detected capacity change from 0 to 256
[ 1508.841633][T23788] vivid-004: disconnect
[ 1509.245703][T23785] vivid-004: reconnect
[ 1515.256569][T23853] loop0: detected capacity change from 0 to 8
[ 1515.313799][T23853] SQUASHFS error: xz decompression failed, data probably corrupt
[ 1515.323166][T23853] SQUASHFS error: Failed to read block 0x108: -5
[ 1515.330877][T23853] SQUASHFS error: Unable to read metadata cache entry [106]
[ 1515.339563][T23853] SQUASHFS error: Unable to read inode 0x11f
[ 1518.855160][T23891] loop4: detected capacity change from 0 to 40427
[ 1518.895438][T23891] F2FS-fs (loop4): invalid crc value
[ 1518.979628][T23891] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[ 1519.005556][T23891] F2FS-fs (loop4): Start checkpoint disabled!
[ 1519.025877][T23891] F2FS-fs (loop4): f2fs_disable_checkpoint() finish, err:0
[ 1519.055330][T23891] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[ 1519.096027][   T30] audit: type=1800 audit(1772599935.575:135): pid=23891 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.4953" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0
[ 1519.251221][T23896] syz.4.4953: attempt to access beyond end of device
[ 1519.251221][T23896] loop4: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[ 1519.268164][T23896] syz.4.4953: attempt to access beyond end of device
[ 1519.268164][T23896] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1519.285136][T23896] syz.4.4953: attempt to access beyond end of device
[ 1519.285136][T23896] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1519.302662][T23896] syz.4.4953: attempt to access beyond end of device
[ 1519.302662][T23896] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1519.319529][T23896] syz.4.4953: attempt to access beyond end of device
[ 1519.319529][T23896] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1519.336547][T23896] syz.4.4953: attempt to access beyond end of device
[ 1519.336547][T23896] loop4: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[ 1519.352369][T23896] syz.4.4953: attempt to access beyond end of device
[ 1519.352369][T23896] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1519.369535][T23896] syz.4.4953: attempt to access beyond end of device
[ 1519.369535][T23896] loop4: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[ 1519.386525][T23896] syz.4.4953: attempt to access beyond end of device
[ 1519.386525][T23896] loop4: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[ 1519.403689][T23896] syz.4.4953: attempt to access beyond end of device
[ 1519.403689][T23896] loop4: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[ 1520.200903][   T30] audit: type=1800 audit(1772599935.685:136): pid=23896 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.4953" name="bus" dev="loop4" ino=10 res=0 errno=0
[ 1520.582003][T23875] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[ 1520.771369][T18807] CPU: 0 UID: 0 PID: 18807 Comm: kworker/u8:4 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1520.771400][T18807] Tainted: [L]=SOFTLOCKUP
[ 1520.771407][T18807] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1520.771420][T18807] Workqueue: writeback wb_workfn (flush-7:4)
[ 1520.771455][T18807] Call Trace:
[ 1520.771463][T18807]  <TASK>
[ 1520.771475][T18807]  dump_stack_lvl+0xe8/0x150
[ 1520.771517][T18807]  f2fs_handle_critical_error+0x37c/0x540
[ 1520.771566][T18807]  f2fs_write_end_io+0xcdb/0xff0
[ 1520.771620][T18807]  __submit_merged_bio+0x256/0x700
[ 1520.771650][T18807]  __submit_merged_write_cond+0x3c9/0x4e0
[ 1520.771682][T18807]  ? __pfx___submit_merged_write_cond+0x10/0x10
[ 1520.771718][T18807]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1520.771751][T18807]  f2fs_write_data_pages+0x2975/0x35e0
[ 1520.771775][T18807]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1520.771836][T18807]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 1520.771876][T18807]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[ 1520.771942][T18807]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[ 1520.771989][T18807]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1520.772011][T18807]  ? __lock_acquire+0x6b5/0x2cf0
[ 1520.772052][T18807]  ? __pfx_f2fs_inode_chksum_set+0x10/0x10
[ 1520.772084][T18807]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 1520.772111][T18807]  do_writepages+0x32e/0x550
[ 1520.772146][T18807]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1520.772169][T18807]  ? reacquire_held_locks+0x104/0x190
[ 1520.772197][T18807]  ? writeback_sb_inodes+0x477/0x1a20
[ 1520.772234][T18807]  __writeback_single_inode+0x133/0x11a0
[ 1520.772273][T18807]  ? do_raw_spin_unlock+0xf5/0x210
[ 1520.772307][T18807]  writeback_sb_inodes+0x992/0x1a20
[ 1520.772384][T18807]  ? __pfx_writeback_sb_inodes+0x10/0x10
[ 1520.772417][T18807]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1520.772500][T18807]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1520.772529][T18807]  ? rcu_is_watching+0x15/0xb0
[ 1520.772570][T18807]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1520.772614][T18807]  wb_writeback+0x456/0xb70
[ 1520.772653][T18807]  ? queue_io+0x241/0x4a0
[ 1520.772699][T18807]  ? __pfx_wb_writeback+0x10/0x10
[ 1520.772730][T18807]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1520.772782][T18807]  wb_workfn+0x414/0xf50
[ 1520.772815][T18807]  ? look_up_lock_class+0x57/0x110
[ 1520.772867][T18807]  ? __pfx_wb_workfn+0x10/0x10
[ 1520.772912][T18807]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1520.772936][T18807]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1520.772960][T18807]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1520.772980][T18807]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1520.773009][T18807]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1520.773035][T18807]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1520.773059][T18807]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1520.773084][T18807]  ? process_scheduled_works+0xa25/0x1830
[ 1520.773110][T18807]  ? process_scheduled_works+0xa25/0x1830
[ 1520.773137][T18807]  process_scheduled_works+0xb02/0x1830
[ 1520.773195][T18807]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1520.773228][T18807]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1520.773250][T18807]  ? assign_work+0x3d5/0x5e0
[ 1520.773282][T18807]  worker_thread+0xa50/0xfc0
[ 1520.773312][T18807]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1520.773351][T18807]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1520.773384][T18807]  kthread+0x388/0x470
[ 1520.773406][T18807]  ? __pfx_worker_thread+0x10/0x10
[ 1520.773431][T18807]  ? __pfx_kthread+0x10/0x10
[ 1520.773452][T18807]  ret_from_fork+0x51e/0xb90
[ 1520.773482][T18807]  ? __pfx_ret_from_fork+0x10/0x10
[ 1520.773505][T18807]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1520.773527][T18807]  ? __switch_to+0xc7d/0x1450
[ 1520.773559][T18807]  ? __pfx_kthread+0x10/0x10
[ 1520.773580][T18807]  ret_from_fork_asm+0x1a/0x30
[ 1520.773628][T18807]  </TASK>
[ 1521.259934][T18807] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[ 1522.536888][T23920] loop3: detected capacity change from 0 to 256
[ 1522.677675][T23920] exfat: Deprecated parameter 'utf8'
[ 1522.726444][T23921] loop0: detected capacity change from 0 to 64
[ 1522.741868][T23920] exfat: Deprecated parameter 'utf8'
[ 1522.760198][T23923] loop2: detected capacity change from 0 to 8
[ 1522.852320][T23920] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x72bddf51, utbl_chksum : 0xe619d30d)
[ 1522.900783][T23923] SQUASHFS error: xz decompression failed, data probably corrupt
[ 1522.993984][T23923] SQUASHFS error: Failed to read block 0x108: -5
[ 1523.862676][T23923] SQUASHFS error: Unable to read metadata cache entry [106]
[ 1523.869985][T23923] SQUASHFS error: Unable to read inode 0x11f
[ 1525.333844][T18807] Bluetooth: hci5: received HCILL_GO_TO_SLEEP_ACK in state 1
[ 1525.373977][T18807] Bluetooth: hci5: Frame reassembly failed (-84)
[ 1526.382199][T23952] loop0: detected capacity change from 0 to 40427
[ 1527.276136][T23952] F2FS-fs (loop0): invalid crc value
[ 1527.378562][ T5831] Bluetooth: hci5: Opcode 0x1003 failed: -110
[ 1527.397344][T23952] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[ 1527.413814][T23952] F2FS-fs (loop0): Start checkpoint disabled!
[ 1527.468193][T23952] F2FS-fs (loop0): f2fs_disable_checkpoint() finish, err:0
[ 1527.493303][T23952] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[ 1528.032323][   T30] audit: type=1800 audit(1772599944.030:137): pid=23952 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.4968" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[ 1528.191764][T18297] usb 5-1: new high-speed USB device number 97 using dummy_hcd
[ 1528.213222][   T30] audit: type=1800 audit(1772599944.080:138): pid=23961 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.4968" name="bus" dev="loop0" ino=10 res=0 errno=0
[ 1528.482163][T18297] usb 5-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[ 1528.493035][T18297] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1528.801070][T18297] usb 5-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[ 1528.830010][T18297] usb 5-1: config 1 has no interface number 1
[ 1528.840419][T20699] bio_check_eod: 182 callbacks suppressed
[ 1528.840434][T20699] kworker/u8:10: attempt to access beyond end of device
[ 1528.840434][T20699] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1528.873083][T18297] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 1528.917600][T18297] usb 5-1: config 1 interface 2 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1528.933117][T20699] CPU: 1 UID: 0 PID: 20699 Comm: kworker/u8:10 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1528.933145][T20699] Tainted: [L]=SOFTLOCKUP
[ 1528.933153][T20699] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1528.933167][T20699] Workqueue: writeback wb_workfn (flush-7:0)
[ 1528.933196][T20699] Call Trace:
[ 1528.933204][T20699]  <TASK>
[ 1528.933213][T20699]  dump_stack_lvl+0xe8/0x150
[ 1528.933242][T20699]  f2fs_handle_critical_error+0x37c/0x540
[ 1528.933269][T20699]  f2fs_write_end_io+0xcdb/0xff0
[ 1528.933312][T20699]  __submit_merged_bio+0x256/0x700
[ 1528.933339][T20699]  __submit_merged_write_cond+0x3c9/0x4e0
[ 1528.933368][T20699]  ? __pfx___submit_merged_write_cond+0x10/0x10
[ 1528.933404][T20699]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1528.933435][T20699]  f2fs_write_data_pages+0x2975/0x35e0
[ 1528.933460][T20699]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1528.933533][T20699]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 1528.933580][T20699]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[ 1528.933640][T20699]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[ 1528.933682][T20699]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1528.933704][T20699]  ? __lock_acquire+0x6b5/0x2cf0
[ 1528.933740][T20699]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1528.933765][T20699]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 1528.933791][T20699]  do_writepages+0x32e/0x550
[ 1528.933824][T20699]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1528.933846][T20699]  ? reacquire_held_locks+0x104/0x190
[ 1528.933874][T20699]  ? writeback_sb_inodes+0x477/0x1a20
[ 1528.933905][T20699]  __writeback_single_inode+0x133/0x11a0
[ 1528.933933][T20699]  ? do_raw_spin_unlock+0xf5/0x210
[ 1528.933957][T20699]  writeback_sb_inodes+0x992/0x1a20
[ 1528.934001][T20699]  ? __lock_acquire+0x6b5/0x2cf0
[ 1528.934031][T20699]  ? __pfx_writeback_sb_inodes+0x10/0x10
[ 1528.934054][T20699]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1528.934118][T20699]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1528.934152][T20699]  ? rcu_is_watching+0x15/0xb0
[ 1528.934179][T20699]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1528.934209][T20699]  wb_writeback+0x456/0xb70
[ 1528.934237][T20699]  ? queue_io+0x241/0x4a0
[ 1528.934269][T20699]  ? __pfx_wb_writeback+0x10/0x10
[ 1528.934293][T20699]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1528.934327][T20699]  wb_workfn+0x414/0xf50
[ 1528.934350][T20699]  ? look_up_lock_class+0x57/0x110
[ 1528.934382][T20699]  ? __pfx_wb_workfn+0x10/0x10
[ 1528.934405][T20699]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1528.934427][T20699]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1528.934450][T20699]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1528.934469][T20699]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1528.934497][T20699]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1528.934521][T20699]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1528.934549][T20699]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1528.934574][T20699]  ? process_scheduled_works+0xa25/0x1830
[ 1528.934599][T20699]  ? process_scheduled_works+0xa25/0x1830
[ 1528.934626][T20699]  process_scheduled_works+0xb02/0x1830
[ 1528.934675][T20699]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1528.934706][T20699]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1528.934728][T20699]  ? assign_work+0x3d5/0x5e0
[ 1528.934757][T20699]  worker_thread+0xa50/0xfc0
[ 1528.934793][T20699]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1528.934831][T20699]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1528.934861][T20699]  kthread+0x388/0x470
[ 1528.934881][T20699]  ? __pfx_worker_thread+0x10/0x10
[ 1528.934905][T20699]  ? __pfx_kthread+0x10/0x10
[ 1528.934925][T20699]  ret_from_fork+0x51e/0xb90
[ 1528.934953][T20699]  ? __pfx_ret_from_fork+0x10/0x10
[ 1528.934977][T20699]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1528.934998][T20699]  ? __switch_to+0xc7d/0x1450
[ 1528.935024][T20699]  ? __pfx_kthread+0x10/0x10
[ 1528.935044][T20699]  ret_from_fork_asm+0x1a/0x30
[ 1528.935088][T20699]  </TASK>
[ 1528.935416][T20699] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[ 1529.358120][T18297] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1529.369910][T18297] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1529.384153][T18297] usb 5-1: Product: syz
[ 1529.402931][T18297] usb 5-1: Manufacturer: syz
[ 1529.408842][T18297] usb 5-1: SerialNumber: syz
[ 1529.700223][T18297] usb 5-1: No MIDI 2.0 at altset 1, falling back to MIDI 1.0
[ 1529.779273][T18297] usb 5-1: MIDIStreaming interface descriptor not found
[ 1529.786838][T23975] loop1: detected capacity change from 0 to 128
[ 1529.950121][T23975] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1529.991404][T23975] ext4 filesystem being mounted at /159/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1530.094110][T18297] usb 5-1: USB disconnect, device number 97
[ 1530.343880][T23982] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1536.190692][T24050] loop3: detected capacity change from 0 to 512
[ 1536.456380][ T5831] Bluetooth: hci3: command 0x0406 tx timeout
[ 1536.838470][T24050] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.4993: invalid indirect mapped block 256 (level 2)
[ 1536.856046][T24050] loop3: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117
[ 1536.863068][    C0] EXT4-fs (loop3): error count since last fsck: 1
[ 1536.878704][    C0] EXT4-fs (loop3): initial error at time 1772599953: ext4_free_branches:1023: inode 11
[ 1536.888444][    C0] EXT4-fs (loop3): last error at time 1772599953: ext4_free_branches:1023: inode 11
[ 1536.905003][T24050] EXT4-fs (loop3): 2 truncates cleaned up
[ 1536.912700][T24050] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1537.453224][T19374] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1540.085633][T24098] loop3: detected capacity change from 0 to 40427
[ 1540.216494][T24098] F2FS-fs (loop3): invalid crc value
[ 1540.290325][T24098] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[ 1540.304428][T24098] F2FS-fs (loop3): Start checkpoint disabled!
[ 1540.338629][T24098] F2FS-fs (loop3): f2fs_disable_checkpoint() finish, err:0
[ 1540.383811][T24098] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[ 1540.426681][   T30] audit: type=1800 audit(1772599956.927:139): pid=24098 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.5004" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0
[ 1540.904824][T24102] syz.3.5004: attempt to access beyond end of device
[ 1540.904824][T24102] loop3: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[ 1540.923744][T24102] syz.3.5004: attempt to access beyond end of device
[ 1540.923744][T24102] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1540.949955][T24102] syz.3.5004: attempt to access beyond end of device
[ 1540.949955][T24102] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1540.969100][T24102] syz.3.5004: attempt to access beyond end of device
[ 1540.969100][T24102] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1540.988939][T24102] syz.3.5004: attempt to access beyond end of device
[ 1540.988939][T24102] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1541.008351][T24102] syz.3.5004: attempt to access beyond end of device
[ 1541.008351][T24102] loop3: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[ 1541.025522][T24102] syz.3.5004: attempt to access beyond end of device
[ 1541.025522][T24102] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1541.044585][T24102] syz.3.5004: attempt to access beyond end of device
[ 1541.044585][T24102] loop3: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[ 1541.064442][T24102] syz.3.5004: attempt to access beyond end of device
[ 1541.064442][T24102] loop3: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[ 1541.083915][T24102] syz.3.5004: attempt to access beyond end of device
[ 1541.083915][T24102] loop3: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[ 1541.675059][   T30] audit: type=1800 audit(1772599957.017:140): pid=24102 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.5004" name="bus" dev="loop3" ino=10 res=0 errno=0
[ 1542.546250][T14143] CPU: 1 UID: 0 PID: 14143 Comm: kworker/u8:1 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1542.546280][T14143] Tainted: [L]=SOFTLOCKUP
[ 1542.546288][T14143] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1542.546309][T14143] Workqueue: writeback wb_workfn (flush-7:3)
[ 1542.546339][T14143] Call Trace:
[ 1542.546347][T14143]  <TASK>
[ 1542.546355][T14143]  dump_stack_lvl+0xe8/0x150
[ 1542.546385][T14143]  f2fs_handle_critical_error+0x37c/0x540
[ 1542.546412][T14143]  f2fs_write_end_io+0xcdb/0xff0
[ 1542.546453][T14143]  __submit_merged_bio+0x256/0x700
[ 1542.546480][T14143]  __submit_merged_write_cond+0x3c9/0x4e0
[ 1542.546508][T14143]  ? __pfx___submit_merged_write_cond+0x10/0x10
[ 1542.546541][T14143]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1542.546573][T14143]  f2fs_write_data_pages+0x2975/0x35e0
[ 1542.546629][T14143]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 1542.546665][T14143]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[ 1542.546725][T14143]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[ 1542.546766][T14143]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1542.546788][T14143]  ? __lock_acquire+0x6b5/0x2cf0
[ 1542.546825][T14143]  ? __pfx_f2fs_inode_chksum_set+0x10/0x10
[ 1542.546857][T14143]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 1542.546882][T14143]  do_writepages+0x32e/0x550
[ 1542.546916][T14143]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1542.546938][T14143]  ? reacquire_held_locks+0x104/0x190
[ 1542.546965][T14143]  ? writeback_sb_inodes+0x477/0x1a20
[ 1542.547006][T14143]  __writeback_single_inode+0x133/0x11a0
[ 1542.547047][T14143]  ? do_raw_spin_unlock+0xf5/0x210
[ 1542.547079][T14143]  writeback_sb_inodes+0x992/0x1a20
[ 1542.547122][T14143]  ? __lock_acquire+0x6b5/0x2cf0
[ 1542.547152][T14143]  ? __pfx_writeback_sb_inodes+0x10/0x10
[ 1542.547176][T14143]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1542.547229][T14143]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1542.547251][T14143]  ? rcu_is_watching+0x15/0xb0
[ 1542.547278][T14143]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1542.547313][T14143]  wb_writeback+0x456/0xb70
[ 1542.547341][T14143]  ? queue_io+0x241/0x4a0
[ 1542.547373][T14143]  ? __pfx_wb_writeback+0x10/0x10
[ 1542.547396][T14143]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1542.547430][T14143]  wb_workfn+0x414/0xf50
[ 1542.547452][T14143]  ? look_up_lock_class+0x57/0x110
[ 1542.547483][T14143]  ? __pfx_wb_workfn+0x10/0x10
[ 1542.547506][T14143]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1542.547528][T14143]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1542.547551][T14143]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1542.547572][T14143]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1542.547601][T14143]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1542.547625][T14143]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1542.547649][T14143]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1542.547674][T14143]  ? process_scheduled_works+0xa25/0x1830
[ 1542.547699][T14143]  ? process_scheduled_works+0xa25/0x1830
[ 1542.547725][T14143]  process_scheduled_works+0xb02/0x1830
[ 1542.547775][T14143]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1542.547805][T14143]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1542.547827][T14143]  ? assign_work+0x3d5/0x5e0
[ 1542.547857][T14143]  worker_thread+0xa50/0xfc0
[ 1542.547884][T14143]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1542.547919][T14143]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1542.547950][T14143]  kthread+0x388/0x470
[ 1542.547969][T14143]  ? __pfx_worker_thread+0x10/0x10
[ 1542.547993][T14143]  ? __pfx_kthread+0x10/0x10
[ 1542.548013][T14143]  ret_from_fork+0x51e/0xb90
[ 1542.548040][T14143]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1542.548063][T14143]  ? __pfx_ret_from_fork+0x10/0x10
[ 1542.548086][T14143]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1542.548116][T14143]  ? __switch_to+0xc7d/0x1450
[ 1542.548151][T14143]  ? __pfx_kthread+0x10/0x10
[ 1542.548178][T14143]  ret_from_fork_asm+0x1a/0x30
[ 1542.548221][T14143]  </TASK>
[ 1542.548410][T14143] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[ 1542.651199][T17986] usb 9-1: new full-speed USB device number 23 using dummy_hcd
[ 1542.803460][T17986] usb 9-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1543.153554][T17986] usb 9-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[ 1543.169009][T17986] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1543.293528][T17986] usb 9-1: Product: syz
[ 1543.298742][T17986] usb 9-1: Manufacturer: syz
[ 1543.501258][T17986] usb 9-1: SerialNumber: syz
[ 1543.527740][T17986] usb 9-1: config 0 descriptor??
[ 1544.456741][ T1292] ieee802154 phy0 wpan0: encryption failed: -22
[ 1544.464171][ T1292] ieee802154 phy1 wpan1: encryption failed: -22
[ 1545.609561][T18297] usb 9-1: USB disconnect, device number 23
[ 1549.754742][T24185] loop2: detected capacity change from 0 to 8
[ 1550.164597][T24185] SQUASHFS error: xz decompression failed, data probably corrupt
[ 1550.173850][T24185] SQUASHFS error: Failed to read block 0x108: -5
[ 1550.181644][T24185] SQUASHFS error: Unable to read metadata cache entry [106]
[ 1550.190976][T24185] SQUASHFS error: Unable to read inode 0x11f
[ 1551.757124][ T5904] usb 5-1: new full-speed USB device number 98 using dummy_hcd
[ 1551.987406][ T5904] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1552.031183][ T5904] usb 5-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[ 1552.073195][ T5904] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1552.130638][ T5904] usb 5-1: Product: syz
[ 1552.161299][ T5904] usb 5-1: Manufacturer: syz
[ 1552.641568][ T5904] usb 5-1: SerialNumber: syz
[ 1552.960657][ T5904] usb 5-1: config 0 descriptor??
[ 1555.575531][T17971] usb 5-1: USB disconnect, device number 98
[ 1556.164166][T24246] syzkaller0: entered promiscuous mode
[ 1556.383698][ T5928] usb 4-1: new high-speed USB device number 100 using dummy_hcd
[ 1557.144016][T24246] syzkaller0: entered allmulticast mode
[ 1557.223075][ T5928] usb 4-1: device descriptor read/64, error -71
[ 1557.572885][ T5928] usb 4-1: new high-speed USB device number 101 using dummy_hcd
[ 1557.736448][T24265] loop8: detected capacity change from 0 to 8
[ 1557.744805][ T5928] usb 4-1: device descriptor read/64, error -71
[ 1557.771336][T24265] SQUASHFS error: xz decompression failed, data probably corrupt
[ 1557.781625][T24265] SQUASHFS error: Failed to read block 0x108: -5
[ 1557.787954][T24265] SQUASHFS error: Unable to read metadata cache entry [106]
[ 1557.796282][T24265] SQUASHFS error: Unable to read inode 0x11f
[ 1557.853381][ T5928] usb usb4-port1: attempt power cycle
[ 1558.414701][ T5928] usb 4-1: new high-speed USB device number 102 using dummy_hcd
[ 1558.517954][ T5928] usb 4-1: device descriptor read/8, error -71
[ 1558.923062][ T5928] usb 4-1: new high-speed USB device number 103 using dummy_hcd
[ 1559.020672][ T5928] usb 4-1: device descriptor read/8, error -71
[ 1559.164143][ T5928] usb usb4-port1: unable to enumerate USB device
[ 1559.227441][T24289] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5048'.
[ 1561.284654][T24306] overlayfs: failed to resolve './file1/file0': -2
[ 1563.802890][T24333] syzkaller0: entered promiscuous mode
[ 1563.808638][T24333] syzkaller0: entered allmulticast mode
[ 1564.499654][ T5904] usb 9-1: new high-speed USB device number 24 using dummy_hcd
[ 1564.750706][ T5904] usb 9-1: device descriptor read/64, error -71
[ 1565.019429][ T5904] usb 9-1: new high-speed USB device number 25 using dummy_hcd
[ 1565.198809][ T5904] usb 9-1: device descriptor read/64, error -71
[ 1565.309566][ T5904] usb usb9-port1: attempt power cycle
[ 1565.701449][ T5904] usb 9-1: new high-speed USB device number 26 using dummy_hcd
[ 1565.770086][ T5904] usb 9-1: device descriptor read/8, error -71
[ 1566.078912][ T5904] usb 9-1: new high-speed USB device number 27 using dummy_hcd
[ 1566.501847][T24366] loop2: detected capacity change from 0 to 40427
[ 1566.554009][ T5904] usb 9-1: device descriptor read/8, error -71
[ 1566.610974][T24366] F2FS-fs (loop2): invalid crc value
[ 1566.678224][T24366] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[ 1566.707041][T24366] F2FS-fs (loop2): Start checkpoint disabled!
[ 1566.719693][ T5904] usb usb9-port1: unable to enumerate USB device
[ 1566.726791][T24366] F2FS-fs (loop2): f2fs_disable_checkpoint() finish, err:0
[ 1566.734531][T24366] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[ 1566.791565][T24368] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5065'.
[ 1566.883515][   T30] audit: type=1800 audit(1772599983.392:141): pid=24366 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.5064" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[ 1566.937951][T24366] bio_check_eod: 182 callbacks suppressed
[ 1566.937972][T24366] syz.2.5064: attempt to access beyond end of device
[ 1566.937972][T24366] loop2: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[ 1566.958866][T24366] syz.2.5064: attempt to access beyond end of device
[ 1566.958866][T24366] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1566.974001][T24366] syz.2.5064: attempt to access beyond end of device
[ 1566.974001][T24366] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1566.989413][T24366] syz.2.5064: attempt to access beyond end of device
[ 1566.989413][T24366] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1567.005792][T24366] syz.2.5064: attempt to access beyond end of device
[ 1567.005792][T24366] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1567.021436][T24366] syz.2.5064: attempt to access beyond end of device
[ 1567.021436][T24366] loop2: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[ 1567.037565][T24366] syz.2.5064: attempt to access beyond end of device
[ 1567.037565][T24366] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1567.052789][T24366] syz.2.5064: attempt to access beyond end of device
[ 1567.052789][T24366] loop2: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[ 1567.068148][T24366] syz.2.5064: attempt to access beyond end of device
[ 1567.068148][T24366] loop2: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[ 1567.083178][T24366] syz.2.5064: attempt to access beyond end of device
[ 1567.083178][T24366] loop2: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[ 1567.154509][   T30] audit: type=1800 audit(1772599983.442:142): pid=24366 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.5064" name="bus" dev="loop2" ino=10 res=0 errno=0
[ 1567.924681][T18804] CPU: 0 UID: 0 PID: 18804 Comm: kworker/u8:3 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1567.924723][T18804] Tainted: [L]=SOFTLOCKUP
[ 1567.924733][T18804] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1567.924750][T18804] Workqueue: writeback wb_workfn (flush-7:2)
[ 1567.924789][T18804] Call Trace:
[ 1567.924798][T18804]  <TASK>
[ 1567.924810][T18804]  dump_stack_lvl+0xe8/0x150
[ 1567.924849][T18804]  f2fs_handle_critical_error+0x37c/0x540
[ 1567.924886][T18804]  f2fs_write_end_io+0xcdb/0xff0
[ 1567.924942][T18804]  __submit_merged_bio+0x256/0x700
[ 1567.924979][T18804]  __submit_merged_write_cond+0x3c9/0x4e0
[ 1567.925018][T18804]  ? __pfx___submit_merged_write_cond+0x10/0x10
[ 1567.925061][T18804]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1567.925103][T18804]  f2fs_write_data_pages+0x2975/0x35e0
[ 1567.925135][T18804]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1567.925206][T18804]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 1567.925237][T18804]  ? cfg80211_inform_single_bss_data+0x13c6/0x1b70
[ 1567.925320][T18804]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1567.925350][T18804]  ? __lock_acquire+0x6b5/0x2cf0
[ 1567.925403][T18804]  ? unwind_next_frame+0xa5/0x23c0
[ 1567.925469][T18804]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1567.925499][T18804]  ? unwind_next_frame+0x1aaf/0x23c0
[ 1567.925540][T18804]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 1567.925581][T18804]  do_writepages+0x32e/0x550
[ 1567.925626][T18804]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1567.925656][T18804]  ? reacquire_held_locks+0x104/0x190
[ 1567.925693][T18804]  ? writeback_sb_inodes+0x477/0x1a20
[ 1567.925734][T18804]  __writeback_single_inode+0x133/0x11a0
[ 1567.925770][T18804]  ? do_raw_spin_unlock+0xf5/0x210
[ 1567.925802][T18804]  writeback_sb_inodes+0x992/0x1a20
[ 1567.925869][T18804]  ? __pfx_writeback_sb_inodes+0x10/0x10
[ 1567.925902][T18804]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1567.925979][T18804]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1567.926008][T18804]  ? rcu_is_watching+0x15/0xb0
[ 1567.926047][T18804]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1567.926087][T18804]  wb_writeback+0x456/0xb70
[ 1567.926123][T18804]  ? queue_io+0x241/0x4a0
[ 1567.926164][T18804]  ? __pfx_wb_writeback+0x10/0x10
[ 1567.926196][T18804]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1567.926239][T18804]  wb_workfn+0x414/0xf50
[ 1567.926269][T18804]  ? look_up_lock_class+0x57/0x110
[ 1567.926310][T18804]  ? __pfx_wb_workfn+0x10/0x10
[ 1567.926343][T18804]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1567.926367][T18804]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1567.926389][T18804]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1567.926408][T18804]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1567.926436][T18804]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1567.926461][T18804]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1567.926484][T18804]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1567.926509][T18804]  ? process_scheduled_works+0xa25/0x1830
[ 1567.926534][T18804]  ? process_scheduled_works+0xa25/0x1830
[ 1567.926561][T18804]  process_scheduled_works+0xb02/0x1830
[ 1567.926615][T18804]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1567.926646][T18804]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1567.926668][T18804]  ? assign_work+0x3d5/0x5e0
[ 1567.926697][T18804]  worker_thread+0xa50/0xfc0
[ 1567.926738][T18804]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1567.926768][T18804]  kthread+0x388/0x470
[ 1567.926788][T18804]  ? __pfx_worker_thread+0x10/0x10
[ 1567.926812][T18804]  ? __pfx_kthread+0x10/0x10
[ 1567.926832][T18804]  ret_from_fork+0x51e/0xb90
[ 1567.926860][T18804]  ? __pfx_ret_from_fork+0x10/0x10
[ 1567.926883][T18804]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1567.926905][T18804]  ? __switch_to+0xc7d/0x1450
[ 1567.926931][T18804]  ? __pfx_kthread+0x10/0x10
[ 1567.926950][T18804]  ret_from_fork_asm+0x1a/0x30
[ 1567.926994][T18804]  </TASK>
[ 1568.421998][T18804] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[ 1568.637346][ T5928] IPVS: starting estimator thread 0...
[ 1568.777436][T24389] IPVS: using max 24 ests per chain, 57600 per kthread
[ 1574.455342][T24435] fuse: Bad value for 'fd'
[ 1574.899000][T24440] loop4: detected capacity change from 0 to 32768
[ 1574.927440][T24440] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.5082 (24440)
[ 1575.018246][T24440] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1575.029370][T24440] BTRFS info (device loop4): using crc32c checksum algorithm
[ 1575.408770][T24450] loop3: detected capacity change from 0 to 40427
[ 1575.446785][T24450] F2FS-fs (loop3): invalid crc value
[ 1575.519000][T24440] BTRFS info (device loop4): setting nodatasum
[ 1575.526567][T24440] BTRFS info (device loop4): setting nodatacow
[ 1575.534861][T24440] BTRFS info (device loop4): turning on async discard
[ 1575.541801][T24440] BTRFS info (device loop4): enabling free space tree
[ 1575.550624][T24440] BTRFS info (device loop4): enabling auto defrag
[ 1575.559054][T24440] BTRFS info (device loop4): max_inline set to 0
[ 1575.576875][T24450] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[ 1575.593480][T24450] F2FS-fs (loop3): Start checkpoint disabled!
[ 1575.603097][T24450] F2FS-fs (loop3): f2fs_disable_checkpoint() finish, err:0
[ 1575.640858][T24450] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[ 1575.725032][T24450] bio_check_eod: 182 callbacks suppressed
[ 1575.725049][T24450] syz.3.5083: attempt to access beyond end of device
[ 1575.725049][T24450] loop3: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[ 1575.745799][T24450] syz.3.5083: attempt to access beyond end of device
[ 1575.745799][T24450] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1575.760369][T24450] syz.3.5083: attempt to access beyond end of device
[ 1575.760369][T24450] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1575.775677][T24450] syz.3.5083: attempt to access beyond end of device
[ 1575.775677][T24450] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1575.790593][T24450] syz.3.5083: attempt to access beyond end of device
[ 1575.790593][T24450] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1575.807501][T24450] syz.3.5083: attempt to access beyond end of device
[ 1575.807501][T24450] loop3: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[ 1575.822771][T24450] syz.3.5083: attempt to access beyond end of device
[ 1575.822771][T24450] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1575.839783][T24450] syz.3.5083: attempt to access beyond end of device
[ 1575.839783][T24450] loop3: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[ 1575.854975][T24450] syz.3.5083: attempt to access beyond end of device
[ 1575.854975][T24450] loop3: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[ 1575.870162][T24450] syz.3.5083: attempt to access beyond end of device
[ 1575.870162][T24450] loop3: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[ 1576.003607][   T30] audit: type=1800 audit(1772599992.236:143): pid=24450 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.5083" name="SYSV00000000" dev="hugetlbfs" ino=2 res=0 errno=0
[ 1576.073305][   T30] audit: type=1800 audit(1772599992.236:144): pid=24450 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.5083" name="bus" dev="loop3" ino=10 res=0 errno=0
[ 1576.108077][T24440] BTRFS info (device loop4 state M): max_inline set to 0
[ 1576.313463][T19892] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1576.535364][T20698] CPU: 1 UID: 0 PID: 20698 Comm: kworker/u8:9 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1576.535394][T20698] Tainted: [L]=SOFTLOCKUP
[ 1576.535402][T20698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1576.535414][T20698] Workqueue: writeback wb_workfn (flush-7:3)
[ 1576.535443][T20698] Call Trace:
[ 1576.535451][T20698]  <TASK>
[ 1576.535459][T20698]  dump_stack_lvl+0xe8/0x150
[ 1576.535488][T20698]  f2fs_handle_critical_error+0x37c/0x540
[ 1576.535516][T20698]  f2fs_write_end_io+0xcdb/0xff0
[ 1576.535557][T20698]  __submit_merged_bio+0x256/0x700
[ 1576.535591][T20698]  __submit_merged_write_cond+0x3c9/0x4e0
[ 1576.535620][T20698]  ? __pfx___submit_merged_write_cond+0x10/0x10
[ 1576.535653][T20698]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1576.535683][T20698]  f2fs_write_data_pages+0x2975/0x35e0
[ 1576.535708][T20698]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1576.535760][T20698]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 1576.535796][T20698]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[ 1576.535853][T20698]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[ 1576.535894][T20698]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1576.535916][T20698]  ? __lock_acquire+0x6b5/0x2cf0
[ 1576.535953][T20698]  ? __pfx_f2fs_inode_chksum_set+0x10/0x10
[ 1576.535984][T20698]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 1576.536010][T20698]  do_writepages+0x32e/0x550
[ 1576.536042][T20698]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1576.536064][T20698]  ? reacquire_held_locks+0x104/0x190
[ 1576.536092][T20698]  ? writeback_sb_inodes+0x477/0x1a20
[ 1576.536123][T20698]  __writeback_single_inode+0x133/0x11a0
[ 1576.536150][T20698]  ? do_raw_spin_unlock+0xf5/0x210
[ 1576.536174][T20698]  writeback_sb_inodes+0x992/0x1a20
[ 1576.536217][T20698]  ? __lock_acquire+0x6b5/0x2cf0
[ 1576.536247][T20698]  ? __pfx_writeback_sb_inodes+0x10/0x10
[ 1576.536270][T20698]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1576.536324][T20698]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1576.536345][T20698]  ? rcu_is_watching+0x15/0xb0
[ 1576.536373][T20698]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1576.536402][T20698]  wb_writeback+0x456/0xb70
[ 1576.536430][T20698]  ? queue_io+0x241/0x4a0
[ 1576.536462][T20698]  ? __pfx_wb_writeback+0x10/0x10
[ 1576.536485][T20698]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1576.536519][T20698]  wb_workfn+0x414/0xf50
[ 1576.536541][T20698]  ? look_up_lock_class+0x57/0x110
[ 1576.536577][T20698]  ? __pfx_wb_workfn+0x10/0x10
[ 1576.536600][T20698]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1576.536622][T20698]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1576.536644][T20698]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1576.536664][T20698]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1576.536692][T20698]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1576.536716][T20698]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1576.536740][T20698]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1576.536765][T20698]  ? process_scheduled_works+0xa25/0x1830
[ 1576.536790][T20698]  ? process_scheduled_works+0xa25/0x1830
[ 1576.536817][T20698]  process_scheduled_works+0xb02/0x1830
[ 1576.536867][T20698]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1576.536898][T20698]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1576.536920][T20698]  ? assign_work+0x3d5/0x5e0
[ 1576.536950][T20698]  worker_thread+0xa50/0xfc0
[ 1576.536977][T20698]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1576.537012][T20698]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1576.537043][T20698]  kthread+0x388/0x470
[ 1576.537062][T20698]  ? __pfx_worker_thread+0x10/0x10
[ 1576.537086][T20698]  ? __pfx_kthread+0x10/0x10
[ 1576.537106][T20698]  ret_from_fork+0x51e/0xb90
[ 1576.537135][T20698]  ? __pfx_ret_from_fork+0x10/0x10
[ 1576.537158][T20698]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1576.537180][T20698]  ? __switch_to+0xc7d/0x1450
[ 1576.537206][T20698]  ? __pfx_kthread+0x10/0x10
[ 1576.537226][T20698]  ret_from_fork_asm+0x1a/0x30
[ 1576.537270][T20698]  </TASK>
[ 1576.537278][T20698] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[ 1580.983388][T24513] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5084'.
[ 1582.353030][ T5831] Bluetooth: hci4: command 0x0406 tx timeout
[ 1586.447595][ T5904] usb 1-1: new high-speed USB device number 72 using dummy_hcd
[ 1586.644543][ T5904] usb 1-1: Using ep0 maxpacket: 8
[ 1586.723537][ T5904] usb 1-1: config 168 descriptor has 1 excess byte, ignoring
[ 1586.790328][T24567] loop2: detected capacity change from 0 to 4096
[ 1586.812974][ T5904] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[ 1587.087641][ T5904] usb 1-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1587.219901][ T5904] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1587.439012][ T5904] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 1587.521087][T20698] ntfs3(loop2): ino=5, mi_enum_attr
[ 1587.578017][ T5904] usb 1-1: config 168 descriptor has 1 excess byte, ignoring
[ 1587.617819][ T5904] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[ 1587.687387][ T5904] usb 1-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1587.760261][ T5904] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1587.840664][ T5904] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 1587.942482][ T5904] usb 1-1: config 168 descriptor has 1 excess byte, ignoring
[ 1587.982536][ T5904] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[ 1588.068026][ T5904] usb 1-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1588.147125][ T5904] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1588.242042][ T5904] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 1588.569836][T24593] loop3: detected capacity change from 0 to 32768
[ 1588.588132][T24593] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.5113 (24593)
[ 1588.642756][T24593] BTRFS info (device loop3): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[ 1588.654309][T24593] BTRFS info (device loop3): using crc32c checksum algorithm
[ 1588.663046][T24593] BTRFS warning (device loop3): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[ 1589.407123][T17971] usb 3-1: new high-speed USB device number 84 using dummy_hcd
[ 1589.430995][ T5904] usb 1-1: string descriptor 0 read error: -71
[ 1589.439666][ T5904] usb 1-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[ 1589.452033][ T5904] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1589.482437][ T5904] usb 1-1: can't set config #168, error -71
[ 1589.557667][ T5904] usb 1-1: USB disconnect, device number 72
[ 1589.576347][T17971] usb 3-1: device descriptor read/64, error -71
[ 1589.624459][T24593] BTRFS info (device loop3): rebuilding free space tree
[ 1589.651917][T24593] BTRFS info (device loop3): disabling free space tree
[ 1589.662217][T24593] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[ 1589.673098][T24593] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[ 1589.688079][T24593] BTRFS info (device loop3): enabling ssd optimizations
[ 1589.696409][T24593] BTRFS info (device loop3): turning on async discard
[ 1589.703169][T24593] BTRFS info (device loop3): enabling disk space caching
[ 1589.712337][T24593] BTRFS info (device loop3): force clearing of disk cache
[ 1589.720459][T24593] BTRFS info (device loop3): use zstd compression, level 3
[ 1589.825641][T17971] usb 3-1: new high-speed USB device number 85 using dummy_hcd
[ 1590.851393][T17971] usb 3-1: device descriptor read/64, error -71
[ 1591.035936][T17971] usb usb3-port1: attempt power cycle
[ 1591.076156][T19374] BTRFS info (device loop3): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[ 1592.201386][T24636] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5118'.
[ 1597.337161][T24686] loop0: detected capacity change from 0 to 256
[ 1598.107645][T24688] loop4: detected capacity change from 0 to 32768
[ 1598.143366][T24688] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.5129 (24688)
[ 1598.181421][T24688] BTRFS info (device loop4): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[ 1598.191566][T24688] BTRFS info (device loop4): using crc32c checksum algorithm
[ 1598.198952][T24688] BTRFS warning (device loop4): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[ 1598.451433][T24690] loop2: detected capacity change from 0 to 2048
[ 1598.541708][T24688] BTRFS info (device loop4): rebuilding free space tree
[ 1598.565206][T24688] BTRFS info (device loop4): disabling free space tree
[ 1598.573666][T24688] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[ 1598.584695][T24688] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[ 1598.655570][T24688] BTRFS info (device loop4): enabling ssd optimizations
[ 1598.663874][T24688] BTRFS info (device loop4): turning on async discard
[ 1598.671940][T24688] BTRFS info (device loop4): enabling disk space caching
[ 1598.678949][T24688] BTRFS info (device loop4): force clearing of disk cache
[ 1598.687224][T24688] BTRFS info (device loop4): use zstd compression, level 3
[ 1598.705269][T24690] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[ 1599.111208][T24690] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1600.072265][T19892] BTRFS info (device loop4): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[ 1600.407519][T24690] overlayfs: upper fs needs to support d_type.
[ 1600.681526][T24690] overlayfs: upper fs does not support RENAME_WHITEOUT.
[ 1600.785357][T24690] overlayfs: failed to set xattr on upper
[ 1600.920860][T24690] overlayfs: ...falling back to redirect_dir=nofollow.
[ 1600.976654][T24690] overlayfs: ...falling back to index=off.
[ 1601.249842][T24690] overlayfs: ...falling back to uuid=null.
[ 1601.740476][T22874] UDF-fs: error (device loop2): udf_read_inode: (ino 1313) failed !bh
[ 1601.850174][T22874] UDF-fs: error (device loop2): udf_read_inode: (ino 1313) failed !bh
[ 1605.094792][T24785] netlink: 12 bytes leftover after parsing attributes in process `syz.8.5145'.
[ 1605.572889][T14143] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1605.739678][T24788] bridge1: port 1(bond0) entered blocking state
[ 1605.757873][T24788] bridge1: port 1(bond0) entered disabled state
[ 1605.764370][T24788] bond0: entered allmulticast mode
[ 1605.770147][T24788] bond_slave_0: entered allmulticast mode
[ 1605.776011][T24788] bond_slave_1: entered allmulticast mode
[ 1605.784592][T24788] bond0: entered promiscuous mode
[ 1605.801016][T24788] bond_slave_0: entered promiscuous mode
[ 1605.868446][ T1292] ieee802154 phy0 wpan0: encryption failed: -22
[ 1605.874823][ T1292] ieee802154 phy1 wpan1: encryption failed: -22
[ 1605.911928][T24788] bond_slave_1: entered promiscuous mode
[ 1605.937520][T24788] bridge1: port 1(bond0) entered blocking state
[ 1605.943907][T24788] bridge1: port 1(bond0) entered forwarding state
[ 1606.268624][T14143] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1606.504128][T14143] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1606.824959][T14143] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1607.327006][T24815] ceph: No mds server is up or the cluster is laggy
[ 1607.336051][T18297] libceph: connect (1)[c::]:6789 error -101
[ 1607.353554][T18297] libceph: mon0 (1)[c::]:6789 connect error
[ 1607.627801][T18297] libceph: connect (1)[c::]:6789 error -101
[ 1607.666492][T18297] libceph: mon0 (1)[c::]:6789 connect error
[ 1607.669646][ T5831] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1607.691101][ T5831] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1607.701564][ T5831] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1607.713114][ T5831] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1607.743903][ T5831] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1608.053149][T14143] bridge_slave_1: left allmulticast mode
[ 1608.092733][T14143] bridge_slave_1: left promiscuous mode
[ 1608.147409][T14143] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1608.281172][T14143] bridge_slave_0: left allmulticast mode
[ 1608.329369][T14143] bridge_slave_0: left promiscuous mode
[ 1608.389402][T14143] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1609.775905][ T5831] Bluetooth: hci3: command tx timeout
[ 1611.206937][T14143] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1611.296203][T14143] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1611.391807][T14143] bond0 (unregistering): Released all slaves
[ 1611.686199][T24848] loop3: detected capacity change from 0 to 40427
[ 1611.735457][T24848] F2FS-fs (loop3): invalid crc value
[ 1611.826161][T24848] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[ 1611.840935][T24848] F2FS-fs (loop3): Start checkpoint disabled!
[ 1611.854629][ T5831] Bluetooth: hci3: command tx timeout
[ 1611.860414][T24848] F2FS-fs (loop3): f2fs_disable_checkpoint() finish, err:0
[ 1611.869013][T24848] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[ 1611.903379][T24848] bio_check_eod: 182 callbacks suppressed
[ 1611.903404][T24848] syz.3.5159: attempt to access beyond end of device
[ 1611.903404][T24848] loop3: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[ 1611.925308][T24848] syz.3.5159: attempt to access beyond end of device
[ 1611.925308][T24848] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1611.940411][T24848] syz.3.5159: attempt to access beyond end of device
[ 1611.940411][T24848] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1611.956323][T24848] syz.3.5159: attempt to access beyond end of device
[ 1611.956323][T24848] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1611.971762][T24848] syz.3.5159: attempt to access beyond end of device
[ 1611.971762][T24848] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1611.987311][T24848] syz.3.5159: attempt to access beyond end of device
[ 1611.987311][T24848] loop3: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[ 1612.001760][T24848] syz.3.5159: attempt to access beyond end of device
[ 1612.001760][T24848] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1612.017183][T24848] syz.3.5159: attempt to access beyond end of device
[ 1612.017183][T24848] loop3: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[ 1612.032979][T24848] syz.3.5159: attempt to access beyond end of device
[ 1612.032979][T24848] loop3: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[ 1612.047716][T24848] syz.3.5159: attempt to access beyond end of device
[ 1612.047716][T24848] loop3: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[ 1612.123926][   T30] audit: type=1800 audit(1772600028.425:145): pid=24848 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.5159" name="bus" dev="loop3" ino=10 res=0 errno=0
[ 1612.649409][T18804] CPU: 1 UID: 0 PID: 18804 Comm: kworker/u8:3 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1612.649440][T18804] Tainted: [L]=SOFTLOCKUP
[ 1612.649447][T18804] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1612.649459][T18804] Workqueue: writeback wb_workfn (flush-7:3)
[ 1612.649489][T18804] Call Trace:
[ 1612.649497][T18804]  <TASK>
[ 1612.649506][T18804]  dump_stack_lvl+0xe8/0x150
[ 1612.649535][T18804]  f2fs_handle_critical_error+0x37c/0x540
[ 1612.649562][T18804]  f2fs_write_end_io+0xcdb/0xff0
[ 1612.649603][T18804]  __submit_merged_bio+0x256/0x700
[ 1612.649640][T18804]  __submit_merged_write_cond+0x3c9/0x4e0
[ 1612.649668][T18804]  ? __pfx___submit_merged_write_cond+0x10/0x10
[ 1612.649701][T18804]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1612.649731][T18804]  f2fs_write_data_pages+0x2975/0x35e0
[ 1612.649755][T18804]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1612.649808][T18804]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 1612.649844][T18804]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[ 1612.649900][T18804]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[ 1612.649942][T18804]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1612.649965][T18804]  ? __lock_acquire+0x6b5/0x2cf0
[ 1612.650001][T18804]  ? __pfx_f2fs_inode_chksum_set+0x10/0x10
[ 1612.650033][T18804]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 1612.650058][T18804]  do_writepages+0x32e/0x550
[ 1612.650092][T18804]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1612.650114][T18804]  ? reacquire_held_locks+0x104/0x190
[ 1612.650141][T18804]  ? writeback_sb_inodes+0x477/0x1a20
[ 1612.650172][T18804]  __writeback_single_inode+0x133/0x11a0
[ 1612.650200][T18804]  ? do_raw_spin_unlock+0xf5/0x210
[ 1612.650224][T18804]  writeback_sb_inodes+0x992/0x1a20
[ 1612.650268][T18804]  ? __lock_acquire+0x6b5/0x2cf0
[ 1612.650297][T18804]  ? __pfx_writeback_sb_inodes+0x10/0x10
[ 1612.650322][T18804]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1612.650375][T18804]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1612.650397][T18804]  ? rcu_is_watching+0x15/0xb0
[ 1612.650424][T18804]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1612.650454][T18804]  wb_writeback+0x456/0xb70
[ 1612.650482][T18804]  ? queue_io+0x241/0x4a0
[ 1612.650514][T18804]  ? __pfx_wb_writeback+0x10/0x10
[ 1612.650537][T18804]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1612.650571][T18804]  wb_workfn+0x414/0xf50
[ 1612.650593][T18804]  ? look_up_lock_class+0x57/0x110
[ 1612.650628][T18804]  ? __pfx_wb_workfn+0x10/0x10
[ 1612.650652][T18804]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1612.650674][T18804]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1612.650696][T18804]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1612.650715][T18804]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1612.650743][T18804]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1612.650768][T18804]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1612.650791][T18804]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1612.650816][T18804]  ? process_scheduled_works+0xa25/0x1830
[ 1612.650842][T18804]  ? process_scheduled_works+0xa25/0x1830
[ 1612.650868][T18804]  process_scheduled_works+0xb02/0x1830
[ 1612.650918][T18804]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1612.650949][T18804]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1612.650971][T18804]  ? assign_work+0x3d5/0x5e0
[ 1612.651000][T18804]  worker_thread+0xa50/0xfc0
[ 1612.651041][T18804]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1612.651072][T18804]  kthread+0x388/0x470
[ 1612.651091][T18804]  ? __pfx_worker_thread+0x10/0x10
[ 1612.651115][T18804]  ? __pfx_kthread+0x10/0x10
[ 1612.651135][T18804]  ret_from_fork+0x51e/0xb90
[ 1612.651163][T18804]  ? __pfx_ret_from_fork+0x10/0x10
[ 1612.651186][T18804]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1612.651208][T18804]  ? __switch_to+0xc7d/0x1450
[ 1612.651234][T18804]  ? __pfx_kthread+0x10/0x10
[ 1612.651253][T18804]  ret_from_fork_asm+0x1a/0x30
[ 1612.651297][T18804]  </TASK>
[ 1612.651305][T18804] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[ 1613.946819][ T5831] Bluetooth: hci3: command tx timeout
[ 1614.757290][T14143] hsr_slave_0: left promiscuous mode
[ 1614.798106][T14143] hsr_slave_1: left promiscuous mode
[ 1614.805841][T14143] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1614.814994][T14143] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1614.842919][T14143] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1614.872446][T14143] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1614.986229][T14143] veth1_macvtap: left promiscuous mode
[ 1615.052503][T14143] veth0_macvtap: left promiscuous mode
[ 1615.499438][T14143] veth1_vlan: left promiscuous mode
[ 1615.579326][T14143] veth0_vlan: left promiscuous mode
[ 1615.695157][T24893] vivid-002: disconnect
[ 1615.869823][T24891] vivid-002: reconnect
[ 1616.038549][ T5831] Bluetooth: hci3: command tx timeout
[ 1617.496176][T24909] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input21
[ 1617.681056][T18297] usb 4-1: new high-speed USB device number 104 using dummy_hcd
[ 1617.867892][T18297] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1617.900824][T18297] usb 4-1: too many endpoints for config 1 interface 1 altsetting 0: 209, using maximum allowed: 30
[ 1617.924111][T18297] usb 4-1: config 1 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 209
[ 1617.954680][T18297] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[ 1617.985947][T18297] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1618.214259][T18297] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1618.393089][T18297] usb 4-1: Product: syz
[ 1618.408527][T18297] usb 4-1: Manufacturer: syz
[ 1618.423476][T18297] usb 4-1: SerialNumber: syz
[ 1618.492373][T18297] cdc_mbim 4-1:1.0: skipping garbage
[ 1618.665217][T24911] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1618.956272][T14143] team0 (unregistering): Port device team_slave_1 removed
[ 1619.053276][T14143] team0 (unregistering): Port device team_slave_0 removed
[ 1619.398082][T24937] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1619.406644][T18297] cdc_mbim 4-1:1.0: dwNtbInMaxSize=64 is too small. Using 2048
[ 1619.419636][T18297] cdc_mbim 4-1:1.0: setting rx_max = 2048
[ 1619.770565][T24942] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1619.780829][T24942] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1619.817801][T24823] chnl_net:caif_netlink_parms(): no params data found
[ 1619.849947][T18297] cdc_mbim 4-1:1.0: setting tx_max = 184
[ 1619.905041][T18297] cdc_mbim 4-1:1.0: cdc-wdm0: USB WDM device
[ 1619.984042][T18297] wwan wwan0: port wwan0mbim0 attached
[ 1620.128784][T18297] cdc_mbim 4-1:1.0 wwan0: register 'cdc_mbim' at usb-dummy_hcd.3-1, CDC MBIM, c2:e2:dd:0c:c7:dd
[ 1620.298083][T18297] usb 4-1: USB disconnect, device number 104
[ 1620.372696][T18297] cdc_mbim 4-1:1.0 wwan0: unregister 'cdc_mbim' usb-dummy_hcd.3-1, CDC MBIM
[ 1620.508028][T18297] wwan wwan0: port wwan0mbim0 disconnected
[ 1620.744718][T24823] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1620.777183][T24823] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1620.821940][T24823] bridge_slave_0: entered allmulticast mode
[ 1620.862170][T24823] bridge_slave_0: entered promiscuous mode
[ 1620.957945][T24823] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1620.989651][T24823] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1620.996909][T24823] bridge_slave_1: entered allmulticast mode
[ 1621.051816][T24823] bridge_slave_1: entered promiscuous mode
[ 1621.430078][T24823] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1621.560203][T24974] vivid-004: disconnect
[ 1621.564643][T24823] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1621.669547][T24970] vivid-004: reconnect
[ 1621.744665][T24823] team0: Port device team_slave_0 added
[ 1621.792508][T24823] team0: Port device team_slave_1 added
[ 1622.033500][T24823] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1622.115947][T24823] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1622.149845][T24823] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1622.221109][T24823] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1622.249106][T24823] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1622.353309][T24823] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1622.888938][T24823] hsr_slave_0: entered promiscuous mode
[ 1622.912850][T24823] hsr_slave_1: entered promiscuous mode
[ 1623.102593][T24947] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[ 1624.092514][T25004] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5188'.
[ 1624.764984][T25010] syzkaller0: entered promiscuous mode
[ 1624.797409][T25010] syzkaller0: entered allmulticast mode
[ 1626.495875][ T5897] usb 5-1: new full-speed USB device number 99 using dummy_hcd
[ 1626.683831][ T5897] usb 5-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[ 1626.722132][ T5897] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1626.917119][ T5897] usb 5-1: Product: syz
[ 1626.951009][ T5897] usb 5-1: Manufacturer: syz
[ 1627.046221][ T5897] usb 5-1: SerialNumber: syz
[ 1627.094749][ T5897] usb 5-1: config 0 descriptor??
[ 1627.341149][ T5897] usb 5-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[ 1627.945620][ T5897] dvb_usb_rtl28xxu 5-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32
[ 1628.103580][T25048] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[ 1628.140311][T24823] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 1628.217160][T24823] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 1628.261894][T24823] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 1628.362062][T24823] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 1628.822568][T24823] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1628.886399][T24823] 8021q: adding VLAN 0 to HW filter on device team0
[ 1628.946799][T14143] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1628.953992][T14143] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1629.002410][ T8823] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1629.009544][ T8823] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1629.332969][T19586] usb 5-1: USB disconnect, device number 99
[ 1631.430905][T25106] syzkaller0: entered promiscuous mode
[ 1631.474031][T25106] syzkaller0: entered allmulticast mode
[ 1631.908367][T24823] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1633.654769][T25131] pim6reg1: entered promiscuous mode
[ 1633.688303][T25131] pim6reg1: entered allmulticast mode
[ 1635.084755][T24823] veth0_vlan: entered promiscuous mode
[ 1635.276473][T24823] veth1_vlan: entered promiscuous mode
[ 1635.550336][T24823] veth0_macvtap: entered promiscuous mode
[ 1635.616294][T24823] veth1_macvtap: entered promiscuous mode
[ 1635.643201][T25155] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5219'.
[ 1635.842268][T25155] openvswitch: netlink: Unknown VXLAN extension attribute 0
[ 1635.846021][T24823] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1635.920099][T24823] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1635.969706][ T8823] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1636.010991][T18807] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1636.056242][T18807] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1636.095908][T18807] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1636.306260][T18807] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1636.329376][T18807] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1636.547789][ T8823] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1636.581570][ T8823] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1638.412980][T25183] loop9: detected capacity change from 0 to 32768
[ 1638.426734][T25183] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop9 (7:9) scanned by syz.9.5147 (25183)
[ 1638.527251][T25183] BTRFS info (device loop9): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[ 1638.539403][T25183] BTRFS info (device loop9): using crc32c checksum algorithm
[ 1638.547509][T25183] BTRFS warning (device loop9): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[ 1639.087633][T25183] BTRFS info (device loop9): rebuilding free space tree
[ 1639.110521][T25183] BTRFS info (device loop9): disabling free space tree
[ 1639.117419][T25183] BTRFS info (device loop9): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[ 1639.128284][T25183] BTRFS info (device loop9): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[ 1639.143627][T25183] BTRFS info (device loop9): enabling ssd optimizations
[ 1639.152636][T25183] BTRFS info (device loop9): turning on async discard
[ 1639.160727][T25183] BTRFS info (device loop9): enabling disk space caching
[ 1639.167750][T25183] BTRFS info (device loop9): force clearing of disk cache
[ 1639.175896][T25183] BTRFS info (device loop9): use zstd compression, level 3
[ 1640.581612][T24823] BTRFS info (device loop9): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[ 1641.545883][T25231] fuse: Bad value for 'fd'
[ 1642.043018][T25237] syzkaller0: entered promiscuous mode
[ 1642.113987][T25237] syzkaller0: entered allmulticast mode
[ 1643.298121][T19586] usb 1-1: new high-speed USB device number 73 using dummy_hcd
[ 1643.513115][T19586] usb 1-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[ 1643.544383][T19586] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1643.612245][T19586] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1643.714587][T19586] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 1643.803286][T19586] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1643.848112][T19586] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1643.911053][T19586] usb 1-1: Product: syz
[ 1643.915270][T19586] usb 1-1: Manufacturer: syz
[ 1643.975747][T19586] usb 1-1: SerialNumber: syz
[ 1644.240528][T19586] usb 1-1: 0:2 : does not exist
[ 1644.331275][T19586] usb 1-1: USB disconnect, device number 73
[ 1644.394944][T11478] udevd[11478]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1645.148964][T25291] netlink: 'syz.0.5244': attribute type 2 has an invalid length.
[ 1645.237574][T25286] loop8: detected capacity change from 0 to 32768
[ 1645.248459][T25286] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop8 (7:8) scanned by syz.8.5242 (25286)
[ 1645.268755][T25286] BTRFS info (device loop8): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[ 1645.281142][T25286] BTRFS info (device loop8): using crc32c checksum algorithm
[ 1645.290886][T25286] BTRFS warning (device loop8): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[ 1645.428867][T25286] BTRFS info (device loop8): rebuilding free space tree
[ 1645.461439][T25286] BTRFS info (device loop8): disabling free space tree
[ 1645.472092][T25286] BTRFS info (device loop8): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[ 1645.482910][T25286] BTRFS info (device loop8): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[ 1645.512300][T25286] BTRFS info (device loop8): enabling ssd optimizations
[ 1645.523549][T25286] BTRFS info (device loop8): turning on async discard
[ 1645.531314][T25286] BTRFS info (device loop8): enabling disk space caching
[ 1645.539357][T25286] BTRFS info (device loop8): force clearing of disk cache
[ 1645.547662][T25286] BTRFS info (device loop8): use zstd compression, level 3
[ 1645.909897][   T30] audit: type=1804 audit(1772600062.453:146): pid=25316 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.8.5242" name="/newroot/224/file1/bus" dev="loop8" ino=263 res=1 errno=0
[ 1646.762851][T25264] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[ 1646.771094][T19254] BTRFS info (device loop8): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[ 1647.307738][T25335] bridge0: port 3(veth0_to_bridge) entered blocking state
[ 1647.364564][T25335] bridge0: port 3(veth0_to_bridge) entered disabled state
[ 1647.496187][T25335] veth0_to_bridge: entered allmulticast mode
[ 1647.841767][T25335] veth0_to_bridge: entered promiscuous mode
[ 1647.941386][T25335] bridge0: adding interface veth0_to_bridge with same address as a received packet (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[ 1648.096036][T25335] bridge0: port 3(veth0_to_bridge) entered blocking state
[ 1648.103765][T25335] bridge0: port 3(veth0_to_bridge) entered forwarding state
[ 1648.633388][T25329] fuse: Bad value for 'fd'
[ 1648.750682][T25351] netlink: 4 bytes leftover after parsing attributes in process `syz.8.5254'.
[ 1649.778579][T25363] loop8: detected capacity change from 0 to 40427
[ 1649.825615][T25363] F2FS-fs (loop8): invalid crc value
[ 1649.944724][T25363] F2FS-fs (loop8): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[ 1649.976159][T25363] F2FS-fs (loop8): Start checkpoint disabled!
[ 1650.002817][T25363] F2FS-fs (loop8): f2fs_disable_checkpoint() finish, err:0
[ 1650.034481][T25363] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e6
[ 1650.130326][   T30] audit: type=1800 audit(1772600066.675:147): pid=25370 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.5257" name="bus" dev="loop8" ino=10 res=0 errno=0
[ 1650.582469][T25370] bio_check_eod: 182 callbacks suppressed
[ 1650.582503][T25370] syz.8.5257: attempt to access beyond end of device
[ 1650.582503][T25370] loop8: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[ 1650.606362][T25370] syz.8.5257: attempt to access beyond end of device
[ 1650.606362][T25370] loop8: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1650.625907][T25370] syz.8.5257: attempt to access beyond end of device
[ 1650.625907][T25370] loop8: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1650.647242][T25370] syz.8.5257: attempt to access beyond end of device
[ 1650.647242][T25370] loop8: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1650.665461][T25370] syz.8.5257: attempt to access beyond end of device
[ 1650.665461][T25370] loop8: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1650.682855][T25370] syz.8.5257: attempt to access beyond end of device
[ 1650.682855][T25370] loop8: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[ 1650.698457][T25370] syz.8.5257: attempt to access beyond end of device
[ 1650.698457][T25370] loop8: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1650.716062][T25370] syz.8.5257: attempt to access beyond end of device
[ 1650.716062][T25370] loop8: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[ 1650.734361][T25370] syz.8.5257: attempt to access beyond end of device
[ 1650.734361][T25370] loop8: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[ 1650.755532][T25370] syz.8.5257: attempt to access beyond end of device
[ 1650.755532][T25370] loop8: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[ 1651.958454][T20699] CPU: 0 UID: 0 PID: 20699 Comm: kworker/u8:10 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1651.958485][T20699] Tainted: [L]=SOFTLOCKUP
[ 1651.958493][T20699] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1651.958505][T20699] Workqueue: writeback wb_workfn (flush-7:8)
[ 1651.958535][T20699] Call Trace:
[ 1651.958543][T20699]  <TASK>
[ 1651.958551][T20699]  dump_stack_lvl+0xe8/0x150
[ 1651.958580][T20699]  f2fs_handle_critical_error+0x37c/0x540
[ 1651.958609][T20699]  f2fs_write_end_io+0xcdb/0xff0
[ 1651.958650][T20699]  __submit_merged_bio+0x256/0x700
[ 1651.958677][T20699]  __submit_merged_write_cond+0x3c9/0x4e0
[ 1651.958706][T20699]  ? __pfx___submit_merged_write_cond+0x10/0x10
[ 1651.958739][T20699]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1651.958769][T20699]  f2fs_write_data_pages+0x2975/0x35e0
[ 1651.958793][T20699]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1651.958846][T20699]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 1651.958869][T20699]  ? cfg80211_inform_single_bss_data+0x13c6/0x1b70
[ 1651.958931][T20699]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1651.958953][T20699]  ? __lock_acquire+0x6b5/0x2cf0
[ 1651.958993][T20699]  ? unwind_next_frame+0xa5/0x23c0
[ 1651.959041][T20699]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1651.959063][T20699]  ? unwind_next_frame+0x1aaf/0x23c0
[ 1651.959093][T20699]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 1651.959118][T20699]  do_writepages+0x32e/0x550
[ 1651.959152][T20699]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1651.959174][T20699]  ? reacquire_held_locks+0x104/0x190
[ 1651.959223][T20699]  ? writeback_sb_inodes+0x477/0x1a20
[ 1651.959253][T20699]  __writeback_single_inode+0x133/0x11a0
[ 1651.959281][T20699]  ? do_raw_spin_unlock+0xf5/0x210
[ 1651.959305][T20699]  writeback_sb_inodes+0x992/0x1a20
[ 1651.959361][T20699]  ? __pfx_writeback_sb_inodes+0x10/0x10
[ 1651.959385][T20699]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1651.959439][T20699]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1651.959461][T20699]  ? rcu_is_watching+0x15/0xb0
[ 1651.959488][T20699]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1651.959518][T20699]  wb_writeback+0x456/0xb70
[ 1651.959546][T20699]  ? queue_io+0x241/0x4a0
[ 1651.959578][T20699]  ? __pfx_wb_writeback+0x10/0x10
[ 1651.959601][T20699]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1651.959635][T20699]  wb_workfn+0x414/0xf50
[ 1651.959658][T20699]  ? look_up_lock_class+0x57/0x110
[ 1651.959688][T20699]  ? __pfx_wb_workfn+0x10/0x10
[ 1651.959712][T20699]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1651.959734][T20699]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1651.959756][T20699]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1651.959776][T20699]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1651.959803][T20699]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1651.959828][T20699]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1651.959852][T20699]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1651.959876][T20699]  ? process_scheduled_works+0xa25/0x1830
[ 1651.959901][T20699]  ? process_scheduled_works+0xa25/0x1830
[ 1651.959928][T20699]  process_scheduled_works+0xb02/0x1830
[ 1651.959978][T20699]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1651.960009][T20699]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1651.960031][T20699]  ? assign_work+0x3d5/0x5e0
[ 1651.960060][T20699]  worker_thread+0xa50/0xfc0
[ 1651.960088][T20699]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1651.960123][T20699]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1651.960153][T20699]  kthread+0x388/0x470
[ 1651.960172][T20699]  ? __pfx_worker_thread+0x10/0x10
[ 1651.960196][T20699]  ? __pfx_kthread+0x10/0x10
[ 1651.960217][T20699]  ret_from_fork+0x51e/0xb90
[ 1651.960245][T20699]  ? __pfx_ret_from_fork+0x10/0x10
[ 1651.960268][T20699]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1651.960290][T20699]  ? __switch_to+0xc7d/0x1450
[ 1651.960316][T20699]  ? __pfx_kthread+0x10/0x10
[ 1651.960336][T20699]  ret_from_fork_asm+0x1a/0x30
[ 1651.960384][T20699]  </TASK>
[ 1651.960449][T20699] F2FS-fs (loop8): Stopped filesystem due to reason: 3
[ 1652.639839][T25378] syzkaller0: entered promiscuous mode
[ 1652.673062][T25378] syzkaller0: entered allmulticast mode
[ 1656.784673][T25429] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue
[ 1656.804140][T25429] syzkaller0: entered promiscuous mode
[ 1656.810996][T25429] syzkaller0: entered allmulticast mode
[ 1656.923162][T25428] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[ 1658.890103][T25520] syzkaller0: entered promiscuous mode
[ 1658.962304][T25520] syzkaller0: entered allmulticast mode
[ 1659.253399][T25532] loop5: detected capacity change from 0 to 7
[ 1659.350195][T25532] Dev loop5: unable to read RDB block 7
[ 1659.355912][T25532]  loop5: unable to read partition table
[ 1659.416645][T25506] fuse: Bad value for 'fd'
[ 1659.539971][T25532] loop5: partition table beyond EOD, truncated
[ 1659.556801][T25532] loop_reread_partitions: partition scan of loop5 (þ被xü—ŸÑà– ) failed (rc=-5)
[ 1682.627674][ T1292] ieee802154 phy0 wpan0: encryption failed: -22
[ 1682.633999][ T1292] ieee802154 phy1 wpan1: encryption failed: -22
[ 1685.364573][    C1] sched: DL replenish lagged too much
[ 1701.541374][T23938] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1701.603600][T23938] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1701.622313][T23938] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1701.707627][T23938] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1701.733441][T23938] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1705.346399][T23938] Bluetooth: hci5: command tx timeout
[ 1706.428186][ T5831] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[ 1706.485873][ T5831] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[ 1706.497674][ T5831] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[ 1706.528446][ T5831] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[ 1706.561231][ T5831] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[ 1709.677119][ T5831] Bluetooth: hci5: command tx timeout
[ 1709.682575][ T5831] Bluetooth: hci7: command tx timeout
[ 1710.834219][T23938] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[ 1710.960979][ T5827] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[ 1711.004162][T25609] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[ 1711.023749][T25609] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[ 1711.034699][ T5827] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[ 1711.084158][ T5827] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[ 1711.112970][T25609] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[ 1711.120694][ T5827] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[ 1711.129619][T25609] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[ 1711.138615][ T5827] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[ 1715.940983][ T5827] Bluetooth: hci7: command tx timeout
[ 1715.946508][ T5827] Bluetooth: hci5: command tx timeout
[ 1715.954109][ T5827] Bluetooth: hci9: command tx timeout
[ 1718.059984][ T5831] Bluetooth: hci5: command tx timeout
[ 1718.065441][ T5831] Bluetooth: hci7: command tx timeout
[ 1720.118992][ T5831] Bluetooth: hci7: command tx timeout
[ 1726.531764][T25612] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1
[ 1726.579125][T25612] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9
[ 1726.591073][T25612] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9
[ 1726.601453][T25612] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4
[ 1726.610741][T25612] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2
[ 1726.923154][T25633] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1726.933718][T25633] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1726.943071][T25633] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1726.952489][T25633] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1726.966477][T25633] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1728.691824][ T1292] ieee802154 phy0 wpan0: encryption failed: -22
[ 1728.701019][ T1292] ieee802154 phy1 wpan1: encryption failed: -22
[ 1733.180714][T25633] Bluetooth: hci0: command tx timeout
[ 1734.351841][T25633] Bluetooth: hci8: command tx timeout
[ 1734.358342][T25633] Bluetooth: hci9: command tx timeout
[ 1735.231336][ T5831] Bluetooth: hci10: command tx timeout
[ 1735.242948][T25633] Bluetooth: hci0: command tx timeout
[ 1736.430847][T25633] Bluetooth: hci9: command tx timeout
[ 1736.436292][T25633] Bluetooth: hci8: command tx timeout
[ 1737.310388][ T5831] Bluetooth: hci10: command tx timeout
[ 1737.317915][T25633] Bluetooth: hci0: command tx timeout
[ 1738.915052][T25633] Bluetooth: hci8: command tx timeout
[ 1738.919612][ T5831] Bluetooth: hci9: command tx timeout
[ 1739.429208][T25633] Bluetooth: hci10: command tx timeout
[ 1739.628497][T25633] Bluetooth: hci0: command tx timeout
[ 1740.991779][T25633] Bluetooth: hci8: command tx timeout
[ 1741.468487][T25633] Bluetooth: hci10: command tx timeout
[ 1765.277294][T25612] Bluetooth: hci3: command 0x0406 tx timeout
[ 1766.716360][ T5831] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1766.806703][T23938] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1766.821377][ T5827] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1766.845337][ T5827] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1766.867538][T23938] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1766.878710][T23938] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1766.887681][T23938] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1766.897038][ T5827] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1766.906602][ T5827] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1766.918012][T25612] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1767.159803][T25609] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1767.186381][T25653] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1767.220602][T25653] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1767.231442][T25653] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1767.240840][T25653] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1767.263735][T25653] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 1767.277351][T25653] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 1767.289595][T25653] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 1767.299190][T25653] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 1767.325251][T25653] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 1767.433266][T25656] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1
[ 1767.447471][T25656] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9
[ 1767.458988][T25656] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9
[ 1767.475290][T25656] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4
[ 1767.487058][T25656] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2
[ 1767.761843][T25660] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1
[ 1767.772611][T25660] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9
[ 1767.781894][T25660] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9
[ 1767.792193][T25660] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4
[ 1767.805515][T25660] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2
[ 1772.485245][T25660] Bluetooth: hci12: command tx timeout
[ 1774.573003][T25660] Bluetooth: hci1: command tx timeout
[ 1774.579703][T25660] Bluetooth: hci11: command tx timeout
[ 1774.587603][T25656] Bluetooth: hci2: command tx timeout
[ 1774.594956][T25656] Bluetooth: hci4: command tx timeout
[ 1774.602349][ T5827] Bluetooth: hci6: command tx timeout
[ 1774.733459][T25660] Bluetooth: hci12: command tx timeout
[ 1776.650232][T25660] Bluetooth: hci11: command tx timeout
[ 1776.655759][T25660] Bluetooth: hci1: command tx timeout
[ 1776.664596][ T5827] Bluetooth: hci6: command tx timeout
[ 1776.671943][T25633] Bluetooth: hci4: command tx timeout
[ 1776.677332][T25633] Bluetooth: hci2: command tx timeout
[ 1776.810933][T25633] Bluetooth: hci12: command tx timeout
[ 1778.729537][T25656] Bluetooth: hci6: command tx timeout
[ 1778.734981][T25656] Bluetooth: hci1: command tx timeout
[ 1778.741800][T25660] Bluetooth: hci4: command tx timeout
[ 1778.748128][ T5827] Bluetooth: hci11: command tx timeout
[ 1778.765835][T25633] Bluetooth: hci2: command tx timeout
[ 1778.889377][T25633] Bluetooth: hci12: command tx timeout
[ 1780.813957][T25633] Bluetooth: hci2: command tx timeout
[ 1780.820740][ T5827] Bluetooth: hci11: command tx timeout
[ 1780.826227][ T5827] Bluetooth: hci1: command tx timeout
[ 1780.833130][T25656] Bluetooth: hci4: command tx timeout
[ 1780.839489][T25633] Bluetooth: hci6: command tx timeout
[ 1790.107493][ T1292] ieee802154 phy0 wpan0: encryption failed: -22
[ 1790.119393][ T1292] ieee802154 phy1 wpan1: encryption failed: -22
[ 1815.128103][T25656] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1815.139157][T25656] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1815.148873][T25656] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1815.158371][T25656] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1815.167266][T25656] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1815.355288][ T5827] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1815.366818][ T5827] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1815.375782][ T5827] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1815.384735][ T5827] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1815.395136][ T5827] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1816.437758][T25656] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1
[ 1816.458566][T25656] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9
[ 1816.468704][T25656] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9
[ 1816.490607][T25656] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4
[ 1816.502851][T25656] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2
[ 1817.270568][T25656] Bluetooth: hci3: command tx timeout
[ 1817.430357][T25656] Bluetooth: hci5: command tx timeout
[ 1818.549925][T25656] Bluetooth: hci13: command tx timeout
[ 1819.349302][T25656] Bluetooth: hci3: command tx timeout
[ 1819.509206][T25656] Bluetooth: hci5: command tx timeout
[ 1820.628419][T25656] Bluetooth: hci13: command tx timeout
[ 1821.428901][T25656] Bluetooth: hci3: command tx timeout
[ 1821.587498][T25656] Bluetooth: hci5: command tx timeout
[ 1822.707549][T25656] Bluetooth: hci13: command tx timeout
[ 1823.507213][T25656] Bluetooth: hci3: command tx timeout
[ 1823.667287][T25656] Bluetooth: hci5: command tx timeout
[ 1824.786450][T25656] Bluetooth: hci13: command tx timeout
[ 1826.719520][ T5827] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1
[ 1826.730927][ T5827] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9
[ 1826.753217][ T5827] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9
[ 1826.762644][ T5827] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4
[ 1826.775394][ T5827] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2
[ 1826.926088][T25656] Bluetooth: hci15: unexpected cc 0x0c03 length: 249 > 1
[ 1826.938242][T25656] Bluetooth: hci15: unexpected cc 0x1003 length: 249 > 9
[ 1826.948285][T25656] Bluetooth: hci15: unexpected cc 0x1001 length: 249 > 9
[ 1826.969701][T25656] Bluetooth: hci15: unexpected cc 0x0c23 length: 249 > 4
[ 1826.978758][T25656] Bluetooth: hci15: unexpected cc 0x0c38 length: 249 > 2
[ 1827.061434][ T5827] Bluetooth: hci16: unexpected cc 0x0c03 length: 249 > 1
[ 1827.081596][ T5827] Bluetooth: hci16: unexpected cc 0x1003 length: 249 > 9
[ 1827.091588][ T5827] Bluetooth: hci16: unexpected cc 0x1001 length: 249 > 9
[ 1827.101485][ T5827] Bluetooth: hci16: unexpected cc 0x0c23 length: 249 > 4
[ 1827.111906][ T5827] Bluetooth: hci16: unexpected cc 0x0c38 length: 249 > 2
[ 1828.863883][ T5827] Bluetooth: hci14: command tx timeout
[ 1829.023749][ T5827] Bluetooth: hci15: command tx timeout
[ 1829.184286][ T5827] Bluetooth: hci16: command tx timeout
[ 1830.943828][ T5827] Bluetooth: hci14: command tx timeout
[ 1831.103239][ T5827] Bluetooth: hci15: command tx timeout
[ 1831.263646][ T5827] Bluetooth: hci16: command tx timeout
[ 1833.022368][ T5827] Bluetooth: hci14: command tx timeout
[ 1833.107794][ T5827] Bluetooth: hci7: command 0x0406 tx timeout
[ 1833.182279][T25656] Bluetooth: hci15: command tx timeout
[ 1833.343361][T25656] Bluetooth: hci16: command tx timeout
[ 1835.101370][T25656] Bluetooth: hci14: command tx timeout
[ 1835.261508][T25656] Bluetooth: hci15: command tx timeout
[ 1835.421673][T25656] Bluetooth: hci16: command tx timeout
[ 1851.500575][ T1292] ieee802154 phy0 wpan0: encryption failed: -22
[ 1851.527827][ T1292] ieee802154 phy1 wpan1: encryption failed: -22
[ 1853.582293][T25660] Bluetooth: hci8: command 0x0406 tx timeout
[ 1853.588339][T25660] Bluetooth: hci9: command 0x0406 tx timeout
[ 1858.700301][T25660] Bluetooth: hci10: command 0x0406 tx timeout
[ 1858.706451][T25660] Bluetooth: hci0: command 0x0406 tx timeout
[ 1875.031593][T25656] Bluetooth: hci17: unexpected cc 0x0c03 length: 249 > 1
[ 1875.042413][T25656] Bluetooth: hci17: unexpected cc 0x1003 length: 249 > 9
[ 1875.051675][T25656] Bluetooth: hci17: unexpected cc 0x1001 length: 249 > 9
[ 1875.065037][T25656] Bluetooth: hci17: unexpected cc 0x0c23 length: 249 > 4
[ 1875.074920][T25656] Bluetooth: hci17: unexpected cc 0x0c38 length: 249 > 2
[ 1875.689321][ T5827] Bluetooth: hci18: unexpected cc 0x0c03 length: 249 > 1
[ 1875.701974][ T5827] Bluetooth: hci18: unexpected cc 0x1003 length: 249 > 9
[ 1875.712304][ T5827] Bluetooth: hci18: unexpected cc 0x1001 length: 249 > 9
[ 1875.726606][ T5827] Bluetooth: hci18: unexpected cc 0x0c23 length: 249 > 4
[ 1875.735785][ T5827] Bluetooth: hci18: unexpected cc 0x0c38 length: 249 > 2
[ 1876.748178][ T5827] Bluetooth: hci19: unexpected cc 0x0c03 length: 249 > 1
[ 1876.764199][ T5827] Bluetooth: hci19: unexpected cc 0x1003 length: 249 > 9
[ 1876.773620][ T5827] Bluetooth: hci19: unexpected cc 0x1001 length: 249 > 9
[ 1876.802406][ T5827] Bluetooth: hci19: unexpected cc 0x0c23 length: 249 > 4
[ 1876.811511][ T5827] Bluetooth: hci19: unexpected cc 0x0c38 length: 249 > 2
[ 1877.162010][ T5827] Bluetooth: hci17: command tx timeout
[ 1877.799968][ T5827] Bluetooth: hci18: command tx timeout
[ 1878.839425][ T5827] Bluetooth: hci19: command tx timeout
[ 1879.239117][ T5827] Bluetooth: hci17: command tx timeout
[ 1879.881130][ T5827] Bluetooth: hci18: command tx timeout
[ 1880.917701][ T5827] Bluetooth: hci19: command tx timeout
[ 1881.318119][ T5827] Bluetooth: hci17: command tx timeout
[ 1881.957767][ T5827] Bluetooth: hci18: command tx timeout
[ 1882.997383][ T5827] Bluetooth: hci19: command tx timeout
[ 1883.396407][ T5827] Bluetooth: hci17: command tx timeout
[ 1884.040009][ T5827] Bluetooth: hci18: command tx timeout
[ 1885.076134][ T5827] Bluetooth: hci19: command tx timeout
[ 1887.325212][   T31] INFO: task syz-executor:19374 blocked for more than 143 seconds.
[ 1887.333325][   T31]       Tainted: G             L      syzkaller #0
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 1887.444993][   T31]       Blocked by coredump.
[ 1887.449625][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1887.530388][   T31] task:syz-executor    state:D stack:22656 pid:19374 tgid:19374 ppid:1      task_flags:0x40054c flags:0x00080003
[ 1887.642549][T25656] Bluetooth: hci20: unexpected cc 0x0c03 length: 249 > 1
[ 1887.712080][   T31] Call Trace:
[ 1887.724932][T25656] Bluetooth: hci20: unexpected cc 0x1003 length: 249 > 9
[ 1887.755567][T25656] Bluetooth: hci20: unexpected cc 0x1001 length: 249 > 9
[ 1887.765701][T25656] Bluetooth: hci20: unexpected cc 0x0c23 length: 249 > 4
[ 1887.773374][T25656] Bluetooth: hci20: unexpected cc 0x0c38 length: 249 > 2
[ 1887.785256][   T31]  <TASK>
[ 1887.788209][   T31]  __schedule+0x15dd/0x52d0
[ 1887.792780][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1888.015038][   T31]  ? __pfx___schedule+0x10/0x10
[ 1888.019974][   T31]  ? schedule+0x90/0x360
[ 1888.114737][   T31]  schedule+0x164/0x360
[ 1888.118970][   T31]  schedule_preempt_disabled+0x13/0x30
[ 1888.191809][   T31]  __mutex_lock+0x7fe/0x1300
[ 1888.214118][   T31]  ? __mutex_lock+0x5ac/0x1300
[ 1888.218922][   T31]  ? tun_chr_close+0x3e/0x1c0
[ 1888.284733][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 1888.289829][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1888.334433][   T31]  ? __pfx_tun_chr_close+0x10/0x10
[ 1888.339610][   T31]  tun_chr_close+0x3e/0x1c0
[ 1888.384787][   T31]  __fput+0x44f/0xa70
[ 1888.388839][   T31]  task_work_run+0x1d9/0x270
[ 1888.434666][   T31]  ? __pfx_task_work_run+0x10/0x10
[ 1888.439833][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1888.484467][   T31]  ? kmem_cache_free+0x187/0x630
[ 1888.489467][   T31]  ? do_exit+0x696/0x2320
[ 1888.523825][   T31]  do_exit+0x69b/0x2320
[ 1888.528145][   T31]  ? __kasan_slab_free+0x5c/0x80
[ 1888.564430][   T31]  ? kmem_cache_free+0x187/0x630
[ 1888.601365][   T31]  ? __pfx_do_exit+0x10/0x10
[ 1888.614301][   T31]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1888.619353][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1888.656700][   T31]  do_group_exit+0x21b/0x2d0
[ 1888.661320][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1888.701386][   T31]  get_signal+0x1284/0x1330
[ 1888.734303][   T31]  arch_do_signal_or_restart+0xbc/0x830
[ 1888.739893][   T31]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 1888.767015][   T31]  ? do_sys_openat2+0x14c/0x200
[ 1888.771915][   T31]  ? exc_page_fault+0x6a/0xc0
[ 1888.799023][   T31]  exit_to_user_mode_loop+0x86/0x480
[ 1888.833673][   T31]  ? rcu_is_watching+0x15/0xb0
[ 1888.838504][   T31]  do_syscall_64+0x32d/0xf80
[ 1888.864256][   T31]  ? trace_irq_disable+0x3b/0x150
[ 1888.869321][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1888.964804][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1888.970766][   T31] RIP: 0033:0x7fe8d299babc
[ 1889.010572][   T31] RSP: 002b:00007ffd48b233e0 EFLAGS: 00000206 ORIG_RAX: 0000000000000101
[ 1889.064263][   T31] RAX: 0000000000000003 RBX: 00007fe8d2a31f90 RCX: 00007fe8d299babc
[ 1889.072286][   T31] RDX: 0000000000090800 RSI: 00007ffd48b24590 RDI: 00000000ffffff9c
[ 1889.155459][   T31] RBP: 00007ffd48b2457c R08: 0000000000000000 R09: 0000000000000000
[ 1889.174048][   T31] R10: 0000000000000000 R11: 0000000000000206 R12: 00007ffd48b24590
[ 1889.192110][   T31] R13: 00007fe8d2a31f90 R14: 0000000000196173 R15: 00007ffd48b245d0
[ 1889.201648][   T31]  </TASK>
[ 1889.227072][   T31] INFO: task syz-executor:19830 blocked for more than 145 seconds.
[ 1889.259499][   T31]       Tainted: G             L      syzkaller #0
[ 1889.281176][   T31]       Blocked by coredump.
[ 1889.324000][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1889.344209][   T31] task:syz-executor    state:D stack:22408 pid:19830 tgid:19830 ppid:1      task_flags:0x40054c flags:0x00080003
[ 1889.383969][   T31] Call Trace:
[ 1889.389377][   T31]  <TASK>
[ 1889.392322][   T31]  __schedule+0x15dd/0x52d0
[ 1889.413925][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1889.419600][   T31]  ? __pfx___schedule+0x10/0x10
[ 1889.429968][   T31]  ? schedule+0x90/0x360
[ 1889.445783][   T31]  schedule+0x164/0x360
[ 1889.449998][   T31]  schedule_preempt_disabled+0x13/0x30
[ 1889.469393][   T31]  __mutex_lock+0x7fe/0x1300
[ 1889.503905][   T31]  ? __mutex_lock+0x5ac/0x1300
[ 1889.508724][   T31]  ? tun_chr_close+0x3e/0x1c0
[ 1889.515099][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 1889.520159][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1889.543854][   T31]  ? __pfx_tun_chr_close+0x10/0x10
[ 1889.549024][   T31]  tun_chr_close+0x3e/0x1c0
[ 1889.573856][   T31]  __fput+0x44f/0xa70
[ 1889.577909][   T31]  task_work_run+0x1d9/0x270
[ 1889.603342][   T31]  ? __pfx_task_work_run+0x10/0x10
[ 1889.608493][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1889.633847][   T31]  ? kmem_cache_free+0x187/0x630
[ 1889.638831][   T31]  ? do_exit+0x696/0x2320
[ 1889.651446][   T31]  do_exit+0x69b/0x2320
[ 1889.666378][   T31]  ? __pfx_do_exit+0x10/0x10
[ 1889.670995][   T31]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1889.701896][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1889.713839][   T31]  do_group_exit+0x21b/0x2d0
[ 1889.718459][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1889.743652][   T31]  get_signal+0x1284/0x1330
[ 1889.748214][   T31]  arch_do_signal_or_restart+0xbc/0x830
[ 1889.763168][   T31]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 1889.769355][   T31]  ? ksys_read+0x1fc/0x270
[ 1889.793917][   T31]  exit_to_user_mode_loop+0x86/0x480
[ 1889.823765][   T31]  ? rcu_is_watching+0x15/0xb0
[ 1889.828606][   T31]  do_syscall_64+0x32d/0xf80
[ 1889.839228][   T31]  ? trace_irq_disable+0x3b/0x150
[ 1889.845886][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1889.852151][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1889.859766][   T31] RIP: 0033:0x7f029f55cfce
[ 1889.865956][   T31] RSP: 002b:00007ffec69f4708 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1889.877415][   T31] RAX: fffffffffffffe00 RBX: 00005555746f9500 RCX: 00007f029f55cfce
[ 1889.889408][   T31] RDX: 0000000000000030 RSI: 00007ffec69f4800 RDI: 00000000000000f9
[ 1889.900739][   T31] RBP: 00007ffec69f47ac R08: 0000000000000000 R09: 0000000000000000
[ 1889.909612][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000000000dc
[ 1889.931950][   T31] R13: 000000000000005f R14: 0000000000196fbb R15: 00007ffec69f4800
[ 1889.943786][   T31]  </TASK>
[ 1889.949125][   T31] INFO: task kworker/u8:7:20498 blocked for more than 145 seconds.
[ 1889.959673][T25656] Bluetooth: hci20: command tx timeout
[ 1889.976810][   T31]       Tainted: G             L      syzkaller #0
[ 1889.988172][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1890.004293][   T31] task:kworker/u8:7    state:D stack:22368 pid:20498 tgid:20498 ppid:2      task_flags:0x4208060 flags:0x00080000
[ 1890.020035][   T31] Workqueue: events_unbound linkwatch_event
[ 1890.031712][   T31] Call Trace:
[ 1890.044520][   T31]  <TASK>
[ 1890.047462][   T31]  __schedule+0x15dd/0x52d0
[ 1890.052018][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1890.059298][   T31]  ? update_se+0x91/0x620
[ 1890.064631][   T31]  ? __pfx___schedule+0x10/0x10
[ 1890.069525][   T31]  ? schedule+0x90/0x360
[ 1890.074799][   T31]  schedule+0x164/0x360
[ 1890.078982][   T31]  schedule_preempt_disabled+0x13/0x30
[ 1890.086407][   T31]  __mutex_lock+0x7fe/0x1300
[ 1890.091111][   T31]  ? __mutex_lock+0x5ac/0x1300
[ 1890.097559][   T31]  ? linkwatch_event+0xe/0x60
[ 1890.109054][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 1890.124775][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1890.130441][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1890.141428][   T31]  ? process_scheduled_works+0xa25/0x1830
[ 1890.155710][   T31]  ? process_scheduled_works+0xa25/0x1830
[ 1890.161456][   T31]  linkwatch_event+0xe/0x60
[ 1890.167697][   T31]  process_scheduled_works+0xb02/0x1830
[ 1890.174814][   T31]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1890.180822][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1890.188153][   T31]  ? assign_work+0x3d5/0x5e0
[ 1890.196147][   T31]  worker_thread+0xa50/0xfc0
[ 1890.200761][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1890.209995][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1890.219494][   T31]  kthread+0x388/0x470
[ 1890.224491][   T31]  ? __pfx_worker_thread+0x10/0x10
[ 1890.229621][   T31]  ? __pfx_kthread+0x10/0x10
[ 1890.235902][   T31]  ret_from_fork+0x51e/0xb90
[ 1890.241025][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[ 1890.256538][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1890.265319][   T31]  ? __switch_to+0xc7d/0x1450
[ 1890.270026][   T31]  ? __pfx_kthread+0x10/0x10
[ 1890.276294][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1890.281103][   T31]  </TASK>
[ 1890.286049][   T31] INFO: task syz-executor:23259 blocked for more than 146 seconds.
[ 1890.296076][   T31]       Tainted: G             L      syzkaller #0
[ 1890.304317][   T31]       Blocked by coredump.
[ 1890.335999][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1890.359805][   T31] task:syz-executor    state:D stack:22656 pid:23259 tgid:23259 ppid:1      task_flags:0x40054c flags:0x00080003
[ 1890.378221][   T31] Call Trace:
[ 1890.381513][   T31]  <TASK>
[ 1890.385993][   T31]  __schedule+0x15dd/0x52d0
[ 1890.390556][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1890.397254][   T31]  ? __pfx___schedule+0x10/0x10
[ 1890.403036][   T31]  ? schedule+0x90/0x360
[ 1890.407305][   T31]  schedule+0x164/0x360
[ 1890.415332][   T31]  schedule_preempt_disabled+0x13/0x30
[ 1890.420817][   T31]  __mutex_lock+0x7fe/0x1300
[ 1890.427090][   T31]  ? __mutex_lock+0x5ac/0x1300
[ 1890.431878][   T31]  ? tun_chr_close+0x3e/0x1c0
[ 1890.438288][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 1890.447809][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1890.455041][   T31]  ? __pfx_tun_chr_close+0x10/0x10
[ 1890.460840][   T31]  tun_chr_close+0x3e/0x1c0
[ 1890.470231][   T31]  __fput+0x44f/0xa70
[ 1890.476127][   T31]  task_work_run+0x1d9/0x270
[ 1890.480737][   T31]  ? __pfx_task_work_run+0x10/0x10
[ 1890.491445][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1890.503351][   T31]  ? kmem_cache_free+0x187/0x630
[ 1890.508307][   T31]  ? do_exit+0x696/0x2320
[ 1890.519296][   T31]  do_exit+0x69b/0x2320
[ 1890.525148][   T31]  ? __pfx_do_exit+0x10/0x10
[ 1890.529757][   T31]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1890.535925][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1890.541587][   T31]  do_group_exit+0x21b/0x2d0
[ 1890.547641][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1890.557899][   T31]  get_signal+0x1284/0x1330
[ 1890.563979][   T31]  arch_do_signal_or_restart+0xbc/0x830
[ 1890.570160][   T31]  ? __pfx___x64_sys_wait4+0x10/0x10
[ 1890.581055][   T31]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 1890.588815][   T31]  exit_to_user_mode_loop+0x86/0x480
[ 1890.599526][   T31]  ? rcu_is_watching+0x15/0xb0
[ 1890.606047][   T31]  do_syscall_64+0x32d/0xf80
[ 1890.610647][   T31]  ? trace_irq_disable+0x3b/0x150
[ 1890.619630][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1890.627270][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1890.634944][   T31] RIP: 0033:0x7f628995cfce
[ 1890.639370][   T31] RSP: 002b:00007ffd0e399608 EFLAGS: 00000246 ORIG_RAX: 000000000000003d
[ 1890.650022][   T31] RAX: fffffffffffffe00 RBX: 0000555580b99500 RCX: 00007f628995cfce
[ 1890.660738][   T31] RDX: 0000000040000000 RSI: 00007ffd0e3996ac RDI: ffffffffffffffff
[ 1890.675089][   T31] RBP: 00007ffd0e3996ac R08: 0000000000000000 R09: 0000000000000000
[ 1890.687809][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000049
[ 1890.697249][   T31] R13: 0000555580bac9f0 R14: 000000000019574f R15: 00007ffd0e399700
[ 1890.714544][   T31]  </TASK>
[ 1890.734341][   T31] INFO: task syz-executor:25613 blocked for more than 146 seconds.
[ 1890.743838][   T31]       Tainted: G             L      syzkaller #0
[ 1890.750816][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1890.761323][   T31] task:syz-executor    state:D stack:26624 pid:25613 tgid:25613 ppid:1      task_flags:0x400140 flags:0x00080002
[ 1890.776883][   T31] Call Trace:
[ 1890.780168][   T31]  <TASK>
[ 1890.787858][   T31]  __schedule+0x15dd/0x52d0
[ 1890.797102][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1890.804303][   T31]  ? __pfx___schedule+0x10/0x10
[ 1890.809188][   T31]  ? schedule+0x90/0x360
[ 1890.821620][   T31]  schedule+0x164/0x360
[ 1890.827344][   T31]  schedule_preempt_disabled+0x13/0x30
[ 1890.834406][   T31]  __mutex_lock+0x7fe/0x1300
[ 1890.839019][   T31]  ? __mutex_lock+0x5ac/0x1300
[ 1890.845584][   T31]  ? inet_rtm_newaddr+0x404/0x1ad0
[ 1890.850763][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 1890.857553][   T31]  ? __nla_parse+0x40/0x60
[ 1890.863420][   T31]  inet_rtm_newaddr+0x404/0x1ad0
[ 1890.868391][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1890.875786][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1890.881437][   T31]  ? __kernel_text_address+0xd/0x30
[ 1890.889894][   T31]  ? unwind_get_return_address+0x4d/0x90
[ 1890.898016][   T31]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1890.913266][   T31]  ? __pfx_inet_rtm_newaddr+0x10/0x10
[ 1890.918692][   T31]  ? __pfx_inet_rtm_newaddr+0x10/0x10
[ 1890.931808][   T31]  rtnetlink_rcv_msg+0x7d5/0xbe0
[ 1890.938316][   T31]  ? rtnetlink_rcv_msg+0x1b9/0xbe0
[ 1890.945013][   T31]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1890.951688][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1890.959569][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1890.967650][   T31]  ? __lock_acquire+0x6b5/0x2cf0
[ 1890.974201][   T31]  netlink_rcv_skb+0x232/0x4b0
[ 1890.978988][   T31]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1890.986567][   T31]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1891.001722][   T31]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1891.019464][   T31]  netlink_unicast+0x80f/0x9b0
[ 1891.027384][   T31]  ? __pfx_netlink_unicast+0x10/0x10
[ 1891.038456][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1891.045653][   T31]  ? skb_put+0x11b/0x210
[ 1891.049919][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1891.057760][   T31]  netlink_sendmsg+0x813/0xb40
[ 1891.064161][   T31]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1891.070069][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1891.079970][   T31]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1891.086478][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1891.093688][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1891.099428][   T31]  __sys_sendto+0x709/0x7a0
[ 1891.107047][   T31]  ? __pfx___sys_sendto+0x10/0x10
[ 1891.114712][   T31]  ? exc_page_fault+0x6a/0xc0
[ 1891.119434][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1891.133397][   T31]  ? do_user_addr_fault+0xc6f/0x1340
[ 1891.138721][   T31]  __x64_sys_sendto+0xde/0x100
[ 1891.150215][   T31]  do_syscall_64+0x14d/0xf80
[ 1891.161471][   T31]  ? trace_irq_disable+0x3b/0x150
[ 1891.168010][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1891.175062][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1891.180966][   T31] RIP: 0033:0x7f5ff135cfce
[ 1891.187294][   T31] RSP: 002b:00007ffebbf51b78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[ 1891.197435][   T31] RAX: ffffffffffffffda RBX: 00005555564d6500 RCX: 00007f5ff135cfce
[ 1891.206964][   T31] RDX: 0000000000000028 RSI: 00007f5ff2144670 RDI: 0000000000000003
[ 1891.219077][   T31] RBP: 0000000000000001 R08: 00007ffebbf51bf4 R09: 000000000000000c
[ 1891.231336][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003
[ 1891.250589][   T31] R13: 0000000000000000 R14: 00007f5ff2144670 R15: 0000000000000000
[ 1891.266398][   T31]  </TASK>
[ 1891.269566][   T31] INFO: task syz-executor:25632 blocked for more than 147 seconds.
[ 1891.279559][   T31]       Tainted: G             L      syzkaller #0
[ 1891.287678][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1891.298052][   T31] task:syz-executor    state:D stack:26688 pid:25632 tgid:25632 ppid:1      task_flags:0x400140 flags:0x00080002
[ 1891.311582][   T31] Call Trace:
[ 1891.316400][   T31]  <TASK>
[ 1891.319355][   T31]  __schedule+0x15dd/0x52d0
[ 1891.329129][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1891.338607][   T31]  ? __pfx___schedule+0x10/0x10
[ 1891.344377][   T31]  ? schedule+0x90/0x360
[ 1891.348651][   T31]  schedule+0x164/0x360
[ 1891.357773][   T31]  schedule_preempt_disabled+0x13/0x30
[ 1891.366238][   T31]  __mutex_lock+0x7fe/0x1300
[ 1891.371408][   T31]  ? __mutex_lock+0x5ac/0x1300
[ 1891.386307][   T31]  ? inet_rtm_newaddr+0x404/0x1ad0
[ 1891.391459][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 1891.399941][   T31]  ? __nla_parse+0x40/0x60
[ 1891.406119][   T31]  inet_rtm_newaddr+0x404/0x1ad0
[ 1891.411172][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1891.418523][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1891.425668][   T31]  ? __kernel_text_address+0xd/0x30
[ 1891.430976][   T31]  ? unwind_get_return_address+0x4d/0x90
[ 1891.445392][   T31]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1891.453094][   T31]  ? __pfx_inet_rtm_newaddr+0x10/0x10
[ 1891.458514][   T31]  ? __pfx_inet_rtm_newaddr+0x10/0x10
[ 1891.469170][   T31]  rtnetlink_rcv_msg+0x7d5/0xbe0
[ 1891.477719][   T31]  ? rtnetlink_rcv_msg+0x1b9/0xbe0
[ 1891.486657][   T31]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1891.493669][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1891.499343][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1891.506655][   T31]  ? __lock_acquire+0x6b5/0x2cf0
[ 1891.514036][   T31]  netlink_rcv_skb+0x232/0x4b0
[ 1891.518820][   T31]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1891.526040][   T31]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1891.531366][   T31]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1891.540289][   T31]  netlink_unicast+0x80f/0x9b0
[ 1891.547721][   T31]  ? __pfx_netlink_unicast+0x10/0x10
[ 1891.556265][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1891.563507][   T31]  ? skb_put+0x11b/0x210
[ 1891.567777][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1891.579952][   T31]  netlink_sendmsg+0x813/0xb40
[ 1891.587809][   T31]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1891.597520][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1891.604808][   T31]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1891.609768][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1891.617111][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1891.624518][   T31]  __sys_sendto+0x709/0x7a0
[ 1891.629224][   T31]  ? __pfx___sys_sendto+0x10/0x10
[ 1891.635837][   T31]  ? exc_page_fault+0x6a/0xc0
[ 1891.643577][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1891.649227][   T31]  ? do_user_addr_fault+0xc6f/0x1340
[ 1891.664202][   T31]  __x64_sys_sendto+0xde/0x100
[ 1891.669009][   T31]  do_syscall_64+0x14d/0xf80
[ 1891.676411][   T31]  ? trace_irq_disable+0x3b/0x150
[ 1891.686192][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1891.694779][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1891.706995][   T31] RIP: 0033:0x7f8cc555cfce
[ 1891.711426][   T31] RSP: 002b:00007ffdd4ad7d28 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[ 1891.721381][   T31] RAX: ffffffffffffffda RBX: 0000555578f9c500 RCX: 00007f8cc555cfce
[ 1891.731088][   T31] RDX: 0000000000000028 RSI: 00007f8cc6344670 RDI: 0000000000000003
[ 1891.744098][   T31] RBP: 0000000000000001 R08: 00007ffdd4ad7da4 R09: 000000000000000c
[ 1891.753627][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003
[ 1891.764230][   T31] R13: 0000000000000000 R14: 00007f8cc6344670 R15: 0000000000000000
[ 1891.775782][   T31]  </TASK>
[ 1891.778884][   T31] 
[ 1891.778884][   T31] Showing all locks held in the system:
[ 1891.788301][   T31] 4 locks held by kworker/u8:0/12:
[ 1891.797791][   T31]  #0: ffff888034788948 ((wq_completion)wg-kex-wg1#43){+.+.}-{0:0}, at: process_scheduled_works+0x9ea/0x1830
[ 1891.820085][   T31]  #1: ffffc90000117c40 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0xa25/0x1830
[ 1891.835163][   T31]  #2: ffff888032631348 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x12f/0x830
[ 1891.851299][   T31]  #3: ffff88807c095c60 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x140/0x830
[ 1891.866113][   T31] 2 locks held by kworker/1:1/29:
[ 1891.871140][   T31] 1 lock held by khungtaskd/31:
[ 1891.880219][   T31]  #0: ffffffff8e7602e0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[ 1891.893886][   T31] 3 locks held by kworker/1:2/790:
[ 1891.899657][   T31] 3 locks held by kworker/1:3/1211:
[ 1891.909613][   T31] 1 lock held by dhcpcd/5483:
[ 1891.916908][   T31]  #0: ffffffff8fbcd3c8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_deladdr+0x1c1/0x790
[ 1891.933252][   T31] 2 locks held by getty/5573:
[ 1891.937941][   T31]  #0: ffff8880327690a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[ 1891.954515][   T31]  #1: ffffc9000331e2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x45c/0x13c0
[ 1891.966509][   T31] 3 locks held by kworker/0:7/5904:
[ 1891.972634][   T31]  #0: ffff88813fe0f548 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9ea/0x1830
[ 1891.991060][   T31]  #1: ffffc90003da7c40 (deferred_process_work){+.+.}-{0:0}, at: process_scheduled_works+0xa25/0x1830
[ 1892.005292][   T31]  #2: ffffffff8fbcd3c8 (rtnl_mutex){+.+.}-{4:4}, at: switchdev_deferred_process_work+0xe/0x20
[ 1892.020613][   T31] 3 locks held by kworker/1:6/5928:
[ 1892.028085][   T31] 3 locks held by kworker/u8:11/8815:
[ 1892.050657][   T31]  #0: ffff88803171e148 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x9ea/0x1830
[ 1892.063909][   T31]  #1: ffffc90005377c40 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0xa25/0x1830
[ 1892.079519][   T31]  #2: ffffffff8fbcd3c8 (rtnl_mutex){+.+.}-{4:4}, at: addrconf_verify_work+0x19/0x30
[ 1892.091181][   T31] 4 locks held by kworker/0:2/17971:
[ 1892.099476][   T31]  #0: ffff88807c5de548 ((wq_completion)wg-kex-wg1#44){+.+.}-{0:0}, at: process_scheduled_works+0x9ea/0x1830
[ 1892.117156][   T31]  #1: ffffc90003e77c40 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0xa25/0x1830
[ 1892.173995][   T31]  #2: ffff888032631348 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_consume_initiation+0x1a1/0x9a0
[ 1892.189262][   T31]  #3: ffff88807c095c60 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_consume_initiation+0x58b/0x9a0
[ 1892.210326][   T31] 4 locks held by kworker/u8:3/18804:
[ 1892.217307][   T31]  #0: ffff88801b6ce948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x9ea/0x1830
[ 1892.232646][   T31]  #1: ffffc9000497fc40 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0xa25/0x1830
[ 1892.244964][   T31]  #2: ffffffff8fbbebb0 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xf4/0x800
[ 1892.257992][   T31]  #3: ffffffff8fbcd3c8 (rtnl_mutex){+.+.}-{4:4}, at: wg_netns_pre_exit+0x1c/0x200
[ 1892.268959][   T31] 1 lock held by syz-executor/19374:
[ 1892.288118][   T31]  #0: ffffffff8fbcd3c8 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x3e/0x1c0
[ 1892.299508][   T31] 4 locks held by kworker/0:4/19586:
[ 1892.306357][   T31]  #0: ffff888053521548 ((wq_completion)wg-kex-wg2#36){+.+.}-{0:0}, at: process_scheduled_works+0x9ea/0x1830
[ 1892.320514][   T31]  #1: ffffc90002fe7c40 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0xa25/0x1830
[ 1892.374714][   T31]  #2: ffff88803470d348 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_consume_initiation+0x1a1/0x9a0
[ 1892.398211][   T31]  #3: ffff8880683adc60 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_consume_initiation+0x58b/0x9a0
[ 1892.413123][   T31] 1 lock held by syz-executor/19830:
[ 1892.418412][   T31]  #0: ffffffff8fbcd3c8 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x3e/0x1c0
[ 1892.430013][   T31] 3 locks held by kworker/u8:7/20498:
[ 1892.455964][   T31]  #0: ffff88813fe44148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9ea/0x1830
[ 1892.474163][   T31]  #1: ffffc900039d7c40 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0xa25/0x1830
[ 1892.486820][   T31]  #2: ffffffff8fbcd3c8 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0xe/0x60
[ 1892.499204][   T31] 2 locks held by kworker/1:7/20863:
[ 1892.514991][   T31] 1 lock held by syz-executor/23259:
[ 1892.520284][   T31]  #0: ffffffff8fbcd3c8 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x3e/0x1c0
[ 1892.530451][   T31] 1 lock held by syz.9.5284/25539:
[ 1892.538158][   T31]  #0: ffffffff8fbcd3c8 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x3e/0x1c0
[ 1892.548760][   T31] 3 locks held by kworker/1:5/25579:
[ 1892.555636][   T31] 1 lock held by syz.4.5295/25584:
[ 1892.568549][   T31] 4 locks held by kworker/1:8/25592:
[ 1892.584542][   T31] 1 lock held by syz-executor/25594:
[ 1892.589842][   T31]  #0: ffffffff8fbcd3c8 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x3e/0x1c0
[ 1892.603773][   T31] 5 locks held by kworker/1:9/25599:
[ 1892.609063][   T31] 2 locks held by syz-executor/25600:
[ 1892.625145][   T31]  #0: ffffffff8fbbebb0 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x4f7/0x730
[ 1892.636199][   T31]  #1: ffffffff8fbcd3c8 (rtnl_mutex){+.+.}-{4:4}, at: ip_tunnel_init_net+0x2d7/0x840
[ 1892.648301][   T31] 4 locks held by kworker/0:0/25601:
[ 1892.655179][   T31]  #0: ffff888051bda948 ((wq_completion)wg-kex-wg2#38){+.+.}-{0:0}, at: process_scheduled_works+0x9ea/0x1830
[ 1892.670729][   T31]  #1: ffffc90003b87c40 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0xa25/0x1830
[ 1892.717913][   T31]  #2: ffff88806dad9348 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_consume_initiation+0x1a1/0x9a0
[ 1892.739120][   T31]  #3: ffff8880683a8d20 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_consume_initiation+0x58b/0x9a0
[ 1892.753306][   T31] 2 locks held by syz-executor/25604:
[ 1892.758681][   T31]  #0: ffffffff8fbbebb0 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x4f7/0x730
[ 1892.772041][   T31]  #1: ffffffff8fbcd3c8 (rtnl_mutex){+.+.}-{4:4}, at: ip_tunnel_init_net+0x2d7/0x840
[ 1892.787234][   T31] 2 locks held by syz-executor/25606:
[ 1892.794203][   T31]  #0: ffffffff8fbbebb0 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x4f7/0x730
[ 1892.805747][   T31]  #1: ffffffff8fbcd3c8 (rtnl_mutex){+.+.}-{4:4}, at: ip_tunnel_init_net+0x2d7/0x840
[ 1892.817556][   T31] 3 locks held by kworker/u9:2/25612:
[ 1892.827269][   T31]  #0: ffff888051b29948 ((wq_completion)hci6){+.+.}-{0:0}, at: process_scheduled_works+0x9ea/0x1830
[ 1892.840137][   T31]  #1: ffffc90004727c40 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0xa25/0x1830
[ 1892.863609][   T31]  #2: ffff8880799bcec0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d3/0x400
[ 1892.877477][   T31] 1 lock held by syz-executor/25613:
[ 1892.884364][   T31]  #0: ffffffff8fbcd3c8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0
[ 1892.895305][   T31] 1 lock held by syz-executor/25632:
[ 1892.902005][   T31]  #0: ffffffff8fbcd3c8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0
[ 1892.913070][   T31] 3 locks held by kworker/u9:4/25633:
[ 1892.918440][   T31]  #0: ffff88806e43c148 ((wq_completion)hci4){+.+.}-{0:0}, at: process_scheduled_works+0x9ea/0x1830
[ 1892.935233][   T31]  #1: ffffc9000571fc40 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0xa25/0x1830
[ 1892.949862][   T31]  #2: ffff888052178ec0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d3/0x400
[ 1892.976816][   T31] 1 lock held by syz-executor/25644:
[ 1892.983797][   T31]  #0: ffffffff8fbcd3c8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0
[ 1892.996234][   T31] 1 lock held by syz-executor/25646:
[ 1893.003578][   T31]  #0: ffffffff8fbcd3c8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0
[ 1893.014617][   T31] 1 lock held by syz-executor/25650:
[ 1893.020526][   T31]  #0: ffffffff8fbcd3c8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0
[ 1893.032444][   T31] 1 lock held by syz-executor/25651:
[ 1893.037834][   T31]  #0: ffffffff8fbcd3c8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0
[ 1893.055135][   T31] 1 lock held by syz-executor/25655:
[ 1893.060434][   T31]  #0: ffffffff8fbcd3c8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0
[ 1893.092044][   T31] 3 locks held by kworker/u9:7/25656:
[ 1893.097482][   T31]  #0: ffff888046c1e948 ((wq_completion)hci12){+.+.}-{0:0}, at: process_scheduled_works+0x9ea/0x1830
[ 1893.114650][   T31]  #1: ffffc90005357c40 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0xa25/0x1830
[ 1893.129067][   T31]  #2: ffff88804c4b8ec0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d3/0x400
[ 1893.140716][   T31] 1 lock held by syz-executor/25658:
[ 1893.147780][   T31]  #0: ffffffff8fbcd3c8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0
[ 1893.165195][   T31] 3 locks held by kworker/u9:8/25660:
[ 1893.170592][   T31]  #0: ffff888051726148 ((wq_completion)hci1){+.+.}-{0:0}, at: process_scheduled_works+0x9ea/0x1830
[ 1893.187749][   T31]  #1: ffffc90005207c40 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0xa25/0x1830
[ 1893.209885][   T31]  #2: ffff888067fc4ec0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d3/0x400
[ 1893.223826][   T31] 4 locks held by kworker/0:1/25664:
[ 1893.229117][   T31]  #0: ffff88807bd73548 ((wq_completion)wg-kex-wg2#30){+.+.}-{0:0}, at: process_scheduled_works+0x9ea/0x1830
[ 1893.247322][   T31]  #1: ffffc90004db7c40 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0xa25/0x1830
[ 1893.298223][   T31]  #2: ffff888061299348 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_consume_initiation+0x1a1/0x9a0
[ 1893.319751][   T31]  #3: ffff88807c0920f0 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_consume_initiation+0x58b/0x9a0
[ 1893.357063][   T31] 3 locks held by kworker/1:11/25666:
[ 1893.366931][   T31] 1 lock held by syz-executor/25669:
[ 1893.373948][   T31]  #0: ffffffff8fbcd3c8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0
[ 1893.392162][   T31] 1 lock held by syz-executor/25673:
[ 1893.397456][   T31]  #0: ffffffff8fbcd3c8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0
[ 1893.415174][   T31] 1 lock held by syz-executor/25676:
[ 1893.420500][   T31]  #0: ffffffff8fbcd3c8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0
[ 1893.442824][   T31] 1 lock held by syz-executor/25683:
[ 1893.448126][   T31]  #0: ffffffff8fbcd3c8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0
[ 1893.459485][   T31] 1 lock held by syz-executor/25688:
[ 1893.466539][   T31]  #0: ffffffff8fbcd3c8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0
[ 1893.479446][   T31] 1 lock held by syz-executor/25690:
[ 1893.488458][   T31]  #0: ffffffff8fbcd3c8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0
[ 1893.498878][   T31] 1 lock held by syz-executor/25698:
[ 1893.505098][   T31]  #0: ffffffff8fbcd3c8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0
[ 1893.517921][   T31] 1 lock held by syz-executor/25703:
[ 1893.527773][   T31]  #0: ffffffff8fbcd3c8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0
[ 1893.552570][   T31] 1 lock held by syz-executor/25706:
[ 1893.557883][   T31]  #0: ffffffff8fbcd3c8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0
[ 1893.569877][   T31] 
[ 1893.574605][   T31] =============================================
[ 1893.574605][   T31] 
[ 1893.586512][   T31] NMI backtrace for cpu 0
[ 1893.586533][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1893.586567][   T31] Tainted: [L]=SOFTLOCKUP
[ 1893.586577][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1893.586593][   T31] Call Trace:
[ 1893.586603][   T31]  <TASK>
[ 1893.586613][   T31]  dump_stack_lvl+0xe8/0x150
[ 1893.586654][   T31]  nmi_cpu_backtrace+0x274/0x2d0
[ 1893.586690][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 1893.586727][   T31]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[ 1893.586772][   T31]  sys_info+0x135/0x170
[ 1893.586801][   T31]  watchdog+0xfd9/0x1030
[ 1893.586847][   T31]  ? watchdog+0x21a/0x1030
[ 1893.586895][   T31]  kthread+0x388/0x470
[ 1893.586921][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1893.586959][   T31]  ? __pfx_kthread+0x10/0x10
[ 1893.586986][   T31]  ret_from_fork+0x51e/0xb90
[ 1893.587023][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[ 1893.587055][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1893.587085][   T31]  ? __switch_to+0xc7d/0x1450
[ 1893.587119][   T31]  ? __pfx_kthread+0x10/0x10
[ 1893.587145][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1893.587202][   T31]  </TASK>
[ 1893.587212][   T31] Sending NMI from CPU 0 to CPUs 1:
[ 1893.727663][    C1] NMI backtrace for cpu 1
[ 1893.727686][    C1] CPU: 1 UID: 0 PID: 25666 Comm: kworker/1:11 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1893.727716][    C1] Tainted: [L]=SOFTLOCKUP
[ 1893.727725][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1893.727740][    C1] Workqueue: wg-kex-wg2 wg_packet_handshake_receive_worker
[ 1893.727774][    C1] RIP: 0010:unwind_next_frame+0x524/0x23c0
[ 1893.727816][    C1] Code: 00 49 01 ef 4c 89 f8 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df 0f b6 04 08 84 c0 75 27 49 63 07 4c 01 f8 49 8d 4f 04 4c 39 e0 <48> 0f 46 e9 49 8d 47 fc 48 0f 47 d8 4d 0f 46 ef 48 39 dd 76 a2 e9
[ 1893.727835][    C1] RSP: 0018:ffffc90000a07c18 EFLAGS: 00000283
[ 1893.727854][    C1] RAX: ffffffff866ffadf RBX: ffffffff90624bc8 RCX: ffffffff90624bcc
[ 1893.727872][    C1] RDX: ffffffff90624bc8 RSI: ffffffff90fa96d6 RDI: ffffffff8c27b020
[ 1893.727889][    C1] RBP: ffffffff90624bc8 R08: 0000000000000009 R09: ffffffff8e7602e0
[ 1893.727905][    C1] R10: dffffc0000000000 R11: ffffffff81b0bb80 R12: ffffffff86700003
[ 1893.727929][    C1] R13: ffffffff90624bc8 R14: ffffc90000a07ce8 R15: ffffffff90624bc8
[ 1893.727950][    C1] FS:  0000000000000000(0000) GS:ffff888125564000(0000) knlGS:0000000000000000
[ 1893.727968][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1893.727983][    C1] CR2: 000055d40483b440 CR3: 000000000e54c000 CR4: 0000000000350ef0
[ 1893.728001][    C1] Call Trace:
[ 1893.728011][    C1]  <IRQ>
[ 1893.728026][    C1]  ? unwind_next_frame+0xa5/0x23c0
[ 1893.728059][    C1]  ? wg_noise_handshake_begin_session+0x8a4/0xbd0
[ 1893.728096][    C1]  ? wg_noise_handshake_begin_session+0x8a4/0xbd0
[ 1893.728135][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1893.728160][    C1]  arch_stack_walk+0x11b/0x150
[ 1893.728198][    C1]  ? wg_noise_handshake_begin_session+0x8a4/0xbd0
[ 1893.728238][    C1]  stack_trace_save+0xa9/0x100
[ 1893.728261][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[ 1893.728282][    C1]  ? kmem_cache_free+0x187/0x630
[ 1893.728309][    C1]  ? nlmsg_notify+0xf0/0x1a0
[ 1893.728336][    C1]  ? br_fdb_update+0x4c8/0x690
[ 1893.728356][    C1]  ? br_handle_frame_finish+0x573/0x1b40
[ 1893.728383][    C1]  ? br_nf_hook_thresh+0x3dd/0x4c0
[ 1893.728408][    C1]  ? br_nf_pre_routing_finish_ipv6+0xa3a/0xd70
[ 1893.728437][    C1]  ? br_nf_pre_routing_ipv6+0x374/0x6f0
[ 1893.728465][    C1]  ? br_handle_frame+0x1277/0x1510
[ 1893.728497][    C1]  ? __netif_receive_skb_core+0x98f/0x31a0
[ 1893.728529][    C1]  kasan_save_track+0x3e/0x80
[ 1893.728552][    C1]  ? kasan_save_track+0x3e/0x80
[ 1893.728574][    C1]  ? kasan_save_free_info+0x46/0x50
[ 1893.728606][    C1]  ? __kasan_slab_free+0x5c/0x80
[ 1893.728629][    C1]  ? kmem_cache_free+0x187/0x630
[ 1893.728653][    C1]  ? netlink_broadcast_filtered+0xee4/0x1020
[ 1893.728679][    C1]  ? nlmsg_notify+0xf0/0x1a0
[ 1893.728705][    C1]  ? br_fdb_update+0x4c8/0x690
[ 1893.728725][    C1]  ? br_handle_frame_finish+0x573/0x1b40
[ 1893.728751][    C1]  ? br_nf_hook_thresh+0x3dd/0x4c0
[ 1893.728776][    C1]  ? br_nf_pre_routing_finish_ipv6+0xa3a/0xd70
[ 1893.728805][    C1]  ? br_nf_pre_routing_ipv6+0x374/0x6f0
[ 1893.728833][    C1]  ? br_handle_frame+0x1277/0x1510
[ 1893.728859][    C1]  ? __netif_receive_skb_core+0x98f/0x31a0
[ 1893.728886][    C1]  ? process_backlog+0x76d/0x1950
[ 1893.728916][    C1]  ? __napi_poll+0xae/0x340
[ 1893.728941][    C1]  ? net_rx_action+0x627/0xf70
[ 1893.728970][    C1]  ? handle_softirqs+0x22a/0x870
[ 1893.728999][    C1]  ? do_softirq+0x76/0xd0
[ 1893.729026][    C1]  ? __local_bh_enable_ip+0xf8/0x130
[ 1893.729054][    C1]  ? wg_noise_handshake_begin_session+0x8a4/0xbd0
[ 1893.729118][    C1]  kasan_save_free_info+0x46/0x50
[ 1893.729151][    C1]  __kasan_slab_free+0x5c/0x80
[ 1893.729176][    C1]  kmem_cache_free+0x187/0x630
[ 1893.729201][    C1]  ? netlink_broadcast_filtered+0xee4/0x1020
[ 1893.729232][    C1]  netlink_broadcast_filtered+0xee4/0x1020
[ 1893.729274][    C1]  ? __pfx_netlink_broadcast_filtered+0x10/0x10
[ 1893.729303][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1893.729330][    C1]  ? __alloc_skb+0x4e5/0x7d0
[ 1893.729363][    C1]  nlmsg_notify+0xf0/0x1a0
[ 1893.729394][    C1]  br_fdb_update+0x4c8/0x690
[ 1893.729414][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1893.729446][    C1]  ? __pfx_br_fdb_update+0x10/0x10
[ 1893.729465][    C1]  ? skb_ext_add+0x148/0x8f0
[ 1893.729510][    C1]  br_handle_frame_finish+0x573/0x1b40
[ 1893.729538][    C1]  ? __local_bh_enable_ip+0xd0/0x130
[ 1893.729567][    C1]  ? ip6t_do_table+0x137d/0x1560
[ 1893.729605][    C1]  ? __pfx_br_handle_frame_finish+0x10/0x10
[ 1893.729640][    C1]  ? ip6t_do_table+0x1c3/0x1560
[ 1893.729674][    C1]  ? __pfx_ip6t_do_table+0x10/0x10
[ 1893.729705][    C1]  ? nf_hook_slow+0x176/0x220
[ 1893.729738][    C1]  ? __pfx_br_handle_frame_finish+0x10/0x10
[ 1893.729766][    C1]  br_nf_hook_thresh+0x3dd/0x4c0
[ 1893.729799][    C1]  ? __pfx_br_nf_hook_thresh+0x10/0x10
[ 1893.729827][    C1]  ? __pfx_br_handle_frame_finish+0x10/0x10
[ 1893.729854][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1893.729880][    C1]  ? nf_nat_ipv6_in+0x203/0x2c0
[ 1893.729915][    C1]  br_nf_pre_routing_finish_ipv6+0xa3a/0xd70
[ 1893.729944][    C1]  ? __pfx_br_handle_frame_finish+0x10/0x10
[ 1893.729980][    C1]  br_nf_pre_routing_ipv6+0x374/0x6f0
[ 1893.730010][    C1]  ? br_nf_pre_routing_ipv6+0x421/0x6f0
[ 1893.730039][    C1]  ? __pfx_br_nf_pre_routing_ipv6+0x10/0x10
[ 1893.730071][    C1]  ? __pfx_br_nf_pre_routing_finish_ipv6+0x10/0x10
[ 1893.730100][    C1]  ? br_nf_pre_routing+0x720/0x1470
[ 1893.730132][    C1]  ? __pfx_br_nf_pre_routing+0x10/0x10
[ 1893.730158][    C1]  br_handle_frame+0x1277/0x1510
[ 1893.730193][    C1]  ? __pfx_br_handle_frame+0x10/0x10
[ 1893.730223][    C1]  ? __pfx_br_handle_frame_finish+0x10/0x10
[ 1893.730254][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1893.730284][    C1]  ? __pfx_br_handle_frame+0x10/0x10
[ 1893.730311][    C1]  __netif_receive_skb_core+0x98f/0x31a0
[ 1893.730341][    C1]  ? ip6_mc_input+0x8de/0xbd0
[ 1893.730367][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1893.730393][    C1]  ? ip6_mc_input+0x8de/0xbd0
[ 1893.730418][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1893.730449][    C1]  ? __lock_acquire+0x6b5/0x2cf0
[ 1893.730488][    C1]  ? __pfx___netif_receive_skb_core+0x10/0x10
[ 1893.730517][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1893.730546][    C1]  ? ip6_rcv_finish+0x29e/0x2e0
[ 1893.730584][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1893.730612][    C1]  ? NF_HOOK+0x336/0x3c0
[ 1893.730632][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1893.730660][    C1]  ? skb_orphan+0xaf/0xd0
[ 1893.730682][    C1]  ? __pfx_ip6_rcv_finish+0x10/0x10
[ 1893.730719][    C1]  ? NF_HOOK+0x9e/0x3c0
[ 1893.730743][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1893.730771][    C1]  ? lock_acquire+0xf0/0x2e0
[ 1893.730801][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1893.730832][    C1]  ? process_backlog+0x3eb/0x1950
[ 1893.730863][    C1]  ? process_backlog+0x3eb/0x1950
[ 1893.730896][    C1]  ? process_backlog+0x3eb/0x1950
[ 1893.730927][    C1]  process_backlog+0x76d/0x1950
[ 1893.730975][    C1]  __napi_poll+0xae/0x340
[ 1893.731002][    C1]  ? skb_defer_free_flush+0x233/0x260
[ 1893.731035][    C1]  net_rx_action+0x627/0xf70
[ 1893.731079][    C1]  ? __pfx_net_rx_action+0x10/0x10
[ 1893.731125][    C1]  ? try_to_wake_up+0x7fc/0x1390
[ 1893.731157][    C1]  handle_softirqs+0x22a/0x870
[ 1893.731191][    C1]  ? do_softirq+0x76/0xd0
[ 1893.731225][    C1]  ? wg_noise_handshake_begin_session+0x352/0xbd0
[ 1893.731265][    C1]  do_softirq+0x76/0xd0
[ 1893.731294][    C1]  </IRQ>
[ 1893.731302][    C1]  <TASK>
[ 1893.731312][    C1]  __local_bh_enable_ip+0xf8/0x130
[ 1893.731342][    C1]  ? wg_noise_handshake_begin_session+0x352/0xbd0
[ 1893.731380][    C1]  wg_noise_handshake_begin_session+0x8a4/0xbd0
[ 1893.731419][    C1]  ? wg_noise_handshake_begin_session+0x352/0xbd0
[ 1893.731465][    C1]  wg_packet_send_handshake_response+0x13c/0x310
[ 1893.731501][    C1]  ? __pfx_wg_packet_send_handshake_response+0x10/0x10
[ 1893.731530][    C1]  ? wg_socket_set_peer_endpoint_from_skb+0xd7/0x130
[ 1893.731571][    C1]  ? __local_bh_enable_ip+0xd0/0x130
[ 1893.731601][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1893.731633][    C1]  wg_packet_handshake_receive_worker+0x6a9/0x10c0
[ 1893.731672][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1893.731702][    C1]  ? __pfx_wg_packet_handshake_receive_worker+0x10/0x10
[ 1893.731734][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1893.731764][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1893.731794][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1893.731822][    C1]  ? do_raw_spin_unlock+0xf5/0x210
[ 1893.731849][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1893.731876][    C1]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[ 1893.731914][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1893.731943][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1893.731970][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1893.731999][    C1]  ? process_scheduled_works+0xa25/0x1830
[ 1893.732029][    C1]  ? process_scheduled_works+0xa25/0x1830
[ 1893.732059][    C1]  process_scheduled_works+0xb02/0x1830
[ 1893.732108][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1893.732142][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1893.732168][    C1]  ? assign_work+0x3d5/0x5e0
[ 1893.732200][    C1]  worker_thread+0xa50/0xfc0
[ 1893.732232][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1893.732269][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1893.732302][    C1]  kthread+0x388/0x470
[ 1893.732324][    C1]  ? __pfx_worker_thread+0x10/0x10
[ 1893.732352][    C1]  ? __pfx_kthread+0x10/0x10
[ 1893.732375][    C1]  ret_from_fork+0x51e/0xb90
[ 1893.732407][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[ 1893.732434][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1893.732461][    C1]  ? __switch_to+0xc7d/0x1450
[ 1893.732495][    C1]  ? __pfx_kthread+0x10/0x10
[ 1893.732518][    C1]  ret_from_fork_asm+0x1a/0x30
[ 1893.732564][    C1]  </TASK>
[ 1894.721328][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[ 1894.728245][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1894.738946][   T31] Tainted: [L]=SOFTLOCKUP
[ 1894.743273][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1894.753340][   T31] Call Trace:
[ 1894.756628][   T31]  <TASK>
[ 1894.759563][   T31]  vpanic+0x56c/0xa60
[ 1894.763672][   T31]  ? __pfx___schedule+0x10/0x10
[ 1894.768554][   T31]  ? __pfx_vpanic+0x10/0x10
[ 1894.773075][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1894.778726][   T31]  panic+0xc5/0xd0
[ 1894.782470][   T31]  ? __pfx_panic+0x10/0x10
[ 1894.786900][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1894.792539][   T31]  ? preempt_schedule_thunk+0x16/0x30
[ 1894.797921][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1894.803562][   T31]  ? nmi_trigger_cpumask_backtrace+0x2bb/0x300
[ 1894.809739][   T31]  watchdog+0x1023/0x1030
[ 1894.814202][   T31]  ? watchdog+0x21a/0x1030
[ 1894.818648][   T31]  kthread+0x388/0x470
[ 1894.822724][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1894.827425][   T31]  ? __pfx_kthread+0x10/0x10
[ 1894.832023][   T31]  ret_from_fork+0x51e/0xb90
[ 1894.836631][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[ 1894.841755][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1894.847407][   T31]  ? __switch_to+0xc7d/0x1450
[ 1894.852096][   T31]  ? __pfx_kthread+0x10/0x10
[ 1894.856695][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1894.861588][   T31]  </TASK>
[ 1894.864918][   T31] Kernel Offset: disabled
[ 1894.869232][   T31] Rebooting in 86400 seconds..