last executing test programs:

52.75496333s ago: executing program 3 (id=205):
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @void}, 0x10)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0xffffffff)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000001c0)=[{{0x0, 0x3c, &(0x7f00000000c0), 0x1, 0x0, 0x4d, 0x40044}}], 0x30, 0x4)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0xfffffeac, &(0x7f00000001c0)=""/115}]})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0000000000000000010001"], 0x50)

52.283377658s ago: executing program 3 (id=208):
r0 = socket$alg(0x26, 0x5, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
connect$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback, 0x3}, 0x31)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-3way\x00'}, 0x45)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000200)="ad00"/16, 0x10)

50.36037599s ago: executing program 3 (id=210):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_inet6_SIOCDELRT(r0, 0x890b, &(0x7f0000000080)={@private1={0xfc, 0x1, '\x00', 0x1}, @private1, @mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x280})
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0)
r3 = socket(0x10, 0x2, 0x0)
setsockopt(0xffffffffffffffff, 0x84, 0x81, &(0x7f00000002c0), 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x17, &(0x7f0000000080)=ANY=[@ANYBLOB="04000100"], 0x9)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(0xffffffffffffffff, 0x84, 0x6e, &(0x7f0000000c40)=[@in={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, @in={0x2, 0x4e22, @local}], 0x20)
write(r3, &(0x7f0000000040)="1c0000001a009b8a140000003b9b301f00"/27, 0x1b)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000180)={&(0x7f00000002c0)={0x34, 0x3, 0x8, 0x5, 0x0, 0x0, {0x3, 0x0, 0x7}, [@CTA_TIMEOUT_DATA={0x4, 0x4, 0x0, 0x1, @tcp}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x1b}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x6006}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x8000}, 0x48000)
socket(0x26, 0x80000, 0x7ff)
socket(0x2, 0x80805, 0x0)
preadv2(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000001200)=""/4088, 0xff8}], 0x1, 0x0, 0x0, 0x0)
r4 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
r5 = fcntl$dupfd(r4, 0x0, r4)
ioctl$SG_IO(r5, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffc, 0x6, 0x0, @buffer={0x2, 0x41001, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x0, 0x0, 0x0, 0x0})
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[], 0x48)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_CHANNEL(0xffffffffffffffff, 0x0, 0x0)

50.360053598s ago: executing program 0 (id=211):
setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0)
r0 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x87}, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
connect$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000180)={0x0, 0x80000})

49.114267288s ago: executing program 0 (id=213):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$vim2m(&(0x7f0000000040), 0x40000000e, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r2, 0xc0405602, &(0x7f0000000000)={0x3e, 0x2, 0x457f1c9146f8f874, "464905e100000000000000007f00", 0xb5315241})
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f00005f5000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000580)=ANY=[@ANYBLOB="0202200012000000000000000000000004000300fcffffff00000000000000000000010000000043ca00000000000000030006000000000002004e206401010000000000000000000400040000000000feffffffffffffff000000000000000000000000000000000200010000000000b70002fa01000080030005000000000002"], 0x90}}, 0x0)
r4 = socket(0x2a, 0x3, 0x5f)
sendto(r4, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
syz_init_net_socket$ax25(0x3, 0x2, 0x7)
fanotify_mark(0xffffffffffffffff, 0x10, 0x8000030, 0xffffffffffffffff, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000440)}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
recvmsg(r5, &(0x7f0000000980)={0x0, 0x0, 0x0}, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
munlockall()
r6 = syz_open_dev$radio(&(0x7f0000000140), 0x0, 0x2)
ioctl$VIDIOC_ENUM_FREQ_BANDS(r6, 0xc0405665, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
munlockall()
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
socket$nl_route(0x10, 0x3, 0x0)

44.573805892s ago: executing program 1 (id=223):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x5, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9}, 0x94)
bpf$OBJ_GET_PROG(0x7, 0x0, 0x0)
syz_open_dev$sndmidi(0x0, 0x2, 0x141102)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000004c00)=""/102392, 0x18ff8)
getdents64(0xffffffffffffffff, 0xffffffffffffffff, 0x18)
setrlimit(0xa, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="600000000206010200000000000000000000000014000780050014000700000008001240000500000900020073797a3200000000050001000700000011000300686173683a6e65742c6e657400000000050005000a000000050004"], 0x60}}, 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, &(0x7f0000000100)={0x3, 0x40, 0xfa00, {{0xa, 0x4e21, 0x0, @loopback}, {0xa, 0x4e22, 0xfffffffe, @empty}}}, 0x48)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, 0x0, 0x0)
setsockopt$inet6_tcp_int(r2, 0x11a, 0x22, 0x0, 0x0)

43.7397098s ago: executing program 1 (id=225):
syz_open_pts(0xffffffffffffffff, 0x2800)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
close(0xffffffffffffffff)
r4 = openat$binfmt_register(0xffffff9c, &(0x7f00000001c0), 0x1, 0x0)
r5 = syz_io_uring_setup(0x10e, &(0x7f00000000c0)={0x0, 0xf07d, 0x400, 0x3ffff, 0x30b}, &(0x7f0000000400), &(0x7f0000000240))
io_uring_enter(r5, 0x8aa, 0x20, 0x0, 0x0, 0x0)
write$binfmt_register(r4, &(0x7f00000004c0)={0x3a, 'syz1', 0x3a, 'M', 0x3a, 0x0, 0x3a, '#%\\h*@#Lw\x9e5\x9f6k\x886\xafm\xa0\b\x81\xdc\xd1\x8f\x93r2\x0eeu}\xf7\"\xbd&-~\xea(J\xee\'X\x9a\xd4\xfeI6\xd9\x1b\xc8\x14.\xfa\xb8\x03\x16\x96\x11\xa8\x90{G\xe2\xf1u\xd1\xca\x8a>\xc3\x84\xd3\xcf\xa7\x1f\xc1\xbd\x12\xd0\x1e\x98\xce+\x12\xaex{\x91\xc7bw\xcaC\xe1/\x19\xfei\xf0\xa2\x9c3\xee/\xcf\xdew \x1c\xc7=\xfb\xb8\x88\x132?\xbf\xb2\x93B\x01\'#\xc0v\xces\xa4\x13\xb1\x14\x89\xa0\x14P\x97\x81%)\xa1\x0e)2a2\xa2\xef\f\xef\x8a\x95\xdd\xac\xab\xff#T}`\x88r\xb3\xd8\x19\x06\xde\xb7\xf0GR.?i|\xafhs\x1d\xdc\x12\x85!\xaaqg\x10\xec\x1b\xcb\xfc6\xba\xde44m\x96+\r\xb4\x9a\xe8V1\x82\xce\xdd\xddx\xe7H\xa3N\x92\xdb\xaa\xdbe\xc1\x05P\b<\x1e\xd6\x92\x8c\xaa\xbe\xda\\|\xcf\xaf$.\x10\x8d\x9aie\xa1W\x1e\xd2L\xfa\xcc\xfb\xc2\x90\x99\xa9\x9f\xcd\xfasX\x9d\xbb\x8f\x1a', 0x3a, '#%\\h*@#Lw\x9e5\x9f6k\x886\xafm\xa0\b\x81\xdc\xd1\x8f\x93r2\x0eeu}\xf7\"\xbd&-~\xeahJ\xee\'X\x9a\xd4\xfeI6\xd9\x1b\xc8\x14.\xfa\xb8\x03\x16\x96\x11\xa8\x90{\xc5\xe2\xf1u\xd1\xca\x8a>\xc3\x84\xd3\xcf\xa7\x1f\xc1\xb5\x12\xd0\x1e\x98\xce+\x12\xaex{\x91\xc7bw\xcaC\xe1/\x19\xfei\xf0\xa2\x9c3\xee/\xcf\xdew \x1c\xc7=\xfb\xb8\x88\x132\xf9\xbf7K\x8d\x16\xa6\xbf4\v\xces\xa4\x13\xb1\x14\x89\xa0\x14P\x97\x81%)\xa1\x0e)2a2\xa2\xef\f\xef\x8a\x95\xdd\xac\xab\xff#T}`\x88r\xb3\xd8\x19\x06\xde\xb7\xf0GR.?i|\xafhs\x1d\xdc\x12\x85!\xaaqg\x10\xec\x1b\xcb\xfc6\xba\xde\x13\xdf\xc6Z+\r\xb4\x9a\xe8V1\x82\xce\xdd\xddx\xe7H\xa3N\x92\xdb\xaa\xdbe\xc1\x05P\b<\x1e\xd6\x92\x89\xaa\xbe\xda\\|\xcf\xaf$.\x10\x8d\x9aie\xd3W\x1e\xd2L\xfa\xcc\xfb\xc2\x90\x99\xa9\x9f\xcd\xfasX\x9d\xbb\x8f\x1a', 0x3a, './file0'}, 0x237)

43.635086075s ago: executing program 3 (id=226):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$vim2m(&(0x7f0000000040), 0x40000000e, 0x2)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f00005f5000)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x90}}, 0x0)
sendto(0xffffffffffffffff, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x80, &(0x7f0000000cc0)=[{0x0}, {&(0x7f0000000280)=""/85, 0x55}, {&(0x7f0000000fc0)=""/4096, 0x1000}, {&(0x7f0000000400)=""/97, 0x61}, {&(0x7f0000000980)=""/73, 0x49}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f00000007c0)=""/154, 0x9a}, {&(0x7f00000001c0)=""/17, 0x11}, {&(0x7f00000000c0)=""/26, 0x1a}, {&(0x7f0000000100)=""/21, 0x15}, {&(0x7f0000000880)=""/135, 0x87}, {&(0x7f0000000a00)=""/235, 0xeb}, {&(0x7f0000000b00)=""/174, 0xae}, {&(0x7f0000000300)=""/21, 0x15}, {&(0x7f0000000bc0)=""/194, 0xc2}], 0xf, &(0x7f0000000600)=""/191, 0xbf}}], 0x1, 0x0, &(0x7f0000003700)={0x77359400})
fanotify_mark(0xffffffffffffffff, 0x10, 0x8000030, 0xffffffffffffffff, 0x0)
socket$kcm(0x2c, 0x3, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
munlockall()
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8)
r3 = syz_open_dev$radio(&(0x7f0000000140), 0x0, 0x2)
ioctl$VIDIOC_ENUM_FREQ_BANDS(r3, 0xc0405665, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
munlockall()
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
socket$nl_route(0x10, 0x3, 0x0)

42.410159091s ago: executing program 1 (id=227):
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000000e00)=[{{0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000000800)="e3e08e4c7edd7c3b351915ddd09b30ec306e6ea0e587", 0x16}], 0x1}}], 0x1, 0x0)
r0 = socket$nl_crypto(0x10, 0x3, 0x15)
sendmsg$nl_crypto(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000740)=ANY=[@ANYBLOB="e00000001000010025bd7000ffdbdf25"], 0xe0}, 0x1, 0x0, 0x0, 0x60000801}, 0x10)

42.184084045s ago: executing program 0 (id=229):
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/49, 0x2c000, 0x1000, 0x10, 0x1}, 0x20)
setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$XDP_RX_RING(r0, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r2=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000300)=0x1, 0x4)
bind$xdp(r0, &(0x7f0000000100)={0x2c, 0x0, r2}, 0x10)
recvmmsg(r0, &(0x7f0000001d40)=[{{0x0, 0x0, 0x0}, 0x8}], 0x1, 0x0, 0x0)

42.144052769s ago: executing program 1 (id=230):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x2080, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_PIT2(r1, 0xc048aec8, &(0x7f0000000000)={0x40006})

41.772859416s ago: executing program 0 (id=231):
socket$pppl2tp(0x18, 0x1, 0x1)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000a00), r0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x3, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4}}, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=@newlink={0x3c, 0x10, 0x44b, 0x0, 0x25dfdbfc, {0x7a}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_AGEING_TIME={0x8, 0x8, 0xffffa888}]}}}]}, 0x3c}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='fsi_master_aspeed_opb_write\x00', r1, 0x0, 0x3eac}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="043e130100c90001"], 0x16)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r2, 0x0, 0x0)

40.900712381s ago: executing program 1 (id=232):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='memory.events.local\x00', 0x275a, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fcntl$getownex(r0, 0x10, &(0x7f00000001c0)={0x0, <r3=>0x0})
syz_pidfd_open(r3, 0x0)
sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x5, 0x0, 0x3, 0x0, 0xb49, 0x9, 0x8, 0x2, 0x3}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'pimreg0\x00', 0x1})
ioctl$SIOCGIFHWADDR(r4, 0x8927, &(0x7f0000000100)={'gre0\x00'})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
socket$nl_generic(0x10, 0x3, 0x10)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
pipe2$9p(&(0x7f0000000240)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r6, 0x0, 0x0)
r7 = dup(r6)
write$FUSE_BMAP(r7, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_INIT(r7, &(0x7f0000001740)={0x50, 0x0, 0x0, {0x7, 0x21, 0x0, 0x14210000, 0x81, 0x1005, 0x0, 0x3}}, 0x50)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000004380), 0x1814800, &(0x7f0000000340)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r7}, 0x2c, {[], [], 0x6b}})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x3, &(0x7f0000000040)=[{0x45, 0x0, 0x1, 0xfffffffc}, {}, {0x6, 0x0, 0x0, 0x7fff0000}]})
socket$inet6_mptcp(0xa, 0x1, 0x106)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f0000000800)="e7f268a48728435fc5b6e2d5810a1a1a161fe3559b65ac4a88b40a30486a1a23043a69e0890bb76252e61439a7ccb398196a5800ea9e61977179771119719e88ac4ae4ce6553330d8ff0f726d60e5a106a32f0186fa80ce8c91661cad2cbcadccfb6dfcdbc18e5fa7adeed6e15b67973f82dae57bc723d9ddab1e040f81c35aab7a2cb0672b31c516b1c8a7ee7dfe61a0d0c3750701e574dff72d6689f817bf3fc3452704adb41fdeda712f1de8855c8837dccd693e8c1c6ead92f8b27f7866c1dadb2a95da7ae7102ffe4a32ad806eea7ed0abdbc08abab0c462d0116772aa0c97c0868ba62028ebd8ad901fbd0a30c473e771e9003149a7660e40b574c0af1230dbf7de719cf0c1eacd04cd03e4148e887e15a6695e1ff0ae25ee4dc72e8d534bf9b09c3bf1c8caea097341a92c808e40bfa40cd5690def353e5eef9dce39ba5cf56e208e4aa86b5e3099ff333f57cdd3f95d01486d76236d374f668cfeb2b0d2682f532aa0c66946199437cd9659de42a0d04f9edffb60e62afb3cf735fad9f8adb4d14d2a2f0bc6f2d9ff29ed5eea8dace7c2a0a3bfd21f84c2571789f1043935aebfa108b1998b5a363238e638677edeaec95398985fe3cc711aa374e448f728d8d071210dac842bfc7b819634e3b03249fddb2cae6623221e4dc748681181bcdadf6c9f5432a771a8b321c31d8b649f5d3a0325a69c37d5bb16dbb53d4f08afa7d27042b04ba80a3baa7e01984a29dcf7495a4f96c690238346c51e9f25137c7bcecb271c9fadd82265498c6816a2f709e56b39b4a170ba2ef590884ce7a1bfdb98bdf2ff6670ea71c7124c3d0c18d677c3fe50e994d459462c76511dd6e45e41cf857e59d1818a9f50183ea014af17c1e5bdef4941b9f92e1ae97fc6ad74d0a970fb150529c239b5780820c7918f78ac5eb766a146933814710912782388da834d05e17cbee181e2233cb890a4333acca9406f9542ffa7f762eee6a323d57bba6047b330464ebaadcc824ab47723dca490044afea8ca882b7e3eec41af1070a9752fa043602ecb008c3c38e938e506c3dcc4e17f5b600e0b90cae102e0c09b93fafe12f4811d66f3a3ac384d751bd618e66e8cb15dde90ccbb22e4c363154472d1c4416fb6c4ea6620c723f91e05cf483c5985d7d1028de999e7f3990fd73982a01584259d4f10d9ebffd14cb0df2398dbd9f7aa5574b1afe687c15e6de800b4e960ef22d461e9164a108aef965509f4ab1da56f07f77fd8568e9581ec1e6fb3fdd776ba235b3d3ad74779fe176d28ed8ed9f9044a582119434631db1486ed992a996fc1ff772d2757a060d04c1cd5dbdbaa8c04d9f620e87f21ef79730c529de74a06d8db6c83efc50948b4e5c4b5bb49404314266149f7a5027d14ad14d8ade1ba2346b5aba477456b9dc6df4bf8435a18ef7252f4f12218162d3d226e93b664e5767b0aa5a6304477035881bf7f54e7838672e84d8e71a7288071349df4b68a076c393579cb0c4e5157d883a55f424e0e72a782d8e3283d692f457adad09eb4dbadb87f52ab411b5d057f0d9f346385d5cc205d730a27a5913d1055607706092e8a43426fa06c1de8200b784adf5a0f38f7b5b2f7e53fdb58bfbff302c0c8cfd22a451cd029e521e2f6ac34e318551f379c183aed7a22db5f84619fc738b1ab81d96f8534c9f82b9f734df3eafea1978b8304a648bd599db8ce37c4aa5ea5615a045d8664858100add204288ade384bc6834882d49aaec934cff639c67e26a66e456ce65026b1ffc5ca1e9425b13765585b69e9fdb0158057d3c14fa9df45493b95ae53d4e7245ed0a6c1606d2b3cf6d47ac97aa2ad092f2b2a272dfd69df9caac3dcc1a2fb4b03e1dcf7a5014284bac4f614f3cda5494b3aa2f6e8f44ed471ee41e2c65de96f546652582a71aead53964af9187d5e4c0c0c6fe64f99232f51a8da5d3dc466adc3edeea23c3b796d6495dfd811e32c6b8f02bb8310cccdb11e4098ae7aad6e05f70f41ddb5c25afd1245aa0b47aac9b3cd157bf6837e65c87aa35d39574bb75622acac4530b350049ba32c2ed436d4b08fecfde125f49fe80286ae57669f6ef76a2898549cceaf09c316c90c44f64cec1fa63fbe12983edc1fc280b693c00f61f63322e75362b3fd00af628fc5077979f831a0dea581beebd0c52a4ad1071517b5e1382fee2585aaffc5307f9484cd56464e5a29ddc30b12870dad56260e82620267e01ffbd3a8b31fefcefa3e0b9aa05d81067a1c7dbf243ede1bbbb0a844faa4e8f17242e14798fd6160a4d7b770018581a384c6ce381382da1145aebebd92c31f54e1a5beee1ab2e82bb2aabc461dd6545f133020e20364d0cf1551dcff7abcd6db3f28701f0bbf90e81b775dc59b7f2644cca886510fc8cffe195df2ebd510d2848995b7d1fbae36c3baac61736cf75fccf1b5b7c9693315e67e9e8492f2a8afe8763c055eaf10fa3c615f5bcf4a4019e89b675d976edbfd5bd5ec7eeb6edf064264913aed5e03bbdabba41de2dac18aa4b2ae8c245f7eda1ee7b48f0f95097b7f94c99423566753c9c0938e50b2c07428fcca4cdaf6f50422c6d42a15cdf4284282a4ac0b46e91a56302ac0ad4ba6d26e29e67a0a5f11654ca55a54cd9a66179faa9fcda5248c9a3805a970bdc54278aa311c223690c4930fb489beebded23c5313e1f20b3ee80d939be84bc7dccded4682ef0f8e8ab586b4ed55960749ffa35c042472b59cd86af5c2e2f7163aa55fddb433774490f9f173be7950cd2a01d18e7f4e5723b4a613c91696ac3ef7e170b8c412b8e733a47883f17f130f474ad5f1f93d2f152e0f12fdf851bae021f554330932f9b67cffa998a70ebd61c65991e79e5dc25ab9a47608a380a632a8745afcd5d3070367f160e531f75b7405876dcfd5760e90bff2ab08e32e994f8f81f75c9599698c25dd05bb306ff285caeb68d8b5cb69469e0dbe1077cd1116256423d6651ae3781b1969c0e9f03a32a38ec9c9b18caa671b0e73f501bcc3cec5dc16f6352c5eb975f9a6d5190cce8863b68a988866a1cd2666050294494705321d3c5630d6ed04823c9563c99a6abdda44ae0d326697c2ae6a7470e2f8f03654caf62d6881e3a6e47af426a66b27e1cb1396c210958b0041f25aa64b75e95242aba566554d766ab68eb76967d5544ef20736625e8300d39a1bd03b2ebdc520e59ba9f9322a1f228a0ede384fd54125acf8c0835b7951f5660dd7c51004c448e0ec9e6e9024bec21379a29f56966c8b437b08d4929db502a19ec52b91936ac86b65446f758d3f77c3c5d9299777c18be82f7a6d88aaf8189d2009670a9c2f4cd5d4c3f4301352c8229b69940ce6a88fe53bb698779008318bd6e4157507e304f42e238c683da0f9e5e52d6bb990bc68d8314bbbcfd94fa510d9b37778a76d8158e7ef8762c53198c23a88cbe6ce5f15095a6fcf0aecd233ed9c82d59e8a47b654bca2c7f3bc60f6d403b729cb47b69aac7c6a90cd363708338eb2f9c02718fd3443bdd7ee32cc1bd4d5021f200a51c8348f0ec9484748b552b4125341a3ad310cef4dc9416e018b9910d0cd90c4c50f1088f7be2db4dfbbfae4f4911b36eb8bdafcd674c6d2cde2ff6771963e70c1ee5ac27b1dace74863783732b93602d5647cc433dcf74b74e8b72a22c6aaa4a2b21341674daca4a26d76e6b3c17b5257e3714c5273a07251650846c8b075c7fde59677cc6252026e0c7ca8940d14b31940f430389c7b8e936032fcbc261cd07bf89c61ee090276de50ec90fe108a42e03beacf9de155295575822684f3d77b2d286cb1c0a542cc1bdf96805af08907d484892d20c4d9fe64fd4d476d7cd5c8bceb451e7664449e137c0557f8c8e69f167c66c362afbd2bffbcf1ea53cbf68ebf8cb3bedc463e800ff281d9d7a658770f83d570e53f90354bcae1f817dbedbc617775bafc802fe930bff61d91c3b6910b19da16b65030016bc426ef1bab0c4328a69f71cee71a41d30fe54a0dcd1c27d31499f028c05b23520ee23f90aa9e8a41c77ba336925ff82f1f04975551746fd5884dbd3aa967cbd72c6c451f0396cc8804ec41dfbded0277b772e01bd8b53a10eed234d65c8700c481861f37fa93814e6ccc0d14cb3a2081450ef8285dc98798d75dd0d1638631eea216c5ba95884bcec86b553d168c4d31f2a58b9d9f8006b8030d30a600b8a5943e6b002457e73187b9b04fc59854e23ff0c4316cd274b8ddb10968aaeea1e588096122b3b25992f7eeada28f22790cd11086b551cc736410087493364f0b6028d22d0aa5ce64b78c18de353ff02c7269396774dda6662562b6342872e03c90d004c3ad376d0b6d2bb79634b773966719af42d9e8dbc225305cea5d49bd29e66db7d4e7693dc77de00793a8b9611793d8b4c30482e25e3bbb5eb6c96c88006183b83fe554f626397ee611356b585e4777d21160e62a3a824852f1b2c69680aae5672ee4764a5977286ba15d428343df644cb8c8d87dfd68e5bb210fea0c16bf19486f31bed2f26c39ac28b51e7e0828af5588da8735e7e02f4004cdc8ed98ddb23a496e4c03578dec5e7ac9a2f80326b210d70f0d490af0728bf9e8ec3126f85262ed806789a2f0b16a12e761ad55703674aa6f334df539dee2be3b93d45bde8253371bb93937909c7cba3548891b174fcf52880b3ec6393c15460f0a19ee817fb680c4f1a37f1310a7d4aa9cc78e501cd56ccc761e0c21d9827b08d474af86140b89a6a5df6a71b1f41bc693884d39d8ef91bc8db1a4d6f1c58888d85996636ecabcdad0709ebfa33109b3599c61312189d5d1a90b872153490cc795ab69ca0baec12d0be26d6338e7c4c0a9d0d863aadab13cb192722c9bb25bca2dadb6a5de467c596367084f30616e67a23a0435ce2ddfc4933342c7f48769535e8639df550baa97de2df27fe51b81e48bb5e00095352a5546f14d686cce8351162a08d7a838201ef9a0ca496d4e891eb41661a84d615b15de21014bd80f3af44af7df34125d3a54f4bb89b4024a47fb5210219dd127eed4ab393fffa399bd6036012ebf55aacf86dfe2604df2fc650ba76efc1e7243e7eda7766c4cc41a107f993ead16697df8207ecfb0f4008734fa3b5d7170969ac0db7319437a8a26975215aef8660c05ea377af26920efdffac87904dc0f9cc64f8a8146960165e7698ca3962d3145e5370d3eb478a2d8f98db44b3c0273695e78aa08de17adb023351e7dc3b7462b8fb21a6a790052342f6b153b35418f6a914aff3bb1a2b3adf72acaefa2ab97fe0e0324bab97cb1be15bcd4bbbccdb1a1666c80c218b04ad2e6ce487b1c50d577c41990af907865c40e1bd5d46a096d1460f1089cf719b0049e5e631acac58af0ac9319e8d09d4af7f0b4596253208e99ab37c19aec9bb8f4170800d8eafde3d81a962ae802c72c4e1e6350683927d0c03cb9cccfeae2e2c9ece5413cce574e716fc44f675a671da6e701821ceeaee38b13dd2b6e64099fe6bec2d8de873bf3c3ddb67a14bab9dff7346bdfdb20c638256e8df566312ba54625def4d257864bb61d8b313e0069b6b93a81f64421e63a06b2a1ad2b3ad6523543f26228eab2168ef2f51e89634fc991dbf9d8a6cb0d8025bd3c4fdc0f4ff227bcb8436ec198a05a177c2b6fca6155f4a7aa746740d3cd21c3dfbc3041dac00acaed52802576d950628378733f7bf922a7a7681953800bb038f0cb2311bd04282fd839738b0fd7b380ba647f95364a1162f5f0ad2ef083a8c071264d3ba891c2615412efac22758a443315ff9d6c80c485fb93c6c8fb9318f27fdd1c257b23ead16f898a6100d018f04bb36d8a34503152fb9957ae7694afdc75a27078a64f2ce1db5c79fc12c140b568d1e6f8281bda2eaa14f8f0150d2bb2a251b344aa5d79a49491d109d01be2e4e55de7c68f2ea1ab218653ce75f88fae0b32a7aa4d3dd0c9aa1b24f1385fb80ed3107cec3ed6d97a4e2dbfaa5b58b15fce6837ccedd9f0292e0f879f2109961ff4b73245302fd2127521484ad12566a9a20d7205cbd73d6e345e0a848229a258c11e60a8e4b3c9987f288e82a8e027d90c8c469add3c1c67b6253bd099ab9b72535b443373e1338345037eb51a7a790e8fe6161258d4413c3dd59358c6ee91bbf52befb9ed56a78f460fcfbd6dc3ebf6d5052eafd83f6792ce76a017ae735732831f7d848b3f3206a743e383de153119f8d8aa774a38ee8fc616541d29674142e66e730db39e3fd14b4dafaa7abc6c888703ce82b12c22e23f830fe6d3ed27b1dd8a647a60f86bdd050cdaf8da90489cb1a548dab9490b86ec6e44bb1cf75853fd728d1ec7f414d25bc709d3e4c363953a4184867c2595ac431cb4ebae2f2667c9d322e1acd50e5c0909204dc7566814056ae86dfa8655b1175788ce868742f1dae00ddbbc8501bf64788ff0ce88dc5405fc59470b2a07bbfaa813409937d32cf785ff96547f1816405cf03960bf68c7b22f6a84259badebc6b3d507657481f539efb087685d8bfba095267715e8a26168256dca89f81184e1c6354686be367f7f4834aa990ad71efae7da20235eac580db6312a88b36f0a402acef36b81a5fb7e686de0c16b9be480634544a0c227b279339a1b9f860f83e42af9d22004f0af9e76912b0375a22e75f65bfb89fcdfa79ef9bfdfae5bd9db569f6debc8f38094502f3f7d2aeaac0710440cbb5fccc3ddf66deb235de4d5f03ed5b32c953588dc672149ac9246444fb13c1cc9f8c9d1d8c98d27dd3f1689a2edda02f069aa4b4d71fd31678c9c2187377b15fec716354e24828a5b099d5ebbda9979c8407697bf6472d8982de49445d9aa427e995a87a1852f52dd6044a83615d7fc1142f6df5d8ef464aab407be230d0efea63ccc1e3402abf58c5e95bbb049bb29a8a0c841738fc8de527e438090bd6048de26be87430bb5d311e6b5729d4436b863cbbec0ffb341e9a51bcc36a41dbeefe96de49025d1848ac6c51297c9ba23bc0c33327e2cee68ed877247055593b3d857a60bfbc5a4bd16795a7b0860a5161e0a7ee12f62b70c7e4b1ee052711f4a133bf10a0d897cfa9679a6096a622d74612612911fba4c797baec19dc6113dee702dd901be0fd035a3fac8c52873d2c122e0b7208bbf632df788c5aaf39ebfc8d2ed90b246fcf2bac7eab098131de57c3632e62f6a22c0a1a1524f2e6faa72e46d5e8bb40bc1f0e8f944bdb380d7529e95e0adcfb25184b800ffb27e90a14f4615b377ab1ad4b867625f2119b8d57a95dd753d7fbdf9140087b20160552038c9abe8317d1c476fd90fe97c75ff7b38c0a0e20609db8ec90b5c3790fecbc2ea346019232486832f1dc61f40c9a80d67e2c6455defd9ca15920be314510e485ee09ad1f4d5a3e6425c23678f93cbf71bd8fa6f15dc8b6b1de967bf84218a03487f3641591b392d28f83706fe8dfaa2abee3d8ecda6f58bf1eaeb67d531edead572b901f84a5398edd6950b24c121ba3c37b09022d9a14c767150b7707af3ae7a2ebcaced96c81aa9130da5e49f765a2e1da4abd12156971c2237e2c55caf3361f227860fb9fd5090abc4ff47151e9e7036010284048072e34a959b9af20342037f588eba8fa88bdeac8540164c218e8b42468f6db2f89cc1e9defefb4290e0509084948b62cdd28b9e6b814f501c3fb9a281ec6ec93c80ba48612dce00cbd9258b4f4a4c8dbb60ae2bd8bc7c4924e19ae655a31ff282058783b88a270efcb51c5688f3016c23dc760b1e6a88c01157f388894baa365923af20ae91bb0024895764a7212dad1f8720f10b4e6506bece4a00d301f02a1afc6f12ad52d3352208618bc79b735dccc7107ca1b08a7d0ba80e918efc44766731f1cb6e07523a16b57e148f56ac2eaf56099cfabb3288eb98b488293b9e0d097f27275e1c86471095944159a5a5eeaac391b2abddfc2fcedca7c3284a272f6439da0c5a968d1d365c8cf053ea04321460b897356e50c375d60326601faf463f0ba9c6355aeb19dad1475e3fd741b4bfeb4799c49f870e60765c86d37ab3f5958e842cf0aabfbefa9f1416f11d907a9b2d79b39d2ee14ee82e77bb7bed0a0edf3018af2b9b3b1cfa7427b099cd5e2ad73a7ce9e2e993dfd4674ae9dbb672cf6537ecfdcd1fcadde04a21af60cab8c67db90cbf0a2b17ba8b6d5a0856ad2af92be8827d289c3d20c9a8f2ba2a063686bd3a1a3531ee1c7b4289eb27c1158b5d27e2691c6fb60198c56a98a96373c1f85cb99e1532ed9b2e21328e6883a5332799bd3f614c8edcbc9c3407fac98246c72a22675e3e5c9a70e9bc73d1d0274c9b6aacbe8d2a711fea1a944f60d520847ab842106f178f57aed772843d8086b3b58e8ae2095ea5d95461fff4cfd34db66760d82ea76c19fa6163f8eefbfa10f8a85bdc0d8f7c99ec3631c278841cd324b156263a592c37cfce5d7ad51529852220fd8e780f5f2820e490eb9dd04a366ca28aaddcadef31d75cab75b66e40078046b7a9244bd8de2c24b02507df8e671930a1e0d6588f0c7fe70da9fcb38bcf93f54738017decc83bd393b0f89942933ad669ca046b39a4d56202648f586d3a08b88c34cdc2cf58ed09205ee0742ad281af399ded7786e88612f0c8e321e51daa1b2c0bda4cb6fdfdcfa788973589a14242bebaae3abfa1859b8ad634eb0cc9bc61c3994504a10181cc895b484b7d438519627b29503da4fe2b922925ce5d2996fbbcaa1d8e7669b97e64459713843ca5530b8817dcb4813ec4ed26882dfb614abfe6880f8cc3f2510b07084a4891afffa36bfd8ea96d78b9bb02d98590de43f298eb202284efa944f62ada6b290f2dc73691a615ad7dbffb96ba9411fdefe97c9bbe347401f8da5bb22df2d3e64581cc30320f32f8eb6fec9cab1cabdb4a325caecf260dc7034ebb7a8611c0fdd12c4a2f22c0fb9e9cde1713f20b6c64765c921a168279200664c1cfd63a152915bb54dff3092ea0bc5328c1707b48bc2a9da1e6e7269baa9741c6766d126853ecadd427d438cae467cea8893cf180fde2b4aa6e3b3137d6d6ecd25f448d805ef14350699bddde76f2cd7cc45664731950f890acfbcb9789163f4dc3862ac289321f11f3a54acf506c1187eaa0f2ae1ab8c7543f104af9546b914dcaf8f52141b0423874e25de63dd95e633ac77ada1a6fde3b6a402a7ab92a7d52d44f424a5ab162bebadb0b9f3a0447581c78bf07fbbfc2d345c173af645357046d96bf53f53b9650dd73dcebe02be33bbfab1ceeddf74e2a180c3f8ebf82d7961e5f23a0c8be7ef3a2d4f98f2a0ec31d08e55b36ea72f35d37bd9ad04ac6bdb2a80f9fdbb69ad2ff2cb7e3206861ddc16d459c98653096021c892755078ed887e8e6784ac71343ce43c7bd7f2ab70728c41059d5f42370932b5fd5a6a7bca3a23c3a258ad3911d9b04384fac718bbc4ed4c3d3d5ed88f9fbecae59a09ddfefd6ad2336d8adebd2a7da4ad9331e71ac523e8c694cb796ec3a4dff8f87764e69d12f73482837cc0b1a02f9ce85a905e13cc8913dd03e1b6ca3fc1e2752873f6b2aec860fb6475de4e79de5698ab86e28a8f4fd65109774585e7b54f88a0593cdb5cc620fc29c285515eeddd95063f5821be1941edd4f66864647657369afd27cee42b7f555707df6f196159ae8ec284c8298f7e4b47f0cb107eec2f78e6ed353c937e3508446184a29eeddc3484dfab2547d4c218dcba0177ead513bf51932bd8fef502982edf6fcd6342bcc1030776b753305925395096ff29d79d58472697281bee5d157a7106dafb5ec4b744375c3b7a437a68a01202327a186a17fa2e64d8c151ee90cfb98edd9fee5dd0a5cf108a147286bf3033b9dc99ef0e683da603822bf40f4cd39657b041e76ba63ff44e6f30e2104361aec6669454431955c95d8407156118cc1716bd64fc9ecae5554bc3f71510929174ffe91e3697cf2a0e7abec2f2fcffe52b6964c03c61448f6172bb866bf001a8b538c943629d73dbc05335d14e6b5609d919efb28954bb1430e35b7b5cd920fc55eb96141c0804403698b20c1eb324f75d1cb6be2ea523192b63b7031e6eb4c3408eb8feb628d379ba4ff2feb2c9026b951f0f4e28a3d1c10fc7e7d3afc3ef78a3c2114e273aa7ba3080d89c456b65b0203fd02c786f8ff8345768b770a2ccbca9a7d955d50cc863b01387bc734136d24e41f5fef94a709d170a7bac1a1b74e3d91ab0a53163ae4993588f187cf6333064709d1914c60014ae1990c331926e8e0ba089663f42d621092e7233d23bbd7d728877aa184e0b32108d4bd04553c0f15cb7d4884996a7a7e352b6962b839a704f9f7c8ecccac9b744d49da68987c77953ee0d43b835d9a976fe85b3baee747e6866d9f9df4af7033ad31fbee42b6f37bfa359b095ff7d2f0ae29223dc583d96dba364746bb4b38b23c02701e270bd9b3ce3046c0db7467d5607bf7d231b97774992eda6dc4c2e12d2db0e0b3fa09ef8d3fa8386a65e3ecee8deab1352051bf75712db72a7d5c96a3ff8aa681a91b2567c30bebd5cf1567d2d70ebe6ec78e62d404c46c6320991a80fd65a5c7f8b1df0d4c52cca12b99c04c9f00971afb3495353a67df262f367b5c04aabbf71a13084c7639974b66c0e27abd6347f21460ce094e59be82af6860e7e45a9b6ad3bdbcf7fa502901430483a96e84f9cbed52279803956c3e51a3b77b86d67281deab3ce2a2b386c9c340770bac6ff91b6d55a5dd00430f5af5f74cdf7e52f67c3fe4f2245cffb2d3cf99fc061bfdb3520fdf8864e7c07554f5fe4d27bced9a8346ee9b195c5c29b0c3adec205e18319fde255e805a1a340ce5247a7ef128d2b6d25c34db012d54f435028ee6607ac5c7795a97812c3ad0dda61726fb2435907ec730270e2ed26f87bac160002f105c91c3f89107232efec637f0a81e0e4740a54a13c26bcf94bfdee06824bf701d40d2581f7b310e414546ee37aabcbb1c4b8359f2bec1565f5a52d09ae973698e6f12bd75250c4989011e44564427f138ea421ed03b6876d3b70f4f35a372106021cf7e40e2a1175a4fcdb85ce604412956ab732b8fb9431df87279363cecf4785e31f501a173ec7454c329d49b6894b8a3124246365fd5a6a6f3785807efc6a1902a3807bc2abbd79147c482bb04eac8f2088e0ee543d230451ecf707c7253165042bcfdf395112538e65d5f12396a2880da0c45ba9d712e45c75a7fcbea675c5481ae2a42cb3890bb49a3a5363c285c69088e6cd691b6b74420c58907d514567365f2a09dd14476191ac2f3739c12af2e739d9dac6f4769ffda4a9fd61889f629825ec1985b8a99f28491d195526060d14aec47acbad946abbb3adb2638a77c417be509682fef1d79c7bf673ed90e0010183de2dcf818256ec033bc392b26bfa7a1d081a4403ce336e79859c690d7c6281a815d4e3ef3e3fb6b5788997514e83441d00860ca11223417b8e4924197b07f78550d4e27bd73cfbb940c5f48cbdcaac773004f84b99429566be93ffc3a520c73e7f50fb68ae4d8e44c482c2999e484df6aa5a6f8e94e6ea6c286ec0358c5a82efde9d0965897eef", 0x2000, &(0x7f0000002d80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

40.898945927s ago: executing program 4 (id=233):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000007c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(sm4)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000700)="b7f2288a911993f08d3aaea2bc0000de", 0x10)
r1 = accept$alg(r0, 0x0, 0x0)
sendmmsg$alg(r1, &(0x7f0000000200)=[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40080b2}], 0x1, 0x0)
recvmmsg(r1, &(0x7f00000037c0)=[{{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000580)=""/36, 0x24}], 0x1}, 0xc3}], 0x1, 0x2003, 0x0)

40.840070408s ago: executing program 2 (id=234):
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='syzkaller\x00', 0x4, 0x0, 0x0, 0x41100, 0x43, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x40001e0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x41, &(0x7f0000000200)=0x590, 0x4)
r4 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r4, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r4, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r5=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r4, 0xc02064b9, &(0x7f0000000dc0)={&(0x7f0000000240)=[0x0, 0x0], &(0x7f0000000200), 0x2, r5})
ioctl$DRM_IOCTL_MODE_ATOMIC(r4, 0xc03864bc, &(0x7f0000000180)={0x200, 0x0, &(0x7f0000000180), &(0x7f0000000200), &(0x7f0000000580), &(0x7f00000000c0)=[0x100000000, 0xfffffffffffffffc]})
r6 = openat$vcsa(0xffffffffffffff9c, 0x0, 0x800, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000140)=0x1000000, 0x4)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
r7 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r7, 0x107, 0xf, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x6, 0x22, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000070000", @ANYRES32=r6, @ANYRES32, @ANYBLOB="0000000000000000b7050000080000008500", @ANYRES32], &(0x7f0000000380)='syzkaller\x00', 0x3, 0x0, 0x0, 0x41100, 0x9, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000600)={0x6, 0x5}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xb4b334b3}, 0x94)

40.533023336s ago: executing program 0 (id=235):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
r1 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r1, &(0x7f0000000480)={0xa, 0xfffe, 0x3, @mcast1, 0x5}, 0x1c)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000540)={'\x00', 0x7ff, 0x6, 0xc, 0x0, 0x40000})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000580)={0x0, 0x3c}}, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc0000001900674c0000000000000000e0000001000000000000000000000000e000000200000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000400000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000044000500000000000000000000000000000000000000000033"], 0xfc}}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r3 = dup2(r1, r1)
sendmmsg$unix(r3, &(0x7f0000008380), 0x400000000000174, 0x4008890)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, r4)
unshare(0x6a040000)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$sock_SIOCGIFBR(r5, 0x8941, &(0x7f0000000080)=@add_del={0x3, &(0x7f0000000100)='ip6erspan0\x00', 0x2a0ffffffff})
setsockopt$inet_msfilter(0xffffffffffffffff, 0x0, 0x8, 0x0, 0x1)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
r7 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r7, 0x84, 0x74, &(0x7f0000000200)={0x0, 0x0, 0x20}, 0x0)
flock(0xffffffffffffffff, 0x6)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
open_tree(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x8000)
mprotect(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x2000000)
setsockopt$inet_opts(r6, 0x0, 0x8, 0x0, 0x0)

39.475595837s ago: executing program 2 (id=236):
ioctl$I2C_FUNCS(0xffffffffffffffff, 0x705, 0x0)
syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
sendmsg$can_j1939(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x1d, 0x0, 0x3, {0x0, 0x1, 0x4}, 0xff}, 0x18, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002040)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0xf}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
bind$netlink(0xffffffffffffffff, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x8914, &(0x7f0000000300)={'macvtap0\x00', 0x1})
r1 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_FLUSH(r1, 0x29, 0xd0, &(0x7f0000000240)=0xd, 0x4)

39.419965417s ago: executing program 4 (id=237):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r0=>0x0})
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r1, 0x11b, 0x3, &(0x7f00000001c0)=0x20000, 0x4)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1f, 0xd, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0x200000}, [@call={0x85, 0x0, 0x0, 0x7b}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8a}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}]}, &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x38, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = socket$nl_crypto(0x10, 0x3, 0x15)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r3, 0x81f8943c, &(0x7f0000000300)={0x0, ""/256, 0x0, 0x0, <r5=>0x0})
ioctl$BTRFS_IOC_SNAP_CREATE_V2(0xffffffffffffffff, 0x50009417, &(0x7f0000000580)={{r4}, r5, 0xe, @inherit={0x0, 0x0}, @subvolid=0x8})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
r7 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCETHTOOL(r7, 0x8946, &(0x7f0000000140)={'veth0_vlan\x00', &(0x7f00000002c0)=@ethtool_sfeatures={0x3b, 0x2, [{0x3ff, 0x2}, {0xffffffff, 0x3}]}})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x2010008, &(0x7f0000001580)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@version_u}, {@cache_fscache}, {@cache_none}, {@afid={'afid', 0x3d, 0x1}}, {@version_L}, {@cache_fscache}]}})
add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000280)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000280)={'syz', 0x1}, &(0x7f00000002c0)="1d", 0xfe3a, 0xfffffffffffffffe)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r3}, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
r8 = signalfd(0xffffffffffffffff, 0x0, 0x0)
signalfd(r8, &(0x7f00000002c0), 0x8)
bind$xdp(r1, &(0x7f0000000140)={0x2c, 0x1, r0, 0x2c}, 0x10)

37.890918595s ago: executing program 2 (id=238):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x20, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x73cea2d47785b264, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000280)='sched_switch\x00', r4, 0x0, 0x400000000000000}, 0x18)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000140)=@raw={'raw\x00', 0x8, 0x3, 0x498, 0x320, 0xa, 0x148, 0x368, 0x60, 0x400, 0x2a8, 0x2a8, 0x400, 0x2a8, 0x7fffffe, 0x0, {[{{@ip={@multicast2, @multicast2, 0x0, 0x0, 'bridge0\x00', 'rose0\x00'}, 0x0, 0x2f8, 0x368, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'veth1_to_team\x00', {0x0, 0x0, 0x2, 0x0, 0x0, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x8601, 0x6, './file0\x00'}}]}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "f2f7b9f28413d9d8ad470ad2b60c45cb4ea6e7bf902bdc2ff8a9304d9f655c746adc0bdc773506378bc2d27efd6abb05175089830cc46186074d7de46d5af300"}}}, {{@ip={@empty, @empty, 0x0, 0x0, 'syzkaller0\x00', 'veth0_to_team\x00'}, 0x0, 0x70, 0x98}, @common=@unspec=@MARK={0x28}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x4f8)
getsockopt$inet6_tcp_buf(r3, 0x6, 0xd, &(0x7f00000006c0)=""/8, &(0x7f0000000700)=0x8)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0xffffffffffffffff, 0xffffffffffffffbc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00', r5, 0x0, 0x4}, 0x18)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000680)={{0x1, 0x1, 0x18, r1, {0x7}}, './file1\x00'})
r6 = memfd_create(&(0x7f0000001ac0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\xd5\x85l\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~7\x16\x02\x00(v\xe6`\"6\xfcgC\xb5\xf0\x13.zj\xc5bj+@\x00\x00\x00\x00\x00\x00\x00.\xd4`=z\xd1n\x8d\x8f\xa5hS\x8e[\xb3\xa3\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\a\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\x05\xb3\x03\xd5\xe0\xd2\xf2{\'\x8b\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x82\x1ch\x89\xe7\xdd]q,\xec\xc4\xa5\x93\xe5,\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+}5dy\xb1\xef\xf1m\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xad\b\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc0<Q8\xbeX\xde\xd6 \xef\x0e\xc2.\x9c=1\x15d\xddIv\x0fh\xe6M(D\xad\xeb\xcfX8\xb9\x8d\xbe(\xd3\x16?x\xbd@\x0f\xf5\xdb\xeb\xd7i*\xea\x86JX\xff;\x96\xbb\xa7\xa8u5R\xa2,\xba\xbc\x01\x12\xb3q,\x9d\xf8\xbdb`\xb3\xc6\x0f\xb3\xac\xc7\xa4O@\x81\xfc\x1a4$\x885\x97\xa9|\x99\x86*.\xda\x96RQ\xe5\xb1\xef\xb7\x10\x99\xd4\xa7\b\xcd\xe9\xa5\xf6wR\xc1\xdfH).\a\x9a\xab\x9e&+\xc4#\x90\xc9%\xb9\xd7o\x86\x13\a\xc0\x01w9u6\xdd\x9fJ^o\x1d\xda\x11?\xc1\xf5\xf7\xff\xec\x916\xceQ\xcfU\x035\x96\x8f\xc7\x84\"2\xef\x02\xcf\a+\x8a\xd1\x11\xb5\xa8\x92\f\xb3R\",\xfc!_&pD\xeb5\xc6\xc8\xff2\xee\x14\x83\x14l\x04\x80\xaa7\x80\xf1\x18\xf5\xa5\xd23\xe5\b\x00\xe8\x9c\xd4\xd0\a\x93#\xb9Z\xc0y\x97<\xe5i\xe9\xe4\xb02Cu\xe1d\r\x0e\xc1\xf1\x81^\xa7\xffz)\x19U\xe5\xd4\xf5@O#W\x8a\xbb3c+\n\x97\xa6\xf7\x90$\xd6*\xd0\x1b\x10\xe4HM:XO\x1b\rx\xc7\x12|\x7fN\xc9\xf9i\xe4\xe5-\x9b\xe407\x9d\xe8\xc6\x90\x9f_Jf\x05\r\x1b\x9af\v\xbcv\x83\xf3j\xaf\xd0Fd\x81\xbe\xbf\by\x7f\xd8X?\n\xf8P&!\x9d0F\x8dp\xf9:?1\xe8T\x13\xfb\x89\xac\\\xd4\xa9\xa3\xac\x80\xddd\xed\xb1I\xfcz\x9aQ\x03\xcdO\xdfn^\xb4\x97\xd1\x8a\x17\x8d\xce\xafg\xa2W|v\xc2\x99\x97X\xd7\x8b\x82Z\xa7\xac\xa4\xb1P\x8c\xfd^\xb8=\xd6Q\x8a\xe2\xed\xaaR\xd9\x1a\xd8\x92\xc8\x1b\xe6f\xd6\xb7rp\x8e\xd7I\xd0lN\xbd\x89\xac&)<\x9d\x8b\xcb\x93p\x90a\xef\xd0?\x02\x93\x83\xb9\xe4b\xfc1@\xde\xd8&\xd0\x8f\xa6G\xe0\xc9\xe9Z\xb4PG\xcf\xed\xf5\x94\x89\x9a\x02\xac\x9d\x1b\x9am\x82L\a,;\xcd\x11,\xf9\xe6\xe1\fa\xfe\xdc\xc0A\xc3\xda\x8f$\x87<\xef\xe2\xc2xP\xfc\xd4\xefX\x8doK\x8aa\x98.\x82!\xf9\rS\x04\xd2\xb4I\x1d=\xf9<\xb0?l\xa5\t\xd1j\"\x1e\xe5\xe0\xad\x14\x97\xde\xa3\x97\x9a\x9bp\'\xd4\xbc', 0x0)
execveat(r6, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
r7 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r7, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)

37.868765361s ago: executing program 4 (id=239):
pipe2$9p(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15)
r2 = dup(r1)
open(&(0x7f0000000100)='./file0\x00', 0x440, 0x0)
write$FUSE_BMAP(r2, &(0x7f0000000000)={0x18, 0x0, 0x0, {0x3b9}}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_GETXATTR(r2, &(0x7f00000000c0)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f00000005c0)=ANY=[@ANYBLOB="b900"], 0xb8)
mount$9p_fd(0x0, &(0x7f0000000400)='./file0\x00', &(0x7f0000000080), 0x1010412, &(0x7f0000000780)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',cache=fscache'])
r3 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x22)
write$FUSE_BMAP(r3, &(0x7f0000000440)={0x18}, 0x20000)

36.643232763s ago: executing program 2 (id=240):
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000000e00)=[{{0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000000800)="e3e08e4c7edd7c3b351915ddd09b30ec306e6ea0e587", 0x16}], 0x1}}], 0x1, 0x0)
r0 = socket$nl_crypto(0x10, 0x3, 0x15)
sendmsg$nl_crypto(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000740)=ANY=[@ANYBLOB="e00000001000010025bd"], 0xe0}, 0x1, 0x0, 0x0, 0x60000801}, 0x10)

36.439350335s ago: executing program 4 (id=241):
r0 = shmget$private(0x0, 0x8000, 0x10, &(0x7f0000ff5000/0x8000)=nil)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000004c0), 0x80281, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x18, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ddffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x4a, '\x00', 0x0, @fallback, r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='sched_switch\x00', r6}, 0x10)
execveat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x0, 0x0, 0x0)
syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x30, 0x30, 0x2, [@struct={0x0, 0x1, 0x0, 0x4, 0x0, 0x0, [{0x0, 0x3}]}, @ptr, @restrict={0x0, 0x0, 0x0, 0x4}]}}, 0x0, 0x4a}, 0x28)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)={0x1c, r7, 0xb7a006d1969b963b, 0x1, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x8011}, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000100)={'wlan1\x00'})
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000400)={'wlan0\x00'})
r8 = shmat(r0, &(0x7f0000ff6000/0x4000)=nil, 0x7000)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000fff000/0x1000)=nil)
shmdt(r8)

36.342141491s ago: executing program 3 (id=242):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000003005740ed0b0011c3ec000000010902120001000000000904"], 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, &(0x7f0000000780)={0x84, &(0x7f0000000000)=ANY=[@ANYBLOB="00000100000022"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$uac1(r0, 0x0, &(0x7f00000004c0)={0x44, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$lan78xx(r0, 0x0, &(0x7f0000000340)={0x34, &(0x7f0000000180)={0x40, 0xf, 0x4, "e4369fbd"}, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$uac1(r0, 0x0, 0x0)

36.299838375s ago: executing program 2 (id=243):
r0 = syz_io_uring_setup(0x1cbc, 0x0, 0x0, 0x0)
r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
pwritev2(r1, &(0x7f0000000780)=[{&(0x7f0000000180)="d3", 0x1}], 0x1, 0x400, 0x3, 0x0)
io_uring_register$IORING_REGISTER_IOWQ_AFF(r0, 0x11, 0x0, 0x0)

35.109509363s ago: executing program 4 (id=244):
ioctl$DRM_IOCTL_SET_VERSION(0xffffffffffffffff, 0xc0106407, 0x0)
r0 = syz_usb_connect(0x5, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010003ac9bcc20d118af1ebb5a0102030109022400010700800b0904"], &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$uac1(r0, 0x0, &(0x7f00000003c0)={0x44, &(0x7f0000000100)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

34.862150491s ago: executing program 2 (id=245):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x0, 0x0})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
keyctl$KEYCTL_WATCH_KEY(0x20, 0x0, 0xffffffffffffffff, 0x71)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x103a42, 0x32)
r3 = inotify_init1(0x0)
inotify_add_watch(r3, &(0x7f0000000080)='./file1\x00', 0x2000757)
ftruncate(r2, 0x6000000)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000040), 0x103b02, 0x0)
copy_file_range(r4, 0x0, r2, &(0x7f0000000140)=0x100, 0x3, 0x0)
setxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='system.posix_acl_access\x00', &(0x7f0000000240)=ANY=[], 0x24, 0x2)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x1)
r7 = eventfd(0x5f0)
ioctl$KVM_IOEVENTFD(r6, 0x40a0ae49, &(0x7f0000000080)={0x7ff, 0x0, 0x0, r7})

33.241339344s ago: executing program 0 (id=246):
syz_usb_connect(0x5, 0x24, &(0x7f0000001100)=ANY=[@ANYBLOB="12010003296fb608229084d488ff0102030109021200010495008109041e800056a7f6022d81f115fff3f4"], &(0x7f0000001700)={0xffffffa0, 0x0, 0x0, 0x0, 0x16})
r0 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402)
ioctl$I2C_FUNCS(r0, 0x705, 0x0)

33.163888345s ago: executing program 1 (id=247):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x1400200bca)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
socket$inet6(0xa, 0x3, 0xff)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
timer_create(0x7, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc)=<r1=>0x0)
timer_settime(r1, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = syz_open_dev$cec(&(0x7f0000000000), 0x0, 0x0)
ioctl$CEC_DQEVENT(r2, 0xc0506107, 0x0)
ioctl$CEC_DQEVENT(r2, 0xc0506107, 0x0)

33.103891009s ago: executing program 3 (id=248):
r0 = io_uring_setup(0xdac, &(0x7f0000000180))
r1 = syz_usb_connect(0x0, 0x2d, &(0x7f00000003c0)=ANY=[@ANYBLOB="120100009ac0b620110f211066865578ac0109029c000100000400090400bf900b64ea00090587033b"], 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x10000)
socket$nl_route(0x10, 0x3, 0x0)
syz_usb_connect(0x0, 0x4b, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x567, 0x0, 0x0, 0x0, 0x0)
syz_usb_disconnect(r1)
close_range(r0, 0xffffffffffffffff, 0x0)

32.684038476s ago: executing program 4 (id=249):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_usb_control_io$uac1(0xffffffffffffffff, 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x4004)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a010300000000000000000100fffd0900010073797a300000000040000000030a01020000000000000000010000000900030073797a3200000000140004800800024032658aeb08000140000000010900010073797a300000000044000000060a010400000000000001040100000008000b40000000000900010073797a30000000001c000480180001800d00010073796e70726f7879000000000400028014000000110001"], 0xcc}}, 0x0)
syz_emit_ethernet(0x3a, &(0x7f00000002c0)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x2, 0x2c, 0x0, 0x0, 0x2, 0x6, 0x0, @empty, @empty}, {{0x10, 0x4e26, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0xc2, 0x1, 0x0, 0x0, {[@window={0x3, 0x3, 0x6}]}}}}}}}, 0x0)

15.105379345s ago: executing program 32 (id=246):
syz_usb_connect(0x5, 0x24, &(0x7f0000001100)=ANY=[@ANYBLOB="12010003296fb608229084d488ff0102030109021200010495008109041e800056a7f6022d81f115fff3f4"], &(0x7f0000001700)={0xffffffa0, 0x0, 0x0, 0x0, 0x16})
r0 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402)
ioctl$I2C_FUNCS(r0, 0x705, 0x0)

11.308394409s ago: executing program 33 (id=247):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x1400200bca)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
socket$inet6(0xa, 0x3, 0xff)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
timer_create(0x7, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc)=<r1=>0x0)
timer_settime(r1, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = syz_open_dev$cec(&(0x7f0000000000), 0x0, 0x0)
ioctl$CEC_DQEVENT(r2, 0xc0506107, 0x0)
ioctl$CEC_DQEVENT(r2, 0xc0506107, 0x0)

5.735212927s ago: executing program 34 (id=245):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x0, 0x0})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
keyctl$KEYCTL_WATCH_KEY(0x20, 0x0, 0xffffffffffffffff, 0x71)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x103a42, 0x32)
r3 = inotify_init1(0x0)
inotify_add_watch(r3, &(0x7f0000000080)='./file1\x00', 0x2000757)
ftruncate(r2, 0x6000000)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000040), 0x103b02, 0x0)
copy_file_range(r4, 0x0, r2, &(0x7f0000000140)=0x100, 0x3, 0x0)
setxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='system.posix_acl_access\x00', &(0x7f0000000240)=ANY=[], 0x24, 0x2)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x1)
r7 = eventfd(0x5f0)
ioctl$KVM_IOEVENTFD(r6, 0x40a0ae49, &(0x7f0000000080)={0x7ff, 0x0, 0x0, r7})

553.304287ms ago: executing program 35 (id=248):
r0 = io_uring_setup(0xdac, &(0x7f0000000180))
r1 = syz_usb_connect(0x0, 0x2d, &(0x7f00000003c0)=ANY=[@ANYBLOB="120100009ac0b620110f211066865578ac0109029c000100000400090400bf900b64ea00090587033b"], 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x10000)
socket$nl_route(0x10, 0x3, 0x0)
syz_usb_connect(0x0, 0x4b, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x567, 0x0, 0x0, 0x0, 0x0)
syz_usb_disconnect(r1)
close_range(r0, 0xffffffffffffffff, 0x0)

0s ago: executing program 36 (id=249):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_usb_control_io$uac1(0xffffffffffffffff, 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x4004)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a010300000000000000000100fffd0900010073797a300000000040000000030a01020000000000000000010000000900030073797a3200000000140004800800024032658aeb08000140000000010900010073797a300000000044000000060a010400000000000001040100000008000b40000000000900010073797a30000000001c000480180001800d00010073796e70726f7879000000000400028014000000110001"], 0xcc}}, 0x0)
syz_emit_ethernet(0x3a, &(0x7f00000002c0)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x2, 0x2c, 0x0, 0x0, 0x2, 0x6, 0x0, @empty, @empty}, {{0x10, 0x4e26, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0xc2, 0x1, 0x0, 0x0, {[@window={0x3, 0x3, 0x6}]}}}}}}}, 0x0)

kernel console output (not intermixed with test programs):

no interfaces have a carrier
[   52.863180][ T5504] 8021q: adding VLAN 0 to HW filter on device bond0
[   52.884345][ T5504] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting crond: OK
Starting sshd: OK

syzkaller
Warning: Permanently added '10.128.1.225' (ED25519) to the list of known hosts.
syzkaller login: [   72.627850][ T5826] cgroup: Unknown subsys name 'net'
[   72.867150][ T5826] cgroup: Unknown subsys name 'cpuset'
[   72.943290][ T5826] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   74.528440][ T5826] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   77.069997][ T5841] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   77.080030][ T5841] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   77.081171][ T5841] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   77.082579][ T5841] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   77.104212][ T5841] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   77.245217][   T59] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   77.247611][ T5849] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   77.249372][ T5849] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   77.278522][ T5854] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   77.280952][ T5854] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   77.283038][   T59] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   77.284493][   T59] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   77.288410][   T59] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   77.289654][   T59] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   77.290949][   T59] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   77.303799][   T59] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   77.322348][ T5852] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   77.331005][ T5852] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   77.332262][ T5852] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   77.334064][ T5852] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   77.388661][ T5855] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   77.390426][ T5855] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   77.391093][ T5855] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   77.392593][ T5855] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   77.394964][ T5855] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   78.014043][ T5837] chnl_net:caif_netlink_parms(): no params data found
[   78.360334][ T5843] chnl_net:caif_netlink_parms(): no params data found
[   78.373152][ T5844] chnl_net:caif_netlink_parms(): no params data found
[   78.380841][ T5845] chnl_net:caif_netlink_parms(): no params data found
[   78.676061][ T5847] chnl_net:caif_netlink_parms(): no params data found
[   78.804580][ T5837] bridge0: port 1(bridge_slave_0) entered blocking state
[   78.804734][ T5837] bridge0: port 1(bridge_slave_0) entered disabled state
[   78.805238][ T5837] bridge_slave_0: entered allmulticast mode
[   78.808166][ T5837] bridge_slave_0: entered promiscuous mode
[   78.875712][ T5837] bridge0: port 2(bridge_slave_1) entered blocking state
[   78.875806][ T5837] bridge0: port 2(bridge_slave_1) entered disabled state
[   78.875905][ T5837] bridge_slave_1: entered allmulticast mode
[   78.877352][ T5837] bridge_slave_1: entered promiscuous mode
[   79.174202][ T5855] Bluetooth: hci0: command tx timeout
[   79.413668][ T5855] Bluetooth: hci1: command tx timeout
[   79.413774][ T5855] Bluetooth: hci2: command tx timeout
[   79.413849][ T5855] Bluetooth: hci3: command tx timeout
[   79.488809][ T5837] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   79.493346][ T5852] Bluetooth: hci4: command tx timeout
[   79.625076][ T5843] bridge0: port 1(bridge_slave_0) entered blocking state
[   79.625213][ T5843] bridge0: port 1(bridge_slave_0) entered disabled state
[   79.625386][ T5843] bridge_slave_0: entered allmulticast mode
[   79.628155][ T5843] bridge_slave_0: entered promiscuous mode
[   79.660029][ T5837] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   79.660262][ T5844] bridge0: port 1(bridge_slave_0) entered blocking state
[   79.660370][ T5844] bridge0: port 1(bridge_slave_0) entered disabled state
[   79.660468][ T5844] bridge_slave_0: entered allmulticast mode
[   79.661896][ T5844] bridge_slave_0: entered promiscuous mode
[   79.677275][ T5845] bridge0: port 1(bridge_slave_0) entered blocking state
[   79.677402][ T5845] bridge0: port 1(bridge_slave_0) entered disabled state
[   79.677918][ T5845] bridge_slave_0: entered allmulticast mode
[   79.680465][ T5845] bridge_slave_0: entered promiscuous mode
[   79.695479][ T5843] bridge0: port 2(bridge_slave_1) entered blocking state
[   79.695611][ T5843] bridge0: port 2(bridge_slave_1) entered disabled state
[   79.696073][ T5843] bridge_slave_1: entered allmulticast mode
[   79.701938][ T5843] bridge_slave_1: entered promiscuous mode
[   79.883685][ T5844] bridge0: port 2(bridge_slave_1) entered blocking state
[   79.883786][ T5844] bridge0: port 2(bridge_slave_1) entered disabled state
[   79.883899][ T5844] bridge_slave_1: entered allmulticast mode
[   79.885377][ T5844] bridge_slave_1: entered promiscuous mode
[   79.887548][ T5845] bridge0: port 2(bridge_slave_1) entered blocking state
[   79.887674][ T5845] bridge0: port 2(bridge_slave_1) entered disabled state
[   79.887780][ T5845] bridge_slave_1: entered allmulticast mode
[   79.889240][ T5845] bridge_slave_1: entered promiscuous mode
[   80.323568][ T5847] bridge0: port 1(bridge_slave_0) entered blocking state
[   80.323774][ T5847] bridge0: port 1(bridge_slave_0) entered disabled state
[   80.323962][ T5847] bridge_slave_0: entered allmulticast mode
[   80.325671][ T5847] bridge_slave_0: entered promiscuous mode
[   80.328835][ T5837] team0: Port device team_slave_0 added
[   80.592126][ T5843] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   80.592723][ T5847] bridge0: port 2(bridge_slave_1) entered blocking state
[   80.594463][ T5847] bridge0: port 2(bridge_slave_1) entered disabled state
[   80.594647][ T5847] bridge_slave_1: entered allmulticast mode
[   80.598567][ T5847] bridge_slave_1: entered promiscuous mode
[   80.607476][ T5837] team0: Port device team_slave_1 added
[   80.616178][ T5844] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   80.621375][ T5845] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   80.626630][ T5843] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   80.777586][ T5844] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   80.781106][ T5845] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   81.206712][ T5847] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   81.207915][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_0
[   81.207924][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   81.207937][ T5837] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   81.252868][ T5852] Bluetooth: hci0: command tx timeout
[   81.405290][ T5843] team0: Port device team_slave_0 added
[   81.407950][ T5847] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   81.408655][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_1
[   81.408663][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   81.408676][ T5837] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   81.410423][ T5844] team0: Port device team_slave_0 added
[   81.412408][ T5845] team0: Port device team_slave_0 added
[   81.417109][ T5843] team0: Port device team_slave_1 added
[   81.492984][ T5852] Bluetooth: hci3: command tx timeout
[   81.493012][ T5852] Bluetooth: hci2: command tx timeout
[   81.493032][ T5852] Bluetooth: hci1: command tx timeout
[   81.575664][ T5855] Bluetooth: hci4: command tx timeout
[   81.578204][   T10] cfg80211: failed to load regulatory.db
[   81.605518][ T5844] team0: Port device team_slave_1 added
[   81.611713][ T5845] team0: Port device team_slave_1 added
[   82.185560][ T5847] team0: Port device team_slave_0 added
[   82.345024][ T5843] batman_adv: batadv0: Adding interface: batadv_slave_0
[   82.345039][ T5843] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   82.345062][ T5843] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   82.347231][ T5847] team0: Port device team_slave_1 added
[   82.469423][ T5844] batman_adv: batadv0: Adding interface: batadv_slave_0
[   82.469434][ T5844] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   82.469446][ T5844] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   82.470507][ T5845] batman_adv: batadv0: Adding interface: batadv_slave_0
[   82.470519][ T5845] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   82.470540][ T5845] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   82.472009][ T5843] batman_adv: batadv0: Adding interface: batadv_slave_1
[   82.472020][ T5843] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   82.472042][ T5843] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   82.714950][ T5844] batman_adv: batadv0: Adding interface: batadv_slave_1
[   82.714965][ T5844] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   82.714986][ T5844] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   82.715955][ T5845] batman_adv: batadv0: Adding interface: batadv_slave_1
[   82.715965][ T5845] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   82.715978][ T5845] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   82.859400][ T5837] hsr_slave_0: entered promiscuous mode
[   82.860320][ T5837] hsr_slave_1: entered promiscuous mode
[   82.935203][ T5847] batman_adv: batadv0: Adding interface: batadv_slave_0
[   82.935217][ T5847] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   82.935240][ T5847] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   82.942375][ T5847] batman_adv: batadv0: Adding interface: batadv_slave_1
[   82.942383][ T5847] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   82.942396][ T5847] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   83.333088][ T5855] Bluetooth: hci0: command tx timeout
[   83.554184][ T5843] hsr_slave_0: entered promiscuous mode
[   83.555466][ T5843] hsr_slave_1: entered promiscuous mode
[   83.556143][ T5843] debugfs: 'hsr0' already exists in 'hsr'
[   83.556216][ T5843] Cannot create hsr debugfs directory
[   83.573066][ T5855] Bluetooth: hci3: command tx timeout
[   83.573082][ T5841] Bluetooth: hci1: command tx timeout
[   83.573091][ T5855] Bluetooth: hci2: command tx timeout
[   83.631278][ T5844] hsr_slave_0: entered promiscuous mode
[   83.632046][ T5844] hsr_slave_1: entered promiscuous mode
[   83.632556][ T5844] debugfs: 'hsr0' already exists in 'hsr'
[   83.632574][ T5844] Cannot create hsr debugfs directory
[   83.644803][ T5845] hsr_slave_0: entered promiscuous mode
[   83.646050][ T5845] hsr_slave_1: entered promiscuous mode
[   83.646874][ T5845] debugfs: 'hsr0' already exists in 'hsr'
[   83.646894][ T5845] Cannot create hsr debugfs directory
[   83.653190][ T5855] Bluetooth: hci4: command tx timeout
[   83.871738][ T5847] hsr_slave_0: entered promiscuous mode
[   83.872531][ T5847] hsr_slave_1: entered promiscuous mode
[   83.873795][ T5847] debugfs: 'hsr0' already exists in 'hsr'
[   83.873818][ T5847] Cannot create hsr debugfs directory
[   85.412874][ T5855] Bluetooth: hci0: command tx timeout
[   85.570427][ T5837] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   85.609018][ T5837] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   85.647189][ T5837] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   85.659728][ T5855] Bluetooth: hci3: command tx timeout
[   85.659755][ T5855] Bluetooth: hci2: command tx timeout
[   85.659782][ T5855] Bluetooth: hci1: command tx timeout
[   85.706776][ T5837] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   85.742956][ T5852] Bluetooth: hci4: command tx timeout
[   85.838252][ T5843] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   85.886267][ T5843] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   85.930109][ T5843] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   85.986586][ T5843] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   86.142582][ T5844] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   86.180118][ T5844] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   86.210975][ T5844] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   86.268977][ T5844] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   86.431511][ T5845] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   86.471573][ T5845] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   86.510385][ T5845] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   86.555833][ T5845] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   86.712349][ T5837] 8021q: adding VLAN 0 to HW filter on device bond0
[   86.738382][ T5847] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   86.784389][ T5847] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   86.839052][ T5847] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   86.879380][ T5847] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   86.981647][ T5837] 8021q: adding VLAN 0 to HW filter on device team0
[   87.030061][  T155] bridge0: port 1(bridge_slave_0) entered blocking state
[   87.030661][  T155] bridge0: port 1(bridge_slave_0) entered forwarding state
[   87.057824][ T5843] 8021q: adding VLAN 0 to HW filter on device bond0
[   87.100190][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[   87.100318][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[   87.191291][ T5843] 8021q: adding VLAN 0 to HW filter on device team0
[   87.217962][ T5844] 8021q: adding VLAN 0 to HW filter on device bond0
[   87.248081][  T155] bridge0: port 1(bridge_slave_0) entered blocking state
[   87.248217][  T155] bridge0: port 1(bridge_slave_0) entered forwarding state
[   87.300439][  T155] bridge0: port 2(bridge_slave_1) entered blocking state
[   87.300542][  T155] bridge0: port 2(bridge_slave_1) entered forwarding state
[   87.348813][ T5844] 8021q: adding VLAN 0 to HW filter on device team0
[   87.387925][ T1454] bridge0: port 1(bridge_slave_0) entered blocking state
[   87.388130][ T1454] bridge0: port 1(bridge_slave_0) entered forwarding state
[   87.406848][ T5845] 8021q: adding VLAN 0 to HW filter on device bond0
[   87.430337][ T1454] bridge0: port 2(bridge_slave_1) entered blocking state
[   87.430448][ T1454] bridge0: port 2(bridge_slave_1) entered forwarding state
[   87.584134][ T5845] 8021q: adding VLAN 0 to HW filter on device team0
[   87.589295][ T5847] 8021q: adding VLAN 0 to HW filter on device bond0
[   87.679041][ T1411] bridge0: port 1(bridge_slave_0) entered blocking state
[   87.679668][ T1411] bridge0: port 1(bridge_slave_0) entered forwarding state
[   87.751666][  T155] bridge0: port 2(bridge_slave_1) entered blocking state
[   87.751805][  T155] bridge0: port 2(bridge_slave_1) entered forwarding state
[   87.822275][ T5847] 8021q: adding VLAN 0 to HW filter on device team0
[   87.890513][ T1454] bridge0: port 1(bridge_slave_0) entered blocking state
[   87.892357][ T1454] bridge0: port 1(bridge_slave_0) entered forwarding state
[   87.938263][ T1454] bridge0: port 2(bridge_slave_1) entered blocking state
[   87.938415][ T1454] bridge0: port 2(bridge_slave_1) entered forwarding state
[   88.000017][ T5837] 8021q: adding VLAN 0 to HW filter on device batadv0
[   88.360608][ T5843] 8021q: adding VLAN 0 to HW filter on device batadv0
[   88.444201][ T5837] veth0_vlan: entered promiscuous mode
[   88.471369][ T5844] 8021q: adding VLAN 0 to HW filter on device batadv0
[   88.518086][ T5837] veth1_vlan: entered promiscuous mode
[   88.807136][ T5837] veth0_macvtap: entered promiscuous mode
[   88.825993][ T5843] veth0_vlan: entered promiscuous mode
[   88.850146][ T5837] veth1_macvtap: entered promiscuous mode
[   88.885924][ T5845] 8021q: adding VLAN 0 to HW filter on device batadv0
[   88.929368][ T5843] veth1_vlan: entered promiscuous mode
[   89.008876][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_0
[   89.041664][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_1
[   89.061816][ T5847] 8021q: adding VLAN 0 to HW filter on device batadv0
[   89.108302][  T155] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   89.130535][  T155] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   89.141660][  T155] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   89.152527][  T155] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   89.182587][ T5843] veth0_macvtap: entered promiscuous mode
[   89.235446][ T5845] veth0_vlan: entered promiscuous mode
[   89.252135][ T5843] veth1_macvtap: entered promiscuous mode
[   89.342639][ T5844] veth0_vlan: entered promiscuous mode
[   89.383757][ T5845] veth1_vlan: entered promiscuous mode
[   89.481084][ T5843] batman_adv: batadv0: Interface activated: batadv_slave_0
[   89.507102][ T5844] veth1_vlan: entered promiscuous mode
[   89.531992][ T1411] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   89.532014][ T1411] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   89.555845][ T5843] batman_adv: batadv0: Interface activated: batadv_slave_1
[   89.561301][ T5847] veth0_vlan: entered promiscuous mode
[   89.605731][  T155] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   89.638988][  T155] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   89.649756][ T5847] veth1_vlan: entered promiscuous mode
[   89.660815][  T155] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   89.672571][  T155] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   89.685619][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   89.685634][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   89.809033][ T5845] veth0_macvtap: entered promiscuous mode
[   89.897134][ T5845] veth1_macvtap: entered promiscuous mode
[   89.918032][ T5844] veth0_macvtap: entered promiscuous mode
[   90.020590][ T5844] veth1_macvtap: entered promiscuous mode
[   90.122431][ T5847] veth0_macvtap: entered promiscuous mode
[   90.152185][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_0
[   90.202424][ T1454] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   90.202450][ T1454] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   90.216485][ T5847] veth1_macvtap: entered promiscuous mode
[   90.234927][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_1
[   90.256479][ T5844] batman_adv: batadv0: Interface activated: batadv_slave_0
[   90.264217][ T5958] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1'.
[   90.312455][ T5844] batman_adv: batadv0: Interface activated: batadv_slave_1
[   90.473250][ T1454] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   90.499591][ T1454] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   90.504344][ T1454] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   90.539468][ T1454] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   90.543713][ T1526] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   90.543728][ T1526] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   90.555346][ T5847] batman_adv: batadv0: Interface activated: batadv_slave_0
[   90.640964][ T1454] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   90.672121][ T1454] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   90.691202][ T1454] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   90.709277][ T5847] batman_adv: batadv0: Interface activated: batadv_slave_1
[   90.754831][ T1454] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   91.007953][ T1411] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   91.065577][ T1411] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   91.069229][ T1411] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   91.125409][ T1411] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   91.492094][ T1526] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   91.492107][ T1526] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   92.770271][ T1411] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   92.770291][ T1411] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   93.008788][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   93.008805][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   93.233458][  T155] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   93.233477][  T155] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   93.420227][ T1411] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   93.420247][ T1411] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   93.625175][ T1411] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   93.625195][ T1411] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   93.957413][ T5984] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   94.889143][ T5995] netlink: 60 bytes leftover after parsing attributes in process `syz.3.13'.
[   95.117015][ T5998] warning: `syz.1.2' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   95.195043][ T5922] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   95.232823][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[   95.374759][ T5922] usb 5-1: Using ep0 maxpacket: 8
[   95.400995][ T5922] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[   95.401033][ T5922] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[   95.401055][ T5922] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[   95.401076][ T5922] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   95.401117][ T5922] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[   95.401136][ T5922] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   95.596930][ T6003] iommufd_mock iommufd_mock0: Adding to iommu group 0
[   95.797095][ T5922] usb 5-1: usb_control_msg returned -71
[   95.797143][ T5922] usbtmc 5-1:16.0: can't read capabilities
[   95.872816][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[   95.938422][ T5922] usb 5-1: USB disconnect, device number 2
[   96.245954][   T31] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[   96.417759][   T31] usb 4-1: config 0 has an invalid interface number: 205 but max is 0
[   96.417784][   T31] usb 4-1: config 0 has no interface number 0
[   96.503336][   T31] usb 4-1: New USB device found, idVendor=04dd, idProduct=9031, bcdDevice=65.c7
[   96.503365][   T31] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   96.503382][   T31] usb 4-1: Product: syz
[   96.503393][   T31] usb 4-1: Manufacturer: syz
[   96.503405][   T31] usb 4-1: SerialNumber: syz
[   96.546336][   T31] usb 4-1: config 0 descriptor??
[   96.572972][   T31] usb 4-1: bad CDC descriptors
[   96.574654][   T31] usb 4-1: unsupported MDLM descriptors
[   97.102807][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[   97.102849][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[   97.102886][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[   97.102913][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[   97.102947][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[   97.102979][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[   97.103012][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[   97.103045][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[   97.331468][   T31] usb 4-1: USB disconnect, device number 2
[   97.892184][ T6027] binder: BC_ACQUIRE_RESULT not supported
[   97.892208][ T6027] binder: 6026:6027 ioctl c0306201 200000000640 returned -22
[   98.299019][ T1780] usb 5-1: new full-speed USB device number 3 using dummy_hcd
[   98.456705][ T1780] usb 5-1: config 5 has an invalid interface number: 123 but max is 0
[   98.456730][ T1780] usb 5-1: config 5 has no interface number 0
[   98.456774][ T1780] usb 5-1: config 5 interface 123 altsetting 7 has an endpoint descriptor with address 0xEB, changing to 0x8B
[   98.456798][ T1780] usb 5-1: config 5 interface 123 altsetting 7 endpoint 0x4 has invalid wMaxPacketSize 0
[   98.456816][ T1780] usb 5-1: config 5 interface 123 has no altsetting 0
[   98.526906][ T6039] netlink: 60 bytes leftover after parsing attributes in process `syz.3.25'.
[   98.547073][ T1780] usb 5-1: New USB device found, idVendor=3923, idProduct=718a, bcdDevice=d8.d7
[   98.547098][ T1780] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   98.547114][ T1780] usb 5-1: Product: syz
[   98.547126][ T1780] usb 5-1: Manufacturer: syz
[   98.547138][ T1780] usb 5-1: SerialNumber: syz
[   99.197586][ T6047] lo speed is unknown, defaulting to 1000
[   99.198523][ T6047] lo speed is unknown, defaulting to 1000
[   99.242715][ T6047] lo speed is unknown, defaulting to 1000
[   99.348220][ T6047] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   99.514947][ T6047] infiniband 3yz0: RDMA CMA: cma_listen_on_dev, error -98
[   99.570731][ T6047] lo speed is unknown, defaulting to 1000
[   99.573645][ T6047] lo speed is unknown, defaulting to 1000
[   99.578557][ T6047] lo speed is unknown, defaulting to 1000
[   99.581245][ T6047] lo speed is unknown, defaulting to 1000
[   99.584014][ T6047] lo speed is unknown, defaulting to 1000
[   99.956417][ T6027] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  102.926796][ T6065] lo speed is unknown, defaulting to 1000
[  102.983966][ T1780] ni6501 5-1:5.123: driver 'ni6501' failed to auto-configure device.
[  103.154023][ T1780] usb 5-1: USB disconnect, device number 3
[  104.184175][ T6085] netlink: 60 bytes leftover after parsing attributes in process `syz.4.38'.
[  105.844462][ T6098] tmpfs: Unsupported parameter 'huge'
[  108.978156][ T6131] netlink: 8 bytes leftover after parsing attributes in process `syz.4.50'.
[  108.980566][ T6131] veth1: entered promiscuous mode
[  109.061797][ T6131] netlink: 56 bytes leftover after parsing attributes in process `syz.4.50'.
[  109.183528][ T6135] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  113.141911][ T6186] netlink: 12 bytes leftover after parsing attributes in process `syz.2.62'.
[  113.322398][ T6189] netlink: 8 bytes leftover after parsing attributes in process `syz.0.63'.
[  113.325419][ T6189] veth1: entered promiscuous mode
[  113.407235][ T6189] netlink: 56 bytes leftover after parsing attributes in process `syz.0.63'.
[  114.378250][ T6200] netlink: 16 bytes leftover after parsing attributes in process `syz.4.66'.
[  115.617270][ T6204] syz.3.65 (6204): drop_caches: 2
[  118.293495][ T5929] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  118.383844][    C1] vkms_vblank_simulate: vblank timer overrun
[  118.475436][ T5929] usb 1-1: config 0 has an invalid interface number: 255 but max is 0
[  118.475462][ T5929] usb 1-1: config 0 has no interface number 0
[  118.475507][ T5929] usb 1-1: config 0 interface 255 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  118.475527][ T5929] usb 1-1: config 0 interface 255 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  118.478488][ T5929] usb 1-1: New USB device found, idVendor=10cf, idProduct=8065, bcdDevice=91.79
[  118.478512][ T5929] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  118.478529][ T5929] usb 1-1: Product: syz
[  118.478541][ T5929] usb 1-1: Manufacturer: syz
[  118.478553][ T5929] usb 1-1: SerialNumber: syz
[  118.599402][ T5929] usb 1-1: config 0 descriptor??
[  119.034117][    C1] vkms_vblank_simulate: vblank timer overrun
[  119.201037][ T5929] vmk80xx 1-1:0.255: driver 'vmk80xx' failed to auto-configure device.
[  119.231596][ T5929] vmk80xx 1-1:0.255: probe with driver vmk80xx failed with error -22
[  119.285673][ T5929] usb 1-1: USB disconnect, device number 2
[  119.362949][ T5922] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  119.583899][ T5922] usb 5-1: Using ep0 maxpacket: 32
[  119.587332][ T5922] usb 5-1: config 0 has an invalid interface number: 184 but max is 0
[  119.587347][ T5922] usb 5-1: config 0 has no interface number 0
[  119.587373][ T5922] usb 5-1: config 0 interface 184 has no altsetting 0
[  119.589329][ T5922] usb 5-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  119.589343][ T5922] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  119.589353][ T5922] usb 5-1: Product: syz
[  119.589359][ T5922] usb 5-1: Manufacturer: syz
[  119.589366][ T5922] usb 5-1: SerialNumber: syz
[  119.624091][ T5922] usb 5-1: config 0 descriptor??
[  119.700740][ T5922] smsc75xx v1.0.0
[  119.980260][ T1780] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  120.142890][ T1780] usb 2-1: Using ep0 maxpacket: 8
[  120.246041][ T1780] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  120.246126][ T1780] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  120.246149][ T1780] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  120.246169][ T1780] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  120.246204][ T1780] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  120.246224][ T1780] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  120.309948][ T5922] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -32
[  120.309974][ T5922] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  120.314839][   T31] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  120.497340][   T31] usb 4-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[  120.497426][   T31] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  120.497444][   T31] usb 4-1: Product: syz
[  120.497457][   T31] usb 4-1: Manufacturer: syz
[  120.497469][   T31] usb 4-1: SerialNumber: syz
[  120.499163][ T1780] usb 2-1: usb_control_msg returned -32
[  120.499438][ T1780] usbtmc 2-1:16.0: can't read capabilities
[  120.740472][ T1780] usb 2-1: USB disconnect, device number 2
[  120.980050][ T6271] =======================================================
[  120.980050][ T6271] WARNING: The mand mount option has been deprecated and
[  120.980050][ T6271]          and is ignored by this kernel. Remove the mand
[  120.980050][ T6271]          option from the mount to silence this warning.
[  120.980050][ T6271] =======================================================
[  120.982165][ T6271] ufs: You didn't specify the type of your ufs filesystem
[  120.982165][ T6271] 
[  120.982165][ T6271] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  120.982165][ T6271] 
[  120.982165][ T6271] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  120.982201][ T6271] ufs: ufstype=old is supported read-only
[  120.984838][ T6271] ufs: ufs_fill_super(): bad magic number
[  121.159866][ T5922] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000010: -71
[  121.159909][ T5922] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Failed to read HW_CFG: -71
[  121.159926][ T5922] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[  121.161779][ T5922] smsc75xx 5-1:0.184: probe with driver smsc75xx failed with error -71
[  121.250625][ T5922] usb 5-1: USB disconnect, device number 4
[  123.816576][   T31] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000084. ret = -EPROTO
[  123.816654][   T31] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Failed to init LTM with error -EPROTO
[  123.816672][   T31] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[  123.819483][   T31] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[  123.932170][   T31] lan78xx 4-1:1.0: probe with driver lan78xx failed with error -71
[  124.028624][   T31] usb 4-1: USB disconnect, device number 3
[  124.198268][ T6291] syz.2.95 uses obsolete (PF_INET,SOCK_PACKET)
[  124.211896][ T5839] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  124.372952][ T5839] usb 2-1: Using ep0 maxpacket: 16
[  124.383372][ T5839] usb 2-1: New USB device found, idVendor=05ac, idProduct=9226, bcdDevice=b2.89
[  124.383388][ T5839] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  124.383397][ T5839] usb 2-1: Product: syz
[  124.383404][ T5839] usb 2-1: Manufacturer: syz
[  124.383411][ T5839] usb 2-1: SerialNumber: syz
[  124.427769][ T5839] usb 2-1: config 0 descriptor??
[  124.448281][ T5839] appledisplay 2-1:0.0: Could not find int-in endpoint
[  124.451169][ T5839] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[  124.708400][   T31] usb 2-1: USB disconnect, device number 3
[  126.492909][ T5922] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  126.683996][ T5922] usb 4-1: Using ep0 maxpacket: 8
[  126.686959][ T5922] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  126.686982][ T5922] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  126.687004][ T5922] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  126.687023][ T5922] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  126.687050][ T5922] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  126.687061][ T5922] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  127.114231][ T5922] usb 4-1: usb_control_msg returned -32
[  127.114261][ T5922] usbtmc 4-1:16.0: can't read capabilities
[  127.412981][ T5839] usb 4-1: USB disconnect, device number 4
[  128.658304][ T6337] Zero length message leads to an empty skb
[  132.793344][ T1321] ieee802154 phy0 wpan0: encryption failed: -22
[  132.793439][ T1321] ieee802154 phy1 wpan1: encryption failed: -22
[  134.203308][    C1] vkms_vblank_simulate: vblank timer overrun
[  134.727543][    C1] vkms_vblank_simulate: vblank timer overrun
[  135.580467][    C1] vkms_vblank_simulate: vblank timer overrun
[  136.604035][    C1] vkms_vblank_simulate: vblank timer overrun
[  136.916654][ T6402] pim6reg: entered allmulticast mode
[  138.282929][ T5929] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  138.622898][ T5929] usb 2-1: Using ep0 maxpacket: 8
[  138.665865][ T5929] usb 2-1: unable to get BOS descriptor or descriptor too short
[  138.676429][ T5929] usb 2-1: config 8 has an invalid descriptor of length 86, skipping remainder of the config
[  138.676451][ T5929] usb 2-1: config 8 has 0 interfaces, different from the descriptor's value: 1
[  138.686252][ T5929] usb 2-1: New USB device found, idVendor=10cf, idProduct=5503, bcdDevice=75.af
[  138.686276][ T5929] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  138.686293][ T5929] usb 2-1: Product: syz
[  138.686304][ T5929] usb 2-1: Manufacturer: syz
[  138.686316][ T5929] usb 2-1: SerialNumber: syz
[  143.187004][ T5929] usb 2-1: USB disconnect, device number 4
[  143.765564][ T6460] netlink: 60 bytes leftover after parsing attributes in process `syz.1.145'.
[  144.596203][    C0] vkms_vblank_simulate: vblank timer overrun
[  145.253116][ T5850] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  145.480453][    C0] vkms_vblank_simulate: vblank timer overrun
[  145.596551][    C0] vkms_vblank_simulate: vblank timer overrun
[  145.636794][    C0] vkms_vblank_simulate: vblank timer overrun
[  145.697780][    C0] vkms_vblank_simulate: vblank timer overrun
[  146.258992][    C0] vkms_vblank_simulate: vblank timer overrun
[  146.271283][ T5850] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  146.271336][ T5850] usb 4-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  146.271357][ T5850] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  146.319874][ T5850] usb 4-1: config 0 descriptor??
[  146.347290][ T5850] pwc: Askey VC010 type 2 USB webcam detected.
[  146.848620][ T5850] pwc: recv_control_msg error -32 req 02 val 2b00
[  146.863732][ T5850] pwc: recv_control_msg error -32 req 02 val 2700
[  146.866712][ T5850] pwc: recv_control_msg error -32 req 02 val 2c00
[  146.867433][ T5850] pwc: recv_control_msg error -32 req 04 val 1000
[  146.868118][ T5850] pwc: recv_control_msg error -32 req 04 val 1300
[  146.868795][ T5850] pwc: recv_control_msg error -32 req 04 val 1400
[  146.870238][ T5850] pwc: recv_control_msg error -32 req 02 val 2000
[  146.879450][ T5850] pwc: recv_control_msg error -32 req 02 val 2100
[  146.880559][ T5850] pwc: recv_control_msg error -32 req 04 val 1500
[  146.881735][ T5850] pwc: recv_control_msg error -32 req 02 val 2500
[  146.884845][ T5850] pwc: recv_control_msg error -32 req 02 val 2400
[  147.210055][ T5850] pwc: recv_control_msg error -71 req 02 val 2900
[  147.222855][ T5850] pwc: recv_control_msg error -71 req 02 val 2800
[  147.223400][ T5850] pwc: recv_control_msg error -71 req 04 val 1100
[  147.223727][ T5850] pwc: recv_control_msg error -71 req 04 val 1200
[  147.257985][ T5850] pwc: Registered as video103.
[  147.262459][ T5850] input: PWC snapshot button as /devices/platform/dummy_hcd.3/usb4/4-1/input/input6
[  147.300583][ T5850] usb 4-1: USB disconnect, device number 5
[  147.906666][ T6507] siw: device registration error -23
[  149.238779][ T6517] netlink: 60 bytes leftover after parsing attributes in process `syz.4.166'.
[  150.541603][ T6534] process 'syz.2.171' launched '/dev/fd/9' with NULL argv: empty string added
[  152.832185][ T6543] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  152.832195][ T6543] IPv6: NLM_F_CREATE should be set when creating new route
[  152.832305][ T6543] IPv6: NLM_F_CREATE should be set when creating new route
[  152.832323][ T6543] IPv6: NLM_F_CREATE should be set when creating new route
[  153.041567][ T6556] mmap: syz.2.177 (6556) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  153.204122][ T6547] block nbd0: shutting down sockets
[  153.704338][   T37] audit: type=1800 audit(1756358088.522:2): pid=6556 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.2.177" name="/" dev="9p" ino=2 res=0 errno=0
[  154.260318][ T6571] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  155.416145][ T6582] netlink: 60 bytes leftover after parsing attributes in process `syz.3.186'.
[  159.583756][    C0] vkms_vblank_simulate: vblank timer overrun
[  159.690076][    C0] vkms_vblank_simulate: vblank timer overrun
[  159.727657][    C0] vkms_vblank_simulate: vblank timer overrun
[  160.390044][    C0] vkms_vblank_simulate: vblank timer overrun
[  161.387577][    C0] vkms_vblank_simulate: vblank timer overrun
[  161.473125][    C0] vkms_vblank_simulate: vblank timer overrun
[  161.627462][    C0] vkms_vblank_simulate: vblank timer overrun
[  161.682488][ T6625] bridge_slave_0: left allmulticast mode
[  161.682522][ T6625] bridge_slave_0: left promiscuous mode
[  161.684540][ T6625] bridge0: port 1(bridge_slave_0) entered disabled state
[  161.978690][ T6625] bridge_slave_1: left allmulticast mode
[  161.978720][ T6625] bridge_slave_1: left promiscuous mode
[  161.980687][ T6625] bridge0: port 2(bridge_slave_1) entered disabled state
[  162.594948][    C0] vkms_vblank_simulate: vblank timer overrun
[  163.225862][    C0] vkms_vblank_simulate: vblank timer overrun
[  163.390215][    C0] vkms_vblank_simulate: vblank timer overrun
[  163.537504][ T6625] bond0: (slave bond_slave_0): Releasing backup interface
[  164.688129][ T6641] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  164.690635][ T6641] block device autoloading is deprecated and will be removed.
[  167.225686][ T6625] bond0: (slave bond_slave_1): Releasing backup interface
[  167.414499][ T6625] team0: Port device team_slave_0 removed
[  168.631176][ T6625] team0: Port device team_slave_1 removed
[  168.632245][ T6625] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  168.632273][ T6625] batman_adv: batadv0: Removing interface: batadv_slave_0
[  168.879030][ T6625] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  168.879061][ T6625] batman_adv: batadv0: Removing interface: batadv_slave_1
[  170.743087][    C0] vkms_vblank_simulate: vblank timer overrun
[  171.748315][ T6692] netlink: 244 bytes leftover after parsing attributes in process `syz.2.219'.
[  171.801346][ T5852] Bluetooth: hci1: ISO packet for unknown connection handle 1550
[  171.923239][    C0] vkms_vblank_simulate: vblank timer overrun
[  171.986982][    C0] vkms_vblank_simulate: vblank timer overrun
[  172.208729][    C0] vkms_vblank_simulate: vblank timer overrun
[  172.211063][ T5970] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  174.335060][    C0] vkms_vblank_simulate: vblank timer overrun
[  174.394360][ T5970] usb 5-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[  174.394387][ T5970] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  174.394404][ T5970] usb 5-1: Product: syz
[  174.394416][ T5970] usb 5-1: Manufacturer: syz
[  174.394428][ T5970] usb 5-1: SerialNumber: syz
[  174.892723][ T5970] usb 5-1: can't set config #1, error -71
[  174.904403][ T5970] usb 5-1: USB disconnect, device number 5
[  175.930017][    C0] vkms_vblank_simulate: vblank timer overrun
[  176.071946][    C0] vkms_vblank_simulate: vblank timer overrun
[  176.715827][    C0] vkms_vblank_simulate: vblank timer overrun
[  178.774475][ T6733] Bluetooth: MGMT ver 1.23
[  178.800758][ T5852] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:201'
[  178.800791][ T5852] CPU: 0 UID: 0 PID: 5852 Comm: kworker/u9:4 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  178.800803][ T5852] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  178.800810][ T5852] Workqueue: hci0 hci_rx_work
[  178.800833][ T5852] Call Trace:
[  178.800837][ T5852]  <TASK>
[  178.800842][ T5852]  dump_stack_lvl+0x189/0x250
[  178.800860][ T5852]  ? __pfx_dump_stack_lvl+0x10/0x10
[  178.800874][ T5852]  ? __pfx__printk+0x10/0x10
[  178.800887][ T5852]  ? kernfs_path_from_node+0x2c/0x280
[  178.800898][ T5852]  ? kernfs_path_from_node+0x243/0x280
[  178.800907][ T5852]  ? kernfs_path_from_node+0x2c/0x280
[  178.800918][ T5852]  sysfs_create_dir_ns+0x259/0x280
[  178.800932][ T5852]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  178.800944][ T5852]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  178.800958][ T5852]  ? rt_spin_unlock+0x65/0x80
[  178.800970][ T5852]  kobject_add_internal+0x5a5/0xb50
[  178.800989][ T5852]  kobject_add+0x155/0x220
[  178.801004][ T5852]  ? __pfx_kobject_add+0x10/0x10
[  178.801021][ T5852]  ? get_device_parent+0x370/0x3a0
[  178.801036][ T5852]  device_add+0x408/0xb50
[  178.801051][ T5852]  hci_conn_add_sysfs+0xd5/0x1e0
[  178.801067][ T5852]  le_conn_complete_evt+0xc3a/0x1220
[  178.801087][ T5852]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  178.801099][ T5852]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  178.801111][ T5852]  ? lockdep_hardirqs_on+0x9c/0x150
[  178.801125][ T5852]  ? skb_pull_data+0xfb/0x200
[  178.801138][ T5852]  hci_le_conn_complete_evt+0x187/0x450
[  178.801153][ T5852]  hci_event_packet+0x78f/0x1200
[  178.801165][ T5852]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  178.801177][ T5852]  ? __pfx_hci_event_packet+0x10/0x10
[  178.801186][ T5852]  ? __pfx_migrate_enable+0x10/0x10
[  178.801202][ T5852]  ? hci_send_to_monitor+0xe2/0x570
[  178.801215][ T5852]  hci_rx_work+0x46a/0xe80
[  178.801229][ T5852]  ? process_scheduled_works+0x9ef/0x17b0
[  178.801241][ T5852]  process_scheduled_works+0xade/0x17b0
[  178.801269][ T5852]  ? __pfx_process_scheduled_works+0x10/0x10
[  178.801290][ T5852]  worker_thread+0x8a0/0xda0
[  178.801303][ T5852]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  178.801319][ T5852]  ? __kthread_parkme+0x7b/0x200
[  178.801336][ T5852]  kthread+0x711/0x8a0
[  178.801351][ T5852]  ? __pfx_worker_thread+0x10/0x10
[  178.801362][ T5852]  ? __pfx_kthread+0x10/0x10
[  178.801378][ T5852]  ? __pfx_kthread+0x10/0x10
[  178.801392][ T5852]  ret_from_fork+0x3fc/0x770
[  178.801405][ T5852]  ? __pfx_ret_from_fork+0x10/0x10
[  178.801421][ T5852]  ? __switch_to_asm+0x39/0x70
[  178.801429][ T5852]  ? __switch_to_asm+0x33/0x70
[  178.801437][ T5852]  ? __pfx_kthread+0x10/0x10
[  178.801450][ T5852]  ret_from_fork_asm+0x1a/0x30
[  178.801468][ T5852]  </TASK>
[  178.801485][ T5852] kobject: kobject_add_internal failed for hci0:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  178.801508][ T5852] Bluetooth: hci0: failed to register connection device
[  180.565634][    C0] vkms_vblank_simulate: vblank timer overrun
[  181.861090][    C0] vkms_vblank_simulate: vblank timer overrun
[  182.243874][ T6753] lo speed is unknown, defaulting to 1000
[  182.516082][    C0] vkms_vblank_simulate: vblank timer overrun
[  183.332576][    C0] vkms_vblank_simulate: vblank timer overrun
[  184.411513][    C0] vkms_vblank_simulate: vblank timer overrun
[  184.913128][    C0] vkms_vblank_simulate: vblank timer overrun
[  185.242906][ T5850] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  185.343263][ T5848] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  185.435330][ T5850] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  185.435359][ T5850] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  185.550813][ T5850] usb 4-1: config 0 descriptor??
[  185.634454][ T5848] usb 5-1: Using ep0 maxpacket: 32
[  185.641606][ T5848] usb 5-1: unable to get BOS descriptor or descriptor too short
[  185.644016][ T5848] usb 5-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config
[  185.651056][ T5848] usb 5-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice=5a.bb
[  185.651079][ T5848] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  185.651096][ T5848] usb 5-1: Product: syz
[  185.651108][ T5848] usb 5-1: Manufacturer: syz
[  185.651120][ T5848] usb 5-1: SerialNumber: syz
[  185.711690][ T5850] cp210x 4-1:0.0: cp210x converter detected
[  185.966333][ T5848] usb 5-1: Cannot retrieve CPort count: 0
[  185.966382][ T5848] usb 5-1: Cannot retrieve CPort count: -5
[  185.968818][ T5848] es2_ap_driver 5-1:7.0: probe with driver es2_ap_driver failed with error -5
[  186.467970][ T5850] cp210x 4-1:0.0: failed to get vendor val 0x000e size 678: -32
[  186.468028][ T5850] cp210x 4-1:0.0: GPIO initialisation failed: -32
[  186.472599][ T5848] usb 5-1: USB disconnect, device number 6
[  186.510868][ T5850] usb 4-1: cp210x converter now attached to ttyUSB0
[  186.553235][ T5850] usb 4-1: USB disconnect, device number 6
[  186.656754][ T5850] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  186.678072][ T5850] cp210x 4-1:0.0: device disconnected
[  187.503745][ T5839] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  187.733965][ T5839] usb 1-1: Using ep0 maxpacket: 8
[  188.089724][ T5848] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  190.728685][ T5848] usb 4-1: Using ep0 maxpacket: 32
[  194.222257][ T1321] ieee802154 phy0 wpan0: encryption failed: -22
[  194.222330][ T1321] ieee802154 phy1 wpan1: encryption failed: -22
[  194.409409][ T5839] usb 1-1: unable to get BOS descriptor or descriptor too short
[  195.825231][ T5848] usb 4-1: device descriptor read/all, error -110
[  195.910084][ T5839] usb 1-1: unable to read config index 0 descriptor/start: -32
[  195.910099][ T5839] usb 1-1: chopping to 0 config(s)
[  195.910114][ T5839] usb 1-1: can't read configurations, error -32
[  196.202925][ T5848] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  196.203936][ T5839] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  196.956208][ T5848] usb 4-1: device descriptor read/64, error -32
[  197.122399][ T5848] usb usb4-port1: attempt power cycle
[  200.022960][   T15] sched: DL replenish lagged too much
[  201.931328][ T5839] usb 1-1: device descriptor read/64, error -32
[  202.967300][ T5158] Bluetooth: hci2: command 0x0406 tx timeout
[  202.967341][ T5158] Bluetooth: hci3: command 0x0406 tx timeout
[  202.967366][ T5158] Bluetooth: hci1: command 0x0406 tx timeout
[  202.967388][ T5158] Bluetooth: hci4: command 0x0406 tx timeout
[  203.084931][ T5839] usb usb1-port1: attempt power cycle
[  204.095745][   T59] Bluetooth: hci0: command 0x0406 tx timeout
[  222.005623][ T5854] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  222.008123][ T5854] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  222.009574][ T5854] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  222.010715][ T5854] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  222.063025][ T5854] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  222.514986][ T6819] lo speed is unknown, defaulting to 1000
[  222.775268][ T5841] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  222.780010][ T5841] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  222.781793][ T5841] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  222.808801][ T5841] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  222.842879][ T5841] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  223.005794][ T5855] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  223.022709][ T5855] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  223.031873][ T5855] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  223.064579][ T5855] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  223.065451][ T5855] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  223.110453][ T5852] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  223.125130][ T5852] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  223.126215][ T5852] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  223.128147][ T5852] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  223.128985][ T5852] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  223.537980][ T6821] lo speed is unknown, defaulting to 1000
[  223.669151][   T59] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[  223.693466][   T59] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[  223.694625][   T59] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[  223.699171][   T59] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[  223.700291][   T59] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[  223.780904][ T6822] lo speed is unknown, defaulting to 1000
[  223.930540][ T6824] lo speed is unknown, defaulting to 1000
[  224.332940][ T6829] lo speed is unknown, defaulting to 1000
[  225.716854][ T6819] chnl_net:caif_netlink_parms(): no params data found
[  241.743463][ T5849] Bluetooth: hci8: command tx timeout
[  241.743698][ T5849] Bluetooth: hci7: command tx timeout
[  241.743852][ T5849] Bluetooth: hci9: command tx timeout
[  241.743995][ T5849] Bluetooth: hci6: command tx timeout
[  241.744144][ T5849] Bluetooth: hci5: command tx timeout
[  243.813061][ T5841] Bluetooth: hci5: command tx timeout
[  243.813091][ T5841] Bluetooth: hci6: command tx timeout
[  243.813111][ T5841] Bluetooth: hci9: command tx timeout
[  243.813130][ T5841] Bluetooth: hci7: command tx timeout
[  243.813147][ T5841] Bluetooth: hci8: command tx timeout
[  245.893064][ T5849] Bluetooth: hci8: command tx timeout
[  245.893095][ T5849] Bluetooth: hci7: command tx timeout
[  245.893114][ T5849] Bluetooth: hci9: command tx timeout
[  245.893133][ T5849] Bluetooth: hci6: command tx timeout
[  245.893151][ T5849] Bluetooth: hci5: command tx timeout
[  246.793484][ T6822] chnl_net:caif_netlink_parms(): no params data found
[  246.802308][ T6821] chnl_net:caif_netlink_parms(): no params data found
[  248.042831][ T5849] Bluetooth: hci9: command tx timeout
[  248.042868][ T5849] Bluetooth: hci5: command tx timeout
[  248.042963][ T5849] Bluetooth: hci6: command tx timeout
[  248.042984][ T5849] Bluetooth: hci7: command tx timeout
[  248.043005][ T5849] Bluetooth: hci8: command tx timeout
[  255.666361][ T1321] ieee802154 phy0 wpan0: encryption failed: -22
[  255.666438][ T1321] ieee802154 phy1 wpan1: encryption failed: -22
[  267.097474][ T5849] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  267.114172][ T5849] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  267.115549][ T5849] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  267.116699][ T5849] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  267.117477][ T5849] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  269.260472][ T5855] Bluetooth: hci0: command tx timeout
[  271.043852][ T5849] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  271.052309][ T5849] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  271.067952][ T5849] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  271.069214][ T5849] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  271.097607][ T5849] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  271.333102][ T5855] Bluetooth: hci0: command tx timeout
[  273.183121][ T5855] Bluetooth: hci1: command tx timeout
[  273.412962][ T5855] Bluetooth: hci0: command tx timeout
[  275.252857][ T5855] Bluetooth: hci1: command tx timeout
[  275.492980][ T5855] Bluetooth: hci0: command tx timeout
[  276.018763][ T5849] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  276.038747][ T5849] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  276.041489][ T5849] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  276.052870][ T5849] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  276.086653][ T5849] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  277.333095][ T5855] Bluetooth: hci1: command tx timeout
[  278.132989][ T5855] Bluetooth: hci2: command tx timeout
[  279.414934][ T5855] Bluetooth: hci1: command tx timeout
[  280.213086][ T5855] Bluetooth: hci2: command tx timeout
[  281.121551][ T5849] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  281.137837][ T5849] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  281.159201][ T5849] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  281.160699][ T5849] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  281.178683][ T5849] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  281.778695][ T5855] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  281.790984][ T5855] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  281.792127][ T5855] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  281.809234][ T5855] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  281.829284][ T5855] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  282.293030][ T5849] Bluetooth: hci2: command tx timeout
[  283.259870][ T5849] Bluetooth: hci3: command tx timeout
[  283.893059][ T5849] Bluetooth: hci4: command tx timeout
[  284.373034][ T5849] Bluetooth: hci2: command tx timeout
[  285.335045][ T5849] Bluetooth: hci3: command tx timeout
[  285.973084][ T5849] Bluetooth: hci4: command tx timeout
[  287.412957][ T5849] Bluetooth: hci3: command tx timeout
[  288.054802][ T5849] Bluetooth: hci4: command tx timeout
[  289.497483][ T5849] Bluetooth: hci3: command tx timeout
[  290.212897][ T5849] Bluetooth: hci4: command tx timeout
[  317.101703][ T1321] ieee802154 phy0 wpan0: encryption failed: -22
[  317.101776][ T1321] ieee802154 phy1 wpan1: encryption failed: -22
[  327.163938][ T5855] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1
[  327.172499][ T5855] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9
[  327.195029][ T5855] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9
[  327.196705][ T5855] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4
[  327.217355][ T5855] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2
[  332.042098][ T5841] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1
[  332.076511][ T5841] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9
[  332.078987][ T5841] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9
[  332.098320][ T5841] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4
[  332.099122][ T5841] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2
[  336.630211][ T5852] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  336.643239][ T5852] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  336.644420][ T5852] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  336.645885][ T5852] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  336.676425][ T5852] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  342.044908][ T5854] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1
[  342.049594][ T5854] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9
[  342.050734][ T5854] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9
[  342.052172][ T5854] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4
[  342.086905][   T59] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2
[  343.247257][ T5854] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1
[  343.249771][ T5854] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9
[  343.250900][ T5854] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9
[  343.252118][ T5854] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4
[  343.282714][ T5854] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2
[  359.503937][ T5855] Bluetooth: hci11: command tx timeout
[  359.510601][ T5841] Bluetooth: hci7: command tx timeout
[  359.513725][ T5852] Bluetooth: hci12: command tx timeout
[  359.532974][   T59] Bluetooth: hci13: command tx timeout
[  361.573113][   T59] Bluetooth: hci13: command tx timeout
[  361.573461][   T59] Bluetooth: hci12: command tx timeout
[  361.573555][   T59] Bluetooth: hci7: command tx timeout
[  361.573668][   T59] Bluetooth: hci10: command tx timeout
[  361.573802][   T59] Bluetooth: hci11: command tx timeout
[  363.657505][   T59] Bluetooth: hci7: command tx timeout
[  363.657545][   T59] Bluetooth: hci11: command tx timeout
[  363.657566][   T59] Bluetooth: hci10: command tx timeout
[  363.657585][   T59] Bluetooth: hci12: command tx timeout
[  363.657604][   T59] Bluetooth: hci13: command tx timeout
[  365.733109][   T59] Bluetooth: hci7: command tx timeout
[  365.733141][   T59] Bluetooth: hci13: command tx timeout
[  365.733161][   T59] Bluetooth: hci12: command tx timeout
[  365.733180][   T59] Bluetooth: hci10: command tx timeout
[  365.737615][ T5841] Bluetooth: hci11: command tx timeout
[  367.813125][   T59] Bluetooth: hci10: command tx timeout
[  378.701090][ T1321] ieee802154 phy0 wpan0: encryption failed: -22
[  378.701167][ T1321] ieee802154 phy1 wpan1: encryption failed: -22
[  392.094990][ T5852] Bluetooth: hci0: command 0x0406 tx timeout
[  395.985439][ T5841] Bluetooth: hci1: command 0x0406 tx timeout
[  401.169995][   T38] INFO: task syz-executor:5844 blocked for more than 144 seconds.
[  401.170022][   T38]       Not tainted syzkaller #0
[  401.170032][   T38]       Blocked by coredump.
[  401.170037][   T38] "echo 0 > /proc/sys/kerne[  401.170037][   T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  401.170046][   T38] task:syz-executor    state:D stack:21832 pid:5844  tgid:5844  ppid:1      task_flags:0x40054c flags:0x00004006
[  401.170115][   T38] Call Trace:
[  401.170121][   T38]  <TASK>
[  401.170134][   T38]  __schedule+0x16f3/0x4c20
[  401.170190][   T38]  ? __pfx___schedule+0x10/0x10
[  401.170229][   T38]  ? _raw_spin_unlock_irq+0x23/0x50
[  401.170253][   T38]  rt_mutex_schedule+0x77/0xf0
[  401.170271][   T38]  rt_mutex_slowlock_block+0x5ba/0x6d0
[  401.170290][   T38]  ? task_blocks_on_rt_mutex+0xf04/0x1380
[  401.170326][   T38]  rt_mutex_slowlock+0x2b1/0x6e0
[  401.170346][   T38]  ? rt_mutex_slowlock+0x1c9/0x6e0
[  401.170389][   T38]  ? __pfx_rt_mutex_slowlock+0x10/0x10
[  401.170424][   T38]  ? __pfx___fsnotify_parent+0x10/0x10
[  401.170453][   T38]  ? tun_chr_close+0x41/0x1c0
[  401.170483][   T38]  mutex_lock_nested+0x16a/0x1d0
[  401.170503][   T38]  ? __pfx_tun_chr_close+0x10/0x10
[  401.170524][   T38]  tun_chr_close+0x41/0x1c0
[  401.170546][   T38]  __fput+0x45b/0xa80
[  401.170577][   T38]  task_work_run+0x1d4/0x260
[  401.170599][   T38]  ? __pfx_task_work_run+0x10/0x10
[  401.170617][   T38]  ? do_exit+0x6b0/0x2300
[  401.170632][   T38]  ? kmem_cache_free+0x195/0x510
[  401.170660][   T38]  do_exit+0x6b5/0x2300
[  401.170677][   T38]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  401.170702][   T38]  ? __lock_acquire+0xab9/0xd20
[  401.170726][   T38]  ? __pfx_do_exit+0x10/0x10
[  401.170740][   T38]  ? rt_mutex_slowunlock+0x493/0x8a0
[  401.170760][   T38]  ? rt_spin_lock+0x1bb/0x2c0
[  401.170788][   T38]  do_group_exit+0x21c/0x2d0
[  401.170811][   T38]  get_signal+0x125e/0x1310
[  401.170855][   T38]  arch_do_signal_or_restart+0x9a/0x750
[  401.170879][   T38]  ? kmem_cache_free+0x402/0x510
[  401.170902][   T38]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  401.170938][   T38]  ? exit_to_user_mode_loop+0x40/0x110
[  401.170964][   T38]  exit_to_user_mode_loop+0x75/0x110
[  401.170986][   T38]  do_syscall_64+0x2bd/0x3b0
[  401.171006][   T38]  ? lockdep_hardirqs_on+0x9c/0x150
[  401.171027][   T38]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  401.171044][   T38]  ? clear_bhb_loop+0x60/0xb0
[  401.171063][   T38]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  401.171087][   T38] RIP: 0033:0x7fe10d75d5fc
[  401.171107][   T38] RSP: 002b:00007fffbf450810 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  401.171125][   T38] RAX: fffffffffffffe00 RBX: 0000000000000003 RCX: 00007fe10d75d5fc
[  401.171137][   T38] RDX: 0000000000000030 RSI: 00007fffbf4508d0 RDI: 00000000000000f9
[  401.171149][   T38] RBP: 00007fffbf45087c R08: 0000000000000000 R09: 00007fffbf450587
[  401.171161][   T38] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000032
[  401.171171][   T38] R13: 0000000000000057 R14: 000000000002e287 R15: 00007fffbf4508d0
[  401.171200][   T38]  </TASK>
[  401.171265][   T38] 
[  401.171265][   T38] Showing all locks held in the system:
[  401.171273][   T38] 1 lock held by kthreadd/2:
[  401.171285][   T38] 3 locks held by kworker/u8:1/13:
[  401.171295][   T38] 9 locks held by rcuc/0/20:
[  401.171307][   T38] 1 lock held by khungtaskd/38:
[  401.171316][   T38]  #0: ffffffff8d9a8b80 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[  401.171358][   T38] 3 locks held by kworker/u8:2/43:
[  401.171370][   T38] 3 locks held by kworker/u9:0/59:
[  401.171380][   T38]  #0: ffff88805f8c8938 ((wq_completion)hci2#3){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  401.171428][   T38]  #1: ffffc9000125fbc0 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  401.171478][   T38]  #2: ffff888067364e80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d4/0x3a0
[  401.171530][   T38] 5 locks held by kworker/u8:5/155:
[  401.171539][   T38]  #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  401.171582][   T38]  #1: ffffc90003a97bc0 ((work_completion)(&rdev->wiphy_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  401.171625][   T38]  #2: ffff888049310898 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: cfg80211_wiphy_work+0xc4/0x470
[  401.171668][   T38]  #3: ffffffff8d84a760 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  401.171711][   T38]  #4: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  401.171759][   T38] 3 locks held by kworker/u8:7/1411:
[  401.171769][   T38] 3 locks held by kworker/u8:8/1414:
[  401.171780][   T38] 3 locks held by kworker/u8:10/1454:
[  401.171789][   T38]  #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  401.171832][   T38]  #1: ffffc9000544fbc0 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  401.171874][   T38]  #2: ffffffff8ecd20b8 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0xe/0x60
[  401.171922][   T38] 3 locks held by kworker/u8:11/1463:
[  401.171931][   T38] 3 locks held by kworker/u8:12/1481:
[  401.171942][   T38] 3 locks held by kworker/u8:15/1526:
[  401.171951][   T38]  #0: ffff88803039c138 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  401.171994][   T38]  #1: ffffc9000585fbc0 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  401.172032][   T38]  #2: ffffffff8ecd20b8 (rtnl_mutex){+.+.}-{4:4}, at: addrconf_verify_work+0x19/0x30
[  401.172081][   T38] 1 lock held by syslogd/5191:
[  401.172090][   T38]  #0: ffff888032602258 (&ei->socket.wq.wait){+.+.}-{3:3}, at: finish_wait+0xbf/0x1f0
[  401.172130][   T38] 2 locks held by udevd/5209:
[  401.172140][   T38] 3 locks held by dhcpcd/5504:
[  401.172151][   T38] 2 locks held by getty/5602:
[  401.172160][   T38]  #0: ffff88823bf208a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  401.172206][   T38]  #1: ffffc90003e8b2e0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x444/0x1410
[  401.172248][   T38] 1 lock held by syz-executor/5826:
[  401.172258][   T38] 1 lock held by syz-executor/5837:
[  401.172268][   T38]  #0: ffffffff8d9ae530 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[  401.172308][   T38] 1 lock held by syz-executor/5844:
[  401.172318][   T38]  #0: ffffffff8ecd20b8 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x41/0x1c0
[  401.172360][   T38] 1 lock held by syz-executor/5845:
[  401.172370][   T38]  #0: ffffffff8d9ae530 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[  401.172410][   T38] 1 lock held by syz-executor/5847:
[  401.172420][   T38]  #0: ffffffff8d9ae530 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[  401.172468][   T38] 4 locks held by kworker/0:5/5850:
[  401.172478][   T38] 4 locks held by kworker/u9:4/5852:
[  401.172488][   T38]  #0: ffff888033534138 ((wq_completion)hci1#3){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  401.172535][   T38]  #1: ffffc90004befbc0 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  401.172578][   T38]  #2: ffff888036524e80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d4/0x3a0
[  401.172624][   T38]  #3: ffff8880365240a8 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x242/0xe30
[  401.172674][   T38] 3 locks held by kworker/1:6/5929:
[  401.172686][   T38] 3 locks held by kworker/1:9/6031:
[  401.172695][   T38]  #0: ffff888019898538 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  401.296786][   T38]  #1: ffffc900052efbc0 (deferred_process_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  401.296862][   T38]  #2: ffffffff8ecd20b8 (rtnl_mutex){+.+.}-{4:4}, at: switchdev_deferred_process_work+0xe/0x20
[  401.296916][   T38] 1 lock held by syz.2.245/6792:
[  401.296927][   T38]  #0: ffffffff8ecd20b8 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x41/0x1c0
[  401.296975][   T38] 1 lock held by syz-executor/6819:
[  401.296985][   T38]  #0: ffffffff8ecd20b8 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x41/0x1c0
[  401.297028][   T38] 1 lock held by syz-executor/6821:
[  401.297038][   T38]  #0: ffffffff8ecd20b8 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x41/0x1c0
[  401.297081][   T38] 1 lock held by syz-executor/6822:
[  401.297091][   T38]  #0: ffffffff8ecd20b8 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x41/0x1c0
[  401.297133][   T38] 1 lock held by syz-executor/6824:
[  401.297143][   T38]  #0: ffffffff8ecd20b8 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x41/0x1c0
[  401.297186][   T38] 1 lock held by syz-executor/6829:
[  401.297196][   T38]  #0: ffffffff8ecd20b8 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x41/0x1c0
[  401.297240][   T38] 3 locks held by kworker/u8:17/6845:
[  401.297252][   T38] 1 lock held by syz-executor/6860:
[  401.297261][   T38]  #0: ffffffff8ecd20b8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  401.297309][   T38] 1 lock held by syz-executor/6865:
[  401.297319][   T38]  #0: ffffffff8ecd20b8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  401.297364][   T38] 1 lock held by syz-executor/6871:
[  401.297374][   T38]  #0: ffffffff8ecd20b8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  401.297419][   T38] 1 lock held by syz-executor/6878:
[  401.297428][   T38]  #0: ffffffff8ecd20b8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  401.297475][   T38] 1 lock held by syz-executor/6883:
[  401.297484][   T38]  #0: ffffffff8ecd20b8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  401.297532][   T38] 1 lock held by syz-executor/6898:
[  401.297542][   T38]  #0: ffffffff8ecd20b8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  401.297596][   T38] 1 lock held by syz-executor/6904:
[  401.297606][   T38]  #0: ffffffff8ecd20b8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  401.297651][   T38] 1 lock held by syz-executor/6909:
[  401.297661][   T38]  #0: ffffffff8ecd20b8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  401.297708][   T38] 1 lock held by syz-executor/6913:
[  401.297717][   T38]  #0: ffffffff8ecd20b8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  401.297769][   T38] 1 lock held by syz-executor/6917:
[  401.297778][   T38]  #0: ffffffff8ecd20b8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  401.297826][   T38] 
[  401.297831][   T38] =============================================
[  401.297831][   T38] 
[  401.297877][   T38] NMI backtrace for cpu 1
[  401.297903][   T38] CPU: 1 UID: 0 PID: 38 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  401.297922][   T38] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  401.297933][   T38] Call Trace:
[  401.297942][   T38]  <TASK>
[  401.297952][   T38]  dump_stack_lvl+0x189/0x250
[  401.297983][   T38]  ? __pfx_dump_stack_lvl+0x10/0x10
[  401.298005][   T38]  ? __pfx__printk+0x10/0x10
[  401.298035][   T38]  nmi_cpu_backtrace+0x39e/0x3d0
[  401.298059][   T38]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  401.298078][   T38]  ? __pfx__printk+0x10/0x10
[  401.298100][   T38]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  401.298124][   T38]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[  401.298144][   T38]  watchdog+0xf93/0xfe0
[  401.298171][   T38]  ? watchdog+0x1de/0xfe0
[  401.298197][   T38]  kthread+0x711/0x8a0
[  401.298224][   T38]  ? __pfx_watchdog+0x10/0x10
[  401.298242][   T38]  ? __pfx_kthread+0x10/0x10
[  401.298270][   T38]  ? __pfx_kthread+0x10/0x10
[  401.298293][   T38]  ret_from_fork+0x3fc/0x770
[  401.298318][   T38]  ? __pfx_ret_from_fork+0x10/0x10
[  401.298344][   T38]  ? __switch_to_asm+0x39/0x70
[  401.298359][   T38]  ? __switch_to_asm+0x33/0x70
[  401.298373][   T38]  ? __pfx_kthread+0x10/0x10
[  401.298396][   T38]  ret_from_fork_asm+0x1a/0x30
[  401.298427][   T38]  </TASK>
[  401.298434][   T38] Sending NMI from CPU 1 to CPUs 0:
[  401.298464][    C0] NMI backtrace for cpu 0
[  401.298482][    C0] CPU: 0 UID: 0 PID: 1184 Comm: irq/32-virtio1- Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  401.298521][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  401.298540][    C0] RIP: 0010:lock_release+0x89/0x3e0
[  401.298581][    C0] Code: 55 81 0d 00 0f 84 44 02 00 00 65 8b 05 40 1f 5a 10 85 c0 0f 85 35 02 00 00 65 4c 8b 3c 25 08 e0 f5 91 41 83 bf 1c 0b 00 00 00 <0f> 85 1e 02 00 00 49 81 3e 00 83 b9 92 0f 84 11 02 00 00 48 c7 44
[  401.298596][    C0] RSP: 0018:ffffc90004b5e6e8 EFLAGS: 00000246
[  401.298611][    C0] RAX: 0000000000000000 RBX: ffff888034ca0690 RCX: 7eb940687bfac300
[  401.298623][    C0] RDX: ffff888026ae8440 RSI: ffffffff8b620de0 RDI: ffffffff8b620da0
[  401.298635][    C0] RBP: ffffc90004b5e888 R08: 0000000000000000 R09: ffffffff8af89bab
[  401.298647][    C0] R10: 0000000000000000 R11: fffffbfff1e3a8c7 R12: ffff88806fdf1ac0
[  401.298658][    C0] R13: ffffffff8af8a2c5 R14: ffffffff8d9a8b80 R15: ffff888026ae8000
[  401.298671][    C0] FS:  0000000000000000(0000) GS:ffff8881268c2000(0000) knlGS:0000000000000000
[  401.298684][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  401.298695][    C0] CR2: 00007f5297991700 CR3: 0000000035754000 CR4: 00000000003526f0
[  401.298710][    C0] Call Trace:
[  401.298716][    C0]  <TASK>
[  401.298726][    C0]  rt_spin_unlock+0x71/0x80
[  401.298743][    C0]  ref_tracker_alloc+0x28e/0x450
[  401.298766][    C0]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  401.298785][    C0]  ? dst_init+0xd9/0x450
[  401.298813][    C0]  ? dst_alloc+0x12a/0x170
[  401.298832][    C0]  ? ip_route_output_key_hash_rcu+0x14e1/0x23d0
[  401.298858][    C0]  ? ip_route_output_key_hash+0x1b9/0x2e0
[  401.298879][    C0]  ? ip_route_output_flow+0x2a/0x150
[  401.298899][    C0]  ? ip_route_me_harder+0x6d2/0x1030
[  401.298914][    C0]  ? synproxy_send_tcp+0x359/0x6c0
[  401.298934][    C0]  ? synproxy_send_client_synack+0x8bb/0xe20
[  401.298953][    C0]  ? nft_synproxy_eval_v4+0x36e/0x560
[  401.298976][    C0]  ? nft_synproxy_do_eval+0x345/0x570
[  401.298996][    C0]  ? nft_do_chain+0x40c/0x1920
[  401.299016][    C0]  ? nft_do_chain_inet+0x25d/0x340
[  401.299037][    C0]  ? nf_hook_slow+0xc5/0x220
[  401.299057][    C0]  ? NF_HOOK+0x206/0x3a0
[  401.299072][    C0]  ? NF_HOOK+0x309/0x3a0
[  401.299088][    C0]  ? __netif_receive_skb+0x143/0x380
[  401.299104][    C0]  ? dst_alloc+0x105/0x170
[  401.299125][    C0]  ? dst_alloc+0x105/0x170
[  401.299146][    C0]  dst_init+0xd9/0x450
[  401.299169][    C0]  dst_alloc+0x12a/0x170
[  401.299191][    C0]  ip_route_output_key_hash_rcu+0x14e1/0x23d0
[  401.299218][    C0]  ? ip_route_output_key_hash+0xde/0x2e0
[  401.299241][    C0]  ip_route_output_key_hash+0x1b9/0x2e0
[  401.299262][    C0]  ? __lock_acquire+0xab9/0xd20
[  401.299282][    C0]  ? __pfx_ip_route_output_key_hash+0x10/0x10
[  401.299307][    C0]  ? ip_route_me_harder+0x4ad/0x1030
[  401.299325][    C0]  ip_route_output_flow+0x2a/0x150
[  401.299344][    C0]  ? ip_route_me_harder+0x6c0/0x1030
[  401.299360][    C0]  ip_route_me_harder+0x6d2/0x1030
[  401.299381][    C0]  ? __pfx_ip_route_me_harder+0x10/0x10
[  401.299409][    C0]  synproxy_send_tcp+0x359/0x6c0
[  401.299432][    C0]  synproxy_send_client_synack+0x8bb/0xe20
[  401.299458][    C0]  ? __pfx_synproxy_send_client_synack+0x10/0x10
[  401.299477][    C0]  ? nft_tproxy_eval+0xe8/0x1c00
[  401.299497][    C0]  ? synproxy_pernet+0x45/0x270
[  401.299521][    C0]  nft_synproxy_eval_v4+0x36e/0x560
[  401.299550][    C0]  ? __pfx_nft_synproxy_eval_v4+0x10/0x10
[  401.299573][    C0]  ? nf_ip_checksum+0x13c/0x510
[  401.299597][    C0]  nft_synproxy_do_eval+0x345/0x570
[  401.299622][    C0]  ? __pfx_nft_synproxy_do_eval+0x10/0x10
[  401.299644][    C0]  ? rcu_qs+0xc4/0x170
[  401.299673][    C0]  nft_do_chain+0x40c/0x1920
[  401.299695][    C0]  ? kvm_sched_clock_read+0x11/0x20
[  401.299717][    C0]  ? do_raw_spin_lock+0x121/0x290
[  401.299736][    C0]  ? __pfx_nft_do_chain+0x10/0x10
[  401.299775][    C0]  nft_do_chain_inet+0x25d/0x340
[  401.299802][    C0]  ? __pfx_nft_do_chain_inet+0x10/0x10
[  401.299823][    C0]  ? __lock_acquire+0xab9/0xd20
[  401.299847][    C0]  ? NF_HOOK+0x9a/0x3a0
[  401.299864][    C0]  ? __pfx_nft_do_chain_inet+0x10/0x10
[  401.299886][    C0]  nf_hook_slow+0xc5/0x220
[  401.299907][    C0]  NF_HOOK+0x206/0x3a0
[  401.299925][    C0]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[  401.299943][    C0]  ? NF_HOOK+0x9a/0x3a0
[  401.299959][    C0]  ? __pfx_NF_HOOK+0x10/0x10
[  401.299975][    C0]  ? ip_rcv_finish_core+0xda3/0x1c00
[  401.299995][    C0]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[  401.300014][    C0]  ? skb_dst+0x4f/0xd0
[  401.300031][    C0]  ? ip_local_deliver+0x12a/0x1b0
[  401.300050][    C0]  NF_HOOK+0x309/0x3a0
[  401.300068][    C0]  ? __pfx_ip_rcv_finish+0x10/0x10
[  401.300085][    C0]  ? NF_HOOK+0x9a/0x3a0
[  401.300102][    C0]  ? __pfx_NF_HOOK+0x10/0x10
[  401.300120][    C0]  ? __pfx_ip_rcv_finish+0x10/0x10
[  401.300142][    C0]  ? __pfx_ip_rcv+0x10/0x10
[  401.300159][    C0]  __netif_receive_skb+0x143/0x380
[  401.300175][    C0]  ? rt_spin_unlock+0x65/0x80
[  401.300192][    C0]  ? process_backlog+0x27b/0x900
[  401.300208][    C0]  process_backlog+0x31e/0x900
[  401.300231][    C0]  __napi_poll+0xb6/0x540
[  401.300249][    C0]  net_rx_action+0x707/0xe00
[  401.300274][    C0]  ? __pfx_net_rx_action+0x10/0x10
[  401.300293][    C0]  ? kvm_sched_clock_read+0x11/0x20
[  401.300315][    C0]  ? __pfx_sched_clock_cpu+0x10/0x10
[  401.300346][    C0]  handle_softirqs+0x22c/0x710
[  401.300376][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  401.300399][    C0]  __local_bh_enable_ip+0x179/0x270
[  401.300418][    C0]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  401.300436][    C0]  ? virtqueue_disable_cb+0x122/0x370
[  401.300458][    C0]  ? skb_xmit_done+0x109/0x280
[  401.300478][    C0]  ? irq_finalize_oneshot+0x54/0x3d0
[  401.300499][    C0]  ? __pfx_skb_xmit_done+0x10/0x10
[  401.300516][    C0]  ? vring_interrupt+0x221/0x380
[  401.300535][    C0]  ? __pfx_vring_interrupt+0x10/0x10
[  401.300554][    C0]  irq_forced_thread_fn+0xe9/0x120
[  401.300574][    C0]  ? irq_forced_thread_fn+0x2b/0x120
[  401.300596][    C0]  irq_thread+0x427/0x690
[  401.300614][    C0]  ? irq_thread+0x17b/0x690
[  401.300637][    C0]  ? __pfx_irq_forced_thread_fn+0x10/0x10
[  401.300657][    C0]  ? __pfx_irq_thread+0x10/0x10
[  401.300677][    C0]  ? __kthread_parkme+0x7b/0x200
[  401.300696][    C0]  ? __pfx_irq_thread_dtor+0x10/0x10
[  401.300715][    C0]  ? __kthread_parkme+0x1a1/0x200
[  401.300737][    C0]  kthread+0x711/0x8a0
[  401.300760][    C0]  ? __pfx_irq_thread+0x10/0x10
[  401.300779][    C0]  ? __pfx_kthread+0x10/0x10
[  401.300976][    C0]  ? __pfx_kthread+0x10/0x10
[  401.301024][    C0]  ret_from_fork+0x3fc/0x770
[  401.301051][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[  401.301080][    C0]  ? __switch_to_asm+0x39/0x70
[  401.301103][    C0]  ? __switch_to_asm+0x33/0x70
[  401.301117][    C0]  ? __pfx_kthread+0x10/0x10
[  401.301139][    C0]  ret_from_fork_asm+0x1a/0x30
[  401.301162][    C0]  </TASK>
[  401.301475][   T38] Kernel panic - not syncing: hung_task: blocked tasks
[  401.301496][   T38] CPU: 1 UID: 0 PID: 38 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  401.301516][   T38] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  401.301527][   T38] Call Trace:
[  401.301535][   T38]  <TASK>
[  401.301542][   T38]  dump_stack_lvl+0x99/0x250
[  401.301569][   T38]  ? __asan_memcpy+0x40/0x70
[  401.301588][   T38]  ? __pfx_dump_stack_lvl+0x10/0x10
[  401.301609][   T38]  ? __pfx__printk+0x10/0x10
[  401.301635][   T38]  vpanic+0x281/0x750
[  401.301657][   T38]  ? __pfx_vpanic+0x10/0x10
[  401.301676][   T38]  ? __x2apic_send_IPI_mask+0x1e4/0x260
[  401.301696][   T38]  ? lockdep_hardirqs_on+0x9c/0x150
[  401.301728][   T38]  panic+0xb9/0xc0
[  401.301747][   T38]  ? __pfx_panic+0x10/0x10
[  401.301769][   T38]  ? irq_work_queue+0xc3/0x140
[  401.301792][   T38]  ? nmi_trigger_cpumask_backtrace+0x234/0x300
[  401.301814][   T38]  watchdog+0xfd2/0xfe0
[  401.301842][   T38]  ? watchdog+0x1de/0xfe0
[  401.301866][   T38]  kthread+0x711/0x8a0
[  401.301893][   T38]  ? __pfx_watchdog+0x10/0x10
[  401.301911][   T38]  ? __pfx_kthread+0x10/0x10
[  401.301939][   T38]  ? __pfx_kthread+0x10/0x10
[  401.301961][   T38]  ret_from_fork+0x3fc/0x770
[  401.301986][   T38]  ? __pfx_ret_from_fork+0x10/0x10
[  401.302019][   T38]  ? __switch_to_asm+0x39/0x70
[  401.302034][   T38]  ? __switch_to_asm+0x33/0x70
[  401.302049][   T38]  ? __pfx_kthread+0x10/0x10
[  401.302072][   T38]  ret_from_fork_asm+0x1a/0x30
[  401.302103][   T38]  </TASK>
[  401.302265][   T38] Kernel Offset: disabled